aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@gmail.com>2018-09-25 13:14:20 -0400
committerMatthew Heon <matthew.heon@gmail.com>2018-10-04 17:34:59 -0400
commit52de75501c59baacf3be993253e44e4eaf494b2f (patch)
tree006b90a21cb9a5c2360121b623b692d652b4a1db
parentbc5fac3a7cbef9c73dd3a739c830066c88fa595f (diff)
downloadpodman-52de75501c59baacf3be993253e44e4eaf494b2f.tar.gz
podman-52de75501c59baacf3be993253e44e4eaf494b2f.tar.bz2
podman-52de75501c59baacf3be993253e44e4eaf494b2f.zip
Drop libnetwork vendor and move the code into pkg/
The vendoring issues with libnetwork were significant (it was dragging in massive amounts of code) and were just not worth spending the time to work through. Highly unlikely we'll ever end up needing to update this code, so move it directly into pkg/ so we don't need to vendor libnetwork. Make a few small changes to remove the need for the remainder of libnetwork. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
-rw-r--r--libpod/container_internal.go5
-rw-r--r--pkg/resolvconf/dns/resolvconf.go (renamed from vendor/github.com/docker/libnetwork/resolvconf/dns/resolvconf.go)2
-rw-r--r--pkg/resolvconf/resolvconf.go (renamed from vendor/github.com/docker/libnetwork/resolvconf/resolvconf.go)21
-rw-r--r--vendor/github.com/docker/libnetwork/LICENSE202
-rw-r--r--vendor/github.com/docker/libnetwork/README.md100
-rw-r--r--vendor/github.com/docker/libnetwork/ipamutils/utils.go135
-rw-r--r--vendor/github.com/docker/libnetwork/netutils/utils.go194
-rw-r--r--vendor/github.com/docker/libnetwork/netutils/utils_freebsd.go23
-rw-r--r--vendor/github.com/docker/libnetwork/netutils/utils_linux.go126
-rw-r--r--vendor/github.com/docker/libnetwork/netutils/utils_windows.go25
-rw-r--r--vendor/github.com/docker/libnetwork/ns/init_linux.go140
-rw-r--r--vendor/github.com/docker/libnetwork/ns/init_windows.go3
-rw-r--r--vendor/github.com/docker/libnetwork/osl/interface_freebsd.go4
-rw-r--r--vendor/github.com/docker/libnetwork/osl/interface_linux.go460
-rw-r--r--vendor/github.com/docker/libnetwork/osl/interface_windows.go4
-rw-r--r--vendor/github.com/docker/libnetwork/osl/kernel/knobs.go16
-rw-r--r--vendor/github.com/docker/libnetwork/osl/kernel/knobs_linux.go47
-rw-r--r--vendor/github.com/docker/libnetwork/osl/kernel/knobs_unsupported.go7
-rw-r--r--vendor/github.com/docker/libnetwork/osl/namespace_linux.go657
-rw-r--r--vendor/github.com/docker/libnetwork/osl/namespace_unsupported.go17
-rw-r--r--vendor/github.com/docker/libnetwork/osl/namespace_windows.go38
-rw-r--r--vendor/github.com/docker/libnetwork/osl/neigh_freebsd.go4
-rw-r--r--vendor/github.com/docker/libnetwork/osl/neigh_linux.go194
-rw-r--r--vendor/github.com/docker/libnetwork/osl/neigh_windows.go4
-rw-r--r--vendor/github.com/docker/libnetwork/osl/options_linux.go73
-rw-r--r--vendor/github.com/docker/libnetwork/osl/route_linux.go203
-rw-r--r--vendor/github.com/docker/libnetwork/osl/sandbox.go187
-rw-r--r--vendor/github.com/docker/libnetwork/osl/sandbox_freebsd.go44
-rw-r--r--vendor/github.com/docker/libnetwork/osl/sandbox_unsupported.go22
-rw-r--r--vendor/github.com/docker/libnetwork/resolvconf/README.md1
-rw-r--r--vendor/github.com/docker/libnetwork/types/types.go653
-rw-r--r--vendor/github.com/docker/libnetwork/vendor.conf50
32 files changed, 11 insertions, 3650 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 9a2777efc..9f584d2e2 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -15,14 +15,13 @@ import (
"github.com/containers/libpod/pkg/chrootuser"
"github.com/containers/libpod/pkg/hooks"
"github.com/containers/libpod/pkg/hooks/exec"
+ "github.com/containers/libpod/pkg/resolvconf"
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/secrets"
"github.com/containers/storage"
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/chrootarchive"
"github.com/containers/storage/pkg/mount"
- "github.com/docker/libnetwork/netutils"
- "github.com/docker/libnetwork/resolvconf"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
"github.com/opencontainers/selinux/go-selinux/label"
@@ -1039,7 +1038,7 @@ func (c *Container) generateResolvConf() (string, error) {
}
// Make a new resolv.conf
- nameservers := resolvconf.GetNameservers(resolv.Content, netutils.IP)
+ nameservers := resolvconf.GetNameservers(resolv.Content)
if len(c.config.DNSServer) > 0 {
// We store DNS servers as net.IP, so need to convert to string
nameservers = []string{}
diff --git a/vendor/github.com/docker/libnetwork/resolvconf/dns/resolvconf.go b/pkg/resolvconf/dns/resolvconf.go
index e348bc57f..cb4bd1033 100644
--- a/vendor/github.com/docker/libnetwork/resolvconf/dns/resolvconf.go
+++ b/pkg/resolvconf/dns/resolvconf.go
@@ -1,3 +1,5 @@
+// Originally from github.com/docker/libnetwork/resolvconf/dns
+
package dns
import (
diff --git a/vendor/github.com/docker/libnetwork/resolvconf/resolvconf.go b/pkg/resolvconf/resolvconf.go
index 23caf7f12..476999f00 100644
--- a/vendor/github.com/docker/libnetwork/resolvconf/resolvconf.go
+++ b/pkg/resolvconf/resolvconf.go
@@ -1,4 +1,5 @@
-// Package resolvconf provides utility code to query and update DNS configuration in /etc/resolv.conf
+// Package resolvconf provides utility code to query and update DNS configuration in /etc/resolv.conf.
+// Originally from github.com/docker/libnetwork/resolvconf.
package resolvconf
import (
@@ -8,9 +9,8 @@ import (
"strings"
"sync"
+ "github.com/containers/libpod/pkg/resolvconf/dns"
"github.com/docker/docker/pkg/ioutils"
- "github.com/docker/libnetwork/resolvconf/dns"
- "github.com/docker/libnetwork/types"
"github.com/sirupsen/logrus"
)
@@ -119,7 +119,7 @@ func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
}
// if the resulting resolvConf has no more nameservers defined, add appropriate
// default DNS servers for IPv4 and (optionally) IPv6
- if len(GetNameservers(cleanedResolvConf, types.IP)) == 0 {
+ if len(GetNameservers(cleanedResolvConf)) == 0 {
logrus.Infof("No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: %v", defaultIPv4Dns)
dns := defaultIPv4Dns
if ipv6Enabled {
@@ -151,17 +151,10 @@ func getLines(input []byte, commentMarker []byte) [][]byte {
}
// GetNameservers returns nameservers (if any) listed in /etc/resolv.conf
-func GetNameservers(resolvConf []byte, kind int) []string {
+func GetNameservers(resolvConf []byte) []string {
nameservers := []string{}
for _, line := range getLines(resolvConf, []byte("#")) {
- var ns [][]byte
- if kind == types.IP {
- ns = nsRegexp.FindSubmatch(line)
- } else if kind == types.IPv4 {
- ns = nsIPv4Regexpmatch.FindSubmatch(line)
- } else if kind == types.IPv6 {
- ns = nsIPv6Regexpmatch.FindSubmatch(line)
- }
+ ns := nsRegexp.FindSubmatch(line)
if len(ns) > 0 {
nameservers = append(nameservers, string(ns[1]))
}
@@ -174,7 +167,7 @@ func GetNameservers(resolvConf []byte, kind int) []string {
// This function's output is intended for net.ParseCIDR
func GetNameserversAsCIDR(resolvConf []byte) []string {
nameservers := []string{}
- for _, nameserver := range GetNameservers(resolvConf, types.IP) {
+ for _, nameserver := range GetNameservers(resolvConf) {
var address string
// If IPv6, strip zone if present
if strings.Contains(nameserver, ":") {
diff --git a/vendor/github.com/docker/libnetwork/LICENSE b/vendor/github.com/docker/libnetwork/LICENSE
deleted file mode 100644
index e06d20818..000000000
--- a/vendor/github.com/docker/libnetwork/LICENSE
+++ /dev/null
@@ -1,202 +0,0 @@
-Apache License
- Version 2.0, January 2004
- http://www.apache.org/licenses/
-
- TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
- 1. Definitions.
-
- "License" shall mean the terms and conditions for use, reproduction,
- and distribution as defined by Sections 1 through 9 of this document.
-
- "Licensor" shall mean the copyright owner or entity authorized by
- the copyright owner that is granting the License.
-
- "Legal Entity" shall mean the union of the acting entity and all
- other entities that control, are controlled by, or are under common
- control with that entity. For the purposes of this definition,
- "control" means (i) the power, direct or indirect, to cause the
- direction or management of such entity, whether by contract or
- otherwise, or (ii) ownership of fifty percent (50%) or more of the
- outstanding shares, or (iii) beneficial ownership of such entity.
-
- "You" (or "Your") shall mean an individual or Legal Entity
- exercising permissions granted by this License.
-
- "Source" form shall mean the preferred form for making modifications,
- including but not limited to software source code, documentation
- source, and configuration files.
-
- "Object" form shall mean any form resulting from mechanical
- transformation or translation of a Source form, including but
- not limited to compiled object code, generated documentation,
- and conversions to other media types.
-
- "Work" shall mean the work of authorship, whether in Source or
- Object form, made available under the License, as indicated by a
- copyright notice that is included in or attached to the work
- (an example is provided in the Appendix below).
-
- "Derivative Works" shall mean any work, whether in Source or Object
- form, that is based on (or derived from) the Work and for which the
- editorial revisions, annotations, elaborations, or other modifications
- represent, as a whole, an original work of authorship. For the purposes
- of this License, Derivative Works shall not include works that remain
- separable from, or merely link (or bind by name) to the interfaces of,
- the Work and Derivative Works thereof.
-
- "Contribution" shall mean any work of authorship, including
- the original version of the Work and any modifications or additions
- to that Work or Derivative Works thereof, that is intentionally
- submitted to Licensor for inclusion in the Work by the copyright owner
- or by an individual or Legal Entity authorized to submit on behalf of
- the copyright owner. For the purposes of this definition, "submitted"
- means any form of electronic, verbal, or written communication sent
- to the Licensor or its representatives, including but not limited to
- communication on electronic mailing lists, source code control systems,
- and issue tracking systems that are managed by, or on behalf of, the
- Licensor for the purpose of discussing and improving the Work, but
- excluding communication that is conspicuously marked or otherwise
- designated in writing by the copyright owner as "Not a Contribution."
-
- "Contributor" shall mean Licensor and any individual or Legal Entity
- on behalf of whom a Contribution has been received by Licensor and
- subsequently incorporated within the Work.
-
- 2. Grant of Copyright License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- copyright license to reproduce, prepare Derivative Works of,
- publicly display, publicly perform, sublicense, and distribute the
- Work and such Derivative Works in Source or Object form.
-
- 3. Grant of Patent License. Subject to the terms and conditions of
- this License, each Contributor hereby grants to You a perpetual,
- worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- (except as stated in this section) patent license to make, have made,
- use, offer to sell, sell, import, and otherwise transfer the Work,
- where such license applies only to those patent claims licensable
- by such Contributor that are necessarily infringed by their
- Contribution(s) alone or by combination of their Contribution(s)
- with the Work to which such Contribution(s) was submitted. If You
- institute patent litigation against any entity (including a
- cross-claim or counterclaim in a lawsuit) alleging that the Work
- or a Contribution incorporated within the Work constitutes direct
- or contributory patent infringement, then any patent licenses
- granted to You under this License for that Work shall terminate
- as of the date such litigation is filed.
-
- 4. Redistribution. You may reproduce and distribute copies of the
- Work or Derivative Works thereof in any medium, with or without
- modifications, and in Source or Object form, provided that You
- meet the following conditions:
-
- (a) You must give any other recipients of the Work or
- Derivative Works a copy of this License; and
-
- (b) You must cause any modified files to carry prominent notices
- stating that You changed the files; and
-
- (c) You must retain, in the Source form of any Derivative Works
- that You distribute, all copyright, patent, trademark, and
- attribution notices from the Source form of the Work,
- excluding those notices that do not pertain to any part of
- the Derivative Works; and
-
- (d) If the Work includes a "NOTICE" text file as part of its
- distribution, then any Derivative Works that You distribute must
- include a readable copy of the attribution notices contained
- within such NOTICE file, excluding those notices that do not
- pertain to any part of the Derivative Works, in at least one
- of the following places: within a NOTICE text file distributed
- as part of the Derivative Works; within the Source form or
- documentation, if provided along with the Derivative Works; or,
- within a display generated by the Derivative Works, if and
- wherever such third-party notices normally appear. The contents
- of the NOTICE file are for informational purposes only and
- do not modify the License. You may add Your own attribution
- notices within Derivative Works that You distribute, alongside
- or as an addendum to the NOTICE text from the Work, provided
- that such additional attribution notices cannot be construed
- as modifying the License.
-
- You may add Your own copyright statement to Your modifications and
- may provide additional or different license terms and conditions
- for use, reproduction, or distribution of Your modifications, or
- for any such Derivative Works as a whole, provided Your use,
- reproduction, and distribution of the Work otherwise complies with
- the conditions stated in this License.
-
- 5. Submission of Contributions. Unless You explicitly state otherwise,
- any Contribution intentionally submitted for inclusion in the Work
- by You to the Licensor shall be under the terms and conditions of
- this License, without any additional terms or conditions.
- Notwithstanding the above, nothing herein shall supersede or modify
- the terms of any separate license agreement you may have executed
- with Licensor regarding such Contributions.
-
- 6. Trademarks. This License does not grant permission to use the trade
- names, trademarks, service marks, or product names of the Licensor,
- except as required for reasonable and customary use in describing the
- origin of the Work and reproducing the content of the NOTICE file.
-
- 7. Disclaimer of Warranty. Unless required by applicable law or
- agreed to in writing, Licensor provides the Work (and each
- Contributor provides its Contributions) on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- implied, including, without limitation, any warranties or conditions
- of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- PARTICULAR PURPOSE. You are solely responsible for determining the
- appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.
-
- 8. Limitation of Liability. In no event and under no legal theory,
- whether in tort (including negligence), contract, or otherwise,
- unless required by applicable law (such as deliberate and grossly
- negligent acts) or agreed to in writing, shall any Contributor be
- liable to You for damages, including any direct, indirect, special,
- incidental, or consequential damages of any character arising as a
- result of this License or out of the use or inability to use the
- Work (including but not limited to damages for loss of goodwill,
- work stoppage, computer failure or malfunction, or any and all
- other commercial damages or losses), even if such Contributor
- has been advised of the possibility of such damages.
-
- 9. Accepting Warranty or Additional Liability. While redistributing
- the Work or Derivative Works thereof, You may choose to offer,
- and charge a fee for, acceptance of support, warranty, indemnity,
- or other liability obligations and/or rights consistent with this
- License. However, in accepting such obligations, You may act only
- on Your own behalf and on Your sole responsibility, not on behalf
- of any other Contributor, and only if You agree to indemnify,
- defend, and hold each Contributor harmless for any liability
- incurred by, or claims asserted against, such Contributor by reason
- of your accepting any such warranty or additional liability.
-
- END OF TERMS AND CONDITIONS
-
- APPENDIX: How to apply the Apache License to your work.
-
- To apply the Apache License to your work, attach the following
- boilerplate notice, with the fields enclosed by brackets "{}"
- replaced with your own identifying information. (Don't include
- the brackets!) The text should be enclosed in the appropriate
- comment syntax for the file format. We also recommend that a
- file or class name and description of purpose be included on the
- same "printed page" as the copyright notice for easier
- identification within third-party archives.
