Merge pull request #46205 from thaJeztah/libnetwork_noexecroot

libnetwork: cleanup SetBasePath, un-export SetExternalKey and other cleanups

libnetwork/config/config.go

@@ -9,7 +9,6 @@ import (
 	"github.com/docker/docker/libnetwork/datastore"
 	"github.com/docker/docker/libnetwork/ipamutils"
 	"github.com/docker/docker/libnetwork/netlabel"
-	"github.com/docker/docker/libnetwork/osl"
 	"github.com/docker/docker/pkg/plugingetter"
 )
 
@@ -20,7 +19,15 @@ const (
 
 // Config encapsulates configurations of various Libnetwork components
 type Config struct {
-	DataDir                string
+	DataDir string
+	// ExecRoot is the base-path for libnetwork external key listeners
+	// (created in "<ExecRoot>/libnetwork/<Controller-Short-ID>.sock"),
+	// and is passed as "-exec-root: argument for "libnetwork-setkey".
+	//
+	// It is only used on Linux, but referenced in some "unix" files
+	// (linux and freebsd).
+	//
+	// FIXME(thaJeztah): ExecRoot is only used for Controller.startExternalKeyListener(), but "libnetwork-setkey" is only implemented on Linux.
 	ExecRoot               string
 	DefaultNetwork         string
 	DefaultDriver          string
@@ -109,12 +116,13 @@ func OptionDataDir(dataDir string) Option {
 	}
 }
 
-// OptionExecRoot function returns an option setter for exec root folder
+// OptionExecRoot function returns an option setter for exec root folder.
+//
+// On Linux, it sets both the controller's ExecRoot and osl.basePath, whereas
+// on FreeBSD, it only sets the controller's ExecRoot. It is a no-op on other
+// platforms.
 func OptionExecRoot(execRoot string) Option {
-	return func(c *Config) {
-		c.ExecRoot = execRoot
-		osl.SetBasePath(execRoot)
-	}
+	return optionExecRoot(execRoot)
 }
 
 // OptionPluginGetter returns a plugingetter for remote drivers.

libnetwork/config/config_freebsd.go

@@ -0,0 +1,8 @@
+package config
+
+// FIXME(thaJeztah): ExecRoot is only used for Controller.startExternalKeyListener(), but "libnetwork-setkey" is only implemented on Linux.
+func optionExecRoot(execRoot string) Option {
+	return func(c *Config) {
+		c.ExecRoot = execRoot
+	}
+}

libnetwork/config/config_linux.go

@@ -0,0 +1,11 @@
+package config
+
+import "github.com/docker/docker/libnetwork/osl"
+
+// optionExecRoot on Linux sets both the controller's ExecRoot and osl.basePath.
+func optionExecRoot(execRoot string) Option {
+	return func(c *Config) {
+		c.ExecRoot = execRoot
+		osl.SetBasePath(execRoot)
+	}
+}

libnetwork/config/config_unsupported.go

@@ -0,0 +1,8 @@
+//go:build !linux && !freebsd
+
+package config
+
+// optionExecRoot is a no-op on non-unix platforms.
+func optionExecRoot(execRoot string) Option {
+	return func(*Config) {}
+}

libnetwork/libnetwork_linux_test.go

@@ -1714,7 +1714,7 @@ func externalKeyTest(t *testing.T, reexec bool) {
 	if reexec {
 		err := reexecSetKey("this-must-fail", containerID, controller.ID())
 		if err == nil {
-			t.Fatalf("SetExternalKey must fail if the corresponding namespace is not created")
+			t.Fatalf("libnetwork-setkey must fail if the corresponding namespace is not created")
 		}
 	} else {
 		// Setting an non-existing key (namespace) must fail
@@ -1737,7 +1737,7 @@ func externalKeyTest(t *testing.T, reexec bool) {
 	if reexec {
 		err := reexecSetKey("ValidKey", containerID, controller.ID())
 		if err != nil {
-			t.Fatalf("SetExternalKey failed with %v", err)
+			t.Fatalf("libnetwork-setkey failed with %v", err)
 		}
 	} else {
 		if err := sbox.SetKey("ValidKey"); err != nil {

libnetwork/osl/namespace_linux.go

@@ -43,16 +43,16 @@ var (
 	gpmWg            sync.WaitGroup
 	gpmCleanupPeriod = 60 * time.Second
 	gpmChan          = make(chan chan struct{})
-	prefix           = defaultPrefix
+	netnsBasePath    = filepath.Join(defaultPrefix, "netns")
 )
 
 // SetBasePath sets the base url prefix for the ns path
 func SetBasePath(path string) {
-	prefix = path
+	netnsBasePath = filepath.Join(path, "netns")
 }
 
 func basePath() string {
-	return filepath.Join(prefix, "netns")
+	return netnsBasePath
 }
 
 func createBasePath() {

libnetwork/osl/namespace_unsupported.go

@@ -11,7 +11,3 @@ func GC() {
 func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
 	return nil, nil
 }
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}

libnetwork/osl/namespace_windows.go

@@ -18,9 +18,4 @@ func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
 
 // GC triggers garbage collection of namespace path right away
 // and waits for it.
-func GC() {
-}
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}
+func GC() {}

libnetwork/osl/sandbox_freebsd.go

@@ -26,7 +26,3 @@ func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
 // and waits for it.
 func GC() {
 }
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}

libnetwork/sandbox_externalkey_unix.go

@@ -65,11 +65,11 @@ func setKey() error {
 		return err
 	}
 
-	return SetExternalKey(shortCtlrID, containerID, fmt.Sprintf("/proc/%d/ns/net", state.Pid), *execRoot)
+	return setExternalKey(shortCtlrID, containerID, fmt.Sprintf("/proc/%d/ns/net", state.Pid), *execRoot)
 }
 
-// SetExternalKey provides a convenient way to set an External key to a sandbox
-func SetExternalKey(shortCtlrID string, containerID string, key string, execRoot string) error {
+// setExternalKey provides a convenient way to set an External key to a sandbox
+func setExternalKey(shortCtlrID string, containerID string, key string, execRoot string) error {
 	uds := filepath.Join(execRoot, execSubdir, shortCtlrID+".sock")
 	c, err := net.Dial("unix", uds)
 	if err != nil {