We use cookies to ensure you get the best experience on our website
ホーム エクスプローラ ヘルプ
登録 サインイン
0ct0pu5
/
moby
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 5f9fe54b35
ブランチ タグ
moby
/
daemon
/
cluster
/
cluster.go

cluster.go 49 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893 
  1. package cluster
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/base64"
    5. 

  5. 	"encoding/json"
    6. 

  6. 	"fmt"
    7. 

  7. 	"io"
    8. 

  8. 	"io/ioutil"
    9. 

  9. 	"net"
    10. 

  10. 	"os"
    11. 

  11. 	"path/filepath"
    12. 

  12. 	"runtime"
    13. 

  13. 	"strings"
    14. 

  14. 	"sync"
    15. 

  15. 	"time"
    16. 

  16. 

  17. 	"github.com/Sirupsen/logrus"
    18. 

  18. 	apierrors "github.com/docker/docker/api/errors"
    19. 

  19. 	apitypes "github.com/docker/docker/api/types"
    20. 

  20. 	"github.com/docker/docker/api/types/backend"
    21. 

  21. 	"github.com/docker/docker/api/types/filters"
    22. 

  22. 	"github.com/docker/docker/api/types/network"
    23. 

  23. 	types "github.com/docker/docker/api/types/swarm"
    24. 

  24. 	"github.com/docker/docker/daemon/cluster/convert"
    25. 

  25. 	executorpkg "github.com/docker/docker/daemon/cluster/executor"
    26. 

  26. 	"github.com/docker/docker/daemon/cluster/executor/container"
    27. 

  27. 	"github.com/docker/docker/daemon/logger"
    28. 

  28. 	"github.com/docker/docker/opts"
    29. 

  29. 	"github.com/docker/docker/pkg/ioutils"
    30. 

  30. 	"github.com/docker/docker/pkg/signal"
    31. 

  31. 	"github.com/docker/docker/pkg/stdcopy"
    32. 

  32. 	"github.com/docker/docker/reference"
    33. 

  33. 	"github.com/docker/docker/runconfig"
    34. 

  34. 	swarmapi "github.com/docker/swarmkit/api"
    35. 

  35. 	"github.com/docker/swarmkit/manager/encryption"
    36. 

  36. 	swarmnode "github.com/docker/swarmkit/node"
    37. 

  37. 	"github.com/docker/swarmkit/protobuf/ptypes"
    38. 

  38. 	"github.com/pkg/errors"
    39. 

  39. 	"golang.org/x/net/context"
    40. 

  40. 	"google.golang.org/grpc"
    41. 

  41. )
    42. 

  42. 

  43. const swarmDirName = "swarm"
    44. 

  44. const controlSocket = "control.sock"
    45. 

  45. const swarmConnectTimeout = 20 * time.Second
    46. 

  46. const swarmRequestTimeout = 20 * time.Second
    47. 

  47. const stateFile = "docker-state.json"
    48. 

  48. const defaultAddr = "0.0.0.0:2377"
    49. 

  49. 

  50. const (
    51. 

  51. 	initialReconnectDelay = 100 * time.Millisecond
    52. 

  52. 	maxReconnectDelay     = 30 * time.Second
    53. 

  53. 	contextPrefix         = "com.docker.swarm"
    54. 

  54. )
    55. 

  55. 

  56. // ErrNoSwarm is returned on leaving a cluster that was never initialized
    57. 

  57. var ErrNoSwarm = fmt.Errorf("This node is not part of a swarm")
    58. 

  58. 

  59. // ErrSwarmExists is returned on initialize or join request for a cluster that has already been activated
    60. 

  60. var ErrSwarmExists = fmt.Errorf("This node is already part of a swarm. Use \"docker swarm leave\" to leave this swarm and join another one.")
    61. 

  61. 

  62. // ErrPendingSwarmExists is returned on initialize or join request for a cluster that is already processing a similar request but has not succeeded yet.
    63. 

  63. var ErrPendingSwarmExists = fmt.Errorf("This node is processing an existing join request that has not succeeded yet. Use \"docker swarm leave\" to cancel the current request.")
    64. 

  64. 

  65. // ErrSwarmJoinTimeoutReached is returned when cluster join could not complete before timeout was reached.
    66. 

  66. var ErrSwarmJoinTimeoutReached = fmt.Errorf("Timeout was reached before node was joined. The attempt to join the swarm will continue in the background. Use the \"docker info\" command to see the current swarm status of your node.")
    67. 

  67. 

  68. // ErrSwarmLocked is returned if the swarm is encrypted and needs a key to unlock it.
    69. 

  69. var ErrSwarmLocked = fmt.Errorf("Swarm is encrypted and needs to be unlocked before it can be used. Please use \"docker swarm unlock\" to unlock it.")
    70. 

  70. 

  71. // NetworkSubnetsProvider exposes functions for retrieving the subnets
    72. 

  72. // of networks managed by Docker, so they can be filtered.
    73. 

  73. type NetworkSubnetsProvider interface {
    74. 

  74. 	V4Subnets() []net.IPNet
    75. 

  75. 	V6Subnets() []net.IPNet
    76. 

  76. }
    77. 

  77. 

  78. // Config provides values for Cluster.
    79. 

  79. type Config struct {
    80. 

  80. 	Root                   string
    81. 

  81. 	Name                   string
    82. 

  82. 	Backend                executorpkg.Backend
    83. 

  83. 	NetworkSubnetsProvider NetworkSubnetsProvider
    84. 

  84. 

  85. 	// DefaultAdvertiseAddr is the default host/IP or network interface to use
    86. 

  86. 	// if no AdvertiseAddr value is specified.
    87. 

  87. 	DefaultAdvertiseAddr string
    88. 

  88. 

  89. 	// path to store runtime state, such as the swarm control socket
    90. 

  90. 	RuntimeRoot string
    91. 

  91. }
    92. 

  92. 

  93. // Cluster provides capabilities to participate in a cluster as a worker or a
    94. 

  94. // manager.
    95. 

  95. type Cluster struct {
    96. 

  96. 	sync.RWMutex
    97. 

  97. 	*node
    98. 

  98. 	root            string
    99. 

  99. 	runtimeRoot     string
    100. 

  100. 	config          Config
    101. 

  101. 	configEvent     chan struct{} // todo: make this array and goroutine safe
    102. 

  102. 	actualLocalAddr string        // after resolution, not persisted
    103. 

  103. 	stop            bool
    104. 

  104. 	err             error
    105. 

  105. 	cancelDelay     func()
    106. 

  106. 	attachers       map[string]*attacher
    107. 

  107. 	locked          bool
    108. 

  108. 	lastNodeConfig  *nodeStartConfig
    109. 

  109. }
    110. 

  110. 

  111. // attacher manages the in-memory attachment state of a container
    112. 

  112. // attachment to a global scope network managed by swarm manager. It
    113. 

  113. // helps in identifying the attachment ID via the taskID and the
    114. 

  114. // corresponding attachment configuration obtained from the manager.
    115. 

  115. type attacher struct {
    116. 

  116. 	taskID           string
    117. 

  117. 	config           *network.NetworkingConfig
    118. 

  118. 	attachWaitCh     chan *network.NetworkingConfig
    119. 

  119. 	attachCompleteCh chan struct{}
    120. 

  120. 	detachWaitCh     chan struct{}
    121. 

  121. }
    122. 

  122. 

  123. type node struct {
    124. 

  124. 	*swarmnode.Node
    125. 

  125. 	done           chan struct{}
    126. 

  126. 	ready          bool
    127. 

  127. 	conn           *grpc.ClientConn
    128. 

  128. 	client         swarmapi.ControlClient
    129. 

  129. 	logs           swarmapi.LogsClient
    130. 

  130. 	reconnectDelay time.Duration
    131. 

  131. 	config         nodeStartConfig
    132. 

  132. }
    133. 

  133. 

  134. // nodeStartConfig holds configuration needed to start a new node. Exported
    135. 

  135. // fields of this structure are saved to disk in json. Unexported fields
    136. 

  136. // contain data that shouldn't be persisted between daemon reloads.
    137. 

  137. type nodeStartConfig struct {
    138. 

  138. 	// LocalAddr is this machine's local IP or hostname, if specified.
    139. 

  139. 	LocalAddr string
    140. 

  140. 	// RemoteAddr is the address that was given to "swarm join". It is used
    141. 

  141. 	// to find LocalAddr if necessary.
    142. 

  142. 	RemoteAddr string
    143. 

  143. 	// ListenAddr is the address we bind to, including a port.
    144. 

  144. 	ListenAddr string
    145. 

  145. 	// AdvertiseAddr is the address other nodes should connect to,
    146. 

  146. 	// including a port.
    147. 

  147. 	AdvertiseAddr   string
    148. 

  148. 	joinAddr        string
    149. 

  149. 	forceNewCluster bool
    150. 

  150. 	joinToken       string
    151. 

  151. 	lockKey         []byte
    152. 

  152. 	autolock        bool
    153. 

  153. }
    154. 

  154. 

  155. // New creates a new Cluster instance using provided config.
    156. 

  156. func New(config Config) (*Cluster, error) {
    157. 

  157. 	root := filepath.Join(config.Root, swarmDirName)
    158. 

  158. 	if err := os.MkdirAll(root, 0700); err != nil {
    159. 

  159. 		return nil, err
    160. 

  160. 	}
    161. 

  161. 	if config.RuntimeRoot == "" {
    162. 

  162. 		config.RuntimeRoot = root
    163. 

  163. 	}
    164. 

  164. 	if err := os.MkdirAll(config.RuntimeRoot, 0700); err != nil {
    165. 

  165. 		return nil, err
    166. 

  166. 	}
    167. 

  167. 	c := &Cluster{
    168. 

  168. 		root:        root,
    169. 

  169. 		config:      config,
    170. 

  170. 		configEvent: make(chan struct{}, 10),
    171. 

  171. 		runtimeRoot: config.RuntimeRoot,
    172. 

  172. 		attachers:   make(map[string]*attacher),
    173. 

  173. 	}
    174. 

  174. 

  175. 	nodeConfig, err := c.loadState()
    176. 

  176. 	if err != nil {
    177. 

  177. 		if os.IsNotExist(err) {
    178. 

  178. 			return c, nil
    179. 

  179. 		}
    180. 

  180. 		return nil, err
    181. 

  181. 	}
    182. 

  182. 

  183. 	n, err := c.startNewNode(*nodeConfig)
    184. 

  184. 	if err != nil {
    185. 

  185. 		return nil, err
    186. 

  186. 	}
    187. 

  187. 

  188. 	select {
    189. 

  189. 	case <-time.After(swarmConnectTimeout):
    190. 

  190. 		logrus.Error("swarm component could not be started before timeout was reached")
    191. 

  191. 	case <-n.Ready():
    192. 

  192. 	case <-n.done:
    193. 

  193. 		if errors.Cause(c.err) == ErrSwarmLocked {
    194. 

  194. 			return c, nil
    195. 

  195. 		}
    196. 

  196. 

  197. 		return nil, fmt.Errorf("swarm component could not be started: %v", c.err)
    198. 

  198. 	}
    199. 

  199. 	go c.reconnectOnFailure(n)
    200. 

  200. 	return c, nil
    201. 

  201. }
    202. 

  202. 

  203. func (c *Cluster) loadState() (*nodeStartConfig, error) {
    204. 

  204. 	dt, err := ioutil.ReadFile(filepath.Join(c.root, stateFile))
    205. 

  205. 	if err != nil {
    206. 

  206. 		return nil, err
    207. 

  207. 	}
    208. 

  208. 	// missing certificate means no actual state to restore from
    209. 

  209. 	if _, err := os.Stat(filepath.Join(c.root, "certificates/swarm-node.crt")); err != nil {
    210. 

  210. 		if os.IsNotExist(err) {
    211. 

  211. 			c.clearState()
    212. 

  212. 		}
    213. 

  213. 		return nil, err
    214. 

  214. 	}
    215. 

  215. 	var st nodeStartConfig
    216. 

  216. 	if err := json.Unmarshal(dt, &st); err != nil {
    217. 

  217. 		return nil, err
    218. 

  218. 	}
    219. 

  219. 	return &st, nil
    220. 

  220. }
    221. 

  221. 

  222. func (c *Cluster) saveState(config nodeStartConfig) error {
    223. 

  223. 	dt, err := json.Marshal(config)
    224. 

  224. 	if err != nil {
    225. 

  225. 		return err
    226. 

  226. 	}
    227. 

