Browse code
Implement init veth creation Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
Michael Crosby authored on 2014/02/20 08:33:44Showing 6 changed files
- pkg/libcontainer/container.go
- pkg/libcontainer/container.json
- pkg/libcontainer/network/veth.go
- pkg/libcontainer/nsinit/exec.go
- pkg/libcontainer/nsinit/init.go
- pkg/libcontainer/ubuntu.json
| ... | ... |
@@ -18,9 +18,8 @@ type Command struct {
|
| 18 | 18 |
} |
| 19 | 19 |
|
| 20 | 20 |
type Network struct {
|
| 21 |
- IP string `json:"ip,omitempty"` |
|
| 22 |
- Gateway string `json:"gateway,omitempty"` |
|
| 23 |
- Bridge string `json:"bridge,omitempty"` |
|
| 24 |
- Mtu int `json:"mtu,omitempty"` |
|
| 25 |
- TempVethName string `json:"temp_veth,omitempty"` |
|
| 21 |
+ IP string `json:"ip,omitempty"` |
|
| 22 |
+ Gateway string `json:"gateway,omitempty"` |
|
| 23 |
+ Bridge string `json:"bridge,omitempty"` |
|
| 24 |
+ Mtu int `json:"mtu,omitempty"` |
|
| 26 | 25 |
} |
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
{
|
| 2 | 2 |
"id": "koye", |
| 3 |
- "namespace_pid": 3117, |
|
| 3 |
+ "log_file": "/root/logs", |
|
| 4 | 4 |
"command": {
|
| 5 | 5 |
"args": [ |
| 6 | 6 |
"/bin/bash" |
| ... | ... |
@@ -12,12 +12,12 @@ |
| 12 | 12 |
"TERM=xterm" |
| 13 | 13 |
] |
| 14 | 14 |
}, |
| 15 |
- "rootfs": "/var/lib/docker/containers/ee76122136d691d63e09d24168a91ddb2ef9fdcf210b4de5c50aa76354892f4b/root", |
|
| 16 | 15 |
"namespaces": [ |
| 17 | 16 |
"NEWIPC", |
| 18 | 17 |
"NEWNS", |
| 19 | 18 |
"NEWPID", |
| 20 |
- "NEWUTS" |
|
| 19 |
+ "NEWUTS", |
|
| 20 |
+ "NEWNET" |
|
| 21 | 21 |
], |
| 22 | 22 |
"capabilities": [ |
| 23 | 23 |
"SETPCAP", |
| ... | ... |
@@ -34,5 +34,11 @@ |
| 34 | 34 |
"AUDIT_CONTROL", |
| 35 | 35 |
"MAC_OVERRIDE", |
| 36 | 36 |
"MAC_ADMIN" |
| 37 |
- ] |
|
| 37 |
+ ], |
|
| 38 |
+ "network": {
|
|
| 39 |
+ "ip": "172.17.0.100/16", |
|
| 40 |
+ "gateway": "172.17.42.1", |
|
| 41 |
+ "bridge": "docker0", |
|
| 42 |
+ "mtu": 1500 |
|
| 43 |
+ } |
|
| 38 | 44 |
} |
| ... | ... |
@@ -3,18 +3,16 @@ package network |
| 3 | 3 |
import ( |
| 4 | 4 |
"fmt" |
| 5 | 5 |
"github.com/dotcloud/docker/pkg/libcontainer" |
| 6 |
- "os" |
|
| 7 |
- "syscall" |
|
| 8 | 6 |
) |
| 9 | 7 |
|
| 10 | 8 |
// SetupVeth sets up an existing network namespace with the specified |
| 11 | 9 |
// network configuration. |
| 12 |
-func SetupVeth(config *libcontainer.Network) error {
|
|
| 13 |
- if err := InterfaceDown(config.TempVethName); err != nil {
|
|
| 14 |
- return fmt.Errorf("interface down %s %s", config.TempVethName, err)
|
|
| 10 |
+func SetupVeth(config *libcontainer.Network, tempVethName string) error {
|
|
| 11 |
+ if err := InterfaceDown(tempVethName); err != nil {
|
|
| 12 |
+ return fmt.Errorf("interface down %s %s", tempVethName, err)
|
|
| 15 | 13 |
} |
| 16 |
- if err := ChangeInterfaceName(config.TempVethName, "eth0"); err != nil {
|
|
| 17 |
- return fmt.Errorf("change %s to eth0 %s", config.TempVethName, err)
|
|
| 14 |
