libnetwork/osl: remove Sandbox and Info interfaces

It only has a single implementation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

libnetwork/controller.go

@@ -103,7 +103,7 @@ type Controller struct {
 
 	// FIXME(thaJeztah): defOsSbox is always nil on non-Linux: move these fields to Linux-only files.
 	defOsSboxOnce sync.Once
-	defOsSbox     osl.Sandbox
+	defOsSbox     *osl.Namespace
 }
 
 // New creates a new instance of network controller.

libnetwork/controller_linux.go

@@ -40,7 +40,7 @@ func (c *Controller) enabledIptablesVersions() []iptables.IPVersion {
 
 // getDefaultOSLSandbox returns the controller's default [osl.Sandbox]. It
 // creates the sandbox if it does not yet exist.
-func (c *Controller) getDefaultOSLSandbox(key string) (osl.Sandbox, error) {
+func (c *Controller) getDefaultOSLSandbox(key string) (*osl.Namespace, error) {
 	var err error
 	c.defOsSboxOnce.Do(func() {
 		c.defOsSbox, err = osl.NewSandbox(key, false, false)

libnetwork/drivers/overlay/ov_network.go

@@ -47,7 +47,7 @@ type subnet struct {
 
 type network struct {
 	id        string
-	sbox      osl.Sandbox
+	sbox      *osl.Namespace
 	endpoints endpointTable
 	driver    *driver
 	joinCnt   int
@@ -463,9 +463,9 @@ func (n *network) setupSubnetSandbox(s *subnet, brName, vxlanName string) error
 	return nil
 }
 
-func setDefaultVLAN(sbox osl.Sandbox) error {
+func setDefaultVLAN(ns *osl.Namespace) error {
 	var brName string
-	for _, i := range sbox.Interfaces() {
+	for _, i := range ns.Interfaces() {
 		if i.Bridge() {
 			brName = i.DstName()
 		}
@@ -474,7 +474,7 @@ func setDefaultVLAN(sbox osl.Sandbox) error {
 	// IFLA_BR_VLAN_DEFAULT_PVID was added in Linux v4.4 (see torvalds/linux@0f963b7), so we can't use netlink for
 	// setting this until Docker drops support for CentOS/RHEL 7 (kernel 3.10, eol date: 2024-06-30).
 	var innerErr error
-	err := sbox.InvokeFunc(func() {
+	err := ns.InvokeFunc(func() {
 		// Contrary to what the sysfs(5) man page says, the entries of /sys/class/net
 		// represent the networking devices visible in the network namespace of the
 		// process which mounted the sysfs filesystem, irrespective of the network
@@ -603,7 +603,7 @@ func (d *driver) network(nid string) *network {
 	return n
 }
 
-func (n *network) sandbox() osl.Sandbox {
+func (n *network) sandbox() *osl.Namespace {
 	n.Lock()
 	defer n.Unlock()
 	return n.sbox

libnetwork/osl/interface_linux.go

@@ -30,7 +30,7 @@ type Interface struct {
 	llAddrs     []*net.IPNet
 	routes      []*net.IPNet
 	bridge      bool
-	ns          *networkNamespace
+	ns          *Namespace
 }
 
 // SrcName returns the name of the interface in the origin network namespace.
@@ -159,7 +159,7 @@ func (i *Interface) Statistics() (*types.InterfaceStatistics, error) {
 	}, nil
 }
 
-func (n *networkNamespace) findDst(srcName string, isBridge bool) string {
+func (n *Namespace) findDst(srcName string, isBridge bool) string {
 	n.Lock()
 	defer n.Unlock()
 
@@ -179,7 +179,7 @@ func (n *networkNamespace) findDst(srcName string, isBridge bool) string {
 // interface according to the specified settings. The caller is expected
 // to only provide a prefix for DstName. The AddInterface api will auto-generate
 // an appropriate suffix for the DstName to disambiguate.
-func (n *networkNamespace) AddInterface(srcName, dstPrefix string, options ...IfaceOption) error {
+func (n *Namespace) AddInterface(srcName, dstPrefix string, options ...IfaceOption) error {
 	i := &Interface{
 		srcName: srcName,
 		dstName: dstPrefix,

libnetwork/osl/namespace_linux.go

@@ -28,7 +28,7 @@ const defaultPrefix = "/var/run/docker"
 
 func init() {
 	// Lock main() to the initial thread to exclude the goroutines spawned
-	// by func (*networkNamespace) InvokeFunc() or func setIPv6() below from
+	// by func (*Namespace) InvokeFunc() or func setIPv6() below from
 	// being scheduled onto that thread. Changes to the network namespace of
 	// the initial thread alter /proc/self/ns/net, which would break any
 	// code which (incorrectly) assumes that that file is the network
@@ -177,9 +177,9 @@ func GenerateKey(containerID string) string {
 	return basePath() + "/" + containerID[:maxLen]
 }
 