  227. 	return ioutils.AtomicWriteFile(filepath.Join(c.root, stateFile), dt, 0600)
    228. 

  228. }
    229. 

  229. 

  230. func (c *Cluster) reconnectOnFailure(n *node) {
    231. 

  231. 	for {
    232. 

  232. 		<-n.done
    233. 

  233. 		c.Lock()
    234. 

  234. 		if c.stop || c.node != nil {
    235. 

  235. 			c.Unlock()
    236. 

  236. 			return
    237. 

  237. 		}
    238. 

  238. 		n.reconnectDelay *= 2
    239. 

  239. 		if n.reconnectDelay > maxReconnectDelay {
    240. 

  240. 			n.reconnectDelay = maxReconnectDelay
    241. 

  241. 		}
    242. 

  242. 		logrus.Warnf("Restarting swarm in %.2f seconds", n.reconnectDelay.Seconds())
    243. 

  243. 		delayCtx, cancel := context.WithTimeout(context.Background(), n.reconnectDelay)
    244. 

  244. 		c.cancelDelay = cancel
    245. 

  245. 		c.Unlock()
    246. 

  246. 		<-delayCtx.Done()
    247. 

  247. 		if delayCtx.Err() != context.DeadlineExceeded {
    248. 

  248. 			return
    249. 

  249. 		}
    250. 

  250. 		c.Lock()
    251. 

  251. 		if c.node != nil {
    252. 

  252. 			c.Unlock()
    253. 

  253. 			return
    254. 

  254. 		}
    255. 

  255. 		var err error
    256. 

  256. 		config := n.config
    257. 

  257. 		config.RemoteAddr = c.getRemoteAddress()
    258. 

  258. 		config.joinAddr = config.RemoteAddr
    259. 

  259. 		n, err = c.startNewNode(config)
    260. 

  260. 		if err != nil {
    261. 

  261. 			c.err = err
    262. 

  262. 			close(n.done)
    263. 

  263. 		}
    264. 

  264. 		c.Unlock()
    265. 

  265. 	}
    266. 

  266. }
    267. 

  267. 

  268. func (c *Cluster) startNewNode(conf nodeStartConfig) (*node, error) {
    269. 

  269. 	if err := c.config.Backend.IsSwarmCompatible(); err != nil {
    270. 

  270. 		return nil, err
    271. 

  271. 	}
    272. 

  272. 

  273. 	actualLocalAddr := conf.LocalAddr
    274. 

  274. 	if actualLocalAddr == "" {
    275. 

  275. 		// If localAddr was not specified, resolve it automatically
    276. 

  276. 		// based on the route to joinAddr. localAddr can only be left
    277. 

  277. 		// empty on "join".
    278. 

  278. 		listenHost, _, err := net.SplitHostPort(conf.ListenAddr)
    279. 

  279. 		if err != nil {
    280. 

  280. 			return nil, fmt.Errorf("could not parse listen address: %v", err)
    281. 

  281. 		}
    282. 

  282. 

  283. 		listenAddrIP := net.ParseIP(listenHost)
    284. 

  284. 		if listenAddrIP == nil || !listenAddrIP.IsUnspecified() {
    285. 

  285. 			actualLocalAddr = listenHost
    286. 

  286. 		} else {
    287. 

  287. 			if conf.RemoteAddr == "" {
    288. 

  288. 				// Should never happen except using swarms created by
    289. 

  289. 				// old versions that didn't save remoteAddr.
    290. 

  290. 				conf.RemoteAddr = "8.8.8.8:53"
    291. 

  291. 			}
    292. 

  292. 			conn, err := net.Dial("udp", conf.RemoteAddr)
    293. 

  293. 			if err != nil {
    294. 

  294. 				return nil, fmt.Errorf("could not find local IP address: %v", err)
    295. 

  295. 			}
    296. 

  296. 			localHostPort := conn.LocalAddr().String()
    297. 

  297. 			actualLocalAddr, _, _ = net.SplitHostPort(localHostPort)
    298. 

  298. 			conn.Close()
    299. 

  299. 		}
    300. 

  300. 	}
    301. 

  301. 

  302. 	var control string
    303. 

  303. 	if runtime.GOOS == "windows" {
    304. 

  304. 		control = `\\.\pipe\` + controlSocket
    305. 

  305. 	} else {
    306. 

  306. 		control = filepath.Join(c.runtimeRoot, controlSocket)
    307. 

  307. 	}
    308. 

  308. 

  309. 	c.node = nil
    310. 

  310. 	c.cancelDelay = nil
    311. 

  311. 	c.stop = false
    312. 

  312. 	n, err := swarmnode.New(&swarmnode.Config{
    313. 

  313. 		Hostname:           c.config.Name,
    314. 

  314. 		ForceNewCluster:    conf.forceNewCluster,
    315. 

  315. 		ListenControlAPI:   control,
    316. 

  316. 		ListenRemoteAPI:    conf.ListenAddr,
    317. 

  317. 		AdvertiseRemoteAPI: conf.AdvertiseAddr,
    318. 

  318. 		JoinAddr:           conf.joinAddr,
    319. 

  319. 		StateDir:           c.root,
    320. 

  320. 		JoinToken:          conf.joinToken,
    321. 

  321. 		Executor:           container.NewExecutor(c.config.Backend),
    322. 

  322. 		HeartbeatTick:      1,
    323. 

  323. 		ElectionTick:       3,
    324. 

  324. 		UnlockKey:          conf.lockKey,
    325. 

  325. 		AutoLockManagers:   conf.autolock,
    326. 

  326. 	})
    327. 

  327. 

  328. 	if err != nil {
    329. 

  329. 		return nil, err
    330. 

  330. 	}
    331. 

  331. 	ctx := context.Background()
    332. 

  332. 	if err := n.Start(ctx); err != nil {
    333. 

  333. 		return nil, err
    334. 

  334. 	}
    335. 

  335. 	node := &node{
    336. 

  336. 		Node:           n,
    337. 

  337. 		done:           make(chan struct{}),
    338. 

  338. 		reconnectDelay: initialReconnectDelay,
    339. 

  339. 		config:         conf,
    340. 

  340. 	}
    341. 

  341. 	c.node = node
    342. 

  342. 	c.actualLocalAddr = actualLocalAddr // not saved
    343. 

  343. 	c.saveState(conf)
    344. 

  344. 

  345. 	c.config.Backend.SetClusterProvider(c)
    346. 

  346. 	go func() {
    347. 

  347. 		err := detectLockedError(n.Err(ctx))
    348. 

  348. 		if err != nil {
    349. 

  349. 			logrus.Errorf("cluster exited with error: %v", err)
    350. 

  350. 		}
    351. 

  351. 		c.Lock()
    352. 

  352. 		c.node = nil
    353. 

  353. 		c.err = err
    354. 

  354. 		if errors.Cause(err) == ErrSwarmLocked {
    355. 

  355. 			c.locked = true
    356. 

  356. 			confClone := conf
    357. 

  357. 			c.lastNodeConfig = &confClone
    358. 

  358. 		}
    359. 

  359. 		c.Unlock()
    360. 

  360. 		close(node.done)
    361. 

  361. 	}()
    362. 

  362. 

  363. 	go func() {
    364. 

  364. 		select {
    365. 

  365. 		case <-n.Ready():
    366. 

  366. 			c.Lock()
    367. 

  367. 			node.ready = true
    368. 

  368. 			c.err = nil
    369. 

  369. 			c.Unlock()
    370. 

  370. 		case <-ctx.Done():
    371. 

  371. 		}
    372. 

  372. 		c.configEvent <- struct{}{}
    373. 

  373. 	}()
    374. 

  374. 

  375. 	go func() {
    376. 

  376. 		for conn := range n.ListenControlSocket(ctx) {
    377. 

  377. 			c.Lock()
    378. 

  378. 			if node.conn != conn {
    379. 

  379. 				if conn == nil {
    380. 

  380. 					node.client = nil
    381. 

  381. 					node.logs = nil
    382. 

  382. 				} else {
    383. 

  383. 					node.client = swarmapi.NewControlClient(conn)
    384. 

  384. 					node.logs = swarmapi.NewLogsClient(conn)
    385. 

  385. 				}
    386. 

  386. 			}
    387. 

  387. 			node.conn = conn
    388. 

  388. 			c.Unlock()
    389. 

  389. 			c.configEvent <- struct{}{}
    390. 

  390. 		}
    391. 

  391. 	}()
    392. 

  392. 

  393. 	return node, nil
    394. 

  394. }
    395. 

  395. 

  396. // Init initializes new cluster from user provided request.
    397. 

  397. func (c *Cluster) Init(req types.InitRequest) (string, error) {
    398. 

  398. 	c.Lock()
    399. 

  399. 	if node := c.node; node != nil || c.locked {
    400. 

  400. 		if !req.ForceNewCluster {
    401. 

  401. 			c.Unlock()
    402. 

  402. 			return "", ErrSwarmExists
    403. 

  403. 		}
    404. 

  404. 		if err := c.stopNode(); err != nil {
    405. 

  405. 			c.Unlock()
    406. 

  406. 			return "", err
    407. 

  407. 		}
    408. 

  408. 	}
    409. 

  409. 

  410. 	if err := validateAndSanitizeInitRequest(&req); err != nil {
    411. 

  411. 		c.Unlock()
    412. 

  412. 		return "", err
    413. 

  413. 	}
    414. 

  414. 

  415. 	listenHost, listenPort, err := resolveListenAddr(req.ListenAddr)
    416. 

  416. 	if err != nil {
    417. 

  417. 		c.Unlock()
    418. 

  418. 		return "", err
    419. 

  419. 	}
    420. 

  420. 

  421. 	advertiseHost, advertisePort, err := c.resolveAdvertiseAddr(req.AdvertiseAddr, listenPort)
    422. 

  422. 	if err != nil {
    423. 

  423. 		c.Unlock()
    424. 

  424. 		return "", err
    425. 

  425. 	}
    426. 

  426. 

  427. 	localAddr := listenHost
    428. 

  428. 

  429. 	// If the advertise address is not one of the system's
    430. 

  430. 	// addresses, we also require a listen address.
    431. 

  431. 	listenAddrIP := net.ParseIP(listenHost)
    432. 

  432. 	if listenAddrIP != nil && listenAddrIP.IsUnspecified() {
    433. 

  433. 		advertiseIP := net.ParseIP(advertiseHost)
    434. 

  434. 		if advertiseIP == nil {
    435. 

  435. 			// not an IP
    436. 

  436. 			c.Unlock()
    437. 

  437. 			return "", errMustSpecifyListenAddr
    438. 

  438. 		}
    439. 

  439. 

  440. 		systemIPs := listSystemIPs()
    441. 

  441. 

  442. 		found := false
    443. 

  443. 		for _, systemIP := range systemIPs {
    444. 

  444. 			if systemIP.Equal(advertiseIP) {
    445. 

  445. 				found = true
    446. 

  446. 				break
    447. 

  447. 			}
    448. 

  448. 		}
    449. 

  449. 		if !found {
    450. 

  450. 			c.Unlock()
    451. 

  451. 			return "", errMustSpecifyListenAddr
    452. 

  452. 		}
    453. 

  453. 		localAddr = advertiseIP.String()
    454. 

  454. 	}
    455. 

  455. 

  456. 	// todo: check current state existing
    457. 

  457. 	n, err := c.startNewNode(nodeStartConfig{
    458. 

  458. 		forceNewCluster: req.ForceNewCluster,
    459. 

  459. 		autolock:        req.AutoLockManagers,
    460. 

  460. 		LocalAddr:       localAddr,
    461. 

  461. 		ListenAddr:      net.JoinHostPort(listenHost, listenPort),
    462. 

  462. 		AdvertiseAddr:   net.JoinHostPort(advertiseHost, advertisePort),
    463. 

  463. 	})
    464. 

  464. 	if err != nil {
    465. 

  465. 		c.Unlock()
    466. 

  466. 		return "", err
    467. 

  467. 	}
    468. 

  468. 	c.Unlock()
    469. 

  469. 

  470. 	select {
    471. 

  471. 	case <-n.Ready():
    472. 

  472. 		if err := initClusterSpec(n, req.Spec); err != nil {
    473. 

  473. 			return "", err
    474. 

  474. 		}
    475. 

  475. 		go c.reconnectOnFailure(n)
    476. 

  476. 		return n.NodeID(), nil
    477. 

  477. 	case <-n.done:
    478. 

  478. 		c.RLock()
    479. 

  479. 		defer c.RUnlock()
    480. 

