kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Added macvlan and ipvlan drivers

Browse source 
- Notes at: https://gist.github.com/nerdalert/c0363c15d20986633fda

Signed-off-by: Brent Salisbury <brent@docker.com>
This commit is contained in:
Brent Salisbury 2016-02-16 22:15:18 -05:00
parent a8d59fda75
commit ea30113303
19 changed files with 2336 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

86
libnetwork/drivers/ipvlan/ipvlan.go Normal file
View file

@ -0,0 +1,86 @@
package ipvlan
import (
"net"
"sync"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/datastore"
"github.com/docker/libnetwork/discoverapi"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/osl"
)
const (
vethLen = 7
containerVethPrefix = "eth"
vethPrefix = "veth"
ipvlanType = "ipvlan" // driver type name
modeL2 = "l2" // ipvlan mode l2 is the default
modeL3 = "l3" // ipvlan L3 mode
hostIfaceOpt = "host_iface" // host interface -o host_iface
modeOpt = "_mode" // ipvlan mode ux opt suffix
)
var driverModeOpt = ipvlanType + modeOpt // mode --option ipvlan_mode
type endpointTable map[string]*endpoint
type networkTable map[string]*network
type driver struct {
networks networkTable
sync.Once
sync.Mutex
store datastore.DataStore
}
type endpoint struct {
id string
mac net.HardwareAddr
addr *net.IPNet
addrv6 *net.IPNet
srcName string
}
type network struct {
id string
sbox osl.Sandbox
endpoints endpointTable
driver *driver
config *configuration
sync.Mutex
}
// Init initializes and registers the libnetwork ipvlan driver
func Init(dc driverapi.DriverCallback, config map[string]interface{}) error {
if err := kernelSupport(ipvlanType); err != nil {
logrus.Warnf("encountered issues loading the ipvlan kernel module: %v", err)
}
c := driverapi.Capability{
DataScope: datastore.LocalScope,
}
d := &driver{
networks: networkTable{},
}
d.initStore(config)
return dc.RegisterDriver(ipvlanType, d, c)
}
func (d *driver) EndpointOperInfo(nid, eid string) (map[string]interface{}, error) {
return make(map[string]interface{}, 0), nil
}
func (d *driver) Type() string {
return ipvlanType
}
// DiscoverNew is a notification for a new discovery event.
func (d *driver) DiscoverNew(dType discoverapi.DiscoveryType, data interface{}) error {
return nil
}
// DiscoverDelete is a notification for a discovery delete event.
func (d *driver) DiscoverDelete(dType discoverapi.DiscoveryType, data interface{}) error {
return nil
}

80
libnetwork/drivers/ipvlan/ipvlan_endpoint.go Normal file
View file

@ -0,0 +1,80 @@
package ipvlan
import (
"fmt"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/types"
"github.com/vishvananda/netlink"
)
// CreateEndpoint assigns the mac, ip and endpoint id for the new container
func (d *driver) CreateEndpoint(nid, eid string, ifInfo driverapi.InterfaceInfo,
epOptions map[string]interface{}) error {
if err := validateID(nid, eid); err != nil {
return err
}
n, err := d.getNetwork(nid)
if err != nil {
return fmt.Errorf("network id %q not found", nid)
}
if ifInfo.MacAddress() != nil {
return fmt.Errorf("%s interfaces do not support custom mac address assigment", ipvlanType)
}
ep := &endpoint{
id: eid,
addr: ifInfo.Address(),
addrv6: ifInfo.AddressIPv6(),
mac: ifInfo.MacAddress(),
}
if ep.addr == nil {
return fmt.Errorf("create endpoint was not passed an IP address")
}
if ep.mac == nil {
ep.mac = netutils.GenerateMACFromIP(ep.addr.IP)
if err := ifInfo.SetMacAddress(ep.mac); err != nil {
return err
}
}
// disallow port mapping -p
if opt, ok := epOptions[netlabel.PortMap]; ok {
if _, ok := opt.([]types.PortBinding); ok {
if len(opt.([]types.PortBinding)) > 0 {
return fmt.Errorf("%s driver does not support port mappings", ipvlanType)
}
}
}
// disallow port exposure --expose
if opt, ok := epOptions[netlabel.ExposedPorts]; ok {
if _, ok := opt.([]types.TransportPort); ok {
if len(opt.([]types.TransportPort)) > 0 {
return fmt.Errorf("%s driver does not support port exposures", ipvlanType)
}
}
}
n.addEndpoint(ep)
return nil
}
// DeleteEndpoint remove the endpoint and associated netlink interface
func (d *driver) DeleteEndpoint(nid, eid string) error {
if err := validateID(nid, eid); err != nil {
return err
}
n := d.network(nid)
if n == nil {
return fmt.Errorf("network id %q not found", nid)
}
ep := n.endpoint(eid)
if ep == nil {
return fmt.Errorf("endpoint id %q not found", eid)
}
if link, err := netlink.LinkByName(ep.srcName); err == nil {
netlink.LinkDel(link)
}
return nil
}

189
libnetwork/drivers/ipvlan/ipvlan_joinleave.go Normal file
View file

@ -0,0 +1,189 @@
package ipvlan
import (
"fmt"
"net"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/osl"
"github.com/docker/libnetwork/types"
)
type staticRoute struct {
Destination *net.IPNet
RouteType int
NextHop net.IP
}
const (
defaultV4RouteCidr = "0.0.0.0/0"
defaultV6RouteCidr = "::/0"
)
// Join method is invoked when a Sandbox is attached to an endpoint.
func (d *driver) Join(nid, eid string, sboxKey string, jinfo driverapi.JoinInfo, options map[string]interface{}) error {
defer osl.InitOSContext()()
n, err := d.getNetwork(nid)
if err != nil {
return err
}
endpoint := n.endpoint(eid)
if endpoint == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
// generate a name for the iface that will be renamed to eth0 in the sbox
containerIfName, err := netutils.GenerateIfaceName(vethPrefix, vethLen)
if err != nil {
return fmt.Errorf("error generating an interface name: %v", err)
}
// create the netlink ipvlan interface
vethName, err := createIPVlan(containerIfName, n.config.HostIface, n.config.IpvlanMode)
if err != nil {
return err
}
// bind the generated iface name to the endpoint
endpoint.srcName = vethName
ep := n.endpoint(eid)
if ep == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
if n.config.IpvlanMode == modeL3 {
// disable gateway services to add a default gw using dev eth0 only
jinfo.DisableGatewayService()
defaultRoute, err := ifaceGateway(defaultV4RouteCidr)
if err != nil {
return err
}
if err := jinfo.AddStaticRoute(defaultRoute.Destination, defaultRoute.RouteType, defaultRoute.NextHop); err != nil {
return fmt.Errorf("failed to set an ipvlan l3 mode ipv4 default gateway: %v", err)
}
logrus.Debugf("Ipvlan Endpoint Joined with IPv4_Addr: %s, Ipvlan_Mode: %s, Host_Iface: %s",
ep.addr.IP.String(), n.config.IpvlanMode, n.config.HostIface)
// If the endpoint has a v6 address, set a v6 default route
if ep.addrv6 != nil {
default6Route, err := ifaceGateway(defaultV6RouteCidr)
if err != nil {
return err
}
if err = jinfo.AddStaticRoute(default6Route.Destination, default6Route.RouteType, default6Route.NextHop); err != nil {
return fmt.Errorf("failed to set an ipvlan l3 mode ipv6 default gateway: %v", err)
}
logrus.Debugf("Ipvlan Endpoint Joined with IPv6_Addr: %s, Ipvlan_Mode: %s, Host_Iface: %s",
ep.addrv6.IP.String(), n.config.IpvlanMode, n.config.HostIface)
}
}
if n.config.IpvlanMode == modeL2 {
// parse and correlate the endpoint v4 address with the available v4 subnets
if len(n.config.Ipv4Subnets) > 0 {
s := n.getSubnetforIPv4(ep.addr)
if s == nil {
return fmt.Errorf("could not find a valid ipv4 subnet for endpoint %s", eid)
}
v4gw, _, err := net.ParseCIDR(s.GwIP)
if err != nil {
return fmt.Errorf("gatway %s is not a valid ipv4 address: %v", s.GwIP, err)
}
err = jinfo.SetGateway(v4gw)
if err != nil {
return err
}
logrus.Debugf("Ipvlan Endpoint Joined with IPv4_Addr: %s, Gateway: %s, Ipvlan_Mode: %s, Host_Iface: %s",
ep.addr.IP.String(), v4gw.String(), n.config.IpvlanMode, n.config.HostIface)
}
// parse and correlate the endpoint v6 address with the available v6 subnets
if len(n.config.Ipv6Subnets) > 0 {
s := n.getSubnetforIPv6(ep.addrv6)
if s == nil {
return fmt.Errorf("could not find a valid ipv6 subnet for endpoint %s", eid)
}
v6gw, _, err := net.ParseCIDR(s.GwIP)
if err != nil {
return fmt.Errorf("gatway %s is not a valid ipv6 address: %v", s.GwIP, err)
}
err = jinfo.SetGatewayIPv6(v6gw)
if err != nil {
return err
}
logrus.Debugf("Ipvlan Endpoint Joined with IPv6_Addr: %s, Gateway: %s, Ipvlan_Mode: %s, Host_Iface: %s",
ep.addrv6.IP.String(), v6gw.String(), n.config.IpvlanMode, n.config.HostIface)
}
}
iNames := jinfo.InterfaceName()
err = iNames.SetNames(vethName, containerVethPrefix)
if err != nil {
return err
}
return nil
}
// Leave method is invoked when a Sandbox detaches from an endpoint.
func (d *driver) Leave(nid, eid string) error {
network, err := d.getNetwork(nid)
if err != nil {
return err
}
endpoint, err := network.getEndpoint(eid)
if err != nil {
return err
}
if endpoint == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
return nil
}
// ifaceGateway returns a static route for either v4/v6 to be set to the container eth0
func ifaceGateway(dfNet string) (*staticRoute, error) {
nh, dst, err := net.ParseCIDR(dfNet)
if err != nil {
return nil, fmt.Errorf("unable to parse default route %v", err)
}
defaultRoute := &staticRoute{
Destination: dst,
RouteType: types.CONNECTED,
NextHop: nh,
}
return defaultRoute, nil
}
// getSubnetforIPv4 returns the ipv4 subnet to which the given IP belongs
func (n *network) getSubnetforIPv4(ip *net.IPNet) *ipv4Subnet {
for _, s := range n.config.Ipv4Subnets {
_, snet, err := net.ParseCIDR(s.SubnetIP)
if err != nil {
return nil
}
// first check if the mask lengths are the same
i, _ := snet.Mask.Size()
j, _ := ip.Mask.Size()
if i != j {
continue
}
if snet.Contains(ip.IP) {
return s
}
}
return nil
}
// getSubnetforIPv6 returns the ipv6 subnet to which the given IP belongs
func (n *network) getSubnetforIPv6(ip *net.IPNet) *ipv6Subnet {
for _, s := range n.config.Ipv6Subnets {
_, snet, err := net.ParseCIDR(s.SubnetIP)
if err != nil {
return nil
}
// first check if the mask lengths are the same
i, _ := snet.Mask.Size()
j, _ := ip.Mask.Size()
if i != j {
continue
}
if snet.Contains(ip.IP) {
return s
}
}
return nil
}

