Beispiel #1
0
func parseNetworkOptions(option options.Generic) (*NetworkConfiguration, error) {
	var config *NetworkConfiguration

	genericData, ok := option[netlabel.GenericData]
	if ok && genericData != nil {
		switch opt := genericData.(type) {
		case options.Generic:
			opaqueConfig, err := options.GenerateFromModel(opt, &NetworkConfiguration{})
			if err != nil {
				return nil, err
			}
			config = opaqueConfig.(*NetworkConfiguration)
		case *NetworkConfiguration:
			config = opt
		default:
			return nil, &ErrInvalidNetworkConfig{}
		}

		if err := config.Validate(); err != nil {
			return nil, err
		}
	} else {
		config = &NetworkConfiguration{}
	}

	if _, ok := option[netlabel.EnableIPv6]; ok {
		config.EnableIPv6 = option[netlabel.EnableIPv6].(bool)
	}

	return config, nil
}
Beispiel #2
0
func parseNetworkGenericOptions(data interface{}) (*networkConfiguration, error) {
	var (
		err    error
		config *networkConfiguration
	)

	switch opt := data.(type) {
	case *networkConfiguration:
		config = opt
	case map[string]interface{}:
		config = &networkConfiguration{
			EnableICC:          true,
			EnableIPTables:     true,
			EnableIPMasquerade: true,
		}
		err = config.fromMap(opt)
	case options.Generic:
		var opaqueConfig interface{}
		if opaqueConfig, err = options.GenerateFromModel(opt, config); err == nil {
			config = opaqueConfig.(*networkConfiguration)
		}
	default:
		err = types.BadRequestErrorf("do not recognize network configuration format: %T", opt)
	}

	return config, err
}
Beispiel #3
0
func (d *driver) configure(option map[string]interface{}) error {
	var (
		config         *configuration
		err            error
		natChain       *iptables.ChainInfo
		filterChain    *iptables.ChainInfo
		isolationChain *iptables.ChainInfo
	)

	genericData, ok := option[netlabel.GenericData]
	if !ok || genericData == nil {
		return nil
	}

	switch opt := genericData.(type) {
	case options.Generic:
		opaqueConfig, err := options.GenerateFromModel(opt, &configuration{})
		if err != nil {
			return err
		}
		config = opaqueConfig.(*configuration)
	case *configuration:
		config = opt
	default:
		return &ErrInvalidDriverConfig{}
	}

	if config.EnableIPForwarding {
		err = setupIPForwarding()
		if err != nil {
			return err
		}
	}

	if config.EnableIPTables {
		removeIPChains()
		natChain, filterChain, isolationChain, err = setupIPChains(config)
		if err != nil {
			return err
		}
		// Make sure on firewall reload, first thing being re-played is chains creation
		iptables.OnReloaded(func() { logrus.Debugf("Recreating iptables chains on firewall reload"); setupIPChains(config) })
	}

	d.Lock()
	d.natChain = natChain
	d.filterChain = filterChain
	d.isolationChain = isolationChain
	d.config = config
	d.Unlock()

	err = d.initStore(option)
	if err != nil {
		return err
	}

	return nil
}
Beispiel #4
0
func (d *driver) configure(option map[string]interface{}) error {
	var (
		config         *configuration
		err            error
		natChain       *iptables.ChainInfo
		filterChain    *iptables.ChainInfo
		isolationChain *iptables.ChainInfo
	)

	genericData, ok := option[netlabel.GenericData]
	if !ok || genericData == nil {
		return nil
	}

	switch opt := genericData.(type) {
	case options.Generic:
		opaqueConfig, err := options.GenerateFromModel(opt, &configuration{})
		if err != nil {
			return err
		}
		config = opaqueConfig.(*configuration)
	case *configuration:
		config = opt
	default:
		return &ErrInvalidDriverConfig{}
	}

	if config.EnableIPForwarding {
		err = setupIPForwarding()
		if err != nil {
			return err
		}
	}

	if config.EnableIPTables {
		removeIPChains()
		natChain, filterChain, isolationChain, err = setupIPChains(config)
		if err != nil {
			return err
		}
	}

	d.Lock()
	d.natChain = natChain
	d.filterChain = filterChain
	d.isolationChain = isolationChain
	d.config = config
	d.Unlock()

	err = d.initStore(option)
	if err != nil {
		return err
	}

	return nil
}
Beispiel #5
0
func (d *driver) Config(option map[string]interface{}) error {
	var config *configuration
	var err error

	d.Lock()
	defer d.Unlock()

