We use cookies to ensure you get the best experience on our website
Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
0ct0pu5
/
moby
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: 0ccbae0437
Branches Tags
moby
/
daemon
/
cluster
/
cluster.go

cluster.go 41 KB
Lịch sử Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615 
  1. package cluster
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"fmt"
    6. 

  6. 	"io/ioutil"
    7. 

  7. 	"net"
    8. 

  8. 	"os"
    9. 

  9. 	"path/filepath"
    10. 

  10. 	"runtime"
    11. 

  11. 	"strings"
    12. 

  12. 	"sync"
    13. 

  13. 	"time"
    14. 

  14. 

  15. 	"google.golang.org/grpc"
    16. 

  16. 

  17. 	"github.com/Sirupsen/logrus"
    18. 

  18. 	"github.com/docker/docker/api/errors"
    19. 

  19. 	apitypes "github.com/docker/docker/api/types"
    20. 

  20. 	"github.com/docker/docker/api/types/filters"
    21. 

  21. 	"github.com/docker/docker/api/types/network"
    22. 

  22. 	types "github.com/docker/docker/api/types/swarm"
    23. 

  23. 	"github.com/docker/docker/daemon/cluster/convert"
    24. 

  24. 	executorpkg "github.com/docker/docker/daemon/cluster/executor"
    25. 

  25. 	"github.com/docker/docker/daemon/cluster/executor/container"
    26. 

  26. 	"github.com/docker/docker/opts"
    27. 

  27. 	"github.com/docker/docker/pkg/ioutils"
    28. 

  28. 	"github.com/docker/docker/pkg/signal"
    29. 

  29. 	"github.com/docker/docker/runconfig"
    30. 

  30. 	swarmapi "github.com/docker/swarmkit/api"
    31. 

  31. 	swarmnode "github.com/docker/swarmkit/node"
    32. 

  32. 	"golang.org/x/net/context"
    33. 

  33. )
    34. 

  34. 

  35. const swarmDirName = "swarm"
    36. 

  36. const controlSocket = "control.sock"
    37. 

  37. const swarmConnectTimeout = 20 * time.Second
    38. 

  38. const swarmRequestTimeout = 20 * time.Second
    39. 

  39. const stateFile = "docker-state.json"
    40. 

  40. const defaultAddr = "0.0.0.0:2377"
    41. 

  41. 

  42. const (
    43. 

  43. 	initialReconnectDelay = 100 * time.Millisecond
    44. 

  44. 	maxReconnectDelay     = 30 * time.Second
    45. 

  45. )
    46. 

  46. 

  47. // ErrNoSwarm is returned on leaving a cluster that was never initialized
    48. 

  48. var ErrNoSwarm = fmt.Errorf("This node is not part of a swarm")
    49. 

  49. 

  50. // ErrSwarmExists is returned on initialize or join request for a cluster that has already been activated
    51. 

  51. var ErrSwarmExists = fmt.Errorf("This node is already part of a swarm. Use \"docker swarm leave\" to leave this swarm and join another one.")
    52. 

  52. 

  53. // ErrPendingSwarmExists is returned on initialize or join request for a cluster that is already processing a similar request but has not succeeded yet.
    54. 

  54. var ErrPendingSwarmExists = fmt.Errorf("This node is processing an existing join request that has not succeeded yet. Use \"docker swarm leave\" to cancel the current request.")
    55. 

  55. 

  56. // ErrSwarmJoinTimeoutReached is returned when cluster join could not complete before timeout was reached.
    57. 

  57. var ErrSwarmJoinTimeoutReached = fmt.Errorf("Timeout was reached before node was joined. The attempt to join the swarm will continue in the background. Use the \"docker info\" command to see the current swarm status of your node.")
    58. 

  58. 

  59. // NetworkSubnetsProvider exposes functions for retrieving the subnets
    60. 

  60. // of networks managed by Docker, so they can be filtered.
    61. 

  61. type NetworkSubnetsProvider interface {
    62. 

  62. 	V4Subnets() []net.IPNet
    63. 

  63. 	V6Subnets() []net.IPNet
    64. 

  64. }
    65. 

  65. 

  66. // Config provides values for Cluster.
    67. 

  67. type Config struct {
    68. 

  68. 	Root                   string
    69. 

  69. 	Name                   string
    70. 

  70. 	Backend                executorpkg.Backend
    71. 

  71. 	NetworkSubnetsProvider NetworkSubnetsProvider
    72. 

  72. 

  73. 	// DefaultAdvertiseAddr is the default host/IP or network interface to use
    74. 

  74. 	// if no AdvertiseAddr value is specified.
    75. 

  75. 	DefaultAdvertiseAddr string
    76. 

  76. 

  77. 	// path to store runtime state, such as the swarm control socket
    78. 

  78. 	RuntimeRoot string
    79. 

  79. }
    80. 

  80. 

  81. // Cluster provides capabilities to participate in a cluster as a worker or a
    82. 

  82. // manager.
    83. 

  83. type Cluster struct {
    84. 

  84. 	sync.RWMutex
    85. 

  85. 	*node
    86. 

  86. 	root            string
    87. 

  87. 	runtimeRoot     string
    88. 

  88. 	config          Config
    89. 

  89. 	configEvent     chan struct{} // todo: make this array and goroutine safe
    90. 

  90. 	actualLocalAddr string        // after resolution, not persisted
    91. 

  91. 	stop            bool
    92. 

  92. 	err             error
    93. 

  93. 	cancelDelay     func()
    94. 

  94. 	attachers       map[string]*attacher
    95. 

  95. }
    96. 

  96. 

  97. // attacher manages the in-memory attachment state of a container
    98. 

  98. // attachment to a global scope network managed by swarm manager. It
    99. 

  99. // helps in identifying the attachment ID via the taskID and the
    100. 

  100. // corresponding attachment configuration obtained from the manager.
    101. 

  101. type attacher struct {
    102. 

  102. 	taskID           string
    103. 

  103. 	config           *network.NetworkingConfig
    104. 

  104. 	attachWaitCh     chan *network.NetworkingConfig
    105. 

  105. 	attachCompleteCh chan struct{}
    106. 

  106. 	detachWaitCh     chan struct{}
    107. 

  107. }
    108. 

  108. 

  109. type node struct {
    110. 

  110. 	*swarmnode.Node
    111. 

  111. 	done           chan struct{}
    112. 

  112. 	ready          bool
    113. 

  113. 	conn           *grpc.ClientConn
    114. 

  114. 	client         swarmapi.ControlClient
    115. 

  115. 	reconnectDelay time.Duration
    116. 

  116. 	config         nodeStartConfig
    117. 

  117. }
    118. 

  118. 

  119. // nodeStartConfig holds configuration needed to start a new node. Exported
    120. 

  120. // fields of this structure are saved to disk in json. Unexported fields
    121. 

  121. // contain data that shouldn't be persisted between daemon reloads.
    122. 

  122. type nodeStartConfig struct {
    123. 

  123. 	// LocalAddr is this machine's local IP or hostname, if specified.
    124. 

  124. 	LocalAddr string
    125. 

  125. 	// RemoteAddr is the address that was given to "swarm join". It is used
    126. 

  126. 	// to find LocalAddr if necessary.
    127. 

  127. 	RemoteAddr string
    128. 

  128. 	// ListenAddr is the address we bind to, including a port.
    129. 

  129. 	ListenAddr string
    130. 

  130. 	// AdvertiseAddr is the address other nodes should connect to,
    131. 

  131. 	// including a port.
    132. 

  132. 	AdvertiseAddr   string
    133. 

  133. 	joinAddr        string
    134. 

  134. 	forceNewCluster bool
    135. 

  135. 	joinToken       string
    136. 

  136. }
    137. 

  137. 

  138. // New creates a new Cluster instance using provided config.
    139. 

  139. func New(config Config) (*Cluster, error) {
    140. 

  140. 	root := filepath.Join(config.Root, swarmDirName)
    141. 

  141. 	if err := os.MkdirAll(root, 0700); err != nil {
    142. 

  142. 		return nil, err
    143. 

  143. 	}
    144. 

  144. 	if config.RuntimeRoot == "" {
    145. 

  145. 		config.RuntimeRoot = root
    146. 

  146. 	}
    147. 

  147. 	if err := os.MkdirAll(config.RuntimeRoot, 0700); err != nil {
    148. 

  148. 		return nil, err
    149. 

  149. 	}
    150. 

  150. 	c := &Cluster{
    151. 

  151. 		root:        root,
    152. 

  152. 		config:      config,
    153. 

  153. 		configEvent: make(chan struct{}, 10),
    154. 

  154. 		runtimeRoot: config.RuntimeRoot,
    155. 

  155. 		attachers:   make(map[string]*attacher),
    156. 

  156. 	}
    157. 

  157. 

  158. 	nodeConfig, err := c.loadState()
    159. 

  159. 	if err != nil {
    160. 

  160. 		if os.IsNotExist(err) {
    161. 

  161. 			return c, nil
    162. 

  162. 		}
    163. 

  163. 		return nil, err
    164. 

  164. 	}
    165. 

  165. 

  166. 	n, err := c.startNewNode(*nodeConfig)
    167. 

  167. 	if err != nil {
    168. 

  168. 		return nil, err
    169. 

  169. 	}
    170. 

  170. 

  171. 	select {
    172. 

  172. 	case <-time.After(swarmConnectTimeout):
    173. 

  173. 		logrus.Error("swarm component could not be started before timeout was reached")
    174. 

  174. 	case <-n.Ready():
    175. 

  175. 	case <-n.done:
    176. 

  176. 		return nil, fmt.Errorf("swarm component could not be started: %v", c.err)
    177. 

  177. 	}
    178. 

  178. 	go c.reconnectOnFailure(n)
    179. 

  179. 	return c, nil
    180. 

  180. }
    181. 

  181. 

  182. func (c *Cluster) loadState() (*nodeStartConfig, error) {
    183. 

  183. 	dt, err := ioutil.ReadFile(filepath.Join(c.root, stateFile))
    184. 

  184. 	if err != nil {
    185. 

  185. 		return nil, err
    186. 

  186. 	}
    187. 

  187. 	// missing certificate means no actual state to restore from
    188. 

  188. 	if _, err := os.Stat(filepath.Join(c.root, "certificates/swarm-node.crt")); err != nil {
    189. 

  189. 		if os.IsNotExist(err) {
    190. 

  190. 			c.clearState()
    191. 

  191. 		}
    192. 

  192. 		return nil, err
    193. 

  193. 	}
    194. 