187
libnetwork/drivers/ipvlan/ipvlan_network.go Normal file
View file

@ -0,0 +1,187 @@
package ipvlan
import (
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/docker/pkg/stringid"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/options"
"github.com/docker/libnetwork/types"
)
// CreateNetwork the network for the specified driver type
func (d *driver) CreateNetwork(id string, option map[string]interface{}, ipV4Data, ipV6Data []driverapi.IPAMData) error {
// parse and validate the config and bind to networkConfiguration
config, err := parseNetworkOptions(id, option)
if err != nil {
return err
}
config.ID = id
err = config.processIPAM(id, ipV4Data, ipV6Data)
if err != nil {
return err
}
// verify the ipvlan mode from -o ipvlan_mode option
switch config.IpvlanMode {
case "", modeL2:
// default to ipvlan L2 mode if -o ipvlan_mode is empty
config.IpvlanMode = modeL2
case modeL3:
config.IpvlanMode = modeL3
default:
return fmt.Errorf("requested ipvlan mode '%s' is not valid, 'l2' mode is the ipvlan driver default", config.IpvlanMode)
}
// user must specify a parent interface on the host to attach the container vif -o host_iface=eth0
if config.HostIface == "" {
return fmt.Errorf("%s requires an interface from the docker host to be specified (usage: -o host_iface=eth)", ipvlanType)
}
// loopback is not a valid parent link
if config.HostIface == "lo" {
return fmt.Errorf("loopback interface is not a valid %s parent link", ipvlanType)
}
err = d.createNetwork(config)
if err != nil {
return err
}
// update persistent db, rollback on fail
err = d.storeUpdate(config)
if err != nil {
d.deleteNetwork(config.ID)
return err
}
return nil
}
// createNetwork is used by new network callbacks and persistent network cache
func (d *driver) createNetwork(config *configuration) error {
networkList := d.getNetworks()
for _, nw := range networkList {
if config.HostIface == nw.config.HostIface {
return fmt.Errorf("network %s is already using host interface %s",
stringid.TruncateID(nw.config.ID), config.HostIface)
}
}
// if the -o host_iface does not exist, attempt to parse a parent_iface.vlan_id
if ok := hostIfaceExists(config.HostIface); !ok {
// if the subinterface parent_iface.vlan_id checks do not pass, return err.
// a valid example is eth0.10 for a parent iface: eth0 with a vlan id: 10
err := createVlanLink(config.HostIface)
if err != nil {
return err
}
// if driver created the networks slave link, record it for future deletion
config.CreatedSlaveLink = true
}
n := &network{
id: config.ID,
driver: d,
endpoints: endpointTable{},
config: config,
}
// add the *network
d.addNetwork(n)
return nil
}
// DeleteNetwork the network for the specified driver type
func (d *driver) DeleteNetwork(nid string) error {
n := d.network(nid)
// if the driver created the slave interface, delete it, otherwise leave it
if ok := n.config.CreatedSlaveLink; ok {
// if the interface exists, only delete if it matches iface.vlan naming
if ok := hostIfaceExists(n.config.HostIface); ok {
err := delVlanLink(n.config.HostIface)
if err != nil {
logrus.Debugf("link %s was not deleted, continuing the delete network operation: %v", n.config.HostIface, err)
}
}
}
// delete the *network
d.deleteNetwork(nid)
// delete the network record from persistent cache
return d.storeDelete(n.config)
}
// parseNetworkOptions parse docker network options
func parseNetworkOptions(id string, option options.Generic) (*configuration, error) {
var (
err error
config = &configuration{}
)
// parse generic labels first
if genData, ok := option[netlabel.GenericData]; ok && genData != nil {
if config, err = parseNetworkGenericOptions(genData); err != nil {
return nil, err
}
}
// return an error if the unsupported --internal is passed
if _, ok := option[netlabel.Internal]; ok {
return nil, fmt.Errorf("--internal option is not supported with the ipvlan driver")
}
return config, nil
}
// parseNetworkGenericOptions parse generic driver docker network options
func parseNetworkGenericOptions(data interface{}) (*configuration, error) {
var (
err error
config *configuration
)
switch opt := data.(type) {
case *configuration:
config = opt
case map[string]string:
config = &configuration{}
err = config.fromOptions(opt)
case options.Generic:
var opaqueConfig interface{}
if opaqueConfig, err = options.GenerateFromModel(opt, config); err == nil {
config = opaqueConfig.(*configuration)
}
default:
err = types.BadRequestErrorf("unrecognized network configuration format: %v", opt)
}
return config, err
}
// fromOptions binds the generic options to networkConfiguration to cache
func (config *configuration) fromOptions(labels map[string]string) error {
for label, value := range labels {
switch label {
case hostIfaceOpt:
// parse driver option '-o host_iface'
config.HostIface = value
case driverModeOpt:
// parse driver option '-o ipvlan_mode'
config.IpvlanMode = value
}
}
return nil
}
// processIPAM parses v4 and v6 IP information and binds it to the network configuration
func (config *configuration) processIPAM(id string, ipamV4Data, ipamV6Data []driverapi.IPAMData) error {
if len(ipamV4Data) > 0 {
for _, ipd := range ipamV4Data {
s := &ipv4Subnet{
SubnetIP: ipd.Pool.String(),
GwIP: ipd.Gateway.String(),
}
config.Ipv4Subnets = append(config.Ipv4Subnets, s)
}
}
if len(ipamV6Data) > 0 {
for _, ipd := range ipamV6Data {
s := &ipv6Subnet{
SubnetIP: ipd.Pool.String(),
GwIP: ipd.Gateway.String(),
}
config.Ipv6Subnets = append(config.Ipv6Subnets, s)
}
}
return nil
}

