1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Commit graph

22 commits

Author SHA1 Message Date
Santhosh Manohar
6e965c03ad Reset the encryption keys on swarm leave
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-08-16 17:37:33 -07:00
Madhu Venugopal
c7d98e0081 Merge pull request #1382 from mrjana/overlay
Fix spurious overlay errors
2016-08-11 11:38:57 +05:30
Jana Radhakrishnan
004e56a4d1 Fix spurious overlay errors
Fixed certain spurious overlay errors which were not errors at all but
showing up everytime service tasks are started in the engine.

Also added a check to make sure a delete is valid by checking the
incoming endpoint id wih the one in peerdb just to make sure if the
delete from gossip is not stale.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-08-08 11:55:06 -07:00
Santhosh Manohar
ab02b015ef Remove unused key handling functions
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-08-05 04:46:01 -07:00
Jana Radhakrishnan
0030332e4e Merge pull request #1372 from sanimej/gossip
Add container short-id as an alias for swarm mode tasks
2016-08-03 17:27:49 -07:00
Santhosh Manohar
b54a4b5936 Add container short-id as an alias for swarm mode tasks
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-08-02 20:28:33 -07:00
Aaron Lehmann
3f542419ac Check size of keys slice
If not enough keys are provided to SetKeys, this may cause a panic. This
should not cause problems with the current integration in Docker 1.12.0,
but the panic might happen loading data created by an earlier version,
or data that is corrupted somehow. Add a length check to be defensive.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-08-02 19:07:43 -07:00
Madhu Venugopal
6368406c26 Adding Advertise-addr support
With this change, all the auto-detection of the addresses are removed
from libnetwork and the caller takes the responsibilty to have a proper
advertise-addr in various scenarios (including externally facing public
advertise-addr with an internal facing private listen-addr)

Signed-off-by: Madhu Venugopal <madhu@docker.com>
2016-07-21 02:44:25 -07:00
Alessandro Boch
d0192db0cd On agent init, re-join on existing cluster networks
Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-07-12 17:35:32 -07:00
Santhosh Manohar
ec17841ea4 Switch overlay encryption to use IPSec susbsystem keys
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-06-15 04:10:23 -07:00
Santhosh Manohar
8ded762a0b Update key handling logic to process keyring with 3 keys
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-06-11 04:50:25 -07:00
Jana Radhakrishnan
acac7ee812 Add service alias support
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-06-14 16:40:54 -07:00
Madhu Venugopal
64d8c5f87f Resolve host-name before trying the interface-name in agent bind
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2016-06-12 10:08:26 -07:00
Alessandro Boch
93b5073a7d Overlay driver to support network layer encryption
Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-06-08 23:38:55 -07:00
Santhosh Manohar
c4d5bbad7a Use controller methods for handling the encyrption keys from agent
instead of the Provider interface methods.

Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-06-05 00:47:30 -07:00
Santhosh Manohar
b2b87577d4 Add support for encrypting gossip traffic
Signed-off-by: Santhosh Manohar <santhosh@docker.com>
2016-06-04 03:55:14 -07:00
Madhu Venugopal
9054ac2b48 Provide a way for libnetwork to make use of Agent mode functionalities
Signed-off-by: Madhu Venugopal <madhu@docker.com>
2016-06-05 18:41:21 -07:00
Jana Radhakrishnan
0f89c9b7bc Add ingress load balancer
Ingress load balancer is achieved via a service sandbox which acts as
the proxy to translate incoming node port requests and mapping that to a
service entry. Once the right service is identified, the same internal
loadbalancer implementation is used to load balance to the right backend
instance.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-06-04 20:38:32 -07:00
Jana Radhakrishnan
d05adebf30 Add loadbalancer support
This PR adds support for loadbalancing across a group of endpoints that
share the same service configuration as passed in by
`OptionService`. The loadbalancer is implemented using ipvs with just
round robin scheduling supported for now.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-05-26 13:05:58 -07:00
Jana Radhakrishnan
b1e5178bc3 Convert endpoint gossip to use protobuf
Endpoint gossip will use protobuf so that we can make changes in a
backward compatible way.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-05-17 19:05:06 -07:00
Jana Radhakrishnan
ffdceda255 Add service support
Add a notion of service in libnetwork so that a group of endpoints
which form a service can be treated as such so that service level
features can be added on top. Initially as part of this PR the support
to assign a name to the said service is added which results in DNS
queries to the service name to return all the IPs of the backing
endpoints so that DNS RR behavior on the service name can be achieved.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-05-05 16:47:05 -07:00
Jana Radhakrishnan
0580043718 Add libnetwork agent mode support
libnetwork agent mode is a mode where libnetwork can act as a local
agent for network and discovery plumbing alone while the state
management is done elsewhere. This completes the support for making
libnetwork and its associated drivers to be completely independent of a
k/v store(if needed) and work purely based on the state information
passed along by some some external controller or manager. This does not
mean that libnetwork support for decentralized state management via a
k/v store is removed.

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
2016-05-02 18:19:32 -07:00