Flip the default for the flag AllowNonDefaultBridge in bridge driver

Replaced it with DisableBridgeCreation and it can be used ONLY in a special case for docker0 bridge from docker, instead of calling it from all other case. Signed-off-by: Madhu Venugopal <madhu@docker.com>
2022-11-09 12:21:53 -05:00 · 2015-09-23 18:01:04 -07:00 · 2015-09-23 18:01:04 -07:00 · a42e5f0663
commit a42e5f0663
parent 02fd54ea61
12 changed files with 80 additions and 103 deletions
--- a/libnetwork/api/api.go
+++ b/libnetwork/api/api.go
@ -291,9 +291,6 @@ func processCreateDefaults(c libnetwork.NetworkController, nc *networkCreate) {
 		if _, ok := gData["BridgeName"]; !ok {
 			gData["BridgeName"] = nc.Name
 		}
-		if _, ok := gData["AllowNonDefaultBridge"]; !ok {
-			gData["AllowNonDefaultBridge"] = "true"
-		}
 		nc.Options[netlabel.GenericData] = genericData
 	}
 }
--- a/libnetwork/api/api_test.go
+++ b/libnetwork/api/api_test.go
@ -96,7 +96,6 @@ func createTestNetwork(t *testing.T, network string) (libnetwork.NetworkControll
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": network,
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	netGeneric := libnetwork.NetworkOptionGeneric(netOption)
@ -211,7 +210,6 @@ func TestCreateDeleteNetwork(t *testing.T) {
 		netlabel.EnableIPv6: true,
 		netlabel.GenericData: map[string]string{
 			"BridgeName":  "abc",
-			"AllowNonDefaultBridge": "true",
 			"FixedCIDRv6": "fe80::1/64",
 			"AddressIP":   "172.28.30.254/24",
 		},
@ -257,7 +255,6 @@ func TestGetNetworksAndEndpoints(t *testing.T) {
 	ops := options.Generic{
 		netlabel.GenericData: map[string]string{
 			"BridgeName": "api_test_nw",
-			"AllowNonDefaultBridge": "true",
 		},
 	}

@ -528,7 +525,6 @@ func TestProcGetServices(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": netName1,
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	nw1, err := c.NewNetwork(bridgeNetType, netName1, libnetwork.NetworkOptionGeneric(netOption))
@ -540,7 +536,6 @@ func TestProcGetServices(t *testing.T) {
 	netOption = options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": netName2,
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	nw2, err := c.NewNetwork(bridgeNetType, netName2, libnetwork.NetworkOptionGeneric(netOption))
@ -1778,7 +1773,6 @@ func TestEndToEnd(t *testing.T) {
 			"EnableIPTables":      "true",
 			"AddressIP":           "172.28.30.254/16",
 			"EnableUserlandProxy": "true",
-			"AllowNonDefaultBridge": "true",
 		},
 	}

--- a/libnetwork/cmd/dnet/dnet.go
+++ b/libnetwork/cmd/dnet/dnet.go
@ -116,7 +116,6 @@ func createDefaultNetwork(c libnetwork.NetworkController) {
 		if d == "bridge" {
 			genericOption[netlabel.GenericData] = map[string]interface{}{
 				"BridgeName": nw,
-				"AllowNonDefaultBridge": "true",
 			}
 			networkOption := libnetwork.NetworkOptionGeneric(genericOption)
 			createOptions = append(createOptions, networkOption)
--- a/libnetwork/default_gateway.go
+++ b/libnetwork/default_gateway.go
@ -95,7 +95,6 @@ func (c *controller) createGWNetwork() (Network, error) {
 	netOption := options.Generic{
 		"BridgeName":         libnGWNetwork,
 		"EnableICC":          false,
-		"AllowNonDefaultBridge": true,
 		"EnableIPMasquerade": true,
 	}

--- a/libnetwork/drivers/bridge/bridge.go
+++ b/libnetwork/drivers/bridge/bridge.go
@ -59,7 +59,7 @@ type networkConfiguration struct {
 	DefaultGatewayIPv4    net.IP
 	DefaultGatewayIPv6    net.IP
 	DefaultBindingIP      net.IP
-	AllowNonDefaultBridge bool
+	DisableBridgeCreation bool
 }