166
libnetwork/drivers/ipvlan/ipvlan_setup.go Normal file
View file

@ -0,0 +1,166 @@
package ipvlan
import (
"bufio"
"fmt"
"os"
"os/exec"
"strconv"
"strings"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/osl"
"github.com/vishvananda/netlink"
)
// Create the ipvlan netlink interface specifying the source name
func createIPVlan(containerIfName, hostIface, ipVlanMode string) (string, error) {
defer osl.InitOSContext()()
// Set the ipvlan mode. Default is L2 mode
mode, err := setIPVlanMode(ipVlanMode)
if err != nil {
return "", fmt.Errorf("unsupported %s ipvlan mode: %v", ipVlanMode, err)
}
// Get the link for the master index (Example: the docker host eth iface)
hostEth, err := netlink.LinkByName(hostIface)
if err != nil {
return "", fmt.Errorf("the requested host interface %s was not found on the Docker host", hostIface)
}
// Create a ipvlan link
ipvlan := &netlink.IPVlan{
LinkAttrs: netlink.LinkAttrs{
Name: containerIfName,
ParentIndex: hostEth.Attrs().Index,
},
Mode: mode,
}
if err := netlink.LinkAdd(ipvlan); err != nil {
// verbose but will be an issue if you create a macvlan and ipvlan using the same parent iface
logrus.Warn("Ensure there are no macvlan networks using the same `-o host_iface` as the ipvlan network.")
return "", fmt.Errorf("Failed to create ipvlan link: %s with the error: %v", ipvlan.Name, err)
}
return ipvlan.Attrs().Name, nil
}
// setIPVlanMode setter for one of the two ipvlan port types
func setIPVlanMode(mode string) (netlink.IPVlanMode, error) {
switch mode {
case modeL2:
return netlink.IPVLAN_MODE_L2, nil
case modeL3:
return netlink.IPVLAN_MODE_L3, nil
default:
return 0, fmt.Errorf("Unknown ipvlan mode: %s", mode)
}
}
// validateHostIface check if the specified interface exists in the default namespace
func hostIfaceExists(ifaceStr string) bool {
_, err := netlink.LinkByName(ifaceStr)
if err != nil {
return false
}
return true
}
// kernelSupport for the necessary kernel module for the driver type
func kernelSupport(networkTpe string) error {
// attempt to load the module, silent if successful or already loaded
exec.Command("modprobe", ipvlanType).Run()
f, err := os.Open("/proc/modules")
if err != nil {
return err
}
defer f.Close()
s := bufio.NewScanner(f)
for s.Scan() {
if strings.Contains(s.Text(), ipvlanType) {
return nil
}
}
return fmt.Errorf("required kernel module '%s' was not found in /proc/modules, ipvlan requires kernel version >= 3.19", ipvlanType)
}
// createVlanLink parses sub-interfaces and vlan id for creation
func createVlanLink(ifaceName string) error {
if strings.Contains(ifaceName, ".") {
parentIface, vidInt, err := parseVlan(ifaceName)
if err != nil {
return err
}
// VLAN identifier or VID is a 12-bit field specifying the VLAN to which the frame belongs
if vidInt > 4094 || vidInt < 1 {
return fmt.Errorf("vlan id must be between 1-4094, received: %d", vidInt)
}
// get the parent link to attach a vlan subinterface
hostIface, err := netlink.LinkByName(parentIface)
if err != nil {
return fmt.Errorf("failed to find master interface %s on the Docker host: %v", parentIface, err)
}
vlanIface := &netlink.Vlan{
LinkAttrs: netlink.LinkAttrs{
Name: ifaceName,
ParentIndex: hostIface.Attrs().Index,
},
VlanId: vidInt,
}
// create the subinterface
if err := netlink.LinkAdd(vlanIface); err != nil {
return fmt.Errorf("failed to create %s vlan link: %v", vlanIface.Name, err)
}
// Bring the new netlink iface up
if err := netlink.LinkSetUp(vlanIface); err != nil {
return fmt.Errorf("failed to enable %s the ipvlan netlink link: %v", vlanIface.Name, err)
}
logrus.Debugf("Added a vlan tagged netlink subinterface: %s with a vlan id: %d", ifaceName, vidInt)
return nil
}
return fmt.Errorf("invalid subinterface vlan name %s, example formatting is eth0.10", ifaceName)
}
// verifyVlanDel verifies only sub-interfaces with a vlan id get deleted
func delVlanLink(ifaceName string) error {
if strings.Contains(ifaceName, ".") {
_, _, err := parseVlan(ifaceName)
if err != nil {
return err
}
// delete the vlan subinterface
vlanIface, err := netlink.LinkByName(ifaceName)
if err != nil {
return fmt.Errorf("failed to find interface %s on the Docker host : %v", ifaceName, err)
}
// verify a parent interface isn't being deleted
if vlanIface.Attrs().ParentIndex == 0 {
return fmt.Errorf("interface %s does not appear to be a slave device: %v", ifaceName, err)
}
// delete the ipvlan slave device
if err := netlink.LinkDel(vlanIface); err != nil {
return fmt.Errorf("failed to delete %s link: %v", ifaceName, err)
}
logrus.Debugf("Deleted a vlan tagged netlink subinterface: %s", ifaceName)
}
// if the subinterface doesn't parse to iface.vlan_id leave the interface in
// place since it could be a user specified name not created by the driver.
return nil
}
// parseVlan parses and verifies a slave interface name: -o host_iface=eth0.10
func parseVlan(ifaceName string) (string, int, error) {
// parse -o host_iface=eth0.10
splitIface := strings.Split(ifaceName, ".")
if len(splitIface) != 2 {
return "", 0, fmt.Errorf("required interface name format is: name.vlan_id, ex. eth0.10 for vlan 10, instead received %s", ifaceName)
}
parentIface, vidStr := splitIface[0], splitIface[1]
// validate type and convert vlan id to int
vidInt, err := strconv.Atoi(vidStr)
if err != nil {
return "", 0, fmt.Errorf("unable to parse a valid vlan id from: %s (ex. eth0.10 for vlan 10)", vidStr)
}
// Check if the interface exists
if ok := hostIfaceExists(parentIface); !ok {
return "", 0, fmt.Errorf("-o host_iface parent interface does was not found on the host: %s", parentIface)
}
return parentIface, vidInt, nil
}

87
libnetwork/drivers/ipvlan/ipvlan_setup_test.go Normal file
View file

@ -0,0 +1,87 @@
package ipvlan
import (
"testing"
"github.com/vishvananda/netlink"
)
// TestValidateLink tests the validateHostIface function
func TestValidateLink(t *testing.T) {
validIface := "lo"
invalidIface := "foo12345"
// test a valid parent interface validation
if ok := hostIfaceExists(validIface); !ok {
t.Fatalf("failed validating loopback %s", validIface)
}
// test a invalid parent interface validation
if ok := hostIfaceExists(invalidIface); ok {
t.Fatalf("failed to invalidate interface %s", invalidIface)
}
}
// TestValidateSubLink tests valid 802.1q naming convention
func TestValidateSubLink(t *testing.T) {
validSubIface := "lo.10"
invalidSubIface1 := "lo"
invalidSubIface2 := "lo:10"
invalidSubIface3 := "foo123.456"
// test a valid parent_iface.vlan_id
_, _, err := parseVlan(validSubIface)
if err != nil {
t.Fatalf("failed subinterface validation: %v", err)
}
// test a invalid vid with a valid parent link
_, _, err = parseVlan(invalidSubIface1)
if err == nil {
t.Fatalf("failed subinterface validation test: %s", invalidSubIface1)
}
// test a valid vid with a valid parent link with a invalid delimiter
_, _, err = parseVlan(invalidSubIface2)
if err == nil {
t.Fatalf("failed subinterface validation test: %v", invalidSubIface2)
}
// test a invalid parent link with a valid vid
_, _, err = parseVlan(invalidSubIface3)
if err == nil {
t.Fatalf("failed subinterface validation test: %v", invalidSubIface3)
}
}
// TestSetIPVlanMode tests the ipvlan mode setter
func TestSetIPVlanMode(t *testing.T) {
// test ipvlan l2 mode
mode, err := setIPVlanMode(modeL2)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.IPVLAN_MODE_L2 {
t.Fatalf("expected %d got %d", netlink.IPVLAN_MODE_L2, mode)
}
// test ipvlan l3 mode
mode, err = setIPVlanMode(modeL3)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.IPVLAN_MODE_L3 {
t.Fatalf("expected %d got %d", netlink.IPVLAN_MODE_L3, mode)
}
// test invalid mode
mode, err = setIPVlanMode("foo")
if err == nil {
t.Fatal("invalid ipvlan mode should have returned an error")
}
if mode != 0 {
t.Fatalf("expected 0 got %d", mode)
}
// test null mode
mode, err = setIPVlanMode("")
if err == nil {
t.Fatal("invalid ipvlan mode should have returned an error")
}
if mode != 0 {
t.Fatalf("expected 0 got %d", mode)
}
}

