1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/libnetwork
Alessandro Boch a21d577b8b Block non exposed port traffic on ingress nw interfaces
Signed-off-by: Alessandro Boch <aboch@docker.com>
2016-10-27 20:28:08 -07:00
..
api libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
bitseq Fix bitseq.SetAnyInRange 2016-09-13 11:52:12 -07:00
client Add mflag package locally to libnetwork 2016-09-07 13:47:32 -07:00
cluster Honor user provided listen address for gossip 2016-09-22 11:41:57 -07:00
cmd Fix issue for --fixed-cidr when bridge has multiple addresses 2016-10-21 13:58:16 -07:00
config Update plugingetter import path. 2016-10-07 12:00:57 -07:00
datastore Merge pull request #1205 from allencloud/fix-typos 2016-08-01 09:49:31 -07:00
discoverapi Adding Advertise-addr support 2016-07-21 02:44:25 -07:00
docs Merge pull request #1205 from allencloud/fix-typos 2016-08-01 09:49:31 -07:00
driverapi Update plugingetter import path. 2016-10-07 12:00:57 -07:00
drivers Merge pull request #1452 from yongtang/26341-fixed-cidr-multiple-addresses-bridge 2016-10-26 12:52:19 -07:00
drvregistry Update plugingetter import path. 2016-10-07 12:00:57 -07:00
etchosts Fix file descriptor leaks 2016-07-01 16:29:51 -07:00
Godeps Update plugingetter import path. 2016-10-07 12:00:57 -07:00
hostdiscovery Merge pull request #1205 from allencloud/fix-typos 2016-08-01 09:49:31 -07:00
idm
ipam Separate pool parsing from pool auto-allocation 2016-05-25 15:02:44 -07:00
ipamapi Update plugingetter import path. 2016-10-07 12:00:57 -07:00
ipams Make libnetwork understand pluginv2. 2016-09-27 15:29:10 -07:00
ipamutils use grep to find a/an misuse 2016-06-03 16:35:33 +08:00
iptables Block non exposed port traffic on ingress nw interfaces 2016-10-27 20:28:08 -07:00
ipvs Merge pull request #1205 from allencloud/fix-typos 2016-08-01 09:49:31 -07:00
netlabel DNS support 2016-09-20 13:02:02 -07:00
netutils Fix issue for --fixed-cidr when bridge has multiple addresses 2016-10-21 13:58:16 -07:00
networkdb Reap failed nodes after 24 hours 2016-10-20 11:24:04 -07:00
ns Run API check to assert xfrm modules 2016-10-10 16:28:07 -07:00
options use grep to find a/an misuse 2016-06-03 16:35:33 +08:00
osl libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
portallocator libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
portmapper libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
resolvconf
test/integration Provide a way for libnetwork to make use of Agent mode functionalities 2016-06-05 18:41:21 -07:00
testutils libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
types Merge pull request #1205 from allencloud/fix-typos 2016-08-01 09:49:31 -07:00
.dockerignore
.gitignore
agent.go Avoid returning early on agent join failures 2016-09-27 08:36:10 -07:00
agent.pb.go Add container short-id as an alias for swarm mode tasks 2016-08-02 20:28:33 -07:00
agent.proto Add container short-id as an alias for swarm mode tasks 2016-08-02 20:28:33 -07:00
CHANGELOG.md Changelog for 0.8.0-dev.2 2016-05-07 11:16:00 -07:00
circle.yml Force go 1.7.1 in circle.yml to resolve failure to get golint 2016-10-12 13:02:53 -07:00
controller.go Merge pull request #1511 from anusha-ragunathan/fix-drvLoad 2016-10-24 10:43:55 -07:00
default_gateway.go fix typo in comments and log 2016-07-30 02:21:10 +08:00
default_gateway_freebsd.go
default_gateway_linux.go
default_gateway_solaris.go
default_gateway_windows.go
Dockerfile.build WIP: Update golang version to 1.7.1 2016-10-04 10:12:34 -07:00
drivers_experimental_linux.go Moving MacVlan driver out of experimental 2016-06-13 22:42:20 -07:00
drivers_freebsd.go
drivers_ipam.go Moving IPAM initalization out of drvRegistry into libnetwork core 2016-07-05 16:42:34 -07:00
drivers_linux.go Moving MacVlan driver out of experimental 2016-06-13 22:42:20 -07:00
drivers_solaris.go libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
drivers_stub_linux.go
drivers_windows.go
endpoint.go Merge pull request #1494 from aboch/sipt 2016-10-26 13:00:22 -07:00
endpoint_cnt.go Fix endpoint cnt decline overflow 2016-07-14 22:52:44 -04:00
endpoint_info.go Ensure drivertable entries in joininfo is uptodate 2016-08-02 14:06:41 -07:00
error.go Provide a way for libnetwork to make use of Agent mode functionalities 2016-06-05 18:41:21 -07:00
errors_test.go
libnetwork_internal_test.go add Created to NetworkInfo 2016-10-14 05:27:44 +00:00
libnetwork_linux_test.go libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
libnetwork_test.go libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
LICENSE
machines
MAINTAINERS
Makefile libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
network.go add Created to NetworkInfo 2016-10-14 05:27:44 +00:00
network_unix.go DNS support 2016-09-20 13:02:02 -07:00
network_windows.go DNS support 2016-09-20 13:02:02 -07:00
README.md
resolver.go DNS support 2016-09-20 13:02:02 -07:00
resolver_unix.go DNS support 2016-09-20 13:02:02 -07:00
resolver_windows.go Move the iptables setup for embedded DNS into a reexec process 2016-04-15 23:37:20 -07:00
ROADMAP.md fix typos 2016-05-30 18:20:52 +08:00
sandbox.go Fix map access race in populatedEndpoints 2016-10-18 10:20:05 -07:00
sandbox_dns_unix.go Check for ExecFunc failure 2016-09-21 13:53:08 -07:00
sandbox_dns_windows.go Add network restore to support docker live restore container 2016-06-13 23:48:00 -07:00
sandbox_externalkey.go
sandbox_externalkey_solaris.go
sandbox_externalkey_unix.go Moving the UDS file out of /var/lib/docker and into /run/ 2016-07-15 13:38:23 -07:00
sandbox_externalkey_windows.go
sandbox_store.go Better error handling in restoring sandbox states 2016-07-27 00:55:46 -07:00
sandbox_test.go Do not allow network creation if datastore is missing 2016-05-12 16:36:54 -07:00
service.go Cleanup service bindings when leaving cluster 2016-08-19 18:11:15 -07:00
service_linux.go Block non exposed port traffic on ingress nw interfaces 2016-10-27 20:28:08 -07:00
service_unsupported.go Merge pull request #1398 from sanimej/access 2016-08-30 23:06:12 +02:00
store.go Avoid k/v store endpoint update in swarm mode 2016-08-23 14:14:11 -07:00
store_linux_test.go libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
store_test.go libnetwork support for Solaris 2016-10-14 16:38:23 -07:00
support.sh Simple support script to gather libnetwork info 2016-08-23 14:19:33 -07:00
Vagrantfile Updated vagrant box, ubuntu/vivid64 was remove from atlas.hasicorp.com 2016-10-19 15:28:46 -06:00
wrapmake.sh