  194. 	var st nodeStartConfig
    195. 

  195. 	if err := json.Unmarshal(dt, &st); err != nil {
    196. 

  196. 		return nil, err
    197. 

  197. 	}
    198. 

  198. 	return &st, nil
    199. 

  199. }
    200. 

  200. 

  201. func (c *Cluster) saveState(config nodeStartConfig) error {
    202. 

  202. 	dt, err := json.Marshal(config)
    203. 

  203. 	if err != nil {
    204. 

  204. 		return err
    205. 

  205. 	}
    206. 

  206. 	return ioutils.AtomicWriteFile(filepath.Join(c.root, stateFile), dt, 0600)
    207. 

  207. }
    208. 

  208. 

  209. func (c *Cluster) reconnectOnFailure(n *node) {
    210. 

  210. 	for {
    211. 

  211. 		<-n.done
    212. 

  212. 		c.Lock()
    213. 

  213. 		if c.stop || c.node != nil {
    214. 

  214. 			c.Unlock()
    215. 

  215. 			return
    216. 

  216. 		}
    217. 

  217. 		n.reconnectDelay *= 2
    218. 

  218. 		if n.reconnectDelay > maxReconnectDelay {
    219. 

  219. 			n.reconnectDelay = maxReconnectDelay
    220. 

  220. 		}
    221. 

  221. 		logrus.Warnf("Restarting swarm in %.2f seconds", n.reconnectDelay.Seconds())
    222. 

  222. 		delayCtx, cancel := context.WithTimeout(context.Background(), n.reconnectDelay)
    223. 

  223. 		c.cancelDelay = cancel
    224. 

  224. 		c.Unlock()
    225. 

  225. 		<-delayCtx.Done()
    226. 

  226. 		if delayCtx.Err() != context.DeadlineExceeded {
    227. 

  227. 			return
    228. 

  228. 		}
    229. 

  229. 		c.Lock()
    230. 

  230. 		if c.node != nil {
    231. 

  231. 			c.Unlock()
    232. 

  232. 			return
    233. 

  233. 		}
    234. 

  234. 		var err error
    235. 

  235. 		config := n.config
    236. 

  236. 		config.RemoteAddr = c.getRemoteAddress()
    237. 

  237. 		config.joinAddr = config.RemoteAddr
    238. 

  238. 		n, err = c.startNewNode(config)
    239. 

  239. 		if err != nil {
    240. 

  240. 			c.err = err
    241. 

  241. 			close(n.done)
    242. 

  242. 		}
    243. 

  243. 		c.Unlock()
    244. 

  244. 	}
    245. 

  245. }
    246. 

  246. 

  247. func (c *Cluster) startNewNode(conf nodeStartConfig) (*node, error) {
    248. 

  248. 	if err := c.config.Backend.IsSwarmCompatible(); err != nil {
    249. 

  249. 		return nil, err
    250. 

  250. 	}
    251. 

  251. 

  252. 	actualLocalAddr := conf.LocalAddr
    253. 

  253. 	if actualLocalAddr == "" {
    254. 

  254. 		// If localAddr was not specified, resolve it automatically
    255. 

  255. 		// based on the route to joinAddr. localAddr can only be left
    256. 

  256. 		// empty on "join".
    257. 

  257. 		listenHost, _, err := net.SplitHostPort(conf.ListenAddr)
    258. 

  258. 		if err != nil {
    259. 

  259. 			return nil, fmt.Errorf("could not parse listen address: %v", err)
    260. 

  260. 		}
    261. 

  261. 

  262. 		listenAddrIP := net.ParseIP(listenHost)
    263. 

  263. 		if listenAddrIP == nil || !listenAddrIP.IsUnspecified() {
    264. 

  264. 			actualLocalAddr = listenHost
    265. 

  265. 		} else {
    266. 

  266. 			if conf.RemoteAddr == "" {
    267. 

  267. 				// Should never happen except using swarms created by
    268. 

  268. 				// old versions that didn't save remoteAddr.
    269. 

  269. 				conf.RemoteAddr = "8.8.8.8:53"
    270. 

  270. 			}
    271. 

  271. 			conn, err := net.Dial("udp", conf.RemoteAddr)
    272. 

  272. 			if err != nil {
    273. 

  273. 				return nil, fmt.Errorf("could not find local IP address: %v", err)
    274. 

  274. 			}
    275. 

  275. 			localHostPort := conn.LocalAddr().String()
    276. 

  276. 			actualLocalAddr, _, _ = net.SplitHostPort(localHostPort)
    277. 

  277. 			conn.Close()
    278. 

  278. 		}
    279. 

  279. 	}
    280. 

  280. 

  281. 	var control string
    282. 

  282. 	if runtime.GOOS == "windows" {
    283. 

  283. 		control = `\\.\pipe\` + controlSocket
    284. 

  284. 	} else {
    285. 

  285. 		control = filepath.Join(c.runtimeRoot, controlSocket)
    286. 

  286. 	}
    287. 

  287. 

  288. 	c.node = nil
    289. 

  289. 	c.cancelDelay = nil
    290. 

  290. 	c.stop = false
    291. 

  291. 	n, err := swarmnode.New(&swarmnode.Config{
    292. 

  292. 		Hostname:           c.config.Name,
    293. 

  293. 		ForceNewCluster:    conf.forceNewCluster,
    294. 

  294. 		ListenControlAPI:   control,
    295. 

  295. 		ListenRemoteAPI:    conf.ListenAddr,
    296. 

  296. 		AdvertiseRemoteAPI: conf.AdvertiseAddr,
    297. 

  297. 		JoinAddr:           conf.joinAddr,
    298. 

  298. 		StateDir:           c.root,
    299. 

  299. 		JoinToken:          conf.joinToken,
    300. 

  300. 		Executor:           container.NewExecutor(c.config.Backend),
    301. 

  301. 		HeartbeatTick:      1,
    302. 

  302. 		ElectionTick:       3,
    303. 

  303. 	})
    304. 

  304. 	if err != nil {
    305. 

  305. 		return nil, err
    306. 

  306. 	}
    307. 

  307. 	ctx := context.Background()
    308. 

  308. 	if err := n.Start(ctx); err != nil {
    309. 

  309. 		return nil, err
    310. 

  310. 	}
    311. 

  311. 	node := &node{
    312. 

  312. 		Node:           n,
    313. 

  313. 		done:           make(chan struct{}),
    314. 

  314. 		reconnectDelay: initialReconnectDelay,
    315. 

  315. 		config:         conf,
    316. 

  316. 	}
    317. 

  317. 	c.node = node
    318. 

  318. 	c.actualLocalAddr = actualLocalAddr // not saved
    319. 

  319. 	c.saveState(conf)
    320. 

  320. 

  321. 	c.config.Backend.SetClusterProvider(c)
    322. 

  322. 	go func() {
    323. 

  323. 		err := n.Err(ctx)
    324. 

  324. 		if err != nil {
    325. 

  325. 			logrus.Errorf("cluster exited with error: %v", err)
    326. 

  326. 		}
    327. 

  327. 		c.Lock()
    328. 

  328. 		c.node = nil
    329. 

  329. 		c.err = err
    330. 

  330. 		c.Unlock()
    331. 

  331. 		close(node.done)
    332. 

  332. 	}()
    333. 

  333. 

  334. 	go func() {
    335. 

  335. 		select {
    336. 

  336. 		case <-n.Ready():
    337. 

  337. 			c.Lock()
    338. 

  338. 			node.ready = true
    339. 

  339. 			c.err = nil
    340. 

  340. 			c.Unlock()
    341. 

  341. 		case <-ctx.Done():
    342. 

  342. 		}
    343. 

  343. 		c.configEvent <- struct{}{}
    344. 

  344. 	}()
    345. 

  345. 

  346. 	go func() {
    347. 

  347. 		for conn := range n.ListenControlSocket(ctx) {
    348. 

  348. 			c.Lock()
    349. 

  349. 			if node.conn != conn {
    350. 

  350. 				if conn == nil {
    351. 

  351. 					node.client = nil
    352. 

  352. 				} else {
    353. 

  353. 					node.client = swarmapi.NewControlClient(conn)
    354. 

  354. 				}
    355. 

  355. 			}
    356. 

  356. 			node.conn = conn
    357. 

  357. 			c.Unlock()
    358. 

  358. 			c.configEvent <- struct{}{}
    359. 

  359. 		}
    360. 

  360. 	}()
    361. 

  361. 

  362. 	return node, nil
    363. 

  363. }
    364. 

  364. 

  365. // Init initializes new cluster from user provided request.
    366. 

  366. func (c *Cluster) Init(req types.InitRequest) (string, error) {
    367. 

  367. 	c.Lock()
    368. 

  368. 	if node := c.node; node != nil {
    369. 

  369. 		if !req.ForceNewCluster {
    370. 

  370. 			c.Unlock()
    371. 

  371. 			return "", ErrSwarmExists
    372. 

  372. 		}
    373. 

  373. 		if err := c.stopNode(); err != nil {
    374. 

  374. 			c.Unlock()
    375. 

  375. 			return "", err
    376. 

  376. 		}
    377. 

  377. 	}
    378. 

  378. 

  379. 	if err := validateAndSanitizeInitRequest(&req); err != nil {
    380. 

  380. 		c.Unlock()
    381. 

  381. 		return "", err
    382. 

  382. 	}
    383. 

  383. 

  384. 	listenHost, listenPort, err := resolveListenAddr(req.ListenAddr)
    385. 

  385. 	if err != nil {
    386. 

  386. 		c.Unlock()
    387. 

  387. 		return "", err
    388. 

  388. 	}
    389. 

  389. 

  390. 	advertiseHost, advertisePort, err := c.resolveAdvertiseAddr(req.AdvertiseAddr, listenPort)
    391. 

  391. 	if err != nil {
    392. 

  392. 		c.Unlock()
    393. 

  393. 		return "", err
    394. 

  394. 	}
    395. 

  395. 

  396. 	localAddr := listenHost
    397. 

  397. 

  398. 	// If the advertise address is not one of the system's
    399. 

  399. 	// addresses, we also require a listen address.
    400. 

  400. 	listenAddrIP := net.ParseIP(listenHost)
    401. 

  401. 	if listenAddrIP != nil && listenAddrIP.IsUnspecified() {
    402. 

  402. 		advertiseIP := net.ParseIP(advertiseHost)
    403. 

  403. 		if advertiseIP == nil {
    404. 

  404. 			// not an IP
    405. 

  405. 			c.Unlock()
    406. 

