func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
if _, err := controller.NetworkByName(runconfig.DefaultDaemonNetworkMode().NetworkName()); err == nil {
return nil
}
netOption := map[string]string{
winlibnetwork.NetworkName: runconfig.DefaultDaemonNetworkMode().NetworkName(),
}
ipamV4Conf := libnetwork.IpamConf{}
if config.bridgeConfig.FixedCIDR == "" {
ipamV4Conf.PreferredPool = defaultNetworkSpace
} else {
ipamV4Conf.PreferredPool = config.bridgeConfig.FixedCIDR
}
v4Conf := []*libnetwork.IpamConf{&ipamV4Conf}
v6Conf := []*libnetwork.IpamConf{}
_, err := controller.NewNetwork(string(runconfig.DefaultDaemonNetworkMode()), runconfig.DefaultDaemonNetworkMode().NetworkName(),
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
}),
libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
)
if err != nil {
return fmt.Errorf("Error creating default network: %v", err)
}
return nil
}
func TestDuplicateNetwork(t *testing.T) {
if !netutils.IsRunningInContainer() {
defer netutils.SetupTestNetNS(t)()
}
controller, err := libnetwork.New()
if err != nil {
t.Fatal(err)
}
genericOption := make(map[string]interface{})
genericOption[netlabel.GenericData] = options.Generic{}
err = controller.ConfigureNetworkDriver(bridgeNetType, genericOption)
if err != nil {
t.Fatal(err)
}
_, err = controller.NewNetwork(bridgeNetType, "testnetwork",
libnetwork.NetworkOptionGeneric(genericOption))
if err != nil {
t.Fatal(err)
}
_, err = controller.NewNetwork(bridgeNetType, "testnetwork")
if err == nil {
t.Fatal("Expected to fail. But instead succeeded")
}
if _, ok := err.(libnetwork.NetworkNameError); !ok {
t.Fatalf("Did not fail with expected error. Actual error: %v", err)
}
}
func createDefaultNetwork(c libnetwork.NetworkController) {
nw := c.Config().Daemon.DefaultNetwork
d := c.Config().Daemon.DefaultDriver
createOptions := []libnetwork.NetworkOption{}
genericOption := options.Generic{}
if nw != "" && d != "" {
// Bridge driver is special due to legacy reasons
if d == "bridge" {
genericOption[netlabel.GenericData] = map[string]string{
"BridgeName": "docker0",
"DefaultBridge": "true",
}
createOptions = append(createOptions,
libnetwork.NetworkOptionGeneric(genericOption),
ipamOption(nw))
}
if n, err := c.NetworkByName(nw); err == nil {
logrus.Debugf("Default network %s already present. Deleting it", nw)
if err = n.Delete(); err != nil {
logrus.Debugf("Network could not be deleted: %v", err)
return
}
}
_, err := c.NewNetwork(d, nw, createOptions...)
if err != nil {
logrus.Errorf("Error creating default network : %s : %v", nw, err)
}
}
}
func (nc *networkCreate) parseOptions() []libnetwork.NetworkOption {
var setFctList []libnetwork.NetworkOption
if nc.Options != nil {
setFctList = append(setFctList, libnetwork.NetworkOptionGeneric(nc.Options))
}
return setFctList
}
func parseOptions(options map[string]interface{}) []libnetwork.NetworkOption {
var setFctList []libnetwork.NetworkOption
if options != nil {
setFctList = append(setFctList, libnetwork.NetworkOptionGeneric(options))
}
return setFctList
}
func createTestNetwork(networkType, networkName string, netOption options.Generic) (libnetwork.Network, error) {
network, err := controller.NewNetwork(networkType, networkName,
libnetwork.NetworkOptionGeneric(netOption))
if err != nil {
return nil, err
}
return network, nil
}
func TestNilRemoteDriver(t *testing.T) {
_, err := controller.NewNetwork("framerelay", "dummy",
libnetwork.NetworkOptionGeneric(getEmptyGenericOption()))
if err == nil {
t.Fatal("Expected to fail. But instead succeeded")
}
if _, ok := err.(types.NotFoundError); !ok {
t.Fatalf("Did not fail with expected error. Actual error: %v", err)
}
}
func TestValidRemoteDriver(t *testing.T) {
if !netutils.IsRunningInContainer() {
t.Skip("Skipping test when not running inside a Container")
}
mux := http.NewServeMux()
server := httptest.NewServer(mux)
if server == nil {
t.Fatal("Failed to start a HTTP Server")
}
defer server.Close()
type pluginRequest struct {
name string
}
mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
