kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Add --ip-forward flag to daemon (enabled by default) which automatically sets "net.ipv4.ip_forward" to 1

Browse source 
See also https://groups.google.com/d/topic/docker-dev/DCjF5Prx7HA/discussion

Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
This commit is contained in:
Tianon Gravi 2014-01-27 21:35:05 -07:00
parent ed12818f99
commit cabe624c82
3 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config.go
View file

@ -13,6 +13,7 @@ type DaemonConfig struct {
EnableCors bool EnableCors bool
Dns []string Dns []string
EnableIptables bool EnableIptables bool
EnableIpForward bool
BridgeIface string BridgeIface string
BridgeIp string BridgeIp string
DefaultIp net.IP DefaultIp net.IP
@ -33,6 +34,7 @@ func ConfigFromJob(job *engine.Job) *DaemonConfig {
config.Dns = dns config.Dns = dns
} }
config.EnableIptables = job.GetenvBool("EnableIptables") config.EnableIptables = job.GetenvBool("EnableIptables")
config.EnableIpForward = job.GetenvBool("EnableIpForward")
if br := job.Getenv("BridgeIface"); br != "" { if br := job.Getenv("BridgeIface"); br != "" {
config.BridgeIface = br config.BridgeIface = br
} else { } else {

2
docker/docker.go
View file

@ -36,6 +36,7 @@ func main() {
flEnableCors = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API") flEnableCors = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API")
flDns = docker.NewListOpts(docker.ValidateIp4Address) flDns = docker.NewListOpts(docker.ValidateIp4Address)
flEnableIptables = flag.Bool([]string{"#iptables", "-iptables"}, true, "Disable docker's addition of iptables rules") flEnableIptables = flag.Bool([]string{"#iptables", "-iptables"}, true, "Disable docker's addition of iptables rules")
flEnableIpForward = flag.Bool([]string{"#ip-forward", "-ip-forward"}, true, "Disable enabling of net.ipv4.ip_forward")
flDefaultIp = flag.String([]string{"#ip", "-ip"}, "0.0.0.0", "Default IP address to use when binding container ports") flDefaultIp = flag.String([]string{"#ip", "-ip"}, "0.0.0.0", "Default IP address to use when binding container ports")
flInterContainerComm = flag.Bool([]string{"#icc", "-icc"}, true, "Enable inter-container communication") flInterContainerComm = flag.Bool([]string{"#icc", "-icc"}, true, "Enable inter-container communication")
flGraphDriver = flag.String([]string{"s", "-storage-driver"}, "", "Force the docker runtime to use a specific storage driver") flGraphDriver = flag.String([]string{"s", "-storage-driver"}, "", "Force the docker runtime to use a specific storage driver")
@ -88,6 +89,7 @@ func main() {
job.SetenvBool("EnableCors", *flEnableCors) job.SetenvBool("EnableCors", *flEnableCors)
job.SetenvList("Dns", flDns.GetAll()) job.SetenvList("Dns", flDns.GetAll())
job.SetenvBool("EnableIptables", *flEnableIptables) job.SetenvBool("EnableIptables", *flEnableIptables)
job.SetenvBool("EnableIpForward", *flEnableIpForward)
job.Setenv("BridgeIface", *bridgeName) job.Setenv("BridgeIface", *bridgeName)
job.Setenv("BridgeIp", *bridgeIp) job.Setenv("BridgeIp", *bridgeIp)
job.Setenv("DefaultIp", *flDefaultIp) job.Setenv("DefaultIp", *flDefaultIp)

8
network.go
View file

@ -9,6 +9,7 @@ import (
"github.com/dotcloud/docker/pkg/netlink" "github.com/dotcloud/docker/pkg/netlink"
"github.com/dotcloud/docker/proxy" "github.com/dotcloud/docker/proxy"
"github.com/dotcloud/docker/utils" "github.com/dotcloud/docker/utils"
"io/ioutil"
"log" "log"
"net" "net"
"strconv" "strconv"
@ -499,6 +500,13 @@ func newNetworkManager(config *DaemonConfig) (*NetworkManager, error) {
} }
} }
if config.EnableIpForward {
// Enable IPv4 forwarding
if err := ioutil.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte{'1', '\n'}, 0644); err != nil {
log.Printf("WARNING: unable to enable IPv4 forwarding: %s\n", err)
}
}
portMapper, err := newPortMapper(config) portMapper, err := newPortMapper(config)
if err != nil { if err != nil {
return nil, err return nil, err