+ if err := ChangeInterfaceName(tempVethName, "eth0"); err != nil {
|
|
| 15 |
+ return fmt.Errorf("change %s to eth0 %s", tempVethName, err)
|
|
| 18 | 16 |
} |
| 19 | 17 |
if err := SetInterfaceIp("eth0", config.IP); err != nil {
|
| 20 | 18 |
return fmt.Errorf("set eth0 ip %s", err)
|
| ... | ... |
@@ -41,29 +39,3 @@ func SetupVeth(config *libcontainer.Network) error {
|
| 41 | 41 |
} |
| 42 | 42 |
return nil |
| 43 | 43 |
} |
| 44 |
- |
|
| 45 |
-// SetupNamespaceMountDir prepares a new root for use as a mount |
|
| 46 |
-// source for bind mounting namespace fd to an outside path |
|
| 47 |
-func SetupNamespaceMountDir(root string) error {
|
|
| 48 |
- if err := os.MkdirAll(root, 0666); err != nil {
|
|
| 49 |
- return err |
|
| 50 |
- } |
|
| 51 |
- // make sure mounts are not unmounted by other mnt namespaces |
|
| 52 |
- if err := syscall.Mount("", root, "none", syscall.MS_SHARED|syscall.MS_REC, ""); err != nil && err != syscall.EINVAL {
|
|
| 53 |
- return err |
|
| 54 |
- } |
|
| 55 |
- if err := syscall.Mount(root, root, "none", syscall.MS_BIND, ""); err != nil {
|
|
| 56 |
- return err |
|
| 57 |
- } |
|
| 58 |
- return nil |
|
| 59 |
-} |
|
| 60 |
- |
|
| 61 |
-// DeleteNetworkNamespace unmounts the binding path and removes the |
|
| 62 |
-// file so that no references to the fd are present and the network |
|
| 63 |
-// namespace is automatically cleaned up |
|
| 64 |
-func DeleteNetworkNamespace(bindingPath string) error {
|
|
| 65 |
- if err := syscall.Unmount(bindingPath, 0); err != nil {
|
|
| 66 |
- return err |
|
| 67 |
- } |
|
| 68 |
- return os.Remove(bindingPath) |
|
| 69 |
-} |
| ... | ... |
@@ -1,7 +1,9 @@ |
| 1 | 1 |
package main |
| 2 | 2 |
|
| 3 | 3 |
import ( |
| 4 |
+ "fmt" |
|
| 4 | 5 |
"github.com/dotcloud/docker/pkg/libcontainer" |
| 6 |
+ "github.com/dotcloud/docker/pkg/libcontainer/network" |
|
| 5 | 7 |
"github.com/dotcloud/docker/pkg/system" |
| 6 | 8 |
"github.com/dotcloud/docker/pkg/term" |
| 7 | 9 |
"io" |
| ... | ... |
@@ -25,11 +27,34 @@ func execCommand(container *libcontainer.Container) (pid int, err error) {
|
| 25 | 25 |
Cloneflags: flag, |
| 26 | 26 |
} |
| 27 | 27 |
|
| 28 |
+ inPipe, err := command.StdinPipe() |
|
| 29 |
+ if err != nil {
|
|
| 30 |
+ return -1, err |
|
| 31 |
+ } |
|
| 32 |
+ |
|
| 28 | 33 |
if err := command.Start(); err != nil {
|
| 29 | 34 |
return -1, err |
| 30 | 35 |
} |
| 31 | 36 |
pid = command.Process.Pid |
| 32 | 37 |
|
| 38 |
+ if container.Network != nil {
|
|
| 39 |
+ name1, name2, err := createVethPair() |
|
| 40 |
+ if err != nil {
|
|
| 41 |
+ log.Fatal(err) |
|
| 42 |
+ } |
|
| 43 |
+ if err := network.SetInterfaceMaster(name1, container.Network.Bridge); err != nil {
|
|
| 44 |
+ log.Fatal(err) |
|
| 45 |
+ } |
|
| 46 |
+ if err := network.InterfaceUp(name1); err != nil {
|
|
| 47 |
+ log.Fatal(err) |
|
| 48 |
+ } |
|
| 49 |
+ if err := network.SetInterfaceInNamespacePid(name2, pid); err != nil {
|
|
| 50 |
+ log.Fatal(err) |
|
| 51 |
+ } |
|
| 52 |
+ fmt.Fprint(inPipe, name2) |
