2024-01-25 10:18:44 +00:00
// FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16:
//go:build go1.19
2015-04-30 01:25:01 +00:00
package libnetwork
import (
2023-06-23 00:33:17 +00:00
"context"
2015-05-31 18:49:11 +00:00
"encoding/json"
2015-06-05 20:31:12 +00:00
"fmt"
2015-07-02 05:00:48 +00:00
"net"
2015-05-09 04:50:03 +00:00
"sync"
2015-04-30 05:58:12 +00:00
2023-09-13 15:41:45 +00:00
"github.com/containerd/log"
2023-11-28 10:48:11 +00:00
"github.com/docker/docker/internal/sliceutil"
2021-04-06 00:24:47 +00:00
"github.com/docker/docker/libnetwork/datastore"
"github.com/docker/docker/libnetwork/ipamapi"
"github.com/docker/docker/libnetwork/netlabel"
"github.com/docker/docker/libnetwork/options"
2023-10-17 23:43:12 +00:00
"github.com/docker/docker/libnetwork/scope"
2021-04-06 00:24:47 +00:00
"github.com/docker/docker/libnetwork/types"
2015-04-30 01:25:01 +00:00
)
libnetwork: Sandbox.ResolveName: refactor ordering of endpoints
When resolving names in swarm mode, services with exposed ports are
connected to user overlay network, ingress network, and local (docker_gwbridge)
networks. Name resolution should prioritize returning the VIP/IPs on user
overlay network over ingress and local networks.
Sandbox.ResolveName implemented this by taking the list of endpoints,
splitting the list into 3 separate lists based on the type of network
that the endpoint was attached to (dynamic, ingress, local), and then
creating a new list, applying the networks in that order.
This patch refactors that logic to use a custom sorter (sort.Interface),
which makes the code more transparent, and prevents iterating over the
list of endpoints multiple times.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-17 10:29:46 +00:00
// ByNetworkType sorts a [Endpoint] slice based on the network-type
// they're attached to. It implements [sort.Interface] and can be used
// with [sort.Stable] or [sort.Sort]. It is used by [Sandbox.ResolveName]
// when resolving names in swarm mode. In swarm mode, services with exposed
// ports are connected to user overlay network, ingress network, and local
// ("docker_gwbridge") networks. Name resolution should prioritize returning
// the VIP/IPs on user overlay network over ingress and local networks.
//
// ByNetworkType re-orders the endpoints based on the network-type they
// are attached to:
//
// 1. dynamic networks (user overlay networks)
// 2. ingress network(s)
// 3. local networks ("docker_gwbridge")
type ByNetworkType [ ] * Endpoint
func ( ep ByNetworkType ) Len ( ) int { return len ( ep ) }
func ( ep ByNetworkType ) Swap ( i , j int ) { ep [ i ] , ep [ j ] = ep [ j ] , ep [ i ] }
func ( ep ByNetworkType ) Less ( i , j int ) bool {
return getNetworkType ( ep [ i ] . getNetwork ( ) ) < getNetworkType ( ep [ j ] . getNetwork ( ) )
}
// Define the order in which resolution should happen if an endpoint is
// attached to multiple network-types. It is used by [ByNetworkType].
const (
typeDynamic = iota
typeIngress
typeLocal
)
func getNetworkType ( nw * Network ) int {
switch {
case nw . ingress :
return typeIngress
case nw . dynamic :
return typeDynamic
default :
return typeLocal
}
}
2016-01-11 10:15:20 +00:00
// EndpointOption is an option setter function type used to pass various options to Network
2015-05-02 00:11:13 +00:00
// and Endpoint interfaces methods. The various setter functions of type EndpointOption are
// provided by libnetwork, they look like <Create|Join|Leave>Option[...](...)
2023-01-12 01:42:24 +00:00
type EndpointOption func ( ep * Endpoint )
2015-05-02 00:11:13 +00:00
2023-01-12 01:42:24 +00:00
// Endpoint represents a logical connection between a network and a sandbox.
type Endpoint struct {
2023-11-04 14:22:40 +00:00
name string
id string
network * Network
iface * EndpointInterface
joinInfo * endpointJoinInfo
sandboxID string
exposedPorts [ ] types . TransportPort
// dnsNames holds all the non-fully qualified DNS names associated to this endpoint. Order matters: first entry
// will be used for the PTR records associated to the endpoint's IPv4 and IPv6 addresses.
dnsNames [ ] string
2015-12-24 09:51:32 +00:00
disableResolution bool
generic map [ string ] interface { }
prefAddress net . IP
prefAddressV6 net . IP
ipamOptions map [ string ] string
2016-01-04 22:02:03 +00:00
aliases map [ string ] string
2016-04-14 00:53:41 +00:00
svcID string
svcName string
2016-05-25 05:46:18 +00:00
virtualIP net . IP
2016-06-14 23:40:54 +00:00
svcAliases [ ] string
2016-05-31 06:55:51 +00:00
ingressPorts [ ] * PortConfig
2015-12-24 09:51:32 +00:00
dbIndex uint64
dbExists bool
2016-08-21 05:55:00 +00:00
serviceEnabled bool
2017-08-29 06:35:31 +00:00
loadBalancer bool
2023-01-11 22:51:59 +00:00
mu sync . Mutex
2015-04-30 01:25:01 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) MarshalJSON ( ) ( [ ] byte , error ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-06-05 20:31:12 +00:00
2015-05-31 18:49:11 +00:00
epMap := make ( map [ string ] interface { } )
epMap [ "name" ] = ep . name
2015-07-02 05:00:48 +00:00
epMap [ "id" ] = ep . id
2015-09-09 23:06:35 +00:00
epMap [ "ep_iface" ] = ep . iface
2016-06-11 00:32:19 +00:00
epMap [ "joinInfo" ] = ep . joinInfo
2015-05-31 18:49:11 +00:00
epMap [ "exposed_ports" ] = ep . exposedPorts
2015-10-03 23:11:50 +00:00
if ep . generic != nil {
epMap [ "generic" ] = ep . generic
}
2015-07-02 05:00:48 +00:00
epMap [ "sandbox" ] = ep . sandboxID
2023-11-04 14:22:40 +00:00
epMap [ "dnsNames" ] = ep . dnsNames
2015-12-24 09:51:32 +00:00
epMap [ "disableResolution" ] = ep . disableResolution
2016-04-14 00:53:41 +00:00
epMap [ "svcName" ] = ep . svcName
epMap [ "svcID" ] = ep . svcID
2016-05-25 05:46:18 +00:00
epMap [ "virtualIP" ] = ep . virtualIP . String ( )
2016-05-31 06:55:51 +00:00
epMap [ "ingressPorts" ] = ep . ingressPorts
2016-06-14 23:40:54 +00:00
epMap [ "svcAliases" ] = ep . svcAliases
2017-08-29 06:35:31 +00:00
epMap [ "loadBalancer" ] = ep . loadBalancer
2016-04-14 00:53:41 +00:00
2015-05-31 18:49:11 +00:00
return json . Marshal ( epMap )
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) UnmarshalJSON ( b [ ] byte ) ( err error ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-06-05 20:31:12 +00:00
2015-05-31 18:49:11 +00:00
var epMap map [ string ] interface { }
if err := json . Unmarshal ( b , & epMap ) ; err != nil {
return err
}
ep . name = epMap [ "name" ] . ( string )
2015-07-02 05:00:48 +00:00
ep . id = epMap [ "id" ] . ( string )
2015-05-31 18:49:11 +00:00
2021-05-28 00:15:56 +00:00
// TODO(cpuguy83): So yeah, this isn't checking any errors anywhere.
// Seems like we should be checking errors even because of memory related issues that can arise.
// Alas it seems like given the nature of this data we could introduce problems if we start checking these errors.
