Selaa lähdekoodia

Vendoring libnetwork & swarmkit to address #27147

Signed-off-by: Alessandro Boch <aboch@docker.com>
Alessandro Boch 8 vuotta sitten
vanhempi
commit
cb58783630

+ 2 - 2
hack/vendor.sh

@@ -65,7 +65,7 @@ clone git github.com/RackSec/srslog 365bf33cd9acc21ae1c355209865f17228ca534e
 clone git github.com/imdario/mergo 0.2.1
 
 #get libnetwork packages
-clone git github.com/docker/libnetwork 9fc9609b49d79b8a90ca24e3a63f2a3c09f5e29b
+clone git github.com/docker/libnetwork 7ba98d93bd24a04c4a096bf119e9791257631060
 clone git github.com/docker/go-events afb2b9f2c23f33ada1a22b03651775fdc65a5089
 clone git github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
 clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
@@ -139,7 +139,7 @@ clone git github.com/docker/docker-credential-helpers v0.3.0
 clone git github.com/docker/containerd v0.2.4
 
 # cluster
-clone git github.com/docker/swarmkit a2abe794f7a1cfe0ed376fbc7c107ab3d6cf7705
+clone git github.com/docker/swarmkit e239bc901fd6f5c85b36904e89f1b64c8c0635f2
 clone git github.com/golang/mock bd3c8e81be01eef76d4b503f5e687d2d1354d2d9
 clone git github.com/gogo/protobuf 43a2e0b1c32252bfbbdf81f7faa7a88fb3fa4028
 clone git github.com/cloudflare/cfssl b895b0549c0ff676f92cf09ba971ae02bb41367b

+ 12 - 0
vendor/src/github.com/docker/libnetwork/network.go

@@ -1054,6 +1054,12 @@ func delNameToIP(svcMap map[string][]net.IP, name string, epIP net.IP) {
 }
 
 func (n *network) addSvcRecords(name string, epIP net.IP, epIPv6 net.IP, ipMapUpdate bool) {
+	// Do not add service names for ingress network as this is a
+	// routing only network
+	if n.ingress {
+		return
+	}
+
 	c := n.getController()
 	c.Lock()
 	defer c.Unlock()
@@ -1081,6 +1087,12 @@ func (n *network) addSvcRecords(name string, epIP net.IP, epIPv6 net.IP, ipMapUp
 }
 
 func (n *network) deleteSvcRecords(name string, epIP net.IP, epIPv6 net.IP, ipMapUpdate bool) {
+	// Do not delete service names from ingress network as this is a
+	// routing only network
+	if n.ingress {
+		return
+	}
+
 	c := n.getController()
 	c.Lock()
 	defer c.Unlock()

+ 8 - 2
vendor/src/github.com/docker/libnetwork/networkdb/cluster.go

@@ -112,14 +112,20 @@ func (nDB *NetworkDB) clusterInit() error {
 
 	nDB.networkBroadcasts = &memberlist.TransmitLimitedQueue{
 		NumNodes: func() int {
-			return len(nDB.nodes)
+			nDB.RLock()
+			num := len(nDB.nodes)
+			nDB.RUnlock()
+			return num
 		},
 		RetransmitMult: config.RetransmitMult,
 	}
 
 	nDB.nodeBroadcasts = &memberlist.TransmitLimitedQueue{
 		NumNodes: func() int {
-			return len(nDB.nodes)
+			nDB.RLock()
+			num := len(nDB.nodes)
+			nDB.RUnlock()
+			return num
 		},
 		RetransmitMult: config.RetransmitMult,
 	}

+ 22 - 0
vendor/src/github.com/docker/swarmkit/manager/controlapi/service.go

@@ -161,6 +161,24 @@ func validateEndpointSpec(epSpec *api.EndpointSpec) error {
 	return nil
 }
 
+func (s *Server) validateNetworks(networks []*api.ServiceSpec_NetworkAttachmentConfig) error {
+	for _, na := range networks {
+		var network *api.Network
+		s.store.View(func(tx store.ReadTx) {
+			network = store.FindNetwork(tx, na.Target)
+		})
+		if network == nil {
+			continue
+		}
+		if _, ok := network.Spec.Annotations.Labels["com.docker.swarm.internal"]; ok {
+			return grpc.Errorf(codes.InvalidArgument,
+				"Service cannot be explicitly attached to %q network which is a swarm internal network",
+				network.Spec.Annotations.Name)
+		}
+	}
+	return nil
+}
+
 func validateServiceSpec(spec *api.ServiceSpec) error {
 	if spec == nil {
 		return grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
@@ -247,6 +265,10 @@ func (s *Server) CreateService(ctx context.Context, request *api.CreateServiceRe
 		return nil, err
 	}
 
+	if err := s.validateNetworks(request.Spec.Networks); err != nil {
+		return nil, err
+	}
+
 	if err := s.checkPortConflicts(request.Spec, ""); err != nil {
 		return nil, err
 	}

+ 16 - 0
vendor/src/github.com/docker/swarmkit/manager/state/store/networks.go

@@ -183,6 +183,22 @@ func FindNetworks(tx ReadTx, by By) ([]*api.Network, error) {
 	return networkList, err
 }
 
+// FindNetwork is a utility function which returns the first
+// network for which the target string matches the ID, or
+// the name or the ID prefix.
+func FindNetwork(tx ReadTx, target string) *api.Network {
+	if n := GetNetwork(tx, target); n != nil {
+		return n
+	}
+	if list, err := FindNetworks(tx, ByName(target)); err == nil && len(list) == 1 {
+		return list[0]
+	}
+	if list, err := FindNetworks(tx, ByIDPrefix(target)); err == nil && len(list) == 1 {
+		return list[0]
+	}
+	return nil
+}
+
 type networkIndexerByID struct{}
 
 func (ni networkIndexerByID) FromArgs(args ...interface{}) ([]byte, error) {