  480. 		if !req.ForceNewCluster { // if failure on first attempt don't keep state
    481. 

  481. 			if err := c.clearState(); err != nil {
    482. 

  482. 				return "", err
    483. 

  483. 			}
    484. 

  484. 		}
    485. 

  485. 		return "", c.err
    486. 

  486. 	}
    487. 

  487. }
    488. 

  488. 

  489. // Join makes current Cluster part of an existing swarm cluster.
    490. 

  490. func (c *Cluster) Join(req types.JoinRequest) error {
    491. 

  491. 	c.Lock()
    492. 

  492. 	if node := c.node; node != nil || c.locked {
    493. 

  493. 		c.Unlock()
    494. 

  494. 		return ErrSwarmExists
    495. 

  495. 	}
    496. 

  496. 	if err := validateAndSanitizeJoinRequest(&req); err != nil {
    497. 

  497. 		c.Unlock()
    498. 

  498. 		return err
    499. 

  499. 	}
    500. 

  500. 

  501. 	listenHost, listenPort, err := resolveListenAddr(req.ListenAddr)
    502. 

  502. 	if err != nil {
    503. 

  503. 		c.Unlock()
    504. 

  504. 		return err
    505. 

  505. 	}
    506. 

  506. 

  507. 	var advertiseAddr string
    508. 

  508. 	if req.AdvertiseAddr != "" {
    509. 

  509. 		advertiseHost, advertisePort, err := c.resolveAdvertiseAddr(req.AdvertiseAddr, listenPort)
    510. 

  510. 		// For joining, we don't need to provide an advertise address,
    511. 

  511. 		// since the remote side can detect it.
    512. 

  512. 		if err == nil {
    513. 

  513. 			advertiseAddr = net.JoinHostPort(advertiseHost, advertisePort)
    514. 

  514. 		}
    515. 

  515. 	}
    516. 

  516. 

  517. 	// todo: check current state existing
    518. 

  518. 	n, err := c.startNewNode(nodeStartConfig{
    519. 

  519. 		RemoteAddr:    req.RemoteAddrs[0],
    520. 

  520. 		ListenAddr:    net.JoinHostPort(listenHost, listenPort),
    521. 

  521. 		AdvertiseAddr: advertiseAddr,
    522. 

  522. 		joinAddr:      req.RemoteAddrs[0],
    523. 

  523. 		joinToken:     req.JoinToken,
    524. 

  524. 	})
    525. 

  525. 	if err != nil {
    526. 

  526. 		c.Unlock()
    527. 

  527. 		return err
    528. 

  528. 	}
    529. 

  529. 	c.Unlock()
    530. 

  530. 

  531. 	select {
    532. 

  532. 	case <-time.After(swarmConnectTimeout):
    533. 

  533. 		// attempt to connect will continue in background, but reconnect only if it didn't fail
    534. 

  534. 		go func() {
    535. 

  535. 			select {
    536. 

  536. 			case <-n.Ready():
    537. 

  537. 				c.reconnectOnFailure(n)
    538. 

  538. 			case <-n.done:
    539. 

  539. 				logrus.Errorf("failed to join the cluster: %+v", c.err)
    540. 

  540. 			}
    541. 

  541. 		}()
    542. 

  542. 		return ErrSwarmJoinTimeoutReached
    543. 

  543. 	case <-n.Ready():
    544. 

  544. 		go c.reconnectOnFailure(n)
    545. 

  545. 		return nil
    546. 

  546. 	case <-n.done:
    547. 

  547. 		c.RLock()
    548. 

  548. 		defer c.RUnlock()
    549. 

  549. 		return c.err
    550. 

  550. 	}
    551. 

  551. }
    552. 

  552. 

  553. // GetUnlockKey returns the unlock key for the swarm.
    554. 

  554. func (c *Cluster) GetUnlockKey() (string, error) {
    555. 

  555. 	c.RLock()
    556. 

  556. 	defer c.RUnlock()
    557. 

  557. 

  558. 	if !c.isActiveManager() {
    559. 

  559. 		return "", c.errNoManager()
    560. 

  560. 	}
    561. 

  561. 

  562. 	ctx, cancel := c.getRequestContext()
    563. 

  563. 	defer cancel()
    564. 

  564. 

  565. 	client := swarmapi.NewCAClient(c.conn)
    566. 

  566. 

  567. 	r, err := client.GetUnlockKey(ctx, &swarmapi.GetUnlockKeyRequest{})
    568. 

  568. 	if err != nil {
    569. 

  569. 		return "", err
    570. 

  570. 	}
    571. 

  571. 

  572. 	if len(r.UnlockKey) == 0 {
    573. 

  573. 		// no key
    574. 

  574. 		return "", nil
    575. 

  575. 	}
    576. 

  576. 

  577. 	return encryption.HumanReadableKey(r.UnlockKey), nil
    578. 

  578. }
    579. 

  579. 

  580. // UnlockSwarm provides a key to decrypt data that is encrypted at rest.
    581. 

  581. func (c *Cluster) UnlockSwarm(req types.UnlockRequest) error {
    582. 

  582. 	key, err := encryption.ParseHumanReadableKey(req.UnlockKey)
    583. 

  583. 	if err != nil {
    584. 

  584. 		return err
    585. 

  585. 	}
    586. 

  586. 

  587. 	c.Lock()
    588. 

  588. 	if c.node != nil || c.locked != true {
    589. 

  589. 		c.Unlock()
    590. 

  590. 		return errors.New("swarm is not locked")
    591. 

  591. 	}
    592. 

  592. 

  593. 	config := *c.lastNodeConfig
    594. 

  594. 	config.lockKey = key
    595. 

  595. 	n, err := c.startNewNode(config)
    596. 

  596. 	if err != nil {
    597. 

  597. 		c.Unlock()
    598. 

  598. 		return err
    599. 

  599. 	}
    600. 

  600. 	c.Unlock()
    601. 

  601. 	select {
    602. 

  602. 	case <-n.Ready():
    603. 

  603. 	case <-n.done:
    604. 

  604. 		if errors.Cause(c.err) == ErrSwarmLocked {
    605. 

  605. 			return errors.New("swarm could not be unlocked: invalid key provided")
    606. 

  606. 		}
    607. 

  607. 		return fmt.Errorf("swarm component could not be started: %v", c.err)
    608. 

  608. 	}
    609. 

  609. 	go c.reconnectOnFailure(n)
    610. 

  610. 	return nil
    611. 

  611. }
    612. 

  612. 

  613. // stopNode is a helper that stops the active c.node and waits until it has
    614. 

  614. // shut down. Call while keeping the cluster lock.
    615. 

  615. func (c *Cluster) stopNode() error {
    616. 

  616. 	if c.node == nil {
    617. 

  617. 		return nil
    618. 

  618. 	}
    619. 

  619. 	c.stop = true
    620. 

  620. 	if c.cancelDelay != nil {
    621. 

  621. 		c.cancelDelay()
    622. 

  622. 		c.cancelDelay = nil
    623. 

  623. 	}
    624. 

  624. 	node := c.node
    625. 

  625. 	ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
    626. 

  626. 	defer cancel()
    627. 

  627. 	// TODO: can't hold lock on stop because it calls back to network
    628. 

  628. 	c.Unlock()
    629. 

  629. 	defer c.Lock()
    630. 

  630. 	if err := node.Stop(ctx); err != nil && !strings.Contains(err.Error(), "context canceled") {
    631. 

  631. 		return err
    632. 

  632. 	}
    633. 

  633. 	<-node.done
    634. 

  634. 	return nil
    635. 

  635. }
    636. 

  636. 

  637. func removingManagerCausesLossOfQuorum(reachable, unreachable int) bool {
    638. 

  638. 	return reachable-2 <= unreachable
    639. 

  639. }
    640. 

  640. 

  641. func isLastManager(reachable, unreachable int) bool {
    642. 

  642. 	return reachable == 1 && unreachable == 0
    643. 

  643. }
    644. 

  644. 

  645. // Leave shuts down Cluster and removes current state.
    646. 

  646. func (c *Cluster) Leave(force bool) error {
    647. 

  647. 	c.Lock()
    648. 

  648. 	node := c.node
    649. 

  649. 	if node == nil {
    650. 

  650. 		if c.locked {
    651. 

  651. 			c.locked = false
    652. 

  652. 			c.lastNodeConfig = nil
    653. 

  653. 			c.Unlock()
    654. 

  654. 		} else {
    655. 

  655. 			c.Unlock()
    656. 

  656. 			return ErrNoSwarm
    657. 

  657. 		}
    658. 

  658. 	} else {
    659. 

  659. 		if node.Manager() != nil && !force {
    660. 

  660. 			msg := "You are attempting to leave the swarm on a node that is participating as a manager. "
    661. 

  661. 			if c.isActiveManager() {
    662. 

  662. 				active, reachable, unreachable, err := c.managerStats()
    663. 

  663. 				if err == nil {
    664. 

  664. 					if active && removingManagerCausesLossOfQuorum(reachable, unreachable) {
    665. 

  665. 						if isLastManager(reachable, unreachable) {
    666. 

  666. 							msg += "Removing the last manager erases all current state of the swarm. Use `--force` to ignore this message. "
    667. 

  667. 							c.Unlock()
    668. 

  668. 							return fmt.Errorf(msg)
    669. 

  669. 						}
    670. 

  670. 						msg += fmt.Sprintf("Removing this node leaves %v managers out of %v. Without a Raft quorum your swarm will be inaccessible. ", reachable-1, reachable+unreachable)
    671. 

  671. 					}
    672. 

  672. 				}
    673. 

  673. 			} else {
    674. 

  674. 				msg += "Doing so may lose the consensus of your cluster. "
    675. 

  675. 			}
    676. 

  676. 

  677. 			msg += "The only way to restore a swarm that has lost consensus is to reinitialize it with `--force-new-cluster`. Use `--force` to suppress this message."
    678. 

  678. 			c.Unlock()
    679. 

  679. 			return fmt.Errorf(msg)
    680. 

  680. 		}
    681. 

  681. 		if err := c.stopNode(); err != nil {
    682. 

  682. 			logrus.Errorf("failed to shut down cluster node: %v", err)
    683. 

  683. 			signal.DumpStacks("")
    684. 

  684. 			c.Unlock()
    685. 

  685. 			return err
    686. 

  686. 		}
    687. 

  687. 		c.Unlock()
    688. 

  688. 		if nodeID := node.NodeID(); nodeID != "" {
    689. 

  689. 			nodeContainers, err := c.listContainerForNode(nodeID)
    690. 

  690. 			if err != nil {
    691. 

  691. 				return err
    692. 

  692. 			}
    693. 

  693. 			for _, id := range nodeContainers {
    694. 

  694. 				if err := c.config.Backend.ContainerRm(id, &apitypes.ContainerRmConfig{ForceRemove: true}); err != nil {
    695. 

  695. 					logrus.Errorf("error removing %v: %v", id, err)
    696. 

  696. 				}
    697. 

  697. 			}
    698. 

  698. 		}
    699. 

  699. 	}
    700. 

  700. 	c.configEvent <- struct{}{}
    701. 

  701. 	// todo: cleanup optional?
    702. 

  702. 	if err := c.clearState(); err != nil {
    703. 

  703. 		return err
    704. 

  704. 	}
    705. 

  705. 	return nil
    706. 

  706. }
    707. 

  707. 

  708. func (c *Cluster) listContainerForNode(nodeID string) ([]string, error) {
    709. 

  709. 	var ids []string
    710. 

  710. 	filters := filters.NewArgs()
    711. 

  711. 	filters.Add("label", fmt.Sprintf("com.docker.swarm.node.id=%s", nodeID))
    712. 

  712. 	containers, err := c.config.Backend.Containers(&apitypes.ContainerListOptions{
    713. 

  713. 		Filters: filters,
    714. 

  714. 	})
    715. 

  715. 	if err != nil {
    716. 

  716. 		return []string{}, err
    717. 

  717. 	}
    718. 

  718. 	for _, c := range containers {
    719. 

  719. 		ids = append(ids, c.ID)
    720. 

  720. 	}
    721. 

  721. 	return ids, nil
    722. 

  722. }
    723. 

  723. 

  724. func (c *Cluster) clearState() error {
    725. 

  725. 	// todo: backup this data instead of removing?
    726. 

  726. 	if err := os.RemoveAll(c.root); err != nil {
    727. 

  727. 		return err
    728. 

  728. 	}
    729. 

  729. 	if err := os.MkdirAll(c.root, 0700); err != nil {
    730. 