//
// If anyone ever comes here and figures out one way or another if we can/should be checking these errors and it turns out we can't... then please document *why*
2015-05-31 18:49:11 +00:00
ib , _ := json . Marshal ( epMap [ "ep_iface" ] )
2022-07-13 20:30:47 +00:00
json . Unmarshal ( ib , & ep . iface ) //nolint:errcheck
2015-05-31 18:49:11 +00:00
2016-06-11 00:32:19 +00:00
jb , _ := json . Marshal ( epMap [ "joinInfo" ] )
2022-07-13 20:30:47 +00:00
json . Unmarshal ( jb , & ep . joinInfo ) //nolint:errcheck
2016-06-11 00:32:19 +00:00
2015-05-31 18:49:11 +00:00
tb , _ := json . Marshal ( epMap [ "exposed_ports" ] )
var tPorts [ ] types . TransportPort
2022-07-13 20:30:47 +00:00
json . Unmarshal ( tb , & tPorts ) //nolint:errcheck
2015-05-31 18:49:11 +00:00
ep . exposedPorts = tPorts
2015-07-02 05:00:48 +00:00
cb , _ := json . Marshal ( epMap [ "sandbox" ] )
2022-07-13 20:30:47 +00:00
json . Unmarshal ( cb , & ep . sandboxID ) //nolint:errcheck
2015-06-01 16:43:24 +00:00
2015-10-03 23:11:50 +00:00
if v , ok := epMap [ "generic" ] ; ok {
ep . generic = v . ( map [ string ] interface { } )
2015-10-22 15:41:52 +00:00
if opt , ok := ep . generic [ netlabel . PortMap ] ; ok {
pblist := [ ] types . PortBinding { }
for i := 0 ; i < len ( opt . ( [ ] interface { } ) ) ; i ++ {
pb := types . PortBinding { }
tmp := opt . ( [ ] interface { } ) [ i ] . ( map [ string ] interface { } )
bytes , err := json . Marshal ( tmp )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Error ( err )
2015-10-22 15:41:52 +00:00
break
}
err = json . Unmarshal ( bytes , & pb )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Error ( err )
2015-10-22 15:41:52 +00:00
break
}
pblist = append ( pblist , pb )
}
ep . generic [ netlabel . PortMap ] = pblist
}
if opt , ok := ep . generic [ netlabel . ExposedPorts ] ; ok {
tplist := [ ] types . TransportPort { }
for i := 0 ; i < len ( opt . ( [ ] interface { } ) ) ; i ++ {
tp := types . TransportPort { }
tmp := opt . ( [ ] interface { } ) [ i ] . ( map [ string ] interface { } )
bytes , err := json . Marshal ( tmp )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Error ( err )
2015-10-22 15:41:52 +00:00
break
}
err = json . Unmarshal ( bytes , & tp )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Error ( err )
2015-10-22 15:41:52 +00:00
break
}
tplist = append ( tplist , tp )
}
ep . generic [ netlabel . ExposedPorts ] = tplist
}
2015-05-31 18:49:11 +00:00
}
2015-10-20 19:12:16 +00:00
2023-11-29 22:02:56 +00:00
var anonymous bool
2015-10-20 19:12:16 +00:00
if v , ok := epMap [ "anonymous" ] ; ok {
2023-11-29 22:02:56 +00:00
anonymous = v . ( bool )
2015-10-20 19:12:16 +00:00
}
2015-12-24 09:51:32 +00:00
if v , ok := epMap [ "disableResolution" ] ; ok {
ep . disableResolution = v . ( bool )
}
2016-04-14 00:53:41 +00:00
if sn , ok := epMap [ "svcName" ] ; ok {
ep . svcName = sn . ( string )
}
if si , ok := epMap [ "svcID" ] ; ok {
ep . svcID = si . ( string )
}
2016-05-25 05:46:18 +00:00
if vip , ok := epMap [ "virtualIP" ] ; ok {
ep . virtualIP = net . ParseIP ( vip . ( string ) )
}
2017-08-29 06:35:31 +00:00
if v , ok := epMap [ "loadBalancer" ] ; ok {
ep . loadBalancer = v . ( bool )
}
2016-06-14 23:40:54 +00:00
sal , _ := json . Marshal ( epMap [ "svcAliases" ] )
var svcAliases [ ] string
2022-07-13 20:30:47 +00:00
json . Unmarshal ( sal , & svcAliases ) //nolint:errcheck
2016-06-14 23:40:54 +00:00
ep . svcAliases = svcAliases
2016-05-31 06:55:51 +00:00
pc , _ := json . Marshal ( epMap [ "ingressPorts" ] )
var ingressPorts [ ] * PortConfig
2022-07-13 20:30:47 +00:00
json . Unmarshal ( pc , & ingressPorts ) //nolint:errcheck
2016-05-31 06:55:51 +00:00
ep . ingressPorts = ingressPorts
2016-01-08 03:19:31 +00:00
ma , _ := json . Marshal ( epMap [ "myAliases" ] )
var myAliases [ ] string
2022-07-13 20:30:47 +00:00
json . Unmarshal ( ma , & myAliases ) //nolint:errcheck
2023-11-04 14:22:40 +00:00
2023-11-28 10:48:11 +00:00
_ , hasDNSNames := epMap [ "dnsNames" ]
2023-11-04 14:22:40 +00:00
dn , _ := json . Marshal ( epMap [ "dnsNames" ] )
var dnsNames [ ] string
json . Unmarshal ( dn , & dnsNames )
ep . dnsNames = dnsNames
2023-11-28 10:48:11 +00:00
// TODO(aker): remove this migration code in v27
if ! hasDNSNames {
// The field dnsNames was introduced in v25.0. If we don't have it, the on-disk state was written by an older
// daemon, thus we need to populate dnsNames based off of myAliases and anonymous values.
2023-11-29 22:02:56 +00:00
if ! anonymous {
2023-11-28 10:48:11 +00:00
myAliases = append ( [ ] string { ep . name } , myAliases ... )
}
ep . dnsNames = sliceutil . Dedup ( myAliases )
}
2015-05-31 18:49:11 +00:00
return nil
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) New ( ) datastore . KVObject {
return & Endpoint { network : ep . getNetwork ( ) }
2015-10-05 11:21:15 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) CopyTo ( o datastore . KVObject ) error {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-10-05 11:21:15 +00:00
2023-01-12 01:42:24 +00:00
dstEp := o . ( * Endpoint )
2015-10-05 11:21:15 +00:00
dstEp . name = ep . name
dstEp . id = ep . id
dstEp . sandboxID = ep . sandboxID
dstEp . dbIndex = ep . dbIndex
dstEp . dbExists = ep . dbExists
2015-12-24 09:51:32 +00:00
dstEp . disableResolution = ep . disableResolution
2016-04-14 00:53:41 +00:00
dstEp . svcName = ep . svcName
dstEp . svcID = ep . svcID
2016-05-25 05:46:18 +00:00
dstEp . virtualIP = ep . virtualIP
2017-08-29 06:35:31 +00:00
dstEp . loadBalancer = ep . loadBalancer
2015-10-05 11:21:15 +00:00
2016-06-14 23:40:54 +00:00
dstEp . svcAliases = make ( [ ] string , len ( ep . svcAliases ) )
copy ( dstEp . svcAliases , ep . svcAliases )
2016-05-31 06:55:51 +00:00
dstEp . ingressPorts = make ( [ ] * PortConfig , len ( ep . ingressPorts ) )
copy ( dstEp . ingressPorts , ep . ingressPorts )
2015-10-05 11:21:15 +00:00
if ep . iface != nil {
2023-08-20 17:03:05 +00:00
dstEp . iface = & EndpointInterface { }
2021-05-28 00:15:56 +00:00
if err := ep . iface . CopyTo ( dstEp . iface ) ; err != nil {
return err
}
2015-10-05 11:21:15 +00:00
}
2016-06-11 00:32:19 +00:00
if ep . joinInfo != nil {
dstEp . joinInfo = & endpointJoinInfo { }
2021-05-28 00:15:56 +00:00
if err := ep . joinInfo . CopyTo ( dstEp . joinInfo ) ; err != nil {
return err
}
2016-06-11 00:32:19 +00:00
}
2015-10-05 11:21:15 +00:00
dstEp . exposedPorts = make ( [ ] types . TransportPort , len ( ep . exposedPorts ) )
copy ( dstEp . exposedPorts , ep . exposedPorts )
2023-11-04 14:22:40 +00:00
dstEp . dnsNames = make ( [ ] string , len ( ep . dnsNames ) )
copy ( dstEp . dnsNames , ep . dnsNames )
2016-01-08 03:19:31 +00:00
2015-10-05 11:21:15 +00:00
dstEp . generic = options . Generic { }
for k , v := range ep . generic {
dstEp . generic [ k ] = v
}
return nil
}
2023-01-12 01:42:24 +00:00
// ID returns the system-generated id for this endpoint.
