1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Commit graph

17 commits

Author SHA1 Message Date
Su Wang
2c4a868f64 Added API to set ephemeral port allocator range.
Also reduce the allowed port range as the total number of containers
per host is typically less than 1K.

This change helps in scenarios where there are other services on
the same host that uses ephemeral ports in iptables manipulation.

The workflow requires changes in docker engine (
https://github.com/moby/moby/pull/40055) and this change. It
works as follows:

1. user can now specified to docker engine an option
   --published-port-range="50000-60000" as cmdline argument or
   in daemon.json.
2. docker engine read and pass this info to libnetwork via
   config.go:OptionDynamicPortRange.
3. libnetwork uses this range to allocate dynamic port henceforth.
4. --published-port-range can be set either via SIGHUP or
   restart docker engine
5. if --published-port-range is not set by user, a OS specific
   default range is used for dynamic port allocation.
   Linux: 49153-60999, Windows: 60000-65000
6 if --published-port-range is invalid, that is, the range
  given is outside of allowed default range, no change takes place.
  libnetwork will continue to use old/existing port range for
  dynamic port allocation.

Signed-off-by: Su Wang <su.wang@docker.com>
2019-10-11 18:48:07 +00:00
Pradip Dhara
1909ecb27a Pick a random host port if the user does not specify a host port.
For overlay, l2bridge, and l2tunnel, if the user does not specify a host port, windows driver will select a random port for them.  This matches linux behavior.
For ics and nat networks the windows OS will choose the port.

Signed-off-by: Pradip Dhara <pradipd@microsoft.com>
2019-04-22 17:43:27 +00:00
John Howard
55b80035ed Don't build portallocator on Windows
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-09-13 09:20:03 -07:00
Wataru Ishida
2120ed2363 Support SCTP port mapping
Signed-off-by: Wataru Ishida <ishida.wataru@lab.ntt.co.jp>
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-02-13 16:01:03 +09:00
Sebastiaan van Stijn
276a452f17 Remove Solaris support
Solaris support for Docker will likely not reach completion,
so removing these files as they are not in use and not
maintained.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-25 15:33:06 +02:00
Flavio Crisciani
bd225f1d6d Merge pull request #1757 from tomoyat1/freebsd-portallocator
Add support for FreeBSD in portallocator
2017-08-24 15:40:53 -07:00
Flavio Crisciani
65860255c6 Fixed code issues
Fixed issues highlighted by the new checks

Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
2017-06-12 11:31:35 -07:00
Tomoya Tabuchi
047f7c0793 Add support for FreeBSD in portallocator
Signed-off-by: Tomoya Tabuchi <t@tomoyat1.com>
2017-05-15 11:37:29 +09:00
Puneet Pruthi
a48b541da3 libnetwork support for Solaris
Signed-off-by: Puneet Pruthi <puneetpruthi@gmail.com>
2016-10-14 16:38:23 -07:00
David Calavera
cc02894a50 Move test specific functions to a testutils package.
This way we won't vendor test related functions in docker anymore.
It also moves netns related functions to a new ns package to be able to
call the ns init function in tests. I think this also helps with the
overall package isolation.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-09-07 13:33:28 -04:00
Don Kjer
8d73de9722 Adding libnetwork support to publish on custom host port ranges.
See https://github.com/docker/docker/pull/12927 for docker portion.

Signed-off-by: Don Kjer <don.kjer@gmail.com>
2015-08-08 00:23:03 +00:00
Derek
f88ad7d340 fix file descriptor leak of ".../ip_local_port_range"
fix file descriptor leak of "/proc/sys/net/ipv4/ip_local_port_range"
2015-07-07 16:56:24 -07:00
Michael Crosby
96295af687 Do not warn in packages
Do not have log output in packages that applications consume because the
output can mess with logs, stdout/stderr of applications and such and
there is nothing that the consumer can do about it other than change the
package that they are using.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-06-02 15:11:32 -07:00
Alessandro Boch
f16db2c3ad Remove pkg directory
- As recommended by Docker committers.
- Will introduce internal directory when go supports it

Signed-off-by: Alessandro Boch <aboch@docker.com>
2015-05-16 16:12:13 -07:00
Alessandro Boch
3e6a889cd6 Port Allocator as a libnetwork package
DESCRIPTION:
  As part of bringing libnetwork bridge driver features
  in parity with docker/daemon/network/driver/bridge
  features (Issue #46), this commit addresses the
  bridge.RequestPort() API.

  Currenlty docker/api/server.go needs an hold of port
  allocator in order to reserve a transport port which
  will be used by the http server on the host machine,
  so that portallocator does not give out that port when
  queried by portmapper as part of network driver operations.

ISSUE:
  Current implementation in docker is server.go directly
  access portmapper and then portallocator from bridge pkg
  calling bridge.RequestPort(). This also forces that function
  to trigger portmapper initialization (in case bridge init()
  was not executed yet), while portmapper life cycle should
  only be controlled by bridge network driver.
  We cannot mantain this behavior with libnetwrok as this
  violates the modularization of networking code which
  libnetwork is bringing in.

FIX:
  Make portallocator a singleton, now both docker core and
  portmapper code can initialize it and get the only one instance
  (Change in docker core code will happen when docker code
  will migrate to use libnetwork), given it is being used for
  host specific needs.

NOTE:
  Long term fix is having multiple portallocator instances (so
  no more singleton) each capable to be in sync with OS regarding
  current port allocation.
  When this change comes, no change whould be required on portallocator'
  clients side, changes will be confined to portallocator package.

Signed-off-by: Alessandro Boch <aboch@docker.com>
2015-04-16 17:29:13 -07:00
Alessandro Boch
1f3f37b2f8 Sync libnetwork code to latest docker/master
- Update: portmapper, portallocator, ipallocator
- Remove stale godep dependencies
- Update pkg/iptables and others godep to latest
- Update bridge code and test after above changes
- Merge with latest changes in libnetwork

The code is updated up to docker/master commit SHA 86d66d6273

Signed-off-by: Alessandro Boch <aboch@docker.com>
2015-04-10 13:50:58 -07:00
Alessandro Boch
5d7b430801 Issue #33: Move portmapper and portallocator into libnetwork
- As they provide network translation functionalities,
  they should be part of libnetwork
- In driver/bridge/setup_ip_tables.go remove depenency
  on docker/daemon/networkdriver

Signed-off-by: Alessandro Boch <aboch@docker.com>
2015-04-09 11:05:02 -07:00