-
- Copyright {yyyy} {name of copyright owner}
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
diff --git a/vendor/github.com/docker/libnetwork/README.md b/vendor/github.com/docker/libnetwork/README.md
deleted file mode 100644
index a9020381a..000000000
--- a/vendor/github.com/docker/libnetwork/README.md
+++ /dev/null
@@ -1,100 +0,0 @@
-# libnetwork - networking for containers
-
-[![Circle CI](https://circleci.com/gh/docker/libnetwork/tree/master.svg?style=svg)](https://circleci.com/gh/docker/libnetwork/tree/master) [![Coverage Status](https://coveralls.io/repos/docker/libnetwork/badge.svg)](https://coveralls.io/r/docker/libnetwork) [![GoDoc](https://godoc.org/github.com/docker/libnetwork?status.svg)](https://godoc.org/github.com/docker/libnetwork) [![Go Report Card](https://goreportcard.com/badge/github.com/docker/libnetwork)](https://goreportcard.com/report/github.com/docker/libnetwork)
-
-Libnetwork provides a native Go implementation for connecting containers
-
-The goal of libnetwork is to deliver a robust Container Network Model that provides a consistent programming interface and the required network abstractions for applications.
-
-#### Design
-Please refer to the [design](docs/design.md) for more information.
-
-#### Using libnetwork
-
-There are many networking solutions available to suit a broad range of use-cases. libnetwork uses a driver / plugin model to support all of these solutions while abstracting the complexity of the driver implementations by exposing a simple and consistent Network Model to users.
-
-
-```go
-import (
- "fmt"
- "log"
-
- "github.com/docker/docker/pkg/reexec"
- "github.com/docker/libnetwork"
- "github.com/docker/libnetwork/config"
- "github.com/docker/libnetwork/netlabel"
- "github.com/docker/libnetwork/options"
-)
-
-func main() {
- if reexec.Init() {
- return
- }
-
- // Select and configure the network driver
- networkType := "bridge"
-
- // Create a new controller instance
- driverOptions := options.Generic{}
- genericOption := make(map[string]interface{})
- genericOption[netlabel.GenericData] = driverOptions
- controller, err := libnetwork.New(config.OptionDriverConfig(networkType, genericOption))
- if err != nil {
- log.Fatalf("libnetwork.New: %s", err)
- }
-
- // Create a network for containers to join.
- // NewNetwork accepts Variadic optional arguments that libnetwork and Drivers can use.
- network, err := controller.NewNetwork(networkType, "network1", "")
- if err != nil {
- log.Fatalf("controller.NewNetwork: %s", err)
- }
-
- // For each new container: allocate IP and interfaces. The returned network
- // settings will be used for container infos (inspect and such), as well as
- // iptables rules for port publishing. This info is contained or accessible
- // from the returned endpoint.
- ep, err := network.CreateEndpoint("Endpoint1")
- if err != nil {
- log.Fatalf("network.CreateEndpoint: %s", err)
- }
-
- // Create the sandbox for the container.
- // NewSandbox accepts Variadic optional arguments which libnetwork can use.
- sbx, err := controller.NewSandbox("container1",
- libnetwork.OptionHostname("test"),
- libnetwork.OptionDomainname("docker.io"))
- if err != nil {
- log.Fatalf("controller.NewSandbox: %s", err)
- }
-
- // A sandbox can join the endpoint via the join api.
- err = ep.Join(sbx)
- if err != nil {
- log.Fatalf("ep.Join: %s", err)
- }
-
- // libnetwork client can check the endpoint's operational data via the Info() API
- epInfo, err := ep.DriverInfo()
- if err != nil {
- log.Fatalf("ep.DriverInfo: %s", err)
- }
-
- macAddress, ok := epInfo[netlabel.MacAddress]
- if !ok {
- log.Fatalf("failed to get mac address from endpoint info")
- }
-
- fmt.Printf("Joined endpoint %s (%s) to sandbox %s (%s)\n", ep.Name(), macAddress, sbx.ContainerID(), sbx.Key())
-}
-```
-
-## Future
-Please refer to [roadmap](ROADMAP.md) for more information.
-
-## Contributing
-
-Want to hack on libnetwork? [Docker's contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md) apply.
-
-## Copyright and license
-Code and documentation copyright 2015 Docker, inc. Code released under the Apache 2.0 license. Docs released under Creative commons.
diff --git a/vendor/github.com/docker/libnetwork/ipamutils/utils.go b/vendor/github.com/docker/libnetwork/ipamutils/utils.go
deleted file mode 100644
index 3fd37cd88..000000000
--- a/vendor/github.com/docker/libnetwork/ipamutils/utils.go
+++ /dev/null
@@ -1,135 +0,0 @@
-// Package ipamutils provides utility functions for ipam management
-package ipamutils
-
-import (
- "fmt"
- "net"
- "sync"
-)
-
-var (
- // PredefinedLocalScopeDefaultNetworks contains a list of 31 IPv4 private networks with host size 16 and 12
- // (172.17-31.x.x/16, 192.168.x.x/20) which do not overlap with the networks in `PredefinedGlobalScopeDefaultNetworks`
- PredefinedLocalScopeDefaultNetworks []*net.IPNet
- // PredefinedGlobalScopeDefaultNetworks contains a list of 64K IPv4 private networks with host size 8
- // (10.x.x.x/24) which do not overlap with the networks in `PredefinedLocalScopeDefaultNetworks`
- PredefinedGlobalScopeDefaultNetworks []*net.IPNet
- mutex sync.Mutex
- localScopeDefaultNetworks = []*NetworkToSplit{{"172.17.0.0/16", 16}, {"172.18.0.0/16", 16}, {"172.19.0.0/16", 16},
- {"172.20.0.0/14", 16}, {"172.24.0.0/14", 16}, {"172.28.0.0/14", 16},
- {"192.168.0.0/16", 20}}
- globalScopeDefaultNetworks = []*NetworkToSplit{{"10.0.0.0/8", 24}}
-)
-
-// NetworkToSplit represent a network that has to be split in chunks with mask length Size.
-// Each subnet in the set is derived from the Base pool. Base is to be passed
-// in CIDR format.
-// Example: a Base "10.10.0.0/16 with Size 24 will define the set of 256
-// 10.10.[0-255].0/24 address pools
-type NetworkToSplit struct {
- Base string `json:"base"`
- Size int `json:"size"`
-}
-
-func init() {
- var err error
- if PredefinedGlobalScopeDefaultNetworks, err = splitNetworks(globalScopeDefaultNetworks); err != nil {
- //we are going to panic in case of error as we should never get into this state
- panic("InitAddressPools failed to initialize the global scope default address pool")
- }
-
- if PredefinedLocalScopeDefaultNetworks, err = splitNetworks(localScopeDefaultNetworks); err != nil {
- //we are going to panic in case of error as we should never get into this state
- panic("InitAddressPools failed to initialize the local scope default address pool")
- }
-}
-
-// configDefaultNetworks configures local as well global default pool based on input
-func configDefaultNetworks(defaultAddressPool []*NetworkToSplit, result *[]*net.IPNet) error {
- mutex.Lock()
- defer mutex.Unlock()
- defaultNetworks, err := splitNetworks(defaultAddressPool)
- if err != nil {
- return err
- }
- *result = defaultNetworks
- return nil
-}
-
-// GetGlobalScopeDefaultNetworks returns PredefinedGlobalScopeDefaultNetworks
-func GetGlobalScopeDefaultNetworks() []*net.IPNet {
- mutex.Lock()
- defer mutex.Unlock()
- return PredefinedGlobalScopeDefaultNetworks
-}
-
-// GetLocalScopeDefaultNetworks returns PredefinedLocalScopeDefaultNetworks
-func GetLocalScopeDefaultNetworks() []*net.IPNet {
- mutex.Lock()
- defer mutex.Unlock()
- return PredefinedLocalScopeDefaultNetworks
-}
-
-// ConfigGlobalScopeDefaultNetworks configures global default pool.
-// Ideally this will be called from SwarmKit as part of swarm init
-func ConfigGlobalScopeDefaultNetworks(defaultAddressPool []*NetworkToSplit) error {
- if defaultAddressPool == nil {
- defaultAddressPool = globalScopeDefaultNetworks
- }
- return configDefaultNetworks(defaultAddressPool, &PredefinedGlobalScopeDefaultNetworks)
-}
-
-// ConfigLocalScopeDefaultNetworks configures local default pool.
-// Ideally this will be called during libnetwork init
-func ConfigLocalScopeDefaultNetworks(defaultAddressPool []*NetworkToSplit) error {
- if defaultAddressPool == nil {
- return nil
- }
- return configDefaultNetworks(defaultAddressPool, &PredefinedLocalScopeDefaultNetworks)
-}
-
-// splitNetworks takes a slice of networks, split them accordingly and returns them
-func splitNetworks(list []*NetworkToSplit) ([]*net.IPNet, error) {
- localPools := make([]*net.IPNet, 0, len(list))
-
- for _, p := range list {
- _, b, err := net.ParseCIDR(p.Base)
- if err != nil {
- return nil, fmt.Errorf("invalid base pool %q: %v", p.Base, err)
- }
- ones, _ := b.Mask.Size()
- if p.Size <= 0 || p.Size < ones {
- return nil, fmt.Errorf("invalid pools size: %d", p.Size)
- }
- localPools = append(localPools, splitNetwork(p.Size, b)...)
- }
- return localPools, nil
-}
-
-func splitNetwork(size int, base *net.IPNet) []*net.IPNet {
- one, bits := base.Mask.Size()
- mask := net.CIDRMask(size, bits)
- n := 1 << uint(size-one)
- s := uint(bits - size)
- list := make([]*net.IPNet, 0, n)
-
- for i := 0; i < n; i++ {
- ip := copyIP(base.IP)
- addIntToIP(ip, uint(i<<s))
- list = append(list, &net.IPNet{IP: ip, Mask: mask})
- }
- return list
-}
-
-func copyIP(from net.IP) net.IP {
- ip := make([]byte, len(from))
- copy(ip, from)
- return ip
-}
-
-func addIntToIP(array net.IP, ordinal uint) {
- for i := len(array) - 1; i >= 0; i-- {
- array[i] |= (byte)(ordinal & 0xff)
- ordinal >>= 8
- }
-}
diff --git a/vendor/github.com/docker/libnetwork/netutils/utils.go b/vendor/github.com/docker/libnetwork/netutils/utils.go
deleted file mode 100644
index 7de98f6b0..000000000
--- a/vendor/github.com/docker/libnetwork/netutils/utils.go
+++ /dev/null
@@ -1,194 +0,0 @@
-// Network utility functions.
-
-package netutils
-
-import (
- "crypto/rand"
- "encoding/hex"
- "errors"
- "fmt"
- "io"
- "net"
- "strings"
-
- "github.com/docker/libnetwork/types"
-)
-
-var (
- // ErrNetworkOverlapsWithNameservers preformatted error
- ErrNetworkOverlapsWithNameservers = errors.New("requested network overlaps with nameserver")
- // ErrNetworkOverlaps preformatted error
- ErrNetworkOverlaps = errors.New("requested network overlaps with existing network")
- // ErrNoDefaultRoute preformatted error
- ErrNoDefaultRoute = errors.New("no default route")
-)
-
-// CheckNameserverOverlaps checks whether the passed network overlaps with any of the nameservers
-func CheckNameserverOverlaps(nameservers []string, toCheck *net.IPNet) error {
- if len(nameservers) > 0 {
- for _, ns := range nameservers {
- _, nsNetwork, err := net.ParseCIDR(ns)
- if err != nil {
- return err
- }
- if NetworkOverlaps(toCheck, nsNetwork) {
- return ErrNetworkOverlapsWithNameservers
- }
- }
- }
- return nil
-}
-
-// NetworkOverlaps detects overlap between one IPNet and another
-func NetworkOverlaps(netX *net.IPNet, netY *net.IPNet) bool {
- return netX.Contains(netY.IP) || netY.Contains(netX.IP)
-}
-
-// NetworkRange calculates the first and last IP addresses in an IPNet
-func NetworkRange(network *net.IPNet) (net.IP, net.IP) {
- if network == nil {
- return nil, nil
- }
-
- firstIP := network.IP.Mask(network.Mask)
- lastIP := types.GetIPCopy(firstIP)
- for i := 0; i < len(firstIP); i++ {
- lastIP[i] = firstIP[i] | ^network.Mask[i]
- }
-
- if network.IP.To4() != nil {
- firstIP = firstIP.To4()
- lastIP = lastIP.To4()
- }
-
- return firstIP, lastIP
-}
-
-// GetIfaceAddr returns the first IPv4 address and slice of IPv6 addresses for the specified network interface
-func GetIfaceAddr(name string) (net.Addr, []net.Addr, error) {
- iface, err := net.InterfaceByName(name)
- if err != nil {
- return nil, nil, err
- }
- addrs, err := iface.Addrs()
- if err != nil {
- return nil, nil, err
- }
- var addrs4 []net.Addr
- var addrs6 []net.Addr
- for _, addr := range addrs {
- ip := (addr.(*net.IPNet)).IP
- if ip4 := ip.To4(); ip4 != nil {
- addrs4 = append(addrs4, addr)
- } else if ip6 := ip.To16(); len(ip6) == net.IPv6len {
- addrs6 = append(addrs6, addr)
- }
- }
- switch {
- case len(addrs4) == 0:
- return nil, nil, fmt.Errorf("Interface %v has no IPv4 addresses", name)
- case len(addrs4) > 1:
- fmt.Printf("Interface %v has more than 1 IPv4 address. Defaulting to using %v\n",
- name, (addrs4[0].(*net.IPNet)).IP)
- }
- return addrs4[0], addrs6, nil
-}
-
-func genMAC(ip net.IP) net.HardwareAddr {
- hw := make(net.HardwareAddr, 6)
- // The first byte of the MAC address has to comply with these rules:
- // 1. Unicast: Set the least-significant bit to 0.
- // 2. Address is locally administered: Set the second-least-significant bit (U/L) to 1.
- hw[0] = 0x02
- // The first 24 bits of the MAC represent the Organizationally Unique Identifier (OUI).
- // Since this address is locally administered, we can do whatever we want as long as
- // it doesn't conflict with other addresses.
- hw[1] = 0x42
- // Fill the remaining 4 bytes based on the input
- if ip == nil {
- rand.Read(hw[2:])
- } else {
- copy(hw[2:], ip.To4())
- }
- return hw
-}
-
-// GenerateRandomMAC returns a new 6-byte(48-bit) hardware address (MAC)
-func GenerateRandomMAC() net.HardwareAddr {
- return genMAC(nil)
-}
-
-// GenerateMACFromIP returns a locally administered MAC address where the 4 least
-// significant bytes are derived from the IPv4 address.
-func GenerateMACFromIP(ip net.IP) net.HardwareAddr {
- return genMAC(ip)
-}
-
-// GenerateRandomName returns a new name joined with a prefix. This size
-// specified is used to truncate the randomly generated value
-func GenerateRandomName(prefix string, size int) (string, error) {
- id := make([]byte, 32)
- if _, err := io.ReadFull(rand.Reader, id); err != nil {
- return "", err
- }
- return prefix + hex.EncodeToString(id)[:size], nil
-}
-
-// ReverseIP accepts a V4 or V6 IP string in the canonical form and returns a reversed IP in
-// the dotted decimal form . This is used to setup the IP to service name mapping in the optimal
-// way for the DNS PTR queries.
-func ReverseIP(IP string) string {
- var reverseIP []string
-
- if net.ParseIP(IP).To4() != nil {
- reverseIP = strings.Split(IP, ".")
- l := len(reverseIP)
- for i, j := 0, l-1; i < l/2; i, j = i+1, j-1 {
- reverseIP[i], reverseIP[j] = reverseIP[j], reverseIP[i]
- }
- } else {
- reverseIP = strings.Split(IP, ":")
-
- // Reversed IPv6 is represented in dotted decimal instead of the typical
- // colon hex notation
- for key := range reverseIP {
- if len(reverseIP[key]) == 0 { // expand the compressed 0s
- reverseIP[key] = strings.Repeat("0000", 8-strings.Count(IP, ":"))
- } else if len(reverseIP[key]) < 4 { // 0-padding needed
- reverseIP[key] = strings.Repeat("0", 4-len(reverseIP[key])) + reverseIP[key]
- }
- }
-
- reverseIP = strings.Split(strings.Join(reverseIP, ""), "")
-
- l := len(reverseIP)
- for i, j := 0, l-1; i < l/2; i, j = i+1, j-1 {
- reverseIP[i], reverseIP[j] = reverseIP[j], reverseIP[i]
- }
- }
-
- return strings.Join(reverseIP, ".")