109
libnetwork/drivers/ipvlan/ipvlan_state.go Normal file
View file

@ -0,0 +1,109 @@
package ipvlan
import (
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/osl"
"github.com/docker/libnetwork/types"
)
func (d *driver) network(nid string) *network {
d.Lock()
n, ok := d.networks[nid]
d.Unlock()
if !ok {
logrus.Errorf("network id %s not found", nid)
}
return n
}
func (d *driver) addNetwork(n *network) {
d.Lock()
d.networks[n.id] = n
d.Unlock()
}
func (d *driver) deleteNetwork(nid string) {
d.Lock()
delete(d.networks, nid)
d.Unlock()
}
// getNetworks Safely returns a slice of existng networks
func (d *driver) getNetworks() []*network {
d.Lock()
defer d.Unlock()
ls := make([]*network, 0, len(d.networks))
for _, nw := range d.networks {
ls = append(ls, nw)
}
return ls
}
func (n *network) endpoint(eid string) *endpoint {
n.Lock()
defer n.Unlock()
return n.endpoints[eid]
}
func (n *network) addEndpoint(ep *endpoint) {
n.Lock()
n.endpoints[ep.id] = ep
n.Unlock()
}
func (n *network) deleteEndpoint(eid string) {
n.Lock()
delete(n.endpoints, eid)
n.Unlock()
}
func (n *network) getEndpoint(eid string) (*endpoint, error) {
n.Lock()
defer n.Unlock()
if eid == "" {
return nil, fmt.Errorf("endpoint id %s not found", eid)
}
if ep, ok := n.endpoints[eid]; ok {
return ep, nil
}
return nil, nil
}
func validateID(nid, eid string) error {
if nid == "" {
return fmt.Errorf("invalid network id")
}
if eid == "" {
return fmt.Errorf("invalid endpoint id")
}
return nil
}
func (n *network) sandbox() osl.Sandbox {
n.Lock()
defer n.Unlock()
return n.sbox
}
func (n *network) setSandbox(sbox osl.Sandbox) {
n.Lock()
n.sbox = sbox
n.Unlock()
}
func (d *driver) getNetwork(id string) (*network, error) {
d.Lock()
defer d.Unlock()
if id == "" {
return nil, types.BadRequestErrorf("invalid network id: %s", id)
}
if nw, ok := d.networks[id]; ok {
return nw, nil
}
return nil, types.NotFoundErrorf("network not found: %s", id)
}

213
libnetwork/drivers/ipvlan/ipvlan_store.go Normal file
View file

@ -0,0 +1,213 @@
package ipvlan
import (
"encoding/json"
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/libkv/store/boltdb"
"github.com/docker/libnetwork/datastore"
"github.com/docker/libnetwork/discoverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/types"
)
const ipvlanPrefix = "ipvlan" // prefix used for persistent driver storage
// networkConfiguration for this driver's network specific configuration
type configuration struct {
ID string
Mtu int
dbIndex uint64
dbExists bool
Internal bool
HostIface string
IpvlanMode string
CreatedSlaveLink bool
Ipv4Subnets []*ipv4Subnet
Ipv6Subnets []*ipv6Subnet
}
type ipv4Subnet struct {
SubnetIP string
GwIP string
}
type ipv6Subnet struct {
SubnetIP string
GwIP string
}
// initStore drivers are responsible for caching their own persistent state
func (d *driver) initStore(option map[string]interface{}) error {
if data, ok := option[netlabel.LocalKVClient]; ok {
var err error
dsc, ok := data.(discoverapi.DatastoreConfigData)
if !ok {
return types.InternalErrorf("incorrect data in datastore configuration: %v", data)
}
d.store, err = datastore.NewDataStoreFromConfig(dsc)
if err != nil {
return types.InternalErrorf("ipvlan driver failed to initialize data store: %v", err)
}
return d.populateNetworks()
}
return nil
}
// populateNetworks is invoked at driver init to recreate persistently stored networks
func (d *driver) populateNetworks() error {
kvol, err := d.store.List(datastore.Key(ipvlanPrefix), &configuration{})
if err != nil && err != datastore.ErrKeyNotFound && err != boltdb.ErrBoltBucketNotFound {
return fmt.Errorf("failed to get ipvlan network configurations from store: %v", err)
}
// If empty it simply means no ipvlan networks have been created yet
if err == datastore.ErrKeyNotFound {
return nil
}
for _, kvo := range kvol {
config := kvo.(*configuration)
if err = d.createNetwork(config); err != nil {
logrus.Warnf("could not create ipvlan network for id %s from persistent state", config.ID)
}
}
return nil
}
// storeUpdate used to update persistent ipvlan network records as they are created
func (d *driver) storeUpdate(kvObject datastore.KVObject) error {
if d.store == nil {
logrus.Warnf("ipvlan store not initialized. kv object %s is not added to the store", datastore.Key(kvObject.Key()...))
return nil
}
if err := d.store.PutObjectAtomic(kvObject); err != nil {
return fmt.Errorf("failed to update ipvlan store for object type %T: %v", kvObject, err)
}
return nil
}
// storeDelete used to delete ipvlan network records from persistent cache as they are deleted
func (d *driver) storeDelete(kvObject datastore.KVObject) error {
if d.store == nil {
logrus.Debugf("ipvlan store not initialized. kv object %s is not deleted from store", datastore.Key(kvObject.Key()...))
return nil
}
retry:
if err := d.store.DeleteObjectAtomic(kvObject); err != nil {
if err == datastore.ErrKeyModified {
if err := d.store.GetObject(datastore.Key(kvObject.Key()...), kvObject); err != nil {
return fmt.Errorf("could not update the kvobject to latest when trying to delete: %v", err)
}
goto retry
}
return err
}
return nil
}
func (config *configuration) MarshalJSON() ([]byte, error) {
nMap := make(map[string]interface{})
nMap["ID"] = config.ID
nMap["Mtu"] = config.Mtu
nMap["HostIface"] = config.HostIface
nMap["IpvlanMode"] = config.IpvlanMode
nMap["CreatedSubIface"] = config.CreatedSlaveLink
if len(config.Ipv4Subnets) > 0 {
iis, err := json.Marshal(config.Ipv4Subnets)
if err != nil {
return nil, err
}
nMap["Ipv4Subnets"] = string(iis)
}
if len(config.Ipv6Subnets) > 0 {
iis, err := json.Marshal(config.Ipv6Subnets)
if err != nil {
return nil, err
}
nMap["Ipv6Subnets"] = string(iis)
}
return json.Marshal(nMap)
}
func (config *configuration) UnmarshalJSON(b []byte) error {
var (
err error
nMap map[string]interface{}
)
if err = json.Unmarshal(b, &nMap); err != nil {
return err
}
config.ID = nMap["ID"].(string)
config.Mtu = int(nMap["Mtu"].(float64))
config.HostIface = nMap["HostIface"].(string)
config.IpvlanMode = nMap["IpvlanMode"].(string)
config.CreatedSlaveLink = nMap["CreatedSubIface"].(bool)
if v, ok := nMap["Ipv4Subnets"]; ok {
if err := json.Unmarshal([]byte(v.(string)), &config.Ipv4Subnets); err != nil {
return err
}
}
if v, ok := nMap["Ipv6Subnets"]; ok {
if err := json.Unmarshal([]byte(v.(string)), &config.Ipv6Subnets); err != nil {
return err
}
}
return nil
}
func (config *configuration) Key() []string {
return []string{ipvlanPrefix, config.ID}
}
func (config *configuration) KeyPrefix() []string {
return []string{ipvlanPrefix}
}
func (config *configuration) Value() []byte {
b, err := json.Marshal(config)
if err != nil {
return nil
}
return b
}
func (config *configuration) SetValue(value []byte) error {
return json.Unmarshal(value, config)
}
func (config *configuration) Index() uint64 {
return config.dbIndex
}
func (config *configuration) SetIndex(index uint64) {
config.dbIndex = index
config.dbExists = true
}
func (config *configuration) Exists() bool {
return config.dbExists
}
func (config *configuration) Skip() bool {
return false
}
func (config *configuration) New() datastore.KVObject {
return &configuration{}
}
func (config *configuration) CopyTo(o datastore.KVObject) error {
dstNcfg := o.(*configuration)
*dstNcfg = *config
return nil
}
func (config *configuration) DataScope() string {
return datastore.LocalScope
}

60
libnetwork/drivers/ipvlan/ipvlan_test.go Normal file
View file

@ -0,0 +1,60 @@
package ipvlan
import (
"testing"
"github.com/docker/libnetwork/driverapi"
_ "github.com/docker/libnetwork/testutils"
)
const testNetworkType = "ipvlan"
type driverTester struct {
t *testing.T
d *driver
}
func (dt *driverTester) RegisterDriver(name string, drv driverapi.Driver,
cap driverapi.Capability) error {
if name != testNetworkType {
dt.t.Fatalf("Expected driver register name to be %q. Instead got %q",
testNetworkType, name)
}
if _, ok := drv.(*driver); !ok {
dt.t.Fatalf("Expected driver type to be %T. Instead got %T",
&driver{}, drv)
}
dt.d = drv.(*driver)
return nil
}
func TestIpvlanInit(t *testing.T) {
if err := Init(&driverTester{t: t}, nil); err != nil {
t.Fatal(err)
}
}
func TestIpvlanNilConfig(t *testing.T) {
dt := &driverTester{t: t}
if err := Init(dt, nil); err != nil {
t.Fatal(err)
}
if err := dt.d.initStore(nil); err != nil {
t.Fatal(err)
}
}
func TestIpvlanType(t *testing.T) {
dt := &driverTester{t: t}
if err := Init(dt, nil); err != nil {
t.Fatal(err)
}
if dt.d.Type() != testNetworkType {
t.Fatalf("Expected Type() to return %q. Instead got %q", testNetworkType,
dt.d.Type())
}
}