  730. 		return err
    731. 

  731. 	}
    732. 

  732. 	c.config.Backend.SetClusterProvider(nil)
    733. 

  733. 	return nil
    734. 

  734. }
    735. 

  735. 

  736. func (c *Cluster) getRequestContext() (context.Context, func()) { // TODO: not needed when requests don't block on qourum lost
    737. 

  737. 	return context.WithTimeout(context.Background(), swarmRequestTimeout)
    738. 

  738. }
    739. 

  739. 

  740. // Inspect retrieves the configuration properties of a managed swarm cluster.
    741. 

  741. func (c *Cluster) Inspect() (types.Swarm, error) {
    742. 

  742. 	c.RLock()
    743. 

  743. 	defer c.RUnlock()
    744. 

  744. 

  745. 	if !c.isActiveManager() {
    746. 

  746. 		return types.Swarm{}, c.errNoManager()
    747. 

  747. 	}
    748. 

  748. 

  749. 	ctx, cancel := c.getRequestContext()
    750. 

  750. 	defer cancel()
    751. 

  751. 

  752. 	swarm, err := getSwarm(ctx, c.client)
    753. 

  753. 	if err != nil {
    754. 

  754. 		return types.Swarm{}, err
    755. 

  755. 	}
    756. 

  756. 

  757. 	return convert.SwarmFromGRPC(*swarm), nil
    758. 

  758. }
    759. 

  759. 

  760. // Update updates configuration of a managed swarm cluster.
    761. 

  761. func (c *Cluster) Update(version uint64, spec types.Spec, flags types.UpdateFlags) error {
    762. 

  762. 	c.RLock()
    763. 

  763. 	defer c.RUnlock()
    764. 

  764. 

  765. 	if !c.isActiveManager() {
    766. 

  766. 		return c.errNoManager()
    767. 

  767. 	}
    768. 

  768. 

  769. 	ctx, cancel := c.getRequestContext()
    770. 

  770. 	defer cancel()
    771. 

  771. 

  772. 	swarm, err := getSwarm(ctx, c.client)
    773. 

  773. 	if err != nil {
    774. 

  774. 		return err
    775. 

  775. 	}
    776. 

  776. 

  777. 	// In update, client should provide the complete spec of the swarm, including
    778. 

  778. 	// Name and Labels. If a field is specified with 0 or nil, then the default value
    779. 

  779. 	// will be used to swarmkit.
    780. 

  780. 	clusterSpec, err := convert.SwarmSpecToGRPC(spec)
    781. 

  781. 	if err != nil {
    782. 

  782. 		return err
    783. 

  783. 	}
    784. 

  784. 

  785. 	_, err = c.client.UpdateCluster(
    786. 

  786. 		ctx,
    787. 

  787. 		&swarmapi.UpdateClusterRequest{
    788. 

  788. 			ClusterID: swarm.ID,
    789. 

  789. 			Spec:      &clusterSpec,
    790. 

  790. 			ClusterVersion: &swarmapi.Version{
    791. 

  791. 				Index: version,
    792. 

  792. 			},
    793. 

  793. 			Rotation: swarmapi.KeyRotation{
    794. 

  794. 				WorkerJoinToken:  flags.RotateWorkerToken,
    795. 

  795. 				ManagerJoinToken: flags.RotateManagerToken,
    796. 

  796. 				ManagerUnlockKey: flags.RotateManagerUnlockKey,
    797. 

  797. 			},
    798. 

  798. 		},
    799. 

  799. 	)
    800. 

  800. 	return err
    801. 

  801. }
    802. 

  802. 

  803. // IsManager returns true if Cluster is participating as a manager.
    804. 

  804. func (c *Cluster) IsManager() bool {
    805. 

  805. 	c.RLock()
    806. 

  806. 	defer c.RUnlock()
    807. 

  807. 	return c.isActiveManager()
    808. 

  808. }
    809. 

  809. 

  810. // IsAgent returns true if Cluster is participating as a worker/agent.
    811. 

  811. func (c *Cluster) IsAgent() bool {
    812. 

  812. 	c.RLock()
    813. 

  813. 	defer c.RUnlock()
    814. 

  814. 	return c.node != nil && c.ready
    815. 

  815. }
    816. 

  816. 

  817. // GetLocalAddress returns the local address.
    818. 

  818. func (c *Cluster) GetLocalAddress() string {
    819. 

  819. 	c.RLock()
    820. 

  820. 	defer c.RUnlock()
    821. 

  821. 	return c.actualLocalAddr
    822. 

  822. }
    823. 

  823. 

  824. // GetListenAddress returns the listen address.
    825. 

  825. func (c *Cluster) GetListenAddress() string {
    826. 

  826. 	c.RLock()
    827. 

  827. 	defer c.RUnlock()
    828. 

  828. 	if c.node != nil {
    829. 

  829. 		return c.node.config.ListenAddr
    830. 

  830. 	}
    831. 

  831. 	return ""
    832. 

  832. }
    833. 

  833. 

  834. // GetAdvertiseAddress returns the remotely reachable address of this node.
    835. 

  835. func (c *Cluster) GetAdvertiseAddress() string {
    836. 

  836. 	c.RLock()
    837. 

  837. 	defer c.RUnlock()
    838. 

  838. 	if c.node != nil && c.node.config.AdvertiseAddr != "" {
    839. 

  839. 		advertiseHost, _, _ := net.SplitHostPort(c.node.config.AdvertiseAddr)
    840. 

  840. 		return advertiseHost
    841. 

  841. 	}
    842. 

  842. 	return c.actualLocalAddr
    843. 

  843. }
    844. 

  844. 

  845. // GetRemoteAddress returns a known advertise address of a remote manager if
    846. 

  846. // available.
    847. 

  847. // todo: change to array/connect with info
    848. 

  848. func (c *Cluster) GetRemoteAddress() string {
    849. 

  849. 	c.RLock()
    850. 

  850. 	defer c.RUnlock()
    851. 

  851. 	return c.getRemoteAddress()
    852. 

  852. }
    853. 

  853. 

  854. func (c *Cluster) getRemoteAddress() string {
    855. 

  855. 	if c.node == nil {
    856. 

  856. 		return ""
    857. 

  857. 	}
    858. 

  858. 	nodeID := c.node.NodeID()
    859. 

  859. 	for _, r := range c.node.Remotes() {
    860. 

  860. 		if r.NodeID != nodeID {
    861. 

  861. 			return r.Addr
    862. 

  862. 		}
    863. 

  863. 	}
    864. 

  864. 	return ""
    865. 

  865. }
    866. 

  866. 

  867. // ListenClusterEvents returns a channel that receives messages on cluster
    868. 

  868. // participation changes.
    869. 

  869. // todo: make cancelable and accessible to multiple callers
    870. 

  870. func (c *Cluster) ListenClusterEvents() <-chan struct{} {
    871. 

  871. 	return c.configEvent
    872. 

  872. }
    873. 

  873. 

  874. // Info returns information about the current cluster state.
    875. 

  875. func (c *Cluster) Info() types.Info {
    876. 

  876. 	info := types.Info{
    877. 

  877. 		NodeAddr: c.GetAdvertiseAddress(),
    878. 

  878. 	}
    879. 

  879. 

  880. 	c.RLock()
    881. 

  881. 	defer c.RUnlock()
    882. 

  882. 

  883. 	if c.node == nil {
    884. 

  884. 		info.LocalNodeState = types.LocalNodeStateInactive
    885. 

  885. 		if c.cancelDelay != nil {
    886. 

  886. 			info.LocalNodeState = types.LocalNodeStateError
    887. 

  887. 		}
    888. 

  888. 		if c.locked {
    889. 

  889. 			info.LocalNodeState = types.LocalNodeStateLocked
    890. 

  890. 		}
    891. 

  891. 	} else {
    892. 

  892. 		info.LocalNodeState = types.LocalNodeStatePending
    893. 

  893. 		if c.ready == true {
    894. 

  894. 			info.LocalNodeState = types.LocalNodeStateActive
    895. 

  895. 		} else if c.locked {
    896. 

  896. 			info.LocalNodeState = types.LocalNodeStateLocked
    897. 

  897. 		}
    898. 

  898. 	}
    899. 

  899. 	if c.err != nil {
    900. 

  900. 		info.Error = c.err.Error()
    901. 

  901. 	}
    902. 

  902. 

  903. 	ctx, cancel := c.getRequestContext()
    904. 

  904. 	defer cancel()
    905. 

  905. 

  906. 	if c.isActiveManager() {
    907. 

  907. 		info.ControlAvailable = true
    908. 

  908. 		swarm, err := c.Inspect()
    909. 

  909. 		if err != nil {
    910. 

  910. 			info.Error = err.Error()
    911. 

  911. 		}
    912. 

  912. 

  913. 		// Strip JoinTokens
    914. 

  914. 		info.Cluster = swarm.ClusterInfo
    915. 

  915. 

  916. 		if r, err := c.client.ListNodes(ctx, &swarmapi.ListNodesRequest{}); err == nil {
    917. 

  917. 			info.Nodes = len(r.Nodes)
    918. 

  918. 			for _, n := range r.Nodes {
    919. 

  919. 				if n.ManagerStatus != nil {
    920. 

  920. 					info.Managers = info.Managers + 1
    921. 

  921. 				}
    922. 

  922. 			}
    923. 

  923. 		}
    924. 

  924. 	}
    925. 

  925. 

  926. 	if c.node != nil {
    927. 

  927. 		for _, r := range c.node.Remotes() {
    928. 

  928. 			info.RemoteManagers = append(info.RemoteManagers, types.Peer{NodeID: r.NodeID, Addr: r.Addr})
    929. 

  929. 		}
    930. 

  930. 		info.NodeID = c.node.NodeID()
    931. 

  931. 	}
    932. 

  932. 

  933. 	return info
    934. 

  934. }
    935. 

  935. 

  936. // isActiveManager should not be called without a read lock
    937. 

  937. func (c *Cluster) isActiveManager() bool {
    938. 

  938. 	return c.node != nil && c.conn != nil
    939. 

  939. }
    940. 

  940. 

  941. // errNoManager returns error describing why manager commands can't be used.
    942. 

  942. // Call with read lock.
    943. 

  943. func (c *Cluster) errNoManager() error {
    944. 

  944. 	if c.node == nil {
    945. 

  945. 		if c.locked {
    946. 

  946. 			return ErrSwarmLocked
    947. 

  947. 		}
    948. 

  948. 		return fmt.Errorf("This node is not a swarm manager. Use \"docker swarm init\" or \"docker swarm join\" to connect this node to swarm and try again.")
    949. 

  949. 	}
    950. 

  950. 	if c.node.Manager() != nil {
    951. 

  951. 		return fmt.Errorf("This node is not a swarm manager. Manager is being prepared or has trouble connecting to the cluster.")
    952. 

  952. 	}
    953. 

  953. 	return fmt.Errorf("This node is not a swarm manager. Worker nodes can't be used to view or modify cluster state. Please run this command on a manager node or promote the current node to a manager.")
    954. 

  954. }
    955. 

  955. 

  956. // GetServices returns all services of a managed swarm cluster.
    957. 

  957. func (c *Cluster) GetServices(options apitypes.ServiceListOptions) ([]types.Service, error) {
    958. 

  958. 	c.RLock()
    959. 

  959. 	defer c.RUnlock()
    960. 

  960. 

  961. 	if !c.isActiveManager() {
    962. 

  962. 		return nil, c.errNoManager()
    963. 

  963. 	}
    964. 

  964. 

  965. 	filters, err := newListServicesFilters(options.Filters)
    966. 

  966. 	if err != nil {
    967. 

  967. 		return nil, err
    968. 

  968. 	}
    969. 

  969. 	ctx, cancel := c.getRequestContext()
    970. 

  970. 	defer cancel()
    971. 

  971. 

  972. 	r, err := c.client.ListServices(
    973. 

  973. 		ctx,
    974. 

  974. 		&swarmapi.ListServicesRequest{Filters: filters})
    975. 

  975. 	if err != nil {
    976. 

  976. 		return nil, err
    977. 

  977. 	}
    978. 

  978. 

  979. 	services := []types.Service{}
    980. 

  980. 

  981. 	for _, service := range r.Services {
    982. 

  982. 		services = append(services, convert.ServiceFromGRPC(*service))
    983. 

  983. 	}
    984. 

  984. 

  985. 	return services, nil
    986. 

  986. }
    987. 

  987. 

  988. // imageWithDigestString takes an image such as name or name:tag
    989. 