func ( ep * Endpoint ) ID ( ) string {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2015-07-02 05:00:48 +00:00
return ep . id
2015-04-30 01:25:01 +00:00
}
2023-01-12 01:42:24 +00:00
// Name returns the name of this endpoint.
func ( ep * Endpoint ) Name ( ) string {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2015-04-30 01:25:01 +00:00
return ep . name
}
2023-01-12 01:42:24 +00:00
// Network returns the name of the network to which this endpoint is attached.
func ( ep * Endpoint ) Network ( ) string {
2015-10-05 11:21:15 +00:00
if ep . network == nil {
return ""
}
return ep . network . name
2015-04-30 01:25:01 +00:00
}
2023-11-04 14:12:21 +00:00
// getDNSNames returns a copy of the DNS names associated to this endpoint. The first entry is the one used for PTR
// records.
func ( ep * Endpoint ) getDNSNames ( ) [ ] string {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2023-11-04 14:12:21 +00:00
dnsNames := make ( [ ] string , len ( ep . dnsNames ) )
copy ( dnsNames , ep . dnsNames )
return dnsNames
2015-10-20 19:12:16 +00:00
}
2018-01-08 22:32:49 +00:00
// isServiceEnabled check if service is enabled on the endpoint
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) isServiceEnabled ( ) bool {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2018-01-08 22:32:49 +00:00
return ep . serviceEnabled
}
// enableService sets service enabled on the endpoint
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) enableService ( ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2018-01-08 22:32:49 +00:00
ep . serviceEnabled = true
}
// disableService disables service on the endpoint
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) disableService ( ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2018-01-08 22:32:49 +00:00
ep . serviceEnabled = false
2016-08-21 05:55:00 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) needResolver ( ) bool {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-12-24 09:51:32 +00:00
return ! ep . disableResolution
}
2015-06-05 20:31:12 +00:00
// endpoint Key structure : endpoint/network-id/endpoint-id
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) Key ( ) [ ] string {
2015-10-05 11:21:15 +00:00
if ep . network == nil {
return nil
}
return [ ] string { datastore . EndpointKeyPrefix , ep . network . id , ep . id }
2015-05-31 18:49:11 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) KeyPrefix ( ) [ ] string {
2015-10-05 11:21:15 +00:00
if ep . network == nil {
return nil
}
return [ ] string { datastore . EndpointKeyPrefix , ep . network . id }
2015-06-05 20:31:12 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) Value ( ) [ ] byte {
2015-05-31 18:49:11 +00:00
b , err := json . Marshal ( ep )
if err != nil {
return nil
}
return b
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) SetValue ( value [ ] byte ) error {
2015-06-18 22:13:38 +00:00
return json . Unmarshal ( value , ep )
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) Index ( ) uint64 {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-31 18:49:11 +00:00
return ep . dbIndex
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) SetIndex ( index uint64 ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-31 18:49:11 +00:00
ep . dbIndex = index
2015-06-18 22:13:38 +00:00
ep . dbExists = true
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) Exists ( ) bool {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-06-18 22:13:38 +00:00
return ep . dbExists
2015-05-31 18:49:11 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) Skip ( ) bool {
2015-10-08 03:01:38 +00:00
return ep . getNetwork ( ) . Skip ( )
2015-09-22 14:09:39 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) processOptions ( options ... EndpointOption ) {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2015-05-01 00:57:06 +00:00
for _ , opt := range options {
if opt != nil {
opt ( ep )
}
}
}
2023-07-21 22:38:57 +00:00
func ( ep * Endpoint ) getNetwork ( ) * Network {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-10-05 11:21:15 +00:00
return ep . network
}
2023-07-21 22:38:57 +00:00
func ( ep * Endpoint ) getNetworkFromStore ( ) ( * Network , error ) {
2015-10-05 11:21:15 +00:00
if ep . network == nil {
return nil , fmt . Errorf ( "invalid network object in endpoint %s" , ep . Name ( ) )
}
2016-01-29 18:29:18 +00:00
return ep . network . getController ( ) . getNetworkFromStore ( ep . network . id )
2015-10-05 11:21:15 +00:00
}
2015-05-09 04:50:03 +00:00
2023-01-12 01:42:24 +00:00
// Join joins the sandbox to the endpoint and populates into the sandbox
// the network resources allocated for the endpoint.
func ( ep * Endpoint ) Join ( sb * Sandbox , options ... EndpointOption ) error {
2023-01-12 01:10:09 +00:00
if sb == nil || sb . ID ( ) == "" || sb . Key ( ) == "" {
2023-08-08 11:35:05 +00:00
return types . InvalidParameterErrorf ( "invalid Sandbox passed to endpoint join: %v" , sb )
2015-09-19 00:33:55 +00:00
}
2015-05-09 04:50:03 +00:00
2015-09-19 00:33:55 +00:00
sb . joinLeaveStart ( )
defer sb . joinLeaveEnd ( )
2015-05-09 04:50:03 +00:00
2015-12-07 22:45:51 +00:00
return ep . sbJoin ( sb , options ... )
2015-05-09 04:50:03 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) sbJoin ( sb * Sandbox , options ... EndpointOption ) ( err error ) {
2015-12-07 22:45:51 +00:00
n , err := ep . getNetworkFromStore ( )
2015-10-05 11:21:15 +00:00
if err != nil {
return fmt . Errorf ( "failed to get network from store during join: %v" , err )
}
2015-12-07 22:45:51 +00:00
ep , err = n . getEndpointFromStore ( ep . ID ( ) )
2015-10-05 11:21:15 +00:00
if err != nil {
return fmt . Errorf ( "failed to get endpoint from store during join: %v" , err )
}
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-07-02 05:00:48 +00:00
if ep . sandboxID != "" {
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-10-09 08:45:24 +00:00
return types . ForbiddenErrorf ( "another container is attached to the same network endpoint" )
2015-04-30 05:58:12 +00:00
}
2015-12-07 22:45:51 +00:00
ep . network = n
ep . sandboxID = sb . ID ( )
2015-05-14 06:23:45 +00:00
ep . joinInfo = & endpointJoinInfo { }
2015-05-09 04:50:03 +00:00
epid := ep . id
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-04-30 05:58:12 +00:00
defer func ( ) {
if err != nil {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-07-02 05:00:48 +00:00
ep . sandboxID = ""
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-04-30 05:58:12 +00:00
}
} ( )
2015-12-07 22:45:51 +00:00
nid := n . ID ( )
2015-05-03 20:29:43 +00:00
2015-05-09 04:50:03 +00:00
ep . processOptions ( options ... )
2015-05-04 05:18:49 +00:00
2015-12-07 22:45:51 +00:00
d , err := n . driver ( true )
2015-10-05 11:21:15 +00:00
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get driver during join: %v" , err )
2015-10-05 11:21:15 +00:00
}
2015-12-07 22:45:51 +00:00
err = d . Join ( nid , epid , sb . Key ( ) , ep , sb . Labels ( ) )
2015-04-30 05:58:12 +00:00
if err != nil {
2015-05-24 09:41:03 +00:00
