Пример #1
0
func (idler *Idler) idleContainer(id containers.Identifier) {
	portPairs, err := containers.GetExistingPorts(id)
	if err != nil {
		fmt.Printf("IDLE: Error retrieving ports for container: %v", id)
		return
	}

	iptablePorts, err := iptables.GetIdlerRules(id)
	if err != nil {
		fmt.Printf("IDLE: Error retrieving ports from iptables: %v", id)
		return
	}

	shouldRecreateRules := false
	for _, portPair := range portPairs {
		extPort := strconv.Itoa(int(portPair.External))
		shouldRecreateRules = shouldRecreateRules || !iptablePorts[extPort]
	}

	if !shouldRecreateRules {
		return
	}

	//TODO: Ask geard to idle container
	fmt.Printf("Stopping container %v\n", id)
	if err := systemd.Connection().StopUnitJob(id.UnitNameFor(), "fail"); err != nil {
		fmt.Printf("idle: Could not stop container %s: %v", id.UnitNameFor(), err)
		return
	}

	iptables.IdleContainer(id, idler.hostIp)
}
Пример #2
0
func (idler *Idler) unidleContainer(id containers.Identifier, p netfilter.NFPacket) {
	newChanId, wasAlreadyAssigned := idler.getAvailableWaiter(id)

	if newChanId == 0 {
		fmt.Println("unidle: Error while finding wait channel")
		return
	}

	if !wasAlreadyAssigned {
		//TODO: Ask geard to unidle container
		fmt.Printf("Starting container %v\n", id)
		if err := systemd.Connection().StartUnitJob(id.UnitNameFor(), "fail"); err != nil {
			fmt.Printf("unidle: Could not start container %s: %v", id.UnitNameFor(), err)
			p.SetVerdict(netfilter.NF_ACCEPT)
			return
		}
	}

	p.SetRequeueVerdict(newChanId)
}