Beispiel #1
0
func ovs_connect() (*libovsdb.OvsdbClient, error) {
	quit = make(chan bool)
	update = make(chan *libovsdb.TableUpdates)
	cache = make(map[string]map[string]libovsdb.Row)

	// By default libovsdb connects to 127.0.0.0:6400.
	var ovs *libovsdb.OvsdbClient
	var err error
	for {
		ovs, err = libovsdb.Connect("", 0)
		if err != nil {
			log.Errorf("Error(%s) connecting to OVS. Retrying...", err.Error())
			time.Sleep(time.Second * 2)
			continue
		}
		break
	}
	var notifier Notifier
	ovs.Register(notifier)

	initial, _ := ovs.MonitorAll("Open_vSwitch", "")
	populateCache(*initial)
	go monitorDockerBridge(ovs)
	for getRootUuid() == "" {
		time.Sleep(time.Second * 1)
	}
	log.Debug("Connected to OVS...")
	return ovs, nil
}
Beispiel #2
0
func setupIPTables(bridgeName string, bridgeIP string) error {
	/*
		# Enable IP Masquerade on all ifaces that are not docker-ovs0
		iptables -t nat -A POSTROUTING -s 10.1.42.1/16 ! -o %bridgeName -j MASQUERADE

		# Enable outgoing connections on all interfaces
		iptables -A FORWARD -i %bridgeName ! -o %bridgeName -j ACCEPT

		# Enable incoming connections for established sessions
		iptables -A FORWARD -o %bridgeName -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
	*/

	log.Debug("Setting up iptables")
	natArgs := []string{"-s", bridgeIP, "!", "-o", bridgeName, "-j", "MASQUERADE"}
	if !ruleExists("nat", "POSTROUTING", natArgs...) {
		output, err := installRule(append([]string{
			"-t", "nat", "-A", "POSTROUTING"}, natArgs...)...)
		if err != nil {
			log.Debugf("Unable to enable network bridge NAT: %s", err)
			return fmt.Errorf("Unable to enable network bridge NAT: %s", err)
		}
		if len(output) != 0 {
			log.Debugf("Error enabling network bridge NAT: %s", err)
			return fmt.Errorf("Error enabling network bridge NAT: %s", output)
		}
	}

	outboundArgs := []string{"-i", bridgeName, "!", "-o", bridgeName, "-j", "ACCEPT"}
	if !ruleExists("", "FORWARD", outboundArgs...) {
		output, err := installRule(append([]string{
			"-A", "FORWARD"}, outboundArgs...)...)
		if err != nil {
			log.Debugf("Unable to enable network outbound forwarding: %s", err)
			return fmt.Errorf("Unable to enable network outbound forwarding: %s", err)
		}
		if len(output) != 0 {
			log.Debugf("Error enabling network outbound forwarding: %s", output)
			return fmt.Errorf("Error enabling network outbound forwarding: %s", output)
		}
	}

	inboundArgs := []string{"-o", bridgeName, "-m", "conntrack", "--ctstate", "RELATED,ESTABLISHED", "-j", "ACCEPT"}
	if !ruleExists("", "FORWARD", inboundArgs...) {
		output, err := installRule(append([]string{
			"-A", "FORWARD"}, inboundArgs...)...)
		if err != nil {
			log.Debugf("Unable to enable network inbound forwarding: %s", err)
			return fmt.Errorf("Unable to enable network inbound forwarding: %s", err)
		}
		if len(output) != 0 {
			log.Debugf("Error enabling network inbound forwarding: %s")
			return fmt.Errorf("Error enabling network inbound forwarding: %s", output)
		}
	}
	return nil
}
Beispiel #3
0
func clusterBindRPC(d *Daemon, bindInterface string) error {
	if bindInterface == d.clusterListener {
		log.Debug("Bind Interface is the same as currently bound interface")
		return errors.New("Bind Interface is the same as currently bound interface")
	}
	once := true
	if d.clusterListener != "" {
		log.Debug("Cluster is already bound on another interface. Leaving...")
		once = false
		LeaveDatastore()
		time.Sleep(time.Second * 5)
	}
	log.Debugf("Setting new cluster listener to %s", bindInterface)
	d.clusterListener = bindInterface
	InitDatastore(d.clusterListener, d.bootstrapNode)

	if !d.bootstrapNode && once {
		d.serialChan <- true
	}
	return nil
}
Beispiel #4
0
func clusterJoinRPC(d *Daemon, joinAddress string) error {
	bindInterface, err := GetIfaceForRoute(joinAddress)
	if err != nil {
		return err
	}
	if d.clusterListener != bindInterface {
		log.Debug("Cluster is already bound on another interface. Leaving...")
		LeaveDatastore()
		time.Sleep(time.Second * 10)
		log.Debugf("Setting new cluster listener to %s", bindInterface)
		d.bootstrapNode = false
		d.clusterListener = bindInterface
		InitDatastore(d.clusterListener, d.bootstrapNode)
	}
	if err = JoinDatastore(joinAddress); err != nil {
		log.Errorf("Could not join cluster %s. %s", joinAddress, err.Error())
	}
	return nil
}