return err
2015-04-30 05:58:12 +00:00
}
2015-06-20 01:41:31 +00:00
defer func ( ) {
if err != nil {
2017-04-17 17:44:14 +00:00
if e := d . Leave ( nid , epid ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "driver leave failed while rolling back join: %v" , e )
2015-06-20 01:41:31 +00:00
}
}
} ( )
2015-05-09 04:50:03 +00:00
2016-05-24 23:17:19 +00:00
if ! n . getController ( ) . isAgent ( ) {
2023-10-17 23:43:12 +00:00
if ! n . getController ( ) . isSwarmNode ( ) || n . Scope ( ) != scope . Swarm || ! n . driverIsMultihost ( ) {
n . updateSvcRecord ( ep , true )
}
2016-04-14 00:53:41 +00:00
}
2015-11-25 23:25:56 +00:00
2024-01-11 16:44:58 +00:00
if err := sb . updateHostsFile ( ep . getEtcHostsAddrs ( ) ) ; err != nil {
return err
2015-04-30 01:25:01 +00:00
}
2015-12-07 22:45:51 +00:00
if err = sb . updateDNS ( n . enableIPv6 ) ; err != nil {
2015-05-24 09:41:03 +00:00
return err
2015-04-30 01:25:01 +00:00
}
2015-05-03 20:29:43 +00:00
2015-12-07 22:45:51 +00:00
// Current endpoint providing external connectivity for the sandbox
extEp := sb . getGatewayEndpoint ( )
2018-02-27 16:15:31 +00:00
sb . addEndpoint ( ep )
2015-09-09 23:20:54 +00:00
defer func ( ) {
if err != nil {
2015-12-07 22:45:51 +00:00
sb . removeEndpoint ( ep )
2015-09-09 23:20:54 +00:00
}
} ( )
2015-07-02 05:00:48 +00:00
if err = sb . populateNetworkResources ( ep ) ; err != nil {
2015-06-05 20:31:12 +00:00
return err
}
2015-09-07 01:34:50 +00:00
2016-10-13 18:14:39 +00:00
if err = n . getController ( ) . updateToStore ( ep ) ; err != nil {
return err
}
2016-11-11 08:42:34 +00:00
if err = ep . addDriverInfoToCluster ( ) ; err != nil {
return err
}
2017-03-15 23:44:47 +00:00
defer func ( ) {
if err != nil {
if e := ep . deleteDriverInfoFromCluster ( ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Errorf ( "Could not delete endpoint state for endpoint %s from cluster on join failure: %v" , ep . Name ( ) , e )
2017-03-15 23:44:47 +00:00
}
}
} ( )
2018-04-10 16:34:41 +00:00
// Load balancing endpoints should never have a default gateway nor
// should they alter the status of a network's default gateway
if ep . loadBalancer && ! sb . ingress {
return nil
}
2016-04-06 16:11:45 +00:00
if sb . needDefaultGW ( ) && sb . getEndpointInGWNetwork ( ) == nil {
2017-04-17 17:44:14 +00:00
return sb . setupDefaultGW ( )
2015-09-07 01:34:50 +00:00
}
2015-12-07 22:45:51 +00:00
moveExtConn := sb . getGatewayEndpoint ( ) != extEp
if moveExtConn {
if extEp != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Revoking external connectivity on endpoint %s (%s)" , extEp . Name ( ) , extEp . ID ( ) )
2016-09-29 02:41:14 +00:00
extN , err := extEp . getNetworkFromStore ( )
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get network from store for revoking external connectivity during join: %v" , err )
2016-09-29 02:41:14 +00:00
}
extD , err := extN . driver ( true )
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get driver for revoking external connectivity during join: %v" , err )
2016-09-29 02:41:14 +00:00
}
if err = extD . RevokeExternalConnectivity ( extEp . network . ID ( ) , extEp . ID ( ) ) ; err != nil {
2016-03-08 06:21:17 +00:00
return types . InternalErrorf (
"driver failed revoking external connectivity on endpoint %s (%s): %v" ,
2015-12-07 22:45:51 +00:00
extEp . Name ( ) , extEp . ID ( ) , err )
}
2016-03-08 06:21:17 +00:00
defer func ( ) {
if err != nil {
2016-09-29 02:41:14 +00:00
if e := extD . ProgramExternalConnectivity ( extEp . network . ID ( ) , extEp . ID ( ) , sb . Labels ( ) ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to roll-back external connectivity on endpoint %s (%s): %v" ,
2016-03-08 06:21:17 +00:00
extEp . Name ( ) , extEp . ID ( ) , e )
}
}
} ( )
2015-12-07 22:45:51 +00:00
}
if ! n . internal {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Programming external connectivity on endpoint %s (%s)" , ep . Name ( ) , ep . ID ( ) )
2016-03-08 06:21:17 +00:00
if err = d . ProgramExternalConnectivity ( n . ID ( ) , ep . ID ( ) , sb . Labels ( ) ) ; err != nil {
return types . InternalErrorf (
"driver failed programming external connectivity on endpoint %s (%s): %v" ,
ep . Name ( ) , ep . ID ( ) , err )
2015-12-07 22:45:51 +00:00
}
}
}
2016-04-06 16:11:45 +00:00
if ! sb . needDefaultGW ( ) {
2017-04-17 17:44:14 +00:00
if e := sb . clearDefaultGW ( ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failure while disconnecting sandbox %s (%s) from gateway network: %v" ,
2017-04-17 17:44:14 +00:00
sb . ID ( ) , sb . ContainerID ( ) , e )
2016-04-06 16:11:45 +00:00
}
}
return nil
2015-04-30 01:25:01 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) rename ( name string ) error {
2023-11-07 12:45:20 +00:00
ep . mu . Lock ( )
ep . name = name
ep . mu . Unlock ( )
2017-03-16 04:13:36 +00:00
2023-11-07 12:45:20 +00:00
// Update the store with the updated name
if err := ep . getNetwork ( ) . getController ( ) . updateToStore ( ep ) ; err != nil {
return err
2015-10-23 03:18:25 +00:00
}
2023-11-07 12:45:20 +00:00
return nil
}
2015-10-23 03:18:25 +00:00
2023-11-07 12:45:20 +00:00
func ( ep * Endpoint ) UpdateDNSNames ( dnsNames [ ] string ) error {
nw := ep . getNetwork ( )
c := nw . getController ( )
2017-06-06 23:04:50 +00:00
sb , ok := ep . getSandbox ( )
if ! ok {
2023-11-07 12:45:20 +00:00
log . G ( context . TODO ( ) ) . WithFields ( log . Fields {
"sandboxID" : ep . sandboxID ,
"endpointID" : ep . ID ( ) ,
} ) . Warn ( "DNSNames update aborted, sandbox is not present anymore" )
2017-06-06 23:04:50 +00:00
return nil
}
2017-03-16 04:13:36 +00:00
if c . isAgent ( ) {
2023-11-07 12:45:20 +00:00
if err := ep . deleteServiceInfoFromCluster ( sb , true , "UpdateDNSNames" ) ; err != nil {
return types . InternalErrorf ( "could not delete service state for endpoint %s from cluster on UpdateDNSNames: %v" , ep . Name ( ) , err )
2017-03-16 04:13:36 +00:00
}
2015-10-23 03:18:25 +00:00
2023-11-07 12:45:20 +00:00
ep . dnsNames = dnsNames
if err := ep . addServiceInfoToCluster ( sb ) ; err != nil {
return types . InternalErrorf ( "could not add service state for endpoint %s to cluster on UpdateDNSNames: %v" , ep . Name ( ) , err )
2015-10-23 03:18:25 +00:00
}
2017-03-16 04:13:36 +00:00
} else {
2023-11-07 12:45:20 +00:00
nw . updateSvcRecord ( ep , false )
ep . dnsNames = dnsNames
nw . updateSvcRecord ( ep , true )
2017-03-16 04:13:36 +00:00
}
2015-10-23 03:18:25 +00:00
// Update the store with the updated name
2023-11-07 12:45:20 +00:00
if err := c . updateToStore ( ep ) ; err != nil {
2015-10-23 03:18:25 +00:00
return err
}
2023-11-07 12:45:20 +00:00
return nil
2015-10-23 03:18:25 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) hasInterface ( iName string ) bool {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-25 06:24:23 +00:00
2015-09-09 23:06:35 +00:00
return ep . iface != nil && ep . iface . srcName == iName
2015-05-25 06:24:23 +00:00
}
2023-01-12 01:42:24 +00:00
// Leave detaches the network resources populated in the sandbox.