88
libnetwork/drivers/macvlan/macvlan.go Normal file
View file

@ -0,0 +1,88 @@
package macvlan
import (
"net"
"sync"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/datastore"
"github.com/docker/libnetwork/discoverapi"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/osl"
)
const (
vethLen = 7
containerVethPrefix = "eth"
vethPrefix = "veth"
macvlanType = "macvlan" // driver type name
modePrivate = "private" // macvlan mode private
modeVepa = "vepa" // macvlan mode vepa
modeBridge = "bridge" // macvlan mode bridge
modePassthru = "passthru" // macvlan mode passthrough
hostIfaceOpt = "host_iface" // host interface -o host_iface
modeOpt = "_mode" // macvlan mode ux opt suffix
)
var driverModeOpt = macvlanType + modeOpt // mode --option macvlan_mode
type endpointTable map[string]*endpoint
type networkTable map[string]*network
type driver struct {
networks networkTable
sync.Once
sync.Mutex
store datastore.DataStore
}
type endpoint struct {
id string
mac net.HardwareAddr
addr *net.IPNet
addrv6 *net.IPNet
srcName string
}
type network struct {
id string
sbox osl.Sandbox
endpoints endpointTable
driver *driver
config *configuration
sync.Mutex
}
// Init initializes and registers the libnetwork macvlan driver
func Init(dc driverapi.DriverCallback, config map[string]interface{}) error {
if err := kernelSupport(macvlanType); err != nil {
logrus.Warnf("encountered errors loading the macvlan kernel module: %v", err)
}
c := driverapi.Capability{
DataScope: datastore.LocalScope,
}
d := &driver{
networks: networkTable{},
}
d.initStore(config)
return dc.RegisterDriver(macvlanType, d, c)
}
func (d *driver) EndpointOperInfo(nid, eid string) (map[string]interface{}, error) {
return make(map[string]interface{}, 0), nil
}
func (d *driver) Type() string {
return macvlanType
}
// DiscoverNew is a notification for a new discovery event
func (d *driver) DiscoverNew(dType discoverapi.DiscoveryType, data interface{}) error {
return nil
}
// DiscoverDelete is a notification for a discovery delete event
func (d *driver) DiscoverDelete(dType discoverapi.DiscoveryType, data interface{}) error {
return nil
}

80
libnetwork/drivers/macvlan/macvlan_endpoint.go Normal file
View file

@ -0,0 +1,80 @@
package macvlan
import (
"fmt"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/types"
"github.com/vishvananda/netlink"
)
// CreateEndpoint assigns the mac, ip and endpoint id for the new container
func (d *driver) CreateEndpoint(nid, eid string, ifInfo driverapi.InterfaceInfo,
epOptions map[string]interface{}) error {
if err := validateID(nid, eid); err != nil {
return err
}
n, err := d.getNetwork(nid)
if err != nil {
return fmt.Errorf("network id %q not found", nid)
}
if ifInfo.MacAddress() != nil {
return fmt.Errorf("%s interfaces do not support custom mac address assigment", macvlanType)
}
ep := &endpoint{
id: eid,
addr: ifInfo.Address(),
addrv6: ifInfo.AddressIPv6(),
mac: ifInfo.MacAddress(),
}
if ep.addr == nil {
return fmt.Errorf("create endpoint was not passed an IP address")
}
if ep.mac == nil {
ep.mac = netutils.GenerateMACFromIP(ep.addr.IP)
if err := ifInfo.SetMacAddress(ep.mac); err != nil {
return err
}
}
// disallow portmapping -p
if opt, ok := epOptions[netlabel.PortMap]; ok {
if _, ok := opt.([]types.PortBinding); ok {
if len(opt.([]types.PortBinding)) > 0 {
return fmt.Errorf("%s driver does not support port mappings", macvlanType)
}
}
}
// disallow port exposure --expose
if opt, ok := epOptions[netlabel.ExposedPorts]; ok {
if _, ok := opt.([]types.TransportPort); ok {
if len(opt.([]types.TransportPort)) > 0 {
return fmt.Errorf("%s driver does not support port exposures", macvlanType)
}
}
}
n.addEndpoint(ep)
return nil
}
// DeleteEndpoint remove the endpoint and associated netlink interface
func (d *driver) DeleteEndpoint(nid, eid string) error {
if err := validateID(nid, eid); err != nil {
return err
}
n := d.network(nid)
if n == nil {
return fmt.Errorf("network id %q not found", nid)
}
ep := n.endpoint(eid)
if ep == nil {
return fmt.Errorf("endpoint id %q not found", eid)
}
if link, err := netlink.LinkByName(ep.srcName); err == nil {
netlink.LinkDel(link)
}
return nil
}

136
libnetwork/drivers/macvlan/macvlan_joinleave.go Normal file
View file

@ -0,0 +1,136 @@
package macvlan
import (
"fmt"
"net"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/osl"
)
// Join method is invoked when a Sandbox is attached to an endpoint.
func (d *driver) Join(nid, eid string, sboxKey string, jinfo driverapi.JoinInfo, options map[string]interface{}) error {
defer osl.InitOSContext()()
n, err := d.getNetwork(nid)
if err != nil {
return err
}
endpoint := n.endpoint(eid)
if endpoint == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
// generate a name for the iface that will be renamed to eth0 in the sbox
containerIfName, err := netutils.GenerateIfaceName(vethPrefix, vethLen)
if err != nil {
return fmt.Errorf("error generating an interface name: %s", err)
}
// create the netlink macvlan interface
vethName, err := createMacVlan(containerIfName, n.config.HostIface, n.config.MacvlanMode)
if err != nil {
return err
}
// bind the generated iface name to the endpoint
endpoint.srcName = vethName
ep := n.endpoint(eid)
if ep == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
// parse and match the endpoint address with the available v4 subnets
if len(n.config.Ipv4Subnets) > 0 {
s := n.getSubnetforIPv4(ep.addr)
if s == nil {
return fmt.Errorf("could not find a valid ipv4 subnet for endpoint %s", eid)
}
v4gw, _, err := net.ParseCIDR(s.GwIP)
if err != nil {
return fmt.Errorf("gatway %s is not a valid ipv4 address: %v", s.GwIP, err)
}
err = jinfo.SetGateway(v4gw)
if err != nil {
return err
}
logrus.Debugf("Macvlan Endpoint Joined with IPv4_Addr: %s, Gateway: %s, MacVlan_Mode: %s, Host_Iface: %s",
ep.addr.IP.String(), v4gw.String(), n.config.MacvlanMode, n.config.HostIface)
}
// parse and match the endpoint address with the available v6 subnets
if len(n.config.Ipv6Subnets) > 0 {
s := n.getSubnetforIPv6(ep.addrv6)
if s == nil {
return fmt.Errorf("could not find a valid ipv6 subnet for endpoint %s", eid)
}
v6gw, _, err := net.ParseCIDR(s.GwIP)
if err != nil {
return fmt.Errorf("gatway %s is not a valid ipv6 address: %v", s.GwIP, err)
}
err = jinfo.SetGatewayIPv6(v6gw)
if err != nil {
return err
}
logrus.Debugf("Macvlan Endpoint Joined with IPv6_Addr: %s Gateway: %s MacVlan_Mode: %s, Host_Iface: %s",
ep.addrv6.IP.String(), v6gw.String(), n.config.MacvlanMode, n.config.HostIface)
}
iNames := jinfo.InterfaceName()
err = iNames.SetNames(vethName, containerVethPrefix)
if err != nil {
return err
}
return nil
}
// Leave method is invoked when a Sandbox detaches from an endpoint.
func (d *driver) Leave(nid, eid string) error {
network, err := d.getNetwork(nid)
if err != nil {
return err
}
endpoint, err := network.getEndpoint(eid)
if err != nil {
return err
}
if endpoint == nil {
return fmt.Errorf("could not find endpoint with id %s", eid)
}
return nil
}
// getSubnetforIP returns the ipv4 subnet to which the given IP belongs
func (n *network) getSubnetforIPv4(ip *net.IPNet) *ipv4Subnet {
for _, s := range n.config.Ipv4Subnets {
_, snet, err := net.ParseCIDR(s.SubnetIP)
if err != nil {
return nil
}
// first check if the mask lengths are the same
i, _ := snet.Mask.Size()
j, _ := ip.Mask.Size()
if i != j {
continue
}
if snet.Contains(ip.IP) {
return s
}
}
return nil
}
// getSubnetforIPv6 returns the ipv6 subnet to which the given IP belongs
func (n *network) getSubnetforIPv6(ip *net.IPNet) *ipv6Subnet {
for _, s := range n.config.Ipv6Subnets {
_, snet, err := net.ParseCIDR(s.SubnetIP)
if err != nil {
return nil
}
// first check if the mask lengths are the same
i, _ := snet.Mask.Size()
j, _ := ip.Mask.Size()
if i != j {
continue
}
if snet.Contains(ip.IP) {
return s
}
}
return nil
}