 // endpointConfiguration represents the user specified configuration for the sandbox endpoint
@ -249,13 +249,13 @@ func (c *networkConfiguration) fromMap(data map[string]interface{}) error {
 		}
 	}

-	if i, ok := data["AllowNonDefaultBridge"]; ok && i != nil {
+	if i, ok := data["DisableBridgeCreation"]; ok && i != nil {
 		if s, ok := i.(string); ok {
-			if c.AllowNonDefaultBridge, err = strconv.ParseBool(s); err != nil {
-				return types.BadRequestErrorf("failed to parse AllowNonDefaultBridge value: %s", err.Error())
+			if c.DisableBridgeCreation, err = strconv.ParseBool(s); err != nil {
+				return types.BadRequestErrorf("failed to parse DisableBridgeCreation value: %s", err.Error())
 			}
 		} else {
-			return types.BadRequestErrorf("invalid type for AllowNonDefaultBridge value")
+			return types.BadRequestErrorf("invalid type for DisableBridgeCreation value")
 		}
 	}

--- a/libnetwork/drivers/bridge/bridge_test.go
+++ b/libnetwork/drivers/bridge/bridge_test.go
@ -123,7 +123,7 @@ func TestCreateFail(t *testing.T) {
 		t.Fatalf("Failed to setup driver config: %v", err)
 	}

-	netconfig := &networkConfiguration{BridgeName: "dummy0"}
+	netconfig := &networkConfiguration{BridgeName: "dummy0", DisableBridgeCreation: true}
 	genericOption := make(map[string]interface{})
 	genericOption[netlabel.GenericData] = netconfig

@ -146,20 +146,20 @@ func TestCreateMultipleNetworks(t *testing.T) {
 		t.Fatalf("Failed to setup driver config: %v", err)
 	}

-	config1 := &networkConfiguration{BridgeName: "net_test_1", AllowNonDefaultBridge: true}
+	config1 := &networkConfiguration{BridgeName: "net_test_1"}
 	genericOption = make(map[string]interface{})
 	genericOption[netlabel.GenericData] = config1
 	if err := d.CreateNetwork("1", genericOption); err != nil {
 		t.Fatalf("Failed to create bridge: %v", err)
 	}

-	config2 := &networkConfiguration{BridgeName: "net_test_2", AllowNonDefaultBridge: true}
+	config2 := &networkConfiguration{BridgeName: "net_test_2"}
 	genericOption[netlabel.GenericData] = config2
 	if err := d.CreateNetwork("2", genericOption); err != nil {
 		t.Fatalf("Failed to create bridge: %v", err)
 	}

-	config3 := &networkConfiguration{BridgeName: "net_test_3", AllowNonDefaultBridge: true}
+	config3 := &networkConfiguration{BridgeName: "net_test_3"}
 	genericOption[netlabel.GenericData] = config3
 	if err := d.CreateNetwork("3", genericOption); err != nil {
 		t.Fatalf("Failed to create bridge: %v", err)
@ -168,7 +168,7 @@ func TestCreateMultipleNetworks(t *testing.T) {
 	// Verify the network isolation rules are installed, each network subnet should appear 4 times
 	verifyV4INCEntries(d.networks, 4, t)

-	config4 := &networkConfiguration{BridgeName: "net_test_4", AllowNonDefaultBridge: true}
+	config4 := &networkConfiguration{BridgeName: "net_test_4"}
 	genericOption[netlabel.GenericData] = config4
 	if err := d.CreateNetwork("4", genericOption); err != nil {
 		t.Fatalf("Failed to create bridge: %v", err)
--- a/libnetwork/drivers/bridge/errors.go
+++ b/libnetwork/drivers/bridge/errors.go
@ -211,6 +211,17 @@ func (ndbee NonDefaultBridgeExistError) Error() string {
 // Forbidden denotes the type of this error
 func (ndbee NonDefaultBridgeExistError) Forbidden() {}