2023-11-03 09:35:51 +00:00
func ( ep * Endpoint ) Leave ( sb * Sandbox ) error {
2023-01-12 01:10:09 +00:00
if sb == nil || sb . ID ( ) == "" || sb . Key ( ) == "" {
2023-08-08 11:35:05 +00:00
return types . InvalidParameterErrorf ( "invalid Sandbox passed to endpoint leave: %v" , sb )
2015-07-02 05:00:48 +00:00
}
2015-05-09 04:50:03 +00:00
2015-09-19 00:33:55 +00:00
sb . joinLeaveStart ( )
defer sb . joinLeaveEnd ( )
2023-11-03 09:35:51 +00:00
return ep . sbLeave ( sb , false )
2015-09-19 00:33:55 +00:00
}
2023-11-03 09:35:51 +00:00
func ( ep * Endpoint ) sbLeave ( sb * Sandbox , force bool ) error {
2015-10-05 11:21:15 +00:00
n , err := ep . getNetworkFromStore ( )
if err != nil {
return fmt . Errorf ( "failed to get network from store during leave: %v" , err )
}
ep , err = n . getEndpointFromStore ( ep . ID ( ) )
if err != nil {
return fmt . Errorf ( "failed to get endpoint from store during leave: %v" , err )
}
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-07-02 05:00:48 +00:00
sid := ep . sandboxID
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2015-07-02 05:00:48 +00:00
if sid == "" {
return types . ForbiddenErrorf ( "cannot leave endpoint with no attached sandbox" )
2015-05-09 04:50:03 +00:00
}
2015-12-07 22:45:51 +00:00
if sid != sb . ID ( ) {
return types . ForbiddenErrorf ( "unexpected sandbox ID in leave request. Expected %s. Got %s" , ep . sandboxID , sb . ID ( ) )
2015-07-02 05:00:48 +00:00
}
2016-01-16 22:24:44 +00:00
d , err := n . driver ( ! force )
2015-10-05 11:21:15 +00:00
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get driver during endpoint leave: %v" , err )
2015-06-05 20:31:12 +00:00
}
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-10-16 23:11:55 +00:00
ep . sandboxID = ""
ep . network = n
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-10-16 23:11:55 +00:00
2015-12-07 22:45:51 +00:00
// Current endpoint providing external connectivity to the sandbox
extEp := sb . getGatewayEndpoint ( )
moveExtConn := extEp != nil && ( extEp . ID ( ) == ep . ID ( ) )
2016-01-16 22:24:44 +00:00
if d != nil {
2015-12-07 22:45:51 +00:00
if moveExtConn {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Revoking external connectivity on endpoint %s (%s)" , ep . Name ( ) , ep . ID ( ) )
2015-12-07 22:45:51 +00:00
if err := d . RevokeExternalConnectivity ( n . id , ep . id ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "driver failed revoking external connectivity on endpoint %s (%s): %v" ,
2015-12-07 22:45:51 +00:00
ep . Name ( ) , ep . ID ( ) , err )
}
}
2016-01-16 22:24:44 +00:00
if err := d . Leave ( n . id , ep . id ) ; err != nil {
if _ , ok := err . ( types . MaskableError ) ; ! ok {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "driver error disconnecting container %s : %v" , ep . name , err )
2016-01-16 22:24:44 +00:00
}
2015-10-16 23:11:55 +00:00
}
2015-07-02 05:00:48 +00:00
}
2015-05-09 04:50:03 +00:00
2018-05-31 18:21:55 +00:00
if err := ep . deleteServiceInfoFromCluster ( sb , true , "sbLeave" ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to clean up service info on container %s disconnect: %v" , ep . name , err )
Gracefully remove LB endpoints from services
This patch attempts to allow endpoints to complete servicing connections
while being removed from a service. The change adds a flag to the
endpoint.deleteServiceInfoFromCluster() method to indicate whether this
removal should fully remove connectivity through the load balancer
to the endpoint or should just disable directing further connections to
the endpoint. If the flag is 'false', then the load balancer assigns
a weight of 0 to the endpoint but does not remove it as a linux load
balancing destination. It does remove the endpoint as a docker load
balancing endpoint but tracks it in a special map of "disabled-but-not-
destroyed" load balancing endpoints. This allows traffic to continue
flowing, at least under Linux. If the flag is 'true', then the code
removes the endpoint entirely as a load balancing destination.
The sandbox.DisableService() method invokes deleteServiceInfoFromCluster()
with the flag sent to 'false', while the endpoint.sbLeave() method invokes
it with the flag set to 'true' to complete the removal on endpoint
finalization. Renaming the endpoint invokes deleteServiceInfoFromCluster()
with the flag set to 'true' because renaming attempts to completely
remove and then re-add each endpoint service entry.
The controller.rmServiceBinding() method, which carries out the operation,
similarly gets a new flag for whether to fully remove the endpoint. If
the flag is false, it does the job of moving the endpoint from the
load balancing set to the 'disabled' set. It then removes or
de-weights the entry in the OS load balancing table via
network.rmLBBackend(). It removes the service entirely via said method
ONLY IF there are no more live or disabled load balancing endpoints.
Similarly network.addLBBackend() requires slight tweaking to properly
manage the disabled set.
Finally, this change requires propagating the status of disabled
service endpoints via the networkDB. Accordingly, the patch includes
both code to generate and handle service update messages. It also
augments the service structure with a ServiceDisabled boolean to convey
whether an endpoint should ultimately be removed or just disabled.
This, naturally, required a rebuild of the protocol buffer code as well.
Signed-off-by: Chris Telfer <ctelfer@docker.com>
2018-02-14 22:04:23 +00:00
}
2015-09-07 01:34:50 +00:00
if err := sb . clearNetworkResources ( ep ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to clean up network resources on container %s disconnect: %v" , ep . name , err )
2015-10-16 23:11:55 +00:00
}
// Update the store about the sandbox detach only after we
// have completed sb.clearNetworkresources above to avoid
// spurious logs when cleaning up the sandbox when the daemon
// ungracefully exits and restarts before completing sandbox
// detach but after store has been updated.