192
libnetwork/drivers/macvlan/macvlan_network.go Normal file
View file

@ -0,0 +1,192 @@
package macvlan
import (
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/docker/pkg/stringid"
"github.com/docker/libnetwork/driverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/options"
"github.com/docker/libnetwork/types"
)
// CreateNetwork the network for the specified driver type
func (d *driver) CreateNetwork(id string, option map[string]interface{}, ipV4Data, ipV6Data []driverapi.IPAMData) error {
// parse and validate the config and bind to networkConfiguration
config, err := parseNetworkOptions(id, option)
if err != nil {
return err
}
config.ID = id
err = config.processIPAM(id, ipV4Data, ipV6Data)
if err != nil {
return err
}
// user must specify a parent interface on the host to attach the container vif -o host_iface=eth0
if config.HostIface == "" {
return fmt.Errorf("%s requires an interface from the docker host to be specified (usage: -o host_iface=eth)", macvlanType)
}
// loopback is not a valid parent link
if config.HostIface == "lo" {
return fmt.Errorf("loopback interface is not a valid %s parent link", macvlanType)
}
// verify the macvlan mode from -o macvlan_mode option
switch config.MacvlanMode {
case "", modeBridge:
// default to macvlan bridge mode if -o macvlan_mode is empty
config.MacvlanMode = modeBridge
case modeOpt:
config.MacvlanMode = modeOpt
case modePassthru:
config.MacvlanMode = modePassthru
case modeVepa:
config.MacvlanMode = modeVepa
default:
return fmt.Errorf("requested macvlan mode '%s' is not valid, 'bridge' mode is the macvlan driver default", config.MacvlanMode)
}
err = d.createNetwork(config)
if err != nil {
return err
}
// update persistent db, rollback on fail
err = d.storeUpdate(config)
if err != nil {
d.deleteNetwork(config.ID)
return err
}
return nil
}
// createNetwork is used by new network callbacks and persistent network cache
func (d *driver) createNetwork(config *configuration) error {
// if the -o host_iface does not exist, attempt to parse a parent_iface.vlan_id
networkList := d.getNetworks()
for _, nw := range networkList {
if config.HostIface == nw.config.HostIface {
return fmt.Errorf("network %s is already using host interface %s",
stringid.TruncateID(nw.config.ID), config.HostIface)
}
}
// if the -o host_iface does not exist, attempt to parse a parent_iface.vlan_id
if ok := hostIfaceExists(config.HostIface); !ok {
// if the subinterface parent_iface.vlan_id checks do not pass, return err.
// a valid example is eth0.10 for a parent iface: eth0 with a vlan id: 10
err := createVlanLink(config.HostIface)
if err != nil {
return err
}
// if driver created the networks slave link, record it for future deletion
config.CreatedSlaveLink = true
}
n := &network{
id: config.ID,
driver: d,
endpoints: endpointTable{},
config: config,
}
// add the *network
d.addNetwork(n)
return nil
}
// DeleteNetwork the network for the specified driver type
func (d *driver) DeleteNetwork(nid string) error {
n := d.network(nid)
// if the driver created the slave interface, delete it, otherwise leave it
if ok := n.config.CreatedSlaveLink; ok {
// if the interface exists, only delete if it matches iface.vlan naming
if ok := hostIfaceExists(n.config.HostIface); ok {
err := delVlanLink(n.config.HostIface)
if err != nil {
logrus.Debugf("link %s was not deleted, continuing the delete network operation: %v", n.config.HostIface, err)
}
}
}
// delete the *network
d.deleteNetwork(nid)
// delete the network record from persistent cache
return d.storeDelete(n.config)
}
// parseNetworkOptions parse docker network options
func parseNetworkOptions(id string, option options.Generic) (*configuration, error) {
var (
err error
config = &configuration{}
)
// parse generic labels first
if genData, ok := option[netlabel.GenericData]; ok && genData != nil {
if config, err = parseNetworkGenericOptions(genData); err != nil {
return nil, err
}
}
// return an error if the unsupported --internal is passed
if _, ok := option[netlabel.Internal]; ok {
return nil, fmt.Errorf("--internal option is not supported with the macvlan driver")
}
return config, nil
}
// parseNetworkGenericOptions parse generic driver docker network options
func parseNetworkGenericOptions(data interface{}) (*configuration, error) {
var (
err error
config *configuration
)
switch opt := data.(type) {
case *configuration:
config = opt
case map[string]string:
config = &configuration{}
err = config.fromOptions(opt)
case options.Generic:
var opaqueConfig interface{}
if opaqueConfig, err = options.GenerateFromModel(opt, config); err == nil {
config = opaqueConfig.(*configuration)
}
default:
err = types.BadRequestErrorf("unrecognized network configuration format: %v", opt)
}
return config, err
}
// fromOptions binds the generic options to networkConfiguration to cache
func (config *configuration) fromOptions(labels map[string]string) error {
for label, value := range labels {
switch label {
case hostIfaceOpt:
// parse driver option '-o host_iface'
config.HostIface = value
case driverModeOpt:
// parse driver option '-o macvlan_mode'
config.MacvlanMode = value
}
}
return nil
}
// processIPAM parses v4 and v6 IP information and binds it to the network configuration
func (config *configuration) processIPAM(id string, ipamV4Data, ipamV6Data []driverapi.IPAMData) error {
if len(ipamV4Data) > 0 {
for _, ipd := range ipamV4Data {
s := &ipv4Subnet{
SubnetIP: ipd.Pool.String(),
GwIP: ipd.Gateway.String(),
}
config.Ipv4Subnets = append(config.Ipv4Subnets, s)
}
}
if len(ipamV6Data) > 0 {
for _, ipd := range ipamV6Data {
s := &ipv6Subnet{
SubnetIP: ipd.Pool.String(),
GwIP: ipd.Gateway.String(),
}
config.Ipv6Subnets = append(config.Ipv6Subnets, s)
}
}
return nil
}