+// NonDefaultBridgeNeedsIPError is returned when a non-default
+// bridge config is passed but it has no ip configured
+type NonDefaultBridgeNeedsIPError string
+
+func (ndbee NonDefaultBridgeNeedsIPError) Error() string {
+	return fmt.Sprintf("bridge device with non default name %s must have a valid IP address", string(ndbee))
+}
+
+// Forbidden denotes the type of this error
+func (ndbee NonDefaultBridgeNeedsIPError) Forbidden() {}
+
 // FixedCIDRv4Error is returned when fixed-cidrv4 configuration
 // failed.
 type FixedCIDRv4Error struct {
--- a/libnetwork/drivers/bridge/setup_device.go
+++ b/libnetwork/drivers/bridge/setup_device.go
@ -15,7 +15,7 @@ func setupDevice(config *networkConfiguration, i *bridgeInterface) error {

 	// We only attempt to create the bridge when the requested device name is
 	// the default one.
-	if config.BridgeName != DefaultBridgeName && !config.AllowNonDefaultBridge {
+	if config.BridgeName != DefaultBridgeName && config.DisableBridgeCreation {
 		return NonDefaultBridgeExistError(config.BridgeName)
 	}

--- a/libnetwork/drivers/bridge/setup_device_test.go
+++ b/libnetwork/drivers/bridge/setup_device_test.go
@ -33,7 +33,7 @@ func TestSetupNewBridge(t *testing.T) {
 func TestSetupNewNonDefaultBridge(t *testing.T) {
 	defer testutils.SetupTestOSContext(t)()

-	config := &networkConfiguration{BridgeName: "test0"}
+	config := &networkConfiguration{BridgeName: "test0", DisableBridgeCreation: true}
 	br := &bridgeInterface{}

 	err := setupDevice(config, br)
--- a/libnetwork/drivers/bridge/setup_ipv4.go
+++ b/libnetwork/drivers/bridge/setup_ipv4.go
@ -53,8 +53,8 @@ func setupBridgeIPv4(config *networkConfiguration, i *bridgeInterface) error {

 	// Do not try to configure IPv4 on a non-default bridge unless you are
 	// specifically asked to do so.
-	if config.BridgeName != DefaultBridgeName && !config.AllowNonDefaultBridge {
-		return NonDefaultBridgeExistError(config.BridgeName)
+	if config.BridgeName != DefaultBridgeName && config.DisableBridgeCreation {
+		return NonDefaultBridgeNeedsIPError(config.BridgeName)
 	}

 	bridgeIPv4, err := electBridgeIPv4(config)
--- a/libnetwork/libnetwork_test.go
+++ b/libnetwork/libnetwork_test.go
@ -294,7 +294,6 @@ func TestBridge(t *testing.T) {
 			"FixedCIDRv6":        cidrv6,
 			"EnableIPv6":         true,
 			"EnableICC":          true,
-			"AllowNonDefaultBridge": true,
 			"EnableIPMasquerade": true,
 		},
 	}
@ -390,7 +389,6 @@ func TestNetworkName(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -427,7 +425,6 @@ func TestNetworkType(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -454,7 +451,6 @@ func TestNetworkID(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -480,7 +476,7 @@ func TestDeleteNetworkWithActiveEndpoints(t *testing.T) {

 	netOption := options.Generic{
 		"BridgeName": "testnetwork",
-		"AllowNonDefaultBridge": true}
+	}
 	option := options.Generic{
 		netlabel.GenericData: netOption,
 	}
@ -521,7 +517,7 @@ func TestUnknownNetwork(t *testing.T) {