-// NewSandbox provides a new sandbox instance created in an os specific way
-// provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
+// NewSandbox provides a new Namespace instance created in an os specific way
+// provided a key which uniquely identifies the sandbox.
+func NewSandbox(key string, osCreate, isRestore bool) (*Namespace, error) {
 	if !isRestore {
 		err := createNetworkNamespace(key, osCreate)
 		if err != nil {
@@ -189,7 +189,7 @@ func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
 		once.Do(createBasePath)
 	}
 
-	n := &networkNamespace{path: key, isDefault: !osCreate, nextIfIndex: make(map[string]int)}
+	n := &Namespace{path: key, isDefault: !osCreate, nextIfIndex: make(map[string]int)}
 
 	sboxNs, err := netns.GetFromPath(n.path)
 	if err != nil {
@@ -230,7 +230,7 @@ func mountNetworkNamespace(basePath string, lnPath string) error {
 }
 
 // GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(basePath string, key string) (Sandbox, error) {
+func GetSandboxForExternalKey(basePath string, key string) (*Namespace, error) {
 	if err := createNamespaceFile(key); err != nil {
 		return nil, err
 	}
@@ -238,7 +238,7 @@ func GetSandboxForExternalKey(basePath string, key string) (Sandbox, error) {
 	if err := mountNetworkNamespace(basePath, key); err != nil {
 		return nil, err
 	}
-	n := &networkNamespace{path: key, nextIfIndex: make(map[string]int)}
+	n := &Namespace{path: key, nextIfIndex: make(map[string]int)}
 
 	sboxNs, err := netns.GetFromPath(n.path)
 	if err != nil {
@@ -313,11 +313,11 @@ func createNamespaceFile(path string) (err error) {
 	return err
 }
 
-// networkNamespace represents a network sandbox. It represents a Linux network
+// Namespace represents a network sandbox. It represents a Linux network
 // namespace, and moves an interface into it when called on method AddInterface
 // or sets the gateway etc. It holds a list of Interfaces, routes etc., and more
 // can be added dynamically.
-type networkNamespace struct {
+type Namespace struct {
 	path         string
 	iFaces       []*Interface
 	gw           net.IP
@@ -335,13 +335,13 @@ type networkNamespace struct {
 // method. Note that this doesn't include network interfaces added in any
 // other way (such as the default loopback interface which is automatically
 // created on creation of a sandbox).
-func (n *networkNamespace) Interfaces() []*Interface {
+func (n *Namespace) Interfaces() []*Interface {
 	ifaces := make([]*Interface, len(n.iFaces))
 	copy(ifaces, n.iFaces)
 	return ifaces
 }
 
-func (n *networkNamespace) loopbackUp() error {
+func (n *Namespace) loopbackUp() error {
 	iface, err := n.nlHandle.LinkByName("lo")
 	if err != nil {
 		return err
@@ -350,12 +350,12 @@ func (n *networkNamespace) loopbackUp() error {
 }
 
 // GetLoopbackIfaceName returns the name of the loopback interface
-func (n *networkNamespace) GetLoopbackIfaceName() string {
+func (n *Namespace) GetLoopbackIfaceName() string {
 	return "lo"
 }
 
 // AddAliasIP adds the passed IP address to the named interface
-func (n *networkNamespace) AddAliasIP(ifName string, ip *net.IPNet) error {
+func (n *Namespace) AddAliasIP(ifName string, ip *net.IPNet) error {
 	iface, err := n.nlHandle.LinkByName(ifName)
 	if err != nil {
 		return err
@@ -364,7 +364,7 @@ func (n *networkNamespace) AddAliasIP(ifName string, ip *net.IPNet) error {
 }
 
