kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #2351 from daym/fewer-modprobes

Browse source 
Use fewer modprobes
This commit is contained in:
elangovan sivanandam 2019-07-25 16:18:00 -04:00 committed by GitHub
commit 50893512b5
2 changed files with 8 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
libnetwork/iptables/iptables.go
View file

@ -72,11 +72,13 @@ func (e ChainError) Error() string {
} }
func probe() { func probe() {
if out, err := exec.Command("modprobe", "-va", "nf_nat").CombinedOutput(); err != nil { path, err := exec.LookPath("iptables")
logrus.Warnf("Running modprobe nf_nat failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) if err != nil {
logrus.Warnf("Failed to find iptables: %v", err)
return
} }
if out, err := exec.Command("modprobe", "-va", "xt_conntrack").CombinedOutput(); err != nil { if out, err := exec.Command(path, "--wait", "-t", "nat", "-L", "-n").CombinedOutput(); err != nil {
logrus.Warnf("Running modprobe xt_conntrack failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) logrus.Warnf("Running iptables --wait -t nat -L -n failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
} }
} }

18
libnetwork/ns/init_linux.go
View file

@ -76,12 +76,8 @@ func NlHandle() *netlink.Handle {
func getSupportedNlFamilies() []int { func getSupportedNlFamilies() []int {
fams := []int{syscall.NETLINK_ROUTE} fams := []int{syscall.NETLINK_ROUTE}
// NETLINK_XFRM test // NETLINK_XFRM test
if err := loadXfrmModules(); err != nil { if err := checkXfrmSocket(); err != nil {
if checkXfrmSocket() != nil { logrus.Warnf("Could not load necessary modules for IPSEC rules: %v", err)
logrus.Warnf("Could not load necessary modules for IPSEC rules: %v", err)
} else {
fams = append(fams, syscall.NETLINK_XFRM)
}
} else { } else {
fams = append(fams, syscall.NETLINK_XFRM) fams = append(fams, syscall.NETLINK_XFRM)
} }
@ -99,16 +95,6 @@ func getSupportedNlFamilies() []int {
return fams return fams
} }
func loadXfrmModules() error {
if out, err := exec.Command("modprobe", "-va", "xfrm_user").CombinedOutput(); err != nil {
return fmt.Errorf("Running modprobe xfrm_user failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
}
if out, err := exec.Command("modprobe", "-va", "xfrm_algo").CombinedOutput(); err != nil {
return fmt.Errorf("Running modprobe xfrm_algo failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
}
return nil
}
// API check on required xfrm modules (xfrm_user, xfrm_algo) // API check on required xfrm modules (xfrm_user, xfrm_algo)
func checkXfrmSocket() error { func checkXfrmSocket() error {
fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, syscall.NETLINK_XFRM) fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, syscall.NETLINK_XFRM)