if err := n . getController ( ) . updateToStore ( ep ) ; err != nil {
2015-09-07 01:34:50 +00:00
return err
}
2016-11-11 08:42:34 +00:00
if e := ep . deleteDriverInfoFromCluster ( ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Errorf ( "Failed to delete endpoint state for endpoint %s from cluster: %v" , ep . Name ( ) , e )
2016-03-30 21:42:58 +00:00
}
2015-10-24 20:31:01 +00:00
sb . deleteHostsEntries ( n . getSvcRecords ( ep ) )
2016-04-06 16:11:45 +00:00
if ! sb . inDelete && sb . needDefaultGW ( ) && sb . getEndpointInGWNetwork ( ) == nil {
2015-12-07 22:45:51 +00:00
return sb . setupDefaultGW ( )
}
// New endpoint providing external connectivity for the sandbox
extEp = sb . getGatewayEndpoint ( )
if moveExtConn && extEp != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Programming external connectivity on endpoint %s (%s)" , extEp . Name ( ) , extEp . ID ( ) )
2016-09-29 02:41:14 +00:00
extN , err := extEp . getNetworkFromStore ( )
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get network from store for programming external connectivity during leave: %v" , err )
2016-09-29 02:41:14 +00:00
}
extD , err := extN . driver ( true )
if err != nil {
2017-04-17 17:44:14 +00:00
return fmt . Errorf ( "failed to get driver for programming external connectivity during leave: %v" , err )
2016-09-29 02:41:14 +00:00
}
if err := extD . ProgramExternalConnectivity ( extEp . network . ID ( ) , extEp . ID ( ) , sb . Labels ( ) ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "driver failed programming external connectivity on endpoint %s: (%s) %v" ,
2015-12-07 22:45:51 +00:00
extEp . Name ( ) , extEp . ID ( ) , err )
}
}
2016-04-06 16:11:45 +00:00
if ! sb . needDefaultGW ( ) {
if err := sb . clearDefaultGW ( ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failure while disconnecting sandbox %s (%s) from gateway network: %v" ,
2016-04-06 16:11:45 +00:00
sb . ID ( ) , sb . ContainerID ( ) , err )
}
}
return nil
2015-04-30 01:25:01 +00:00
}
2023-01-12 01:42:24 +00:00
// Delete deletes and detaches this endpoint from the network.
func ( ep * Endpoint ) Delete ( force bool ) error {
2015-06-05 20:31:12 +00:00
var err error
2015-10-05 11:21:15 +00:00
n , err := ep . getNetworkFromStore ( )
if err != nil {
return fmt . Errorf ( "failed to get network during Delete: %v" , err )
}
ep , err = n . getEndpointFromStore ( ep . ID ( ) )
if err != nil {
return fmt . Errorf ( "failed to get endpoint from store during Delete: %v" , err )
}
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-06-05 20:31:12 +00:00
epid := ep . id
name := ep . name
2016-01-08 19:24:14 +00:00
sbid := ep . sandboxID
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2016-01-08 19:24:14 +00:00
sb , _ := n . getController ( ) . SandboxByID ( sbid )
if sb != nil && ! force {
2015-07-02 05:00:48 +00:00
return & ActiveContainerError { name : name , id : epid }
2015-06-01 16:43:24 +00:00
}
2016-01-08 19:24:14 +00:00
if sb != nil {
2023-01-12 01:10:09 +00:00
if e := ep . sbLeave ( sb , force ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "failed to leave sandbox for endpoint %s : %v" , name , e )
2016-01-08 19:24:14 +00:00
}
}
2015-06-01 16:43:24 +00:00
2015-10-23 17:09:00 +00:00
if err = n . getController ( ) . deleteFromStore ( ep ) ; err != nil {
2015-10-05 11:21:15 +00:00
return err
2015-06-05 20:31:12 +00:00
}
2016-01-08 19:24:14 +00:00
2015-06-05 20:31:12 +00:00
defer func ( ) {
2016-01-08 19:24:14 +00:00
if err != nil && ! force {
2015-10-23 17:09:00 +00:00
ep . dbExists = false
if e := n . getController ( ) . updateToStore ( ep ) ; e != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "failed to recreate endpoint in store %s : %v" , name , e )
2015-06-05 20:31:12 +00:00
}
}
} ( )
2023-10-17 23:43:12 +00:00
if ! n . getController ( ) . isSwarmNode ( ) || n . Scope ( ) != scope . Swarm || ! n . driverIsMultihost ( ) {
n . updateSvcRecord ( ep , false )
}
2015-10-23 17:09:00 +00:00
2016-01-16 22:24:44 +00:00
if err = ep . deleteEndpoint ( force ) ; err != nil && ! force {
2015-06-01 16:43:24 +00:00
return err
2015-05-06 20:02:40 +00:00
}
2015-06-05 20:31:12 +00:00
2015-10-03 23:11:50 +00:00
ep . releaseAddress ( )
2016-09-02 02:09:34 +00:00
if err := n . getEpCnt ( ) . DecEndpointCnt ( ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "failed to decrement endpoint count for ep %s: %v" , ep . ID ( ) , err )
2016-09-02 02:09:34 +00:00
}
2015-06-01 16:43:24 +00:00
return nil
}
2015-04-30 01:25:01 +00:00
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) deleteEndpoint ( force bool ) error {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-04-30 01:25:01 +00:00
n := ep . network
2015-06-01 16:43:24 +00:00
name := ep . name
epid := ep . id
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2016-01-16 22:24:44 +00:00
driver , err := n . driver ( ! force )
2015-10-05 11:21:15 +00:00
if err != nil {
return fmt . Errorf ( "failed to delete endpoint: %v" , err )
2015-04-30 01:25:01 +00:00
}
2016-01-16 22:24:44 +00:00
if driver == nil {
return nil
}
2015-10-05 11:21:15 +00:00
if err := driver . DeleteEndpoint ( n . id , epid ) ; err != nil {
2015-06-10 20:27:23 +00:00
if _ , ok := err . ( types . ForbiddenError ) ; ok {
return err
2015-04-30 01:25:01 +00:00
}
2015-10-19 22:56:25 +00:00
if _ , ok := err . ( types . MaskableError ) ; ! ok {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "driver error deleting endpoint %s : %v" , name , err )
2015-10-19 22:56:25 +00:00
}
2015-06-10 20:27:23 +00:00
}
2015-06-19 06:40:17 +00:00
2015-06-10 20:27:23 +00:00
return nil
2015-04-30 01:25:01 +00:00
}
2015-04-30 05:58:12 +00:00
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) getSandbox ( ) ( * Sandbox , bool ) {
2015-07-02 05:00:48 +00:00
c := ep . network . getController ( )
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-07-02 05:00:48 +00:00
sid := ep . sandboxID
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2023-01-11 20:56:50 +00:00
c . mu . Lock ( )
2015-07-02 05:00:48 +00:00
ps , ok := c . sandboxes [ sid ]
2023-01-11 20:56:50 +00:00
c . mu . Unlock ( )
2015-04-30 05:58:12 +00:00
2015-07-02 05:00:48 +00:00
return ps , ok
2015-04-30 05:58:12 +00:00
}
2024-01-11 16:44:58 +00:00
// Return a list of this endpoint's addresses to add to '/etc/hosts'.
func ( ep * Endpoint ) getEtcHostsAddrs ( ) [ ] string {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
defer ep . mu . Unlock ( )
2015-05-09 04:50:03 +00:00
2024-01-11 16:44:58 +00:00
// Do not update hosts file with internal network's endpoint IP
if n := ep . network ; n == nil || n . ingress || n . Name ( ) == libnGWNetwork {
return nil
2015-05-03 20:29:43 +00:00
}
2024-01-11 16:44:58 +00:00
var addresses [ ] string
if ep . iface . addr != nil {
addresses = append ( addresses , ep . iface . addr . IP . String ( ) )
}
2019-08-30 21:24:43 +00:00
if ep . iface . addrv6 != nil {
2024-01-11 16:44:58 +00:00
addresses = append ( addresses , ep . iface . addrv6 . IP . String ( ) )
2019-08-30 21:24:43 +00:00
}
2024-01-11 16:44:58 +00:00
return addresses
2019-08-30 21:24:43 +00:00
}
2015-05-04 05:18:49 +00:00
// EndpointOptionGeneric function returns an option setter for a Generic option defined
// in a Dictionary of Key-Value pair
func EndpointOptionGeneric ( generic map [ string ] interface { } ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-05-04 05:18:49 +00:00
for k , v := range generic {
ep . generic [ k ] = v
}
}
}
2016-05-25 03:04:49 +00:00
var (
linkLocalMask = net . CIDRMask ( 16 , 32 )
linkLocalMaskIPv6 = net . CIDRMask ( 64 , 128 )
)
2015-12-04 03:20:42 +00:00
// CreateOptionIpam function returns an option setter for the ipam configuration for this endpoint
2016-05-25 03:04:49 +00:00
func CreateOptionIpam ( ipV4 , ipV6 net . IP , llIPs [ ] net . IP , ipamOptions map [ string ] string ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-12-09 02:03:38 +00:00
ep . prefAddress = ipV4
ep . prefAddressV6 = ipV6
2016-05-25 03:04:49 +00:00
if len ( llIPs ) != 0 {
for _ , ip := range llIPs {
nw := & net . IPNet { IP : ip , Mask : linkLocalMask }
if ip . To4 ( ) == nil {
nw . Mask = linkLocalMaskIPv6
}
ep . iface . llAddrs = append ( ep . iface . llAddrs , nw )
}
}
2015-12-04 03:20:42 +00:00
ep . ipamOptions = ipamOptions
}
}
2015-05-05 20:46:12 +00:00
// CreateOptionExposedPorts function returns an option setter for the container exposed
2023-07-21 22:38:57 +00:00
// ports option to be passed to [Network.CreateEndpoint] method.