  406. 			return "", errMustSpecifyListenAddr
    407. 

  407. 		}
    408. 

  408. 

  409. 		systemIPs := listSystemIPs()
    410. 

  410. 

  411. 		found := false
    412. 

  412. 		for _, systemIP := range systemIPs {
    413. 

  413. 			if systemIP.Equal(advertiseIP) {
    414. 

  414. 				found = true
    415. 

  415. 				break
    416. 

  416. 			}
    417. 

  417. 		}
    418. 

  418. 		if !found {
    419. 

  419. 			c.Unlock()
    420. 

  420. 			return "", errMustSpecifyListenAddr
    421. 

  421. 		}
    422. 

  422. 		localAddr = advertiseIP.String()
    423. 

  423. 	}
    424. 

  424. 

  425. 	// todo: check current state existing
    426. 

  426. 	n, err := c.startNewNode(nodeStartConfig{
    427. 

  427. 		forceNewCluster: req.ForceNewCluster,
    428. 

  428. 		LocalAddr:       localAddr,
    429. 

  429. 		ListenAddr:      net.JoinHostPort(listenHost, listenPort),
    430. 

  430. 		AdvertiseAddr:   net.JoinHostPort(advertiseHost, advertisePort),
    431. 

  431. 	})
    432. 

  432. 	if err != nil {
    433. 

  433. 		c.Unlock()
    434. 

  434. 		return "", err
    435. 

  435. 	}
    436. 

  436. 	c.Unlock()
    437. 

  437. 

  438. 	select {
    439. 

  439. 	case <-n.Ready():
    440. 

  440. 		if err := initClusterSpec(n, req.Spec); err != nil {
    441. 

  441. 			return "", err
    442. 

  442. 		}
    443. 

  443. 		go c.reconnectOnFailure(n)
    444. 

  444. 		return n.NodeID(), nil
    445. 

  445. 	case <-n.done:
    446. 

  446. 		c.RLock()
    447. 

  447. 		defer c.RUnlock()
    448. 

  448. 		if !req.ForceNewCluster { // if failure on first attempt don't keep state
    449. 

  449. 			if err := c.clearState(); err != nil {
    450. 

  450. 				return "", err
    451. 

  451. 			}
    452. 

  452. 		}
    453. 

  453. 		return "", c.err
    454. 

  454. 	}
    455. 

  455. }
    456. 

  456. 

  457. // Join makes current Cluster part of an existing swarm cluster.
    458. 

  458. func (c *Cluster) Join(req types.JoinRequest) error {
    459. 

  459. 	c.Lock()
    460. 

  460. 	if node := c.node; node != nil {
    461. 

  461. 		c.Unlock()
    462. 

  462. 		return ErrSwarmExists
    463. 

  463. 	}
    464. 

  464. 	if err := validateAndSanitizeJoinRequest(&req); err != nil {
    465. 

  465. 		c.Unlock()
    466. 

  466. 		return err
    467. 

  467. 	}
    468. 

  468. 

  469. 	listenHost, listenPort, err := resolveListenAddr(req.ListenAddr)
    470. 

  470. 	if err != nil {
    471. 

  471. 		c.Unlock()
    472. 

  472. 		return err
    473. 

  473. 	}
    474. 

  474. 

  475. 	var advertiseAddr string
    476. 

  476. 	if req.AdvertiseAddr != "" {
    477. 

  477. 		advertiseHost, advertisePort, err := c.resolveAdvertiseAddr(req.AdvertiseAddr, listenPort)
    478. 

  478. 		// For joining, we don't need to provide an advertise address,
    479. 

  479. 		// since the remote side can detect it.
    480. 

  480. 		if err == nil {
    481. 

  481. 			advertiseAddr = net.JoinHostPort(advertiseHost, advertisePort)
    482. 

  482. 		}
    483. 

  483. 	}
    484. 

  484. 

  485. 	// todo: check current state existing
    486. 

  486. 	n, err := c.startNewNode(nodeStartConfig{
    487. 

  487. 		RemoteAddr:    req.RemoteAddrs[0],
    488. 

  488. 		ListenAddr:    net.JoinHostPort(listenHost, listenPort),
    489. 

  489. 		AdvertiseAddr: advertiseAddr,
    490. 

  490. 		joinAddr:      req.RemoteAddrs[0],
    491. 

  491. 		joinToken:     req.JoinToken,
    492. 

  492. 	})
    493. 

  493. 	if err != nil {
    494. 

  494. 		c.Unlock()
    495. 

  495. 		return err
    496. 

  496. 	}
    497. 

  497. 	c.Unlock()
    498. 

  498. 

  499. 	select {
    500. 

  500. 	case <-time.After(swarmConnectTimeout):
    501. 

  501. 		// attempt to connect will continue in background, but reconnect only if it didn't fail
    502. 

  502. 		go func() {
    503. 

  503. 			select {
    504. 

  504. 			case <-n.Ready():
    505. 

  505. 				c.reconnectOnFailure(n)
    506. 

  506. 			case <-n.done:
    507. 

  507. 				logrus.Errorf("failed to join the cluster: %+v", c.err)
    508. 

  508. 			}
    509. 

  509. 		}()
    510. 

  510. 		return ErrSwarmJoinTimeoutReached
    511. 

  511. 	case <-n.Ready():
    512. 

  512. 		go c.reconnectOnFailure(n)
    513. 

  513. 		return nil
    514. 

  514. 	case <-n.done:
    515. 

  515. 		c.RLock()
    516. 

  516. 		defer c.RUnlock()
    517. 

  517. 		return c.err
    518. 

  518. 	}
    519. 

  519. }
    520. 

  520. 

  521. // stopNode is a helper that stops the active c.node and waits until it has
    522. 

  522. // shut down. Call while keeping the cluster lock.
    523. 

  523. func (c *Cluster) stopNode() error {
    524. 

  524. 	if c.node == nil {
    525. 

  525. 		return nil
    526. 

  526. 	}
    527. 

  527. 	c.stop = true
    528. 

  528. 	if c.cancelDelay != nil {
    529. 

  529. 		c.cancelDelay()
    530. 

  530. 		c.cancelDelay = nil
    531. 

  531. 	}
    532. 

  532. 	node := c.node
    533. 

  533. 	ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
    534. 

  534. 	defer cancel()
    535. 

  535. 	// TODO: can't hold lock on stop because it calls back to network
    536. 

  536. 	c.Unlock()
    537. 

  537. 	defer c.Lock()
    538. 

  538. 	if err := node.Stop(ctx); err != nil && !strings.Contains(err.Error(), "context canceled") {
    539. 

  539. 		return err
    540. 

  540. 	}
    541. 

  541. 	<-node.done
    542. 

  542. 	return nil
    543. 

  543. }
    544. 

  544. 

  545. func removingManagerCausesLossOfQuorum(reachable, unreachable int) bool {
    546. 

  546. 	return reachable-2 <= unreachable
    547. 

  547. }
    548. 

  548. 

  549. func isLastManager(reachable, unreachable int) bool {
    550. 

  550. 	return reachable == 1 && unreachable == 0
    551. 

  551. }
    552. 

  552. 

  553. // Leave shuts down Cluster and removes current state.
    554. 

  554. func (c *Cluster) Leave(force bool) error {
    555. 

  555. 	c.Lock()
    556. 

  556. 	node := c.node
    557. 

  557. 	if node == nil {
    558. 

  558. 		c.Unlock()
    559. 

  559. 		return ErrNoSwarm
    560. 

  560. 	}
    561. 

  561. 

  562. 	if node.Manager() != nil && !force {
    563. 

  563. 		msg := "You are attempting to leave the swarm on a node that is participating as a manager. "
    564. 

  564. 		if c.isActiveManager() {
    565. 

  565. 			active, reachable, unreachable, err := c.managerStats()
    566. 

  566. 			if err == nil {
    567. 

  567. 				if active && removingManagerCausesLossOfQuorum(reachable, unreachable) {
    568. 

  568. 					if isLastManager(reachable, unreachable) {
    569. 

  569. 						msg += "Removing the last manager erases all current state of the swarm. Use `--force` to ignore this message. "
    570. 

  570. 						c.Unlock()
    571. 

  571. 						return fmt.Errorf(msg)
    572. 

  572. 					}
    573. 

  573. 					msg += fmt.Sprintf("Removing this node leaves %v managers out of %v. Without a Raft quorum your swarm will be inaccessible. ", reachable-1, reachable+unreachable)
    574. 

  574. 				}
    575. 

  575. 			}
    576. 

  576. 		} else {
    577. 

  577. 			msg += "Doing so may lose the consensus of your cluster. "
    578. 

  578. 		}
    579. 

  579. 

  580. 		msg += "The only way to restore a swarm that has lost consensus is to reinitialize it with `--force-new-cluster`. Use `--force` to suppress this message."
    581. 

  581. 		c.Unlock()
    582. 

  582. 		return fmt.Errorf(msg)
    583. 

  583. 	}
    584. 

  584. 	if err := c.stopNode(); err != nil {
    585. 

  585. 		logrus.Errorf("failed to shut down cluster node: %v", err)
    586. 

  586. 		signal.DumpStacks("")
    587. 

  587. 		c.Unlock()
    588. 

  588. 		return err
    589. 

  589. 	}
    590. 

  590. 	c.Unlock()
    591. 

  591. 	if nodeID := node.NodeID(); nodeID != "" {
    592. 

  592. 		nodeContainers, err := c.listContainerForNode(nodeID)
    593. 

  593. 		if err != nil {
    594. 

  594. 			return err
    595. 

  595. 		}
    596. 

  596. 		for _, id := range nodeContainers {
    597. 

  597. 			if err := c.config.Backend.ContainerRm(id, &apitypes.ContainerRmConfig{ForceRemove: true}); err != nil {
    598. 

  598. 				logrus.Errorf("error removing %v: %v", id, err)
    599. 

  599. 			}
    600. 

  600. 		}
    601. 

  601. 	}
    602. 

  602. 	c.configEvent <- struct{}{}
    603. 

  603. 	// todo: cleanup optional?
    604. 

  604. 	if err := c.clearState(); err != nil {
    605. 

  605. 		return err
    606. 

  606. 	}
    607. 

  607. 	return nil
    608. 

  608. }
    609. 

  609. 

  610. func (c *Cluster) listContainerForNode(nodeID string) ([]string, error) {
    611. 

  611. 	var ids []string
    612. 

  612. 	filters := filters.NewArgs()
    613. 

