mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Add --ip-forward flag to daemon (enabled by default) which automatically sets "net.ipv4.ip_forward" to 1
See also https://groups.google.com/d/topic/docker-dev/DCjF5Prx7HA/discussion Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
This commit is contained in:
parent
ed12818f99
commit
cabe624c82
3 changed files with 12 additions and 0 deletions
|
@ -13,6 +13,7 @@ type DaemonConfig struct {
|
|||
EnableCors bool
|
||||
Dns []string
|
||||
EnableIptables bool
|
||||
EnableIpForward bool
|
||||
BridgeIface string
|
||||
BridgeIp string
|
||||
DefaultIp net.IP
|
||||
|
@ -33,6 +34,7 @@ func ConfigFromJob(job *engine.Job) *DaemonConfig {
|
|||
config.Dns = dns
|
||||
}
|
||||
config.EnableIptables = job.GetenvBool("EnableIptables")
|
||||
config.EnableIpForward = job.GetenvBool("EnableIpForward")
|
||||
if br := job.Getenv("BridgeIface"); br != "" {
|
||||
config.BridgeIface = br
|
||||
} else {
|
||||
|
|
|
@ -36,6 +36,7 @@ func main() {
|
|||
flEnableCors = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API")
|
||||
flDns = docker.NewListOpts(docker.ValidateIp4Address)
|
||||
flEnableIptables = flag.Bool([]string{"#iptables", "-iptables"}, true, "Disable docker's addition of iptables rules")
|
||||
flEnableIpForward = flag.Bool([]string{"#ip-forward", "-ip-forward"}, true, "Disable enabling of net.ipv4.ip_forward")
|
||||
flDefaultIp = flag.String([]string{"#ip", "-ip"}, "0.0.0.0", "Default IP address to use when binding container ports")
|
||||
flInterContainerComm = flag.Bool([]string{"#icc", "-icc"}, true, "Enable inter-container communication")
|
||||
flGraphDriver = flag.String([]string{"s", "-storage-driver"}, "", "Force the docker runtime to use a specific storage driver")
|
||||
|
@ -88,6 +89,7 @@ func main() {
|
|||
job.SetenvBool("EnableCors", *flEnableCors)
|
||||
job.SetenvList("Dns", flDns.GetAll())
|
||||
job.SetenvBool("EnableIptables", *flEnableIptables)
|
||||
job.SetenvBool("EnableIpForward", *flEnableIpForward)
|
||||
job.Setenv("BridgeIface", *bridgeName)
|
||||
job.Setenv("BridgeIp", *bridgeIp)
|
||||
job.Setenv("DefaultIp", *flDefaultIp)
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"github.com/dotcloud/docker/pkg/netlink"
|
||||
"github.com/dotcloud/docker/proxy"
|
||||
"github.com/dotcloud/docker/utils"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net"
|
||||
"strconv"
|
||||
|
@ -499,6 +500,13 @@ func newNetworkManager(config *DaemonConfig) (*NetworkManager, error) {
|
|||
}
|
||||
}
|
||||
|
||||
if config.EnableIpForward {
|
||||
// Enable IPv4 forwarding
|
||||
if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte{'1', '\n'}, 0644); err != nil {
|
||||
log.Printf("WARNING: unable to enable IPv4 forwarding: %s\n", err)
|
||||
}
|
||||
}
|
||||
|
||||
portMapper, err := newPortMapper(config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
Loading…
Reference in a new issue