fmt.Fprintf(w, `{"Implements": ["%s"]}`, driverapi.NetworkPluginEndpointType)
})
mux.HandleFunc(fmt.Sprintf("/%s.CreateNetwork", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
fmt.Fprintf(w, "null")
})
if err := os.MkdirAll("/usr/share/docker/plugins", 0755); err != nil {
t.Fatal(err)
}
defer func() {
if err := os.RemoveAll("/usr/share/docker/plugins"); err != nil {
t.Fatal(err)
}
}()
if err := ioutil.WriteFile("/usr/share/docker/plugins/valid-network-driver.spec", []byte(server.URL), 0644); err != nil {
t.Fatal(err)
}
n, err := controller.NewNetwork("valid-network-driver", "dummy",
libnetwork.NetworkOptionGeneric(getEmptyGenericOption()))
if err != nil {
// Only fail if we could not find the plugin driver
if _, ok := err.(types.NotFoundError); ok {
t.Fatal(err)
}
return
}
defer func() {
if err := n.Delete(); err != nil {
t.Fatal(err)
}
}()
}
// Testing IPV6 from MAC address
func TestBridgeIpv6FromMac(t *testing.T) {
if !testutils.IsRunningInContainer() {
defer testutils.SetupTestOSContext(t)()
}
netOption := options.Generic{
netlabel.GenericData: options.Generic{
"BridgeName": "testipv6mac",
"EnableICC": true,
"EnableIPMasquerade": true,
},
}
ipamV4ConfList := []*libnetwork.IpamConf{{PreferredPool: "192.168.100.0/24", Gateway: "192.168.100.1"}}
ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "fe90::/64", Gateway: "fe90::22"}}
network, err := controller.NewNetwork(bridgeNetType, "testipv6mac", "",
libnetwork.NetworkOptionGeneric(netOption),
libnetwork.NetworkOptionEnableIPv6(true),
libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", ipamV4ConfList, ipamV6ConfList, nil),
libnetwork.NetworkOptionDeferIPv6Alloc(true))
if err != nil {
t.Fatal(err)
}
mac := net.HardwareAddr{0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff}
epOption := options.Generic{netlabel.MacAddress: mac}
ep, err := network.CreateEndpoint("testep", libnetwork.EndpointOptionGeneric(epOption))
if err != nil {
t.Fatal(err)
}
iface := ep.Info().Iface()
if !bytes.Equal(iface.MacAddress(), mac) {
t.Fatalf("Unexpected mac address: %v", iface.MacAddress())
}
ip, expIP, _ := net.ParseCIDR("fe90::aabb:ccdd:eeff/64")
expIP.IP = ip
if !types.CompareIPNet(expIP, iface.AddressIPv6()) {
t.Fatalf("Expected %v. Got: %v", expIP, iface.AddressIPv6())
}
if err := ep.Delete(false); err != nil {
t.Fatal(err)
}
if err := network.Delete(); err != nil {
t.Fatal(err)
}
}
func TestInvalidRemoteDriver(t *testing.T) {
if !testutils.IsRunningInContainer() {
t.Skip("Skipping test when not running inside a Container")
}
mux := http.NewServeMux()
server := httptest.NewServer(mux)
if server == nil {
t.Fatal("Failed to start a HTTP Server")
}
defer server.Close()
type pluginRequest struct {
name string
}
mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/vnd.docker.plugins.v1+json")
fmt.Fprintln(w, `{"Implements": ["InvalidDriver"]}`)
})
if err := os.MkdirAll("/etc/docker/plugins", 0755); err != nil {
t.Fatal(err)
}
defer func() {
if err := os.RemoveAll("/etc/docker/plugins"); err != nil {
t.Fatal(err)
}
}()
if err := ioutil.WriteFile("/etc/docker/plugins/invalid-network-driver.spec", []byte(server.URL), 0644); err != nil {
t.Fatal(err)
}
ctrlr, err := libnetwork.New()
if err != nil {
t.Fatal(err)
}
defer ctrlr.Stop()
_, err = ctrlr.NewNetwork("invalid-network-driver", "dummy",
libnetwork.NetworkOptionGeneric(getEmptyGenericOption()))
if err == nil {
t.Fatal("Expected to fail. But instead succeeded")
}
if err != plugins.ErrNotImplements {
t.Fatalf("Did not fail with expected error. Actual error: %v", err)
}
}
func createNetwork(controller libnetwork.NetworkController, dnet string, driver string) (libnetwork.Network, error) {
createOptions := []libnetwork.NetworkOption{}
genericOption := options.Generic{}
// Bridge driver is special due to legacy reasons
if runconfig.NetworkMode(driver).IsBridge() {
genericOption[netlabel.GenericData] = map[string]string{
bridge.BridgeName: dnet,
}
networkOption := libnetwork.NetworkOptionGeneric(genericOption)
createOptions = append(createOptions, networkOption)
}
return controller.NewNetwork(driver, dnet, createOptions...)