  613. 	filters.Add("label", fmt.Sprintf("com.docker.swarm.node.id=%s", nodeID))
    614. 

  614. 	containers, err := c.config.Backend.Containers(&apitypes.ContainerListOptions{
    615. 

  615. 		Filters: filters,
    616. 

  616. 	})
    617. 

  617. 	if err != nil {
    618. 

  618. 		return []string{}, err
    619. 

  619. 	}
    620. 

  620. 	for _, c := range containers {
    621. 

  621. 		ids = append(ids, c.ID)
    622. 

  622. 	}
    623. 

  623. 	return ids, nil
    624. 

  624. }
    625. 

  625. 

  626. func (c *Cluster) clearState() error {
    627. 

  627. 	// todo: backup this data instead of removing?
    628. 

  628. 	if err := os.RemoveAll(c.root); err != nil {
    629. 

  629. 		return err
    630. 

  630. 	}
    631. 

  631. 	if err := os.MkdirAll(c.root, 0700); err != nil {
    632. 

  632. 		return err
    633. 

  633. 	}
    634. 

  634. 	c.config.Backend.SetClusterProvider(nil)
    635. 

  635. 	return nil
    636. 

  636. }
    637. 

  637. 

  638. func (c *Cluster) getRequestContext() (context.Context, func()) { // TODO: not needed when requests don't block on qourum lost
    639. 

  639. 	return context.WithTimeout(context.Background(), swarmRequestTimeout)
    640. 

  640. }
    641. 

  641. 

  642. // Inspect retrieves the configuration properties of a managed swarm cluster.
    643. 

  643. func (c *Cluster) Inspect() (types.Swarm, error) {
    644. 

  644. 	c.RLock()
    645. 

  645. 	defer c.RUnlock()
    646. 

  646. 

  647. 	if !c.isActiveManager() {
    648. 

  648. 		return types.Swarm{}, c.errNoManager()
    649. 

  649. 	}
    650. 

  650. 

  651. 	ctx, cancel := c.getRequestContext()
    652. 

  652. 	defer cancel()
    653. 

  653. 

  654. 	swarm, err := getSwarm(ctx, c.client)
    655. 

  655. 	if err != nil {
    656. 

  656. 		return types.Swarm{}, err
    657. 

  657. 	}
    658. 

  658. 

  659. 	return convert.SwarmFromGRPC(*swarm), nil
    660. 

  660. }
    661. 

  661. 

  662. // Update updates configuration of a managed swarm cluster.
    663. 

  663. func (c *Cluster) Update(version uint64, spec types.Spec, flags types.UpdateFlags) error {
    664. 

  664. 	c.RLock()
    665. 

  665. 	defer c.RUnlock()
    666. 

  666. 

  667. 	if !c.isActiveManager() {
    668. 

  668. 		return c.errNoManager()
    669. 

  669. 	}
    670. 

  670. 

  671. 	ctx, cancel := c.getRequestContext()
    672. 

  672. 	defer cancel()
    673. 

  673. 

  674. 	swarm, err := getSwarm(ctx, c.client)
    675. 

  675. 	if err != nil {
    676. 

  676. 		return err
    677. 

  677. 	}
    678. 

  678. 

  679. 	// In update, client should provide the complete spec of the swarm, including
    680. 

  680. 	// Name and Labels. If a field is specified with 0 or nil, then the default value
    681. 

  681. 	// will be used to swarmkit.
    682. 

  682. 	clusterSpec, err := convert.SwarmSpecToGRPC(spec)
    683. 

  683. 	if err != nil {
    684. 

  684. 		return err
    685. 

  685. 	}
    686. 

  686. 

  687. 	_, err = c.client.UpdateCluster(
    688. 

  688. 		ctx,
    689. 

  689. 		&swarmapi.UpdateClusterRequest{
    690. 

  690. 			ClusterID: swarm.ID,
    691. 

  691. 			Spec:      &clusterSpec,
    692. 

  692. 			ClusterVersion: &swarmapi.Version{
    693. 

  693. 				Index: version,
    694. 

  694. 			},
    695. 

  695. 			Rotation: swarmapi.JoinTokenRotation{
    696. 

  696. 				RotateWorkerToken:  flags.RotateWorkerToken,
    697. 

  697. 				RotateManagerToken: flags.RotateManagerToken,
    698. 

  698. 			},
    699. 

  699. 		},
    700. 

  700. 	)
    701. 

  701. 	return err
    702. 

  702. }
    703. 

  703. 

  704. // IsManager returns true if Cluster is participating as a manager.
    705. 

  705. func (c *Cluster) IsManager() bool {
    706. 

  706. 	c.RLock()
    707. 

  707. 	defer c.RUnlock()
    708. 

  708. 	return c.isActiveManager()
    709. 

  709. }
    710. 

  710. 

  711. // IsAgent returns true if Cluster is participating as a worker/agent.
    712. 

  712. func (c *Cluster) IsAgent() bool {
    713. 

  713. 	c.RLock()
    714. 

  714. 	defer c.RUnlock()
    715. 

  715. 	return c.node != nil && c.ready
    716. 

  716. }
    717. 

  717. 

  718. // GetLocalAddress returns the local address.
    719. 

  719. func (c *Cluster) GetLocalAddress() string {
    720. 

  720. 	c.RLock()
    721. 

  721. 	defer c.RUnlock()
    722. 

  722. 	return c.actualLocalAddr
    723. 

  723. }
    724. 

  724. 

  725. // GetListenAddress returns the listen address.
    726. 

  726. func (c *Cluster) GetListenAddress() string {
    727. 

  727. 	c.RLock()
    728. 

  728. 	defer c.RUnlock()
    729. 

  729. 	if c.node != nil {
    730. 

  730. 		return c.node.config.ListenAddr
    731. 

  731. 	}
    732. 

  732. 	return ""
    733. 

  733. }
    734. 

  734. 

  735. // GetAdvertiseAddress returns the remotely reachable address of this node.
    736. 

  736. func (c *Cluster) GetAdvertiseAddress() string {
    737. 

  737. 	c.RLock()
    738. 

  738. 	defer c.RUnlock()
    739. 

  739. 	if c.node != nil && c.node.config.AdvertiseAddr != "" {
    740. 

  740. 		advertiseHost, _, _ := net.SplitHostPort(c.node.config.AdvertiseAddr)
    741. 

  741. 		return advertiseHost
    742. 

  742. 	}
    743. 

  743. 	return c.actualLocalAddr
    744. 

  744. }
    745. 

  745. 

  746. // GetRemoteAddress returns a known advertise address of a remote manager if
    747. 

  747. // available.
    748. 

  748. // todo: change to array/connect with info
    749. 

  749. func (c *Cluster) GetRemoteAddress() string {
    750. 

  750. 	c.RLock()
    751. 

  751. 	defer c.RUnlock()
    752. 

  752. 	return c.getRemoteAddress()
    753. 

  753. }
    754. 

  754. 

  755. func (c *Cluster) getRemoteAddress() string {
    756. 

  756. 	if c.node == nil {
    757. 

  757. 		return ""
    758. 

  758. 	}
    759. 

  759. 	nodeID := c.node.NodeID()
    760. 

  760. 	for _, r := range c.node.Remotes() {
    761. 

  761. 		if r.NodeID != nodeID {
    762. 

  762. 			return r.Addr
    763. 

  763. 		}
    764. 

  764. 	}
    765. 

  765. 	return ""
    766. 

  766. }
    767. 

  767. 

  768. // ListenClusterEvents returns a channel that receives messages on cluster
    769. 

  769. // participation changes.
    770. 

  770. // todo: make cancelable and accessible to multiple callers
    771. 

  771. func (c *Cluster) ListenClusterEvents() <-chan struct{} {
    772. 

  772. 	return c.configEvent
    773. 

  773. }
    774. 

  774. 

  775. // Info returns information about the current cluster state.
    776. 

  776. func (c *Cluster) Info() types.Info {
    777. 

  777. 	info := types.Info{
    778. 

  778. 		NodeAddr: c.GetAdvertiseAddress(),
    779. 

  779. 	}
    780. 

  780. 

  781. 	c.RLock()
    782. 

  782. 	defer c.RUnlock()
    783. 

  783. 

  784. 	if c.node == nil {
    785. 

  785. 		info.LocalNodeState = types.LocalNodeStateInactive
    786. 

  786. 		if c.cancelDelay != nil {
    787. 

  787. 			info.LocalNodeState = types.LocalNodeStateError
    788. 

  788. 		}
    789. 

  789. 	} else {
    790. 

  790. 		info.LocalNodeState = types.LocalNodeStatePending
    791. 

  791. 		if c.ready == true {
    792. 

  792. 			info.LocalNodeState = types.LocalNodeStateActive
    793. 

  793. 		}
    794. 

  794. 	}
    795. 

  795. 	if c.err != nil {
    796. 

  796. 		info.Error = c.err.Error()
    797. 

  797. 	}
    798. 

  798. 

  799. 	ctx, cancel := c.getRequestContext()
    800. 

  800. 	defer cancel()
    801. 

  801. 

  802. 	if c.isActiveManager() {
    803. 

  803. 		info.ControlAvailable = true
    804. 

  804. 		swarm, err := c.Inspect()
    805. 

  805. 		if err != nil {
    806. 

  806. 			info.Error = err.Error()
    807. 

  807. 		}
    808. 

  808. 

  809. 		// Strip JoinTokens
    810. 

  810. 		info.Cluster = swarm.ClusterInfo
    811. 

  811. 

  812. 		if r, err := c.client.ListNodes(ctx, &swarmapi.ListNodesRequest{}); err == nil {
    813. 

  813. 			info.Nodes = len(r.Nodes)
    814. 

  814. 			for _, n := range r.Nodes {
    815. 

  815. 				if n.ManagerStatus != nil {
    816. 

  816. 					info.Managers = info.Managers + 1
    817. 

  817. 				}
    818. 

  818. 			}
    819. 

  819. 		}
    820. 

  820. 	}
    821. 

  821. 

  822. 	if c.node != nil {
    823. 

  823. 		for _, r := range c.node.Remotes() {
    824. 

  824. 			info.RemoteManagers = append(info.RemoteManagers, types.Peer{NodeID: r.NodeID, Addr: r.Addr})
    825. 

  825. 		}
    826. 

  826. 		info.NodeID = c.node.NodeID()
    827. 

  827. 	}
    828. 

  828. 

  829. 	return info
    830. 

  830. }
    831. 

  831. 

  832. // isActiveManager should not be called without a read lock
    833. 

