func SetInterfaceInNamespacePid(name string, nsPid int) error {
iface, err := net.InterfaceByName(name)
if err != nil {
return err
}
return netlink.NetworkSetNsPid(iface, nsPid)
}
func (v *veth) create(n *network, nspid int) (err error) {
tmpName, err := v.generateTempPeerName()
if err != nil {
return err
}
n.TempVethPeerName = tmpName
defer func() {
if err != nil {
netlink.NetworkLinkDel(n.HostInterfaceName)
netlink.NetworkLinkDel(n.TempVethPeerName)
}
}()
if n.Bridge == "" {
return fmt.Errorf("bridge is not specified")
}
if err := netlink.NetworkCreateVethPair(n.HostInterfaceName, n.TempVethPeerName, n.TxQueueLen); err != nil {
return err
}
if err := v.attach(&n.Network); err != nil {
return err
}
child, err := net.InterfaceByName(n.TempVethPeerName)
if err != nil {
return err
}
return netlink.NetworkSetNsPid(child, nspid)
}
// SetPeerLinkNsToDocker sends peer link into Docker
func (veth *VethPair) SetPeerLinkNsToDocker(name string, dockerHost string) error {
pid, err := DockerPidByName(name, dockerHost)
if err != nil {
return fmt.Errorf("Failed to find docker %s : %s", name, err)
}
return netlink.NetworkSetNsPid(veth.peerIfc, pid)
}
func (self *VLanSetter) addVLan(feedKey, content, ident, containerID string) {
conn, err := common.Rds.Acquire()
if err != nil || conn == nil {
logs.Info(err, "Get redis conn")
return
}
defer common.Rds.Release(conn)
parser := strings.Split(content, ":")
if len(parser) != 2 {
logs.Info("Seq and Ips Invaild", content)
return
}
seq, ips := parser[0], parser[1]
device, _ := self.Devices.Get(ident, 0)
vethName := fmt.Sprintf("%s%s.%s", common.VLAN_PREFIX, ident, seq)
logs.Info("Add new VLan to", vethName, containerID)
if err := netlink.NetworkLinkAddMacVlan(device, vethName, "bridge"); err != nil {
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("0|||")).Run(conn)
logs.Info("Create macvlan device failed", err)
return
}
container, err := common.Docker.InspectContainer(containerID)
if err != nil {
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("0|||")).Run(conn)
logs.Info("VLanSetter inspect docker failed", err)
self.delVLan(vethName)
return
}
ifc, _ := net.InterfaceByName(vethName)
if err := netlink.NetworkSetNsPid(ifc, container.State.Pid); err != nil {
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("0|||")).Run(conn)
logs.Info("Set macvlan device into container failed", err)
self.delVLan(vethName)
return
}
pid := strconv.Itoa(container.State.Pid)
cmd := exec.Command("nsenter", "-t", pid, "-n", "ip", "addr", "add", ips, "dev", vethName)
if err := cmd.Run(); err != nil {
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("0|||")).Run(conn)
logs.Info("Bind ip in container failed", err)
return
}
cmd = exec.Command("nsenter", "-t", pid, "-n", "ip", "link", "set", vethName, "up")
if err := cmd.Run(); err != nil {
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("0|||")).Run(conn)
logs.Info("Set up veth in container failed", err)
return
}
gore.NewCommand("LPUSH", feedKey, fmt.Sprintf("1|%s|%s|%s", containerID, vethName, ips)).Run(conn)
logs.Info("Add VLAN device success", containerID, ident)
}
func (v *veth) create(n *network, nspid int) (err error) {
tmpName, err := v.generateTempPeerName()
if err != nil {
return err
}
n.TempVethPeerName = tmpName
defer func() {
if err != nil {
netlink.NetworkLinkDel(n.HostInterfaceName)
netlink.NetworkLinkDel(n.TempVethPeerName)
}
}()
if n.Bridge == "" {
return fmt.Errorf("bridge is not specified")
}
bridge, err := net.InterfaceByName(n.Bridge)
if err != nil {
return err
}
if err := netlink.NetworkCreateVethPair(n.HostInterfaceName, n.TempVethPeerName, n.TxQueueLen); err != nil {
return err
}
host, err := net.InterfaceByName(n.HostInterfaceName)