}
func TestNilRemoteDriver(t *testing.T) {
controller, err := libnetwork.New()
if err != nil {
t.Fatal(err)
}
_, err = controller.NewNetwork("framerelay", "dummy",
libnetwork.NetworkOptionGeneric(getEmptyGenericOption()))
if err == nil {
t.Fatal("Expected to fail. But instead succeeded")
}
if err != plugins.ErrNotFound {
t.Fatalf("Did not fail with expected error. Actual error: %v", err)
}
}
func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
if _, err := controller.NetworkByName(runconfig.DefaultDaemonNetworkMode().NetworkName()); err == nil {
return nil
}
netOption := map[string]string{
winlibnetwork.NetworkName: runconfig.DefaultDaemonNetworkMode().NetworkName(),
}
var ipamOption libnetwork.NetworkOption
var subnetPrefix string
if config.bridgeConfig.FixedCIDR != "" {
subnetPrefix = config.bridgeConfig.FixedCIDR
} else {
// TP5 doesn't support properly detecting subnet
osv := system.GetOSVersion()
if osv.Build < 14360 {
subnetPrefix = defaultNetworkSpace
}
}
if subnetPrefix != "" {
ipamV4Conf := libnetwork.IpamConf{}
ipamV4Conf.PreferredPool = subnetPrefix
v4Conf := []*libnetwork.IpamConf{&ipamV4Conf}
v6Conf := []*libnetwork.IpamConf{}
ipamOption = libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil)
}
_, err := controller.NewNetwork(string(runconfig.DefaultDaemonNetworkMode()), runconfig.DefaultDaemonNetworkMode().NetworkName(), "",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
}),
ipamOption,
)
if err != nil {
return fmt.Errorf("Error creating default network: %v", err)
}
return nil
}
func createTestNetwork(networkType, networkName string, option options.Generic, netOption options.Generic) (libnetwork.Network, error) {
controller, err := libnetwork.New()
if err != nil {
return nil, err
}
genericOption := make(map[string]interface{})
genericOption[netlabel.GenericData] = option
err = controller.ConfigureNetworkDriver(networkType, genericOption)
if err != nil {
return nil, err
}
network, err := controller.NewNetwork(networkType, networkName,
libnetwork.NetworkOptionGeneric(netOption))
if err != nil {
return nil, err
}
return network, nil
}
func createDefaultNetwork(c libnetwork.NetworkController) {
nw := c.Config().Daemon.DefaultNetwork
d := c.Config().Daemon.DefaultDriver
createOptions := []libnetwork.NetworkOption{}
genericOption := options.Generic{}
if nw != "" && d != "" {
// Bridge driver is special due to legacy reasons
if d == "bridge" {
genericOption[netlabel.GenericData] = map[string]interface{}{
"BridgeName": nw,
}
networkOption := libnetwork.NetworkOptionGeneric(genericOption)
createOptions = append(createOptions, networkOption)
}
_, err := c.NewNetwork(d, nw, createOptions...)
if err != nil {
logrus.Errorf("Error creating default network : %s : %v", nw, err)
}
}
}
func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
option := options.Generic{
"EnableIPForwarding": config.Bridge.EnableIPForward,
"EnableIPTables": config.Bridge.EnableIPTables,
"EnableUserlandProxy": config.Bridge.EnableUserlandProxy}
if err := controller.ConfigureNetworkDriver("bridge", options.Generic{netlabel.GenericData: option}); err != nil {
return fmt.Errorf("Error initializing bridge driver: %v", err)
}
netOption := options.Generic{
"BridgeName": config.Bridge.Iface,
"Mtu": config.Mtu,
"EnableIPMasquerade": config.Bridge.EnableIPMasq,
"EnableICC": config.Bridge.InterContainerCommunication,
}
if config.Bridge.IP != "" {
ip, bipNet, err := net.ParseCIDR(config.Bridge.IP)
if err != nil {
return err
}
bipNet.IP = ip
netOption["AddressIPv4"] = bipNet
}
if config.Bridge.FixedCIDR != "" {
_, fCIDR, err := net.ParseCIDR(config.Bridge.FixedCIDR)
if err != nil {
return err
}
netOption["FixedCIDR"] = fCIDR
}
if config.Bridge.FixedCIDRv6 != "" {
_, fCIDRv6, err := net.ParseCIDR(config.Bridge.FixedCIDRv6)
if err != nil {
return err
}
netOption["FixedCIDRv6"] = fCIDRv6
}
if config.Bridge.DefaultGatewayIPv4 != nil {
netOption["DefaultGatewayIPv4"] = config.Bridge.DefaultGatewayIPv4
}
if config.Bridge.DefaultGatewayIPv6 != nil {
netOption["DefaultGatewayIPv6"] = config.Bridge.DefaultGatewayIPv6
}
// --ip processing
if config.Bridge.DefaultIP != nil {
netOption["DefaultBindingIP"] = config.Bridge.DefaultIP
}
// Initialize default network on "bridge" with the same name
_, err := controller.NewNetwork("bridge", "bridge",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
netlabel.EnableIPv6: config.Bridge.EnableIPv6,
}))
if err != nil {
return fmt.Errorf("Error creating default \"bridge\" network: %v", err)
}
return nil
}
func (daemon *Daemon) initNetworkController(config *Config, activeSandboxes map[string]interface{}) (libnetwork.NetworkController, error) {
netOptions, err := daemon.networkOptions(config, nil, nil)
if err != nil {
return nil, err
}
controller, err := libnetwork.New(netOptions...)