 // RemoveAliasIP removes the passed IP address from the named interface
-func (n *networkNamespace) RemoveAliasIP(ifName string, ip *net.IPNet) error {
+func (n *Namespace) RemoveAliasIP(ifName string, ip *net.IPNet) error {
 	iface, err := n.nlHandle.LinkByName(ifName)
 	if err != nil {
 		return err
@@ -374,7 +374,7 @@ func (n *networkNamespace) RemoveAliasIP(ifName string, ip *net.IPNet) error {
 
 // DisableARPForVIP disables ARP replies and requests for VIP addresses
 // on a particular interface.
-func (n *networkNamespace) DisableARPForVIP(srcName string) (Err error) {
+func (n *Namespace) DisableARPForVIP(srcName string) (Err error) {
 	dstName := ""
 	for _, i := range n.Interfaces() {
 		if i.SrcName() == srcName {
@@ -405,7 +405,7 @@ func (n *networkNamespace) DisableARPForVIP(srcName string) (Err error) {
 }
 
 // InvokeFunc invoke a function in the network namespace.
-func (n *networkNamespace) InvokeFunc(f func()) error {
+func (n *Namespace) InvokeFunc(f func()) error {
 	path := n.nsPath()
 	newNS, err := netns.GetFromPath(path)
 	if err != nil {
@@ -449,7 +449,7 @@ func (n *networkNamespace) InvokeFunc(f func()) error {
 	return <-done
 }
 
-func (n *networkNamespace) nsPath() string {
+func (n *Namespace) nsPath() string {
 	n.Lock()
 	defer n.Unlock()
 
@@ -457,12 +457,12 @@ func (n *networkNamespace) nsPath() string {
 }
 
 // Key returns the path where the network namespace is mounted.
-func (n *networkNamespace) Key() string {
+func (n *Namespace) Key() string {
 	return n.path
 }
 
 // Destroy destroys the sandbox.
-func (n *networkNamespace) Destroy() error {
+func (n *Namespace) Destroy() error {
 	if n.nlHandle != nil {
 		n.nlHandle.Close()
 	}
@@ -478,7 +478,7 @@ func (n *networkNamespace) Destroy() error {
 }
 
 // Restore restores the network namespace.
-func (n *networkNamespace) Restore(ifsopt map[Iface][]IfaceOption, routes []*types.StaticRoute, gw net.IP, gw6 net.IP) error {
+func (n *Namespace) Restore(ifsopt map[Iface][]IfaceOption, routes []*types.StaticRoute, gw net.IP, gw6 net.IP) error {
 	// restore interfaces
 	for name, opts := range ifsopt {
 		i := &Interface{
@@ -580,7 +580,7 @@ func (n *networkNamespace) Restore(ifsopt map[Iface][]IfaceOption, routes []*typ
 }
 
 // Checks whether IPv6 needs to be enabled/disabled on the loopback interface
-func (n *networkNamespace) checkLoV6() {
+func (n *Namespace) checkLoV6() {
 	var (
 		enable = false
 		action = "disable"
@@ -608,7 +608,7 @@ func (n *networkNamespace) checkLoV6() {
 }
 
 // ApplyOSTweaks applies operating system specific knobs on the sandbox.
-func (n *networkNamespace) ApplyOSTweaks(types []SandboxType) {
+func (n *Namespace) ApplyOSTweaks(types []SandboxType) {
 	for _, t := range types {
 		switch t {
 		case SandboxTypeLoadBalancer, SandboxTypeIngress:

libnetwork/osl/namespace_unsupported.go

@@ -2,12 +2,16 @@
 
 package osl
 
+type Namespace struct{}
+
+func (n *Namespace) Destroy() error { return nil }
+
 // GC triggers garbage collection of namespace path right away
 // and waits for it.
 func GC() {
 }
 
 // GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
+func GetSandboxForExternalKey(path string, key string) (*Namespace, error) {
 	return nil, nil
 }

libnetwork/osl/namespace_windows.go

@@ -6,13 +6,17 @@ func GenerateKey(containerID string) string {
 	return containerID
 }
 
