diff --git a/api/server/router/network/network_routes.go b/api/server/router/network/network_routes.go index a8f6b97887..1f91b72a14 100644 --- a/api/server/router/network/network_routes.go +++ b/api/server/router/network/network_routes.go @@ -182,7 +182,7 @@ func buildNetworkResource(nw libnetwork.Network) *types.NetworkResource { } func buildIpamResources(r *types.NetworkResource, nw libnetwork.Network) { - id, ipv4conf, ipv6conf := nw.Info().IpamConfig() + id, _, ipv4conf, ipv6conf := nw.Info().IpamConfig() r.IPAM.Driver = id diff --git a/container/container_unix.go b/container/container_unix.go index 05ad60c417..4b8296bba6 100644 --- a/container/container_unix.go +++ b/container/container_unix.go @@ -269,6 +269,10 @@ func (container *Container) BuildCreateEndpointOptions(n libnetwork.Network) ([] } } + if !container.HostConfig.NetworkMode.IsUserDefined() { + createOptions = append(createOptions, libnetwork.CreateOptionDisableResolution()) + } + // Other configs are applicable only for the endpoint in the network // to which container was connected to on docker run. if n.Name() != container.HostConfig.NetworkMode.NetworkName() && diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go index 6bf30cfb09..9840fa2b0f 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -665,7 +665,7 @@ func validateNetworkingConfig(n libnetwork.Network, epConfig *networktypes.Endpo if !hasUserDefinedIPAddress(epConfig) { return nil } - _, nwIPv4Configs, nwIPv6Configs := n.Info().IpamConfig() + _, _, nwIPv4Configs, nwIPv6Configs := n.Info().IpamConfig() for _, s := range []struct { ipConfigured bool subnetConfigs []*libnetwork.IpamConf diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index 78ca7595ac..3cff028dd0 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -607,7 +607,7 @@ func initBridgeDriver(controller libnetwork.NetworkController, config *Config) e netlabel.GenericData: netOption, netlabel.EnableIPv6: config.Bridge.EnableIPv6, }), - libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf), + libnetwork.NetworkOptionIpam("default", "", v4Conf, v6Conf, nil), libnetwork.NetworkOptionDeferIPv6Alloc(deferIPv6Alloc)) if err != nil { return fmt.Errorf("Error creating default \"bridge\" network: %v", err) diff --git a/daemon/network.go b/daemon/network.go index 3f7b13f7c1..9b5daa2db2 100644 --- a/daemon/network.go +++ b/daemon/network.go @@ -114,7 +114,7 @@ func (daemon *Daemon) CreateNetwork(name, driver string, ipam network.IPAM, opti return nil, err } - nwOptions = append(nwOptions, libnetwork.NetworkOptionIpam(ipam.Driver, "", v4Conf, v6Conf)) + nwOptions = append(nwOptions, libnetwork.NetworkOptionIpam(ipam.Driver, "", v4Conf, v6Conf, nil)) nwOptions = append(nwOptions, libnetwork.NetworkOptionDriverOpts(options)) n, err := c.NewNetwork(driver, name, nwOptions...) if err != nil { diff --git a/docs/userguide/networking/work-with-networks.md b/docs/userguide/networking/work-with-networks.md index 5762559a19..3655e4724c 100644 --- a/docs/userguide/networking/work-with-networks.md +++ b/docs/userguide/networking/work-with-networks.md @@ -252,24 +252,8 @@ lo Link encap:Local Loopback TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) -``` -Display the container's `etc/hosts` file: - -```bash -/ # cat /etc/hosts -172.17.0.3 498eaaaf328e -127.0.0.1 localhost -::1 localhost ip6-localhost ip6-loopback -fe00::0 ip6-localnet -ff00::0 ip6-mcastprefix -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters -172.21.3.3 container3 -172.21.3.3 container3.isolated_nw -``` - -On the `isolated_nw` which was user defined, the Docker network feature updated the `/etc/hosts` with the proper name resolution. Inside of `container2` it is possible to ping `container3` by name. +On the `isolated_nw` which was user defined, the Docker embedded DNS server enables name resolution for other containers in the network. Inside of `container2` it is possible to ping `container3` by name. ```bash / # ping -w 4 container3 