if err != nil {
return nil, fmt.Errorf("error obtaining controller instance: %v", err)
}
hnsresponse, err := hcsshim.HNSListNetworkRequest("GET", "", "")
if err != nil {
return nil, err
}
// Remove networks not present in HNS
for _, v := range controller.Networks() {
options := v.Info().DriverOptions()
hnsid := options[winlibnetwork.HNSID]
found := false
for _, v := range hnsresponse {
if v.Id == hnsid {
found = true
break
}
}
if !found {
// global networks should not be deleted by local HNS
if v.Info().Scope() != datastore.GlobalScope {
err = v.Delete()
if err != nil {
logrus.Errorf("Error occurred when removing network %v", err)
}
}
}
}
_, err = controller.NewNetwork("null", "none", "", libnetwork.NetworkOptionPersist(false))
if err != nil {
return nil, err
}
defaultNetworkExists := false
if network, err := controller.NetworkByName(runconfig.DefaultDaemonNetworkMode().NetworkName()); err == nil {
options := network.Info().DriverOptions()
for _, v := range hnsresponse {
if options[winlibnetwork.HNSID] == v.Id {
defaultNetworkExists = true
break
}
}
}
// discover and add HNS networks to windows
// network that exist are removed and added again
for _, v := range hnsresponse {
var n libnetwork.Network
s := func(current libnetwork.Network) bool {
options := current.Info().DriverOptions()
if options[winlibnetwork.HNSID] == v.Id {
n = current
return true
}
return false
}
controller.WalkNetworks(s)
if n != nil {
// global networks should not be deleted by local HNS
if n.Info().Scope() == datastore.GlobalScope {
continue
}
v.Name = n.Name()
// This will not cause network delete from HNS as the network
// is not yet populated in the libnetwork windows driver
n.Delete()
}
netOption := map[string]string{
winlibnetwork.NetworkName: v.Name,
winlibnetwork.HNSID: v.Id,
}
v4Conf := []*libnetwork.IpamConf{}
for _, subnet := range v.Subnets {
ipamV4Conf := libnetwork.IpamConf{}
ipamV4Conf.PreferredPool = subnet.AddressPrefix
ipamV4Conf.Gateway = subnet.GatewayAddress
v4Conf = append(v4Conf, &ipamV4Conf)
}
name := v.Name
// If there is no nat network create one from the first NAT network
// encountered
if !defaultNetworkExists && runconfig.DefaultDaemonNetworkMode() == containertypes.NetworkMode(strings.ToLower(v.Type)) {
name = runconfig.DefaultDaemonNetworkMode().NetworkName()
defaultNetworkExists = true
}
v6Conf := []*libnetwork.IpamConf{}
_, err := controller.NewNetwork(strings.ToLower(v.Type), name, "",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
}),
libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
)
if err != nil {
logrus.Errorf("Error occurred when creating network %v", err)
}
}
if !config.DisableBridge {
// Initialize default driver "bridge"
if err := initBridgeDriver(controller, config); err != nil {
return nil, err
}
}
return controller, nil
}
func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
if n, err := controller.NetworkByName("bridge"); err == nil {
if err = n.Delete(); err != nil {
return fmt.Errorf("could not delete the default bridge network: %v", err)
}
}
bridgeName := bridge.DefaultBridgeName
if config.Bridge.Iface != "" {
bridgeName = config.Bridge.Iface
}
netOption := map[string]string{
bridge.BridgeName: bridgeName,
bridge.DefaultBridge: strconv.FormatBool(true),
netlabel.DriverMTU: strconv.Itoa(config.Mtu),
bridge.EnableIPMasquerade: strconv.FormatBool(config.Bridge.EnableIPMasq),
bridge.EnableICC: strconv.FormatBool(config.Bridge.InterContainerCommunication),
}
// --ip processing
