From cabc5b27c0d93a7665a24d205572a9462bb85da6 Mon Sep 17 00:00:00 2001 From: Alessandro Boch Date: Tue, 12 Jul 2016 21:51:11 -0700 Subject: [PATCH 1/2] Vendoring libnetwork 905d374 Signed-off-by: Alessandro Boch --- hack/vendor.sh | 2 +- .../src/github.com/docker/libnetwork/agent.go | 2 ++ .../docker/libnetwork/controller.go | 19 ++++++++++++------- .../docker/libnetwork/osl/interface_linux.go | 19 +++++++++++++++++++ .../docker/libnetwork/osl/options_linux.go | 6 ++++++ .../docker/libnetwork/osl/sandbox.go | 6 ++++++ .../github.com/docker/libnetwork/sandbox.go | 8 ++++++++ 7 files changed, 54 insertions(+), 8 deletions(-) diff --git a/hack/vendor.sh b/hack/vendor.sh index 0d603d1b9b..b5dbbee04b 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -65,7 +65,7 @@ clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837 clone git github.com/imdario/mergo 0.2.1 #get libnetwork packages -clone git github.com/docker/libnetwork 9b821dc123ca07e2c4d7244943f4e3e9632904fb +clone git github.com/docker/libnetwork 905d374c096ca1f3a9b75529e52518b7540179f3 clone git github.com/docker/go-events 39718a26497694185f8fb58a7d6f31947f3dc42d clone git github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec diff --git a/vendor/src/github.com/docker/libnetwork/agent.go b/vendor/src/github.com/docker/libnetwork/agent.go index 64710ff11d..a5b05258ed 100644 --- a/vendor/src/github.com/docker/libnetwork/agent.go +++ b/vendor/src/github.com/docker/libnetwork/agent.go @@ -358,6 +358,8 @@ func (c *controller) agentInit(bindAddrOrInterface string) error { return false }) + c.WalkNetworks(joinCluster) + return nil } diff --git a/vendor/src/github.com/docker/libnetwork/controller.go b/vendor/src/github.com/docker/libnetwork/controller.go index 216f7ccd10..9bb1c7c5bb 100644 --- a/vendor/src/github.com/docker/libnetwork/controller.go +++ b/vendor/src/github.com/docker/libnetwork/controller.go @@ -639,15 +639,20 @@ func (c *controller) NewNetwork(networkType, name string, id string, options ... return nil, err } - if err = network.joinCluster(); err != nil { - log.Errorf("Failed to join network %s into agent cluster: %v", name, err) - } - - network.addDriverWatches() + joinCluster(network) return network, nil } +var joinCluster NetworkWalker = func(nw Network) bool { + n := nw.(*network) + if err := n.joinCluster(); err != nil { + log.Errorf("Failed to join network %s (%s) into agent cluster: %v", n.Name(), n.ID(), err) + } + n.addDriverWatches() + return false +} + func (c *controller) reservePools() { networks, err := c.getNetworksForScope(datastore.LocalScope) if err != nil { @@ -801,7 +806,7 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (s // If not a stub, then we already have a complete sandbox. if !s.isStub { c.Unlock() - return nil, types.BadRequestErrorf("container %s is already present: %v", containerID, s) + return nil, types.ForbiddenErrorf("container %s is already present: %v", containerID, s) } // We already have a stub sandbox from the @@ -836,7 +841,7 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (s c.Lock() if sb.ingress && c.ingressSandbox != nil { c.Unlock() - return nil, fmt.Errorf("ingress sandbox already present") + return nil, types.ForbiddenErrorf("ingress sandbox already present") } if sb.ingress { diff --git a/vendor/src/github.com/docker/libnetwork/osl/interface_linux.go b/vendor/src/github.com/docker/libnetwork/osl/interface_linux.go index 5b537a4cb7..9681a9f1b5 100644 --- a/vendor/src/github.com/docker/libnetwork/osl/interface_linux.go +++ b/vendor/src/github.com/docker/libnetwork/osl/interface_linux.go @@ -26,6 +26,7 @@ type nwIface struct { mac net.HardwareAddr address *net.IPNet addressIPv6 *net.IPNet + ipAliases []*net.IPNet llAddrs []*net.IPNet routes []*net.IPNet bridge bool @@ -96,6 +97,13 @@ func (i *nwIface) LinkLocalAddresses() []*net.IPNet { return i.llAddrs } +func (i *nwIface) IPAliases() []*net.IPNet { + i.Lock() + defer i.Unlock() + + return i.ipAliases +} + func (i *nwIface) Routes() []*net.IPNet { i.Lock() defer i.Unlock() @@ -324,6 +332,7 @@ func configureInterface(nlh *netlink.Handle, iface netlink.Link, i *nwIface) err {setInterfaceIPv6, fmt.Sprintf("error setting interface %q IPv6 to %v", ifaceName, i.AddressIPv6())}, {setInterfaceMaster, fmt.Sprintf("error setting interface %q master to %q", ifaceName, i.DstMaster())}, {setInterfaceLinkLocalIPs, fmt.Sprintf("error setting interface %q link local IPs to %v", ifaceName, i.LinkLocalAddresses())}, + {setInterfaceIPAliases, fmt.Sprintf("error setting interface %q IP Aliases to %v", ifaceName, i.IPAliases())}, } for _, config := range ifaceConfigurators { @@ -377,6 +386,16 @@ func setInterfaceLinkLocalIPs(nlh *netlink.Handle, iface netlink.Link, i *nwIfac return nil } +func setInterfaceIPAliases(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error { + for _, si := range i.IPAliases() { + ipAddr := &netlink.Addr{IPNet: si} + if err := nlh.AddrAdd(iface, ipAddr); err != nil { + return err + } + } + return nil +} + func setInterfaceName(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error { return nlh.LinkSetName(iface, i.DstName()) } diff --git a/vendor/src/github.com/docker/libnetwork/osl/options_linux.go b/vendor/src/github.com/docker/libnetwork/osl/options_linux.go index 818669647f..64309d0506 100644 --- a/vendor/src/github.com/docker/libnetwork/osl/options_linux.go +++ b/vendor/src/github.com/docker/libnetwork/osl/options_linux.go @@ -66,6 +66,12 @@ func (n *networkNamespace) LinkLocalAddresses(list []*net.IPNet) IfaceOption { } } +func (n *networkNamespace) IPAliases(list []*net.IPNet) IfaceOption { + return func(i *nwIface) { + i.ipAliases = list + } +} + func (n *networkNamespace) Routes(routes []*net.IPNet) IfaceOption { return func(i *nwIface) { i.routes = routes diff --git a/vendor/src/github.com/docker/libnetwork/osl/sandbox.go b/vendor/src/github.com/docker/libnetwork/osl/sandbox.go index 18113e3b3c..75968a0f87 100644 --- a/vendor/src/github.com/docker/libnetwork/osl/sandbox.go +++ b/vendor/src/github.com/docker/libnetwork/osl/sandbox.go @@ -91,6 +91,9 @@ type IfaceOptionSetter interface { // LinkLocalAddresses returns an option setter to set the link-local IP addresses. LinkLocalAddresses([]*net.IPNet) IfaceOption + // IPAliases returns an option setter to set IP address Aliases + IPAliases([]*net.IPNet) IfaceOption + // Master returns an option setter to set the master interface if any for this // interface. The master interface name should refer to the srcname of a // previously added interface of type bridge. @@ -147,6 +150,9 @@ type Interface interface { // LinkLocalAddresses returns the link-local IP addresses assigned to the interface. LinkLocalAddresses() []*net.IPNet + // IPAliases returns the IP address aliases assigned to the interface. + IPAliases() []*net.IPNet + // IP routes for the interface. Routes() []*net.IPNet diff --git a/vendor/src/github.com/docker/libnetwork/sandbox.go b/vendor/src/github.com/docker/libnetwork/sandbox.go index 6bb2766a71..d51c53260f 100644 --- a/vendor/src/github.com/docker/libnetwork/sandbox.go +++ b/vendor/src/github.com/docker/libnetwork/sandbox.go @@ -722,6 +722,10 @@ func (sb *sandbox) restoreOslSandbox() error { if len(i.llAddrs) != 0 { ifaceOptions = append(ifaceOptions, sb.osSbox.InterfaceOptions().LinkLocalAddresses(i.llAddrs)) } + if len(ep.virtualIP) != 0 { + vipAlias := &net.IPNet{IP: ep.virtualIP, Mask: net.CIDRMask(32, 32)} + ifaceOptions = append(ifaceOptions, sb.osSbox.InterfaceOptions().IPAliases([]*net.IPNet{vipAlias})) + } Ifaces[fmt.Sprintf("%s+%s", i.srcName, i.dstPrefix)] = ifaceOptions if joinInfo != nil { for _, r := range joinInfo.StaticRoutes { @@ -775,6 +779,10 @@ func (sb *sandbox) populateNetworkResources(ep *endpoint) error { if len(i.llAddrs) != 0 { ifaceOptions = append(ifaceOptions, sb.osSbox.InterfaceOptions().LinkLocalAddresses(i.llAddrs)) } + if len(ep.virtualIP) != 0 { + vipAlias := &net.IPNet{IP: ep.virtualIP, Mask: net.CIDRMask(32, 32)} + ifaceOptions = append(ifaceOptions, sb.osSbox.InterfaceOptions().IPAliases([]*net.IPNet{vipAlias})) + } if i.mac != nil { ifaceOptions = append(ifaceOptions, sb.osSbox.InterfaceOptions().MacAddress(i.mac)) } From ed6641ad61d6d4f6475062ab2a2669a379caf574 Mon Sep 17 00:00:00 2001 From: Alessandro Boch Date: Tue, 12 Jul 2016 21:51:44 -0700 Subject: [PATCH 2/2] Handle ingress sbox creation gracefully Signed-off-by: Alessandro Boch --- daemon/network.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/daemon/network.go b/daemon/network.go index f852c6b43a..57ec395e24 100644 --- a/daemon/network.go +++ b/daemon/network.go @@ -160,7 +160,9 @@ func (daemon *Daemon) SetupIngress(create clustertypes.NetworkCreateRequest, nod sb, err := controller.NewSandbox("ingress-sbox", libnetwork.OptionIngress()) if err != nil { - logrus.Errorf("Failed creating ingress sandbox: %v", err) + if _, ok := err.(networktypes.ForbiddenError); !ok { + logrus.Errorf("Failed creating ingress sandbox: %v", err) + } return }