--network-alias doesn't seem to work

[trusch]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

When I try to use the new (since 2.2.0) network alias feature, it doesn't seem to work.

Steps to reproduce the issue:

podman network create net1
podman run -d --rm --name alpine1 --network net1 --network-alias a1 alpine tail -f /dev/null
podman run --rm --network net1 alpine nslookup a1     

Describe the results you received:

Server:		10.88.2.1
Address:	10.88.2.1:53

** server can't find a1: NXDOMAIN

** server can't find a1: NXDOMAIN

Describe the results you expected:

I would like to be able to resolve a1 to the IP of the first container.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      2.2.0
API Version:  2.1.0
Go Version:   go1.15.5
Git Commit:   db1d2ff111ee9b012779ff3a5279a982520ccda4
Built:        Tue Dec  1 23:59:35 2020
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.18.0
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: Unknown
    path: /usr/bin/conmon
    version: 'conmon version 2.0.21, commit: 35a2fa83022e56e18af7e6a865ba5d7165fa2a4a'
  cpus: 4
  distribution:
    distribution: arch
    version: unknown
  eventLogger: journald
  hostname: carbon
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65535
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65535
  kernel: 5.9.11-arch2-1
  linkmode: dynamic
  memFree: 4999450624
  memTotal: 8216764416
  ociRuntime:
    name: crun
    package: Unknown
    path: /usr/bin/crun
    version: |-
      crun version 0.16
      commit: eb0145e5ad4d8207e84a327248af76663d4e50dd
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  rootless: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: Unknown
    version: |-
      slirp4netns version 1.1.7
      commit: e62caa08b78f3e662422bd7bfbcd2df3d12dcab1
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.1
  swapFree: 8589930496
  swapTotal: 8589930496
  uptime: 10m 35.75s
registries:
  search:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  configFile: /home/tino/.config/containers/storage.conf
  containerStore:
    number: 7
    paused: 0
    running: 2
    stopped: 5
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: Unknown
      Version: |-
        fusermount3 version: 3.10.0
        fuse-overlayfs: version 1.3
        FUSE library version 3.10.0
        using FUSE kernel interface version 7.31
  graphRoot: /home/tino/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 95
  runRoot: /run/user/1000/containers
  volumePath: /home/tino/.local/share/containers/storage/volumes
version:
  APIVersion: 2.1.0
  Built: 1606863575
  BuiltTime: Tue Dec  1 23:59:35 2020
  GitCommit: db1d2ff111ee9b012779ff3a5279a982520ccda4
  GoVersion: go1.15.5
  OsArch: linux/amd64
  Version: 2.2.0

Package info (e.g. output of rpm -q podman or apt list podman):

pacman -Q podman
podman 2.2.0-1

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):
Local laptop. The rootless-cni-infra image is quay.io/libpod/rootless-cni-infra@sha256:304742d5d221211df4ec672807a5842ff11e3729c50bc424ea0cea858f69d7b7

[Luap99]

I think network alias only works for root.

@baude @mheon Correct?

[mheon]

It will eventually work on rootless, but I don't believe the rootless CNI image has been rebuilt with a new-enough version of DNSName yet.

[Luap99]

@mheon I think it's not just the dnsname version. I guess we need something similar to #8469 for aliases.

[mheon]

Ah - I think you're entirely correct.

We may want to add an error message if these are used by rootless until fixes can be made.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

@Luap99 @mheon What is the state of this issue?

[mheon]

This requires the updates roootless CNI infra image. On hold until we can rework to build that image from the root FS, or someone decides to update the image we are actually using.

[Luap99]

I have opened a PR for the imageless rootless-cni-infra container #8910. The fix for this issue is also included in that PR.