2015-05-20 20:28:46 +00:00
func CreateOptionExposedPorts ( exposedPorts [ ] types . TransportPort ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-05-05 20:46:12 +00:00
// Defensive copy
2015-05-20 20:28:46 +00:00
eps := make ( [ ] types . TransportPort , len ( exposedPorts ) )
2015-05-05 20:46:12 +00:00
copy ( eps , exposedPorts )
// Store endpoint label and in generic because driver needs it
ep . exposedPorts = eps
2015-05-06 04:19:57 +00:00
ep . generic [ netlabel . ExposedPorts ] = eps
2015-05-05 20:46:12 +00:00
}
}
// CreateOptionPortMapping function returns an option setter for the mapping
2023-07-21 22:38:57 +00:00
// ports option to be passed to [Network.CreateEndpoint] method.
2015-05-20 20:28:46 +00:00
func CreateOptionPortMapping ( portBindings [ ] types . PortBinding ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-05-05 06:45:07 +00:00
// Store a copy of the bindings as generic data to pass to the driver
2015-05-20 20:28:46 +00:00
pbs := make ( [ ] types . PortBinding , len ( portBindings ) )
2015-05-05 20:46:12 +00:00
copy ( pbs , portBindings )
2015-05-06 04:19:57 +00:00
ep . generic [ netlabel . PortMap ] = pbs
2015-05-02 00:01:21 +00:00
}
}
2016-09-19 22:48:06 +00:00
// CreateOptionDNS function returns an option setter for dns entry option to
// be passed to container Create method.
func CreateOptionDNS ( dns [ ] string ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2016-09-19 22:48:06 +00:00
ep . generic [ netlabel . DNSServers ] = dns
}
}
2023-11-04 13:12:20 +00:00
// CreateOptionDNSNames specifies the list of (non fully qualified) DNS names associated to an endpoint. These will be
// used to populate the embedded DNS server. Order matters: first name will be used to generate PTR records.
func CreateOptionDNSNames ( names [ ] string ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2023-11-04 13:12:20 +00:00
ep . dnsNames = names
2015-10-20 19:12:16 +00:00
}
}
2015-12-24 09:51:32 +00:00
// CreateOptionDisableResolution function returns an option setter to indicate
// this endpoint doesn't want embedded DNS server functionality
func CreateOptionDisableResolution ( ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-12-24 09:51:32 +00:00
ep . disableResolution = true
}
}
2017-09-07 17:36:11 +00:00
// CreateOptionAlias function returns an option setter for setting endpoint alias
2016-01-04 22:02:03 +00:00
func CreateOptionAlias ( name string , alias string ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2016-01-04 22:02:03 +00:00
if ep . aliases == nil {
ep . aliases = make ( map [ string ] string )
}
ep . aliases [ alias ] = name
}
}
2016-04-14 00:53:41 +00:00
// CreateOptionService function returns an option setter for setting service binding configuration
2016-06-14 23:40:54 +00:00
func CreateOptionService ( name , id string , vip net . IP , ingressPorts [ ] * PortConfig , aliases [ ] string ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2016-04-14 00:53:41 +00:00
ep . svcName = name
ep . svcID = id
2016-05-25 05:46:18 +00:00
ep . virtualIP = vip
2016-05-31 06:55:51 +00:00
ep . ingressPorts = ingressPorts
2016-06-14 23:40:54 +00:00
ep . svcAliases = aliases
2016-04-14 00:53:41 +00:00
}
}
2017-09-07 17:36:11 +00:00
// CreateOptionLoadBalancer function returns an option setter for denoting the endpoint is a load balancer for a network
2017-08-29 06:35:31 +00:00
func CreateOptionLoadBalancer ( ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2017-08-29 06:35:31 +00:00
ep . loadBalancer = true
}
}
2015-07-02 05:00:48 +00:00
// JoinOptionPriority function returns an option setter for priority option to
// be passed to the endpoint.Join() method.
2020-05-15 03:02:30 +00:00
func JoinOptionPriority ( prio int ) EndpointOption {
2023-01-12 01:42:24 +00:00
return func ( ep * Endpoint ) {
2015-07-02 05:00:48 +00:00
// ep lock already acquired
c := ep . network . getController ( )
2023-01-11 20:56:50 +00:00
c . mu . Lock ( )
2015-07-02 05:00:48 +00:00
sb , ok := c . sandboxes [ ep . sandboxID ]
2023-01-11 20:56:50 +00:00
c . mu . Unlock ( )
2015-07-02 05:00:48 +00:00
if ! ok {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Errorf ( "Could not set endpoint priority value during Join to endpoint %s: No sandbox id present in endpoint" , ep . id )
2015-07-02 05:00:48 +00:00
return
}
sb . epPriority [ ep . id ] = prio
2015-04-30 21:52:46 +00:00
}
}
2015-09-16 11:39:46 +00:00
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) assignAddress ( ipam ipamapi . Ipam , assignIPv4 , assignIPv6 bool ) error {
2015-12-10 02:09:58 +00:00
var err error
2015-10-05 21:53:25 +00:00
2015-10-03 23:11:50 +00:00
n := ep . getNetwork ( )
2016-06-15 04:34:44 +00:00
if n . hasSpecialDriver ( ) {
2015-10-03 23:11:50 +00:00
return nil
}
2015-10-05 21:53:25 +00:00
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Assigning addresses for endpoint %s's interface on network %s" , ep . Name ( ) , n . Name ( ) )
2015-10-05 21:53:25 +00:00
2015-11-06 07:50:10 +00:00
if assignIPv4 {
if err = ep . assignAddressVersion ( 4 , ipam ) ; err != nil {
return err
}
2015-10-04 04:25:57 +00:00
}
2015-11-06 07:50:10 +00:00
if assignIPv6 {
err = ep . assignAddressVersion ( 6 , ipam )
}
return err
2015-10-04 04:25:57 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) assignAddressVersion ( ipVer int , ipam ipamapi . Ipam ) error {
2015-10-04 04:25:57 +00:00
var (
poolID * string
address * * net . IPNet
2015-12-09 02:03:38 +00:00
prefAdd net . IP
progAdd net . IP
2015-10-04 04:25:57 +00:00
)
n := ep . getNetwork ( )
switch ipVer {
case 4 :
poolID = & ep . iface . v4PoolID
address = & ep . iface . addr
2015-12-09 02:03:38 +00:00
prefAdd = ep . prefAddress
2015-10-04 04:25:57 +00:00
case 6 :
poolID = & ep . iface . v6PoolID
address = & ep . iface . addrv6
2015-12-09 02:03:38 +00:00
prefAdd = ep . prefAddressV6
2015-10-04 04:25:57 +00:00
default :
return types . InternalErrorf ( "incorrect ip version number passed: %d" , ipVer )
}
ipInfo := n . getIPInfo ( ipVer )
// ipv6 address is not mandatory
if len ( ipInfo ) == 0 && ipVer == 6 {
return nil
}
2015-12-09 02:03:38 +00:00
// The address to program may be chosen by the user or by the network driver in one specific
// case to support backward compatibility with `docker daemon --fixed-cidrv6` use case
if prefAdd != nil {
progAdd = prefAdd
} else if * address != nil {
