diff --git a/api/server/router/build/build_routes.go b/api/server/router/build/build_routes.go index 892b8fca50..4c5d032fa6 100644 --- a/api/server/router/build/build_routes.go +++ b/api/server/router/build/build_routes.go @@ -51,6 +51,7 @@ func newImageBuildOptions(ctx context.Context, r *http.Request) (*types.ImageBui options.CPUSetCPUs = r.FormValue("cpusetcpus") options.CPUSetMems = r.FormValue("cpusetmems") options.CgroupParent = r.FormValue("cgroupparent") + options.NetworkMode = r.FormValue("networkmode") options.Tags = r.Form["t"] options.SecurityOpt = r.Form["securityopt"] diff --git a/api/types/client.go b/api/types/client.go index 13ba5f4d1e..146a55d0c5 100644 --- a/api/types/client.go +++ b/api/types/client.go @@ -141,6 +141,7 @@ type ImageBuildOptions struct { Memory int64 MemorySwap int64 CgroupParent string + NetworkMode string ShmSize int64 Dockerfile string Ulimits []*units.Ulimit diff --git a/builder/dockerfile/internals.go b/builder/dockerfile/internals.go index 77f24d7e23..796866cef2 100644 --- a/builder/dockerfile/internals.go +++ b/builder/dockerfile/internals.go @@ -487,6 +487,7 @@ func (b *Builder) create() (string, error) { Isolation: b.options.Isolation, ShmSize: b.options.ShmSize, Resources: resources, + NetworkMode: container.NetworkMode(b.options.NetworkMode), } config := *b.runConfig diff --git a/cli/command/image/build.go b/cli/command/image/build.go index 19fd4aa709..7db76a649f 100644 --- a/cli/command/image/build.go +++ b/cli/command/image/build.go @@ -58,6 +58,7 @@ type buildOptions struct { cacheFrom []string compress bool securityOpt []string + networkMode string } // NewBuildCommand creates a new `docker build` command @@ -105,6 +106,7 @@ func NewBuildCommand(dockerCli *command.DockerCli) *cobra.Command { flags.StringSliceVar(&options.cacheFrom, "cache-from", []string{}, "Images to consider as cache sources") flags.BoolVar(&options.compress, "compress", false, "Compress the build context using gzip") flags.StringSliceVar(&options.securityOpt, "security-opt", []string{}, "Security options") + flags.StringVar(&options.networkMode, "network", "default", "Connect a container to a network") command.AddTrustedFlags(flags, true) @@ -302,6 +304,7 @@ func runBuild(dockerCli *command.DockerCli, options buildOptions) error { Labels: runconfigopts.ConvertKVStringsToMap(options.labels.GetAll()), CacheFrom: options.cacheFrom, SecurityOpt: options.securityOpt, + NetworkMode: options.networkMode, } response, err := dockerCli.Client().ImageBuild(ctx, body, buildOptions) diff --git a/client/image_build.go b/client/image_build.go index 3abd87025e..4d611d5430 100644 --- a/client/image_build.go +++ b/client/image_build.go @@ -84,6 +84,7 @@ func imageBuildOptionsToQuery(options types.ImageBuildOptions) (url.Values, erro } query.Set("cpusetcpus", options.CPUSetCPUs) + query.Set("networkmode", options.NetworkMode) query.Set("cpusetmems", options.CPUSetMems) query.Set("cpushares", strconv.FormatInt(options.CPUShares, 10)) query.Set("cpuquota", strconv.FormatInt(options.CPUQuota, 10)) diff --git a/docs/reference/api/docker_remote_api.md b/docs/reference/api/docker_remote_api.md index 0d6c4b85d7..9acc56e0c6 100644 --- a/docs/reference/api/docker_remote_api.md +++ b/docs/reference/api/docker_remote_api.md @@ -130,6 +130,7 @@ This section lists each version from latest to oldest. Each listing includes a [Docker Remote API v1.25](docker_remote_api_v1.25.md) documentation +* `POST /build` accepts `networkmode` parameter to specify network used during build. * `GET /images/(name)/json` now returns `OsVersion` if populated * `GET /info` now returns `Isolation`. * `POST /containers/create` now takes `AutoRemove` in HostConfig, to enable auto-removal of the container on daemon side when the container's process exits. diff --git a/docs/reference/api/docker_remote_api_v1.25.md b/docs/reference/api/docker_remote_api_v1.25.md index e9abd95c10..b3483d53a3 100644 --- a/docs/reference/api/docker_remote_api_v1.25.md +++ b/docs/reference/api/docker_remote_api_v1.25.md @@ -1788,6 +1788,11 @@ or being killed. passing secret values. [Read more about the buildargs instruction](../../reference/builder.md#arg) - **shmsize** - Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB. - **labels** – JSON map of string pairs for labels to set on the image. +- **networkmode** - Sets the networking mode for the run commands during + build. Supported standard values are: `bridge`, `host`, `none`, and + `container:`. Any other value is taken as a custom network's + name to which this container should connect to. + **Request Headers**: diff --git a/docs/reference/commandline/build.md b/docs/reference/commandline/build.md index f0627268a4..6c162a0710 100644 --- a/docs/reference/commandline/build.md +++ b/docs/reference/commandline/build.md @@ -38,6 +38,13 @@ Options: --label value Set metadata for an image (default []) -m, --memory string Memory limit --memory-swap string Swap limit equal to memory plus swap: '-1' to enable unlimited swap + --network string Set the networking mode for the run commands + during build. + 'bridge': use default Docker bridge + 'none': no networking + 'container:': reuse another container's network stack + 'host': use the Docker host network stack + '|': connect to a user-defined network --no-cache Do not use cache when building the image --pull Always attempt to pull a newer version of the image -q, --quiet Suppress the build output and print image ID on success diff --git a/integration-cli/docker_cli_build_test.go b/integration-cli/docker_cli_build_test.go index 460549a240..81f484f3b2 100644 --- a/integration-cli/docker_cli_build_test.go +++ b/integration-cli/docker_cli_build_test.go @@ -7078,3 +7078,31 @@ func (s *DockerSuite) TestBuildCacheFrom(c *check.C) { } c.Assert(layers1[len(layers1)-1], checker.Not(checker.Equals), layers2[len(layers1)-1]) } + +func (s *DockerSuite) TestBuildNetNone(c *check.C) { + testRequires(c, DaemonIsLinux) + + name := "testbuildnetnone" + _, out, err := buildImageWithOut(name, ` + FROM busybox + RUN ping -c 1 8.8.8.8 + `, true, "--network=none") + c.Assert(err, checker.NotNil) + c.Assert(out, checker.Contains, "unreachable") +} + +func (s *DockerSuite) TestBuildNetContainer(c *check.C) { + testRequires(c, DaemonIsLinux) + + id, _ := dockerCmd(c, "run", "--hostname", "foobar", "-d", "busybox", "nc", "-ll", "-p", "1234", "-e", "hostname") + + name := "testbuildnetcontainer" + out, err := buildImage(name, ` + FROM busybox + RUN nc localhost 1234 > /otherhost + `, true, "--network=container:"+strings.TrimSpace(id)) + c.Assert(err, checker.IsNil, check.Commentf("out: %v", out)) + + host, _ := dockerCmd(c, "run", "testbuildnetcontainer", "cat", "/otherhost") + c.Assert(strings.TrimSpace(host), check.Equals, "foobar") +} diff --git a/man/docker-build.1.md b/man/docker-build.1.md index fb7394e034..9dfa496f5b 100644 --- a/man/docker-build.1.md +++ b/man/docker-build.1.md @@ -22,6 +22,7 @@ docker-build - Build a new image from the source code at PATH [**-t**|**--tag**[=*[]*]] [**-m**|**--memory**[=*MEMORY*]] [**--memory-swap**[=*LIMIT*]] +[**--network**[=*"default"*]] [**--shm-size**[=*SHM-SIZE*]] [**--cpu-period**[=*0*]] [**--cpu-quota**[=*0*]] @@ -111,6 +112,9 @@ set as the **URL**, the repository is cloned locally and then sent as the contex `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. +**--network**=*NETWORK* + + **--shm-size**=*SHM-SIZE* Size of `/dev/shm`. The format is ``. `number` must be greater than `0`. Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. diff --git a/man/docker-run.1.md b/man/docker-run.1.md index 51df3df153..a18bae469e 100644 --- a/man/docker-run.1.md +++ b/man/docker-run.1.md @@ -388,7 +388,7 @@ string name. The name is useful when defining links (see **--link**) (or any other place you need to identify a container). This works for both background and foreground Docker containers. -**--net**="*bridge*" +**--network**="*bridge*" Set the Network mode for the container 'bridge': create a network stack on the default Docker bridge 'none': no networking