  989. // and returns the image pinned to a digest, such as name@sha256:34234...
    990. 

  990. func (c *Cluster) imageWithDigestString(ctx context.Context, image string, authConfig *apitypes.AuthConfig) (string, error) {
    991. 

  991. 	ref, err := reference.ParseNamed(image)
    992. 

  992. 	if err != nil {
    993. 

  993. 		return "", err
    994. 

  994. 	}
    995. 

  995. 	// only query registry if not a canonical reference (i.e. with digest)
    996. 

  996. 	if _, ok := ref.(reference.Canonical); !ok {
    997. 

  997. 		ref = reference.WithDefaultTag(ref)
    998. 

  998. 

  999. 		namedTaggedRef, ok := ref.(reference.NamedTagged)
    1000. 

  1000. 		if !ok {
    1001. 

  1001. 			return "", fmt.Errorf("unable to cast image to NamedTagged reference object")
    1002. 

  1002. 		}
    1003. 

  1003. 

  1004. 		repo, _, err := c.config.Backend.GetRepository(ctx, namedTaggedRef, authConfig)
    1005. 

  1005. 		if err != nil {
    1006. 

  1006. 			return "", err
    1007. 

  1007. 		}
    1008. 

  1008. 		dscrptr, err := repo.Tags(ctx).Get(ctx, namedTaggedRef.Tag())
    1009. 

  1009. 		if err != nil {
    1010. 

  1010. 			return "", err
    1011. 

  1011. 		}
    1012. 

  1012. 

  1013. 		// TODO(nishanttotla): Currently, the service would lose the tag while calling WithDigest
    1014. 

  1014. 		// To prevent this, we create the image string manually, which is a bad idea in general
    1015. 

  1015. 		// This will be fixed when https://github.com/docker/distribution/pull/2044 is vendored
    1016. 

  1016. 		// namedDigestedRef, err := reference.WithDigest(ref, dscrptr.Digest)
    1017. 

  1017. 		// if err != nil {
    1018. 

  1018. 		// 	return "", err
    1019. 

  1019. 		// }
    1020. 

  1020. 		// return namedDigestedRef.String(), nil
    1021. 

  1021. 		return image + "@" + dscrptr.Digest.String(), nil
    1022. 

  1022. 	} else {
    1023. 

  1023. 		// reference already contains a digest, so just return it
    1024. 

  1024. 		return ref.String(), nil
    1025. 

  1025. 	}
    1026. 

  1026. }
    1027. 

  1027. 

  1028. // CreateService creates a new service in a managed swarm cluster.
    1029. 

  1029. func (c *Cluster) CreateService(s types.ServiceSpec, encodedAuth string) (string, error) {
    1030. 

  1030. 	c.RLock()
    1031. 

  1031. 	defer c.RUnlock()
    1032. 

  1032. 

  1033. 	if !c.isActiveManager() {
    1034. 

  1034. 		return "", c.errNoManager()
    1035. 

  1035. 	}
    1036. 

  1036. 

  1037. 	ctx, cancel := c.getRequestContext()
    1038. 

  1038. 	defer cancel()
    1039. 

  1039. 

  1040. 	err := c.populateNetworkID(ctx, c.client, &s)
    1041. 

  1041. 	if err != nil {
    1042. 

  1042. 		return "", err
    1043. 

  1043. 	}
    1044. 

  1044. 

  1045. 	serviceSpec, err := convert.ServiceSpecToGRPC(s)
    1046. 

  1046. 	if err != nil {
    1047. 

  1047. 		return "", err
    1048. 

  1048. 	}
    1049. 

  1049. 

  1050. 	ctnr := serviceSpec.Task.GetContainer()
    1051. 

  1051. 	if ctnr == nil {
    1052. 

  1052. 		return "", fmt.Errorf("service does not use container tasks")
    1053. 

  1053. 	}
    1054. 

  1054. 

  1055. 	if encodedAuth != "" {
    1056. 

  1056. 		ctnr.PullOptions = &swarmapi.ContainerSpec_PullOptions{RegistryAuth: encodedAuth}
    1057. 

  1057. 	}
    1058. 

  1058. 

  1059. 	// retrieve auth config from encoded auth
    1060. 

  1060. 	authConfig := &apitypes.AuthConfig{}
    1061. 

  1061. 	if encodedAuth != "" {
    1062. 

  1062. 		if err := json.NewDecoder(base64.NewDecoder(base64.URLEncoding, strings.NewReader(encodedAuth))).Decode(authConfig); err != nil {
    1063. 

  1063. 			logrus.Warnf("invalid authconfig: %v", err)
    1064. 

  1064. 		}
    1065. 

  1065. 	}
    1066. 

  1066. 	// pin image by digest
    1067. 

  1067. 	if os.Getenv("DOCKER_SERVICE_PREFER_OFFLINE_IMAGE") != "1" {
    1068. 

  1068. 		digestImage, err := c.imageWithDigestString(ctx, ctnr.Image, authConfig)
    1069. 

  1069. 		if err != nil {
    1070. 

  1070. 			logrus.Warnf("unable to pin image %s to digest: %s", ctnr.Image, err.Error())
    1071. 

  1071. 		} else {
    1072. 

  1072. 			logrus.Debugf("pinning image %s by digest: %s", ctnr.Image, digestImage)
    1073. 

  1073. 			ctnr.Image = digestImage
    1074. 

  1074. 		}
    1075. 

  1075. 	}
    1076. 

  1076. 

  1077. 	r, err := c.client.CreateService(ctx, &swarmapi.CreateServiceRequest{Spec: &serviceSpec})
    1078. 

  1078. 	if err != nil {
    1079. 

  1079. 		return "", err
    1080. 

  1080. 	}
    1081. 

  1081. 

  1082. 	return r.Service.ID, nil
    1083. 

  1083. }
    1084. 

  1084. 

  1085. // GetService returns a service based on an ID or name.
    1086. 

  1086. func (c *Cluster) GetService(input string) (types.Service, error) {
    1087. 

  1087. 	c.RLock()
    1088. 

  1088. 	defer c.RUnlock()
    1089. 

  1089. 

  1090. 	if !c.isActiveManager() {
    1091. 

  1091. 		return types.Service{}, c.errNoManager()
    1092. 

  1092. 	}
    1093. 

  1093. 

  1094. 	ctx, cancel := c.getRequestContext()
    1095. 

  1095. 	defer cancel()
    1096. 

  1096. 

  1097. 	service, err := getService(ctx, c.client, input)
    1098. 

  1098. 	if err != nil {
    1099. 

  1099. 		return types.Service{}, err
    1100. 

  1100. 	}
    1101. 

  1101. 	return convert.ServiceFromGRPC(*service), nil
    1102. 

  1102. }
    1103. 

  1103. 

  1104. // UpdateService updates existing service to match new properties.
    1105. 

  1105. func (c *Cluster) UpdateService(serviceIDOrName string, version uint64, spec types.ServiceSpec, encodedAuth string, registryAuthFrom string) error {
    1106. 

  1106. 	c.RLock()
    1107. 

  1107. 	defer c.RUnlock()
    1108. 

  1108. 

  1109. 	if !c.isActiveManager() {
    1110. 

  1110. 		return c.errNoManager()
    1111. 

  1111. 	}
    1112. 

  1112. 

  1113. 	ctx, cancel := c.getRequestContext()
    1114. 

  1114. 	defer cancel()
    1115. 

  1115. 

  1116. 	err := c.populateNetworkID(ctx, c.client, &spec)
    1117. 

  1117. 	if err != nil {
    1118. 

  1118. 		return err
    1119. 

  1119. 	}
    1120. 

  1120. 

  1121. 	serviceSpec, err := convert.ServiceSpecToGRPC(spec)
    1122. 

  1122. 	if err != nil {
    1123. 

  1123. 		return err
    1124. 

  1124. 	}
    1125. 

  1125. 

  1126. 	currentService, err := getService(ctx, c.client, serviceIDOrName)
    1127. 

  1127. 	if err != nil {
    1128. 

  1128. 		return err
    1129. 

  1129. 	}
    1130. 

  1130. 

  1131. 	newCtnr := serviceSpec.Task.GetContainer()
    1132. 

  1132. 	if newCtnr == nil {
    1133. 

  1133. 		return fmt.Errorf("service does not use container tasks")
    1134. 

  1134. 	}
    1135. 

  1135. 

  1136. 	if encodedAuth != "" {
    1137. 

  1137. 		newCtnr.PullOptions = &swarmapi.ContainerSpec_PullOptions{RegistryAuth: encodedAuth}
    1138. 

  1138. 	} else {
    1139. 

  1139. 		// this is needed because if the encodedAuth isn't being updated then we
    1140. 

  1140. 		// shouldn't lose it, and continue to use the one that was already present
    1141. 

  1141. 		var ctnr *swarmapi.ContainerSpec
    1142. 

  1142. 		switch registryAuthFrom {
    1143. 

  1143. 		case apitypes.RegistryAuthFromSpec, "":
    1144. 

  1144. 			ctnr = currentService.Spec.Task.GetContainer()
    1145. 

  1145. 		case apitypes.RegistryAuthFromPreviousSpec:
    1146. 

  1146. 			if currentService.PreviousSpec == nil {
    1147. 

  1147. 				return fmt.Errorf("service does not have a previous spec")
    1148. 

  1148. 			}
    1149. 

  1149. 			ctnr = currentService.PreviousSpec.Task.GetContainer()
    1150. 

  1150. 		default:
    1151. 

  1151. 			return fmt.Errorf("unsupported registryAuthFromValue")
    1152. 

  1152. 		}
    1153. 

  1153. 		if ctnr == nil {
    1154. 

  1154. 			return fmt.Errorf("service does not use container tasks")
    1155. 

  1155. 		}
    1156. 

  1156. 		newCtnr.PullOptions = ctnr.PullOptions
    1157. 

  1157. 		// update encodedAuth so it can be used to pin image by digest
    1158. 

  1158. 		if ctnr.PullOptions != nil {
    1159. 

  1159. 			encodedAuth = ctnr.PullOptions.RegistryAuth
    1160. 

  1160. 		}
    1161. 

  1161. 	}
    1162. 

  1162. 

  1163. 	// retrieve auth config from encoded auth
    1164. 

  1164. 	authConfig := &apitypes.AuthConfig{}
    1165. 

  1165. 	if encodedAuth != "" {
    1166. 

  1166. 		if err := json.NewDecoder(base64.NewDecoder(base64.URLEncoding, strings.NewReader(encodedAuth))).Decode(authConfig); err != nil {
    1167. 

  1167. 			logrus.Warnf("invalid authconfig: %v", err)
    1168. 

  1168. 		}
    1169. 

  1169. 	}
    1170. 

  1170. 	// pin image by digest
    1171. 

  1171. 	if os.Getenv("DOCKER_SERVICE_PREFER_OFFLINE_IMAGE") != "1" {
    1172. 

  1172. 		digestImage, err := c.imageWithDigestString(ctx, newCtnr.Image, authConfig)
    1173. 

  1173. 		if err != nil {
    1174. 

  1174. 			logrus.Warnf("unable to pin image %s to digest: %s", newCtnr.Image, err.Error())
    1175. 

  1175. 		} else if newCtnr.Image != digestImage {
    1176. 

  1176. 			logrus.Debugf("pinning image %s by digest: %s", newCtnr.Image, digestImage)
    1177. 

  1177. 			newCtnr.Image = digestImage
    1178. 

  1178. 		}
    1179. 

  1179. 	}
    1180. 

  1180. 

  1181. 	_, err = c.client.UpdateService(
    1182. 

  1182. 		ctx,
    1183. 

  1183. 		&swarmapi.UpdateServiceRequest{
    1184. 

  1184. 			ServiceID: currentService.ID,
    1185. 

  1185. 			Spec:      &serviceSpec,
    1186. 

  1186. 			ServiceVersion: &swarmapi.Version{
    1187. 

  1187. 				Index: version,
    1188. 

  1188. 			},
    1189. 

  1189. 		},
    1190. 

  1190. 	)
    1191. 

  1191. 	return err
    1192. 

  1192. }
    1193. 

  1193. 

  1194. // RemoveService removes a service from a managed swarm cluster.
    1195. 

  1195. func (c *Cluster) RemoveService(input string) error {
    1196. 

  1196. 	c.RLock()
    1197. 

  1197. 	defer c.RUnlock()
    1198. 

  1198. 

  1199. 	if !c.isActiveManager() {
    1200. 

  1200. 		return c.errNoManager()
    1201. 

  1201. 	}
    1202. 