progAdd = ( * address ) . IP
}
2015-10-04 04:25:57 +00:00
for _ , d := range ipInfo {
2015-12-09 02:03:38 +00:00
if progAdd != nil && ! d . Pool . Contains ( progAdd ) {
continue
2015-11-06 07:50:10 +00:00
}
2015-12-09 02:03:38 +00:00
addr , _ , err := ipam . RequestAddress ( d . PoolID , progAdd , ep . ipamOptions )
2015-10-03 23:11:50 +00:00
if err == nil {
2023-01-11 22:51:59 +00:00
ep . mu . Lock ( )
2015-10-04 04:25:57 +00:00
* address = addr
* poolID = d . PoolID
2023-01-11 22:51:59 +00:00
ep . mu . Unlock ( )
2015-10-03 23:11:50 +00:00
return nil
}
2015-12-09 02:03:38 +00:00
if err != ipamapi . ErrNoAvailableIPs || progAdd != nil {
2015-10-03 23:11:50 +00:00
return err
}
}
2015-12-09 02:03:38 +00:00
if progAdd != nil {
2023-08-08 16:55:58 +00:00
return types . InvalidParameterErrorf ( "invalid address %s: It does not belong to any of this network's subnets" , prefAdd )
2015-12-09 02:03:38 +00:00
}
2015-10-04 04:25:57 +00:00
return fmt . Errorf ( "no available IPv%d addresses on this network's address pools: %s (%s)" , ipVer , n . Name ( ) , n . ID ( ) )
2015-10-03 23:11:50 +00:00
}
2023-01-12 01:42:24 +00:00
func ( ep * Endpoint ) releaseAddress ( ) {
2015-10-03 23:11:50 +00:00
n := ep . getNetwork ( )
2016-06-15 04:34:44 +00:00
if n . hasSpecialDriver ( ) {
2015-10-03 23:11:50 +00:00
return
}
2015-10-05 21:53:25 +00:00
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Debugf ( "Releasing addresses for endpoint %s's interface on network %s" , ep . Name ( ) , n . Name ( ) )
2015-10-05 21:53:25 +00:00
2016-03-01 02:17:04 +00:00
ipam , _ , err := n . getController ( ) . getIPAMDriver ( n . ipamType )
2015-10-03 23:11:50 +00:00
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to retrieve ipam driver to release interface address on delete of endpoint %s (%s): %v" , ep . Name ( ) , ep . ID ( ) , err )
2015-10-03 23:11:50 +00:00
return
}
2016-03-04 19:35:11 +00:00
if ep . iface . addr != nil {
if err := ipam . ReleaseAddress ( ep . iface . v4PoolID , ep . iface . addr . IP ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to release ip address %s on delete of endpoint %s (%s): %v" , ep . iface . addr . IP , ep . Name ( ) , ep . ID ( ) , err )
2016-03-04 19:35:11 +00:00
}
2015-10-03 23:11:50 +00:00
}
2016-03-04 19:35:11 +00:00
Allow overlapping change in bridge's IPv6 network.
Calculate the IPv6 addreesses needed on a bridge, then reconcile them
with the addresses on an existing bridge by deleting then adding as
required.
(Previously, required addresses were added one-by-one, then unwanted
addresses were removed. This meant the daemon failed to start if, for
example, an existing bridge had address '2000:db8::/64' and the config
was changed to '2000:db8::/80'.)
IPv6 addresses are now calculated and applied in one go, so there's no
need for setupVerifyAndReconcile() to check the set of IPv6 addresses on
the bridge. And, it was guarded by !config.InhibitIPv4, which can't have
been right. So, removed its IPv6 parts, and added IPv4 to its name.
Link local addresses, the example given in the original ticket, are now
released when containers are stopped. Not releasing them meant that
when using an LL subnet on the default bridge, no container could be
started after a container was stopped (because the calculated address
could not be re-allocated). In non-default bridge networks using an
LL subnet, addresses leaked.
Linux always uses the standard 'fe80::/64' LL network. So, if a bridge
is configured with an LL subnet prefix that overlaps with it, a config
error is reported. Non-overlapping LL subnet prefixes are allowed.
Signed-off-by: Rob Murray <rob.murray@docker.com>
2023-11-25 14:38:03 +00:00
if ep . iface . addrv6 != nil {
2015-10-04 04:25:57 +00:00
if err := ipam . ReleaseAddress ( ep . iface . v6PoolID , ep . iface . addrv6 . IP ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Failed to release ip address %s on delete of endpoint %s (%s): %v" , ep . iface . addrv6 . IP , ep . Name ( ) , ep . ID ( ) , err )
2015-10-04 04:25:57 +00:00
}
}
2015-10-03 23:11:50 +00:00
}
2015-10-19 20:20:23 +00:00
2023-08-16 18:12:42 +00:00
func ( c * Controller ) cleanupLocalEndpoints ( ) error {
2016-06-11 00:32:19 +00:00
// Get used endpoints
eps := make ( map [ string ] interface { } )
for _ , sb := range c . sandboxes {
for _ , ep := range sb . endpoints {
eps [ ep . id ] = true
}
}
2023-01-14 00:04:43 +00:00
nl , err := c . getNetworks ( )
2015-10-19 20:20:23 +00:00
if err != nil {
2023-08-16 18:12:42 +00:00
return fmt . Errorf ( "could not get list of networks: %v" , err )
2015-10-19 20:20:23 +00:00
}
for _ , n := range nl {
2017-04-07 17:51:39 +00:00
if n . ConfigOnly ( ) {
continue
}
2015-10-19 20:20:23 +00:00
epl , err := n . getEndpointsFromStore ( )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Could not get list of endpoints in network %s during endpoint cleanup: %v" , n . name , err )
2015-10-19 20:20:23 +00:00
continue
}
for _ , ep := range epl {
2016-06-11 00:32:19 +00:00
if _ , ok := eps [ ep . id ] ; ok {
continue
}
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Infof ( "Removing stale endpoint %s (%s)" , ep . name , ep . id )
2016-01-17 20:43:41 +00:00
if err := ep . Delete ( true ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Could not delete local endpoint %s during endpoint cleanup: %v" , ep . name , err )
2015-10-19 20:20:23 +00:00
}
}
2016-03-16 04:07:42 +00:00
epl , err = n . getEndpointsFromStore ( )
if err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Warnf ( "Could not get list of endpoints in network %s for count update: %v" , n . name , err )
2016-03-16 04:07:42 +00:00
continue
}
epCnt := n . getEpCnt ( ) . EndpointCnt ( )
if epCnt != uint64 ( len ( epl ) ) {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . Infof ( "Fixing inconsistent endpoint_cnt for network %s. Expected=%d, Actual=%d" , n . name , len ( epl ) , epCnt )
2021-05-28 00:15:56 +00:00
if err := n . getEpCnt ( ) . setCnt ( uint64 ( len ( epl ) ) ) ; err != nil {
2023-06-23 00:33:17 +00:00
log . G ( context . TODO ( ) ) . WithField ( "network" , n . name ) . WithError ( err ) . Warn ( "Error while fixing inconsistent endpoint_cnt for network" )
2021-05-28 00:15:56 +00:00
}
2016-03-16 04:07:42 +00:00
}
2015-10-19 20:20:23 +00:00
}
2023-08-16 18:12:42 +00:00
return nil
2015-10-19 20:20:23 +00:00
}
