David Calavera
commit
db2b5e647c
7 changed files with 91 additions and 8 deletions
|
|
@ -26,7 +26,7 @@ clone git github.com/docker/engine-api v0.2.2
|
|||
clone git github.com/RackSec/srslog 6eb773f331e46fbba8eecb8e794e635e75fc04de
|
||||
|
||||
#get libnetwork packages
|
||||
clone git github.com/docker/libnetwork v0.5.4
|
||||
clone git github.com/docker/libnetwork v0.5.5
|
||||
clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
|
||||
clone git github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b
|
||||
clone git github.com/hashicorp/memberlist 9a1e242e454d2443df330bdd51a436d5a9058fc4
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ bin/
|
|||
integration-tmp/
|
||||
_obj
|
||||
_test
|
||||
.vagrant
|
||||
|
||||
|
||||
# Architecture specific extensions/prefixes
|
||||
*.[568vq]
|
||||
|
|
|
|||
|
|
@ -1,5 +1,10 @@
|
|||
# Changelog
|
||||
|
||||
## 0.5.5 (2016-01-14)
|
||||
- Allow network-scoped alias to be resolved for anonymous endpoint
|
||||
- Self repair corrupted IP database that could happen in 1.9.0 & 1.9.1
|
||||
- Skip IPTables cleanup if --iptables=false is set. Fixes docker/docker#19063
|
||||
|
||||
## 0.5.4 (2016-01-12)
|
||||
- Removed the isNodeAlive protection when user forces an endpoint delete
|
||||
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import (
|
|||
"fmt"
|
||||
"sync"
|
||||
|
||||
log "github.com/Sirupsen/logrus"
|
||||
"github.com/docker/libnetwork/datastore"
|
||||
"github.com/docker/libnetwork/types"
|
||||
)
|
||||
|
|
@ -243,6 +244,58 @@ func (h *Handle) IsSet(ordinal uint64) bool {
|
|||
return err != nil
|
||||
}
|
||||
|
||||
func (h *Handle) runConsistencyCheck() bool {
|
||||
corrupted := false
|
||||
for p, c := h.head, h.head.next; c != nil; c = c.next {
|
||||
if c.count == 0 {
|
||||
corrupted = true
|
||||
p.next = c.next
|
||||
continue // keep same p
|
||||
}
|
||||
p = c
|
||||
}
|
||||
return corrupted
|
||||
}
|
||||
|
||||
// CheckConsistency checks if the bit sequence is in an inconsistent state and attempts to fix it.
|
||||
// It looks for a corruption signature that may happen in docker 1.9.0 and 1.9.1.
|
||||
func (h *Handle) CheckConsistency() error {
|
||||
for {
|
||||
h.Lock()
|
||||
store := h.store
|
||||
h.Unlock()
|
||||
|
||||
if store != nil {
|
||||
if err := store.GetObject(datastore.Key(h.Key()...), h); err != nil && err != datastore.ErrKeyNotFound {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
h.Lock()
|
||||
nh := h.getCopy()
|
||||
h.Unlock()
|
||||
|
||||
if !nh.runConsistencyCheck() {
|
||||
return nil
|
||||
}
|
||||
|
||||
if err := nh.writeToStore(); err != nil {
|
||||
if _, ok := err.(types.RetryError); !ok {
|
||||
return fmt.Errorf("internal failure while fixing inconsistent bitsequence: %v", err)
|
||||
}
|
||||
continue
|
||||
}
|
||||
|
||||
log.Infof("Fixed inconsistent bit sequence in datastore:\n%s\n%s", h, nh)
|
||||
|
||||
h.Lock()
|
||||
h.head = nh.head
|
||||
h.Unlock()
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// set/reset the bit
|
||||
func (h *Handle) set(ordinal, start, end uint64, any bool, release bool) (uint64, error) {
|
||||
var (
|
||||
|
|
|
|||
|
|
@ -135,7 +135,7 @@ func Init(dc driverapi.DriverCallback, config map[string]interface{}) error {
|
|||
if err := iptables.FirewalldInit(); err != nil {
|
||||
logrus.Debugf("Fail to initialize firewalld: %v, using raw iptables instead", err)
|
||||
}
|
||||
removeIPChains()
|
||||
|
||||
d := newDriver()
|
||||
if err := d.configure(config); err != nil {
|
||||
return err
|
||||
|
|
@ -378,6 +378,7 @@ func (d *driver) configure(option map[string]interface{}) error {
|
|||
}
|
||||
|
||||
if config.EnableIPTables {
|
||||
removeIPChains()
|
||||
natChain, filterChain, isolationChain, err = setupIPChains(config)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
|
|||
|
|
@ -70,6 +70,9 @@ func NewAllocator(lcDs, glDs datastore.DataStore) (*Allocator, error) {
|
|||
}
|
||||
}
|
||||
|
||||
a.checkConsistency(localAddressSpace)
|
||||
a.checkConsistency(globalAddressSpace)
|
||||
|
||||
return a, nil
|
||||
}
|
||||
|
||||
|
|
@ -115,6 +118,25 @@ func (a *Allocator) updateBitMasks(aSpace *addrSpace) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Checks for and fixes damaged bitmask. Meant to be called in constructor only.
|
||||
func (a *Allocator) checkConsistency(as string) {
|
||||
// Retrieve this address space's configuration and bitmasks from the datastore
|
||||
a.refresh(as)
|
||||
aSpace, ok := a.addrSpaces[as]
|
||||
if !ok {
|
||||
return
|
||||
}
|
||||
a.updateBitMasks(aSpace)
|
||||
for sk, pd := range aSpace.subnets {
|
||||
if pd.Range != nil {
|
||||
continue
|
||||
}
|
||||
if err := a.addresses[sk].CheckConsistency(); err != nil {
|
||||
log.Warnf("Error while running consistency check for %s: %v", sk, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// GetDefaultAddressSpaces returns the local and global default address spaces
|
||||
func (a *Allocator) GetDefaultAddressSpaces() (string, string, error) {
|
||||
return localAddressSpace, globalAddressSpace, nil
|
||||
|
|
|
|||
|
|
@ -822,20 +822,20 @@ func (n *network) EndpointByID(id string) (Endpoint, error) {
|
|||
}
|
||||
|
||||
func (n *network) updateSvcRecord(ep *endpoint, localEps []*endpoint, isAdd bool) {
|
||||
if ep.isAnonymous() {
|
||||
return
|
||||
}
|
||||
|
||||
epName := ep.Name()
|
||||
if iface := ep.Iface(); iface.Address() != nil {
|
||||
myAliases := ep.MyAliases()
|
||||
if isAdd {
|
||||
n.addSvcRecords(epName, iface.Address().IP, true)
|
||||
if !ep.isAnonymous() {
|
||||
n.addSvcRecords(epName, iface.Address().IP, true)
|
||||
}
|
||||
for _, alias := range myAliases {
|
||||
n.addSvcRecords(alias, iface.Address().IP, false)
|
||||
}
|
||||
} else {
|
||||
n.deleteSvcRecords(epName, iface.Address().IP, true)
|
||||
if !ep.isAnonymous() {
|
||||
n.deleteSvcRecords(epName, iface.Address().IP, true)
|
||||
}
|
||||
for _, alias := range myAliases {
|
||||
n.deleteSvcRecords(alias, iface.Address().IP, false)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue