Browse code
Add warning when net.ipv4.ip_forwarding = 0
Added warnings to api.go, container.go, commands.go, and runtime.go
Also updated APIInfo to return whether IPv4Forwarding is enabled
Colin Rice authored on 2013/08/04 07:06:58Showing 7 changed files
- api.go
- api_params.go
- commands.go
- container.go
- docs/sources/api/docker_remote_api_v1.4.rst
- runtime.go
- server.go
| ... | ... |
@@ -522,6 +522,11 @@ func postContainersCreate(srv *Server, version float64, w http.ResponseWriter, r |
| 522 | 522 |
out.Warnings = append(out.Warnings, "Your kernel does not support memory swap capabilities. Limitation discarded.") |
| 523 | 523 |
} |
| 524 | 524 |
|
| 525 |
+ if srv.runtime.capabilities.IPv4Forwarding {
|
|
| 526 |
+ log.Println("Warning: IPv4 forwarding is disabled.")
|
|
| 527 |
+ out.Warnings = append(out.Warnings, "IPv4 forwarding is disabled.") |
|
| 528 |
+ } |
|
| 529 |
+ |
|
| 525 | 530 |
b, err := json.Marshal(out) |
| 526 | 531 |
if err != nil {
|
| 527 | 532 |
return err |
| ... | ... |
@@ -24,6 +24,7 @@ type APIInfo struct {
|
| 24 | 24 |
NGoroutines int `json:",omitempty"` |
| 25 | 25 |
MemoryLimit bool `json:",omitempty"` |
| 26 | 26 |
SwapLimit bool `json:",omitempty"` |
| 27 |
+ IPv4Forwarding bool `json:",omitempty"` |
|
| 27 | 28 |
LXCVersion string `json:",omitempty"` |
| 28 | 29 |
NEventsListener int `json:",omitempty"` |
| 29 | 30 |
KernelVersion string `json:",omitempty"` |
| ... | ... |
@@ -510,6 +510,9 @@ func (cli *DockerCli) CmdInfo(args ...string) error {
|
| 510 | 510 |
if !out.SwapLimit {
|
| 511 | 511 |
fmt.Fprintf(cli.err, "WARNING: No swap limit support\n") |
| 512 | 512 |
} |
| 513 |
+ if !out.IPv4Forwarding {
|
|
| 514 |
+ fmt.Fprintf(cli.err, "WARNING: IPv4 forwarding is disabled.\n") |
|
| 515 |
+ } |
|
| 513 | 516 |
return nil |
| 514 | 517 |
} |
| 515 | 518 |
|
| ... | ... |
@@ -534,6 +534,10 @@ func (container *Container) Start(hostConfig *HostConfig) error {
|
| 534 | 534 |
container.Config.MemorySwap = -1 |
| 535 | 535 |
} |
| 536 | 536 |
|
| 537 |
+ if !container.runtime.capabilities.IPv4Forwarding {
|
|
| 538 |
+ log.Printf("WARNING: IPv4 forwarding is disabled. Networking will not work")
|
|
| 539 |
+ } |
|
| 540 |
+ |
|
| 537 | 541 |
// Create the requested bind mounts |
| 538 | 542 |
binds := make(map[string]BindMap) |
| 539 | 543 |
// Define illegal container destinations |
| ... | ... |
@@ -15,8 +15,9 @@ import ( |
| 15 | 15 |
) |
| 16 | 16 |
|
| 17 | 17 |
type Capabilities struct {
|
| 18 |
- MemoryLimit bool |
|
| 19 |
- SwapLimit bool |
|
| 18 |
+ MemoryLimit bool |
|
| 19 |
+ SwapLimit bool |
|
| 20 |
+ IPv4Forwarding bool |
|
| 20 | 21 |
} |
| 21 | 22 |
|
| 22 | 23 |
type Runtime struct {
|
| ... | ... |
@@ -240,6 +241,12 @@ func (runtime *Runtime) UpdateCapabilities(quiet bool) {
|
| 240 | 240 |
if !runtime.capabilities.SwapLimit && !quiet {
|
| 241 | 241 |
log.Printf("WARNING: Your kernel does not support cgroup swap limit.")
|
| 242 | 242 |
} |
| 243 |
+ |
|
| 244 |
+ content, err3 := ioutil.ReadFile("/proc/sys/net/ipv4/ip_forward")
|
|
| 245 |
+ runtime.capabilities.IPv4Forwarding = err3 == nil && len(content) > 0 && content[0] == '1' |
|
| 246 |
+ if !runtime.capabilities.IPv4Forwarding && !quiet {
|
|
| 247 |
+ log.Printf("WARNING: IPv4 forwarding is disabled.")
|
|
| 248 |
+ } |
|
| 243 | 249 |
} |
| 244 | 250 |
} |
| 245 | 251 |
|
| ... | ... |
@@ -269,6 +269,7 @@ func (srv *Server) DockerInfo() *APIInfo {
|
| 269 | 269 |
Images: imgcount, |
| 270 | 270 |
MemoryLimit: srv.runtime.capabilities.MemoryLimit, |
| 271 | 271 |
SwapLimit: srv.runtime.capabilities.SwapLimit, |
| 272 |
+ IPv4Forwarding: srv.runtime.capabilities.IPv4Forwarding, |
|
| 272 | 273 |
Debug: os.Getenv("DEBUG") != "",
|
| 273 | 274 |
NFd: utils.GetTotalUsedFds(), |
| 274 | 275 |
NGoroutines: runtime.NumGoroutine(), |