From 10190be5d74bc4b13a885f2ba27c2299c868fd19 Mon Sep 17 00:00:00 2001 From: Colin Rice Date: Sat, 3 Aug 2013 18:06:58 -0400 Subject: [PATCH] Add warning when net.ipv4.ip_forwarding = 0 Added warnings to api.go, container.go, commands.go, and runtime.go Also updated APIInfo to return whether IPv4Forwarding is enabled --- api.go | 5 +++++ api_params.go | 1 + commands.go | 3 +++ container.go | 4 ++++ docs/sources/api/docker_remote_api_v1.4.rst | 3 ++- runtime.go | 11 +++++++++-- server.go | 1 + 7 files changed, 25 insertions(+), 3 deletions(-) diff --git a/api.go b/api.go index 46fe8251e0..0223cdd673 100644 --- a/api.go +++ b/api.go @@ -522,6 +522,11 @@ func postContainersCreate(srv *Server, version float64, w http.ResponseWriter, r out.Warnings = append(out.Warnings, "Your kernel does not support memory swap capabilities. Limitation discarded.") } + if srv.runtime.capabilities.IPv4Forwarding { + log.Println("Warning: IPv4 forwarding is disabled.") + out.Warnings = append(out.Warnings, "IPv4 forwarding is disabled.") + } + b, err := json.Marshal(out) if err != nil { return err diff --git a/api_params.go b/api_params.go index 2737943f41..df879f63ee 100644 --- a/api_params.go +++ b/api_params.go @@ -24,6 +24,7 @@ type APIInfo struct { NGoroutines int `json:",omitempty"` MemoryLimit bool `json:",omitempty"` SwapLimit bool `json:",omitempty"` + IPv4Forwarding bool `json:",omitempty"` LXCVersion string `json:",omitempty"` NEventsListener int `json:",omitempty"` KernelVersion string `json:",omitempty"` diff --git a/commands.go b/commands.go index 39b8eb69af..0ddcfad18d 100644 --- a/commands.go +++ b/commands.go @@ -510,6 +510,9 @@ func (cli *DockerCli) CmdInfo(args ...string) error { if !out.SwapLimit { fmt.Fprintf(cli.err, "WARNING: No swap limit support\n") } + if !out.IPv4Forwarding { + fmt.Fprintf(cli.err, "WARNING: IPv4 forwarding is disabled.\n") + } return nil } diff --git a/container.go b/container.go index 6a60597edb..8721d45a55 100644 --- a/container.go +++ b/container.go @@ -534,6 +534,10 @@ func (container *Container) Start(hostConfig *HostConfig) error { container.Config.MemorySwap = -1 } + if !container.runtime.capabilities.IPv4Forwarding { + log.Printf("WARNING: IPv4 forwarding is disabled. Networking will not work") + } + // Create the requested bind mounts binds := make(map[string]BindMap) // Define illegal container destinations diff --git a/docs/sources/api/docker_remote_api_v1.4.rst b/docs/sources/api/docker_remote_api_v1.4.rst index fe73cb5405..06e8f46f99 100644 --- a/docs/sources/api/docker_remote_api_v1.4.rst +++ b/docs/sources/api/docker_remote_api_v1.4.rst @@ -1025,7 +1025,8 @@ Display system-wide information "NFd": 11, "NGoroutines":21, "MemoryLimit":true, - "SwapLimit":false + "SwapLimit":false, + "IPv4Forwarding":true } :statuscode 200: no error diff --git a/runtime.go b/runtime.go index f4c5b4d380..894028354e 100644 --- a/runtime.go +++ b/runtime.go @@ -15,8 +15,9 @@ import ( ) type Capabilities struct { - MemoryLimit bool - SwapLimit bool + MemoryLimit bool + SwapLimit bool + IPv4Forwarding bool } type Runtime struct { @@ -240,6 +241,12 @@ func (runtime *Runtime) UpdateCapabilities(quiet bool) { if !runtime.capabilities.SwapLimit && !quiet { log.Printf("WARNING: Your kernel does not support cgroup swap limit.") } + + content, err3 := ioutil.ReadFile("/proc/sys/net/ipv4/ip_forward") + runtime.capabilities.IPv4Forwarding = err3 == nil && len(content) > 0 && content[0] == '1' + if !runtime.capabilities.IPv4Forwarding && !quiet { + log.Printf("WARNING: IPv4 forwarding is disabled.") + } } } diff --git a/server.go b/server.go index 6d6ae5c934..8a4ce0ccf9 100644 --- a/server.go +++ b/server.go @@ -269,6 +269,7 @@ func (srv *Server) DockerInfo() *APIInfo { Images: imgcount, MemoryLimit: srv.runtime.capabilities.MemoryLimit, SwapLimit: srv.runtime.capabilities.SwapLimit, + IPv4Forwarding: srv.runtime.capabilities.IPv4Forwarding, Debug: os.Getenv("DEBUG") != "", NFd: utils.GetTotalUsedFds(), NGoroutines: runtime.NumGoroutine(),