+type Namespace struct{}
+
+func (n *Namespace) Destroy() error { return nil }
+
 // NewSandbox provides a new sandbox instance created in an os specific way
 // provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
+func NewSandbox(key string, osCreate, isRestore bool) (*Namespace, error) {
 	return nil, nil
 }
 
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
+func GetSandboxForExternalKey(path string, key string) (*Namespace, error) {
 	return nil, nil
 }
 

libnetwork/osl/neigh_linux.go

@@ -29,7 +29,7 @@ type neigh struct {
 	family   int
 }
 
-func (n *networkNamespace) findNeighbor(dstIP net.IP, dstMac net.HardwareAddr) *neigh {
+func (n *Namespace) findNeighbor(dstIP net.IP, dstMac net.HardwareAddr) *neigh {
 	n.Lock()
 	defer n.Unlock()
 
@@ -43,7 +43,7 @@ func (n *networkNamespace) findNeighbor(dstIP net.IP, dstMac net.HardwareAddr) *
 }
 
 // DeleteNeighbor deletes neighbor entry from the sandbox.
-func (n *networkNamespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr, osDelete bool) error {
+func (n *Namespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr, osDelete bool) error {
 	var (
 		iface netlink.Link
 		err   error
@@ -121,7 +121,7 @@ func (n *networkNamespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr,
 }
 
 // AddNeighbor adds a neighbor entry into the sandbox.
-func (n *networkNamespace) AddNeighbor(dstIP net.IP, dstMac net.HardwareAddr, force bool, options ...NeighOption) error {
+func (n *Namespace) AddNeighbor(dstIP net.IP, dstMac net.HardwareAddr, force bool, options ...NeighOption) error {
 	var (
 		iface                  netlink.Link
 		err                    error

libnetwork/osl/route_linux.go

@@ -9,7 +9,7 @@ import (
 )
 
 // Gateway returns the IPv4 gateway for the sandbox.
-func (n *networkNamespace) Gateway() net.IP {
+func (n *Namespace) Gateway() net.IP {
 	n.Lock()
 	defer n.Unlock()
 
@@ -17,7 +17,7 @@ func (n *networkNamespace) Gateway() net.IP {
 }
 
 // GatewayIPv6 returns the IPv6 gateway for the sandbox.
-func (n *networkNamespace) GatewayIPv6() net.IP {
+func (n *Namespace) GatewayIPv6() net.IP {
 	n.Lock()
 	defer n.Unlock()
 
@@ -27,7 +27,7 @@ func (n *networkNamespace) GatewayIPv6() net.IP {
 // StaticRoutes returns additional static routes for the sandbox. Note that
 // directly connected routes are stored on the particular interface they
 // refer to.
-func (n *networkNamespace) StaticRoutes() []*types.StaticRoute {
+func (n *Namespace) StaticRoutes() []*types.StaticRoute {
 	n.Lock()
 	defer n.Unlock()
 
@@ -40,20 +40,20 @@ func (n *networkNamespace) StaticRoutes() []*types.StaticRoute {
 	return routes
 }
 
-func (n *networkNamespace) setGateway(gw net.IP) {
+func (n *Namespace) setGateway(gw net.IP) {
 	n.Lock()
 	n.gw = gw
 	n.Unlock()
 }
 
-func (n *networkNamespace) setGatewayIPv6(gwv6 net.IP) {
+func (n *Namespace) setGatewayIPv6(gwv6 net.IP) {
 	n.Lock()
 	n.gwv6 = gwv6
 	n.Unlock()
 }
 
 // SetGateway sets the default IPv4 gateway for the sandbox.
-func (n *networkNamespace) SetGateway(gw net.IP) error {
+func (n *Namespace) SetGateway(gw net.IP) error {
 	// Silently return if the gateway is empty
 	if len(gw) == 0 {
 		return nil
@@ -68,7 +68,7 @@ func (n *networkNamespace) SetGateway(gw net.IP) error {
 }
 
 // UnsetGateway the previously set default IPv4 gateway in the sandbox.
-func (n *networkNamespace) UnsetGateway() error {
+func (n *Namespace) UnsetGateway() error {
 	gw := n.Gateway()
 
 	// Silently return if the gateway is empty
@@ -84,7 +84,7 @@ func (n *networkNamespace) UnsetGateway() error {
 	return err
 }
 
