1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Require listen address and advertise address to be an IP address or an interface name

Hostnames are not supported for now because libnetwork can't use them
for overlay networking yet.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This commit is contained in:
Aaron Lehmann 2016-07-21 10:40:19 -07:00
parent a0ccd0d42f
commit fca0b18dcb
8 changed files with 60 additions and 18 deletions

View file

@ -44,8 +44,8 @@ func newInitCommand(dockerCli *client.DockerCli) *cobra.Command {
} }
flags := cmd.Flags() flags := cmd.Flags()
flags.Var(&opts.listenAddr, flagListenAddr, "Listen address (format: <ip|hostname|interface>[:port])") flags.Var(&opts.listenAddr, flagListenAddr, "Listen address (format: <ip|interface>[:port])")
flags.StringVar(&opts.advertiseAddr, flagAdvertiseAddr, "", "Advertised address (format: <ip|hostname|interface>[:port])") flags.StringVar(&opts.advertiseAddr, flagAdvertiseAddr, "", "Advertised address (format: <ip|interface>[:port])")
flags.BoolVar(&opts.forceNewCluster, "force-new-cluster", false, "Force create a new cluster from current state.") flags.BoolVar(&opts.forceNewCluster, "force-new-cluster", false, "Force create a new cluster from current state.")
addSwarmFlags(flags, &opts.swarmOptions) addSwarmFlags(flags, &opts.swarmOptions)
return cmd return cmd

View file

@ -35,8 +35,8 @@ func newJoinCommand(dockerCli *client.DockerCli) *cobra.Command {
} }
flags := cmd.Flags() flags := cmd.Flags()
flags.Var(&opts.listenAddr, flagListenAddr, "Listen address (format: <ip|hostname|interface>[:port])") flags.Var(&opts.listenAddr, flagListenAddr, "Listen address (format: <ip|interface>[:port])")
flags.StringVar(&opts.advertiseAddr, flagAdvertiseAddr, "", "Advertised address (format: <ip|hostname|interface>[:port])") flags.StringVar(&opts.advertiseAddr, flagAdvertiseAddr, "", "Advertised address (format: <ip|interface>[:port])")
flags.StringVar(&opts.token, flagToken, "", "Token for entry into the swarm") flags.StringVar(&opts.token, flagToken, "", "Token for entry into the swarm")
return cmd return cmd
} }

View file

@ -11,6 +11,9 @@ var (
errMultipleIPs = errors.New("could not choose an IP address to advertise since this system has multiple addresses") errMultipleIPs = errors.New("could not choose an IP address to advertise since this system has multiple addresses")
errNoIP = errors.New("could not find the system's IP address") errNoIP = errors.New("could not find the system's IP address")
errMustSpecifyListenAddr = errors.New("must specify a listening address because the address to advertise is not recognized as a system address") errMustSpecifyListenAddr = errors.New("must specify a listening address because the address to advertise is not recognized as a system address")
errBadListenAddr = errors.New("listen address must be an IP address or network interface (with optional port number)")
errBadAdvertiseAddr = errors.New("advertise address must be an IP address or network interface (with optional port number)")
errBadDefaultAdvertiseAddr = errors.New("default advertise address must be an IP address or network interface (without a port number)")
) )
func resolveListenAddr(specifiedAddr string) (string, string, error) { func resolveListenAddr(specifiedAddr string) (string, string, error) {
@ -29,6 +32,11 @@ func resolveListenAddr(specifiedAddr string) (string, string, error) {
return "", "", err return "", "", err
} }
// If it's not an interface, it must be an IP (for now)
if net.ParseIP(specifiedHost) == nil {
return "", "", errBadListenAddr
}
return specifiedHost, specifiedPort, nil return specifiedHost, specifiedPort, nil
} }
@ -61,6 +69,11 @@ func (c *Cluster) resolveAdvertiseAddr(advertiseAddr, listenAddrPort string) (st
return "", "", err return "", "", err
} }
// If it's not an interface, it must be an IP (for now)
if net.ParseIP(advertiseHost) == nil {
return "", "", errBadAdvertiseAddr
}
return advertiseHost, advertisePort, nil return advertiseHost, advertisePort, nil
} }
@ -76,6 +89,11 @@ func (c *Cluster) resolveAdvertiseAddr(advertiseAddr, listenAddrPort string) (st
return "", "", err return "", "", err
} }
// If it's not an interface, it must be an IP (for now)
if net.ParseIP(c.config.DefaultAdvertiseAddr) == nil {
return "", "", errBadDefaultAdvertiseAddr
}
return c.config.DefaultAdvertiseAddr, listenAddrPort, nil return c.config.DefaultAdvertiseAddr, listenAddrPort, nil
} }

