Tõnis Tiigi
GitHub
commit
4adbd5338d
|
|
@ -71,7 +71,7 @@ clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837
|
|||
clone git github.com/imdario/mergo 0.2.1
|
||||
|
||||
#get libnetwork packages
|
||||
clone git github.com/docker/libnetwork 51d88e9ae63f4164f3678fe74feda89d6990befa
|
||||
clone git github.com/docker/libnetwork c8ce8c78b46da08976cfb817011ca5cb97adb576
|
||||
clone git github.com/docker/go-events 18b43f1bc85d9cdd42c05a6cd2d444c7a200a894
|
||||
clone git github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
|
||||
clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
|
||||
|
|
|
|||
|
|
@ -197,7 +197,7 @@ func (h *Handle) getCopy() *Handle {
|
|||
|
||||
// SetAnyInRange atomically sets the first unset bit in the specified range in the sequence and returns the corresponding ordinal
|
||||
func (h *Handle) SetAnyInRange(start, end uint64) (uint64, error) {
|
||||
if end-start <= 0 || end >= h.bits {
|
||||
if end < start || end >= h.bits {
|
||||
return invalidPos, fmt.Errorf("invalid bit range [%d, %d]", start, end)
|
||||
}
|
||||
if h.Unselected() == 0 {
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@ import (
|
|||
|
||||
log "github.com/Sirupsen/logrus"
|
||||
"github.com/docker/docker/pkg/discovery"
|
||||
"github.com/docker/docker/pkg/locker"
|
||||
"github.com/docker/docker/pkg/plugins"
|
||||
"github.com/docker/docker/pkg/stringid"
|
||||
"github.com/docker/libnetwork/cluster"
|
||||
|
|
@ -149,6 +150,7 @@ type controller struct {
|
|||
ingressSandbox *sandbox
|
||||
sboxOnce sync.Once
|
||||
agent *agent
|
||||
networkLocker *locker.Locker
|
||||
agentInitDone chan struct{}
|
||||
keys []*types.EncryptionKey
|
||||
clusterConfigAvailable bool
|
||||
|
|
@ -169,6 +171,7 @@ func New(cfgOptions ...config.Option) (NetworkController, error) {
|
|||
svcRecords: make(map[string]svcInfo),
|
||||
serviceBindings: make(map[serviceKey]*service),
|
||||
agentInitDone: make(chan struct{}),
|
||||
networkLocker: locker.New(),
|
||||
}
|
||||
|
||||
if err := c.initStores(); err != nil {
|
||||
|
|
@ -614,6 +617,15 @@ func (c *controller) RegisterDriver(networkType string, driver driverapi.Driver,
|
|||
// NewNetwork creates a new network of the specified network type. The options
|
||||
// are network specific and modeled in a generic way.
|
||||
func (c *controller) NewNetwork(networkType, name string, id string, options ...NetworkOption) (Network, error) {
|
||||
if id != "" {
|
||||
c.networkLocker.Lock(id)
|
||||
defer c.networkLocker.Unlock(id)
|
||||
|
||||
if _, err := c.NetworkByID(id); err == nil {
|
||||
return nil, NetworkNameError(id)
|
||||
}
|
||||
}
|
||||
|
||||
if !config.IsValidName(name) {
|
||||
return nil, ErrInvalidName(name)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -134,16 +134,20 @@ func (pm *PortMapper) MapRange(container net.Addr, hostIP net.IP, hostPortStart,
|
|||
}
|
||||
|
||||
containerIP, containerPort := getIPAndPort(m.container)
|
||||
if err := pm.forward(iptables.Append, m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort); err != nil {
|
||||
return nil, err
|
||||
if hostIP.To4() != nil {
|
||||
if err := pm.forward(iptables.Append, m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
cleanup := func() error {
|
||||
// need to undo the iptables rules before we return
|
||||
m.userlandProxy.Stop()
|
||||
pm.forward(iptables.Delete, m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort)
|
||||
if err := pm.Allocator.ReleasePort(hostIP, m.proto, allocatedHostPort); err != nil {
|
||||
return err
|
||||
if hostIP.To4() != nil {
|
||||
pm.forward(iptables.Delete, m.proto, hostIP, allocatedHostPort, containerIP.String(), containerPort)
|
||||
if err := pm.Allocator.ReleasePort(hostIP, m.proto, allocatedHostPort); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -325,6 +325,21 @@ func (r *resolver) ServeDNS(w dns.ResponseWriter, query *dns.Msg) {
|
|||
return
|
||||
}
|
||||
|
||||
// If the user sets ndots > 0 explicitly and the query is
|
||||
// in the root domain don't forward it out. We will return
|
||||
// failure and let the client retry with the search domain
|
||||
// attached
|
||||
if resp == nil {
|
||||
switch query.Question[0].Qtype {
|
||||
case dns.TypeA:
|
||||
fallthrough
|
||||
case dns.TypeAAAA:
|
||||
if r.sb.ndotsSet && !strings.Contains(strings.TrimSuffix(name, "."), ".") {
|
||||
resp = createRespMsg(query)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
proto := w.LocalAddr().Network()
|
||||
maxSize := 0
|
||||
if proto == "tcp" {
|
||||
|
|
|
|||
|
|
@ -86,6 +86,7 @@ type sandbox struct {
|
|||
isStub bool
|
||||
inDelete bool
|
||||
ingress bool
|
||||
ndotsSet bool
|
||||
sync.Mutex
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ import (
|
|||
"os"
|
||||
"path"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
log "github.com/Sirupsen/logrus"
|
||||
"github.com/docker/libnetwork/etchosts"
|
||||
|
|
@ -313,8 +315,32 @@ func (sb *sandbox) rebuildDNS() error {
|
|||
// external v6 DNS servers has to be listed in resolv.conf
|
||||
dnsList = append(dnsList, resolvconf.GetNameservers(currRC.Content, types.IPv6)...)
|
||||
|
||||
// Resolver returns the options in the format resolv.conf expects
|
||||
dnsOptionsList = append(dnsOptionsList, sb.resolver.ResolverOptions()...)
|
||||
// If the user config and embedded DNS server both have ndots option set,
|
||||
// remember the user's config so that unqualified names not in the docker
|
||||
// domain can be dropped.
|
||||
resOptions := sb.resolver.ResolverOptions()
|
||||
|
||||
dnsOpt:
|
||||
for _, resOpt := range resOptions {
|
||||
if strings.Contains(resOpt, "ndots") {
|
||||
for _, option := range dnsOptionsList {
|
||||
if strings.Contains(option, "ndots") {
|
||||
parts := strings.Split(option, ":")
|
||||
if len(parts) != 2 {
|
||||
return fmt.Errorf("invalid ndots option %v", option)
|
||||
}
|
||||
if num, err := strconv.Atoi(parts[1]); err != nil {
|
||||
return fmt.Errorf("invalid number for ndots option %v", option)
|
||||
} else if num > 0 {
|
||||
sb.ndotsSet = true
|
||||
break dnsOpt
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dnsOptionsList = append(dnsOptionsList, resOptions...)
|
||||
|
||||
_, err = resolvconf.Build(sb.config.resolvConfPath, dnsList, dnsSearchList, dnsOptionsList)
|
||||
return err
|
||||
|
|
|
|||
Loading…
Reference in New Issue