 	netOption := options.Generic{
 		"BridgeName": "testnetwork",
-		"AllowNonDefaultBridge": true}
+	}
 	option := options.Generic{
 		netlabel.GenericData: netOption,
 	}
@ -560,7 +556,7 @@ func TestUnknownEndpoint(t *testing.T) {
 	netOption := options.Generic{
 		"BridgeName":  "testnetwork",
 		"AddressIPv4": subnet,
-		"AllowNonDefaultBridge": true}
+	}
 	option := options.Generic{
 		netlabel.GenericData: netOption,
 	}
@ -603,7 +599,6 @@ func TestNetworkEndpointsWalkers(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network1",
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -676,7 +671,6 @@ func TestNetworkEndpointsWalkers(t *testing.T) {
 	netOption = options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network2",
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -734,7 +728,6 @@ func TestDuplicateEndpoint(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	n, err := createTestNetwork(bridgeNetType, "testnetwork", netOption)
@ -785,7 +778,6 @@ func TestControllerQuery(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network1",
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	net1, err := createTestNetwork(bridgeNetType, "network1", netOption)
@ -802,7 +794,6 @@ func TestControllerQuery(t *testing.T) {
 	netOption = options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network2",
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	net2, err := createTestNetwork(bridgeNetType, "network2", netOption)
@ -889,7 +880,6 @@ func TestNetworkQuery(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network1",
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	net1, err := createTestNetwork(bridgeNetType, "network1", netOption)
@ -1011,7 +1001,6 @@ func TestEndpointJoin(t *testing.T) {
 	n1, err := createTestNetwork(bridgeNetType, "testnetwork1", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork1",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1122,7 +1111,6 @@ func TestEndpointJoin(t *testing.T) {
 		options.Generic{
 			netlabel.GenericData: options.Generic{
 				"BridgeName": "testnetwork2",
-				"AllowNonDefaultBridge": true,
 			},
 		})
 	if err != nil {
@ -1214,7 +1202,6 @@ func externalKeyTest(t *testing.T, reexec bool) {
 	n, err := createTestNetwork(bridgeNetType, "testnetwork", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1364,7 +1351,6 @@ func TestEndpointDeleteWithActiveContainer(t *testing.T) {
 	n, err := createTestNetwork(bridgeNetType, "testnetwork", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1428,7 +1414,6 @@ func TestEndpointMultipleJoins(t *testing.T) {
 	n, err := createTestNetwork(bridgeNetType, "testmultiple", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testmultiple",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1500,7 +1485,6 @@ func TestLeaveAll(t *testing.T) {
 	n, err := createTestNetwork(bridgeNetType, "testnetwork", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1564,7 +1548,6 @@ func TestontainerInvalidLeave(t *testing.T) {
 	n, err := createTestNetwork(bridgeNetType, "testnetwork", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1631,7 +1614,6 @@ func TestEndpointUpdateParent(t *testing.T) {
 	n, err := createTestNetwork("bridge", "testnetwork", options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	})
 	if err != nil {
@ -1738,7 +1720,6 @@ func TestEnableIPv6(t *testing.T) {
 		netlabel.GenericData: options.Generic{
 			"BridgeName":  "testnetwork",
 			"FixedCIDRv6": cidrv6,
-			"AllowNonDefaultBridge": true,
 		},
 	}

@ -1910,7 +1891,6 @@ func TestResolvConf(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "testnetwork",
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	n, err := createTestNetwork("bridge", "testnetwork", netOption)
@ -2179,7 +2159,6 @@ func createGlobalInstance(t *testing.T) {
 	netOption := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": "network",
-			"AllowNonDefaultBridge": true,
 		},
 	}

--- a/libnetwork/sandbox_test.go
+++ b/libnetwork/sandbox_test.go
@ -36,7 +36,6 @@ func getTestEnv(t *testing.T) (NetworkController, Network, Network) {
 	netOption1 := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": name1,
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	n1, err := c.NewNetwork(netType, name1, NetworkOptionGeneric(netOption1))
@ -48,7 +47,6 @@ func getTestEnv(t *testing.T) (NetworkController, Network, Network) {
 	netOption2 := options.Generic{
 		netlabel.GenericData: options.Generic{
 			"BridgeName": name2,
-			"AllowNonDefaultBridge": true,
 		},
 	}
 	n2, err := c.NewNetwork(netType, name2, NetworkOptionGeneric(netOption2))