-func (n *networkNamespace) programGateway(gw net.IP, isAdd bool) error {
+func (n *Namespace) programGateway(gw net.IP, isAdd bool) error {
 	gwRoutes, err := n.nlHandle.RouteGet(gw)
 	if err != nil {
 		return fmt.Errorf("route for the gateway %s could not be found: %v", gw, err)
@@ -118,7 +118,7 @@ func (n *networkNamespace) programGateway(gw net.IP, isAdd bool) error {
 }
 
 // Program a route in to the namespace routing table.
-func (n *networkNamespace) programRoute(path string, dest *net.IPNet, nh net.IP) error {
+func (n *Namespace) programRoute(path string, dest *net.IPNet, nh net.IP) error {
 	gwRoutes, err := n.nlHandle.RouteGet(nh)
 	if err != nil {
 		return fmt.Errorf("route for the next hop %s could not be found: %v", nh, err)
@@ -133,7 +133,7 @@ func (n *networkNamespace) programRoute(path string, dest *net.IPNet, nh net.IP)
 }
 
 // Delete a route from the namespace routing table.
-func (n *networkNamespace) removeRoute(path string, dest *net.IPNet, nh net.IP) error {
+func (n *Namespace) removeRoute(path string, dest *net.IPNet, nh net.IP) error {
 	gwRoutes, err := n.nlHandle.RouteGet(nh)
 	if err != nil {
 		return fmt.Errorf("route for the next hop could not be found: %v", err)
@@ -148,7 +148,7 @@ func (n *networkNamespace) removeRoute(path string, dest *net.IPNet, nh net.IP)
 }
 
 // SetGatewayIPv6 sets the default IPv6 gateway for the sandbox.
-func (n *networkNamespace) SetGatewayIPv6(gwv6 net.IP) error {
+func (n *Namespace) SetGatewayIPv6(gwv6 net.IP) error {
 	// Silently return if the gateway is empty
 	if len(gwv6) == 0 {
 		return nil
@@ -163,7 +163,7 @@ func (n *networkNamespace) SetGatewayIPv6(gwv6 net.IP) error {
 }
 
 // UnsetGatewayIPv6 unsets the previously set default IPv6 gateway in the sandbox.
-func (n *networkNamespace) UnsetGatewayIPv6() error {
+func (n *Namespace) UnsetGatewayIPv6() error {
 	gwv6 := n.GatewayIPv6()
 
 	// Silently return if the gateway is empty
@@ -182,7 +182,7 @@ func (n *networkNamespace) UnsetGatewayIPv6() error {
 }
 
 // AddStaticRoute adds a static route to the sandbox.
-func (n *networkNamespace) AddStaticRoute(r *types.StaticRoute) error {
+func (n *Namespace) AddStaticRoute(r *types.StaticRoute) error {
 	err := n.programRoute(n.nsPath(), r.Destination, r.NextHop)
 	if err == nil {
 		n.Lock()
@@ -193,7 +193,7 @@ func (n *networkNamespace) AddStaticRoute(r *types.StaticRoute) error {
 }
 
 // RemoveStaticRoute removes a static route from the sandbox.
-func (n *networkNamespace) RemoveStaticRoute(r *types.StaticRoute) error {
+func (n *Namespace) RemoveStaticRoute(r *types.StaticRoute) error {
 	err := n.removeRoute(n.nsPath(), r.Destination, r.NextHop)
 	if err == nil {
 		n.Lock()

libnetwork/osl/sandbox.go

@@ -1,12 +1,6 @@
 // Package osl describes structures and interfaces which abstract os entities
 package osl
 
-import (
-	"net"
-
-	"github.com/docker/docker/libnetwork/types"
-)
-
 // SandboxType specify the time of the sandbox, this can be used to apply special configs
 type SandboxType int
 
