Vendoring libnetwork @82fb373e3eaa4e

- Fixes a SNAT issue in loadbalancer when multiple networks are involved
  - Fixes an issue with SRV query forwarding in DNS
  - Fixes a map race

Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
(cherry picked from commit 56c9822695)
Signed-off-by: Tibor Vass <tibor@docker.com>
This commit is contained in:
Jana Radhakrishnan 2016-08-15 17:53:35 -07:00 committed by Tibor Vass
parent 64f62a6703
commit 651c53f020
5 changed files with 17 additions and 8 deletions

View file

@ -65,7 +65,7 @@ clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837
clone git github.com/imdario/mergo 0.2.1
#get libnetwork packages
clone git github.com/docker/libnetwork 24f64a6f9e9cade70e3904df291fb321584b1b4e
clone git github.com/docker/libnetwork 82fb373e3eaa4e9bbb5b5ac148b0a3a71f80fca6
clone git github.com/docker/go-events afb2b9f2c23f33ada1a22b03651775fdc65a5089
clone git github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec

View file

@ -1110,8 +1110,8 @@ func (n *network) getSvcRecords(ep *endpoint) []etchosts.Record {
epName := ep.Name()
n.ctrlr.Lock()
defer n.ctrlr.Unlock()
sr, _ := n.ctrlr.svcRecords[n.id]
n.ctrlr.Unlock()
for h, ip := range sr.svcMap {
if strings.Split(h, ".")[0] == epName {

View file

@ -255,6 +255,9 @@ func (r *resolver) handleSRVQuery(svc string, query *dns.Msg) (*dns.Msg, error)
if err != nil {
return nil, err
}
if len(srv) == 0 {
return nil, nil
}
if len(srv) != len(ip) {
return nil, fmt.Errorf("invalid reply for SRV query %s", svc)
}

View file

@ -444,16 +444,16 @@ func (sb *sandbox) ResolveService(name string) ([]*net.SRV, []net.IP, error) {
log.Debugf("Service name To resolve: %v", name)
// There are DNS implementaions that allow SRV queries for names not in
// the format defined by RFC 2782. Hence specific validations checks are
// not done
parts := strings.Split(name, ".")
if len(parts) < 3 {
return nil, nil, fmt.Errorf("invalid service name, %s", name)
return nil, nil, nil
}
portName := parts[0]
proto := parts[1]
if proto != "_tcp" && proto != "_udp" {
return nil, nil, fmt.Errorf("invalid protocol in service, %s", name)
}
svcName := strings.Join(parts[2:], ".")
for _, ep := range sb.getConnectedEndpoints() {

View file

@ -647,7 +647,7 @@ func invokeFWMarker(path string, vip net.IP, fwMark uint32, ingressPorts []*Port
cmd := &exec.Cmd{
Path: reexec.Self(),
Args: append([]string{"fwmarker"}, path, vip.String(), fmt.Sprintf("%d", fwMark), addDelOpt, ingressPortsFile, eIP.IP.String()),
Args: append([]string{"fwmarker"}, path, vip.String(), fmt.Sprintf("%d", fwMark), addDelOpt, ingressPortsFile, eIP.String()),
Stdout: os.Stdout,
Stderr: os.Stderr,
}
@ -719,7 +719,13 @@ func fwMarker() {
}
if addDelOpt == "-A" {
ruleParams := strings.Fields(fmt.Sprintf("-m ipvs --ipvs -j SNAT --to-source %s", os.Args[6]))
eIP, subnet, err := net.ParseCIDR(os.Args[6])
if err != nil {
logrus.Errorf("Failed to parse endpoint IP %s: %v", os.Args[6], err)
os.Exit(9)
}
ruleParams := strings.Fields(fmt.Sprintf("-m ipvs --ipvs -d %s -j SNAT --to-source %s", subnet, eIP))
if !iptables.Exists("nat", "POSTROUTING", ruleParams...) {
rule := append(strings.Fields("-t nat -A POSTROUTING"), ruleParams...)
rules = append(rules, rule)