if config.Bridge.DefaultIP != nil {
netOption[bridge.DefaultBindingIP] = config.Bridge.DefaultIP.String()
}
ipamV4Conf := libnetwork.IpamConf{}
ipamV4Conf.AuxAddresses = make(map[string]string)
if nw, _, err := ipamutils.ElectInterfaceAddresses(bridgeName); err == nil {
ipamV4Conf.PreferredPool = nw.String()
hip, _ := types.GetHostPartIP(nw.IP, nw.Mask)
if hip.IsGlobalUnicast() {
ipamV4Conf.Gateway = nw.IP.String()
}
}
if config.Bridge.IP != "" {
ipamV4Conf.PreferredPool = config.Bridge.IP
ip, _, err := net.ParseCIDR(config.Bridge.IP)
if err != nil {
return err
}
ipamV4Conf.Gateway = ip.String()
} else if bridgeName == bridge.DefaultBridgeName && ipamV4Conf.PreferredPool != "" {
logrus.Infof("Default bridge (%s) is assigned with an IP address %s. Daemon option --bip can be used to set a preferred IP address", bridgeName, ipamV4Conf.PreferredPool)
}
if config.Bridge.FixedCIDR != "" {
_, fCIDR, err := net.ParseCIDR(config.Bridge.FixedCIDR)
if err != nil {
return err
}
ipamV4Conf.SubPool = fCIDR.String()
}
if config.Bridge.DefaultGatewayIPv4 != nil {
ipamV4Conf.AuxAddresses["DefaultGatewayIPv4"] = config.Bridge.DefaultGatewayIPv4.String()
}
var (
ipamV6Conf *libnetwork.IpamConf
deferIPv6Alloc bool
)
if config.Bridge.FixedCIDRv6 != "" {
_, fCIDRv6, err := net.ParseCIDR(config.Bridge.FixedCIDRv6)
if err != nil {
return err
}
// In case user has specified the daemon flag --fixed-cidr-v6 and the passed network has
// at least 48 host bits, we need to guarantee the current behavior where the containers'
// IPv6 addresses will be constructed based on the containers' interface MAC address.
// We do so by telling libnetwork to defer the IPv6 address allocation for the endpoints
// on this network until after the driver has created the endpoint and returned the
// constructed address. Libnetwork will then reserve this address with the ipam driver.
ones, _ := fCIDRv6.Mask.Size()
deferIPv6Alloc = ones <= 80
if ipamV6Conf == nil {
ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
}
ipamV6Conf.PreferredPool = fCIDRv6.String()
}
if config.Bridge.DefaultGatewayIPv6 != nil {
if ipamV6Conf == nil {
ipamV6Conf = &libnetwork.IpamConf{AuxAddresses: make(map[string]string)}
}
ipamV6Conf.AuxAddresses["DefaultGatewayIPv6"] = config.Bridge.DefaultGatewayIPv6.String()
}
v4Conf := []*libnetwork.IpamConf{&ipamV4Conf}
v6Conf := []*libnetwork.IpamConf{}
if ipamV6Conf != nil {
v6Conf = append(v6Conf, ipamV6Conf)
}
// Initialize default network on "bridge" with the same name
_, err := controller.NewNetwork("bridge", "bridge",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
netlabel.EnableIPv6: config.Bridge.EnableIPv6,
}),
libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
libnetwork.NetworkOptionDeferIPv6Alloc(deferIPv6Alloc))
if err != nil {
return fmt.Errorf("Error creating default \"bridge\" network: %v", err)
}
return nil
}
func initNetworkController(config *Config) (libnetwork.NetworkController, error) {
controller, err := libnetwork.New()
if err != nil {
return nil, fmt.Errorf("error obtaining controller instance: %v", err)
}
// Initialize default driver "null"
if err := controller.ConfigureNetworkDriver("null", options.Generic{}); err != nil {
return nil, fmt.Errorf("Error initializing null driver: %v", err)
}
// Initialize default network on "null"
if _, err := controller.NewNetwork("null", "none"); err != nil {
return nil, fmt.Errorf("Error creating default \"null\" network: %v", err)
}
// Initialize default driver "host"