175
libnetwork/drivers/macvlan/macvlan_setup.go Normal file
View file

@ -0,0 +1,175 @@
package macvlan
import (
"bufio"
"fmt"
"os"
"os/exec"
"strconv"
"strings"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/osl"
"github.com/vishvananda/netlink"
)
// Create the netlink interface specifying the source name
func createMacVlan(containerIfName, hostIface, macvlanMode string) (string, error) {
defer osl.InitOSContext()()
// Set the macvlan mode. Default is bridge mode
mode, err := setMacVlanMode(macvlanMode)
if err != nil {
return "", fmt.Errorf("Unsupported %s macvlan mode: %v", macvlanMode, err)
}
// verify the Docker host interface acting as the macvlan parent iface exists
if ok := hostIfaceExists(hostIface); !ok {
return "", fmt.Errorf("the requested host interface %s was not found on the Docker host", hostIface)
}
// Get the link for the master index (Example: the docker host eth iface)
hostEth, err := netlink.LinkByName(hostIface)
if err != nil {
logrus.Errorf("error occoured looking up the parent iface %s mode: %s error: %s", hostIface, macvlanMode, err)
}
// Create a macvlan link
macvlan := &netlink.Macvlan{
LinkAttrs: netlink.LinkAttrs{
Name: containerIfName,
ParentIndex: hostEth.Attrs().Index,
},
Mode: mode,
}
if err := netlink.LinkAdd(macvlan); err != nil {
// verbose but will be an issue if user creates a macvlan and ipvlan on same parent.Netlink msg is uninformative
logrus.Warn("Ensure there are no ipvlan networks using the same `-o host_iface` as the macvlan network.")
return "", fmt.Errorf("Failed to create macvlan link: %s with the error: %v", macvlan.Name, err)
}
return macvlan.Attrs().Name, nil
}
// setMacVlanMode setter for one of the four macvlan port types
func setMacVlanMode(mode string) (netlink.MacvlanMode, error) {
switch mode {
case modePrivate:
return netlink.MACVLAN_MODE_PRIVATE, nil
case modeVepa:
return netlink.MACVLAN_MODE_VEPA, nil
case modeBridge:
return netlink.MACVLAN_MODE_BRIDGE, nil
case modePassthru:
return netlink.MACVLAN_MODE_PASSTHRU, nil
default:
return 0, fmt.Errorf("unknown macvlan mode: %s", mode)
}
}
// validateHostIface check if the specified interface exists in the default namespace
func hostIfaceExists(ifaceStr string) bool {
_, err := netlink.LinkByName(ifaceStr)
if err != nil {
return false
}
return true
}
// kernelSupport for the necessary kernel module for the driver type
func kernelSupport(networkTpe string) error {
// attempt to load the module, silent if successful or already loaded
exec.Command("modprobe", macvlanType).Run()
f, err := os.Open("/proc/modules")
if err != nil {
return err
}
defer f.Close()
s := bufio.NewScanner(f)
for s.Scan() {
if strings.Contains(s.Text(), macvlanType) {
return nil
}
}
return fmt.Errorf("required kernel module '%s' was not found in /proc/modules, kernel version >= 3.19 is recommended", macvlanType)
}
// createVlanLink parses sub-interfaces and vlan id for creation
func createVlanLink(ifaceName string) error {
if strings.Contains(ifaceName, ".") {
parentIface, vidInt, err := parseVlan(ifaceName)
if err != nil {
return err
}
// VLAN identifier or VID is a 12-bit field specifying the VLAN to which the frame belongs
if vidInt > 4094 || vidInt < 1 {
return fmt.Errorf("vlan id must be between 1-4094, received: %d", vidInt)
}
// get the parent link to attach a vlan subinterface
hostIface, err := netlink.LinkByName(parentIface)
if err != nil {
return fmt.Errorf("failed to find master interface %s on the Docker host: %v", parentIface, err)
}
vlanIface := &netlink.Vlan{
LinkAttrs: netlink.LinkAttrs{
Name: ifaceName,
ParentIndex: hostIface.Attrs().Index,
},
VlanId: vidInt,
}
// create the subinterface
if err := netlink.LinkAdd(vlanIface); err != nil {
return fmt.Errorf("failed to create %s vlan link: %v", vlanIface.Name, err)
}
// Bring the new netlink iface up
if err := netlink.LinkSetUp(vlanIface); err != nil {
return fmt.Errorf("failed to enable %s the macvlan netlink link: %v", vlanIface.Name, err)
}
logrus.Debugf("Added a vlan tagged netlink subinterface: %s with a vlan id: %d", ifaceName, vidInt)
return nil
}
return fmt.Errorf("invalid subinterface vlan name %s, example formatting is eth0.10", ifaceName)
}
// verifyVlanDel verifies only sub-interfaces with a vlan id get deleted
func delVlanLink(ifaceName string) error {
if strings.Contains(ifaceName, ".") {
_, _, err := parseVlan(ifaceName)
if err != nil {
return err
}
// delete the vlan subinterface
vlanIface, err := netlink.LinkByName(ifaceName)
if err != nil {
return fmt.Errorf("failed to find interface %s on the Docker host : %v", ifaceName, err)
}
// verify a parent interface isn't being deleted
if vlanIface.Attrs().ParentIndex == 0 {
return fmt.Errorf("interface %s does not appear to be a slave device: %v", ifaceName, err)
}
// delete the macvlan slave device
if err := netlink.LinkDel(vlanIface); err != nil {
return fmt.Errorf("failed to delete %s link: %v", ifaceName, err)
}
logrus.Debugf("Deleted a vlan tagged netlink subinterface: %s", ifaceName)
}
// if the subinterface doesn't parse to iface.vlan_id leave the interface in
// place since it could be a user specified name not created by the driver.
return nil
}
// parseVlan parses and verifies a slave interface name: -o host_iface=eth0.10
func parseVlan(ifaceName string) (string, int, error) {
// parse -o host_iface=eth0.10
splitIface := strings.Split(ifaceName, ".")
if len(splitIface) != 2 {
return "", 0, fmt.Errorf("required interface name format is: name.vlan_id, ex. eth0.10 for vlan 10, instead received %s", ifaceName)
}
parentIface, vidStr := splitIface[0], splitIface[1]
// validate type and convert vlan id to int
vidInt, err := strconv.Atoi(vidStr)
if err != nil {
return "", 0, fmt.Errorf("unable to parse a valid vlan id from: %s (ex. eth0.10 for vlan 10)", vidStr)
}
// Check if the interface exists
if ok := hostIfaceExists(parentIface); !ok {
return "", 0, fmt.Errorf("-o host_iface parent interface does was not found on the host: %s", parentIface)
}
return parentIface, vidInt, nil
}

103
libnetwork/drivers/macvlan/macvlan_setup_test.go Normal file
View file

@ -0,0 +1,103 @@
package macvlan
import (
"testing"
"github.com/vishvananda/netlink"
)
// TestValidateLink tests the validateHostIface function
func TestValidateLink(t *testing.T) {
validIface := "lo"
invalidIface := "foo12345"
// test a valid parent interface validation
if ok := hostIfaceExists(validIface); !ok {
t.Fatalf("failed validating loopback %s", validIface)
}
// test a invalid parent interface validation
if ok := hostIfaceExists(invalidIface); ok {
t.Fatalf("failed to invalidate interface %s", invalidIface)
}
}
// TestValidateSubLink tests valid 802.1q naming convention
func TestValidateSubLink(t *testing.T) {
validSubIface := "lo.10"
invalidSubIface1 := "lo"
invalidSubIface2 := "lo:10"
invalidSubIface3 := "foo123.456"
// test a valid parent_iface.vlan_id
_, _, err := parseVlan(validSubIface)
if err != nil {
t.Fatalf("failed subinterface validation: %v", err)
}
// test a invalid vid with a valid parent link
_, _, err = parseVlan(invalidSubIface1)
if err == nil {
t.Fatalf("failed subinterface validation test: %s", invalidSubIface1)
}
// test a valid vid with a valid parent link with a invalid delimiter
_, _, err = parseVlan(invalidSubIface2)
if err == nil {
t.Fatalf("failed subinterface validation test: %v", invalidSubIface2)
}
// test a invalid parent link with a valid vid
_, _, err = parseVlan(invalidSubIface3)
if err == nil {
t.Fatalf("failed subinterface validation test: %v", invalidSubIface3)
}
}
// TestSetMacVlanMode tests the macvlan mode setter
func TestSetMacVlanMode(t *testing.T) {
// test macvlan bridge mode
mode, err := setMacVlanMode(modeBridge)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.MACVLAN_MODE_BRIDGE {
t.Fatalf("expected %d got %d", netlink.MACVLAN_MODE_BRIDGE, mode)
}
// test macvlan passthrough mode
mode, err = setMacVlanMode(modePassthru)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.MACVLAN_MODE_PASSTHRU {
t.Fatalf("expected %d got %d", netlink.MACVLAN_MODE_PASSTHRU, mode)
}
// test macvlan private mode
mode, err = setMacVlanMode(modePrivate)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.MACVLAN_MODE_PRIVATE {
t.Fatalf("expected %d got %d", netlink.MACVLAN_MODE_PRIVATE, mode)
}
// test macvlan vepa mode
mode, err = setMacVlanMode(modeVepa)
if err != nil {
t.Fatalf("error parsing %v vlan mode: %v", mode, err)
}
if mode != netlink.MACVLAN_MODE_VEPA {
t.Fatalf("expected %d got %d", netlink.MACVLAN_MODE_VEPA, mode)
}
// test invalid mode
mode, err = setMacVlanMode("foo")
if err == nil {
t.Fatal("invalid macvlan mode should have returned an error")
}
if mode != 0 {
t.Fatalf("expected 0 got %d", mode)
}
// test null mode
mode, err = setMacVlanMode("")
if err == nil {
t.Fatal("invalid macvlan mode should have returned an error")
}
if mode != 0 {
t.Fatalf("expected 0 got %d", mode)
}
}

108
libnetwork/drivers/macvlan/macvlan_state.go Normal file
View file

@ -0,0 +1,108 @@
package macvlan
import (
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/libnetwork/osl"
"github.com/docker/libnetwork/types"
)
func (d *driver) network(nid string) *network {
d.Lock()
n, ok := d.networks[nid]
d.Unlock()
if !ok {
logrus.Errorf("network id %s not found", nid)
}
return n
}
func (d *driver) addNetwork(n *network) {
d.Lock()
d.networks[n.id] = n
d.Unlock()
}
func (d *driver) deleteNetwork(nid string) {
d.Lock()
delete(d.networks, nid)
d.Unlock()
}
// getNetworks Safely returns a slice of existng networks
func (d *driver) getNetworks() []*network {
d.Lock()
defer d.Unlock()
ls := make([]*network, 0, len(d.networks))
for _, nw := range d.networks {
ls = append(ls, nw)
}
return ls
}
func (n *network) endpoint(eid string) *endpoint {
n.Lock()
defer n.Unlock()
return n.endpoints[eid]
}
func (n *network) addEndpoint(ep *endpoint) {
n.Lock()
n.endpoints[ep.id] = ep
n.Unlock()
}
func (n *network) deleteEndpoint(eid string) {
n.Lock()
delete(n.endpoints, eid)
n.Unlock()
}
func (n *network) getEndpoint(eid string) (*endpoint, error) {
n.Lock()
defer n.Unlock()
if eid == "" {
return nil, fmt.Errorf("endpoint id %s not found", eid)
}
if ep, ok := n.endpoints[eid]; ok {
return ep, nil
}
return nil, nil
}
func validateID(nid, eid string) error {
if nid == "" {
return fmt.Errorf("invalid network id")
}
if eid == "" {
return fmt.Errorf("invalid endpoint id")
}
return nil
}
func (n *network) sandbox() osl.Sandbox {
n.Lock()
defer n.Unlock()
return n.sbox
}
func (n *network) setSandbox(sbox osl.Sandbox) {
n.Lock()
n.sbox = sbox
n.Unlock()
}
func (d *driver) getNetwork(id string) (*network, error) {
d.Lock()
defer d.Unlock()
if id == "" {
return nil, types.BadRequestErrorf("invalid network id: %s", id)
}
if nw, ok := d.networks[id]; ok {
return nw, nil
}
return nil, types.NotFoundErrorf("network not found: %s", id)
}