-}
-
-// ParseAlias parses and validates the specified string as an alias format (name:alias)
-func ParseAlias(val string) (string, string, error) {
- if val == "" {
- return "", "", errors.New("empty string specified for alias")
- }
- arr := strings.Split(val, ":")
- if len(arr) > 2 {
- return "", "", fmt.Errorf("bad format for alias: %s", val)
- }
- if len(arr) == 1 {
- return val, val, nil
- }
- return arr[0], arr[1], nil
-}
-
-// ValidateAlias validates that the specified string has a valid alias format (containerName:alias).
-func ValidateAlias(val string) (string, error) {
- if _, _, err := ParseAlias(val); err != nil {
- return val, err
- }
- return val, nil
-}
diff --git a/vendor/github.com/docker/libnetwork/netutils/utils_freebsd.go b/vendor/github.com/docker/libnetwork/netutils/utils_freebsd.go
deleted file mode 100644
index 02bcd32aa..000000000
--- a/vendor/github.com/docker/libnetwork/netutils/utils_freebsd.go
+++ /dev/null
@@ -1,23 +0,0 @@
-package netutils
-
-import (
- "net"
-
- "github.com/docker/libnetwork/types"
-)
-
-// ElectInterfaceAddresses looks for an interface on the OS with the specified name
-// and returns returns all its IPv4 and IPv6 addresses in CIDR notation.
-// If a failure in retrieving the addresses or no IPv4 address is found, an error is returned.
-// If the interface does not exist, it chooses from a predefined
-// list the first IPv4 address which does not conflict with other
-// interfaces on the system.
-func ElectInterfaceAddresses(name string) ([]*net.IPNet, []*net.IPNet, error) {
- return nil, nil, types.NotImplementedErrorf("not supported on freebsd")
-}
-
-// FindAvailableNetwork returns a network from the passed list which does not
-// overlap with existing interfaces in the system
-func FindAvailableNetwork(list []*net.IPNet) (*net.IPNet, error) {
- return nil, types.NotImplementedErrorf("not supported on freebsd")
-}
diff --git a/vendor/github.com/docker/libnetwork/netutils/utils_linux.go b/vendor/github.com/docker/libnetwork/netutils/utils_linux.go
deleted file mode 100644
index 10a5e109e..000000000
--- a/vendor/github.com/docker/libnetwork/netutils/utils_linux.go
+++ /dev/null
@@ -1,126 +0,0 @@
-// +build linux
-// Network utility functions.
-
-package netutils
-
-import (
- "fmt"
- "net"
- "strings"
-
- "github.com/docker/libnetwork/ipamutils"
- "github.com/docker/libnetwork/ns"
- "github.com/docker/libnetwork/osl"
- "github.com/docker/libnetwork/resolvconf"
- "github.com/docker/libnetwork/types"
- "github.com/vishvananda/netlink"
-)
-
-var (
- networkGetRoutesFct func(netlink.Link, int) ([]netlink.Route, error)
-)
-
-// CheckRouteOverlaps checks whether the passed network overlaps with any existing routes
-func CheckRouteOverlaps(toCheck *net.IPNet) error {
- if networkGetRoutesFct == nil {
- networkGetRoutesFct = ns.NlHandle().RouteList
- }
- networks, err := networkGetRoutesFct(nil, netlink.FAMILY_V4)
- if err != nil {
- return err
- }
- for _, network := range networks {
- if network.Dst != nil && NetworkOverlaps(toCheck, network.Dst) {
- return ErrNetworkOverlaps
- }
- }
- return nil
-}
-
-// GenerateIfaceName returns an interface name using the passed in
-// prefix and the length of random bytes. The api ensures that the
-// there are is no interface which exists with that name.
-func GenerateIfaceName(nlh *netlink.Handle, prefix string, len int) (string, error) {
- linkByName := netlink.LinkByName
- if nlh != nil {
- linkByName = nlh.LinkByName
- }
- for i := 0; i < 3; i++ {
- name, err := GenerateRandomName(prefix, len)
- if err != nil {
- continue
- }
- _, err = linkByName(name)
- if err != nil {
- if strings.Contains(err.Error(), "not found") {
- return name, nil
- }
- return "", err
- }
- }
- return "", types.InternalErrorf("could not generate interface name")
-}
-
-// ElectInterfaceAddresses looks for an interface on the OS with the
-// specified name and returns returns all its IPv4 and IPv6 addresses in CIDR notation.
-// If a failure in retrieving the addresses or no IPv4 address is found, an error is returned.
-// If the interface does not exist, it chooses from a predefined
-// list the first IPv4 address which does not conflict with other
-// interfaces on the system.
-func ElectInterfaceAddresses(name string) ([]*net.IPNet, []*net.IPNet, error) {
- var (
- v4Nets []*net.IPNet
- v6Nets []*net.IPNet
- )
-
- defer osl.InitOSContext()()
-
- link, _ := ns.NlHandle().LinkByName(name)
- if link != nil {
- v4addr, err := ns.NlHandle().AddrList(link, netlink.FAMILY_V4)
- if err != nil {
- return nil, nil, err
- }
- v6addr, err := ns.NlHandle().AddrList(link, netlink.FAMILY_V6)
- if err != nil {
- return nil, nil, err
- }
- for _, nlAddr := range v4addr {
- v4Nets = append(v4Nets, nlAddr.IPNet)
- }
- for _, nlAddr := range v6addr {
- v6Nets = append(v6Nets, nlAddr.IPNet)
- }
- }
-
- if link == nil || len(v4Nets) == 0 {
- // Choose from predefined local scope networks
- v4Net, err := FindAvailableNetwork(ipamutils.PredefinedLocalScopeDefaultNetworks)
- if err != nil {
- return nil, nil, err
- }
- v4Nets = append(v4Nets, v4Net)
- }
-
- return v4Nets, v6Nets, nil
-}
-
-// FindAvailableNetwork returns a network from the passed list which does not
-// overlap with existing interfaces in the system
-func FindAvailableNetwork(list []*net.IPNet) (*net.IPNet, error) {
- // We don't check for an error here, because we don't really care if we
- // can't read /etc/resolv.conf. So instead we skip the append if resolvConf
- // is nil. It either doesn't exist, or we can't read it for some reason.
- var nameservers []string
- if rc, err := resolvconf.Get(); err == nil {
- nameservers = resolvconf.GetNameserversAsCIDR(rc.Content)
- }
- for _, nw := range list {
- if err := CheckNameserverOverlaps(nameservers, nw); err == nil {
- if err := CheckRouteOverlaps(nw); err == nil {
- return nw, nil
- }
- }
- }
- return nil, fmt.Errorf("no available network")
-}
diff --git a/vendor/github.com/docker/libnetwork/netutils/utils_windows.go b/vendor/github.com/docker/libnetwork/netutils/utils_windows.go
deleted file mode 100644
index 73af44ec7..000000000
--- a/vendor/github.com/docker/libnetwork/netutils/utils_windows.go
+++ /dev/null
@@ -1,25 +0,0 @@
-package netutils
-
-import (
- "net"
-
- "github.com/docker/libnetwork/types"
-)
-
-// ElectInterfaceAddresses looks for an interface on the OS with the specified name
-// and returns returns all its IPv4 and IPv6 addresses in CIDR notation.
-// If a failure in retrieving the addresses or no IPv4 address is found, an error is returned.
-// If the interface does not exist, it chooses from a predefined
-// list the first IPv4 address which does not conflict with other
-// interfaces on the system.
-func ElectInterfaceAddresses(name string) ([]*net.IPNet, []*net.IPNet, error) {
- return nil, nil, types.NotImplementedErrorf("not supported on windows")
-}
-
-// FindAvailableNetwork returns a network from the passed list which does not
-// overlap with existing interfaces in the system
-
-// TODO : Use appropriate windows APIs to identify non-overlapping subnets
-func FindAvailableNetwork(list []*net.IPNet) (*net.IPNet, error) {
- return nil, nil
-}
diff --git a/vendor/github.com/docker/libnetwork/ns/init_linux.go b/vendor/github.com/docker/libnetwork/ns/init_linux.go
deleted file mode 100644
index 567a6242a..000000000
--- a/vendor/github.com/docker/libnetwork/ns/init_linux.go
+++ /dev/null
@@ -1,140 +0,0 @@
-package ns
-
-import (
- "fmt"
- "os"
- "os/exec"
- "strings"
- "sync"
- "syscall"
- "time"
-
- "github.com/sirupsen/logrus"
- "github.com/vishvananda/netlink"
- "github.com/vishvananda/netns"
-)
-
-var (
- initNs netns.NsHandle
- initNl *netlink.Handle
- initOnce sync.Once
- // NetlinkSocketsTimeout represents the default timeout duration for the sockets
- NetlinkSocketsTimeout = 3 * time.Second
-)
-
-// Init initializes a new network namespace
-func Init() {
- var err error
- initNs, err = netns.Get()
- if err != nil {
- logrus.Errorf("could not get initial namespace: %v", err)
- }
- initNl, err = netlink.NewHandle(getSupportedNlFamilies()...)
- if err != nil {
- logrus.Errorf("could not create netlink handle on initial namespace: %v", err)
- }
- err = initNl.SetSocketTimeout(NetlinkSocketsTimeout)
- if err != nil {
- logrus.Warnf("Failed to set the timeout on the default netlink handle sockets: %v", err)
- }
-}
-
-// SetNamespace sets the initial namespace handler
-func SetNamespace() error {
- initOnce.Do(Init)
- if err := netns.Set(initNs); err != nil {
- linkInfo, linkErr := getLink()
- if linkErr != nil {
- linkInfo = linkErr.Error()
- }
- return fmt.Errorf("failed to set to initial namespace, %v, initns fd %d: %v", linkInfo, initNs, err)
- }
- return nil
-}
-
-// ParseHandlerInt transforms the namespace handler into an integer
-func ParseHandlerInt() int {
- return int(getHandler())
-}
-
-// GetHandler returns the namespace handler
-func getHandler() netns.NsHandle {
- initOnce.Do(Init)
- return initNs
-}
-
-func getLink() (string, error) {
- return os.Readlink(fmt.Sprintf("/proc/%d/task/%d/ns/net", os.Getpid(), syscall.Gettid()))
-}
-
-// NlHandle returns the netlink handler
-func NlHandle() *netlink.Handle {
- initOnce.Do(Init)
- return initNl
-}
-
-func getSupportedNlFamilies() []int {
- fams := []int{syscall.NETLINK_ROUTE}
- // NETLINK_XFRM test
- if err := loadXfrmModules(); err != nil {
- if checkXfrmSocket() != nil {
- logrus.Warnf("Could not load necessary modules for IPSEC rules: %v", err)
- } else {
- fams = append(fams, syscall.NETLINK_XFRM)
- }
- } else {
- fams = append(fams, syscall.NETLINK_XFRM)
- }
- // NETLINK_NETFILTER test
- if err := loadNfConntrackModules(); err != nil {
- if checkNfSocket() != nil {
- logrus.Warnf("Could not load necessary modules for Conntrack: %v", err)
- } else {
- fams = append(fams, syscall.NETLINK_NETFILTER)
- }
- } else {
- fams = append(fams, syscall.NETLINK_NETFILTER)
- }
-
- return fams
-}
-
-func loadXfrmModules() error {
- if out, err := exec.Command("modprobe", "-va", "xfrm_user").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe xfrm_user failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- if out, err := exec.Command("modprobe", "-va", "xfrm_algo").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe xfrm_algo failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- return nil
-}
-
-// API check on required xfrm modules (xfrm_user, xfrm_algo)
-func checkXfrmSocket() error {
- fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, syscall.NETLINK_XFRM)
- if err != nil {
- return err
- }
- syscall.Close(fd)
- return nil
-}
-
-func loadNfConntrackModules() error {
- if out, err := exec.Command("modprobe", "-va", "nf_conntrack").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe nf_conntrack failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- if out, err := exec.Command("modprobe", "-va", "nf_conntrack_netlink").CombinedOutput(); err != nil {
- return fmt.Errorf("Running modprobe nf_conntrack_netlink failed with message: `%s`, error: %v", strings.TrimSpace(string(out)), err)
- }
- return nil
-}
-
-// API check on required nf_conntrack* modules (nf_conntrack, nf_conntrack_netlink)
-func checkNfSocket() error {
- fd, err := syscall.Socket(syscall.AF_NETLINK, syscall.SOCK_RAW, syscall.NETLINK_NETFILTER)
- if err != nil {
- return err
- }
- syscall.Close(fd)
- return nil
-}
diff --git a/vendor/github.com/docker/libnetwork/ns/init_windows.go b/vendor/github.com/docker/libnetwork/ns/init_windows.go
deleted file mode 100644
index f5838f81d..000000000
--- a/vendor/github.com/docker/libnetwork/ns/init_windows.go
+++ /dev/null
@@ -1,3 +0,0 @@
-package ns
-
-// File is present so that go build ./... is closer to working on Windows from repo root.
diff --git a/vendor/github.com/docker/libnetwork/osl/interface_freebsd.go b/vendor/github.com/docker/libnetwork/osl/interface_freebsd.go
deleted file mode 100644
index 9c0141fd9..000000000
--- a/vendor/github.com/docker/libnetwork/osl/interface_freebsd.go
+++ /dev/null
@@ -1,4 +0,0 @@
-package osl
-
-// IfaceOption is a function option type to set interface options
-type IfaceOption func()
diff --git a/vendor/github.com/docker/libnetwork/osl/interface_linux.go b/vendor/github.com/docker/libnetwork/osl/interface_linux.go
deleted file mode 100644
index 4f8ff3d63..000000000
--- a/vendor/github.com/docker/libnetwork/osl/interface_linux.go
+++ /dev/null
@@ -1,460 +0,0 @@
-package osl
-
-import (
- "fmt"
- "net"
- "regexp"
- "sync"
- "syscall"
- "time"
-
- "github.com/docker/libnetwork/ns"
- "github.com/docker/libnetwork/types"
- "github.com/sirupsen/logrus"
- "github.com/vishvananda/netlink"
- "github.com/vishvananda/netns"
-)
-
-// IfaceOption is a function option type to set interface options
-type IfaceOption func(i *nwIface)
-
-type nwIface struct {
- srcName string
- dstName string
- master string
- dstMaster string
- mac net.HardwareAddr
- address *net.IPNet
- addressIPv6 *net.IPNet
- llAddrs []*net.IPNet
- routes []*net.IPNet
- bridge bool
- ns *networkNamespace
- sync.Mutex
-}
-
-func (i *nwIface) SrcName() string {
- i.Lock()
- defer i.Unlock()
-
- return i.srcName
-}
-
-func (i *nwIface) DstName() string {
- i.Lock()
- defer i.Unlock()
-
- return i.dstName
-}
-
-func (i *nwIface) DstMaster() string {
- i.Lock()
- defer i.Unlock()
-
- return i.dstMaster
-}
-
-func (i *nwIface) Bridge() bool {
- i.Lock()
- defer i.Unlock()
-
- return i.bridge
-}
-
-func (i *nwIface) Master() string {
- i.Lock()
- defer i.Unlock()
-
- return i.master
-}
-
-func (i *nwIface) MacAddress() net.HardwareAddr {
- i.Lock()
- defer i.Unlock()
-
- return types.GetMacCopy(i.mac)
-}
-
-func (i *nwIface) Address() *net.IPNet {
- i.Lock()
- defer i.Unlock()
-
- return types.GetIPNetCopy(i.address)
-}
-
-func (i *nwIface) AddressIPv6() *net.IPNet {
- i.Lock()
- defer i.Unlock()
-
- return types.GetIPNetCopy(i.addressIPv6)
-}
-
-func (i *nwIface) LinkLocalAddresses() []*net.IPNet {
- i.Lock()
- defer i.Unlock()
-
- return i.llAddrs
-}
-
-func (i *nwIface) Routes() []*net.IPNet {
- i.Lock()
- defer i.Unlock()
-
- routes := make([]*net.IPNet, len(i.routes))
- for index, route := range i.routes {
- r := types.GetIPNetCopy(route)
- routes[index] = r
- }
-
- return routes
-}
-
-func (n *networkNamespace) Interfaces() []Interface {
- n.Lock()
- defer n.Unlock()
-
- ifaces := make([]Interface, len(n.iFaces))
-
- for i, iface := range n.iFaces {
- ifaces[i] = iface
- }
-
- return ifaces
-}
-
-func (i *nwIface) Remove() error {
- i.Lock()
- n := i.ns
- i.Unlock()
-
- n.Lock()
- isDefault := n.isDefault
- nlh := n.nlHandle
- n.Unlock()
-
- // Find the network interface identified by the DstName attribute.