  1202. 

  1203. 	ctx, cancel := c.getRequestContext()
    1204. 

  1204. 	defer cancel()
    1205. 

  1205. 

  1206. 	service, err := getService(ctx, c.client, input)
    1207. 

  1207. 	if err != nil {
    1208. 

  1208. 		return err
    1209. 

  1209. 	}
    1210. 

  1210. 

  1211. 	if _, err := c.client.RemoveService(ctx, &swarmapi.RemoveServiceRequest{ServiceID: service.ID}); err != nil {
    1212. 

  1212. 		return err
    1213. 

  1213. 	}
    1214. 

  1214. 	return nil
    1215. 

  1215. }
    1216. 

  1216. 

  1217. // ServiceLogs collects service logs and writes them back to `config.OutStream`
    1218. 

  1218. func (c *Cluster) ServiceLogs(ctx context.Context, input string, config *backend.ContainerLogsConfig, started chan struct{}) error {
    1219. 

  1219. 	c.RLock()
    1220. 

  1220. 	if !c.isActiveManager() {
    1221. 

  1221. 		c.RUnlock()
    1222. 

  1222. 		return c.errNoManager()
    1223. 

  1223. 	}
    1224. 

  1224. 

  1225. 	service, err := getService(ctx, c.client, input)
    1226. 

  1226. 	if err != nil {
    1227. 

  1227. 		c.RUnlock()
    1228. 

  1228. 		return err
    1229. 

  1229. 	}
    1230. 

  1230. 

  1231. 	stream, err := c.logs.SubscribeLogs(ctx, &swarmapi.SubscribeLogsRequest{
    1232. 

  1232. 		Selector: &swarmapi.LogSelector{
    1233. 

  1233. 			ServiceIDs: []string{service.ID},
    1234. 

  1234. 		},
    1235. 

  1235. 		Options: &swarmapi.LogSubscriptionOptions{
    1236. 

  1236. 			Follow: true,
    1237. 

  1237. 		},
    1238. 

  1238. 	})
    1239. 

  1239. 	if err != nil {
    1240. 

  1240. 		c.RUnlock()
    1241. 

  1241. 		return err
    1242. 

  1242. 	}
    1243. 

  1243. 

  1244. 	wf := ioutils.NewWriteFlusher(config.OutStream)
    1245. 

  1245. 	defer wf.Close()
    1246. 

  1246. 	close(started)
    1247. 

  1247. 	wf.Flush()
    1248. 

  1248. 

  1249. 	outStream := stdcopy.NewStdWriter(wf, stdcopy.Stdout)
    1250. 

  1250. 	errStream := stdcopy.NewStdWriter(wf, stdcopy.Stderr)
    1251. 

  1251. 

  1252. 	// Release the lock before starting the stream.
    1253. 

  1253. 	c.RUnlock()
    1254. 

  1254. 	for {
    1255. 

  1255. 		// Check the context before doing anything.
    1256. 

  1256. 		select {
    1257. 

  1257. 		case <-ctx.Done():
    1258. 

  1258. 			return ctx.Err()
    1259. 

  1259. 		default:
    1260. 

  1260. 		}
    1261. 

  1261. 

  1262. 		subscribeMsg, err := stream.Recv()
    1263. 

  1263. 		if err == io.EOF {
    1264. 

  1264. 			return nil
    1265. 

  1265. 		}
    1266. 

  1266. 		if err != nil {
    1267. 

  1267. 			return err
    1268. 

  1268. 		}
    1269. 

  1269. 

  1270. 		for _, msg := range subscribeMsg.Messages {
    1271. 

  1271. 			data := []byte{}
    1272. 

  1272. 

  1273. 			if config.Timestamps {
    1274. 

  1274. 				ts, err := ptypes.Timestamp(msg.Timestamp)
    1275. 

  1275. 				if err != nil {
    1276. 

  1276. 					return err
    1277. 

  1277. 				}
    1278. 

  1278. 				data = append(data, []byte(ts.Format(logger.TimeFormat)+" ")...)
    1279. 

  1279. 			}
    1280. 

  1280. 

  1281. 			data = append(data, []byte(fmt.Sprintf("%s.node.id=%s,%s.service.id=%s,%s.task.id=%s ",
    1282. 

  1282. 				contextPrefix, msg.Context.NodeID,
    1283. 

  1283. 				contextPrefix, msg.Context.ServiceID,
    1284. 

  1284. 				contextPrefix, msg.Context.TaskID,
    1285. 

  1285. 			))...)
    1286. 

  1286. 

  1287. 			data = append(data, msg.Data...)
    1288. 

  1288. 

  1289. 			switch msg.Stream {
    1290. 

  1290. 			case swarmapi.LogStreamStdout:
    1291. 

  1291. 				outStream.Write(data)
    1292. 

  1292. 			case swarmapi.LogStreamStderr:
    1293. 

  1293. 				errStream.Write(data)
    1294. 

  1294. 			}
    1295. 

  1295. 		}
    1296. 

  1296. 	}
    1297. 

  1297. }
    1298. 

  1298. 

  1299. // GetNodes returns a list of all nodes known to a cluster.
    1300. 

  1300. func (c *Cluster) GetNodes(options apitypes.NodeListOptions) ([]types.Node, error) {
    1301. 

  1301. 	c.RLock()
    1302. 

  1302. 	defer c.RUnlock()
    1303. 

  1303. 

  1304. 	if !c.isActiveManager() {
    1305. 

  1305. 		return nil, c.errNoManager()
    1306. 

  1306. 	}
    1307. 

  1307. 

  1308. 	filters, err := newListNodesFilters(options.Filters)
    1309. 

  1309. 	if err != nil {
    1310. 

  1310. 		return nil, err
    1311. 

  1311. 	}
    1312. 

  1312. 

  1313. 	ctx, cancel := c.getRequestContext()
    1314. 

  1314. 	defer cancel()
    1315. 

  1315. 

  1316. 	r, err := c.client.ListNodes(
    1317. 

  1317. 		ctx,
    1318. 

  1318. 		&swarmapi.ListNodesRequest{Filters: filters})
    1319. 

  1319. 	if err != nil {
    1320. 

  1320. 		return nil, err
    1321. 

  1321. 	}
    1322. 

  1322. 

  1323. 	nodes := []types.Node{}
    1324. 

  1324. 

  1325. 	for _, node := range r.Nodes {
    1326. 

  1326. 		nodes = append(nodes, convert.NodeFromGRPC(*node))
    1327. 

  1327. 	}
    1328. 

  1328. 	return nodes, nil
    1329. 

  1329. }
    1330. 

  1330. 

  1331. // GetNode returns a node based on an ID or name.
    1332. 

  1332. func (c *Cluster) GetNode(input string) (types.Node, error) {
    1333. 

  1333. 	c.RLock()
    1334. 

  1334. 	defer c.RUnlock()
    1335. 

  1335. 

  1336. 	if !c.isActiveManager() {
    1337. 

  1337. 		return types.Node{}, c.errNoManager()
    1338. 

  1338. 	}
    1339. 

  1339. 

  1340. 	ctx, cancel := c.getRequestContext()
    1341. 

  1341. 	defer cancel()
    1342. 

  1342. 

  1343. 	node, err := getNode(ctx, c.client, input)
    1344. 

  1344. 	if err != nil {
    1345. 

  1345. 		return types.Node{}, err
    1346. 

  1346. 	}
    1347. 

  1347. 	return convert.NodeFromGRPC(*node), nil
    1348. 

  1348. }
    1349. 

  1349. 

  1350. // UpdateNode updates existing nodes properties.
    1351. 

  1351. func (c *Cluster) UpdateNode(nodeID string, version uint64, spec types.NodeSpec) error {
    1352. 

  1352. 	c.RLock()
    1353. 

  1353. 	defer c.RUnlock()
    1354. 

  1354. 

  1355. 	if !c.isActiveManager() {
    1356. 

  1356. 		return c.errNoManager()
    1357. 

  1357. 	}
    1358. 

  1358. 

  1359. 	nodeSpec, err := convert.NodeSpecToGRPC(spec)
    1360. 

  1360. 	if err != nil {
    1361. 

  1361. 		return err
    1362. 

  1362. 	}
    1363. 

  1363. 

  1364. 	ctx, cancel := c.getRequestContext()
    1365. 

  1365. 	defer cancel()
    1366. 

  1366. 

  1367. 	_, err = c.client.UpdateNode(
    1368. 

  1368. 		ctx,
    1369. 

  1369. 		&swarmapi.UpdateNodeRequest{
    1370. 

  1370. 			NodeID: nodeID,
    1371. 

  1371. 			Spec:   &nodeSpec,
    1372. 

  1372. 			NodeVersion: &swarmapi.Version{
    1373. 

  1373. 				Index: version,
    1374. 

  1374. 			},
    1375. 

  1375. 		},
    1376. 

  1376. 	)
    1377. 

  1377. 	return err
    1378. 

  1378. }
    1379. 

  1379. 

  1380. // RemoveNode removes a node from a cluster
    1381. 

  1381. func (c *Cluster) RemoveNode(input string, force bool) error {
    1382. 

  1382. 	c.RLock()
    1383. 

  1383. 	defer c.RUnlock()
    1384. 

  1384. 

  1385. 	if !c.isActiveManager() {
    1386. 

  1386. 		return c.errNoManager()
    1387. 

  1387. 	}
    1388. 

  1388. 

  1389. 	ctx, cancel := c.getRequestContext()
    1390. 

  1390. 	defer cancel()
    1391. 

  1391. 

  1392. 	node, err := getNode(ctx, c.client, input)
    1393. 

  1393. 	if err != nil {
    1394. 

  1394. 		return err
    1395. 

  1395. 	}
    1396. 

  1396. 

  1397. 	if _, err := c.client.RemoveNode(ctx, &swarmapi.RemoveNodeRequest{NodeID: node.ID, Force: force}); err != nil {
    1398. 

  1398. 		return err
    1399. 

  1399. 	}
    1400. 

  1400. 	return nil
    1401. 

  1401. }
    1402. 

  1402. 

  1403. // GetTasks returns a list of tasks matching the filter options.
    1404. 

  1404. func (c *Cluster) GetTasks(options apitypes.TaskListOptions) ([]types.Task, error) {
    1405. 

  1405. 	c.RLock()
    1406. 

  1406. 	defer c.RUnlock()
    1407. 

  1407. 

  1408. 	if !c.isActiveManager() {
    1409. 

  1409. 		return nil, c.errNoManager()
    1410. 

  1410. 	}
    1411. 

  1411. 

  1412. 	byName := func(filter filters.Args) error {
    1413. 

  1413. 		if filter.Include("service") {
    1414. 

  1414. 			serviceFilters := filter.Get("service")
    1415. 

  1415. 			for _, serviceFilter := range serviceFilters {
    1416. 

  1416. 				service, err := c.GetService(serviceFilter)
    1417. 

  1417. 				if err != nil {
    1418. 

  1418. 					return err
    1419. 

  1419. 				}
    1420. 

  1420. 				filter.Del("service", serviceFilter)
    1421. 

  1421. 				filter.Add("service", service.ID)
    1422. 

  1422. 			}
    1423. 

  1423. 		}
    1424. 

  1424. 		if filter.Include("node") {
    1425. 

  1425. 			nodeFilters := filter.Get("node")
    1426. 

  1426. 			for _, nodeFilter := range nodeFilters {
    1427. 

  1427. 				node, err := c.GetNode(nodeFilter)
    1428. 

  1428. 				if err != nil {
    1429. 

  1429. 					return err
    1430. 

  1430. 				}
    1431. 

  1431. 				filter.Del("node", nodeFilter)
    1432. 

  1432. 				filter.Add("node", node.ID)
    1433. 

  1433. 			}
    1434. 

  1434. 		}
    1435. 

  1435. 		return nil
    1436. 

  1436. 	}
    1437. 

  1437. 

  1438. 	filters, err := newListTasksFilters(options.Filters, byName)
    1439. 

  1439. 	if err != nil {
    1440. 

  1440. 		return nil, err
    1441. 

  1441. 	}
    1442. 

  1442. 

  1443. 	ctx, cancel := c.getRequestContext()
    1444. 

  1444. 	defer cancel()
    1445. 

  1445. 

  1446. 	r, err := c.client.ListTasks(
    1447. 

  1447. 		ctx,
    1448. 

  1448. 		&swarmapi.ListTasksRequest{Filters: filters})
    1449. 

  1449. 	if err != nil {
    1450. 

  1450. 		return nil, err
    1451. 

