Fixes #5749

libcontainer support for arbitrary route table entries Docker-DCO-1.1-Signed-off-by: William Thurston <me@williamthurston.com> (github: jhspaybar)
2014-05-17 07:06:29 +00:00 · 2014-05-17 07:06:29 +00:00 · 755e5047a7
commit 755e5047a7
parent 89b64d33ee
8 changed files with 165 additions and 31 deletions
--- a/libcontainer/nsinit/init.go
+++ b/libcontainer/nsinit/init.go
@ -18,6 +18,7 @@ import (
 	"github.com/dotcloud/docker/pkg/libcontainer/security/capabilities"
 	"github.com/dotcloud/docker/pkg/libcontainer/security/restrict"
 	"github.com/dotcloud/docker/pkg/libcontainer/utils"
+	"github.com/dotcloud/docker/pkg/netlink"
 	"github.com/dotcloud/docker/pkg/system"
 	"github.com/dotcloud/docker/pkg/user"
 )
@ -60,6 +61,9 @@ func Init(container *libcontainer.Container, uncleanRootfs, consolePath string,
 	if err := setupNetwork(container, context); err != nil {
 		return fmt.Errorf("setup networking %s", err)
 	}
+	if err := setupRoute(container); err != nil {
+		return fmt.Errorf("setup route %s", err)
+	}

 	label.Init()

@ -168,6 +172,15 @@ func setupNetwork(container *libcontainer.Container, context libcontainer.Contex
 	return nil
 }

+func setupRoute(container *libcontainer.Container) error {
+	for _, config := range container.Routes {
+		if err := netlink.AddRoute(config.Destination, config.Source, config.Gateway, config.InterfaceName); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 // FinalizeNamespace drops the caps, sets the correct user
 // and working dir, and closes any leaky file descriptors
 // before execing the command inside the namespace