Implement init veth creation
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)
This commit is contained in:
Michael Crosby
parent
e25ebdd06c
commit
8430fbf11e
6 changed files with 63 additions and 67 deletions
|
|
@ -18,9 +18,8 @@ type Command struct {
|
|||
}
|
||||
|
||||
type Network struct {
|
||||
IP string `json:"ip,omitempty"`
|
||||
Gateway string `json:"gateway,omitempty"`
|
||||
Bridge string `json:"bridge,omitempty"`
|
||||
Mtu int `json:"mtu,omitempty"`
|
||||
TempVethName string `json:"temp_veth,omitempty"`
|
||||
IP string `json:"ip,omitempty"`
|
||||
Gateway string `json:"gateway,omitempty"`
|
||||
Bridge string `json:"bridge,omitempty"`
|
||||
Mtu int `json:"mtu,omitempty"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"id": "koye",
|
||||
"namespace_pid": 3117,
|
||||
"log_file": "/root/logs",
|
||||
"command": {
|
||||
"args": [
|
||||
"/bin/bash"
|
||||
|
|
@ -12,12 +12,12 @@
|
|||
"TERM=xterm"
|
||||
]
|
||||
},
|
||||
"rootfs": "/var/lib/docker/containers/ee76122136d691d63e09d24168a91ddb2ef9fdcf210b4de5c50aa76354892f4b/root",
|
||||
"namespaces": [
|
||||
"NEWIPC",
|
||||
"NEWNS",
|
||||
"NEWPID",
|
||||
"NEWUTS"
|
||||
"NEWUTS",
|
||||
"NEWNET"
|
||||
],
|
||||
"capabilities": [
|
||||
"SETPCAP",
|
||||
|
|
@ -34,5 +34,11 @@
|
|||
"AUDIT_CONTROL",
|
||||
"MAC_OVERRIDE",
|
||||
"MAC_ADMIN"
|
||||
]
|
||||
],
|
||||
"network": {
|
||||
"ip": "172.17.0.100/16",
|
||||
"gateway": "172.17.42.1",
|
||||
"bridge": "docker0",
|
||||
"mtu": 1500
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,18 +3,16 @@ package network
|
|||
import (
|
||||
"fmt"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer"
|
||||
"os"
|
||||
"syscall"
|
||||
)
|
||||
|
||||
// SetupVeth sets up an existing network namespace with the specified
|
||||
// network configuration.
|
||||
func SetupVeth(config *libcontainer.Network) error {
|
||||
if err := InterfaceDown(config.TempVethName); err != nil {
|
||||
return fmt.Errorf("interface down %s %s", config.TempVethName, err)
|
||||
func SetupVeth(config *libcontainer.Network, tempVethName string) error {
|
||||
if err := InterfaceDown(tempVethName); err != nil {
|
||||
return fmt.Errorf("interface down %s %s", tempVethName, err)
|
||||
}
|
||||
if err := ChangeInterfaceName(config.TempVethName, "eth0"); err != nil {
|
||||
return fmt.Errorf("change %s to eth0 %s", config.TempVethName, err)
|
||||
if err := ChangeInterfaceName(tempVethName, "eth0"); err != nil {
|
||||
return fmt.Errorf("change %s to eth0 %s", tempVethName, err)
|
||||
}
|
||||
if err := SetInterfaceIp("eth0", config.IP); err != nil {
|
||||
return fmt.Errorf("set eth0 ip %s", err)
|
||||
|
|
@ -41,29 +39,3 @@ func SetupVeth(config *libcontainer.Network) error {
|
|||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetupNamespaceMountDir prepares a new root for use as a mount
|
||||
// source for bind mounting namespace fd to an outside path
|
||||
func SetupNamespaceMountDir(root string) error {
|
||||
if err := os.MkdirAll(root, 0666); err != nil {
|
||||
return err
|
||||
}
|
||||
// make sure mounts are not unmounted by other mnt namespaces
|
||||
if err := syscall.Mount("", root, "none", syscall.MS_SHARED|syscall.MS_REC, ""); err != nil && err != syscall.EINVAL {
|
||||
return err
|
||||
}
|
||||
if err := syscall.Mount(root, root, "none", syscall.MS_BIND, ""); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeleteNetworkNamespace unmounts the binding path and removes the
|
||||
// file so that no references to the fd are present and the network
|
||||
// namespace is automatically cleaned up
|
||||