- iface, err := nlh.LinkByName(i.DstName())
- if err != nil {
- return err
- }
-
- // Down the interface before configuring
- if err := nlh.LinkSetDown(iface); err != nil {
- return err
- }
-
- err = nlh.LinkSetName(iface, i.SrcName())
- if err != nil {
- logrus.Debugf("LinkSetName failed for interface %s: %v", i.SrcName(), err)
- return err
- }
-
- // if it is a bridge just delete it.
- if i.Bridge() {
- if err := nlh.LinkDel(iface); err != nil {
- return fmt.Errorf("failed deleting bridge %q: %v", i.SrcName(), err)
- }
- } else if !isDefault {
- // Move the network interface to caller namespace.
- if err := nlh.LinkSetNsFd(iface, ns.ParseHandlerInt()); err != nil {
- logrus.Debugf("LinkSetNsPid failed for interface %s: %v", i.SrcName(), err)
- return err
- }
- }
-
- n.Lock()
- for index, intf := range n.iFaces {
- if intf == i {
- n.iFaces = append(n.iFaces[:index], n.iFaces[index+1:]...)
- break
- }
- }
- n.Unlock()
-
- n.checkLoV6()
-
- return nil
-}
-
-// Returns the sandbox's side veth interface statistics
-func (i *nwIface) Statistics() (*types.InterfaceStatistics, error) {
- i.Lock()
- n := i.ns
- i.Unlock()
-
- l, err := n.nlHandle.LinkByName(i.DstName())
- if err != nil {
- return nil, fmt.Errorf("failed to retrieve the statistics for %s in netns %s: %v", i.DstName(), n.path, err)
- }
-
- stats := l.Attrs().Statistics
- if stats == nil {
- return nil, fmt.Errorf("no statistics were returned")
- }
-
- return &types.InterfaceStatistics{
- RxBytes: uint64(stats.RxBytes),
- TxBytes: uint64(stats.TxBytes),
- RxPackets: uint64(stats.RxPackets),
- TxPackets: uint64(stats.TxPackets),
- RxDropped: uint64(stats.RxDropped),
- TxDropped: uint64(stats.TxDropped),
- }, nil
-}
-
-func (n *networkNamespace) findDst(srcName string, isBridge bool) string {
- n.Lock()
- defer n.Unlock()
-
- for _, i := range n.iFaces {
- // The master should match the srcname of the interface and the
- // master interface should be of type bridge, if searching for a bridge type
- if i.SrcName() == srcName && (!isBridge || i.Bridge()) {
- return i.DstName()
- }
- }
-
- return ""
-}
-
-func (n *networkNamespace) AddInterface(srcName, dstPrefix string, options ...IfaceOption) error {
- i := &nwIface{srcName: srcName, dstName: dstPrefix, ns: n}
- i.processInterfaceOptions(options...)
-
- if i.master != "" {
- i.dstMaster = n.findDst(i.master, true)
- if i.dstMaster == "" {
- return fmt.Errorf("could not find an appropriate master %q for %q",
- i.master, i.srcName)
- }
- }
-
- n.Lock()
- if n.isDefault {
- i.dstName = i.srcName
- } else {
- i.dstName = fmt.Sprintf("%s%d", dstPrefix, n.nextIfIndex[dstPrefix])
- n.nextIfIndex[dstPrefix]++
- }
-
- path := n.path
- isDefault := n.isDefault
- nlh := n.nlHandle
- nlhHost := ns.NlHandle()
- n.Unlock()
-
- // If it is a bridge interface we have to create the bridge inside
- // the namespace so don't try to lookup the interface using srcName
- if i.bridge {
- link := &netlink.Bridge{
- LinkAttrs: netlink.LinkAttrs{
- Name: i.srcName,
- },
- }
- if err := nlh.LinkAdd(link); err != nil {
- return fmt.Errorf("failed to create bridge %q: %v", i.srcName, err)
- }
- } else {
- // Find the network interface identified by the SrcName attribute.
- iface, err := nlhHost.LinkByName(i.srcName)
- if err != nil {
- return fmt.Errorf("failed to get link by name %q: %v", i.srcName, err)
- }
-
- // Move the network interface to the destination
- // namespace only if the namespace is not a default
- // type
- if !isDefault {
- newNs, err := netns.GetFromPath(path)
- if err != nil {
- return fmt.Errorf("failed get network namespace %q: %v", path, err)
- }
- defer newNs.Close()
- if err := nlhHost.LinkSetNsFd(iface, int(newNs)); err != nil {
- return fmt.Errorf("failed to set namespace on link %q: %v", i.srcName, err)
- }
- }
- }
-
- // Find the network interface identified by the SrcName attribute.
- iface, err := nlh.LinkByName(i.srcName)
- if err != nil {
- return fmt.Errorf("failed to get link by name %q: %v", i.srcName, err)
- }
-
- // Down the interface before configuring
- if err := nlh.LinkSetDown(iface); err != nil {
- return fmt.Errorf("failed to set link down: %v", err)
- }
-
- // Configure the interface now this is moved in the proper namespace.
- if err := configureInterface(nlh, iface, i); err != nil {
- // If configuring the device fails move it back to the host namespace
- // and change the name back to the source name. This allows the caller
- // to properly cleanup the interface. Its important especially for
- // interfaces with global attributes, ex: vni id for vxlan interfaces.
- if nerr := nlh.LinkSetName(iface, i.SrcName()); nerr != nil {
- logrus.Errorf("renaming interface (%s->%s) failed, %v after config error %v", i.DstName(), i.SrcName(), nerr, err)
- }
- if nerr := nlh.LinkSetNsFd(iface, ns.ParseHandlerInt()); nerr != nil {
- logrus.Errorf("moving interface %s to host ns failed, %v, after config error %v", i.SrcName(), nerr, err)
- }
- return err
- }
-
- // Up the interface.
- cnt := 0
- for err = nlh.LinkSetUp(iface); err != nil && cnt < 3; cnt++ {
- logrus.Debugf("retrying link setup because of: %v", err)
- time.Sleep(10 * time.Millisecond)
- err = nlh.LinkSetUp(iface)
- }
- if err != nil {
- return fmt.Errorf("failed to set link up: %v", err)
- }
-
- // Set the routes on the interface. This can only be done when the interface is up.
- if err := setInterfaceRoutes(nlh, iface, i); err != nil {
- return fmt.Errorf("error setting interface %q routes to %q: %v", iface.Attrs().Name, i.Routes(), err)
- }
-
- n.Lock()
- n.iFaces = append(n.iFaces, i)
- n.Unlock()
-
- n.checkLoV6()
-
- return nil
-}
-
-func configureInterface(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- ifaceName := iface.Attrs().Name
- ifaceConfigurators := []struct {
- Fn func(*netlink.Handle, netlink.Link, *nwIface) error
- ErrMessage string
- }{
- {setInterfaceName, fmt.Sprintf("error renaming interface %q to %q", ifaceName, i.DstName())},
- {setInterfaceMAC, fmt.Sprintf("error setting interface %q MAC to %q", ifaceName, i.MacAddress())},
- {setInterfaceIP, fmt.Sprintf("error setting interface %q IP to %v", ifaceName, i.Address())},
- {setInterfaceIPv6, fmt.Sprintf("error setting interface %q IPv6 to %v", ifaceName, i.AddressIPv6())},
- {setInterfaceMaster, fmt.Sprintf("error setting interface %q master to %q", ifaceName, i.DstMaster())},
- {setInterfaceLinkLocalIPs, fmt.Sprintf("error setting interface %q link local IPs to %v", ifaceName, i.LinkLocalAddresses())},
- }
-
- for _, config := range ifaceConfigurators {
- if err := config.Fn(nlh, iface, i); err != nil {
- return fmt.Errorf("%s: %v", config.ErrMessage, err)
- }
- }
- return nil
-}
-
-func setInterfaceMaster(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- if i.DstMaster() == "" {
- return nil
- }
-
- return nlh.LinkSetMaster(iface, &netlink.Bridge{
- LinkAttrs: netlink.LinkAttrs{Name: i.DstMaster()}})
-}
-
-func setInterfaceMAC(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- if i.MacAddress() == nil {
- return nil
- }
- return nlh.LinkSetHardwareAddr(iface, i.MacAddress())
-}
-
-func setInterfaceIP(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- if i.Address() == nil {
- return nil
- }
- if err := checkRouteConflict(nlh, i.Address(), netlink.FAMILY_V4); err != nil {
- return err
- }
- ipAddr := &netlink.Addr{IPNet: i.Address(), Label: ""}
- return nlh.AddrAdd(iface, ipAddr)
-}
-
-func setInterfaceIPv6(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- if i.AddressIPv6() == nil {
- return nil
- }
- if err := checkRouteConflict(nlh, i.AddressIPv6(), netlink.FAMILY_V6); err != nil {
- return err
- }
- if err := setIPv6(i.ns.path, i.DstName(), true); err != nil {
- return fmt.Errorf("failed to enable ipv6: %v", err)
- }
- ipAddr := &netlink.Addr{IPNet: i.AddressIPv6(), Label: "", Flags: syscall.IFA_F_NODAD}
- return nlh.AddrAdd(iface, ipAddr)
-}
-
-func setInterfaceLinkLocalIPs(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- for _, llIP := range i.LinkLocalAddresses() {
- ipAddr := &netlink.Addr{IPNet: llIP}
- if err := nlh.AddrAdd(iface, ipAddr); err != nil {
- return err
- }
- }
- return nil
-}
-
-func setInterfaceName(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- return nlh.LinkSetName(iface, i.DstName())
-}
-
-func setInterfaceRoutes(nlh *netlink.Handle, iface netlink.Link, i *nwIface) error {
- for _, route := range i.Routes() {
- err := nlh.RouteAdd(&netlink.Route{
- Scope: netlink.SCOPE_LINK,
- LinkIndex: iface.Attrs().Index,
- Dst: route,
- })
- if err != nil {
- return err
- }
- }
- return nil
-}
-
-// In older kernels (like the one in Centos 6.6 distro) sysctl does not have netns support. Therefore
-// we cannot gather the statistics from /sys/class/net/<dev>/statistics/<counter> files. Per-netns stats
-// are naturally found in /proc/net/dev in kernels which support netns (ifconfig relies on that).
-const (
- netStatsFile = "/proc/net/dev"
- base = "[ ]*%s:([ ]+[0-9]+){16}"
-)
-
-func scanInterfaceStats(data, ifName string, i *types.InterfaceStatistics) error {
- var (
- bktStr string
- bkt uint64
- )
-
- regex := fmt.Sprintf(base, ifName)
- re := regexp.MustCompile(regex)
- line := re.FindString(data)
-
- _, err := fmt.Sscanf(line, "%s %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d %d",
- &bktStr, &i.RxBytes, &i.RxPackets, &i.RxErrors, &i.RxDropped, &bkt, &bkt, &bkt,
- &bkt, &i.TxBytes, &i.TxPackets, &i.TxErrors, &i.TxDropped, &bkt, &bkt, &bkt, &bkt)
-
- return err
-}
-
-func checkRouteConflict(nlh *netlink.Handle, address *net.IPNet, family int) error {
- routes, err := nlh.RouteList(nil, family)
- if err != nil {
- return err
- }
- for _, route := range routes {
- if route.Dst != nil {
- if route.Dst.Contains(address.IP) || address.Contains(route.Dst.IP) {
- return fmt.Errorf("cannot program address %v in sandbox interface because it conflicts with existing route %s",
- address, route)
- }
- }
- }
- return nil
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/interface_windows.go b/vendor/github.com/docker/libnetwork/osl/interface_windows.go
deleted file mode 100644
index 9c0141fd9..000000000
--- a/vendor/github.com/docker/libnetwork/osl/interface_windows.go
+++ /dev/null
@@ -1,4 +0,0 @@
-package osl
-
-// IfaceOption is a function option type to set interface options
-type IfaceOption func()
diff --git a/vendor/github.com/docker/libnetwork/osl/kernel/knobs.go b/vendor/github.com/docker/libnetwork/osl/kernel/knobs.go
deleted file mode 100644
index a7cd7dbb7..000000000
--- a/vendor/github.com/docker/libnetwork/osl/kernel/knobs.go
+++ /dev/null
@@ -1,16 +0,0 @@
-package kernel
-
-type conditionalCheck func(val1, val2 string) bool
-
-// OSValue represents a tuple, value defined, check function when to apply the value
-type OSValue struct {
- Value string
- CheckFn conditionalCheck
-}
-
-func propertyIsValid(val1, val2 string, check conditionalCheck) bool {
- if check == nil || check(val1, val2) {
- return true
- }
- return false
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/kernel/knobs_linux.go b/vendor/github.com/docker/libnetwork/osl/kernel/knobs_linux.go
deleted file mode 100644
index 964280650..000000000
--- a/vendor/github.com/docker/libnetwork/osl/kernel/knobs_linux.go
+++ /dev/null
@@ -1,47 +0,0 @@
-package kernel
-
-import (
- "io/ioutil"
- "path"
- "strings"
-
- "github.com/sirupsen/logrus"
-)
-
-// writeSystemProperty writes the value to a path under /proc/sys as determined from the key.
-// For e.g. net.ipv4.ip_forward translated to /proc/sys/net/ipv4/ip_forward.
-func writeSystemProperty(key, value string) error {
- keyPath := strings.Replace(key, ".", "/", -1)
- return ioutil.WriteFile(path.Join("/proc/sys", keyPath), []byte(value), 0644)
-}
-
-// readSystemProperty reads the value from the path under /proc/sys and returns it
-func readSystemProperty(key string) (string, error) {
- keyPath := strings.Replace(key, ".", "/", -1)
- value, err := ioutil.ReadFile(path.Join("/proc/sys", keyPath))
- if err != nil {
- return "", err
- }
- return strings.TrimSpace(string(value)), nil
-}
-
-// ApplyOSTweaks applies the configuration values passed as arguments
-func ApplyOSTweaks(osConfig map[string]*OSValue) {
- for k, v := range osConfig {
- // read the existing property from disk
- oldv, err := readSystemProperty(k)
- if err != nil {
- logrus.WithError(err).Errorf("error reading the kernel parameter %s", k)
- continue
- }
-
- if propertyIsValid(oldv, v.Value, v.CheckFn) {
- // write new prop value to disk
- if err := writeSystemProperty(k, v.Value); err != nil {
- logrus.WithError(err).Errorf("error setting the kernel parameter %s = %s, (leaving as %s)", k, v.Value, oldv)
- continue
- }
- logrus.Debugf("updated kernel parameter %s = %s (was %s)", k, v.Value, oldv)
- }
- }
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/kernel/knobs_unsupported.go b/vendor/github.com/docker/libnetwork/osl/kernel/knobs_unsupported.go
deleted file mode 100644
index 32f258f41..000000000
--- a/vendor/github.com/docker/libnetwork/osl/kernel/knobs_unsupported.go
+++ /dev/null
@@ -1,7 +0,0 @@
-// +build !linux
-
-package kernel
-
-// ApplyOSTweaks applies the configuration values passed as arguments
-func ApplyOSTweaks(osConfig map[string]*OSValue) {
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/namespace_linux.go b/vendor/github.com/docker/libnetwork/osl/namespace_linux.go
deleted file mode 100644
index abb748b56..000000000
--- a/vendor/github.com/docker/libnetwork/osl/namespace_linux.go
+++ /dev/null
@@ -1,657 +0,0 @@
-package osl
-
-import (
- "fmt"
- "io/ioutil"
- "net"
- "os"
- "os/exec"
- "path/filepath"
- "runtime"
- "strconv"
- "strings"
- "sync"
- "syscall"
- "time"
-
- "github.com/docker/docker/pkg/reexec"
- "github.com/docker/libnetwork/ns"
- "github.com/docker/libnetwork/osl/kernel"
- "github.com/docker/libnetwork/types"
- "github.com/sirupsen/logrus"
- "github.com/vishvananda/netlink"
- "github.com/vishvananda/netns"
-)
-
-const defaultPrefix = "/var/run/docker"
-
-func init() {
- reexec.Register("set-ipv6", reexecSetIPv6)
-}
-
-var (
- once sync.Once
- garbagePathMap = make(map[string]bool)
- gpmLock sync.Mutex
- gpmWg sync.WaitGroup
- gpmCleanupPeriod = 60 * time.Second
- gpmChan = make(chan chan struct{})
- prefix = defaultPrefix
- loadBalancerConfig = map[string]*kernel.OSValue{
- // expires connection from the IPVS connection table when the backend is not available
- // more info: https://github.com/torvalds/linux/blob/master/Documentation/networking/ipvs-sysctl.txt#L126:1
- "net.ipv4.vs.expire_nodest_conn": {"1", nil},
- }
-)
-
-// The networkNamespace type is the linux implementation of the Sandbox
-// interface. It represents a linux network namespace, and moves an interface
-// into it when called on method AddInterface or sets the gateway etc.