  1451. 	}
    1452. 

  1452. 

  1453. 	tasks := []types.Task{}
    1454. 

  1454. 

  1455. 	for _, task := range r.Tasks {
    1456. 

  1456. 		if task.Spec.GetContainer() != nil {
    1457. 

  1457. 			tasks = append(tasks, convert.TaskFromGRPC(*task))
    1458. 

  1458. 		}
    1459. 

  1459. 	}
    1460. 

  1460. 	return tasks, nil
    1461. 

  1461. }
    1462. 

  1462. 

  1463. // GetTask returns a task by an ID.
    1464. 

  1464. func (c *Cluster) GetTask(input string) (types.Task, error) {
    1465. 

  1465. 	c.RLock()
    1466. 

  1466. 	defer c.RUnlock()
    1467. 

  1467. 

  1468. 	if !c.isActiveManager() {
    1469. 

  1469. 		return types.Task{}, c.errNoManager()
    1470. 

  1470. 	}
    1471. 

  1471. 

  1472. 	ctx, cancel := c.getRequestContext()
    1473. 

  1473. 	defer cancel()
    1474. 

  1474. 

  1475. 	task, err := getTask(ctx, c.client, input)
    1476. 

  1476. 	if err != nil {
    1477. 

  1477. 		return types.Task{}, err
    1478. 

  1478. 	}
    1479. 

  1479. 	return convert.TaskFromGRPC(*task), nil
    1480. 

  1480. }
    1481. 

  1481. 

  1482. // GetNetwork returns a cluster network by an ID.
    1483. 

  1483. func (c *Cluster) GetNetwork(input string) (apitypes.NetworkResource, error) {
    1484. 

  1484. 	c.RLock()
    1485. 

  1485. 	defer c.RUnlock()
    1486. 

  1486. 

  1487. 	if !c.isActiveManager() {
    1488. 

  1488. 		return apitypes.NetworkResource{}, c.errNoManager()
    1489. 

  1489. 	}
    1490. 

  1490. 

  1491. 	ctx, cancel := c.getRequestContext()
    1492. 

  1492. 	defer cancel()
    1493. 

  1493. 

  1494. 	network, err := getNetwork(ctx, c.client, input)
    1495. 

  1495. 	if err != nil {
    1496. 

  1496. 		return apitypes.NetworkResource{}, err
    1497. 

  1497. 	}
    1498. 

  1498. 	return convert.BasicNetworkFromGRPC(*network), nil
    1499. 

  1499. }
    1500. 

  1500. 

  1501. // GetNetworks returns all current cluster managed networks.
    1502. 

  1502. func (c *Cluster) GetNetworks() ([]apitypes.NetworkResource, error) {
    1503. 

  1503. 	c.RLock()
    1504. 

  1504. 	defer c.RUnlock()
    1505. 

  1505. 

  1506. 	if !c.isActiveManager() {
    1507. 

  1507. 		return nil, c.errNoManager()
    1508. 

  1508. 	}
    1509. 

  1509. 

  1510. 	ctx, cancel := c.getRequestContext()
    1511. 

  1511. 	defer cancel()
    1512. 

  1512. 

  1513. 	r, err := c.client.ListNetworks(ctx, &swarmapi.ListNetworksRequest{})
    1514. 

  1514. 	if err != nil {
    1515. 

  1515. 		return nil, err
    1516. 

  1516. 	}
    1517. 

  1517. 

  1518. 	var networks []apitypes.NetworkResource
    1519. 

  1519. 

  1520. 	for _, network := range r.Networks {
    1521. 

  1521. 		networks = append(networks, convert.BasicNetworkFromGRPC(*network))
    1522. 

  1522. 	}
    1523. 

  1523. 

  1524. 	return networks, nil
    1525. 

  1525. }
    1526. 

  1526. 

  1527. func attacherKey(target, containerID string) string {
    1528. 

  1528. 	return containerID + ":" + target
    1529. 

  1529. }
    1530. 

  1530. 

  1531. // UpdateAttachment signals the attachment config to the attachment
    1532. 

  1532. // waiter who is trying to start or attach the container to the
    1533. 

  1533. // network.
    1534. 

  1534. func (c *Cluster) UpdateAttachment(target, containerID string, config *network.NetworkingConfig) error {
    1535. 

  1535. 	c.RLock()
    1536. 

  1536. 	attacher, ok := c.attachers[attacherKey(target, containerID)]
    1537. 

  1537. 	c.RUnlock()
    1538. 

  1538. 	if !ok || attacher == nil {
    1539. 

  1539. 		return fmt.Errorf("could not find attacher for container %s to network %s", containerID, target)
    1540. 

  1540. 	}
    1541. 

  1541. 

  1542. 	attacher.attachWaitCh <- config
    1543. 

  1543. 	close(attacher.attachWaitCh)
    1544. 

  1544. 	return nil
    1545. 

  1545. }
    1546. 

  1546. 

  1547. // WaitForDetachment waits for the container to stop or detach from
    1548. 

  1548. // the network.
    1549. 

  1549. func (c *Cluster) WaitForDetachment(ctx context.Context, networkName, networkID, taskID, containerID string) error {
    1550. 

  1550. 	c.RLock()
    1551. 

  1551. 	attacher, ok := c.attachers[attacherKey(networkName, containerID)]
    1552. 

  1552. 	if !ok {
    1553. 

  1553. 		attacher, ok = c.attachers[attacherKey(networkID, containerID)]
    1554. 

  1554. 	}
    1555. 

  1555. 	if c.node == nil || c.node.Agent() == nil {
    1556. 

  1556. 		c.RUnlock()
    1557. 

  1557. 		return fmt.Errorf("invalid cluster node while waiting for detachment")
    1558. 

  1558. 	}
    1559. 

  1559. 

  1560. 	agent := c.node.Agent()
    1561. 

  1561. 	c.RUnlock()
    1562. 

  1562. 

  1563. 	if ok && attacher != nil &&
    1564. 

  1564. 		attacher.detachWaitCh != nil &&
    1565. 

  1565. 		attacher.attachCompleteCh != nil {
    1566. 

  1566. 		// Attachment may be in progress still so wait for
    1567. 

  1567. 		// attachment to complete.
    1568. 

  1568. 		select {
    1569. 

  1569. 		case <-attacher.attachCompleteCh:
    1570. 

  1570. 		case <-ctx.Done():
    1571. 

  1571. 			return ctx.Err()
    1572. 

  1572. 		}
    1573. 

  1573. 

  1574. 		if attacher.taskID == taskID {
    1575. 

  1575. 			select {
    1576. 

  1576. 			case <-attacher.detachWaitCh:
    1577. 

  1577. 			case <-ctx.Done():
    1578. 

  1578. 				return ctx.Err()
    1579. 

  1579. 			}
    1580. 

  1580. 		}
    1581. 

  1581. 	}
    1582. 

  1582. 

  1583. 	return agent.ResourceAllocator().DetachNetwork(ctx, taskID)
    1584. 

  1584. }
    1585. 

  1585. 

  1586. // AttachNetwork generates an attachment request towards the manager.
    1587. 

  1587. func (c *Cluster) AttachNetwork(target string, containerID string, addresses []string) (*network.NetworkingConfig, error) {
    1588. 

  1588. 	aKey := attacherKey(target, containerID)
    1589. 

  1589. 	c.Lock()
    1590. 

  1590. 	if c.node == nil || c.node.Agent() == nil {
    1591. 

  1591. 		c.Unlock()
    1592. 

  1592. 		return nil, fmt.Errorf("invalid cluster node while attaching to network")
    1593. 

  1593. 	}
    1594. 

  1594. 	if attacher, ok := c.attachers[aKey]; ok {
    1595. 

  1595. 		c.Unlock()
    1596. 

  1596. 		return attacher.config, nil
    1597. 

  1597. 	}
    1598. 

  1598. 

  1599. 	agent := c.node.Agent()
    1600. 

  1600. 	attachWaitCh := make(chan *network.NetworkingConfig)
    1601. 

  1601. 	detachWaitCh := make(chan struct{})
    1602. 

  1602. 	attachCompleteCh := make(chan struct{})
    1603. 

  1603. 	c.attachers[aKey] = &attacher{
    1604. 

  1604. 		attachWaitCh:     attachWaitCh,
    1605. 

  1605. 		attachCompleteCh: attachCompleteCh,
    1606. 

  1606. 		detachWaitCh:     detachWaitCh,
    1607. 

  1607. 	}
    1608. 

  1608. 	c.Unlock()
    1609. 

  1609. 

  1610. 	ctx, cancel := c.getRequestContext()
    1611. 

  1611. 	defer cancel()
    1612. 

  1612. 

  1613. 	taskID, err := agent.ResourceAllocator().AttachNetwork(ctx, containerID, target, addresses)
    1614. 

  1614. 	if err != nil {
    1615. 

  1615. 		c.Lock()
    1616. 

  1616. 		delete(c.attachers, aKey)
    1617. 

  1617. 		c.Unlock()
    1618. 

  1618. 		return nil, fmt.Errorf("Could not attach to network %s: %v", target, err)
    1619. 

  1619. 	}
    1620. 

  1620. 

  1621. 	c.Lock()
    1622. 

  1622. 	c.attachers[aKey].taskID = taskID
    1623. 

  1623. 	close(attachCompleteCh)
    1624. 

  1624. 	c.Unlock()
    1625. 

  1625. 

  1626. 	logrus.Debugf("Successfully attached to network %s with tid %s", target, taskID)
    1627. 

  1627. 

  1628. 	var config *network.NetworkingConfig
    1629. 

  1629. 	select {
    1630. 

  1630. 	case config = <-attachWaitCh:
    1631. 

  1631. 	case <-ctx.Done():
    1632. 

  1632. 		return nil, fmt.Errorf("attaching to network failed, make sure your network options are correct and check manager logs: %v", ctx.Err())
    1633. 

  1633. 	}
    1634. 

  1634. 

  1635. 	c.Lock()
    1636. 

  1636. 	c.attachers[aKey].config = config
    1637. 

  1637. 	c.Unlock()
    1638. 

  1638. 	return config, nil
    1639. 

  1639. }
    1640. 

  1640. 

  1641. // DetachNetwork unblocks the waiters waiting on WaitForDetachment so
    1642. 

  1642. // that a request to detach can be generated towards the manager.
    1643. 

  1643. func (c *Cluster) DetachNetwork(target string, containerID string) error {
    1644. 

  1644. 	aKey := attacherKey(target, containerID)
    1645. 

  1645. 

  1646. 	c.Lock()
    1647. 

  1647. 	attacher, ok := c.attachers[aKey]
    1648. 

  1648. 	delete(c.attachers, aKey)
    1649. 

  1649. 	c.Unlock()
    1650. 

  1650. 

  1651. 	if !ok {
    1652. 

  1652. 		return fmt.Errorf("could not find network attachment for container %s to network %s", containerID, target)
    1653. 

  1653. 	}
    1654. 

  1654. 

  1655. 	close(attacher.detachWaitCh)
    1656. 

  1656. 	return nil
    1657. 

  1657. }
    1658. 

  1658. 

  1659. // CreateNetwork creates a new cluster managed network.
    1660. 

  1660. func (c *Cluster) CreateNetwork(s apitypes.NetworkCreateRequest) (string, error) {
    1661. 

  1661. 	c.RLock()
    1662. 

  1662. 	defer c.RUnlock()
    1663. 

  1663. 

  1664. 	if !c.isActiveManager() {
    1665. 

  1665. 		return "", c.errNoManager()
    1666. 

  1666. 	}
    1667. 

  1667. 

  1668. 	if runconfig.IsPreDefinedNetwork(s.Name) {
    1669. 

  1669. 		err := fmt.Errorf("%s is a pre-defined network and cannot be created", s.Name)
    1670. 

  1670. 		return "", apierrors.NewRequestForbiddenError(err)
    1671. 

  1671. 	}
    1672. 

  1672. 

  1673. 	ctx, cancel := c.getRequestContext()
    1674. 

  1674. 	defer cancel()
    1675. 

  1675. 

  1676. 	networkSpec := convert.BasicNetworkCreateToGRPC(s)
    1677. 

  1677. 	r, err := c.client.CreateNetwork(ctx, &swarmapi.CreateNetworkRequest{Spec: &networkSpec})
    1678. 

  1678. 	if err != nil {
    1679. 

  1679. 		return "", err
    1680. 

  1680. 	}
    1681. 

  1681. 

  1682. 	return r.Network.ID, nil
    1683. 

