Include Endpoint List for Shared Endpoints

Do not allow sharing of container network with hyperv containers

Signed-off-by: Madhan Raj Mookkandy <madhanm@microsoft.com>

container/container.go

@@ -107,7 +107,8 @@ type Container struct {
 	NoNewPrivileges bool
 
 	// Fields here are specific to Windows
-	NetworkSharedContainerID string
+	NetworkSharedContainerID string   `json:"-"`
+	SharedEndpointList       []string `json:"-"`
 }
 
 // NewBaseContainer creates a new container with its

daemon/container_operations.go

@@ -886,7 +886,12 @@ func (daemon *Daemon) initializeNetworking(container *container.Container) error
 		if err != nil {
 			return err
 		}
-		initializeNetworkingPaths(container, nc)
+
+		err = daemon.initializeNetworkingPaths(container, nc)
+		if err != nil {
+			return err
+		}
+
 		container.Config.Hostname = nc.Config.Hostname
 		container.Config.Domainname = nc.Config.Domainname
 		return nil

daemon/container_operations_solaris.go

@@ -42,5 +42,6 @@ func setupPathsAndSandboxOptions(container *container.Container, sboxOptions *[]
 	return nil
 }
 
-func initializeNetworkingPaths(container *container.Container, nc *container.Container) {
+func (daemon *Daemon) initializeNetworkingPaths(container *container.Container, nc *container.Container) error {
+	return nil
 }

daemon/container_operations_unix.go

@@ -349,8 +349,9 @@ func setupPathsAndSandboxOptions(container *container.Container, sboxOptions *[]
 	return nil
 }
 
-func initializeNetworkingPaths(container *container.Container, nc *container.Container) {
+func (daemon *Daemon) initializeNetworkingPaths(container *container.Container, nc *container.Container) error {
 	container.HostnamePath = nc.HostnamePath
 	container.HostsPath = nc.HostsPath
 	container.ResolvConfPath = nc.ResolvConfPath
+	return nil
 }

daemon/container_operations_windows.go

@@ -160,6 +160,43 @@ func setupPathsAndSandboxOptions(container *container.Container, sboxOptions *[]
 	return nil
 }
 
-func initializeNetworkingPaths(container *container.Container, nc *container.Container) {
+func (daemon *Daemon) initializeNetworkingPaths(container *container.Container, nc *container.Container) error {
+
+	if nc.HostConfig.Isolation.IsHyperV() {
+		return fmt.Errorf("sharing of hyperv containers network is not supported")
+	}
+
 	container.NetworkSharedContainerID = nc.ID
+
+	if nc.NetworkSettings != nil {
+		for n := range nc.NetworkSettings.Networks {
+			sn, err := daemon.FindNetwork(n)
+			if err != nil {
+				continue
+			}
+
+			ep, err := nc.GetEndpointInNetwork(sn)
+			if err != nil {
+				continue
+			}
+
+			data, err := ep.DriverInfo()
+			if err != nil {
+				continue
+			}
+
+			if data["GW_INFO"] != nil {
+				gwInfo := data["GW_INFO"].(map[string]interface{})
+				if gwInfo["hnsid"] != nil {
+					container.SharedEndpointList = append(container.SharedEndpointList, gwInfo["hnsid"].(string))
+				}
+			}
+
+			if data["hnsid"] != nil {
+				container.SharedEndpointList = append(container.SharedEndpointList, data["hnsid"].(string))
+			}
+		}
+	}
+
+	return nil
 }

daemon/start_windows.go

@@ -150,7 +150,11 @@ func (daemon *Daemon) getLibcontainerdCreateOptions(container *container.Contain
 	var networkSharedContainerID string
 	if container.HostConfig.NetworkMode.IsContainer() {
 		networkSharedContainerID = container.NetworkSharedContainerID
+		for _, ep := range container.SharedEndpointList {
+			epList = append(epList, ep)
+		}
 	}
+
 	createOptions = append(createOptions, &libcontainerd.NetworkEndpointsOption{
 		Endpoints:                epList,
 		AllowUnqualifiedDNSQuery: AllowUnqualifiedDNSQuery,