-type networkNamespace struct {
- path string
- iFaces []*nwIface
- gw net.IP
- gwv6 net.IP
- staticRoutes []*types.StaticRoute
- neighbors []*neigh
- nextIfIndex map[string]int
- isDefault bool
- nlHandle *netlink.Handle
- loV6Enabled bool
- sync.Mutex
-}
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
- prefix = path
-}
-
-func init() {
- reexec.Register("netns-create", reexecCreateNamespace)
-}
-
-func basePath() string {
- return filepath.Join(prefix, "netns")
-}
-
-func createBasePath() {
- err := os.MkdirAll(basePath(), 0755)
- if err != nil {
- panic("Could not create net namespace path directory")
- }
-
- // Start the garbage collection go routine
- go removeUnusedPaths()
-}
-
-func removeUnusedPaths() {
- gpmLock.Lock()
- period := gpmCleanupPeriod
- gpmLock.Unlock()
-
- ticker := time.NewTicker(period)
- for {
- var (
- gc chan struct{}
- gcOk bool
- )
-
- select {
- case <-ticker.C:
- case gc, gcOk = <-gpmChan:
- }
-
- gpmLock.Lock()
- pathList := make([]string, 0, len(garbagePathMap))
- for path := range garbagePathMap {
- pathList = append(pathList, path)
- }
- garbagePathMap = make(map[string]bool)
- gpmWg.Add(1)
- gpmLock.Unlock()
-
- for _, path := range pathList {
- os.Remove(path)
- }
-
- gpmWg.Done()
- if gcOk {
- close(gc)
- }
- }
-}
-
-func addToGarbagePaths(path string) {
- gpmLock.Lock()
- garbagePathMap[path] = true
- gpmLock.Unlock()
-}
-
-func removeFromGarbagePaths(path string) {
- gpmLock.Lock()
- delete(garbagePathMap, path)
- gpmLock.Unlock()
-}
-
-// GC triggers garbage collection of namespace path right away
-// and waits for it.
-func GC() {
- gpmLock.Lock()
- if len(garbagePathMap) == 0 {
- // No need for GC if map is empty
- gpmLock.Unlock()
- return
- }
- gpmLock.Unlock()
-
- // if content exists in the garbage paths
- // we can trigger GC to run, providing a
- // channel to be notified on completion
- waitGC := make(chan struct{})
- gpmChan <- waitGC
- // wait for GC completion
- <-waitGC
-}
-
-// GenerateKey generates a sandbox key based on the passed
-// container id.
-func GenerateKey(containerID string) string {
- maxLen := 12
- // Read sandbox key from host for overlay
- if strings.HasPrefix(containerID, "-") {
- var (
- index int
- indexStr string
- tmpkey string
- )
- dir, err := ioutil.ReadDir(basePath())
- if err != nil {
- return ""
- }
-
- for _, v := range dir {
- id := v.Name()
- if strings.HasSuffix(id, containerID[:maxLen-1]) {
- indexStr = strings.TrimSuffix(id, containerID[:maxLen-1])
- tmpindex, err := strconv.Atoi(indexStr)
- if err != nil {
- return ""
- }
- if tmpindex > index {
- index = tmpindex
- tmpkey = id
- }
-
- }
- }
- containerID = tmpkey
- if containerID == "" {
- return ""
- }
- }
-
- if len(containerID) < maxLen {
- maxLen = len(containerID)
- }
-
- return basePath() + "/" + containerID[:maxLen]
-}
-
-// NewSandbox provides a new sandbox instance created in an os specific way
-// provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
- if !isRestore {
- err := createNetworkNamespace(key, osCreate)
- if err != nil {
- return nil, err
- }
- } else {
- once.Do(createBasePath)
- }
-
- n := &networkNamespace{path: key, isDefault: !osCreate, nextIfIndex: make(map[string]int)}
-
- sboxNs, err := netns.GetFromPath(n.path)
- if err != nil {
- return nil, fmt.Errorf("failed get network namespace %q: %v", n.path, err)
- }
- defer sboxNs.Close()
-
- n.nlHandle, err = netlink.NewHandleAt(sboxNs, syscall.NETLINK_ROUTE)
- if err != nil {
- return nil, fmt.Errorf("failed to create a netlink handle: %v", err)
- }
-
- err = n.nlHandle.SetSocketTimeout(ns.NetlinkSocketsTimeout)
- if err != nil {
- logrus.Warnf("Failed to set the timeout on the sandbox netlink handle sockets: %v", err)
- }
- // In live-restore mode, IPV6 entries are getting cleaned up due to below code
- // We should retain IPV6 configurations in live-restore mode when Docker Daemon
- // comes back. It should work as it is on other cases
- // As starting point, disable IPv6 on all interfaces
- if !isRestore && !n.isDefault {
- err = setIPv6(n.path, "all", false)
- if err != nil {
- logrus.Warnf("Failed to disable IPv6 on all interfaces on network namespace %q: %v", n.path, err)
- }
- }
-
- if err = n.loopbackUp(); err != nil {
- n.nlHandle.Delete()
- return nil, err
- }
-
- return n, nil
-}
-
-func (n *networkNamespace) InterfaceOptions() IfaceOptionSetter {
- return n
-}
-
-func (n *networkNamespace) NeighborOptions() NeighborOptionSetter {
- return n
-}
-
-func mountNetworkNamespace(basePath string, lnPath string) error {
- return syscall.Mount(basePath, lnPath, "bind", syscall.MS_BIND, "")
-}
-
-// GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(basePath string, key string) (Sandbox, error) {
- if err := createNamespaceFile(key); err != nil {
- return nil, err
- }
-
- if err := mountNetworkNamespace(basePath, key); err != nil {
- return nil, err
- }
- n := &networkNamespace{path: key, nextIfIndex: make(map[string]int)}
-
- sboxNs, err := netns.GetFromPath(n.path)
- if err != nil {
- return nil, fmt.Errorf("failed get network namespace %q: %v", n.path, err)
- }
- defer sboxNs.Close()
-
- n.nlHandle, err = netlink.NewHandleAt(sboxNs, syscall.NETLINK_ROUTE)
- if err != nil {
- return nil, fmt.Errorf("failed to create a netlink handle: %v", err)
- }
-
- err = n.nlHandle.SetSocketTimeout(ns.NetlinkSocketsTimeout)
- if err != nil {
- logrus.Warnf("Failed to set the timeout on the sandbox netlink handle sockets: %v", err)
- }
-
- // As starting point, disable IPv6 on all interfaces
- err = setIPv6(n.path, "all", false)
- if err != nil {
- logrus.Warnf("Failed to disable IPv6 on all interfaces on network namespace %q: %v", n.path, err)
- }
-
- if err = n.loopbackUp(); err != nil {
- n.nlHandle.Delete()
- return nil, err
- }
-
- return n, nil
-}
-
-func reexecCreateNamespace() {
- if len(os.Args) < 2 {
- logrus.Fatal("no namespace path provided")
- }
- if err := mountNetworkNamespace("/proc/self/ns/net", os.Args[1]); err != nil {
- logrus.Fatal(err)
- }
-}
-
-func createNetworkNamespace(path string, osCreate bool) error {
- if err := createNamespaceFile(path); err != nil {
- return err
- }
-
- cmd := &exec.Cmd{
- Path: reexec.Self(),
- Args: append([]string{"netns-create"}, path),
- Stdout: os.Stdout,
- Stderr: os.Stderr,
- }
- if osCreate {
- cmd.SysProcAttr = &syscall.SysProcAttr{}
- cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNET
- }
- if err := cmd.Run(); err != nil {
- return fmt.Errorf("namespace creation reexec command failed: %v", err)
- }
-
- return nil
-}
-
-func unmountNamespaceFile(path string) {
- if _, err := os.Stat(path); err == nil {
- syscall.Unmount(path, syscall.MNT_DETACH)
- }
-}
-
-func createNamespaceFile(path string) (err error) {
- var f *os.File
-
- once.Do(createBasePath)
- // Remove it from garbage collection list if present
- removeFromGarbagePaths(path)
-
- // If the path is there unmount it first
- unmountNamespaceFile(path)
-
- // wait for garbage collection to complete if it is in progress
- // before trying to create the file.
- gpmWg.Wait()
-
- if f, err = os.Create(path); err == nil {
- f.Close()
- }
-
- return err
-}
-
-func (n *networkNamespace) loopbackUp() error {
- iface, err := n.nlHandle.LinkByName("lo")
- if err != nil {
- return err
- }
- return n.nlHandle.LinkSetUp(iface)
-}
-
-func (n *networkNamespace) GetLoopbackIfaceName() string {
- return "lo"
-}
-
-func (n *networkNamespace) AddAliasIP(ifName string, ip *net.IPNet) error {
- iface, err := n.nlHandle.LinkByName(ifName)
- if err != nil {
- return err
- }
- return n.nlHandle.AddrAdd(iface, &netlink.Addr{IPNet: ip})
-}
-
-func (n *networkNamespace) RemoveAliasIP(ifName string, ip *net.IPNet) error {
- iface, err := n.nlHandle.LinkByName(ifName)
- if err != nil {
- return err
- }
- return n.nlHandle.AddrDel(iface, &netlink.Addr{IPNet: ip})
-}
-
-func (n *networkNamespace) InvokeFunc(f func()) error {
- return nsInvoke(n.nsPath(), func(nsFD int) error { return nil }, func(callerFD int) error {
- f()
- return nil
- })
-}
-
-// InitOSContext initializes OS context while configuring network resources
-func InitOSContext() func() {
- runtime.LockOSThread()
- if err := ns.SetNamespace(); err != nil {
- logrus.Error(err)
- }
- return runtime.UnlockOSThread
-}
-
-func nsInvoke(path string, prefunc func(nsFD int) error, postfunc func(callerFD int) error) error {
- defer InitOSContext()()
-
- newNs, err := netns.GetFromPath(path)
- if err != nil {
- return fmt.Errorf("failed get network namespace %q: %v", path, err)
- }
- defer newNs.Close()
-
- // Invoked before the namespace switch happens but after the namespace file
- // handle is obtained.
- if err := prefunc(int(newNs)); err != nil {
- return fmt.Errorf("failed in prefunc: %v", err)
- }
-
- if err = netns.Set(newNs); err != nil {
- return err
- }
- defer ns.SetNamespace()
-
- // Invoked after the namespace switch.
- return postfunc(ns.ParseHandlerInt())
-}
-
-func (n *networkNamespace) nsPath() string {
- n.Lock()
- defer n.Unlock()
-
- return n.path
-}
-
-func (n *networkNamespace) Info() Info {
- return n
-}
-
-func (n *networkNamespace) Key() string {
- return n.path
-}
-
-func (n *networkNamespace) Destroy() error {
- if n.nlHandle != nil {
- n.nlHandle.Delete()
- }
- // Assuming no running process is executing in this network namespace,
- // unmounting is sufficient to destroy it.
- if err := syscall.Unmount(n.path, syscall.MNT_DETACH); err != nil {
- return err
- }
-
- // Stash it into the garbage collection list
- addToGarbagePaths(n.path)
- return nil
-}
-
-// Restore restore the network namespace
-func (n *networkNamespace) Restore(ifsopt map[string][]IfaceOption, routes []*types.StaticRoute, gw net.IP, gw6 net.IP) error {
- // restore interfaces
- for name, opts := range ifsopt {
- if !strings.Contains(name, "+") {
- return fmt.Errorf("wrong iface name in restore osl sandbox interface: %s", name)
- }
- seps := strings.Split(name, "+")
- srcName := seps[0]
- dstPrefix := seps[1]
- i := &nwIface{srcName: srcName, dstName: dstPrefix, ns: n}
- i.processInterfaceOptions(opts...)
- if i.master != "" {
- i.dstMaster = n.findDst(i.master, true)
- if i.dstMaster == "" {
- return fmt.Errorf("could not find an appropriate master %q for %q",
- i.master, i.srcName)
- }
- }
- if n.isDefault {
- i.dstName = i.srcName
- } else {
- links, err := n.nlHandle.LinkList()
- if err != nil {
- return fmt.Errorf("failed to retrieve list of links in network namespace %q during restore", n.path)
- }
- // due to the docker network connect/disconnect, so the dstName should
- // restore from the namespace
- for _, link := range links {
- addrs, err := n.nlHandle.AddrList(link, netlink.FAMILY_V4)
- if err != nil {
- return err
- }
- ifaceName := link.Attrs().Name
- if strings.HasPrefix(ifaceName, "vxlan") {
- if i.dstName == "vxlan" {
- i.dstName = ifaceName
- break
- }
- }
- // find the interface name by ip
- if i.address != nil {
- for _, addr := range addrs {
- if addr.IPNet.String() == i.address.String() {
- i.dstName = ifaceName
- break
- }
- continue
- }
- if i.dstName == ifaceName {
- break
- }
- }
- // This is to find the interface name of the pair in overlay sandbox
- if strings.HasPrefix(ifaceName, "veth") {
- if i.master != "" && i.dstName == "veth" {
- i.dstName = ifaceName
- }
- }
- }
-
- var index int
- indexStr := strings.TrimPrefix(i.dstName, dstPrefix)
- if indexStr != "" {
- index, err = strconv.Atoi(indexStr)
- if err != nil {
- return err
- }
- }
- index++
- n.Lock()
- if index > n.nextIfIndex[dstPrefix] {
- n.nextIfIndex[dstPrefix] = index
- }
- n.iFaces = append(n.iFaces, i)
- n.Unlock()
- }
- }
-
- // restore routes
- for _, r := range routes {
- n.Lock()
- n.staticRoutes = append(n.staticRoutes, r)
- n.Unlock()
- }
-
- // restore gateway
- if len(gw) > 0 {
- n.Lock()
- n.gw = gw
- n.Unlock()
- }
-
- if len(gw6) > 0 {
- n.Lock()
- n.gwv6 = gw6
- n.Unlock()
- }
-
- return nil
-}
-
-// Checks whether IPv6 needs to be enabled/disabled on the loopback interface
-func (n *networkNamespace) checkLoV6() {
- var (
- enable = false
- action = "disable"
- )
-
- n.Lock()
- for _, iface := range n.iFaces {
- if iface.AddressIPv6() != nil {
- enable = true
- action = "enable"
- break
- }
- }
- n.Unlock()
-
- if n.loV6Enabled == enable {
- return
- }
-
- if err := setIPv6(n.path, "lo", enable); err != nil {
- logrus.Warnf("Failed to %s IPv6 on loopback interface on network namespace %q: %v", action, n.path, err)
- }
-
- n.loV6Enabled = enable
-}
-
-func reexecSetIPv6() {
- runtime.LockOSThread()
- defer runtime.UnlockOSThread()
-
- if len(os.Args) < 3 {
- logrus.Errorf("invalid number of arguments for %s", os.Args[0])
- os.Exit(1)
- }
-
- ns, err := netns.GetFromPath(os.Args[1])
- if err != nil {
- logrus.Errorf("failed get network namespace %q: %v", os.Args[1], err)
- os.Exit(2)
- }
- defer ns.Close()
-
- if err = netns.Set(ns); err != nil {
- logrus.Errorf("setting into container netns %q failed: %v", os.Args[1], err)
- os.Exit(3)
- }
-
- var (
- action = "disable"
- value = byte('1')
- path = fmt.Sprintf("/proc/sys/net/ipv6/conf/%s/disable_ipv6", os.Args[2])
- )
-
- if os.Args[3] == "true" {
- action = "enable"
- value = byte('0')
- }
-
- if _, err := os.Stat(path); err != nil {
- if os.IsNotExist(err) {
- logrus.Warnf("file does not exist: %s : %v Has IPv6 been disabled in this node's kernel?", path, err)
- os.Exit(0)
- }
- logrus.Errorf("failed to stat %s : %v", path, err)
- os.Exit(5)
- }
-
- if err = ioutil.WriteFile(path, []byte{value, '\n'}, 0644); err != nil {
- logrus.Errorf("failed to %s IPv6 forwarding for container's interface %s: %v", action, os.Args[2], err)
- os.Exit(4)
- }
-
- os.Exit(0)
-}
-
-func setIPv6(path, iface string, enable bool) error {
- cmd := &exec.Cmd{
- Path: reexec.Self(),
- Args: append([]string{"set-ipv6"}, path, iface, strconv.FormatBool(enable)),
- Stdout: os.Stdout,
- Stderr: os.Stderr,
- }
- if err := cmd.Run(); err != nil {
- return fmt.Errorf("reexec to set IPv6 failed: %v", err)
- }
- return nil
-}
-
-// ApplyOSTweaks applies linux configs on the sandbox
-func (n *networkNamespace) ApplyOSTweaks(types []SandboxType) {
- for _, t := range types {
- switch t {
- case SandboxTypeLoadBalancer:
- kernel.ApplyOSTweaks(loadBalancerConfig)
- }
- }
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/namespace_unsupported.go b/vendor/github.com/docker/libnetwork/osl/namespace_unsupported.go
deleted file mode 100644
index 74372e249..000000000
--- a/vendor/github.com/docker/libnetwork/osl/namespace_unsupported.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// +build !linux,!windows,!freebsd
-
-package osl
-
-// GC triggers garbage collection of namespace path right away
-// and waits for it.