View file

@ -3591,6 +3591,7 @@ Initialize a new Swarm
{ {
"ListenAddr": "0.0.0.0:4500", "ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr": "192.168.1.1:4500",
"ForceNewCluster": false, "ForceNewCluster": false,
"Spec": { "Spec": {
"Orchestration": {}, "Orchestration": {},
@ -3619,6 +3620,11 @@ JSON Parameters:
address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is
used. used.
- **AdvertiseAddr** Externally reachable address advertised to other nodes. This can either be
an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the port number from the listen
address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when
possible.
- **ForceNewCluster** Force creating a new Swarm even if already part of one. - **ForceNewCluster** Force creating a new Swarm even if already part of one.
- **Spec** Configuration settings of the new Swarm. - **Spec** Configuration settings of the new Swarm.
- **Orchestration** Configuration settings for the orchestration aspects of the Swarm. - **Orchestration** Configuration settings for the orchestration aspects of the Swarm.
@ -3659,6 +3665,7 @@ Join an existing new Swarm
{ {
"ListenAddr": "0.0.0.0:4500", "ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr: "192.168.1.1:4500",
"RemoteAddrs": ["node1:4500"], "RemoteAddrs": ["node1:4500"],
"JoinToken": "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" "JoinToken": "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2"
} }
@ -3679,6 +3686,11 @@ JSON Parameters:
- **ListenAddr** Listen address used for inter-manager communication if the node gets promoted to - **ListenAddr** Listen address used for inter-manager communication if the node gets promoted to
manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP). manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP).
- **AdvertiseAddr** Externally reachable address advertised to other nodes. This can either be
an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the port number from the listen
address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when
possible.
- **RemoteAddr** Address of any manager node already participating in the Swarm to join. - **RemoteAddr** Address of any manager node already participating in the Swarm to join.
- **JoinToken** Secret token for joining this Swarm. - **JoinToken** Secret token for joining this Swarm.

View file

@ -3592,6 +3592,7 @@ Initialize a new Swarm
{ {
"ListenAddr": "0.0.0.0:4500", "ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr": "192.168.1.1:4500",
"ForceNewCluster": false, "ForceNewCluster": false,
"Spec": { "Spec": {
"Orchestration": {}, "Orchestration": {},
@ -3620,6 +3621,11 @@ JSON Parameters:
address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is number, like `eth0:4567`. If the port number is omitted, the default swarm listening port is
used. used.
- **AdvertiseAddr** Externally reachable address advertised to other nodes. This can either be
an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the port number from the listen
address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when
possible.
- **ForceNewCluster** Force creating a new Swarm even if already part of one. - **ForceNewCluster** Force creating a new Swarm even if already part of one.
- **Spec** Configuration settings of the new Swarm. - **Spec** Configuration settings of the new Swarm.
- **Orchestration** Configuration settings for the orchestration aspects of the Swarm. - **Orchestration** Configuration settings for the orchestration aspects of the Swarm.
@ -3660,6 +3666,7 @@ Join an existing new Swarm
{ {
"ListenAddr": "0.0.0.0:4500", "ListenAddr": "0.0.0.0:4500",
"AdvertiseAddr": "192.168.1.1:4500",
"RemoteAddrs": ["node1:4500"], "RemoteAddrs": ["node1:4500"],
"JoinToken": "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" "JoinToken": "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2"
} }
@ -3680,6 +3687,11 @@ JSON Parameters:
- **ListenAddr** Listen address used for inter-manager communication if the node gets promoted to - **ListenAddr** Listen address used for inter-manager communication if the node gets promoted to
manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP). manager, as well as determining the networking interface used for the VXLAN Tunnel Endpoint (VTEP).
- **AdvertiseAddr** Externally reachable address advertised to other nodes. This can either be
an address/port combination in the form `192.168.1.1:4567`, or an interface followed by a port
number, like `eth0:4567`. If the port number is omitted, the port number from the listen
address is used. If `AdvertiseAddr` is not specified, it will be automatically detected when
possible.
- **RemoteAddr** Address of any manager node already participating in the Swarm to join. - **RemoteAddr** Address of any manager node already participating in the Swarm to join.
- **JoinToken** Secret token for joining this Swarm. - **JoinToken** Secret token for joining this Swarm.