  1683. }
    1684. 

  1684. 

  1685. // RemoveNetwork removes a cluster network.
    1686. 

  1686. func (c *Cluster) RemoveNetwork(input string) error {
    1687. 

  1687. 	c.RLock()
    1688. 

  1688. 	defer c.RUnlock()
    1689. 

  1689. 

  1690. 	if !c.isActiveManager() {
    1691. 

  1691. 		return c.errNoManager()
    1692. 

  1692. 	}
    1693. 

  1693. 

  1694. 	ctx, cancel := c.getRequestContext()
    1695. 

  1695. 	defer cancel()
    1696. 

  1696. 

  1697. 	network, err := getNetwork(ctx, c.client, input)
    1698. 

  1698. 	if err != nil {
    1699. 

  1699. 		return err
    1700. 

  1700. 	}
    1701. 

  1701. 

  1702. 	if _, err := c.client.RemoveNetwork(ctx, &swarmapi.RemoveNetworkRequest{NetworkID: network.ID}); err != nil {
    1703. 

  1703. 		return err
    1704. 

  1704. 	}
    1705. 

  1705. 	return nil
    1706. 

  1706. }
    1707. 

  1707. 

  1708. func (c *Cluster) populateNetworkID(ctx context.Context, client swarmapi.ControlClient, s *types.ServiceSpec) error {
    1709. 

  1709. 	// Always prefer NetworkAttachmentConfigs from TaskTemplate
    1710. 

  1710. 	// but fallback to service spec for backward compatibility
    1711. 

  1711. 	networks := s.TaskTemplate.Networks
    1712. 

  1712. 	if len(networks) == 0 {
    1713. 

  1713. 		networks = s.Networks
    1714. 

  1714. 	}
    1715. 

  1715. 

  1716. 	for i, n := range networks {
    1717. 

  1717. 		apiNetwork, err := getNetwork(ctx, client, n.Target)
    1718. 

  1718. 		if err != nil {
    1719. 

  1719. 			if ln, _ := c.config.Backend.FindNetwork(n.Target); ln != nil && !ln.Info().Dynamic() {
    1720. 

  1720. 				err = fmt.Errorf("network %s is not eligible for docker services", ln.Name())
    1721. 

  1721. 				return apierrors.NewRequestForbiddenError(err)
    1722. 

  1722. 			}
    1723. 

  1723. 			return err
    1724. 

  1724. 		}
    1725. 

  1725. 		networks[i].Target = apiNetwork.ID
    1726. 

  1726. 	}
    1727. 

  1727. 	return nil
    1728. 

  1728. }
    1729. 

  1729. 

  1730. func getNetwork(ctx context.Context, c swarmapi.ControlClient, input string) (*swarmapi.Network, error) {
    1731. 

  1731. 	// GetNetwork to match via full ID.
    1732. 

  1732. 	rg, err := c.GetNetwork(ctx, &swarmapi.GetNetworkRequest{NetworkID: input})
    1733. 

  1733. 	if err != nil {
    1734. 

  1734. 		// If any error (including NotFound), ListNetworks to match via ID prefix and full name.
    1735. 

  1735. 		rl, err := c.ListNetworks(ctx, &swarmapi.ListNetworksRequest{Filters: &swarmapi.ListNetworksRequest_Filters{Names: []string{input}}})
    1736. 

  1736. 		if err != nil || len(rl.Networks) == 0 {
    1737. 

  1737. 			rl, err = c.ListNetworks(ctx, &swarmapi.ListNetworksRequest{Filters: &swarmapi.ListNetworksRequest_Filters{IDPrefixes: []string{input}}})
    1738. 

  1738. 		}
    1739. 

  1739. 

  1740. 		if err != nil {
    1741. 

  1741. 			return nil, err
    1742. 

  1742. 		}
    1743. 

  1743. 

  1744. 		if len(rl.Networks) == 0 {
    1745. 

  1745. 			return nil, fmt.Errorf("network %s not found", input)
    1746. 

  1746. 		}
    1747. 

  1747. 

  1748. 		if l := len(rl.Networks); l > 1 {
    1749. 

  1749. 			return nil, fmt.Errorf("network %s is ambiguous (%d matches found)", input, l)
    1750. 

  1750. 		}
    1751. 

  1751. 

  1752. 		return rl.Networks[0], nil
    1753. 

  1753. 	}
    1754. 

  1754. 	return rg.Network, nil
    1755. 

  1755. }
    1756. 

  1756. 

  1757. // Cleanup stops active swarm node. This is run before daemon shutdown.
    1758. 

  1758. func (c *Cluster) Cleanup() {
    1759. 

  1759. 	c.Lock()
    1760. 

  1760. 	node := c.node
    1761. 

  1761. 	if node == nil {
    1762. 

  1762. 		c.Unlock()
    1763. 

  1763. 		return
    1764. 

  1764. 	}
    1765. 

  1765. 	defer c.Unlock()
    1766. 

  1766. 	if c.isActiveManager() {
    1767. 

  1767. 		active, reachable, unreachable, err := c.managerStats()
    1768. 

  1768. 		if err == nil {
    1769. 

  1769. 			singlenode := active && isLastManager(reachable, unreachable)
    1770. 

  1770. 			if active && !singlenode && removingManagerCausesLossOfQuorum(reachable, unreachable) {
    1771. 

  1771. 				logrus.Errorf("Leaving cluster with %v managers left out of %v. Raft quorum will be lost.", reachable-1, reachable+unreachable)
    1772. 

  1772. 			}
    1773. 

  1773. 		}
    1774. 

  1774. 	}
    1775. 

  1775. 	c.stopNode()
    1776. 

  1776. }
    1777. 

  1777. 

  1778. func (c *Cluster) managerStats() (current bool, reachable int, unreachable int, err error) {
    1779. 

  1779. 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
    1780. 

  1780. 	defer cancel()
    1781. 

  1781. 	nodes, err := c.client.ListNodes(ctx, &swarmapi.ListNodesRequest{})
    1782. 

  1782. 	if err != nil {
    1783. 

  1783. 		return false, 0, 0, err
    1784. 

  1784. 	}
    1785. 

  1785. 	for _, n := range nodes.Nodes {
    1786. 

  1786. 		if n.ManagerStatus != nil {
    1787. 

  1787. 			if n.ManagerStatus.Reachability == swarmapi.RaftMemberStatus_REACHABLE {
    1788. 

  1788. 				reachable++
    1789. 

  1789. 				if n.ID == c.node.NodeID() {
    1790. 

  1790. 					current = true
    1791. 

  1791. 				}
    1792. 

  1792. 			}
    1793. 

  1793. 			if n.ManagerStatus.Reachability == swarmapi.RaftMemberStatus_UNREACHABLE {
    1794. 

  1794. 				unreachable++
    1795. 

  1795. 			}
    1796. 

  1796. 		}
    1797. 

  1797. 	}
    1798. 

  1798. 	return
    1799. 

  1799. }
    1800. 

  1800. 

  1801. func validateAndSanitizeInitRequest(req *types.InitRequest) error {
    1802. 

  1802. 	var err error
    1803. 

  1803. 	req.ListenAddr, err = validateAddr(req.ListenAddr)
    1804. 

  1804. 	if err != nil {
    1805. 

  1805. 		return fmt.Errorf("invalid ListenAddr %q: %v", req.ListenAddr, err)
    1806. 

  1806. 	}
    1807. 

  1807. 

  1808. 	return nil
    1809. 

  1809. }
    1810. 

  1810. 

  1811. func validateAndSanitizeJoinRequest(req *types.JoinRequest) error {
    1812. 

  1812. 	var err error
    1813. 

  1813. 	req.ListenAddr, err = validateAddr(req.ListenAddr)
    1814. 

  1814. 	if err != nil {
    1815. 

  1815. 		return fmt.Errorf("invalid ListenAddr %q: %v", req.ListenAddr, err)
    1816. 

  1816. 	}
    1817. 

  1817. 	if len(req.RemoteAddrs) == 0 {
    1818. 

  1818. 		return fmt.Errorf("at least 1 RemoteAddr is required to join")
    1819. 

  1819. 	}
    1820. 

  1820. 	for i := range req.RemoteAddrs {
    1821. 

  1821. 		req.RemoteAddrs[i], err = validateAddr(req.RemoteAddrs[i])
    1822. 

  1822. 		if err != nil {
    1823. 

  1823. 			return fmt.Errorf("invalid remoteAddr %q: %v", req.RemoteAddrs[i], err)
    1824. 

  1824. 		}
    1825. 

  1825. 	}
    1826. 

  1826. 	return nil
    1827. 

  1827. }
    1828. 

  1828. 

  1829. func validateAddr(addr string) (string, error) {
    1830. 

  1830. 	if addr == "" {
    1831. 

  1831. 		return addr, fmt.Errorf("invalid empty address")
    1832. 

  1832. 	}
    1833. 

  1833. 	newaddr, err := opts.ParseTCPAddr(addr, defaultAddr)
    1834. 

  1834. 	if err != nil {
    1835. 

  1835. 		return addr, nil
    1836. 

  1836. 	}
    1837. 

  1837. 	return strings.TrimPrefix(newaddr, "tcp://"), nil
    1838. 

  1838. }
    1839. 

  1839. 

  1840. func initClusterSpec(node *node, spec types.Spec) error {
    1841. 

  1841. 	ctx, _ := context.WithTimeout(context.Background(), 5*time.Second)
    1842. 

  1842. 	for conn := range node.ListenControlSocket(ctx) {
    1843. 

  1843. 		if ctx.Err() != nil {
    1844. 

  1844. 			return ctx.Err()
    1845. 

  1845. 		}
    1846. 

  1846. 		if conn != nil {
    1847. 

  1847. 			client := swarmapi.NewControlClient(conn)
    1848. 

  1848. 			var cluster *swarmapi.Cluster
    1849. 

  1849. 			for i := 0; ; i++ {
    1850. 

  1850. 				lcr, err := client.ListClusters(ctx, &swarmapi.ListClustersRequest{})
    1851. 

  1851. 				if err != nil {
    1852. 

  1852. 					return fmt.Errorf("error on listing clusters: %v", err)
    1853. 

  1853. 				}
    1854. 

  1854. 				if len(lcr.Clusters) == 0 {
    1855. 

  1855. 					if i < 10 {
    1856. 

  1856. 						time.Sleep(200 * time.Millisecond)
    1857. 

  1857. 						continue
    1858. 

  1858. 					}
    1859. 

  1859. 					return fmt.Errorf("empty list of clusters was returned")
    1860. 

  1860. 				}
    1861. 

  1861. 				cluster = lcr.Clusters[0]
    1862. 

  1862. 				break
    1863. 

  1863. 			}
    1864. 

  1864. 			// In init, we take the initial default values from swarmkit, and merge
    1865. 

  1865. 			// any non nil or 0 value from spec to GRPC spec. This will leave the
    1866. 

  1866. 			// default value alone.
    1867. 

  1867. 			// Note that this is different from Update(), as in Update() we expect
    1868. 

  1868. 			// user to specify the complete spec of the cluster (as they already know
    1869. 

  1869. 			// the existing one and knows which field to update)
    1870. 

  1870. 			clusterSpec, err := convert.MergeSwarmSpecToGRPC(spec, cluster.Spec)
    1871. 

  1871. 			if err != nil {
    1872. 

  1872. 				return fmt.Errorf("error updating cluster settings: %v", err)
    1873. 

  1873. 			}
    1874. 

  1874. 			_, err = client.UpdateCluster(ctx, &swarmapi.UpdateClusterRequest{
    1875. 

  1875. 				ClusterID:      cluster.ID,
    1876. 

  1876. 				ClusterVersion: &cluster.Meta.Version,
    1877. 

  1877. 				Spec:           &clusterSpec,
    1878. 

  1878. 			})
    1879. 

  1879. 			if err != nil {
    1880. 

  1880. 				return fmt.Errorf("error updating cluster settings: %v", err)
    1881. 

  1881. 			}
    1882. 

  1882. 			return nil
    1883. 

  1883. 		}
    1884. 

  1884. 	}
    1885. 

  1885. 	return ctx.Err()
    1886. 

  1886. }
    1887. 

  1887. 

  1888. func detectLockedError(err error) error {
    1889. 

  1889. 	if err == swarmnode.ErrInvalidUnlockKey {
    1890. 

  1890. 		return errors.WithStack(ErrSwarmLocked)
    1891. 

  1891. 	}
    1892. 

  1892. 	return err
    1893. 

  1893. }
    1894.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5