if err := controller.ConfigureNetworkDriver("host", options.Generic{}); err != nil {
return nil, fmt.Errorf("Error initializing host driver: %v", err)
}
// Initialize default network on "host"
if _, err := controller.NewNetwork("host", "host"); err != nil {
return nil, fmt.Errorf("Error creating default \"host\" network: %v", err)
}
// Initialize default driver "bridge"
option := options.Generic{
"EnableIPForwarding": config.Bridge.EnableIPForward}
if err := controller.ConfigureNetworkDriver("bridge", options.Generic{netlabel.GenericData: option}); err != nil {
return nil, fmt.Errorf("Error initializing bridge driver: %v", err)
}
netOption := options.Generic{
"BridgeName": config.Bridge.Iface,
"Mtu": config.Mtu,
"EnableIPTables": config.Bridge.EnableIPTables,
"EnableIPMasquerade": config.Bridge.EnableIPMasq,
"EnableICC": config.Bridge.InterContainerCommunication,
"EnableUserlandProxy": config.Bridge.EnableUserlandProxy,
}
if config.Bridge.IP != "" {
ip, bipNet, err := net.ParseCIDR(config.Bridge.IP)
if err != nil {
return nil, err
}
bipNet.IP = ip
netOption["AddressIPv4"] = bipNet
}
if config.Bridge.FixedCIDR != "" {
_, fCIDR, err := net.ParseCIDR(config.Bridge.FixedCIDR)
if err != nil {
return nil, err
}
netOption["FixedCIDR"] = fCIDR
}
if config.Bridge.FixedCIDRv6 != "" {
_, fCIDRv6, err := net.ParseCIDR(config.Bridge.FixedCIDRv6)
if err != nil {
return nil, err
}
netOption["FixedCIDRv6"] = fCIDRv6
}
// --ip processing
if config.Bridge.DefaultIP != nil {
netOption["DefaultBindingIP"] = config.Bridge.DefaultIP
}
// Initialize default network on "bridge" with the same name
_, err = controller.NewNetwork("bridge", "bridge",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
netlabel.EnableIPv6: config.Bridge.EnableIPv6,
}))
if err != nil {
return nil, fmt.Errorf("Error creating default \"bridge\" network: %v", err)
}
return controller, nil
}
func (daemon *Daemon) initNetworkController(config *Config) (libnetwork.NetworkController, error) {
netOptions, err := daemon.networkOptions(config)
if err != nil {
return nil, err
}
controller, err := libnetwork.New(netOptions...)
if err != nil {
return nil, fmt.Errorf("error obtaining controller instance: %v", err)
}
hnsresponse, err := hcsshim.HNSListNetworkRequest("GET", "", "")
if err != nil {
return nil, err
}
// Remove networks not present in HNS
for _, v := range controller.Networks() {
options := v.Info().DriverOptions()
hnsid := options[winlibnetwork.HNSID]
found := false
for _, v := range hnsresponse {
if v.Id == hnsid {
found = true
break
}
}
if !found {
err = v.Delete()
if err != nil {
return nil, err
}
}
}
_, err = controller.NewNetwork("null", "none", libnetwork.NetworkOptionPersist(false))
if err != nil {
return nil, err
}
// discover and add HNS networks to windows
// network that exist are removed and added again
for _, v := range hnsresponse {
var n libnetwork.Network
s := func(current libnetwork.Network) bool {
options := current.Info().DriverOptions()
if options[winlibnetwork.HNSID] == v.Id {
n = current
return true
}
return false
}
controller.WalkNetworks(s)
if n != nil {
v.Name = n.Name()
n.Delete()
}
netOption := map[string]string{
winlibnetwork.NetworkName: v.Name,
winlibnetwork.HNSID: v.Id,
}
v4Conf := []*libnetwork.IpamConf{}
for _, subnet := range v.Subnets {
ipamV4Conf := libnetwork.IpamConf{}
ipamV4Conf.PreferredPool = subnet.AddressPrefix
ipamV4Conf.Gateway = subnet.GatewayAddress
v4Conf = append(v4Conf, &ipamV4Conf)
}
name := v.Name
// There is only one nat network supported in windows.