@@ -26,90 +20,3 @@ type IfaceOption func(i *Interface) error
 
 // NeighOption is a function option type to set neighbor options.
 type NeighOption func(nh *neigh)
-
-// Sandbox represents a network sandbox, identified by a specific key.  It
-// holds a list of Interfaces, routes etc, and more can be added dynamically.
-type Sandbox interface {
-	// Key returns the path where the network namespace is mounted.
-	Key() string
-
-	// AddInterface adds an existing Interface to this sandbox. The operation will rename
-	// from the Interface SrcName to DstName as it moves, and reconfigure the
-	// interface according to the specified settings. The caller is expected
-	// to only provide a prefix for DstName. The AddInterface api will auto-generate
-	// an appropriate suffix for the DstName to disambiguate.
-	AddInterface(SrcName string, DstPrefix string, options ...IfaceOption) error
-
-	// SetGateway sets the default IPv4 gateway for the sandbox.
-	SetGateway(gw net.IP) error
-
-	// SetGatewayIPv6 sets the default IPv6 gateway for the sandbox.
-	SetGatewayIPv6(gw net.IP) error
-
-	// UnsetGateway the previously set default IPv4 gateway in the sandbox.
-	UnsetGateway() error
-
-	// UnsetGatewayIPv6 unsets the previously set default IPv6 gateway in the sandbox.
-	UnsetGatewayIPv6() error
-
-	// GetLoopbackIfaceName returns the name of the loopback interface
-	GetLoopbackIfaceName() string
-
-	// AddAliasIP adds the passed IP address to the named interface
-	AddAliasIP(ifName string, ip *net.IPNet) error
-
-	// RemoveAliasIP removes the passed IP address from the named interface
-	RemoveAliasIP(ifName string, ip *net.IPNet) error
-
-	// DisableARPForVIP disables ARP replies and requests for VIP addresses
-	// on a particular interface.
-	DisableARPForVIP(ifName string) error
-
-	// AddStaticRoute adds a static route to the sandbox.
-	AddStaticRoute(*types.StaticRoute) error
-
-	// RemoveStaticRoute removes a static route from the sandbox.
-	RemoveStaticRoute(*types.StaticRoute) error
-
-	// AddNeighbor adds a neighbor entry into the sandbox.
-	AddNeighbor(dstIP net.IP, dstMac net.HardwareAddr, force bool, option ...NeighOption) error
-
-	// DeleteNeighbor deletes neighbor entry from the sandbox.
-	DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr, osDelete bool) error
-
-	// InvokeFunc invoke a function in the network namespace.
-	InvokeFunc(func()) error
-
-	// Destroy destroys the sandbox.
-	Destroy() error
-
-	// Restore restores the sandbox.
-	Restore(ifsopt map[Iface][]IfaceOption, routes []*types.StaticRoute, gw net.IP, gw6 net.IP) error
-
-	// ApplyOSTweaks applies operating system specific knobs on the sandbox.
-	ApplyOSTweaks([]SandboxType)
-
-	Info
-}
-
-// Info represents all possible information that
-// the driver wants to place in the sandbox which includes
-// interfaces, routes and gateway
-type Info interface {
-	// Interfaces returns the collection of Interface previously added with the AddInterface
-	// method. Note that this doesn't include network interfaces added in any
-	// other way (such as the default loopback interface which is automatically
-	// created on creation of a sandbox).
-	Interfaces() []*Interface
-
-	// Gateway returns the IPv4 gateway for the sandbox.
-	Gateway() net.IP
-
-	// GatewayIPv6 returns the IPv6 gateway for the sandbox.
-	GatewayIPv6() net.IP
-
-	// StaticRoutes returns additional static routes for the sandbox. Note that
-	// directly connected routes are stored on the particular interface they
-	// refer to.
-	StaticRoutes() []*types.StaticRoute
-}

libnetwork/osl/sandbox_freebsd.go

@@ -13,12 +13,12 @@ func GenerateKey(containerID string) string {
 
 // NewSandbox provides a new sandbox instance created in an os specific way
 // provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
+func NewSandbox(key string, osCreate, isRestore bool) (*Namespace, error) {
 	return nil, nil
 }
 
 // GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
+func GetSandboxForExternalKey(path string, key string) (*Namespace, error) {
 	return nil, nil
 }
 

libnetwork/osl/sandbox_linux_test.go

@@ -56,7 +56,7 @@ func newKey(t *testing.T) (string, error) {
 	return name, nil
 }
 
-func newInfo(t *testing.T, hnd *netlink.Handle) (Sandbox, error) {
+func newInfo(t *testing.T, hnd *netlink.Handle) (*Namespace, error) {
 	t.Helper()
 	err := hnd.LinkAdd(&netlink.Veth{
 		LinkAttrs: netlink.LinkAttrs{Name: vethName1, TxQLen: 0},
@@ -113,22 +113,17 @@ func newInfo(t *testing.T, hnd *netlink.Handle) (Sandbox, error) {
 		master:  "testbridge",
 	}
 