View file

@ -17,13 +17,13 @@ Usage: docker swarm init [OPTIONS]
Initialize a swarm Initialize a swarm
Options: Options:
--advertise-addr value Advertised address (format: <ip|hostname|interface>[:port]) --advertise-addr value Advertised address (format: <ip|interface>[:port])
--cert-expiry duration Validity period for node certificates (default 2160h0m0s) --cert-expiry duration Validity period for node certificates (default 2160h0m0s)
--dispatcher-heartbeat duration Dispatcher heartbeat period (default 5s) --dispatcher-heartbeat duration Dispatcher heartbeat period (default 5s)
--external-ca value Specifications of one or more certificate signing endpoints --external-ca value Specifications of one or more certificate signing endpoints
--force-new-cluster Force create a new cluster from current state. --force-new-cluster Force create a new cluster from current state.
--help Print usage --help Print usage
--listen-addr value Listen address (format: <ip|hostname|interface>[:port]) --listen-addr value Listen address (format: <ip|interface>[:port])
--task-history-limit int Task history retention limit (default 5) --task-history-limit int Task history retention limit (default 5)
``` ```
@ -79,7 +79,7 @@ The node listens for inbound Swarm manager traffic on this address. The default
0.0.0.0:2377. It is also possible to specify a network interface to listen on that interface's 0.0.0.0:2377. It is also possible to specify a network interface to listen on that interface's
address; for example `--listen-addr eth0:2377`. address; for example `--listen-addr eth0:2377`.
Specifying a port is optional. If the value is a bare IP address, hostname, or interface Specifying a port is optional. If the value is a bare IP address or interface
name, the default port 2377 will be used. name, the default port 2377 will be used.
### `--advertise-addr value` ### `--advertise-addr value`
@ -94,7 +94,7 @@ inter-manager communication and overlay networking.
It is also possible to specify a network interface to advertise that interface's address; It is also possible to specify a network interface to advertise that interface's address;
for example `--advertise-addr eth0:2377`. for example `--advertise-addr eth0:2377`.
Specifying a port is optional. If the value is a bare IP address, hostname, or interface Specifying a port is optional. If the value is a bare IP address or interface
name, the default port 2377 will be used. name, the default port 2377 will be used.
### `--task-history-limit` ### `--task-history-limit`

View file

@ -17,9 +17,9 @@ Usage: docker swarm join [OPTIONS] HOST:PORT
Join a swarm as a node and/or manager Join a swarm as a node and/or manager
Options: Options:
--advertise-addr value Advertised address (format: <ip|hostname|interface>[:port]) --advertise-addr value Advertised address (format: <ip|interface>[:port])
--help Print usage --help Print usage
--listen-addr value Listen address --listen-addr value Listen address (format: <ip|interface>[:port)
--token string Token for entry into the swarm --token string Token for entry into the swarm
``` ```
@ -64,7 +64,7 @@ If the node is a manager, it will listen for inbound Swarm manager traffic on th
address. The default is to listen on 0.0.0.0:2377. It is also possible to specify a address. The default is to listen on 0.0.0.0:2377. It is also possible to specify a
network interface to listen on that interface's address; for example `--listen-addr eth0:2377`. network interface to listen on that interface's address; for example `--listen-addr eth0:2377`.
Specifying a port is optional. If the value is a bare IP address, hostname, or interface Specifying a port is optional. If the value is a bare IP address, or interface
name, the default port 2377 will be used. name, the default port 2377 will be used.
This flag is generally not necessary when joining an existing swarm. This flag is generally not necessary when joining an existing swarm.
@ -81,7 +81,7 @@ communication and overlay networking.
It is also possible to specify a network interface to advertise that interface's address; It is also possible to specify a network interface to advertise that interface's address;
for example `--advertise-addr eth0:2377`. for example `--advertise-addr eth0:2377`.
Specifying a port is optional. If the value is a bare IP address, hostname, or interface Specifying a port is optional. If the value is a bare IP address, or interface
name, the default port 2377 will be used. name, the default port 2377 will be used.
This flag is generally not necessary when joining an existing swarm. This flag is generally not necessary when joining an existing swarm.

View file

@ -55,7 +55,7 @@ dockerd - Enable daemon mode
[**-s**|**--storage-driver**[=*STORAGE-DRIVER*]] [**-s**|**--storage-driver**[=*STORAGE-DRIVER*]]
[**--selinux-enabled**] [**--selinux-enabled**]
[**--storage-opt**[=*[]*]] [**--storage-opt**[=*[]*]]
[**--swarm-default-advertise-addr**[=*IP|HOSTNAME|INTERFACE*]] [**--swarm-default-advertise-addr**[=*IP|INTERFACE*]]
[**--tls**] [**--tls**]
[**--tlscacert**[=*~/.docker/ca.pem*]] [**--tlscacert**[=*~/.docker/ca.pem*]]
[**--tlscert**[=*~/.docker/cert.pem*]] [**--tlscert**[=*~/.docker/cert.pem*]]
@ -240,7 +240,7 @@ output otherwise.
**--storage-opt**=[] **--storage-opt**=[]
Set storage driver options. See STORAGE DRIVER OPTIONS. Set storage driver options. See STORAGE DRIVER OPTIONS.
**--swarm-default-advertise-addr**=*IP|HOSTNAME|INTERFACE* **--swarm-default-advertise-addr**=*IP|INTERFACE*
Set default address or interface for swarm to advertise as its externally-reachable address to other cluster Set default address or interface for swarm to advertise as its externally-reachable address to other cluster
members. This can be a hostname, an IP address, or an interface such as `eth0`. A port cannot be specified with members. This can be a hostname, an IP address, or an interface such as `eth0`. A port cannot be specified with
this option. this option.