diff --git a/integration-cli/docker_cli_network_unix_test.go b/integration-cli/docker_cli_network_unix_test.go index 967d44cc22..1b1e374b61 100644 --- a/integration-cli/docker_cli_network_unix_test.go +++ b/integration-cli/docker_cli_network_unix_test.go @@ -622,27 +622,6 @@ func (s *DockerDaemonSuite) TestDockerNetworkNoDiscoveryDefaultBridgeNetwork(c * c.Assert(err, checker.IsNil) c.Assert(string(hosts), checker.Equals, string(hostsPost), check.Commentf("Unexpected %s change on second network connection", hostsFile)) - - cName := "container3" - out, err = s.d.Cmd("run", "-d", "--net", network, "--name", cName, "busybox", "top") - c.Assert(err, check.IsNil, check.Commentf(out)) - cid3 := strings.TrimSpace(out) - defer s.d.Cmd("stop", cid3) - - // container1 etc/hosts file should contain an entry for the third container - hostsPost, err = s.d.Cmd("exec", cid1, "cat", hostsFile) - c.Assert(err, checker.IsNil) - c.Assert(string(hostsPost), checker.Contains, cName, - check.Commentf("Container 1 %s file does not contain entries for named container %q: %s", hostsFile, cName, string(hostsPost))) - - // on container3 disconnect, first container's etc/hosts should go back to original form - out, err = s.d.Cmd("network", "disconnect", network, cid3) - c.Assert(err, check.IsNil, check.Commentf(out)) - - hostsPost, err = s.d.Cmd("exec", cid1, "cat", hostsFile) - c.Assert(err, checker.IsNil) - c.Assert(string(hosts), checker.Equals, string(hostsPost), - check.Commentf("Unexpected %s content after disconnecting from second network", hostsFile)) } func (s *DockerNetworkSuite) TestDockerNetworkAnonymousEndpoint(c *check.C) { @@ -693,28 +672,27 @@ func (s *DockerNetworkSuite) TestDockerNetworkAnonymousEndpoint(c *check.C) { out, _ = dockerCmd(c, "run", "-d", "--net", cstmBridgeNw, "--name", cName, "busybox", "top") cid3 := strings.TrimSpace(out) - // verify etc/hosts file for first two containers contains the named container entry - hosts1post, err = readContainerFileWithExec(cid1, hostsFile) - c.Assert(err, checker.IsNil) - c.Assert(string(hosts1post), checker.Contains, cName, - check.Commentf("Container 1 %s file does not contain entries for named container %q: %s", hostsFile, cName, string(hosts1post))) + // verify that container 1 and 2 can ping the named container + dockerCmd(c, "exec", cid1, "ping", "-c", "1", cName) + dockerCmd(c, "exec", cid2, "ping", "-c", "1", cName) - hosts2post, err := readContainerFileWithExec(cid2, hostsFile) - c.Assert(err, checker.IsNil) - c.Assert(string(hosts2post), checker.Contains, cName, - check.Commentf("Container 2 %s file does not contain entries for named container %q: %s", hostsFile, cName, string(hosts2post))) - - // Stop named container and verify first two containers' etc/hosts entries are back to original + // Stop named container and verify first two containers' etc/hosts file hasn't changed dockerCmd(c, "stop", cid3) hosts1post, err = readContainerFileWithExec(cid1, hostsFile) c.Assert(err, checker.IsNil) c.Assert(string(hosts1), checker.Equals, string(hosts1post), - check.Commentf("Unexpected %s change on anonymous container creation", hostsFile)) + check.Commentf("Unexpected %s change on name container creation", hostsFile)) - hosts2post, err = readContainerFileWithExec(cid2, hostsFile) + hosts2post, err := readContainerFileWithExec(cid2, hostsFile) c.Assert(err, checker.IsNil) c.Assert(string(hosts2), checker.Equals, string(hosts2post), - check.Commentf("Unexpected %s change on anonymous container creation", hostsFile)) + check.Commentf("Unexpected %s change on name container creation", hostsFile)) + + // verify that container 1 and 2 can't ping the named container now + _, _, err = dockerCmdWithError("exec", cid1, "ping", "-c", "1", cName) + c.Assert(err, check.NotNil) + _, _, err = dockerCmdWithError("exec", cid2, "ping", "-c", "1", cName) + c.Assert(err, check.NotNil) } func (s *DockerNetworkSuite) TestDockerNetworkLinkOndefaultNetworkOnly(c *check.C) {