  833. func (c *Cluster) isActiveManager() bool {
    834. 

  834. 	return c.node != nil && c.conn != nil
    835. 

  835. }
    836. 

  836. 

  837. // errNoManager returns error describing why manager commands can't be used.
    838. 

  838. // Call with read lock.
    839. 

  839. func (c *Cluster) errNoManager() error {
    840. 

  840. 	if c.node == nil {
    841. 

  841. 		return fmt.Errorf("This node is not a swarm manager. Use \"docker swarm init\" or \"docker swarm join\" to connect this node to swarm and try again.")
    842. 

  842. 	}
    843. 

  843. 	if c.node.Manager() != nil {
    844. 

  844. 		return fmt.Errorf("This node is not a swarm manager. Manager is being prepared or has trouble connecting to the cluster.")
    845. 

  845. 	}
    846. 

  846. 	return fmt.Errorf("This node is not a swarm manager. Worker nodes can't be used to view or modify cluster state. Please run this command on a manager node or promote the current node to a manager.")
    847. 

  847. }
    848. 

  848. 

  849. // GetServices returns all services of a managed swarm cluster.
    850. 

  850. func (c *Cluster) GetServices(options apitypes.ServiceListOptions) ([]types.Service, error) {
    851. 

  851. 	c.RLock()
    852. 

  852. 	defer c.RUnlock()
    853. 

  853. 

  854. 	if !c.isActiveManager() {
    855. 

  855. 		return nil, c.errNoManager()
    856. 

  856. 	}
    857. 

  857. 

  858. 	filters, err := newListServicesFilters(options.Filters)
    859. 

  859. 	if err != nil {
    860. 

  860. 		return nil, err
    861. 

  861. 	}
    862. 

  862. 	ctx, cancel := c.getRequestContext()
    863. 

  863. 	defer cancel()
    864. 

  864. 

  865. 	r, err := c.client.ListServices(
    866. 

  866. 		ctx,
    867. 

  867. 		&swarmapi.ListServicesRequest{Filters: filters})
    868. 

  868. 	if err != nil {
    869. 

  869. 		return nil, err
    870. 

  870. 	}
    871. 

  871. 

  872. 	services := []types.Service{}
    873. 

  873. 

  874. 	for _, service := range r.Services {
    875. 

  875. 		services = append(services, convert.ServiceFromGRPC(*service))
    876. 

  876. 	}
    877. 

  877. 

  878. 	return services, nil
    879. 

  879. }
    880. 

  880. 

  881. // CreateService creates a new service in a managed swarm cluster.
    882. 

  882. func (c *Cluster) CreateService(s types.ServiceSpec, encodedAuth string) (string, error) {
    883. 

  883. 	c.RLock()
    884. 

  884. 	defer c.RUnlock()
    885. 

  885. 

  886. 	if !c.isActiveManager() {
    887. 

  887. 		return "", c.errNoManager()
    888. 

  888. 	}
    889. 

  889. 

  890. 	ctx, cancel := c.getRequestContext()
    891. 

  891. 	defer cancel()
    892. 

  892. 

  893. 	err := c.populateNetworkID(ctx, c.client, &s)
    894. 

  894. 	if err != nil {
    895. 

  895. 		return "", err
    896. 

  896. 	}
    897. 

  897. 

  898. 	serviceSpec, err := convert.ServiceSpecToGRPC(s)
    899. 

  899. 	if err != nil {
    900. 

  900. 		return "", err
    901. 

  901. 	}
    902. 

  902. 

  903. 	if encodedAuth != "" {
    904. 

  904. 		ctnr := serviceSpec.Task.GetContainer()
    905. 

  905. 		if ctnr == nil {
    906. 

  906. 			return "", fmt.Errorf("service does not use container tasks")
    907. 

  907. 		}
    908. 

  908. 		ctnr.PullOptions = &swarmapi.ContainerSpec_PullOptions{RegistryAuth: encodedAuth}
    909. 

  909. 	}
    910. 

  910. 

  911. 	r, err := c.client.CreateService(ctx, &swarmapi.CreateServiceRequest{Spec: &serviceSpec})
    912. 

  912. 	if err != nil {
    913. 

  913. 		return "", err
    914. 

  914. 	}
    915. 

  915. 

  916. 	return r.Service.ID, nil
    917. 

  917. }
    918. 

  918. 

  919. // GetService returns a service based on an ID or name.
    920. 

  920. func (c *Cluster) GetService(input string) (types.Service, error) {
    921. 

  921. 	c.RLock()
    922. 

  922. 	defer c.RUnlock()
    923. 

  923. 

  924. 	if !c.isActiveManager() {
    925. 

  925. 		return types.Service{}, c.errNoManager()
    926. 

  926. 	}
    927. 

  927. 

  928. 	ctx, cancel := c.getRequestContext()
    929. 

  929. 	defer cancel()
    930. 

  930. 

  931. 	service, err := getService(ctx, c.client, input)
    932. 

  932. 	if err != nil {
    933. 

  933. 		return types.Service{}, err
    934. 

  934. 	}
    935. 

  935. 	return convert.ServiceFromGRPC(*service), nil
    936. 

  936. }
    937. 

  937. 

  938. // UpdateService updates existing service to match new properties.
    939. 

  939. func (c *Cluster) UpdateService(serviceIDOrName string, version uint64, spec types.ServiceSpec, encodedAuth string, registryAuthFrom string) error {
    940. 

  940. 	c.RLock()
    941. 

  941. 	defer c.RUnlock()
    942. 

  942. 

  943. 	if !c.isActiveManager() {
    944. 

  944. 		return c.errNoManager()
    945. 

  945. 	}
    946. 

  946. 

  947. 	ctx, cancel := c.getRequestContext()
    948. 

  948. 	defer cancel()
    949. 

  949. 

  950. 	err := c.populateNetworkID(ctx, c.client, &spec)
    951. 

  951. 	if err != nil {
    952. 

  952. 		return err
    953. 

  953. 	}
    954. 

  954. 

  955. 	serviceSpec, err := convert.ServiceSpecToGRPC(spec)
    956. 

  956. 	if err != nil {
    957. 

  957. 		return err
    958. 

  958. 	}
    959. 

  959. 

  960. 	currentService, err := getService(ctx, c.client, serviceIDOrName)
    961. 

  961. 	if err != nil {
    962. 

  962. 		return err
    963. 

  963. 	}
    964. 

  964. 

  965. 	if encodedAuth != "" {
    966. 

  966. 		ctnr := serviceSpec.Task.GetContainer()
    967. 

  967. 		if ctnr == nil {
    968. 

  968. 			return fmt.Errorf("service does not use container tasks")
    969. 

  969. 		}
    970. 

  970. 		ctnr.PullOptions = &swarmapi.ContainerSpec_PullOptions{RegistryAuth: encodedAuth}
    971. 

  971. 	} else {
    972. 

  972. 		// this is needed because if the encodedAuth isn't being updated then we
    973. 

  973. 		// shouldn't lose it, and continue to use the one that was already present
    974. 

  974. 		var ctnr *swarmapi.ContainerSpec
    975. 

  975. 		switch registryAuthFrom {
    976. 

  976. 		case apitypes.RegistryAuthFromSpec, "":
    977. 

  977. 			ctnr = currentService.Spec.Task.GetContainer()
    978. 

  978. 		case apitypes.RegistryAuthFromPreviousSpec:
    979. 

  979. 			if currentService.PreviousSpec == nil {
    980. 

  980. 				return fmt.Errorf("service does not have a previous spec")
    981. 

  981. 			}
    982. 

  982. 			ctnr = currentService.PreviousSpec.Task.GetContainer()
    983. 

  983. 		default:
    984. 

  984. 			return fmt.Errorf("unsupported registryAuthFromValue")
    985. 

  985. 		}
    986. 

  986. 		if ctnr == nil {
    987. 

  987. 			return fmt.Errorf("service does not use container tasks")
    988. 

  988. 		}
    989. 

  989. 		serviceSpec.Task.GetContainer().PullOptions = ctnr.PullOptions
    990. 

  990. 	}
    991. 

  991. 

  992. 	_, err = c.client.UpdateService(
    993. 

  993. 		ctx,
    994. 

  994. 		&swarmapi.UpdateServiceRequest{
    995. 

  995. 			ServiceID: currentService.ID,
    996. 

  996. 			Spec:      &serviceSpec,
    997. 

  997. 			ServiceVersion: &swarmapi.Version{
    998. 

  998. 				Index: version,
    999. 

  999. 			},
    1000. 

  1000. 		},
    1001. 

  1001. 	)
    1002. 

  1002. 	return err
    1003. 

  1003. }
    1004. 

  1004. 

  1005. // RemoveService removes a service from a managed swarm cluster.
    1006. 

  1006. func (c *Cluster) RemoveService(input string) error {
    1007. 

  1007. 	c.RLock()
    1008. 

  1008. 	defer c.RUnlock()
    1009. 

  1009. 

  1010. 	if !c.isActiveManager() {
    1011. 

  1011. 		return c.errNoManager()
    1012. 

  1012. 	}
    1013. 

  1013. 

  1014. 	ctx, cancel := c.getRequestContext()
    1015. 

  1015. 	defer cancel()
    1016. 

  1016. 

  1017. 	service, err := getService(ctx, c.client, input)
    1018. 

  1018. 	if err != nil {
    1019. 

  1019. 		return err
    1020. 

  1020. 	}
    1021. 

  1021. 

  1022. 	if _, err := c.client.RemoveService(ctx, &swarmapi.RemoveServiceRequest{ServiceID: service.ID}); err != nil {
    1023. 

  1023. 		return err
    1024. 

  1024. 	}
    1025. 

  1025. 	return nil
    1026. 

  1026. }
    1027. 

  1027. 

  1028. // GetNodes returns a list of all nodes known to a cluster.
    1029. 

  1029. func (c *Cluster) GetNodes(options apitypes.NodeListOptions) ([]types.Node, error) {
    1030. 

  1030. 	c.RLock()
    1031. 

  1031. 	defer c.RUnlock()
    1032. 

  1032. 

  1033. 	if !c.isActiveManager() {
    1034. 

  1034. 		return nil, c.errNoManager()
    1035. 

  1035. 	}
    1036. 

  1036. 

  1037. 	filters, err := newListNodesFilters(options.Filters)
    1038. 

  1038. 	if err != nil {
    1039. 

  1039. 		return nil, err
    1040. 

  1040. 	}
    1041. 

  1041. 

  1042. 	ctx, cancel := c.getRequestContext()
    1043. 