-	return &networkNamespace{
+	return &Namespace{
 		iFaces: []*Interface{intf1, intf2, intf3},
 		gw:     net.ParseIP("192.168.1.1"),
 		gwv6:   net.ParseIP("fe80::1"),
 	}, nil
 }
 
-func verifySandbox(t *testing.T, s Sandbox, ifaceSuffixes []string) {
-	_, ok := s.(*networkNamespace)
-	if !ok {
-		t.Fatalf("The sandbox interface returned is not of type networkNamespace")
-	}
-
-	sbNs, err := netns.GetFromPath(s.Key())
+func verifySandbox(t *testing.T, ns *Namespace, ifaceSuffixes []string) {
+	sbNs, err := netns.GetFromPath(ns.Key())
 	if err != nil {
-		t.Fatalf("Failed top open network namespace path %q: %v", s.Key(), err)
+		t.Fatalf("Failed top open network namespace path %q: %v", ns.Key(), err)
 	}
 	defer sbNs.Close()
 
@@ -147,16 +142,16 @@ func verifySandbox(t *testing.T, s Sandbox, ifaceSuffixes []string) {
 	}
 }
 
-func verifyCleanup(t *testing.T, s Sandbox, wait bool) {
+func verifyCleanup(t *testing.T, ns *Namespace, wait bool) {
 	if wait {
 		time.Sleep(gpmCleanupPeriod * 2)
 	}
 
-	if _, err := os.Stat(s.Key()); err == nil {
+	if _, err := os.Stat(ns.Key()); err == nil {
 		if wait {
-			t.Fatalf("The sandbox path %s is not getting cleaned up even after twice the cleanup period", s.Key())
+			t.Fatalf("The sandbox path %s is not getting cleaned up even after twice the cleanup period", ns.Key())
 		} else {
-			t.Fatalf("The sandbox path %s is not cleaned up after running gc", s.Key())
+			t.Fatalf("The sandbox path %s is not cleaned up after running gc", ns.Key())
 		}
 	}
 }
@@ -169,16 +164,12 @@ func TestDisableIPv6DAD(t *testing.T) {
 		t.Fatalf("Failed to obtain a key: %v", err)
 	}
 
-	s, err := NewSandbox(key, true, false)
+	n, err := NewSandbox(key, true, false)
 	if err != nil {
 		t.Fatalf("Failed to create a new sandbox: %v", err)
 	}
-	defer destroyTest(t, s)
+	defer destroyTest(t, n)
 
-	n, ok := s.(*networkNamespace)
-	if !ok {
-		t.Fatal(ok)
-	}
 	nlh := n.nlHandle
 
 	ipv6, _ := types.ParseCIDR("2001:db8::44/64")
@@ -214,8 +205,8 @@ func TestDisableIPv6DAD(t *testing.T) {
 	}
 }
 
-func destroyTest(t *testing.T, s Sandbox) {
-	if err := s.Destroy(); err != nil {
+func destroyTest(t *testing.T, ns *Namespace) {
+	if err := ns.Destroy(); err != nil {
 		t.Log(err)
 	}
 }
@@ -228,16 +219,12 @@ func TestSetInterfaceIP(t *testing.T) {
 		t.Fatalf("Failed to obtain a key: %v", err)
 	}
 
-	s, err := NewSandbox(key, true, false)
+	n, err := NewSandbox(key, true, false)
 	if err != nil {
 		t.Fatalf("Failed to create a new sandbox: %v", err)
 	}
-	defer destroyTest(t, s)
+	defer destroyTest(t, n)
 
-	n, ok := s.(*networkNamespace)
-	if !ok {
-		t.Fatal(ok)
-	}
 	nlh := n.nlHandle
 
 	ipv4, _ := types.ParseCIDR("172.30.0.33/24")
@@ -302,16 +289,12 @@ func TestLiveRestore(t *testing.T) {
 		t.Fatalf("Failed to obtain a key: %v", err)
 	}
 
