diff --git a/hack/vendor.sh b/hack/vendor.sh index 5467f2e1aa..ee7561b2f1 100755 --- a/hack/vendor.sh +++ b/hack/vendor.sh @@ -30,7 +30,7 @@ clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837 clone git github.com/imdario/mergo 0.2.1 #get libnetwork packages -clone git github.com/docker/libnetwork v0.7.0-rc.6 +clone git github.com/docker/libnetwork v0.8.0-dev.1 clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec clone git github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b clone git github.com/hashicorp/memberlist 9a1e242e454d2443df330bdd51a436d5a9058fc4 diff --git a/vendor/src/github.com/docker/libnetwork/CHANGELOG.md b/vendor/src/github.com/docker/libnetwork/CHANGELOG.md index 883830f5cd..a5ac0aa384 100644 --- a/vendor/src/github.com/docker/libnetwork/CHANGELOG.md +++ b/vendor/src/github.com/docker/libnetwork/CHANGELOG.md @@ -1,12 +1,16 @@ # Changelog +## 0.8.0-dev.1 (2016-04-16) +- Fixes docker/docker#16964 +- Added maximum egress bandwidth qos for Windows + ## 0.7.0-rc.6 (2016-04-10) - Flush cached resolver socket on default gateway change ## 0.7.0-rc.5 (2016-04-08) - Persist ipam driver options - Fixes https://github.com/docker/libnetwork/issues/1087 -- Use go vet from go tool +- Use go vet from go tool - Godep update to pick up latest docker/docker packages - Validate remote driver response using docker plugins package method. @@ -20,8 +24,8 @@ ## 0.7.0-rc.2 (2016-04-05) - Fixes https://github.com/docker/libnetwork/issues/1070 - Move IPAM resource initialization out of init() -- Initialize overlay driver before network delete -- Fix the handling for default gateway Endpoint join/lean +- Initialize overlay driver before network delete +- Fix the handling for default gateway Endpoint join/lean ## 0.7.0-rc.1 (2016-03-30) - Fixes https://github.com/docker/libnetwork/issues/985 diff --git a/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go b/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go index 00e16e1e5b..a2ec5ce8dc 100644 --- a/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go +++ b/vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go @@ -9,7 +9,6 @@ import ( "os/exec" "path/filepath" "strconv" - "strings" "sync" "syscall" @@ -130,21 +129,6 @@ func newDriver() *driver { // Init registers a new instance of bridge driver func Init(dc driverapi.DriverCallback, config map[string]interface{}) error { - if _, err := os.Stat("/proc/sys/net/bridge"); err != nil { - if out, err := exec.Command("modprobe", "-va", "bridge", "br_netfilter").CombinedOutput(); err != nil { - logrus.Warnf("Running modprobe bridge br_netfilter failed with message: %s, error: %v", out, err) - } - } - if out, err := exec.Command("modprobe", "-va", "nf_nat").CombinedOutput(); err != nil { - logrus.Warnf("Running modprobe nf_nat failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) - } - if out, err := exec.Command("modprobe", "-va", "xt_conntrack").CombinedOutput(); err != nil { - logrus.Warnf("Running modprobe xt_conntrack failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) - } - if err := iptables.FirewalldInit(); err != nil { - logrus.Debugf("Fail to initialize firewalld: %v, using raw iptables instead", err) - } - d := newDriver() if err := d.configure(config); err != nil { return err @@ -387,6 +371,11 @@ func (d *driver) configure(option map[string]interface{}) error { } if config.EnableIPTables { + if _, err := os.Stat("/proc/sys/net/bridge"); err != nil { + if out, err := exec.Command("modprobe", "-va", "bridge", "br_netfilter").CombinedOutput(); err != nil { + logrus.Warnf("Running modprobe bridge br_netfilter failed with message: %s, error: %v", out, err) + } + } removeIPChains() natChain, filterChain, isolationChain, err = setupIPChains(config) if err != nil { diff --git a/vendor/src/github.com/docker/libnetwork/drivers/windows/labels.go b/vendor/src/github.com/docker/libnetwork/drivers/windows/labels.go index bfc4d368cc..f1b77bf334 100644 --- a/vendor/src/github.com/docker/libnetwork/drivers/windows/labels.go +++ b/vendor/src/github.com/docker/libnetwork/drivers/windows/labels.go @@ -12,4 +12,7 @@ const ( // Interface of the network Interface = "com.docker.network.windowsshim.interface" + + // QosPolicies of the endpoint + QosPolicies = "com.docker.endpoint.windowsshim.qospolicies" ) diff --git a/vendor/src/github.com/docker/libnetwork/drivers/windows/windows.go b/vendor/src/github.com/docker/libnetwork/drivers/windows/windows.go index c3a478523e..95467a8615 100644 --- a/vendor/src/github.com/docker/libnetwork/drivers/windows/windows.go +++ b/vendor/src/github.com/docker/libnetwork/drivers/windows/windows.go @@ -42,6 +42,7 @@ type endpointConfiguration struct { MacAddress net.HardwareAddr PortBindings []types.PortBinding ExposedPorts []types.TransportPort + QosPolicies []types.QosPolicy } type hnsEndpoint struct { @@ -257,6 +258,26 @@ func (d *driver) DeleteNetwork(nid string) error { return nil } +func convertQosPolicies(qosPolicies []types.QosPolicy) ([]json.RawMessage, error) { + var qps []json.RawMessage + + // Enumerate through the qos policies specified by the user and convert + // them into the internal structure matching the JSON blob that can be + // understood by the HCS. + for _, elem := range qosPolicies { + encodedPolicy, err := json.Marshal(hcsshim.QosPolicy{ + Type: "QOS", + MaximumOutgoingBandwidthInBytes: elem.MaxEgressBandwidth, + }) + + if err != nil { + return nil, err + } + qps = append(qps, encodedPolicy) + } + return qps, nil +} + func convertPortBindings(portBindings []types.PortBinding) ([]json.RawMessage, error) { var pbs []json.RawMessage @@ -347,6 +368,14 @@ func parseEndpointOptions(epOptions map[string]interface{}) (*endpointConfigurat } } + if opt, ok := epOptions[QosPolicies]; ok { + if policies, ok := opt.([]types.QosPolicy); ok { + ec.QosPolicies = policies + } else { + return nil, fmt.Errorf("Invalid endpoint configuration") + } + } + return ec, nil } @@ -375,11 +404,16 @@ func (d *driver) CreateEndpoint(nid, eid string, ifInfo driverapi.InterfaceInfo, } endpointStruct.Policies, err = convertPortBindings(ec.PortBindings) - if err != nil { return err } + qosPolicies, err := convertQosPolicies(ec.QosPolicies) + if err != nil { + return err + } + endpointStruct.Policies = append(endpointStruct.Policies, qosPolicies...) + configurationb, err := json.Marshal(endpointStruct) if err != nil { return err diff --git a/vendor/src/github.com/docker/libnetwork/iptables/iptables.go b/vendor/src/github.com/docker/libnetwork/iptables/iptables.go index 298c5bf472..f6ddaed775 100644 --- a/vendor/src/github.com/docker/libnetwork/iptables/iptables.go +++ b/vendor/src/github.com/docker/libnetwork/iptables/iptables.go @@ -42,6 +42,8 @@ var ( bestEffortLock sync.Mutex // ErrIptablesNotFound is returned when the rule is not found. ErrIptablesNotFound = errors.New("Iptables not found") + probeOnce sync.Once + firewalldOnce sync.Once ) // ChainInfo defines the iptables chain. @@ -61,8 +63,25 @@ func (e ChainError) Error() string { return fmt.Sprintf("Error iptables %s: %s", e.Chain, string(e.Output)) } +func probe() { + if out, err := exec.Command("modprobe", "-va", "nf_nat").CombinedOutput(); err != nil { + logrus.Warnf("Running modprobe nf_nat failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) + } + if out, err := exec.Command("modprobe", "-va", "xt_conntrack").CombinedOutput(); err != nil { + logrus.Warnf("Running modprobe xt_conntrack failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err) + } +} + +func initFirewalld() { + if err := FirewalldInit(); err != nil { + logrus.Debugf("Fail to initialize firewalld: %v, using raw iptables instead", err) + } +} + func initCheck() error { if iptablesPath == "" { + probeOnce.Do(probe) + firewalldOnce.Do(initFirewalld) path, err := exec.LookPath("iptables") if err != nil { return ErrIptablesNotFound diff --git a/vendor/src/github.com/docker/libnetwork/types/types.go b/vendor/src/github.com/docker/libnetwork/types/types.go index 44ee563e69..28d33cacf5 100644 --- a/vendor/src/github.com/docker/libnetwork/types/types.go +++ b/vendor/src/github.com/docker/libnetwork/types/types.go @@ -12,6 +12,11 @@ import ( // UUID represents a globally unique ID of various resources like network and endpoint type UUID string +// QosPolicy represents a quality of service policy on an endpoint +type QosPolicy struct { + MaxEgressBandwidth uint64 +} + // TransportPort represent a local Layer 4 endpoint type TransportPort struct { Proto Protocol