  1043. 	defer cancel()
    1044. 

  1044. 

  1045. 	r, err := c.client.ListNodes(
    1046. 

  1046. 		ctx,
    1047. 

  1047. 		&swarmapi.ListNodesRequest{Filters: filters})
    1048. 

  1048. 	if err != nil {
    1049. 

  1049. 		return nil, err
    1050. 

  1050. 	}
    1051. 

  1051. 

  1052. 	nodes := []types.Node{}
    1053. 

  1053. 

  1054. 	for _, node := range r.Nodes {
    1055. 

  1055. 		nodes = append(nodes, convert.NodeFromGRPC(*node))
    1056. 

  1056. 	}
    1057. 

  1057. 	return nodes, nil
    1058. 

  1058. }
    1059. 

  1059. 

  1060. // GetNode returns a node based on an ID or name.
    1061. 

  1061. func (c *Cluster) GetNode(input string) (types.Node, error) {
    1062. 

  1062. 	c.RLock()
    1063. 

  1063. 	defer c.RUnlock()
    1064. 

  1064. 

  1065. 	if !c.isActiveManager() {
    1066. 

  1066. 		return types.Node{}, c.errNoManager()
    1067. 

  1067. 	}
    1068. 

  1068. 

  1069. 	ctx, cancel := c.getRequestContext()
    1070. 

  1070. 	defer cancel()
    1071. 

  1071. 

  1072. 	node, err := getNode(ctx, c.client, input)
    1073. 

  1073. 	if err != nil {
    1074. 

  1074. 		return types.Node{}, err
    1075. 

  1075. 	}
    1076. 

  1076. 	return convert.NodeFromGRPC(*node), nil
    1077. 

  1077. }
    1078. 

  1078. 

  1079. // UpdateNode updates existing nodes properties.
    1080. 

  1080. func (c *Cluster) UpdateNode(nodeID string, version uint64, spec types.NodeSpec) error {
    1081. 

  1081. 	c.RLock()
    1082. 

  1082. 	defer c.RUnlock()
    1083. 

  1083. 

  1084. 	if !c.isActiveManager() {
    1085. 

  1085. 		return c.errNoManager()
    1086. 

  1086. 	}
    1087. 

  1087. 

  1088. 	nodeSpec, err := convert.NodeSpecToGRPC(spec)
    1089. 

  1089. 	if err != nil {
    1090. 

  1090. 		return err
    1091. 

  1091. 	}
    1092. 

  1092. 

  1093. 	ctx, cancel := c.getRequestContext()
    1094. 

  1094. 	defer cancel()
    1095. 

  1095. 

  1096. 	_, err = c.client.UpdateNode(
    1097. 

  1097. 		ctx,
    1098. 

  1098. 		&swarmapi.UpdateNodeRequest{
    1099. 

  1099. 			NodeID: nodeID,
    1100. 

  1100. 			Spec:   &nodeSpec,
    1101. 

  1101. 			NodeVersion: &swarmapi.Version{
    1102. 

  1102. 				Index: version,
    1103. 

  1103. 			},
    1104. 

  1104. 		},
    1105. 

  1105. 	)
    1106. 

  1106. 	return err
    1107. 

  1107. }
    1108. 

  1108. 

  1109. // RemoveNode removes a node from a cluster
    1110. 

  1110. func (c *Cluster) RemoveNode(input string, force bool) error {
    1111. 

  1111. 	c.RLock()
    1112. 

  1112. 	defer c.RUnlock()
    1113. 

  1113. 

  1114. 	if !c.isActiveManager() {
    1115. 

  1115. 		return c.errNoManager()
    1116. 

  1116. 	}
    1117. 

  1117. 

  1118. 	ctx, cancel := c.getRequestContext()
    1119. 

  1119. 	defer cancel()
    1120. 

  1120. 

  1121. 	node, err := getNode(ctx, c.client, input)
    1122. 

  1122. 	if err != nil {
    1123. 

  1123. 		return err
    1124. 

  1124. 	}
    1125. 

  1125. 

  1126. 	if _, err := c.client.RemoveNode(ctx, &swarmapi.RemoveNodeRequest{NodeID: node.ID, Force: force}); err != nil {
    1127. 

  1127. 		return err
    1128. 

  1128. 	}
    1129. 

  1129. 	return nil
    1130. 

  1130. }
    1131. 

  1131. 

  1132. // GetTasks returns a list of tasks matching the filter options.
    1133. 

  1133. func (c *Cluster) GetTasks(options apitypes.TaskListOptions) ([]types.Task, error) {
    1134. 

  1134. 	c.RLock()
    1135. 

  1135. 	defer c.RUnlock()
    1136. 

  1136. 

  1137. 	if !c.isActiveManager() {
    1138. 

  1138. 		return nil, c.errNoManager()
    1139. 

  1139. 	}
    1140. 

  1140. 

  1141. 	byName := func(filter filters.Args) error {
    1142. 

  1142. 		if filter.Include("service") {
    1143. 

  1143. 			serviceFilters := filter.Get("service")
    1144. 

  1144. 			for _, serviceFilter := range serviceFilters {
    1145. 

  1145. 				service, err := c.GetService(serviceFilter)
    1146. 

  1146. 				if err != nil {
    1147. 

  1147. 					return err
    1148. 

  1148. 				}
    1149. 

  1149. 				filter.Del("service", serviceFilter)
    1150. 

  1150. 				filter.Add("service", service.ID)
    1151. 

  1151. 			}
    1152. 

  1152. 		}
    1153. 

  1153. 		if filter.Include("node") {
    1154. 

  1154. 			nodeFilters := filter.Get("node")
    1155. 

  1155. 			for _, nodeFilter := range nodeFilters {
    1156. 

  1156. 				node, err := c.GetNode(nodeFilter)
    1157. 

  1157. 				if err != nil {
    1158. 

  1158. 					return err
    1159. 

  1159. 				}
    1160. 

  1160. 				filter.Del("node", nodeFilter)
    1161. 

  1161. 				filter.Add("node", node.ID)
    1162. 

  1162. 			}
    1163. 

  1163. 		}
    1164. 

  1164. 		return nil
    1165. 

  1165. 	}
    1166. 

  1166. 

  1167. 	filters, err := newListTasksFilters(options.Filters, byName)
    1168. 

  1168. 	if err != nil {
    1169. 

  1169. 		return nil, err
    1170. 

  1170. 	}
    1171. 

  1171. 

  1172. 	ctx, cancel := c.getRequestContext()
    1173. 

  1173. 	defer cancel()
    1174. 

  1174. 

  1175. 	r, err := c.client.ListTasks(
    1176. 

  1176. 		ctx,
    1177. 

  1177. 		&swarmapi.ListTasksRequest{Filters: filters})
    1178. 

  1178. 	if err != nil {
    1179. 

  1179. 		return nil, err
    1180. 

  1180. 	}
    1181. 

  1181. 

  1182. 	tasks := []types.Task{}
    1183. 

  1183. 

  1184. 	for _, task := range r.Tasks {
    1185. 

  1185. 		if task.Spec.GetContainer() != nil {
    1186. 

  1186. 			tasks = append(tasks, convert.TaskFromGRPC(*task))
    1187. 

  1187. 		}
    1188. 

  1188. 	}
    1189. 

  1189. 	return tasks, nil
    1190. 

  1190. }
    1191. 

  1191. 

  1192. // GetTask returns a task by an ID.
    1193. 

  1193. func (c *Cluster) GetTask(input string) (types.Task, error) {
    1194. 

  1194. 	c.RLock()
    1195. 

  1195. 	defer c.RUnlock()
    1196. 

  1196. 

  1197. 	if !c.isActiveManager() {
    1198. 

  1198. 		return types.Task{}, c.errNoManager()
    1199. 

  1199. 	}
    1200. 

  1200. 

  1201. 	ctx, cancel := c.getRequestContext()
    1202. 

  1202. 	defer cancel()
    1203. 

  1203. 

  1204. 	task, err := getTask(ctx, c.client, input)
    1205. 

  1205. 	if err != nil {
    1206. 

  1206. 		return types.Task{}, err
    1207. 

  1207. 	}
    1208. 

  1208. 	return convert.TaskFromGRPC(*task), nil
    1209. 

  1209. }
    1210. 

  1210. 

  1211. // GetNetwork returns a cluster network by an ID.
    1212. 

  1212. func (c *Cluster) GetNetwork(input string) (apitypes.NetworkResource, error) {
    1213. 

  1213. 	c.RLock()
    1214. 

  1214. 	defer c.RUnlock()
    1215. 

  1215. 

  1216. 	if !c.isActiveManager() {
    1217. 

  1217. 		return apitypes.NetworkResource{}, c.errNoManager()
    1218. 

  1218. 	}
    1219. 

  1219. 

  1220. 	ctx, cancel := c.getRequestContext()
    1221. 

  1221. 	defer cancel()
    1222. 

  1222. 

  1223. 	network, err := getNetwork(ctx, c.client, input)
    1224. 

  1224. 	if err != nil {
    1225. 

  1225. 		return apitypes.NetworkResource{}, err
    1226. 

  1226. 	}
    1227. 

  1227. 	return convert.BasicNetworkFromGRPC(*network), nil
    1228. 

  1228. }
    1229. 

  1229. 

  1230. // GetNetworks returns all current cluster managed networks.
    1231. 

  1231. func (c *Cluster) GetNetworks() ([]apitypes.NetworkResource, error) {
    1232. 

  1232. 	c.RLock()
    1233. 

  1233. 	defer c.RUnlock()
    1234. 

  1234. 

  1235. 	if !c.isActiveManager() {
    1236. 

  1236. 		return nil, c.errNoManager()
    1237. 

  1237. 	}
    1238. 

  1238. 

  1239. 	ctx, cancel := c.getRequestContext()
    1240. 

  1240. 	defer cancel()
    1241. 

  1241. 

  1242. 	r, err := c.client.ListNetworks(ctx, &swarmapi.ListNetworksRequest{})
    1243. 

  1243. 	if err != nil {
    1244. 

  1244. 		return nil, err
    1245. 

  1245. 	}
    1246. 

  1246. 

  1247. 	var networks []apitypes.NetworkResource
    1248. 

  1248. 

  1249. 	for _, network := range r.Networks {
    1250. 

  1250. 		networks = append(networks, convert.BasicNetworkFromGRPC(*network))
    1251. 

  1251. 	}
    1252. 

  1252. 

  1253. 	return networks, nil
    1254. 

  1254. }
    1255. 

  1255. 

