| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- package bridge
- import (
- "context"
- "errors"
- "fmt"
- "net"
- "os"
- "path/filepath"
- "github.com/containerd/log"
- "github.com/docker/docker/libnetwork/types"
- "github.com/vishvananda/netlink"
- )
- func selectIPv4Address(addresses []netlink.Addr, selector *net.IPNet) (netlink.Addr, error) {
- if len(addresses) == 0 {
- return netlink.Addr{}, errors.New("unable to select an address as the address pool is empty")
- }
- if selector != nil {
- for _, addr := range addresses {
- if selector.Contains(addr.IP) {
- return addr, nil
- }
- }
- }
- return addresses[0], nil
- }
- func setupBridgeIPv4(config *networkConfiguration, i *bridgeInterface) error {
- // TODO(aker): the bridge driver panics if its bridgeIPv4 field isn't set. Once bridge subnet and bridge IP address
- // are decoupled, we should assign it only when it's really needed.
- i.bridgeIPv4 = config.AddressIPv4
- if config.Internal {
- return nil
- }
- if !config.InhibitIPv4 {
- addrv4List, err := i.addresses(netlink.FAMILY_V4)
- if err != nil {
- return fmt.Errorf("failed to retrieve bridge interface addresses: %v", err)
- }
- addrv4, _ := selectIPv4Address(addrv4List, config.AddressIPv4)
- if !types.CompareIPNet(addrv4.IPNet, config.AddressIPv4) {
- if addrv4.IPNet != nil {
- if err := i.nlh.AddrDel(i.Link, &addrv4); err != nil {
- return fmt.Errorf("failed to remove current ip address from bridge: %v", err)
- }
- }
- log.G(context.TODO()).Debugf("Assigning address to bridge interface %s: %s", config.BridgeName, config.AddressIPv4)
- if err := i.nlh.AddrAdd(i.Link, &netlink.Addr{IPNet: config.AddressIPv4}); err != nil {
- return &IPv4AddrAddError{IP: config.AddressIPv4, Err: err}
- }
- }
- }
- // Store the default gateway
- i.gatewayIPv4 = config.AddressIPv4.IP
- return nil
- }
- func setupGatewayIPv4(config *networkConfiguration, i *bridgeInterface) error {
- if !i.bridgeIPv4.Contains(config.DefaultGatewayIPv4) {
- return &ErrInvalidGateway{}
- }
- if config.Internal {
- return types.InvalidParameterErrorf("no gateway can be set on an internal bridge network")
- }
- // Store requested default gateway
- i.gatewayIPv4 = config.DefaultGatewayIPv4
- return nil
- }
- func setupLoopbackAddressesRouting(config *networkConfiguration, i *bridgeInterface) error {
- sysPath := filepath.Join("/proc/sys/net/ipv4/conf", config.BridgeName, "route_localnet")
- ipv4LoRoutingData, err := os.ReadFile(sysPath)
- if err != nil {
- return fmt.Errorf("Cannot read IPv4 local routing setup: %v", err)
- }
- // Enable loopback addresses routing only if it isn't already enabled
- if ipv4LoRoutingData[0] != '1' {
- if err := os.WriteFile(sysPath, []byte{'1', '\n'}, 0o644); err != nil {
- return fmt.Errorf("Unable to enable local routing for hairpin mode: %v", err)
- }
- }
- return nil
- }
|