-func GC() {
-}
-
-// GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
- return nil, nil
-}
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/namespace_windows.go b/vendor/github.com/docker/libnetwork/osl/namespace_windows.go
deleted file mode 100644
index 49503c00f..000000000
--- a/vendor/github.com/docker/libnetwork/osl/namespace_windows.go
+++ /dev/null
@@ -1,38 +0,0 @@
-package osl
-
-import "testing"
-
-// GenerateKey generates a sandbox key based on the passed
-// container id.
-func GenerateKey(containerID string) string {
- return containerID
-}
-
-// NewSandbox provides a new sandbox instance created in an os specific way
-// provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
- return nil, nil
-}
-
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
- return nil, nil
-}
-
-// GC triggers garbage collection of namespace path right away
-// and waits for it.
-func GC() {
-}
-
-// InitOSContext initializes OS context while configuring network resources
-func InitOSContext() func() {
- return func() {}
-}
-
-// SetupTestOSContext sets up a separate test OS context in which tests will be executed.
-func SetupTestOSContext(t *testing.T) func() {
- return func() {}
-}
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/neigh_freebsd.go b/vendor/github.com/docker/libnetwork/osl/neigh_freebsd.go
deleted file mode 100644
index 280f00639..000000000
--- a/vendor/github.com/docker/libnetwork/osl/neigh_freebsd.go
+++ /dev/null
@@ -1,4 +0,0 @@
-package osl
-
-// NeighOption is a function option type to set neighbor options
-type NeighOption func()
diff --git a/vendor/github.com/docker/libnetwork/osl/neigh_linux.go b/vendor/github.com/docker/libnetwork/osl/neigh_linux.go
deleted file mode 100644
index 6bf1c16dc..000000000
--- a/vendor/github.com/docker/libnetwork/osl/neigh_linux.go
+++ /dev/null
@@ -1,194 +0,0 @@
-package osl
-
-import (
- "bytes"
- "fmt"
- "net"
-
- "github.com/sirupsen/logrus"
- "github.com/vishvananda/netlink"
-)
-
-// NeighborSearchError indicates that the neighbor is already present
-type NeighborSearchError struct {
- ip net.IP
- mac net.HardwareAddr
- present bool
-}
-
-func (n NeighborSearchError) Error() string {
- return fmt.Sprintf("Search neighbor failed for IP %v, mac %v, present in db:%t", n.ip, n.mac, n.present)
-}
-
-// NeighOption is a function option type to set interface options
-type NeighOption func(nh *neigh)
-
-type neigh struct {
- dstIP net.IP
- dstMac net.HardwareAddr
- linkName string
- linkDst string
- family int
-}
-
-func (n *networkNamespace) findNeighbor(dstIP net.IP, dstMac net.HardwareAddr) *neigh {
- n.Lock()
- defer n.Unlock()
-
- for _, nh := range n.neighbors {
- if nh.dstIP.Equal(dstIP) && bytes.Equal(nh.dstMac, dstMac) {
- return nh
- }
- }
-
- return nil
-}
-
-func (n *networkNamespace) DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr, osDelete bool) error {
- var (
- iface netlink.Link
- err error
- )
-
- nh := n.findNeighbor(dstIP, dstMac)
- if nh == nil {
- return NeighborSearchError{dstIP, dstMac, false}
- }
-
- if osDelete {
- n.Lock()
- nlh := n.nlHandle
- n.Unlock()
-
- if nh.linkDst != "" {
- iface, err = nlh.LinkByName(nh.linkDst)
- if err != nil {
- return fmt.Errorf("could not find interface with destination name %s: %v",
- nh.linkDst, err)
- }
- }
-
- nlnh := &netlink.Neigh{
- IP: dstIP,
- State: netlink.NUD_PERMANENT,
- Family: nh.family,
- }
-
- if nlnh.Family > 0 {
- nlnh.HardwareAddr = dstMac
- nlnh.Flags = netlink.NTF_SELF
- }
-
- if nh.linkDst != "" {
- nlnh.LinkIndex = iface.Attrs().Index
- }
-
- // If the kernel deletion fails for the neighbor entry still remote it
- // from the namespace cache. Otherwise if the neighbor moves back to the
- // same host again, kernel update can fail.
- if err := nlh.NeighDel(nlnh); err != nil {
- logrus.Warnf("Deleting neighbor IP %s, mac %s failed, %v", dstIP, dstMac, err)
- }
-
- // Delete the dynamic entry in the bridge
- if nlnh.Family > 0 {
- nlnh := &netlink.Neigh{
- IP: dstIP,
- Family: nh.family,
- }
-
- nlnh.HardwareAddr = dstMac
- nlnh.Flags = netlink.NTF_MASTER
- if nh.linkDst != "" {
- nlnh.LinkIndex = iface.Attrs().Index
- }
- nlh.NeighDel(nlnh)
- }
- }
-
- n.Lock()
- for i, nh := range n.neighbors {
- if nh.dstIP.Equal(dstIP) && bytes.Equal(nh.dstMac, dstMac) {
- n.neighbors = append(n.neighbors[:i], n.neighbors[i+1:]...)
- break
- }
- }
- n.Unlock()
- logrus.Debugf("Neighbor entry deleted for IP %v, mac %v osDelete:%t", dstIP, dstMac, osDelete)
-
- return nil
-}
-
-func (n *networkNamespace) AddNeighbor(dstIP net.IP, dstMac net.HardwareAddr, force bool, options ...NeighOption) error {
- var (
- iface netlink.Link
- err error
- neighborAlreadyPresent bool
- )
-
- // If the namespace already has the neighbor entry but the AddNeighbor is called
- // because of a miss notification (force flag) program the kernel anyway.
- nh := n.findNeighbor(dstIP, dstMac)
- if nh != nil {
- neighborAlreadyPresent = true
- logrus.Warnf("Neighbor entry already present for IP %v, mac %v neighbor:%+v forceUpdate:%t", dstIP, dstMac, nh, force)
- if !force {
- return NeighborSearchError{dstIP, dstMac, true}
- }
- }
-
- nh = &neigh{
- dstIP: dstIP,
- dstMac: dstMac,
- }
-
- nh.processNeighOptions(options...)
-
- if nh.linkName != "" {
- nh.linkDst = n.findDst(nh.linkName, false)
- if nh.linkDst == "" {
- return fmt.Errorf("could not find the interface with name %s", nh.linkName)
- }
- }
-
- n.Lock()
- nlh := n.nlHandle
- n.Unlock()
-
- if nh.linkDst != "" {
- iface, err = nlh.LinkByName(nh.linkDst)
- if err != nil {
- return fmt.Errorf("could not find interface with destination name %s: %v", nh.linkDst, err)
- }
- }
-
- nlnh := &netlink.Neigh{
- IP: dstIP,
- HardwareAddr: dstMac,
- State: netlink.NUD_PERMANENT,
- Family: nh.family,
- }
-
- if nlnh.Family > 0 {
- nlnh.Flags = netlink.NTF_SELF
- }
-
- if nh.linkDst != "" {
- nlnh.LinkIndex = iface.Attrs().Index
- }
-
- if err := nlh.NeighSet(nlnh); err != nil {
- return fmt.Errorf("could not add neighbor entry:%+v error:%v", nlnh, err)
- }
-
- if neighborAlreadyPresent {
- return nil
- }
-
- n.Lock()
- n.neighbors = append(n.neighbors, nh)
- n.Unlock()
- logrus.Debugf("Neighbor entry added for IP:%v, mac:%v on ifc:%s", dstIP, dstMac, nh.linkName)
-
- return nil
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/neigh_windows.go b/vendor/github.com/docker/libnetwork/osl/neigh_windows.go
deleted file mode 100644
index 280f00639..000000000
--- a/vendor/github.com/docker/libnetwork/osl/neigh_windows.go
+++ /dev/null
@@ -1,4 +0,0 @@
-package osl
-
-// NeighOption is a function option type to set neighbor options
-type NeighOption func()
diff --git a/vendor/github.com/docker/libnetwork/osl/options_linux.go b/vendor/github.com/docker/libnetwork/osl/options_linux.go
deleted file mode 100644
index 818669647..000000000
--- a/vendor/github.com/docker/libnetwork/osl/options_linux.go
+++ /dev/null
@@ -1,73 +0,0 @@
-package osl
-
-import "net"
-
-func (nh *neigh) processNeighOptions(options ...NeighOption) {
- for _, opt := range options {
- if opt != nil {
- opt(nh)
- }
- }
-}
-
-func (n *networkNamespace) LinkName(name string) NeighOption {
- return func(nh *neigh) {
- nh.linkName = name
- }
-}
-
-func (n *networkNamespace) Family(family int) NeighOption {
- return func(nh *neigh) {
- nh.family = family
- }
-}
-
-func (i *nwIface) processInterfaceOptions(options ...IfaceOption) {
- for _, opt := range options {
- if opt != nil {
- opt(i)
- }
- }
-}
-
-func (n *networkNamespace) Bridge(isBridge bool) IfaceOption {
- return func(i *nwIface) {
- i.bridge = isBridge
- }
-}
-
-func (n *networkNamespace) Master(name string) IfaceOption {
- return func(i *nwIface) {
- i.master = name
- }
-}
-
-func (n *networkNamespace) MacAddress(mac net.HardwareAddr) IfaceOption {
- return func(i *nwIface) {
- i.mac = mac
- }
-}
-
-func (n *networkNamespace) Address(addr *net.IPNet) IfaceOption {
- return func(i *nwIface) {
- i.address = addr
- }
-}
-
-func (n *networkNamespace) AddressIPv6(addr *net.IPNet) IfaceOption {
- return func(i *nwIface) {
- i.addressIPv6 = addr
- }
-}
-
-func (n *networkNamespace) LinkLocalAddresses(list []*net.IPNet) IfaceOption {
- return func(i *nwIface) {
- i.llAddrs = list
- }
-}
-
-func (n *networkNamespace) Routes(routes []*net.IPNet) IfaceOption {
- return func(i *nwIface) {
- i.routes = routes
- }
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/route_linux.go b/vendor/github.com/docker/libnetwork/osl/route_linux.go
deleted file mode 100644
index a9ff191b3..000000000
--- a/vendor/github.com/docker/libnetwork/osl/route_linux.go
+++ /dev/null
@@ -1,203 +0,0 @@
-package osl
-
-import (
- "fmt"
- "net"
-
- "github.com/docker/libnetwork/types"
- "github.com/vishvananda/netlink"
-)
-
-func (n *networkNamespace) Gateway() net.IP {
- n.Lock()
- defer n.Unlock()
-
- return n.gw
-}
-
-func (n *networkNamespace) GatewayIPv6() net.IP {
- n.Lock()
- defer n.Unlock()
-
- return n.gwv6
-}
-
-func (n *networkNamespace) StaticRoutes() []*types.StaticRoute {
- n.Lock()
- defer n.Unlock()
-
- routes := make([]*types.StaticRoute, len(n.staticRoutes))
- for i, route := range n.staticRoutes {
- r := route.GetCopy()
- routes[i] = r
- }
-
- return routes
-}
-
-func (n *networkNamespace) setGateway(gw net.IP) {
- n.Lock()
- n.gw = gw
- n.Unlock()
-}
-
-func (n *networkNamespace) setGatewayIPv6(gwv6 net.IP) {
- n.Lock()
- n.gwv6 = gwv6
- n.Unlock()
-}
-
-func (n *networkNamespace) SetGateway(gw net.IP) error {
- // Silently return if the gateway is empty
- if len(gw) == 0 {
- return nil
- }
-
- err := n.programGateway(gw, true)
- if err == nil {
- n.setGateway(gw)
- }
-
- return err
-}
-
-func (n *networkNamespace) UnsetGateway() error {
- gw := n.Gateway()
-
- // Silently return if the gateway is empty
- if len(gw) == 0 {
- return nil
- }
-
- err := n.programGateway(gw, false)
- if err == nil {
- n.setGateway(net.IP{})
- }
-
- return err
-}
-
-func (n *networkNamespace) programGateway(gw net.IP, isAdd bool) error {
- gwRoutes, err := n.nlHandle.RouteGet(gw)
- if err != nil {
- return fmt.Errorf("route for the gateway %s could not be found: %v", gw, err)
- }
-
- var linkIndex int
- for _, gwRoute := range gwRoutes {
- if gwRoute.Gw == nil {
- linkIndex = gwRoute.LinkIndex
- break
- }
- }
-
- if linkIndex == 0 {
- return fmt.Errorf("Direct route for the gateway %s could not be found", gw)
- }
-
- if isAdd {
- return n.nlHandle.RouteAdd(&netlink.Route{
- Scope: netlink.SCOPE_UNIVERSE,
- LinkIndex: linkIndex,
- Gw: gw,
- })
- }
-
- return n.nlHandle.RouteDel(&netlink.Route{
- Scope: netlink.SCOPE_UNIVERSE,
- LinkIndex: linkIndex,
- Gw: gw,
- })
-}
-
-// Program a route in to the namespace routing table.
-func (n *networkNamespace) programRoute(path string, dest *net.IPNet, nh net.IP) error {
- gwRoutes, err := n.nlHandle.RouteGet(nh)
- if err != nil {
- return fmt.Errorf("route for the next hop %s could not be found: %v", nh, err)
- }
-
- return n.nlHandle.RouteAdd(&netlink.Route{
- Scope: netlink.SCOPE_UNIVERSE,
- LinkIndex: gwRoutes[0].LinkIndex,
- Gw: nh,
- Dst: dest,
- })
-}
-
-// Delete a route from the namespace routing table.