  1256. func attacherKey(target, containerID string) string {
    1257. 

  1257. 	return containerID + ":" + target
    1258. 

  1258. }
    1259. 

  1259. 

  1260. // UpdateAttachment signals the attachment config to the attachment
    1261. 

  1261. // waiter who is trying to start or attach the container to the
    1262. 

  1262. // network.
    1263. 

  1263. func (c *Cluster) UpdateAttachment(target, containerID string, config *network.NetworkingConfig) error {
    1264. 

  1264. 	c.RLock()
    1265. 

  1265. 	attacher, ok := c.attachers[attacherKey(target, containerID)]
    1266. 

  1266. 	c.RUnlock()
    1267. 

  1267. 	if !ok || attacher == nil {
    1268. 

  1268. 		return fmt.Errorf("could not find attacher for container %s to network %s", containerID, target)
    1269. 

  1269. 	}
    1270. 

  1270. 

  1271. 	attacher.attachWaitCh <- config
    1272. 

  1272. 	close(attacher.attachWaitCh)
    1273. 

  1273. 	return nil
    1274. 

  1274. }
    1275. 

  1275. 

  1276. // WaitForDetachment waits for the container to stop or detach from
    1277. 

  1277. // the network.
    1278. 

  1278. func (c *Cluster) WaitForDetachment(ctx context.Context, networkName, networkID, taskID, containerID string) error {
    1279. 

  1279. 	c.RLock()
    1280. 

  1280. 	attacher, ok := c.attachers[attacherKey(networkName, containerID)]
    1281. 

  1281. 	if !ok {
    1282. 

  1282. 		attacher, ok = c.attachers[attacherKey(networkID, containerID)]
    1283. 

  1283. 	}
    1284. 

  1284. 	if c.node == nil || c.node.Agent() == nil {
    1285. 

  1285. 		c.RUnlock()
    1286. 

  1286. 		return fmt.Errorf("invalid cluster node while waiting for detachment")
    1287. 

  1287. 	}
    1288. 

  1288. 

  1289. 	agent := c.node.Agent()
    1290. 

  1290. 	c.RUnlock()
    1291. 

  1291. 

  1292. 	if ok && attacher != nil &&
    1293. 

  1293. 		attacher.detachWaitCh != nil &&
    1294. 

  1294. 		attacher.attachCompleteCh != nil {
    1295. 

  1295. 		// Attachment may be in progress still so wait for
    1296. 

  1296. 		// attachment to complete.
    1297. 

  1297. 		select {
    1298. 

  1298. 		case <-attacher.attachCompleteCh:
    1299. 

  1299. 		case <-ctx.Done():
    1300. 

  1300. 			return ctx.Err()
    1301. 

  1301. 		}
    1302. 

  1302. 

  1303. 		if attacher.taskID == taskID {
    1304. 

  1304. 			select {
    1305. 

  1305. 			case <-attacher.detachWaitCh:
    1306. 

  1306. 			case <-ctx.Done():
    1307. 

  1307. 				return ctx.Err()
    1308. 

  1308. 			}
    1309. 

  1309. 		}
    1310. 

  1310. 	}
    1311. 

  1311. 

  1312. 	return agent.ResourceAllocator().DetachNetwork(ctx, taskID)
    1313. 

  1313. }
    1314. 

  1314. 

  1315. // AttachNetwork generates an attachment request towards the manager.
    1316. 

  1316. func (c *Cluster) AttachNetwork(target string, containerID string, addresses []string) (*network.NetworkingConfig, error) {
    1317. 

  1317. 	aKey := attacherKey(target, containerID)
    1318. 

  1318. 	c.Lock()
    1319. 

  1319. 	if c.node == nil || c.node.Agent() == nil {
    1320. 

  1320. 		c.Unlock()
    1321. 

  1321. 		return nil, fmt.Errorf("invalid cluster node while attaching to network")
    1322. 

  1322. 	}
    1323. 

  1323. 	if attacher, ok := c.attachers[aKey]; ok {
    1324. 

  1324. 		c.Unlock()
    1325. 

  1325. 		return attacher.config, nil
    1326. 

  1326. 	}
    1327. 

  1327. 

  1328. 	agent := c.node.Agent()
    1329. 

  1329. 	attachWaitCh := make(chan *network.NetworkingConfig)
    1330. 

  1330. 	detachWaitCh := make(chan struct{})
    1331. 

  1331. 	attachCompleteCh := make(chan struct{})
    1332. 

  1332. 	c.attachers[aKey] = &attacher{
    1333. 

  1333. 		attachWaitCh:     attachWaitCh,
    1334. 

  1334. 		attachCompleteCh: attachCompleteCh,
    1335. 

  1335. 		detachWaitCh:     detachWaitCh,
    1336. 

  1336. 	}
    1337. 

  1337. 	c.Unlock()
    1338. 

  1338. 

  1339. 	ctx, cancel := c.getRequestContext()
    1340. 

  1340. 	defer cancel()
    1341. 

  1341. 

  1342. 	taskID, err := agent.ResourceAllocator().AttachNetwork(ctx, containerID, target, addresses)
    1343. 

  1343. 	if err != nil {
    1344. 

  1344. 		c.Lock()
    1345. 

  1345. 		delete(c.attachers, aKey)
    1346. 

  1346. 		c.Unlock()
    1347. 

  1347. 		return nil, fmt.Errorf("Could not attach to network %s: %v", target, err)
    1348. 

  1348. 	}
    1349. 

  1349. 

  1350. 	c.Lock()
    1351. 

  1351. 	c.attachers[aKey].taskID = taskID
    1352. 

  1352. 	close(attachCompleteCh)
    1353. 

  1353. 	c.Unlock()
    1354. 

  1354. 

  1355. 	logrus.Debugf("Successfully attached to network %s with tid %s", target, taskID)
    1356. 

  1356. 

  1357. 	var config *network.NetworkingConfig
    1358. 

  1358. 	select {
    1359. 

  1359. 	case config = <-attachWaitCh:
    1360. 

  1360. 	case <-ctx.Done():
    1361. 

  1361. 		return nil, fmt.Errorf("attaching to network failed, make sure your network options are correct and check manager logs: %v", ctx.Err())
    1362. 

  1362. 	}
    1363. 

  1363. 

  1364. 	c.Lock()
    1365. 

  1365. 	c.attachers[aKey].config = config
    1366. 

  1366. 	c.Unlock()
    1367. 

  1367. 	return config, nil
    1368. 

  1368. }
    1369. 

  1369. 

  1370. // DetachNetwork unblocks the waiters waiting on WaitForDetachment so
    1371. 

  1371. // that a request to detach can be generated towards the manager.
    1372. 

  1372. func (c *Cluster) DetachNetwork(target string, containerID string) error {
    1373. 

  1373. 	aKey := attacherKey(target, containerID)
    1374. 

  1374. 

  1375. 	c.Lock()
    1376. 

  1376. 	attacher, ok := c.attachers[aKey]
    1377. 

  1377. 	delete(c.attachers, aKey)
    1378. 

  1378. 	c.Unlock()
    1379. 

  1379. 

  1380. 	if !ok {
    1381. 

  1381. 		return fmt.Errorf("could not find network attachment for container %s to network %s", containerID, target)
    1382. 

  1382. 	}
    1383. 

  1383. 

  1384. 	close(attacher.detachWaitCh)
    1385. 

  1385. 	return nil
    1386. 

  1386. }
    1387. 

  1387. 

  1388. // CreateNetwork creates a new cluster managed network.
    1389. 

  1389. func (c *Cluster) CreateNetwork(s apitypes.NetworkCreateRequest) (string, error) {
    1390. 

  1390. 	c.RLock()
    1391. 

  1391. 	defer c.RUnlock()
    1392. 

  1392. 

  1393. 	if !c.isActiveManager() {
    1394. 

  1394. 		return "", c.errNoManager()
    1395. 

  1395. 	}
    1396. 

  1396. 

  1397. 	if runconfig.IsPreDefinedNetwork(s.Name) {
    1398. 

  1398. 		err := fmt.Errorf("%s is a pre-defined network and cannot be created", s.Name)
    1399. 

  1399. 		return "", errors.NewRequestForbiddenError(err)
    1400. 

  1400. 	}
    1401. 

  1401. 

  1402. 	ctx, cancel := c.getRequestContext()
    1403. 

  1403. 	defer cancel()
    1404. 

  1404. 

  1405. 	networkSpec := convert.BasicNetworkCreateToGRPC(s)
    1406. 

  1406. 	r, err := c.client.CreateNetwork(ctx, &swarmapi.CreateNetworkRequest{Spec: &networkSpec})
    1407. 

  1407. 	if err != nil {
    1408. 

  1408. 		return "", err
    1409. 

  1409. 	}
    1410. 

  1410. 

  1411. 	return r.Network.ID, nil
    1412. 

  1412. }
    1413. 

  1413. 

  1414. // RemoveNetwork removes a cluster network.
    1415. 

  1415. func (c *Cluster) RemoveNetwork(input string) error {
    1416. 

  1416. 	c.RLock()
    1417. 

  1417. 	defer c.RUnlock()
    1418. 

  1418. 

  1419. 	if !c.isActiveManager() {
    1420. 

  1420. 		return c.errNoManager()
    1421. 

  1421. 	}
    1422. 

  1422. 

  1423. 	ctx, cancel := c.getRequestContext()
    1424. 

  1424. 	defer cancel()
    1425. 

  1425. 

  1426. 	network, err := getNetwork(ctx, c.client, input)
    1427. 

  1427. 	if err != nil {
    1428. 

  1428. 		return err
    1429. 

  1429. 	}
    1430. 

  1430. 

  1431. 	if _, err := c.client.RemoveNetwork(ctx, &swarmapi.RemoveNetworkRequest{NetworkID: network.ID}); err != nil {
    1432. 

  1432. 		return err
    1433. 

  1433. 	}
    1434. 

  1434. 	return nil
    1435. 

  1435. }
    1436. 

  1436. 

  1437. func (c *Cluster) populateNetworkID(ctx context.Context, client swarmapi.ControlClient, s *types.ServiceSpec) error {
    1438. 

  1438. 	// Always prefer NetworkAttachmentConfigs from TaskTemplate
    1439. 

  1439. 	// but fallback to service spec for backward compatibility
    1440. 

  1440. 	networks := s.TaskTemplate.Networks
    1441. 

  1441. 	if len(networks) == 0 {
    1442. 

  1442. 		networks = s.Networks
    1443. 

  1443. 	}
    1444. 

