diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b34ec1b --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/1.1.0.tar.gz +SOURCES/netavark-v1.1.0-vendor.tar.gz diff --git a/.netavark.metadata b/.netavark.metadata new file mode 100644 index 0000000..6c6f2d7 --- /dev/null +++ b/.netavark.metadata @@ -0,0 +1,2 @@ +5f22fd74fc25d71335f8ca5cd5aa74c383d30576 SOURCES/1.1.0.tar.gz +63dcfdcb2b5917a213f89469aa4e643f92230410 SOURCES/netavark-v1.1.0-vendor.tar.gz diff --git a/SOURCES/netavark.1 b/SOURCES/netavark.1 new file mode 100644 index 0000000..0c505ea --- /dev/null +++ b/SOURCES/netavark.1 @@ -0,0 +1,51 @@ +.nh +.TH netavark(1) +.SH NAME +.PP +netavark - Configure a given network namespace for use by a container + +.SH SYNOPSIS +.PP +\fBnetavark\fP [\fIoptions\fP] \fIcommand\fP \fInetwork namespace path\fP + +.SH DESCRIPTION +.PP +Netavark configures a network namespace according to a configuration read from STDIN. The configuration is JSON formatted. + +.SH GLOBAL OPTIONS +.SS \fB--file\fP, \fB-f\fP +.PP +Instead of reading from STDIN, read the configuration to be applied from the given file. \fB-f -\fP may also be used to flag reading from STDIN. + +.SH COMMANDS +.SS netavark setup +.PP +The setup command configures the given network namespace with the given configuration, creating any interfaces and firewall rules necessary. + +.SS netavark teardown +.PP +The teardown command is the inverse of the setup command, undoing any configuration applied. Some interfaces may not be deleted (bridge interfaces, for example, will not be removed). + +.SS CONFIGURATION FORMAT +.PP +The configuration accepted is the same for both setup and teardown. It is JSON formatted. + +.PP +Format is https://github.com/containers/podman/blob/cd7b48198c38c5028540e85dc72dd3406f4318f0/libpod/network/types/network.go#L164-L173 but we will also send a Networks array including all the network definitions (https://github.com/containers/podman/blob/cd7b48198c38c5028540e85dc72dd3406f4318f0/libpod/network/types/network.go#L32-L62) +TODO: Transcribe configuration into here in a nice tabular format + +.SH EXAMPLE +.PP +netavark setup /run/user/1000/podman/netns/d11d1f9c499d + +.PP +netavark -f /run/podman/828b0508ae64.conf teardown /run/podman/netns/828b0508ae64 + +.SH SEE ALSO +.PP +podman(1) + +.SH HISTORY +.PP +September 2021, Originally compiled by Matt Heon mheon@redhat.com +\[la]mailto:mheon@redhat.com\[ra] diff --git a/SPECS/netavark.spec b/SPECS/netavark.spec new file mode 100644 index 0000000..e0b950f --- /dev/null +++ b/SPECS/netavark.spec @@ -0,0 +1,92 @@ +# debuginfo doesn't work yet +%global debug_package %{nil} + +Epoch: 2 +Name: netavark +Version: 1.1.0 +Release: 6%{?dist} +License: ASL 2.0 and BSD and MIT +ExclusiveArch: %{rust_arches} +Summary: OCI network stack +URL: https://github.com/containers/%{name} +Source0: %{url}/archive/v%{version}/%{version}.tar.gz +Source1: %{url}/releases/download/v%{version}/%{name}-v%{version}-vendor.tar.gz +Source2: netavark.1 +BuildRequires: cargo +Recommends: aardvark-dns >= 1.0.3 +Provides: container-network-stack = 2 +BuildRequires: make +BuildRequires: rust-srpm-macros +BuildRequires: git-core + +%description +%{summary} + +Netavark is a rust based network stack for containers. It is being +designed to work with Podman but is also applicable for other OCI +container management applications. + +Netavark is a tool for configuring networking for Linux containers. +Its features include: +* Configuration of container networks via JSON configuration file +* Creation and management of required network interfaces, + including MACVLAN networks +* All required firewall configuration to perform NAT and port + forwarding as required for containers +* Support for iptables and firewalld at present, with support + for nftables planned in a future release +* Support for rootless containers +* Support for IPv4 and IPv6 +* Support for container DNS resolution via aardvark-dns. + +%prep +%autosetup -Sgit +tar fx %{SOURCE1} +mkdir -p .cargo + +cat >.cargo/config << EOF +[source.crates-io] +replace-with = "vendored-sources" + +[source.vendored-sources] +directory = "vendor" +EOF + +%build +%{__make} build + +cd docs +cp %{SOURCE2} . + +%install +%{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} install + +%files +%license LICENSE +%dir %{_libexecdir}/podman +%{_libexecdir}/podman/%{name} +%{_mandir}/man1/%{name}.1* + +%changelog +* Tue Aug 09 2022 Jindrich Novy - 2:1.1.0-6 +- bump Epoch to preserve upgrade path +- Related: #2061390 + +* Tue Aug 09 2022 Jindrich Novy - 1.1.0-5 +- remove dependency on md2man +- Related: #2061390 + +* Tue Aug 09 2022 Jindrich Novy - 1.1.0-4 +- fix arches +- Related: #2061390 + +* Tue Aug 09 2022 Jindrich Novy - 1.1.0-3 +- add gating.yaml +- Related: #2061390 + +* Thu Aug 04 2022 Jindrich Novy - 1.1.0-2 +- require /usr/bin/go-md2man directly + +* Wed Aug 03 2022 Jindrich Novy - 1.1.0-1 +- initial import +- Related: #2061390