-func (n *networkNamespace) removeRoute(path string, dest *net.IPNet, nh net.IP) error {
- gwRoutes, err := n.nlHandle.RouteGet(nh)
- if err != nil {
- return fmt.Errorf("route for the next hop could not be found: %v", err)
- }
-
- return n.nlHandle.RouteDel(&netlink.Route{
- Scope: netlink.SCOPE_UNIVERSE,
- LinkIndex: gwRoutes[0].LinkIndex,
- Gw: nh,
- Dst: dest,
- })
-}
-
-func (n *networkNamespace) SetGatewayIPv6(gwv6 net.IP) error {
- // Silently return if the gateway is empty
- if len(gwv6) == 0 {
- return nil
- }
-
- err := n.programGateway(gwv6, true)
- if err == nil {
- n.setGatewayIPv6(gwv6)
- }
-
- return err
-}
-
-func (n *networkNamespace) UnsetGatewayIPv6() error {
- gwv6 := n.GatewayIPv6()
-
- // Silently return if the gateway is empty
- if len(gwv6) == 0 {
- return nil
- }
-
- err := n.programGateway(gwv6, false)
- if err == nil {
- n.Lock()
- n.gwv6 = net.IP{}
- n.Unlock()
- }
-
- return err
-}
-
-func (n *networkNamespace) AddStaticRoute(r *types.StaticRoute) error {
- err := n.programRoute(n.nsPath(), r.Destination, r.NextHop)
- if err == nil {
- n.Lock()
- n.staticRoutes = append(n.staticRoutes, r)
- n.Unlock()
- }
- return err
-}
-
-func (n *networkNamespace) RemoveStaticRoute(r *types.StaticRoute) error {
-
- err := n.removeRoute(n.nsPath(), r.Destination, r.NextHop)
- if err == nil {
- n.Lock()
- lastIndex := len(n.staticRoutes) - 1
- for i, v := range n.staticRoutes {
- if v == r {
- // Overwrite the route we're removing with the last element
- n.staticRoutes[i] = n.staticRoutes[lastIndex]
- // Shorten the slice to trim the extra element
- n.staticRoutes = n.staticRoutes[:lastIndex]
- break
- }
- }
- n.Unlock()
- }
- return err
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/sandbox.go b/vendor/github.com/docker/libnetwork/osl/sandbox.go
deleted file mode 100644
index 5019e068d..000000000
--- a/vendor/github.com/docker/libnetwork/osl/sandbox.go
+++ /dev/null
@@ -1,187 +0,0 @@
-// Package osl describes structures and interfaces which abstract os entities
-package osl
-
-import (
- "net"
-
- "github.com/docker/libnetwork/types"
-)
-
-// SandboxType specify the time of the sandbox, this can be used to apply special configs
-type SandboxType int
-
-const (
- // SandboxTypeIngress indicates that the sandbox is for the ingress
- SandboxTypeIngress = iota
- // SandboxTypeLoadBalancer indicates that the sandbox is a load balancer
- SandboxTypeLoadBalancer = iota
-)
-
-// Sandbox represents a network sandbox, identified by a specific key. It
-// holds a list of Interfaces, routes etc, and more can be added dynamically.
-type Sandbox interface {
- // The path where the network namespace is mounted.
- Key() string
-
- // Add an existing Interface to this sandbox. The operation will rename
- // from the Interface SrcName to DstName as it moves, and reconfigure the
- // interface according to the specified settings. The caller is expected
- // to only provide a prefix for DstName. The AddInterface api will auto-generate
- // an appropriate suffix for the DstName to disambiguate.
- AddInterface(SrcName string, DstPrefix string, options ...IfaceOption) error
-
- // Set default IPv4 gateway for the sandbox
- SetGateway(gw net.IP) error
-
- // Set default IPv6 gateway for the sandbox
- SetGatewayIPv6(gw net.IP) error
-
- // Unset the previously set default IPv4 gateway in the sandbox
- UnsetGateway() error
-
- // Unset the previously set default IPv6 gateway in the sandbox
- UnsetGatewayIPv6() error
-
- // GetLoopbackIfaceName returns the name of the loopback interface
- GetLoopbackIfaceName() string
-
- // AddAliasIP adds the passed IP address to the named interface
- AddAliasIP(ifName string, ip *net.IPNet) error
-
- // RemoveAliasIP removes the passed IP address from the named interface
- RemoveAliasIP(ifName string, ip *net.IPNet) error
-
- // Add a static route to the sandbox.
- AddStaticRoute(*types.StaticRoute) error
-
- // Remove a static route from the sandbox.
- RemoveStaticRoute(*types.StaticRoute) error
-
- // AddNeighbor adds a neighbor entry into the sandbox.
- AddNeighbor(dstIP net.IP, dstMac net.HardwareAddr, force bool, option ...NeighOption) error
-
- // DeleteNeighbor deletes neighbor entry from the sandbox.
- DeleteNeighbor(dstIP net.IP, dstMac net.HardwareAddr, osDelete bool) error
-
- // Returns an interface with methods to set neighbor options.
- NeighborOptions() NeighborOptionSetter
-
- // Returns an interface with methods to set interface options.
- InterfaceOptions() IfaceOptionSetter
-
- //Invoke
- InvokeFunc(func()) error
-
- // Returns an interface with methods to get sandbox state.
- Info() Info
-
- // Destroy the sandbox
- Destroy() error
-
- // restore sandbox
- Restore(ifsopt map[string][]IfaceOption, routes []*types.StaticRoute, gw net.IP, gw6 net.IP) error
-
- // ApplyOSTweaks applies operating system specific knobs on the sandbox
- ApplyOSTweaks([]SandboxType)
-}
-
-// NeighborOptionSetter interface defines the option setter methods for interface options
-type NeighborOptionSetter interface {
- // LinkName returns an option setter to set the srcName of the link that should
- // be used in the neighbor entry
- LinkName(string) NeighOption
-
- // Family returns an option setter to set the address family for the neighbor
- // entry. eg. AF_BRIDGE
- Family(int) NeighOption
-}
-
-// IfaceOptionSetter interface defines the option setter methods for interface options.
-type IfaceOptionSetter interface {
- // Bridge returns an option setter to set if the interface is a bridge.
- Bridge(bool) IfaceOption
-
- // MacAddress returns an option setter to set the MAC address.
- MacAddress(net.HardwareAddr) IfaceOption
-
- // Address returns an option setter to set IPv4 address.
- Address(*net.IPNet) IfaceOption
-
- // Address returns an option setter to set IPv6 address.
- AddressIPv6(*net.IPNet) IfaceOption
-
- // LinkLocalAddresses returns an option setter to set the link-local IP addresses.
- LinkLocalAddresses([]*net.IPNet) IfaceOption
-
- // Master returns an option setter to set the master interface if any for this
- // interface. The master interface name should refer to the srcname of a
- // previously added interface of type bridge.
- Master(string) IfaceOption
-
- // Address returns an option setter to set interface routes.
- Routes([]*net.IPNet) IfaceOption
-}
-
-// Info represents all possible information that
-// the driver wants to place in the sandbox which includes
-// interfaces, routes and gateway
-type Info interface {
- // The collection of Interface previously added with the AddInterface
- // method. Note that this doesn't include network interfaces added in any
- // other way (such as the default loopback interface which is automatically
- // created on creation of a sandbox).
- Interfaces() []Interface
-
- // IPv4 gateway for the sandbox.
- Gateway() net.IP
-
- // IPv6 gateway for the sandbox.
- GatewayIPv6() net.IP
-
- // Additional static routes for the sandbox. (Note that directly
- // connected routes are stored on the particular interface they refer to.)
- StaticRoutes() []*types.StaticRoute
-
- // TODO: Add ip tables etc.
-}
-
-// Interface represents the settings and identity of a network device. It is
-// used as a return type for Network.Link, and it is common practice for the
-// caller to use this information when moving interface SrcName from host
-// namespace to DstName in a different net namespace with the appropriate
-// network settings.
-type Interface interface {
- // The name of the interface in the origin network namespace.
- SrcName() string
-
- // The name that will be assigned to the interface once moves inside a
- // network namespace. When the caller passes in a DstName, it is only
- // expected to pass a prefix. The name will modified with an appropriately
- // auto-generated suffix.
- DstName() string
-
- // IPv4 address for the interface.
- Address() *net.IPNet
-
- // IPv6 address for the interface.
- AddressIPv6() *net.IPNet
-
- // LinkLocalAddresses returns the link-local IP addresses assigned to the interface.
- LinkLocalAddresses() []*net.IPNet
-
- // IP routes for the interface.
- Routes() []*net.IPNet
-
- // Bridge returns true if the interface is a bridge
- Bridge() bool
-
- // Master returns the srcname of the master interface for this interface.
- Master() string
-
- // Remove an interface from the sandbox by renaming to original name
- // and moving it out of the sandbox.
- Remove() error
-
- // Statistics returns the statistics for this interface
- Statistics() (*types.InterfaceStatistics, error)
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/sandbox_freebsd.go b/vendor/github.com/docker/libnetwork/osl/sandbox_freebsd.go
deleted file mode 100644
index e5bc6278e..000000000
--- a/vendor/github.com/docker/libnetwork/osl/sandbox_freebsd.go
+++ /dev/null
@@ -1,44 +0,0 @@
-package osl
-
-import "testing"
-
-// GenerateKey generates a sandbox key based on the passed
-// container id.
-func GenerateKey(containerID string) string {
- maxLen := 12
- if len(containerID) < maxLen {
- maxLen = len(containerID)
- }
-
- return containerID[:maxLen]
-}
-
-// NewSandbox provides a new sandbox instance created in an os specific way
-// provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
- return nil, nil
-}
-
-// GetSandboxForExternalKey returns sandbox object for the supplied path
-func GetSandboxForExternalKey(path string, key string) (Sandbox, error) {
- return nil, nil
-}
-
-// GC triggers garbage collection of namespace path right away
-// and waits for it.
-func GC() {
-}
-
-// InitOSContext initializes OS context while configuring network resources
-func InitOSContext() func() {
- return func() {}
-}
-
-// SetupTestOSContext sets up a separate test OS context in which tests will be executed.
-func SetupTestOSContext(t *testing.T) func() {
- return func() {}
-}
-
-// SetBasePath sets the base url prefix for the ns path
-func SetBasePath(path string) {
-}
diff --git a/vendor/github.com/docker/libnetwork/osl/sandbox_unsupported.go b/vendor/github.com/docker/libnetwork/osl/sandbox_unsupported.go
deleted file mode 100644
index 51a656c80..000000000
--- a/vendor/github.com/docker/libnetwork/osl/sandbox_unsupported.go
+++ /dev/null
@@ -1,22 +0,0 @@
-// +build !linux,!windows,!freebsd
-
-package osl
-
-import "errors"
-
-var (
- // ErrNotImplemented is for platforms which don't implement sandbox
- ErrNotImplemented = errors.New("not implemented")
-)
-
-// NewSandbox provides a new sandbox instance created in an os specific way
-// provided a key which uniquely identifies the sandbox
-func NewSandbox(key string, osCreate, isRestore bool) (Sandbox, error) {
- return nil, ErrNotImplemented
-}
-
-// GenerateKey generates a sandbox key based on the passed
-// container id.
-func GenerateKey(containerID string) string {
- return ""
-}
diff --git a/vendor/github.com/docker/libnetwork/resolvconf/README.md b/vendor/github.com/docker/libnetwork/resolvconf/README.md
deleted file mode 100644
index cdda554ba..000000000
--- a/vendor/github.com/docker/libnetwork/resolvconf/README.md
+++ /dev/null
@@ -1 +0,0 @@
-Package resolvconf provides utility code to query and update DNS configuration in /etc/resolv.conf
diff --git a/vendor/github.com/docker/libnetwork/types/types.go b/vendor/github.com/docker/libnetwork/types/types.go
deleted file mode 100644
index b102ba4c3..000000000
--- a/vendor/github.com/docker/libnetwork/types/types.go
+++ /dev/null
@@ -1,653 +0,0 @@
-// Package types contains types that are common across libnetwork project
-package types
-
-import (
- "bytes"
- "fmt"
- "net"
- "strconv"
- "strings"
-
- "github.com/ishidawataru/sctp"
-)
-
-// constants for the IP address type
-const (
- IP = iota // IPv4 and IPv6
- IPv4
- IPv6
-)
-
-// EncryptionKey is the libnetwork representation of the key distributed by the lead
-// manager.
-type EncryptionKey struct {
- Subsystem string
- Algorithm int32
- Key []byte
- LamportTime uint64
-}
-
-// UUID represents a globally unique ID of various resources like network and endpoint
-type UUID string
-
-// QosPolicy represents a quality of service policy on an endpoint
-type QosPolicy struct {
- MaxEgressBandwidth uint64
-}
-
-// TransportPort represents a local Layer 4 endpoint
-type TransportPort struct {
- Proto Protocol
- Port uint16
-}
-
-// Equal checks if this instance of Transportport is equal to the passed one
-func (t *TransportPort) Equal(o *TransportPort) bool {
- if t == o {
- return true
- }
-
- if o == nil {
- return false
- }
-
- if t.Proto != o.Proto || t.Port != o.Port {
- return false
- }
-
- return true
-}
-
-// GetCopy returns a copy of this TransportPort structure instance
-func (t *TransportPort) GetCopy() TransportPort {
- return TransportPort{Proto: t.Proto, Port: t.Port}
-}
-
-// String returns the TransportPort structure in string form
-func (t *TransportPort) String() string {
- return fmt.Sprintf("%s/%d", t.Proto.String(), t.Port)
-}
-
-// FromString reads the TransportPort structure from string
-func (t *TransportPort) FromString(s string) error {
- ps := strings.Split(s, "/")
- if len(ps) == 2 {
- t.Proto = ParseProtocol(ps[0])
- if p, err := strconv.ParseUint(ps[1], 10, 16); err == nil {
- t.Port = uint16(p)
- return nil
- }
- }
- return BadRequestErrorf("invalid format for transport port: %s", s)
-}
-
-// PortBinding represents a port binding between the container and the host
-type PortBinding struct {
- Proto Protocol
- IP net.IP
- Port uint16
- HostIP net.IP
- HostPort uint16
- HostPortEnd uint16
-}
-
-// HostAddr returns the host side transport address
-func (p PortBinding) HostAddr() (net.Addr, error) {
- switch p.Proto {
- case UDP:
- return &net.UDPAddr{IP: p.HostIP, Port: int(p.HostPort)}, nil
- case TCP:
- return &net.TCPAddr{IP: p.HostIP, Port: int(p.HostPort)}, nil
- case SCTP:
- return &sctp.SCTPAddr{IP: []net.IP{p.HostIP}, Port: int(p.HostPort)}, nil
- default:
- return nil, ErrInvalidProtocolBinding(p.Proto.String())
- }
-}
-
-// ContainerAddr returns the container side transport address
-func (p PortBinding) ContainerAddr() (net.Addr, error) {
- switch p.Proto {
- case UDP:
- return &net.UDPAddr{IP: p.IP, Port: int(p.Port)}, nil
- case TCP:
- return &net.TCPAddr{IP: p.IP, Port: int(p.Port)}, nil
- case SCTP:
- return &sctp.SCTPAddr{IP: []net.IP{p.IP}, Port: int(p.Port)}, nil
- default:
- return nil, ErrInvalidProtocolBinding(p.Proto.String())
- }
-}
-
-// GetCopy returns a copy of this PortBinding structure instance
-func (p *PortBinding) GetCopy() PortBinding {
- return PortBinding{
- Proto: p.Proto,
- IP: GetIPCopy(p.IP),
- Port: p.Port,
- HostIP: GetIPCopy(p.HostIP),
- HostPort: p.HostPort,
- HostPortEnd: p.HostPortEnd,
- }
-}
-
-// String returns the PortBinding structure in string form
-func (p *PortBinding) String() string {
- ret := fmt.Sprintf("%s/", p.Proto)
- if p.IP != nil {
- ret += p.IP.String()
- }
- ret = fmt.Sprintf("%s:%d/", ret, p.Port)
- if p.HostIP != nil {
- ret += p.HostIP.String()
- }
- ret = fmt.Sprintf("%s:%d", ret, p.HostPort)
- return ret
-}
-
-// FromString reads the PortBinding structure from string s.
