func (idler *Idler) idleContainer(id containers.Identifier) {
portPairs, err := containers.GetExistingPorts(id)
if err != nil {
fmt.Printf("IDLE: Error retrieving ports for container: %v", id)
return
}
iptablePorts, err := iptables.GetIdlerRules(id)
if err != nil {
fmt.Printf("IDLE: Error retrieving ports from iptables: %v", id)
return
}
shouldRecreateRules := false
for _, portPair := range portPairs {
extPort := strconv.Itoa(int(portPair.External))
shouldRecreateRules = shouldRecreateRules || !iptablePorts[extPort]
}
if !shouldRecreateRules {
return
}
//TODO: Ask geard to idle container
fmt.Printf("Stopping container %v\n", id)
if err := systemd.Connection().StopUnitJob(id.UnitNameFor(), "fail"); err != nil {
fmt.Printf("idle: Could not stop container %s: %v", id.UnitNameFor(), err)
return
}
iptables.IdleContainer(id, idler.hostIp)
}
func (idler *Idler) unidleContainer(id containers.Identifier, p netfilter.NFPacket) {
newChanId, wasAlreadyAssigned := idler.getAvailableWaiter(id)
if newChanId == 0 {
fmt.Println("unidle: Error while finding wait channel")
return
}
if !wasAlreadyAssigned {
//TODO: Ask geard to unidle container
fmt.Printf("Starting container %v\n", id)
if err := systemd.Connection().StartUnitJob(id.UnitNameFor(), "fail"); err != nil {
fmt.Printf("unidle: Could not start container %s: %v", id.UnitNameFor(), err)
p.SetVerdict(netfilter.NF_ACCEPT)
return
}
}
p.SetRequeueVerdict(newChanId)
}