libnetwork - networking for containers

Circle CI Coverage Status GoDoc

Libnetwork provides a native Go implementation for connecting containers

The goal of libnetwork is to deliver a robust Container Network Model that provides a consistent programming interface and the required network abstractions for applications.

Design

Please refer to the design for more information.

Using libnetwork

There are many networking solutions available to suit a broad range of use-cases. libnetwork uses a driver / plugin model to support all of these solutions while abstracting the complexity of the driver implementations by exposing a simple and consistent Network Model to users.

func main() {
	if reexec.Init() {
		return
	}

	// Select and configure the network driver
	networkType := "bridge"

	// Create a new controller instance
	driverOptions := options.Generic{}
	genericOption := make(map[string]interface{})
	genericOption[netlabel.GenericData] = driverOptions
	controller, err := libnetwork.New(config.OptionDriverConfig(networkType, genericOption))
	if err != nil {
		log.Fatalf("libnetwork.New: %s", err)
	}

	// Create a network for containers to join.
	// NewNetwork accepts Variadic optional arguments that libnetwork and Drivers can use.
	network, err := controller.NewNetwork(networkType, "network1", "")
	if err != nil {
		log.Fatalf("controller.NewNetwork: %s", err)
	}

	// For each new container: allocate IP and interfaces. The returned network
	// settings will be used for container infos (inspect and such), as well as
	// iptables rules for port publishing. This info is contained or accessible
	// from the returned endpoint.
	ep, err := network.CreateEndpoint("Endpoint1")
	if err != nil {
		log.Fatalf("network.CreateEndpoint: %s", err)
	}

	// Create the sandbox for the container.
	// NewSandbox accepts Variadic optional arguments which libnetwork can use.
	sbx, err := controller.NewSandbox("container1",
		libnetwork.OptionHostname("test"),
		libnetwork.OptionDomainname("docker.io"))
	if err != nil {
		log.Fatalf("controller.NewSandbox: %s", err)
	}

	// A sandbox can join the endpoint via the join api.
	err = ep.Join(sbx)
	if err != nil {
		log.Fatalf("ep.Join: %s", err)
	}

	// libnetwork client can check the endpoint's operational data via the Info() API
	epInfo, err := ep.DriverInfo()
	if err != nil {
		log.Fatalf("ep.DriverInfo: %s", err)
	}

	macAddress, ok := epInfo[netlabel.MacAddress]
	if !ok {
		log.Fatalf("failed to get mac address from endpoint info")
	}

	fmt.Printf("Joined endpoint %s (%s) to sandbox %s (%s)\n", ep.Name(), macAddress, sbx.ContainerID(), sbx.Key())
}

Future

Please refer to roadmap for more information.

Contributing

Want to hack on libnetwork? Docker's contributions guidelines apply.

Code and documentation copyright 2015 Docker, inc. Code released under the Apache 2.0 license. Docs released under Creative commons.