	if d.config != nil {
		return nil
		//		return &ErrConfigExists{}
	}

	genericData, ok := option[netlabel.GenericData]
	if ok && genericData != nil {
		switch opt := genericData.(type) {
		case options.Generic:
			opaqueConfig, err := options.GenerateFromModel(opt, &configuration{})
			if err != nil {
				return err
			}
			config = opaqueConfig.(*configuration)
		case *configuration:
			config = opt
		default:
			return &ErrInvalidDriverConfig{}
		}

		d.config = config
	} else {
		config = &configuration{}
		d.config = config
	}

	if config.EnableIPForwarding {
		err = setupIPForwarding()
		if err != nil {
			return err
		}
	}

	if config.EnableIPTables {
		d.natChain, d.filterChain, err = setupIPChains(config)
		return err
	}

	return nil
}
Beispiel #6
0
func parseContainerOptions(cOptions map[string]interface{}) (*containerConfiguration, error) {
	if cOptions == nil {
		return nil, nil
	}
	genericData := cOptions[netlabel.GenericData]
	if genericData == nil {
		return nil, nil
	}
	switch opt := genericData.(type) {
	case options.Generic:
		opaqueConfig, err := options.GenerateFromModel(opt, &containerConfiguration{})
		if err != nil {
			return nil, err
		}
		return opaqueConfig.(*containerConfiguration), nil
	case *containerConfiguration:
		return opt, nil
	default:
		return nil, nil
	}
}
Beispiel #7
0
// parseNetworkGenericOptions parse generic driver docker network options
func parseNetworkGenericOptions(data interface{}) (*configuration, error) {
	var (
		err    error
		config *configuration
	)
	switch opt := data.(type) {
	case *configuration:
		config = opt
	case map[string]string:
		config = &configuration{}
		err = config.fromOptions(opt)
	case options.Generic:
		var opaqueConfig interface{}
		if opaqueConfig, err = options.GenerateFromModel(opt, config); err == nil {
			config = opaqueConfig.(*configuration)
		}
	default:
		err = types.BadRequestErrorf("unrecognized network configuration format: %v", opt)
	}
	return config, err
}
Beispiel #8
0
func (d *driver) Config(option map[string]interface{}) error {
	var config *Configuration

	d.Lock()
	defer d.Unlock()

	if d.config != nil {
		return ErrConfigExists
	}

	genericData, ok := option[netlabel.GenericData]
	if ok && genericData != nil {
		switch opt := genericData.(type) {
		case options.Generic:
			opaqueConfig, err := options.GenerateFromModel(opt, &Configuration{})
			if err != nil {
				return err
			}
			config = opaqueConfig.(*Configuration)
		case *Configuration:
			config = opt
		default:
			return ErrInvalidDriverConfig
		}

		d.config = config
	} else {
		config = &Configuration{}
	}

	if config.EnableIPForwarding {
		return setupIPForwarding(config)
	}

	return nil
}
Beispiel #9
0
func (d *driver) configure(option map[string]interface{}) error {
	var (
		config         *configuration
		err            error
		natChain       *iptables.ChainInfo
		filterChain    *iptables.ChainInfo
		isolationChain *iptables.ChainInfo
	)

	genericData, ok := option[netlabel.GenericData]
	if !ok || genericData == nil {
		return nil
	}

	switch opt := genericData.(type) {
	case options.Generic:
		opaqueConfig, err := options.GenerateFromModel(opt, &configuration{})
		if err != nil {
			return err
		}
		config = opaqueConfig.(*configuration)
	case *configuration:
		config = opt
	default:
		return &ErrInvalidDriverConfig{}
	}

	if config.EnableIPForwarding {
		err = setupIPForwarding()
		if err != nil {
			return err
		}
	}

	if config.EnableIPTables {
		if _, err := os.Stat("/proc/sys/net/bridge"); err != nil {
			if out, err := exec.Command("modprobe", "-va", "bridge", "br_netfilter").CombinedOutput(); err != nil {
				logrus.Warnf("Running modprobe bridge br_netfilter failed with message: %s, error: %v", out, err)
			}
		}
		removeIPChains()
		natChain, filterChain, isolationChain, err = setupIPChains(config)
		if err != nil {
			return err
		}
		// Make sure on firewall reload, first thing being re-played is chains creation
		iptables.OnReloaded(func() { logrus.Debugf("Recreating iptables chains on firewall reload"); setupIPChains(config) })
	}

	d.Lock()
	d.natChain = natChain
	d.filterChain = filterChain
	d.isolationChain = isolationChain
	d.config = config
	d.Unlock()

	err = d.initStore(option)
	if err != nil {
		return err
	}

	return nil
}