func ovs_connect() (*libovsdb.OvsdbClient, error) { quit = make(chan bool) update = make(chan *libovsdb.TableUpdates) cache = make(map[string]map[string]libovsdb.Row) // By default libovsdb connects to 127.0.0.0:6400. var ovs *libovsdb.OvsdbClient var err error for { ovs, err = libovsdb.Connect("", 0) if err != nil { log.Errorf("Error(%s) connecting to OVS. Retrying...", err.Error()) time.Sleep(time.Second * 2) continue } break } var notifier Notifier ovs.Register(notifier) initial, _ := ovs.MonitorAll("Open_vSwitch", "") populateCache(*initial) go monitorDockerBridge(ovs) for getRootUuid() == "" { time.Sleep(time.Second * 1) } log.Debug("Connected to OVS...") return ovs, nil }
func setupIPTables(bridgeName string, bridgeIP string) error { /* # Enable IP Masquerade on all ifaces that are not docker-ovs0 iptables -t nat -A POSTROUTING -s 10.1.42.1/16 ! -o %bridgeName -j MASQUERADE # Enable outgoing connections on all interfaces iptables -A FORWARD -i %bridgeName ! -o %bridgeName -j ACCEPT # Enable incoming connections for established sessions iptables -A FORWARD -o %bridgeName -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT */ log.Debug("Setting up iptables") natArgs := []string{"-s", bridgeIP, "!", "-o", bridgeName, "-j", "MASQUERADE"} if !ruleExists("nat", "POSTROUTING", natArgs...) { output, err := installRule(append([]string{ "-t", "nat", "-A", "POSTROUTING"}, natArgs...)...) if err != nil { log.Debugf("Unable to enable network bridge NAT: %s", err) return fmt.Errorf("Unable to enable network bridge NAT: %s", err) } if len(output) != 0 { log.Debugf("Error enabling network bridge NAT: %s", err) return fmt.Errorf("Error enabling network bridge NAT: %s", output) } } outboundArgs := []string{"-i", bridgeName, "!", "-o", bridgeName, "-j", "ACCEPT"} if !ruleExists("", "FORWARD", outboundArgs...) { output, err := installRule(append([]string{ "-A", "FORWARD"}, outboundArgs...)...) if err != nil { log.Debugf("Unable to enable network outbound forwarding: %s", err) return fmt.Errorf("Unable to enable network outbound forwarding: %s", err) } if len(output) != 0 { log.Debugf("Error enabling network outbound forwarding: %s", output) return fmt.Errorf("Error enabling network outbound forwarding: %s", output) } } inboundArgs := []string{"-o", bridgeName, "-m", "conntrack", "--ctstate", "RELATED,ESTABLISHED", "-j", "ACCEPT"} if !ruleExists("", "FORWARD", inboundArgs...) { output, err := installRule(append([]string{ "-A", "FORWARD"}, inboundArgs...)...) if err != nil { log.Debugf("Unable to enable network inbound forwarding: %s", err) return fmt.Errorf("Unable to enable network inbound forwarding: %s", err) } if len(output) != 0 { log.Debugf("Error enabling network inbound forwarding: %s") return fmt.Errorf("Error enabling network inbound forwarding: %s", output) } } return nil }
func clusterBindRPC(d *Daemon, bindInterface string) error { if bindInterface == d.clusterListener { log.Debug("Bind Interface is the same as currently bound interface") return errors.New("Bind Interface is the same as currently bound interface") } once := true if d.clusterListener != "" { log.Debug("Cluster is already bound on another interface. Leaving...") once = false LeaveDatastore() time.Sleep(time.Second * 5) } log.Debugf("Setting new cluster listener to %s", bindInterface) d.clusterListener = bindInterface InitDatastore(d.clusterListener, d.bootstrapNode) if !d.bootstrapNode && once { d.serialChan <- true } return nil }
func clusterJoinRPC(d *Daemon, joinAddress string) error { bindInterface, err := GetIfaceForRoute(joinAddress) if err != nil { return err } if d.clusterListener != bindInterface { log.Debug("Cluster is already bound on another interface. Leaving...") LeaveDatastore() time.Sleep(time.Second * 10) log.Debugf("Setting new cluster listener to %s", bindInterface) d.bootstrapNode = false d.clusterListener = bindInterface InitDatastore(d.clusterListener, d.bootstrapNode) } if err = JoinDatastore(joinAddress); err != nil { log.Errorf("Could not join cluster %s. %s", joinAddress, err.Error()) } return nil }