Description
This test case verifies the functionality of Podman 5.3’s new pasta integration, specifically the --map-guest-addr option for host.containers.internal.
Setup
Install Podman 5.3 (pre-release) and ensure both rootless and root container capabilities are configured.
How to test
Run an NGINX container with exposed port 8080:
podman run -d -p 8080:80 docker.io/library/nginx
Use curl to access host.containers.internal from another container:
podman run --rm -it docker.io/library/nginx:latest curl host.containers.internal:8080
Clean up the container:
podman rm -fa -t0
Start NGINX with localhost binding on 127.0.0.1:8080:
podman run -d -p 127.0.0.1:8080:80 docker.io/library/nginx
Attempt to access host.containers.internal from another container, expecting a hang:
podman run --rm -it docker.io/library/nginx:latest curl host.containers.internal:8080
Expected Results
The following must be true to consider this a successful test run: Accessing host.containers.internal:8080 with --map-guest-addr displays NGINX page content. Curl command hangs when accessing a localhost-bound socket, verifying restricted access.
Optional
Test with additional ports or container images to verify network isolation via host.containers.internal.