// If it exists with a different name add it as the default name
if runconfig.DefaultDaemonNetworkMode() == containertypes.NetworkMode(strings.ToLower(v.Type)) {
name = runconfig.DefaultDaemonNetworkMode().NetworkName()
}
v6Conf := []*libnetwork.IpamConf{}
_, err := controller.NewNetwork(strings.ToLower(v.Type), name,
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
}),
libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil),
)
if err != nil {
logrus.Errorf("Error occurred when creating network %v", err)
}
}
if !config.DisableBridge {
// Initialize default driver "bridge"
if err := initBridgeDriver(controller, config); err != nil {
return nil, err
}
}
return controller, nil
}
func initBridgeDriver(controller libnetwork.NetworkController, config *Config) error {
if n, err := controller.NetworkByName("bridge"); err == nil {
if err = n.Delete(); err != nil {
return fmt.Errorf("could not delete the default bridge network: %v", err)
}
}
bridgeName := bridge.DefaultBridgeName
if config.Bridge.Iface != "" {
bridgeName = config.Bridge.Iface
}
netOption := map[string]string{
bridge.BridgeName: bridgeName,
bridge.DefaultBridge: strconv.FormatBool(true),
netlabel.DriverMTU: strconv.Itoa(config.Mtu),
bridge.EnableIPMasquerade: strconv.FormatBool(config.Bridge.EnableIPMasq),
bridge.EnableICC: strconv.FormatBool(config.Bridge.InterContainerCommunication),
}
// --ip processing
if config.Bridge.DefaultIP != nil {
netOption[bridge.DefaultBindingIP] = config.Bridge.DefaultIP.String()
}
ipamV4Conf := libnetwork.IpamConf{}
ipamV4Conf.AuxAddresses = make(map[string]string)
if nw, _, err := ipamutils.ElectInterfaceAddresses(bridgeName); err == nil {
ipamV4Conf.PreferredPool = nw.String()
hip, _ := types.GetHostPartIP(nw.IP, nw.Mask)
if hip.IsGlobalUnicast() {
ipamV4Conf.Gateway = nw.IP.String()
}
}
if config.Bridge.IP != "" {
ipamV4Conf.PreferredPool = config.Bridge.IP
ip, _, err := net.ParseCIDR(config.Bridge.IP)
if err != nil {
return err
}
ipamV4Conf.Gateway = ip.String()
}
if config.Bridge.FixedCIDR != "" {
_, fCIDR, err := net.ParseCIDR(config.Bridge.FixedCIDR)
if err != nil {
return err
}
ipamV4Conf.SubPool = fCIDR.String()
}
if config.Bridge.DefaultGatewayIPv4 != nil {
ipamV4Conf.AuxAddresses["DefaultGatewayIPv4"] = config.Bridge.DefaultGatewayIPv4.String()
}
var ipamV6Conf *libnetwork.IpamConf
if config.Bridge.FixedCIDRv6 != "" {
_, fCIDRv6, err := net.ParseCIDR(config.Bridge.FixedCIDRv6)
if err != nil {
return err
}
if ipamV6Conf == nil {
ipamV6Conf = &libnetwork.IpamConf{}
}
ipamV6Conf.PreferredPool = fCIDRv6.String()
}
if config.Bridge.DefaultGatewayIPv6 != nil {
if ipamV6Conf == nil {
ipamV6Conf = &libnetwork.IpamConf{}
}
ipamV6Conf.AuxAddresses["DefaultGatewayIPv6"] = config.Bridge.DefaultGatewayIPv6.String()
}
v4Conf := []*libnetwork.IpamConf{&ipamV4Conf}
v6Conf := []*libnetwork.IpamConf{}
if ipamV6Conf != nil {
v6Conf = append(v6Conf, ipamV6Conf)
}
// Initialize default network on "bridge" with the same name
_, err := controller.NewNetwork("bridge", "bridge",
libnetwork.NetworkOptionGeneric(options.Generic{
netlabel.GenericData: netOption,
netlabel.EnableIPv6: config.Bridge.EnableIPv6,
}),
libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf))
if err != nil {
return fmt.Errorf("Error creating default \"bridge\" network: %v", err)
}
return nil
}
func TestEndpointJoin(t *testing.T) {
if !testutils.IsRunningInContainer() {
defer testutils.SetupTestOSContext(t)()
}
// Create network 1 and add 2 endpoint: ep11, ep12
netOption := options.Generic{
netlabel.GenericData: options.Generic{
"BridgeName": "testnetwork1",
"EnableICC": true,
"EnableIPMasquerade": true,
},
}
ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "fe90::/64", Gateway: "fe90::22"}}
n1, err := controller.NewNetwork(bridgeNetType, "testnetwork1", "",
libnetwork.NetworkOptionGeneric(netOption),
libnetwork.NetworkOptionEnableIPv6(true),
libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", nil, ipamV6ConfList, nil),