|
| 53 |
+ inPipe.Close() |
|
| 54 |
+ } |
|
| 55 |
+ |
|
| 33 | 56 |
go func() {
|
| 34 | 57 |
if _, err := io.Copy(os.Stdout, master); err != nil {
|
| 35 | 58 |
log.Println(err) |
| ... | ... |
@@ -78,3 +103,11 @@ func createMasterAndConsole() (*os.File, string, error) {
|
| 78 | 78 |
} |
| 79 | 79 |
return master, console, nil |
| 80 | 80 |
} |
| 81 |
+ |
|
| 82 |
+func createVethPair() (name1 string, name2 string, err error) {
|
|
| 83 |
+ name1, name2 = "veth001", "veth002" |
|
| 84 |
+ if err = network.CreateVethPair(name1, name2); err != nil {
|
|
| 85 |
+ return |
|
| 86 |
+ } |
|
| 87 |
+ return |
|
| 88 |
+} |
| ... | ... |
@@ -5,7 +5,9 @@ import ( |
| 5 | 5 |
"fmt" |
| 6 | 6 |
"github.com/dotcloud/docker/pkg/libcontainer" |
| 7 | 7 |
"github.com/dotcloud/docker/pkg/libcontainer/capabilities" |
| 8 |
+ "github.com/dotcloud/docker/pkg/libcontainer/network" |
|
| 8 | 9 |
"github.com/dotcloud/docker/pkg/system" |
| 10 |
+ "io/ioutil" |
|
| 9 | 11 |
"log" |
| 10 | 12 |
"os" |
| 11 | 13 |
"path/filepath" |
| ... | ... |
@@ -50,6 +52,12 @@ func main() {
|
| 50 | 50 |
log.Fatal(err) |
| 51 | 51 |
} |
| 52 | 52 |
|
| 53 |
+ data, err := ioutil.ReadAll(os.Stdin) |
|
| 54 |
+ if err != nil {
|
|
| 55 |
+ log.Fatalf("error reading from stdin %s", err)
|
|
| 56 |
+ } |
|
| 57 |
+ tempVethName := string(data) |
|
| 58 |
+ |
|
| 53 | 59 |
// close pipes so that we can replace it with the pty |
| 54 | 60 |
os.Stdin.Close() |
| 55 | 61 |
os.Stdout.Close() |
| ... | ... |
@@ -81,7 +89,7 @@ func main() {
|
| 81 | 81 |
} |
| 82 | 82 |
|
| 83 | 83 |
if container.Network != nil {
|
| 84 |
- if err := setupNetworking(container); err != nil {
|
|
| 84 |
+ if err := setupNetworking(container, tempVethName); err != nil {
|
|
| 85 | 85 |
log.Fatalf("setup networking %s", err)
|
| 86 | 86 |
} |
| 87 | 87 |
} |
| ... | ... |
@@ -166,6 +174,6 @@ func setLogFile(container *libcontainer.Container) error {
|
| 166 | 166 |
return nil |
| 167 | 167 |
} |
| 168 | 168 |
|
| 169 |
-func setupNetworking(conatiner *libcontainer.Container) error {
|
|
| 170 |
- return nil |
|
| 169 |
+func setupNetworking(container *libcontainer.Container, tempVethName string) error {
|
|
| 170 |
+ return network.SetupVeth(container.Network, tempVethName) |
|
| 171 | 171 |
} |
| 172 | 172 |
deleted file mode 100644 |
| ... | ... |
@@ -1,22 +0,0 @@ |
| 1 |
-{
|
|
| 2 |
- "id": "koye", |
|
| 3 |
- "namespace_pid": 3745, |
|
| 4 |
- "command": {
|
|
| 5 |
- "args": [ |
|
| 6 |
- "/sbin/init" |
|
| 7 |
- ], |
|
| 8 |
- "environment": [ |
|
| 9 |
- "HOME=/", |
|
| 10 |
- "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin", |
|
| 11 |
- "container=docker", |
|
| 12 |
- "TERM=xterm" |
|
| 13 |
- ] |
|
| 14 |
- }, |
|
| 15 |
- "rootfs": "/var/lib/docker/btrfs/subvolumes/7c0f15df1ad2e2fe04d7a6e079aec17406e9465a6a37dd16cb0dd754fc0167b3", |
|
| 16 |
- "namespaces": [ |
|
| 17 |
- "NEWIPC", |
|
| 18 |
- "NEWNS", |
|
| 19 |
- "NEWPID", |
|
| 20 |
- "NEWUTS" |
|
| 21 |
- ] |
|
| 22 |
-} |