controller: Check if IPTables is enabled for arrangeUserFilterRule
This allows the `--iptables=false` argument to the `dockerd` to actually work. Signed-off-by: David O'Rourke <david@scalefactory.com>
This commit is contained in:
David O'Rourke
parent
60b2a582d4
commit
b4d0319424
1 changed files with 26 additions and 1 deletions
|
|
@ -679,6 +679,29 @@ func (c *controller) isAgent() bool {
|
|||
return c.cfg.Daemon.ClusterProvider.IsAgent()
|
||||
}
|
||||
|
||||
func (c *controller) hasIPTablesEnabled() bool {
|
||||
c.Lock()
|
||||
defer c.Unlock()
|
||||
|
||||
if c.cfg == nil || c.cfg.Daemon.DriverCfg[netlabel.GenericData] == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
genericData, ok := c.cfg.Daemon.DriverCfg[netlabel.GenericData]
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
||||
optMap := genericData.(map[string]interface{})
|
||||
|
||||
enabled, ok := optMap["EnableIPTables"].(bool)
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
||||
return enabled
|
||||
}
|
||||
|
||||
func (c *controller) isDistributedControl() bool {
|
||||
return !c.isManager() && !c.isAgent()
|
||||
}
|
||||
|
|
@ -902,7 +925,9 @@ addToStore:
|
|||
c.Unlock()
|
||||
}
|
||||
|
||||
c.arrangeUserFilterRule()
|
||||
if c.hasIPTablesEnabled() {
|
||||
c.arrangeUserFilterRule()
|
||||
}
|
||||
|
||||
return network, nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue