VXLAN UDP Port configuration support

This PR chnages allow user to configure VxLAN UDP
port number. By default we use 4789 port number. But this commit
will allow user to configure port number during swarm init.
VxLAN port can't be modified after swarm init.

Signed-off-by: selansen <elango.siva@docker.com>
This commit is contained in:
selansen 2018-10-26 22:51:34 -04:00
parent cbf4d5ce89
commit 077ccabc45
5 changed files with 50 additions and 5 deletions

View file

@ -7,7 +7,7 @@ RUN go get -d github.com/gogo/protobuf/protoc-gen-gogo && \
git reset --hard 30cf7ac33676b5786e78c746683f0d4cd64fa75b && \
go install
RUN go get github.com/golang/lint/golint \
RUN go get golang.org/x/lint/golint \
golang.org/x/tools/cmd/cover \
github.com/mattn/goveralls \
github.com/gordonklaus/ineffassign \

View file

@ -12,6 +12,7 @@ import (
"strconv"
"github.com/docker/libnetwork/drivers/overlay/overlayutils"
"github.com/docker/libnetwork/iptables"
"github.com/docker/libnetwork/ns"
"github.com/docker/libnetwork/types"
@ -200,7 +201,7 @@ func removeEncryption(localIP, remoteIP net.IP, em *encrMap) error {
func programMangle(vni uint32, add bool) (err error) {
var (
p = strconv.FormatUint(uint64(vxlanPort), 10)
p = strconv.FormatUint(uint64(overlayutils.GetVxlanUDPPort()), 10)
c = fmt.Sprintf("0>>22&0x3C@12&0xFFFFFF00=%d", int(vni)<<8)
m = strconv.FormatUint(uint64(r), 10)
chain = "OUTPUT"
@ -227,7 +228,7 @@ func programMangle(vni uint32, add bool) (err error) {
func programInput(vni uint32, add bool) (err error) {
var (
port = strconv.FormatUint(uint64(vxlanPort), 10)
port = strconv.FormatUint(uint64(overlayutils.GetVxlanUDPPort()), 10)
vniMatch = fmt.Sprintf("0>>22&0x3C@12&0xFFFFFF00=%d", int(vni)<<8)
plainVxlan = []string{"-p", "udp", "--dport", port, "-m", "u32", "--u32", vniMatch, "-j"}
ipsecVxlan = append([]string{"-m", "policy", "--dir", "in", "--pol", "ipsec"}, plainVxlan...)

View file

@ -5,6 +5,7 @@ import (
"strings"
"syscall"
"github.com/docker/libnetwork/drivers/overlay/overlayutils"
"github.com/docker/libnetwork/netutils"
"github.com/docker/libnetwork/ns"
"github.com/docker/libnetwork/osl"
@ -61,7 +62,7 @@ func createVxlan(name string, vni uint32, mtu int) error {
LinkAttrs: netlink.LinkAttrs{Name: name, MTU: mtu},
VxlanId: int(vni),
Learning: true,
Port: vxlanPort,
Port: int(overlayutils.GetVxlanUDPPort()),
Proxy: true,
L3miss: true,
L2miss: true,

View file

@ -25,7 +25,6 @@ const (
vethLen = 7
vxlanIDStart = 256
vxlanIDEnd = (1 << 24) - 1
vxlanPort = 4789
vxlanEncap = 50
secureOption = "encrypted"
)

View file

@ -0,0 +1,44 @@
// Package overlayutils provides utility functions for overlay networks
package overlayutils
import (
"fmt"
"sync"
)
var (
vxlanUDPPort uint32
mutex sync.Mutex
)
func init() {
vxlanUDPPort = 4789
}
// ConfigVxlanUDPPort configures vxlan udp port number.
func ConfigVxlanUDPPort(vxlanPort uint32) error {
mutex.Lock()
defer mutex.Unlock()
// if the value comes as 0 by any reason we set it to default value 4789
if vxlanPort == 0 {
vxlanPort = 4789
}
// IANA procedures for each range in detail
// The Well Known Ports, aka the System Ports, from 0-1023
// The Registered Ports, aka the User Ports, from 1024-49151
// The Dynamic Ports, aka the Private Ports, from 49152-65535
// So we can allow range between 1024 to 49151
if vxlanPort < 1024 || vxlanPort > 49151 {
return fmt.Errorf("ConfigVxlanUDPPort Vxlan UDP port number is not in valid range %d", vxlanPort)
}
vxlanUDPPort = vxlanPort
return nil
}
// GetVxlanUDPPort returns Vxlan UDP port number
func GetVxlanUDPPort() uint32 {
mutex.Lock()
defer mutex.Unlock()
return vxlanUDPPort
}