-	s, err := NewSandbox(key, true, false)
+	n, err := NewSandbox(key, true, false)
 	if err != nil {
 		t.Fatalf("Failed to create a new sandbox: %v", err)
 	}
-	defer destroyTest(t, s)
+	defer destroyTest(t, n)
 
-	n, ok := s.(*networkNamespace)
-	if !ok {
-		t.Fatal(ok)
-	}
 	nlh := n.nlHandle
 
 	ipv4, _ := types.ParseCIDR("172.30.0.33/24")
@@ -368,11 +351,11 @@ func TestLiveRestore(t *testing.T) {
 	}
 
 	// Create newsandbox with Restore - TRUE
-	s, err = NewSandbox(key, true, true)
+	n2, err := NewSandbox(key, true, true)
 	if err != nil {
 		t.Fatalf("Failed to create a new sandbox: %v", err)
 	}
-	defer destroyTest(t, s)
+	defer destroyTest(t, n2)
 
 	// Check if the IPV4 & IPV6 entry present
 	// If present , we should get error in below call

libnetwork/osl/sandbox_unsupported.go

@@ -9,7 +9,7 @@ var ErrNotImplemented = errors.New("not implemented")
 
 // NewSandbox provides a new sandbox instance created in an os specific way
 // provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
+func NewSandbox(key string, osCreate, isRestore bool) (*Namespace, error) {
 	return nil, ErrNotImplemented
 }
 

libnetwork/osl/sandbox_unsupported_test.go

@@ -13,6 +13,6 @@ func newKey(t *testing.T) (string, error) {
 	return "", ErrNotImplemented
 }
 
-func verifySandbox(t *testing.T, s Sandbox) {
+func verifySandbox(t *testing.T, ns *Namespace) {
 	return
 }

libnetwork/sandbox.go

@@ -35,7 +35,7 @@ type Sandbox struct {
 	containerID        string
 	config             containerConfig
 	extDNS             []extDNSEntry
-	osSbox             osl.Sandbox
+	osSbox             *osl.Namespace
 	controller         *Controller
 	resolver           *Resolver
 	resolverOnce       sync.Once

libnetwork/sandbox_linux.go

@@ -11,8 +11,8 @@ import (
 	"github.com/docker/docker/libnetwork/types"
 )
 
-func releaseOSSboxResources(osSbox osl.Sandbox, ep *Endpoint) {
-	for _, i := range osSbox.Interfaces() {
+func releaseOSSboxResources(ns *osl.Namespace, ep *Endpoint) {
+	for _, i := range ns.Interfaces() {
 		// Only remove the interfaces owned by this endpoint from the sandbox.
 		if ep.hasInterface(i.SrcName()) {
 			if err := i.Remove(); err != nil {
@@ -29,7 +29,7 @@ func releaseOSSboxResources(osSbox osl.Sandbox, ep *Endpoint) {
 
 	if len(vip) > 0 && lbModeIsDSR {
 		ipNet := &net.IPNet{IP: vip, Mask: net.CIDRMask(32, 32)}
-		if err := osSbox.RemoveAliasIP(osSbox.GetLoopbackIfaceName(), ipNet); err != nil {
+		if err := ns.RemoveAliasIP(ns.GetLoopbackIfaceName(), ipNet); err != nil {
 			log.G(context.TODO()).WithError(err).Debugf("failed to remove virtual ip %v to loopback", ipNet)
 		}
 	}
@@ -40,7 +40,7 @@ func releaseOSSboxResources(osSbox osl.Sandbox, ep *Endpoint) {
 
 	// Remove non-interface routes.
 	for _, r := range joinInfo.StaticRoutes {
-		if err := osSbox.RemoveStaticRoute(r); err != nil {
+		if err := ns.RemoveStaticRoute(r); err != nil {
 			log.G(context.TODO()).Debugf("Remove route failed: %v", err)
 		}
 	}

libnetwork/sandbox_unsupported.go

@@ -4,7 +4,7 @@ package libnetwork
 
 import "github.com/docker/docker/libnetwork/osl"
 
-func releaseOSSboxResources(osl.Sandbox, *Endpoint) {}
+func releaseOSSboxResources(*osl.Namespace, *Endpoint) {}
 
 func (sb *Sandbox) updateGateway(*Endpoint) error {
 	// not implemented on Windows (Sandbox.osSbox is always nil)