Browse code
vendor libnetwork to 153d0769a1181bf591a9637fd487a541ec7db1e6
Signed-off-by: Tibor Vass <tibor@docker.com>
Tibor Vass authored on 2020/06/01 08:42:53Showing 4 changed files
- hack/dockerfile/install/proxy.installer
- vendor.conf
- vendor/github.com/docker/libnetwork/drivers/bridge/bridge.go
- vendor/github.com/docker/libnetwork/drivers/bridge/setup_device.go
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
# LIBNETWORK_COMMIT is used to build the docker-userland-proxy binary. When |
| 4 | 4 |
# updating the binary version, consider updating github.com/docker/libnetwork |
| 5 | 5 |
# in vendor.conf accordingly |
| 6 |
-: ${LIBNETWORK_COMMIT:=71d4d82a5ce50453b1121d95544f0a2ae95bef9b} # bump_19.03 branch
|
|
| 6 |
+: ${LIBNETWORK_COMMIT:=153d0769a1181bf591a9637fd487a541ec7db1e6} # bump_19.03 branch
|
|
| 7 | 7 |
|
| 8 | 8 |
install_proxy() {
|
| 9 | 9 |
case "$1" in |
| ... | ... |
@@ -38,7 +38,7 @@ github.com/gofrs/flock 7f43ea2e6a643ad441fc12d0ecc0 |
| 38 | 38 |
# libnetwork |
| 39 | 39 |
|
| 40 | 40 |
# When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly |
| 41 |
-github.com/docker/libnetwork 71d4d82a5ce50453b1121d95544f0a2ae95bef9b # bump_19.03 branch |
|
| 41 |
+github.com/docker/libnetwork 153d0769a1181bf591a9637fd487a541ec7db1e6 # bump_19.03 branch |
|
| 42 | 42 |
github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f |
| 43 | 43 |
github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80 |
| 44 | 44 |
github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec |
| ... | ... |
@@ -679,6 +679,12 @@ func (d *driver) createNetwork(config *networkConfiguration) (err error) {
|
| 679 | 679 |
bridgeAlreadyExists := bridgeIface.exists() |
| 680 | 680 |
if !bridgeAlreadyExists {
|
| 681 | 681 |
bridgeSetup.queueStep(setupDevice) |
| 682 |
+ bridgeSetup.queueStep(setupDefaultSysctl) |
|
| 683 |
+ } |
|
| 684 |
+ |
|
| 685 |
+ // For the default bridge, set expected sysctls |
|
| 686 |
+ if config.DefaultBridge {
|
|
| 687 |
+ bridgeSetup.queueStep(setupDefaultSysctl) |
|
| 682 | 688 |
} |
| 683 | 689 |
|
| 684 | 690 |
// Even if a bridge exists try to setup IPv4. |
| ... | ... |
@@ -2,6 +2,9 @@ package bridge |
| 2 | 2 |
|
| 3 | 3 |
import ( |
| 4 | 4 |
"fmt" |
| 5 |
+ "io/ioutil" |
|
| 6 |
+ "os" |
|
| 7 |
+ "path/filepath" |
|
| 5 | 8 |
|
| 6 | 9 |
"github.com/docker/docker/pkg/parsers/kernel" |
| 7 | 10 |
"github.com/docker/libnetwork/netutils" |
| ... | ... |
@@ -49,6 +52,22 @@ func setupDevice(config *networkConfiguration, i *bridgeInterface) error {
|
| 49 | 49 |
return err |
| 50 | 50 |
} |
| 51 | 51 |
|
| 52 |
+func setupDefaultSysctl(config *networkConfiguration, i *bridgeInterface) error {
|
|
| 53 |
+ // Disable IPv6 router advertisements originating on the bridge |
|
| 54 |
+ sysPath := filepath.Join("/proc/sys/net/ipv6/conf/", config.BridgeName, "accept_ra")
|
|
| 55 |
+ if _, err := os.Stat(sysPath); err != nil {
|
|
| 56 |
+ logrus. |
|
| 57 |
+ WithField("bridge", config.BridgeName).
|
|
| 58 |
+ WithField("syspath", sysPath).
|
|
| 59 |
+ Info("failed to read ipv6 net.ipv6.conf.<bridge>.accept_ra")
|
|
| 60 |
+ return nil |
|
| 61 |
+ } |
|
| 62 |
+ if err := ioutil.WriteFile(sysPath, []byte{'0', '\n'}, 0644); err != nil {
|
|
| 63 |
+ return fmt.Errorf("libnetwork: Unable to disable IPv6 router advertisement: %v", err)
|
|
| 64 |
+ } |
|
| 65 |
+ return nil |
|
| 66 |
+} |
|
| 67 |
+ |
|
| 52 | 68 |
// SetupDeviceUp ups the given bridge interface. |
| 53 | 69 |
func setupDeviceUp(config *networkConfiguration, i *bridgeInterface) error {
|
| 54 | 70 |
err := i.nlh.LinkSetUp(i.Link) |