func DeleteNetworkNamespace(bindingPath string) error {
|
||||
if err := syscall.Unmount(bindingPath, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
return os.Remove(bindingPath)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer/network"
|
||||
"github.com/dotcloud/docker/pkg/system"
|
||||
"github.com/dotcloud/docker/pkg/term"
|
||||
"io"
|
||||
|
|
@ -25,11 +27,34 @@ func execCommand(container *libcontainer.Container) (pid int, err error) {
|
|||
Cloneflags: flag,
|
||||
}
|
||||
|
||||
inPipe, err := command.StdinPipe()
|
||||
if err != nil {
|
||||
return -1, err
|
||||
}
|
||||
|
||||
if err := command.Start(); err != nil {
|
||||
return -1, err
|
||||
}
|
||||
pid = command.Process.Pid
|
||||
|
||||
if container.Network != nil {
|
||||
name1, name2, err := createVethPair()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
if err := network.SetInterfaceMaster(name1, container.Network.Bridge); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
if err := network.InterfaceUp(name1); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
if err := network.SetInterfaceInNamespacePid(name2, pid); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
fmt.Fprint(inPipe, name2)
|
||||
inPipe.Close()
|
||||
}
|
||||
|
||||
go func() {
|
||||
if _, err := io.Copy(os.Stdout, master); err != nil {
|
||||
log.Println(err)
|
||||
|
|
@ -78,3 +103,11 @@ func createMasterAndConsole() (*os.File, string, error) {
|
|||
}
|
||||
return master, console, nil
|
||||
}
|
||||
|
||||
func createVethPair() (name1 string, name2 string, err error) {
|
||||
name1, name2 = "veth001", "veth002"
|
||||
if err = network.CreateVethPair(name1, name2); err != nil {
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,9 @@ import (
|
|||
"fmt"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer/capabilities"
|
||||
"github.com/dotcloud/docker/pkg/libcontainer/network"
|
||||
"github.com/dotcloud/docker/pkg/system"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
|
@ -50,6 +52,12 @@ func main() {
|
|||
log.Fatal(err)
|
||||
}
|
||||
|
||||
data, err := ioutil.ReadAll(os.Stdin)
|
||||
if err != nil {
|
||||
log.Fatalf("error reading from stdin %s", err)
|
||||
}
|
||||
tempVethName := string(data)
|
||||
|
||||
// close pipes so that we can replace it with the pty
|
||||
os.Stdin.Close()
|
||||
os.Stdout.Close()
|
||||
|
|
@ -81,7 +89,7 @@ func main() {
|
|||
}
|
||||
|
||||
if container.Network != nil {
|
||||
if err := setupNetworking(container); err != nil {
|
||||
if err := setupNetworking(container, tempVethName); err != nil {
|
||||
log.Fatalf("setup networking %s", err)
|
||||
}
|
||||
}
|
||||
|
|
@ -166,6 +174,6 @@ func setLogFile(container *libcontainer.Container) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func setupNetworking(conatiner *libcontainer.Container) error {
|
||||
return nil
|
||||
func setupNetworking(container *libcontainer.Container, tempVethName string) error {
|
||||
return network.SetupVeth(container.Network, tempVethName)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
"id": "koye",
|
||||
"namespace_pid": 3745,
|
||||
"command": {
|
||||
"args": [
|
||||
"/sbin/init"
|
||||
],
|
||||
"environment": [
|
||||
"HOME=/",
|
||||
"PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin",
|
||||
"container=docker",
|
||||
"TERM=xterm"
|
||||
]
|
||||
},
|
||||
"rootfs": "/var/lib/docker/btrfs/subvolumes/7c0f15df1ad2e2fe04d7a6e079aec17406e9465a6a37dd16cb0dd754fc0167b3",
|
||||
"namespaces": [
|
||||
"NEWIPC",
|
||||
"NEWNS",
|
||||
"NEWPID",
|
||||
"NEWUTS"
|
||||
]
|
||||
}
|
||||
Loading…
Reference in a new issue