  1444. 

  1445. 	for i, n := range networks {
    1446. 

  1446. 		apiNetwork, err := getNetwork(ctx, client, n.Target)
    1447. 

  1447. 		if err != nil {
    1448. 

  1448. 			if ln, _ := c.config.Backend.FindNetwork(n.Target); ln != nil && !ln.Info().Dynamic() {
    1449. 

  1449. 				err = fmt.Errorf("network %s is not eligible for docker services", ln.Name())
    1450. 

  1450. 				return errors.NewRequestForbiddenError(err)
    1451. 

  1451. 			}
    1452. 

  1452. 			return err
    1453. 

  1453. 		}
    1454. 

  1454. 		networks[i].Target = apiNetwork.ID
    1455. 

  1455. 	}
    1456. 

  1456. 	return nil
    1457. 

  1457. }
    1458. 

  1458. 

  1459. func getNetwork(ctx context.Context, c swarmapi.ControlClient, input string) (*swarmapi.Network, error) {
    1460. 

  1460. 	// GetNetwork to match via full ID.
    1461. 

  1461. 	rg, err := c.GetNetwork(ctx, &swarmapi.GetNetworkRequest{NetworkID: input})
    1462. 

  1462. 	if err != nil {
    1463. 

  1463. 		// If any error (including NotFound), ListNetworks to match via ID prefix and full name.
    1464. 

  1464. 		rl, err := c.ListNetworks(ctx, &swarmapi.ListNetworksRequest{Filters: &swarmapi.ListNetworksRequest_Filters{Names: []string{input}}})
    1465. 

  1465. 		if err != nil || len(rl.Networks) == 0 {
    1466. 

  1466. 			rl, err = c.ListNetworks(ctx, &swarmapi.ListNetworksRequest{Filters: &swarmapi.ListNetworksRequest_Filters{IDPrefixes: []string{input}}})
    1467. 

  1467. 		}
    1468. 

  1468. 

  1469. 		if err != nil {
    1470. 

  1470. 			return nil, err
    1471. 

  1471. 		}
    1472. 

  1472. 

  1473. 		if len(rl.Networks) == 0 {
    1474. 

  1474. 			return nil, fmt.Errorf("network %s not found", input)
    1475. 

  1475. 		}
    1476. 

  1476. 

  1477. 		if l := len(rl.Networks); l > 1 {
    1478. 

  1478. 			return nil, fmt.Errorf("network %s is ambiguous (%d matches found)", input, l)
    1479. 

  1479. 		}
    1480. 

  1480. 

  1481. 		return rl.Networks[0], nil
    1482. 

  1482. 	}
    1483. 

  1483. 	return rg.Network, nil
    1484. 

  1484. }
    1485. 

  1485. 

  1486. // Cleanup stops active swarm node. This is run before daemon shutdown.
    1487. 

  1487. func (c *Cluster) Cleanup() {
    1488. 

  1488. 	c.Lock()
    1489. 

  1489. 	node := c.node
    1490. 

  1490. 	if node == nil {
    1491. 

  1491. 		c.Unlock()
    1492. 

  1492. 		return
    1493. 

  1493. 	}
    1494. 

  1494. 	defer c.Unlock()
    1495. 

  1495. 	if c.isActiveManager() {
    1496. 

  1496. 		active, reachable, unreachable, err := c.managerStats()
    1497. 

  1497. 		if err == nil {
    1498. 

  1498. 			singlenode := active && isLastManager(reachable, unreachable)
    1499. 

  1499. 			if active && !singlenode && removingManagerCausesLossOfQuorum(reachable, unreachable) {
    1500. 

  1500. 				logrus.Errorf("Leaving cluster with %v managers left out of %v. Raft quorum will be lost.", reachable-1, reachable+unreachable)
    1501. 

  1501. 			}
    1502. 

  1502. 		}
    1503. 

  1503. 	}
    1504. 

  1504. 	c.stopNode()
    1505. 

  1505. }
    1506. 

  1506. 

  1507. func (c *Cluster) managerStats() (current bool, reachable int, unreachable int, err error) {
    1508. 

  1508. 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
    1509. 

  1509. 	defer cancel()
    1510. 

  1510. 	nodes, err := c.client.ListNodes(ctx, &swarmapi.ListNodesRequest{})
    1511. 

  1511. 	if err != nil {
    1512. 

  1512. 		return false, 0, 0, err
    1513. 

  1513. 	}
    1514. 

  1514. 	for _, n := range nodes.Nodes {
    1515. 

  1515. 		if n.ManagerStatus != nil {
    1516. 

  1516. 			if n.ManagerStatus.Reachability == swarmapi.RaftMemberStatus_REACHABLE {
    1517. 

  1517. 				reachable++
    1518. 

  1518. 				if n.ID == c.node.NodeID() {
    1519. 

  1519. 					current = true
    1520. 

  1520. 				}
    1521. 

  1521. 			}
    1522. 

  1522. 			if n.ManagerStatus.Reachability == swarmapi.RaftMemberStatus_UNREACHABLE {
    1523. 

  1523. 				unreachable++
    1524. 

  1524. 			}
    1525. 

  1525. 		}
    1526. 

  1526. 	}
    1527. 

  1527. 	return
    1528. 

  1528. }
    1529. 

  1529. 

  1530. func validateAndSanitizeInitRequest(req *types.InitRequest) error {
    1531. 

  1531. 	var err error
    1532. 

  1532. 	req.ListenAddr, err = validateAddr(req.ListenAddr)
    1533. 

  1533. 	if err != nil {
    1534. 

  1534. 		return fmt.Errorf("invalid ListenAddr %q: %v", req.ListenAddr, err)
    1535. 

  1535. 	}
    1536. 

  1536. 

  1537. 	return nil
    1538. 

  1538. }
    1539. 

  1539. 

  1540. func validateAndSanitizeJoinRequest(req *types.JoinRequest) error {
    1541. 

  1541. 	var err error
    1542. 

  1542. 	req.ListenAddr, err = validateAddr(req.ListenAddr)
    1543. 

  1543. 	if err != nil {
    1544. 

  1544. 		return fmt.Errorf("invalid ListenAddr %q: %v", req.ListenAddr, err)
    1545. 

  1545. 	}
    1546. 

  1546. 	if len(req.RemoteAddrs) == 0 {
    1547. 

  1547. 		return fmt.Errorf("at least 1 RemoteAddr is required to join")
    1548. 

  1548. 	}
    1549. 

  1549. 	for i := range req.RemoteAddrs {
    1550. 

  1550. 		req.RemoteAddrs[i], err = validateAddr(req.RemoteAddrs[i])
    1551. 

  1551. 		if err != nil {
    1552. 

  1552. 			return fmt.Errorf("invalid remoteAddr %q: %v", req.RemoteAddrs[i], err)
    1553. 

  1553. 		}
    1554. 

  1554. 	}
    1555. 

  1555. 	return nil
    1556. 

  1556. }
    1557. 

  1557. 

  1558. func validateAddr(addr string) (string, error) {
    1559. 

  1559. 	if addr == "" {
    1560. 

  1560. 		return addr, fmt.Errorf("invalid empty address")
    1561. 

  1561. 	}
    1562. 

  1562. 	newaddr, err := opts.ParseTCPAddr(addr, defaultAddr)
    1563. 

  1563. 	if err != nil {
    1564. 

  1564. 		return addr, nil
    1565. 

  1565. 	}
    1566. 

  1566. 	return strings.TrimPrefix(newaddr, "tcp://"), nil
    1567. 

  1567. }
    1568. 

  1568. 

  1569. func initClusterSpec(node *node, spec types.Spec) error {
    1570. 

  1570. 	ctx, _ := context.WithTimeout(context.Background(), 5*time.Second)
    1571. 

  1571. 	for conn := range node.ListenControlSocket(ctx) {
    1572. 

  1572. 		if ctx.Err() != nil {
    1573. 

  1573. 			return ctx.Err()
    1574. 

  1574. 		}
    1575. 

  1575. 		if conn != nil {
    1576. 

  1576. 			client := swarmapi.NewControlClient(conn)
    1577. 

  1577. 			var cluster *swarmapi.Cluster
    1578. 

  1578. 			for i := 0; ; i++ {
    1579. 

  1579. 				lcr, err := client.ListClusters(ctx, &swarmapi.ListClustersRequest{})
    1580. 

  1580. 				if err != nil {
    1581. 

  1581. 					return fmt.Errorf("error on listing clusters: %v", err)
    1582. 

  1582. 				}
    1583. 

  1583. 				if len(lcr.Clusters) == 0 {
    1584. 

  1584. 					if i < 10 {
    1585. 

  1585. 						time.Sleep(200 * time.Millisecond)
    1586. 

  1586. 						continue
    1587. 

  1587. 					}
    1588. 

  1588. 					return fmt.Errorf("empty list of clusters was returned")
    1589. 

  1589. 				}
    1590. 

  1590. 				cluster = lcr.Clusters[0]
    1591. 

  1591. 				break
    1592. 

  1592. 			}
    1593. 

  1593. 			// In init, we take the initial default values from swarmkit, and merge
    1594. 

  1594. 			// any non nil or 0 value from spec to GRPC spec. This will leave the
    1595. 

  1595. 			// default value alone.
    1596. 

  1596. 			// Note that this is different from Update(), as in Update() we expect
    1597. 

  1597. 			// user to specify the complete spec of the cluster (as they already know
    1598. 

  1598. 			// the existing one and knows which field to update)
    1599. 

  1599. 			clusterSpec, err := convert.MergeSwarmSpecToGRPC(spec, cluster.Spec)
    1600. 

  1600. 			if err != nil {
    1601. 

  1601. 				return fmt.Errorf("error updating cluster settings: %v", err)
    1602. 

  1602. 			}
    1603. 

  1603. 			_, err = client.UpdateCluster(ctx, &swarmapi.UpdateClusterRequest{
    1604. 

  1604. 				ClusterID:      cluster.ID,
    1605. 

  1605. 				ClusterVersion: &cluster.Meta.Version,
    1606. 

  1606. 				Spec:           &clusterSpec,
    1607. 

  1607. 			})
    1608. 

  1608. 			if err != nil {
    1609. 

  1609. 				return fmt.Errorf("error updating cluster settings: %v", err)
    1610. 

  1610. 			}
    1611. 

  1611. 			return nil
    1612. 

  1612. 		}
    1613. 

  1613. 	}
    1614. 

  1614. 	return ctx.Err()
    1615. 

  1615. }
    1616.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5