213
libnetwork/drivers/macvlan/macvlan_store.go Normal file
View file

@ -0,0 +1,213 @@
package macvlan
import (
"encoding/json"
"fmt"
"github.com/Sirupsen/logrus"
"github.com/docker/libkv/store/boltdb"
"github.com/docker/libnetwork/datastore"
"github.com/docker/libnetwork/discoverapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/types"
)
const macvlanPrefix = "macvlan" // prefix used for persistent driver storage
// networkConfiguration for this driver's network specific configuration
type configuration struct {
ID string
Mtu int
dbIndex uint64
dbExists bool
Internal bool
HostIface string
MacvlanMode string
CreatedSlaveLink bool
Ipv4Subnets []*ipv4Subnet
Ipv6Subnets []*ipv6Subnet
}
type ipv4Subnet struct {
SubnetIP string
GwIP string
}
type ipv6Subnet struct {
SubnetIP string
GwIP string
}
// initStore drivers are responsible for caching their own persistent state
func (d *driver) initStore(option map[string]interface{}) error {
if data, ok := option[netlabel.LocalKVClient]; ok {
var err error
dsc, ok := data.(discoverapi.DatastoreConfigData)
if !ok {
return types.InternalErrorf("incorrect data in datastore configuration: %v", data)
}
d.store, err = datastore.NewDataStoreFromConfig(dsc)
if err != nil {
return types.InternalErrorf("macvlan driver failed to initialize data store: %v", err)
}
return d.populateNetworks()
}
return nil
}
// populateNetworks is invoked at driver init to recreate persistently stored networks
func (d *driver) populateNetworks() error {
kvol, err := d.store.List(datastore.Key(macvlanPrefix), &configuration{})
if err != nil && err != datastore.ErrKeyNotFound && err != boltdb.ErrBoltBucketNotFound {
return fmt.Errorf("failed to get macvlan network configurations from store: %v", err)
}
// If empty it simply means no macvlan networks have been created yet
if err == datastore.ErrKeyNotFound {
return nil
}
for _, kvo := range kvol {
config := kvo.(*configuration)
if err = d.createNetwork(config); err != nil {
logrus.Warnf("Could not create macvlan network for id %s from persistent state", config.ID)
}
}
return nil
}
// storeUpdate used to update persistent macvlan network records as they are created
func (d *driver) storeUpdate(kvObject datastore.KVObject) error {
if d.store == nil {
logrus.Warnf("macvlan store not initialized. kv object %s is not added to the store", datastore.Key(kvObject.Key()...))
return nil
}
if err := d.store.PutObjectAtomic(kvObject); err != nil {
return fmt.Errorf("failed to update macvlan store for object type %T: %v", kvObject, err)
}
return nil
}
// storeDelete used to delete macvlan records from persistent cache as they are deleted
func (d *driver) storeDelete(kvObject datastore.KVObject) error {
if d.store == nil {
logrus.Debugf("macvlan store not initialized. kv object %s is not deleted from store", datastore.Key(kvObject.Key()...))
return nil
}
retry:
if err := d.store.DeleteObjectAtomic(kvObject); err != nil {
if err == datastore.ErrKeyModified {
if err := d.store.GetObject(datastore.Key(kvObject.Key()...), kvObject); err != nil {
return fmt.Errorf("could not update the kvobject to latest when trying to delete: %v", err)
}
goto retry
}
return err
}
return nil
}
func (config *configuration) MarshalJSON() ([]byte, error) {
nMap := make(map[string]interface{})
nMap["ID"] = config.ID
nMap["Mtu"] = config.Mtu
nMap["HostIface"] = config.HostIface
nMap["MacvlanMode"] = config.MacvlanMode
nMap["CreatedSubIface"] = config.CreatedSlaveLink
if len(config.Ipv4Subnets) > 0 {
iis, err := json.Marshal(config.Ipv4Subnets)
if err != nil {
return nil, err
}
nMap["Ipv4Subnets"] = string(iis)
}
if len(config.Ipv6Subnets) > 0 {
iis, err := json.Marshal(config.Ipv6Subnets)
if err != nil {
return nil, err
}
nMap["Ipv6Subnets"] = string(iis)
}
return json.Marshal(nMap)
}
func (config *configuration) UnmarshalJSON(b []byte) error {
var (
err error
nMap map[string]interface{}
)
if err = json.Unmarshal(b, &nMap); err != nil {
return err
}
config.ID = nMap["ID"].(string)
config.Mtu = int(nMap["Mtu"].(float64))
config.HostIface = nMap["HostIface"].(string)
config.MacvlanMode = nMap["MacvlanMode"].(string)
config.CreatedSlaveLink = nMap["CreatedSubIface"].(bool)
if v, ok := nMap["Ipv4Subnets"]; ok {
if err := json.Unmarshal([]byte(v.(string)), &config.Ipv4Subnets); err != nil {
return err
}
}
if v, ok := nMap["Ipv6Subnets"]; ok {
if err := json.Unmarshal([]byte(v.(string)), &config.Ipv6Subnets); err != nil {
return err
}
}
return nil
}
func (config *configuration) Key() []string {
return []string{macvlanPrefix, config.ID}
}
func (config *configuration) KeyPrefix() []string {
return []string{macvlanPrefix}
}
func (config *configuration) Value() []byte {
b, err := json.Marshal(config)
if err != nil {
return nil
}
return b
}
func (config *configuration) SetValue(value []byte) error {
return json.Unmarshal(value, config)
}
func (config *configuration) Index() uint64 {
return config.dbIndex
}
func (config *configuration) SetIndex(index uint64) {
config.dbIndex = index
config.dbExists = true
}
func (config *configuration) Exists() bool {
return config.dbExists
}
func (config *configuration) Skip() bool {
return false
}
func (config *configuration) New() datastore.KVObject {
return &configuration{}
}
func (config *configuration) CopyTo(o datastore.KVObject) error {
dstNcfg := o.(*configuration)
*dstNcfg = *config
return nil
}
func (config *configuration) DataScope() string {
return datastore.LocalScope
}

60
libnetwork/drivers/macvlan/macvlan_test.go Normal file
View file

@ -0,0 +1,60 @@
package macvlan
import (
"testing"
"github.com/docker/libnetwork/driverapi"
_ "github.com/docker/libnetwork/testutils"
)
const testNetworkType = "macvlan"
type driverTester struct {
t *testing.T
d *driver
}
func (dt *driverTester) RegisterDriver(name string, drv driverapi.Driver,
cap driverapi.Capability) error {
if name != testNetworkType {
dt.t.Fatalf("Expected driver register name to be %q. Instead got %q",
testNetworkType, name)
}
if _, ok := drv.(*driver); !ok {
dt.t.Fatalf("Expected driver type to be %T. Instead got %T",
&driver{}, drv)
}
dt.d = drv.(*driver)
return nil
}
func TestMacvlanInit(t *testing.T) {
if err := Init(&driverTester{t: t}, nil); err != nil {
t.Fatal(err)
}
}
func TestMacvlanNilConfig(t *testing.T) {
dt := &driverTester{t: t}
if err := Init(dt, nil); err != nil {
t.Fatal(err)
}
if err := dt.d.initStore(nil); err != nil {
t.Fatal(err)
}
}
func TestMacvlanType(t *testing.T) {
dt := &driverTester{t: t}
if err := Init(dt, nil); err != nil {
t.Fatal(err)
}
if dt.d.Type() != testNetworkType {
t.Fatalf("Expected Type() to return %q. Instead got %q", testNetworkType,
dt.d.Type())
}
}

4
libnetwork/drivers_linux.go
View file

@ -3,6 +3,8 @@ package libnetwork
import (
"github.com/docker/libnetwork/drivers/bridge"
"github.com/docker/libnetwork/drivers/host"
"github.com/docker/libnetwork/drivers/ipvlan"
"github.com/docker/libnetwork/drivers/macvlan"
"github.com/docker/libnetwork/drivers/null"
"github.com/docker/libnetwork/drivers/overlay"
"github.com/docker/libnetwork/drivers/remote"
@ -15,5 +17,7 @@ func getInitializers() []initializer {
{null.Init, "null"},
{remote.Init, "remote"},
{overlay.Init, "overlay"},
{macvlan.Init, "macvlan"},
{ipvlan.Init, "ipvlan"},
}
}