if err != nil {
return err
}
if err := netlink.AddToBridge(host, bridge); err != nil {
return err
}
if err := netlink.NetworkSetMTU(host, n.Mtu); err != nil {
return err
}
if n.HairpinMode {
if err := netlink.SetHairpinMode(host, true); err != nil {
return err
}
}
if err := netlink.NetworkLinkUp(host); err != nil {
return err
}
child, err := net.InterfaceByName(n.TempVethPeerName)
if err != nil {
return err
}
return netlink.NetworkSetNsPid(child, nspid)
}
func AddVLan(vethName, ips, cid string) bool {
lock.Lock()
defer lock.Unlock()
device, _ := Devices.Get(cid, 0)
logs.Info("Add new VLan to", vethName, cid)
container, err := g.Docker.InspectContainer(cid)
if err != nil {
logs.Info("VLanSetter inspect docker failed", err)
return false
}
if err := netlink.NetworkLinkAddMacVlan(device, vethName, "bridge"); err != nil {
logs.Info("Create macvlan device failed", err)
return false
}
pid := strconv.Itoa(container.State.Pid)
ifc, _ := net.InterfaceByName(vethName)
if err := netlink.NetworkSetNsPid(ifc, container.State.Pid); err != nil {
logs.Info("Set macvlan device into container failed", err)
delVLan(vethName)
return false
}
cmd := exec.Command("nsenter", "-t", pid, "-n", "ip", "addr", "add", ips, "dev", vethName)
if err := cmd.Run(); err != nil {
logs.Info("Bind ip in container failed", err)
return false
}
cmd = exec.Command("nsenter", "-t", pid, "-n", "ip", "link", "set", vethName, "up")
if err := cmd.Run(); err != nil {
logs.Info("Set up veth in container failed", err)
return false
}
logs.Info("Add VLAN device success", cid)
return true
}
func (Link) SetNs(intf *net.Interface, ns int) error {
netlinkMu.Lock()
defer netlinkMu.Unlock()
return errF(netlink.NetworkSetNsPid(intf, ns))
}
// SetPeerLinkNsPid sends peer link into container specified by PID
func (veth *VethPair) SetPeerLinkNsPid(nspid int) error {
return netlink.NetworkSetNsPid(veth.peerIfc, nspid)
}
// setLinkOptions validates and sets link's various options passed in as LinkOptions.
func setLinkOptions(ifc *net.Interface, opts LinkOptions) error {
macaddr, mtu, flags, ns := opts.MacAddr, opts.MTU, opts.Flags, opts.Ns
// if MTU is passed in LinkOptions
if mtu != 0 {
if err := validMtu(mtu); err != nil {
return err
}
if err := netlink.NetworkSetMTU(ifc, mtu); err != nil {
return fmt.Errorf("Unable to set MTU: %s", err)
}
}
// if MacAddress is passed in LinkOptions
if macaddr != "" {
if err := validMacAddress(macaddr); err != nil {
return err
}
if err := netlink.NetworkSetMacAddress(ifc, macaddr); err != nil {
return fmt.Errorf("Unable to set MAC Address: %s", err)
}
}
// if ns is passed in LinkOptions
if ns != 0 {
if err := validNs(ns); err != nil {
return err
}
if err := netlink.NetworkSetNsPid(ifc, ns); err != nil {
return fmt.Errorf("Unable to set Network namespace: %s", err)
}
}
// if flags is passed in LinkOptions
if flags != 0 {
if err := validFlags(flags); err != nil {
return err
}
if ns != 0 && (ns != 1 || ns != os.Getpid()) {
if (flags & syscall.IFF_UP) == syscall.IFF_UP {
origNs, _ := NetNsHandle(os.Getpid())
defer syscall.Close(int(origNs))
defer system.Setns(origNs, syscall.CLONE_NEWNET)
if err := SetNetNsToPid(ns); err != nil {
return fmt.Errorf("Switching to %d network namespace failed: %s", ns, err)
}
if err := netlink.NetworkLinkUp(ifc); err != nil {
return fmt.Errorf("Unable to bring %s interface UP: %s", ifc.Name, ns)
}
}
} else {
if err := netlink.NetworkLinkUp(ifc); err != nil {
return fmt.Errorf("Could not bring up network link %s: %s", ifc.Name, err)
}
}
}
return nil
}
// SetLinkNetNsPid moves the link to Network namespace specified by PID.
func (l *Link) SetLinkNetNsPid(nspid int) error {
return netlink.NetworkSetNsPid(l.NetInterface(), nspid)
}