libnetwork.NetworkOptionDeferIPv6Alloc(true))
if err != nil {
t.Fatal(err)
}
defer func() {
if err := n1.Delete(); err != nil {
t.Fatal(err)
}
}()
ep1, err := n1.CreateEndpoint("ep1")
if err != nil {
t.Fatal(err)
}
defer func() {
if err := ep1.Delete(false); err != nil {
t.Fatal(err)
}
}()
// Validate if ep.Info() only gives me IP address info and not names and gateway during CreateEndpoint()
info := ep1.Info()
iface := info.Iface()
if iface.Address() != nil && iface.Address().IP.To4() == nil {
t.Fatalf("Invalid IP address returned: %v", iface.Address())
}
if iface.AddressIPv6() != nil && iface.AddressIPv6().IP == nil {
t.Fatalf("Invalid IPv6 address returned: %v", iface.Address())
}
if len(info.Gateway()) != 0 {
t.Fatalf("Expected empty gateway for an empty endpoint. Instead found a gateway: %v", info.Gateway())
}
if len(info.GatewayIPv6()) != 0 {
t.Fatalf("Expected empty gateway for an empty ipv6 endpoint. Instead found a gateway: %v", info.GatewayIPv6())
}
if info.Sandbox() != nil {
t.Fatalf("Expected an empty sandbox key for an empty endpoint. Instead found a non-empty sandbox key: %s", info.Sandbox().Key())
}
// test invalid joins
err = ep1.Join(nil)
if err == nil {
t.Fatalf("Expected to fail join with nil Sandbox")
}
if _, ok := err.(types.BadRequestError); !ok {
t.Fatalf("Unexpected error type returned: %T", err)
}
fsbx := &fakeSandbox{}
if err = ep1.Join(fsbx); err == nil {
t.Fatalf("Expected to fail join with invalid Sandbox")
}
if _, ok := err.(types.BadRequestError); !ok {
t.Fatalf("Unexpected error type returned: %T", err)
}
sb, err := controller.NewSandbox(containerID,
libnetwork.OptionHostname("test"),
libnetwork.OptionDomainname("docker.io"),
libnetwork.OptionExtraHost("web", "192.168.0.1"))
if err != nil {
t.Fatal(err)
}
defer func() {
if err := sb.Delete(); err != nil {
t.Fatal(err)
}
}()
err = ep1.Join(sb)
if err != nil {
t.Fatal(err)
}
defer func() {
err = ep1.Leave(sb)
if err != nil {
t.Fatal(err)
}
}()
// Validate if ep.Info() only gives valid gateway and sandbox key after has container has joined.
info = ep1.Info()
if len(info.Gateway()) == 0 {
t.Fatalf("Expected a valid gateway for a joined endpoint. Instead found an invalid gateway: %v", info.Gateway())
}
if len(info.GatewayIPv6()) == 0 {
t.Fatalf("Expected a valid ipv6 gateway for a joined endpoint. Instead found an invalid gateway: %v", info.GatewayIPv6())
}
if info.Sandbox() == nil {
t.Fatalf("Expected an non-empty sandbox key for a joined endpoint. Instead found a empty sandbox key")
}
// Check endpoint provided container information
if ep1.Info().Sandbox().Key() != sb.Key() {
t.Fatalf("Endpoint Info returned unexpected sandbox key: %s", sb.Key())
}
// Attempt retrieval of endpoint interfaces statistics
stats, err := sb.Statistics()
if err != nil {
t.Fatal(err)
}
if _, ok := stats["eth0"]; !ok {
t.Fatalf("Did not find eth0 statistics")
}
// Now test the container joining another network
n2, err := createTestNetwork(bridgeNetType, "testnetwork2",
options.Generic{
netlabel.GenericData: options.Generic{
"BridgeName": "testnetwork2",
},
}, nil, nil)
if err != nil {
t.Fatal(err)
}
defer func() {
if err := n2.Delete(); err != nil {
t.Fatal(err)
}
}()
ep2, err := n2.CreateEndpoint("ep2")
if err != nil {
t.Fatal(err)
}
defer func() {
if err := ep2.Delete(false); err != nil {
t.Fatal(err)
}
}()
err = ep2.Join(sb)
if err != nil {
t.Fatal(err)
}
defer func() {
err = ep2.Leave(sb)
if err != nil {
t.Fatal(err)
}
}()
if ep1.Info().Sandbox().Key() != ep2.Info().Sandbox().Key() {
t.Fatalf("ep1 and ep2 returned different container sandbox key")
}
checkSandbox(t, info)
}
func createTestNetwork(networkType, networkName string, netOption options.Generic, ipamV4Configs, ipamV6Configs []*libnetwork.IpamConf) (libnetwork.Network, error) {
return controller.NewNetwork(networkType, networkName,
libnetwork.NetworkOptionGeneric(netOption),
libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", ipamV4Configs, ipamV6Configs))
}