-// String s is a triple of "protocol/containerIP:port/hostIP:port"
-// containerIP and hostIP can be in dotted decimal ("192.0.2.1") or IPv6 ("2001:db8::68") form.
-// Zoned addresses ("169.254.0.23%eth0" or "fe80::1ff:fe23:4567:890a%eth0") are not supported.
-// If string s is incorrectly formatted or the IP addresses or ports cannot be parsed, FromString
-// returns an error.
-func (p *PortBinding) FromString(s string) error {
- ps := strings.Split(s, "/")
- if len(ps) != 3 {
- return BadRequestErrorf("invalid format for port binding: %s", s)
- }
-
- p.Proto = ParseProtocol(ps[0])
-
- var err error
- if p.IP, p.Port, err = parseIPPort(ps[1]); err != nil {
- return BadRequestErrorf("failed to parse Container IP/Port in port binding: %s", err.Error())
- }
-
- if p.HostIP, p.HostPort, err = parseIPPort(ps[2]); err != nil {
- return BadRequestErrorf("failed to parse Host IP/Port in port binding: %s", err.Error())
- }
-
- return nil
-}
-
-func parseIPPort(s string) (net.IP, uint16, error) {
- hoststr, portstr, err := net.SplitHostPort(s)
- if err != nil {
- return nil, 0, err
- }
-
- ip := net.ParseIP(hoststr)
- if ip == nil {
- return nil, 0, BadRequestErrorf("invalid ip: %s", hoststr)
- }
-
- port, err := strconv.ParseUint(portstr, 10, 16)
- if err != nil {
- return nil, 0, BadRequestErrorf("invalid port: %s", portstr)
- }
-
- return ip, uint16(port), nil
-}
-
-// Equal checks if this instance of PortBinding is equal to the passed one
-func (p *PortBinding) Equal(o *PortBinding) bool {
- if p == o {
- return true
- }
-
- if o == nil {
- return false
- }
-
- if p.Proto != o.Proto || p.Port != o.Port ||
- p.HostPort != o.HostPort || p.HostPortEnd != o.HostPortEnd {
- return false
- }
-
- if p.IP != nil {
- if !p.IP.Equal(o.IP) {
- return false
- }
- } else {
- if o.IP != nil {
- return false
- }
- }
-
- if p.HostIP != nil {
- if !p.HostIP.Equal(o.HostIP) {
- return false
- }
- } else {
- if o.HostIP != nil {
- return false
- }
- }
-
- return true
-}
-
-// ErrInvalidProtocolBinding is returned when the port binding protocol is not valid.
-type ErrInvalidProtocolBinding string
-
-func (ipb ErrInvalidProtocolBinding) Error() string {
- return fmt.Sprintf("invalid transport protocol: %s", string(ipb))
-}
-
-const (
- // ICMP is for the ICMP ip protocol
- ICMP = 1
- // TCP is for the TCP ip protocol
- TCP = 6
- // UDP is for the UDP ip protocol
- UDP = 17
- // SCTP is for the SCTP ip protocol
- SCTP = 132
-)
-
-// Protocol represents an IP protocol number
-type Protocol uint8
-
-func (p Protocol) String() string {
- switch p {
- case ICMP:
- return "icmp"
- case TCP:
- return "tcp"
- case UDP:
- return "udp"
- case SCTP:
- return "sctp"
- default:
- return fmt.Sprintf("%d", p)
- }
-}
-
-// ParseProtocol returns the respective Protocol type for the passed string
-func ParseProtocol(s string) Protocol {
- switch strings.ToLower(s) {
- case "icmp":
- return ICMP
- case "udp":
- return UDP
- case "tcp":
- return TCP
- case "sctp":
- return SCTP
- default:
- return 0
- }
-}
-
-// GetMacCopy returns a copy of the passed MAC address
-func GetMacCopy(from net.HardwareAddr) net.HardwareAddr {
- if from == nil {
- return nil
- }
- to := make(net.HardwareAddr, len(from))
- copy(to, from)
- return to
-}
-
-// GetIPCopy returns a copy of the passed IP address
-func GetIPCopy(from net.IP) net.IP {
- if from == nil {
- return nil
- }
- to := make(net.IP, len(from))
- copy(to, from)
- return to
-}
-
-// GetIPNetCopy returns a copy of the passed IP Network
-func GetIPNetCopy(from *net.IPNet) *net.IPNet {
- if from == nil {
- return nil
- }
- bm := make(net.IPMask, len(from.Mask))
- copy(bm, from.Mask)
- return &net.IPNet{IP: GetIPCopy(from.IP), Mask: bm}
-}
-
-// GetIPNetCanonical returns the canonical form for the passed network
-func GetIPNetCanonical(nw *net.IPNet) *net.IPNet {
- if nw == nil {
- return nil
- }
- c := GetIPNetCopy(nw)
- c.IP = c.IP.Mask(nw.Mask)
- return c
-}
-
-// CompareIPNet returns equal if the two IP Networks are equal
-func CompareIPNet(a, b *net.IPNet) bool {
- if a == b {
- return true
- }
- if a == nil || b == nil {
- return false
- }
- return a.IP.Equal(b.IP) && bytes.Equal(a.Mask, b.Mask)
-}
-
-// GetMinimalIP returns the address in its shortest form
-// If ip contains an IPv4-mapped IPv6 address, the 4-octet form of the IPv4 address will be returned.
-// Otherwise ip is returned unchanged.
-func GetMinimalIP(ip net.IP) net.IP {
- if ip != nil && ip.To4() != nil {
- return ip.To4()
- }
- return ip
-}
-
-// GetMinimalIPNet returns a copy of the passed IP Network with congruent ip and mask notation
-func GetMinimalIPNet(nw *net.IPNet) *net.IPNet {
- if nw == nil {
- return nil
- }
- if len(nw.IP) == 16 && nw.IP.To4() != nil {
- m := nw.Mask
- if len(m) == 16 {
- m = m[12:16]
- }
- return &net.IPNet{IP: nw.IP.To4(), Mask: m}
- }
- return nw
-}
-
-// IsIPNetValid returns true if the ipnet is a valid network/mask
-// combination. Otherwise returns false.
-func IsIPNetValid(nw *net.IPNet) bool {
- return nw.String() != "0.0.0.0/0"
-}
-
-var v4inV6MaskPrefix = []byte{0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}
-
-// compareIPMask checks if the passed ip and mask are semantically compatible.
-// It returns the byte indexes for the address and mask so that caller can
-// do bitwise operations without modifying address representation.
-func compareIPMask(ip net.IP, mask net.IPMask) (is int, ms int, err error) {
- // Find the effective starting of address and mask
- if len(ip) == net.IPv6len && ip.To4() != nil {
- is = 12
- }
- if len(ip[is:]) == net.IPv4len && len(mask) == net.IPv6len && bytes.Equal(mask[:12], v4inV6MaskPrefix) {
- ms = 12
- }
- // Check if address and mask are semantically compatible
- if len(ip[is:]) != len(mask[ms:]) {
- err = fmt.Errorf("ip and mask are not compatible: (%#v, %#v)", ip, mask)
- }
- return
-}
-
-// GetHostPartIP returns the host portion of the ip address identified by the mask.
-// IP address representation is not modified. If address and mask are not compatible
-// an error is returned.
-func GetHostPartIP(ip net.IP, mask net.IPMask) (net.IP, error) {
- // Find the effective starting of address and mask
- is, ms, err := compareIPMask(ip, mask)
- if err != nil {
- return nil, fmt.Errorf("cannot compute host portion ip address because %s", err)
- }
-
- // Compute host portion
- out := GetIPCopy(ip)
- for i := 0; i < len(mask[ms:]); i++ {
- out[is+i] &= ^mask[ms+i]
- }
-
- return out, nil
-}
-
-// GetBroadcastIP returns the broadcast ip address for the passed network (ip and mask).
-// IP address representation is not modified. If address and mask are not compatible
-// an error is returned.
-func GetBroadcastIP(ip net.IP, mask net.IPMask) (net.IP, error) {
- // Find the effective starting of address and mask
- is, ms, err := compareIPMask(ip, mask)
- if err != nil {
- return nil, fmt.Errorf("cannot compute broadcast ip address because %s", err)
- }
-
- // Compute broadcast address
- out := GetIPCopy(ip)
- for i := 0; i < len(mask[ms:]); i++ {
- out[is+i] |= ^mask[ms+i]
- }
-
- return out, nil
-}
-
-// ParseCIDR returns the *net.IPNet represented by the passed CIDR notation
-func ParseCIDR(cidr string) (n *net.IPNet, e error) {
- var i net.IP
- if i, n, e = net.ParseCIDR(cidr); e == nil {
- n.IP = i
- }
- return
-}
-
-const (
- // NEXTHOP indicates a StaticRoute with an IP next hop.
- NEXTHOP = iota
-
- // CONNECTED indicates a StaticRoute with an interface for directly connected peers.
- CONNECTED
-)
-
-// StaticRoute is a statically-provisioned IP route.
-type StaticRoute struct {
- Destination *net.IPNet
-
- RouteType int // NEXT_HOP or CONNECTED
-
- // NextHop will be resolved by the kernel (i.e. as a loose hop).
- NextHop net.IP
-}
-
-// GetCopy returns a copy of this StaticRoute structure
-func (r *StaticRoute) GetCopy() *StaticRoute {
- d := GetIPNetCopy(r.Destination)
- nh := GetIPCopy(r.NextHop)
- return &StaticRoute{Destination: d,
- RouteType: r.RouteType,
- NextHop: nh,
- }
-}
-
-// InterfaceStatistics represents the interface's statistics
-type InterfaceStatistics struct {
- RxBytes uint64
- RxPackets uint64
- RxErrors uint64
- RxDropped uint64
- TxBytes uint64
- TxPackets uint64
- TxErrors uint64
- TxDropped uint64
-}
-
-func (is *InterfaceStatistics) String() string {
- return fmt.Sprintf("\nRxBytes: %d, RxPackets: %d, RxErrors: %d, RxDropped: %d, TxBytes: %d, TxPackets: %d, TxErrors: %d, TxDropped: %d",
- is.RxBytes, is.RxPackets, is.RxErrors, is.RxDropped, is.TxBytes, is.TxPackets, is.TxErrors, is.TxDropped)
-}
-
-/******************************
- * Well-known Error Interfaces
- ******************************/
-
-// MaskableError is an interface for errors which can be ignored by caller
-type MaskableError interface {
- // Maskable makes implementer into MaskableError type
- Maskable()
-}
-
-// RetryError is an interface for errors which might get resolved through retry
-type RetryError interface {
- // Retry makes implementer into RetryError type
- Retry()
-}
-
-// BadRequestError is an interface for errors originated by a bad request
-type BadRequestError interface {
- // BadRequest makes implementer into BadRequestError type
- BadRequest()
-}
-
-// NotFoundError is an interface for errors raised because a needed resource is not available
-type NotFoundError interface {
- // NotFound makes implementer into NotFoundError type
- NotFound()
-}
-
-// ForbiddenError is an interface for errors which denote a valid request that cannot be honored
-type ForbiddenError interface {
- // Forbidden makes implementer into ForbiddenError type
- Forbidden()
-}
-
-// NoServiceError is an interface for errors returned when the required service is not available
-type NoServiceError interface {
- // NoService makes implementer into NoServiceError type
- NoService()
-}
-
-// TimeoutError is an interface for errors raised because of timeout
-type TimeoutError interface {
- // Timeout makes implementer into TimeoutError type
- Timeout()
-}
-
-// NotImplementedError is an interface for errors raised because of requested functionality is not yet implemented
-type NotImplementedError interface {
- // NotImplemented makes implementer into NotImplementedError type
- NotImplemented()
-}
-
-// InternalError is an interface for errors raised because of an internal error
-type InternalError interface {
- // Internal makes implementer into InternalError type
- Internal()
-}
-
-/******************************
- * Well-known Error Formatters
- ******************************/
-
-// BadRequestErrorf creates an instance of BadRequestError
-func BadRequestErrorf(format string, params ...interface{}) error {
- return badRequest(fmt.Sprintf(format, params...))
-}
-
-// NotFoundErrorf creates an instance of NotFoundError
-func NotFoundErrorf(format string, params ...interface{}) error {
- return notFound(fmt.Sprintf(format, params...))
-}
-
-// ForbiddenErrorf creates an instance of ForbiddenError
-func ForbiddenErrorf(format string, params ...interface{}) error {
- return forbidden(fmt.Sprintf(format, params...))
-}
-
-// NoServiceErrorf creates an instance of NoServiceError
-func NoServiceErrorf(format string, params ...interface{}) error {
- return noService(fmt.Sprintf(format, params...))
-}
-
-// NotImplementedErrorf creates an instance of NotImplementedError
-func NotImplementedErrorf(format string, params ...interface{}) error {
- return notImpl(fmt.Sprintf(format, params...))
-}
-
-// TimeoutErrorf creates an instance of TimeoutError
-func TimeoutErrorf(format string, params ...interface{}) error {
- return timeout(fmt.Sprintf(format, params...))
-}
-
-// InternalErrorf creates an instance of InternalError
-func InternalErrorf(format string, params ...interface{}) error {
- return internal(fmt.Sprintf(format, params...))
-}
-
-// InternalMaskableErrorf creates an instance of InternalError and MaskableError
-func InternalMaskableErrorf(format string, params ...interface{}) error {
- return maskInternal(fmt.Sprintf(format, params...))
-}
-
-// RetryErrorf creates an instance of RetryError
-func RetryErrorf(format string, params ...interface{}) error {
- return retry(fmt.Sprintf(format, params...))
-}
-
-/***********************
- * Internal Error Types
- ***********************/
-type badRequest string
-
-func (br badRequest) Error() string {
- return string(br)
-}
-func (br badRequest) BadRequest() {}
-
-type maskBadRequest string
-
-type notFound string
-
-func (nf notFound) Error() string {
- return string(nf)
-}
-func (nf notFound) NotFound() {}
-
-type forbidden string
-
-func (frb forbidden) Error() string {
- return string(frb)
-}
-func (frb forbidden) Forbidden() {}
-
-type noService string
-
-func (ns noService) Error() string {
- return string(ns)
-}
-func (ns noService) NoService() {}
-
-type maskNoService string
-
-type timeout string
-
-func (to timeout) Error() string {
- return string(to)
-}
-func (to timeout) Timeout() {}
-
-type notImpl string
-
-func (ni notImpl) Error() string {
- return string(ni)
-}
-func (ni notImpl) NotImplemented() {}
-
-type internal string
-
-func (nt internal) Error() string {
- return string(nt)
-}
-func (nt internal) Internal() {}
-
-type maskInternal string
-
-func (mnt maskInternal) Error() string {
- return string(mnt)
-}
-func (mnt maskInternal) Internal() {}
-func (mnt maskInternal) Maskable() {}
-
-type retry string
-
-func (r retry) Error() string {
- return string(r)
-}
-func (r retry) Retry() {}
diff --git a/vendor/github.com/docker/libnetwork/vendor.conf b/vendor/github.com/docker/libnetwork/vendor.conf
deleted file mode 100644
index f2bb55223..000000000
--- a/vendor/github.com/docker/libnetwork/vendor.conf
+++ /dev/null
@@ -1,50 +0,0 @@
-github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109
-github.com/BurntSushi/toml a368813c5e648fee92e5f6c30e3944ff9d5e8895
-github.com/Microsoft/go-winio v0.4.11
-github.com/Microsoft/hcsshim v0.7.3
-github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
-github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
-github.com/codegangsta/cli a65b733b303f0055f8d324d805f393cd3e7a7904
-github.com/containerd/continuity d3c23511c1bf5851696cba83143d9cbcd666869b
-github.com/coreos/etcd v3.2.1
-github.com/coreos/go-semver v0.2.0
-github.com/deckarep/golang-set ef32fa3046d9f249d399f98ebaf9be944430fd1d
-go.etcd.io/bbolt v1.3.1-etcd.8
-
-github.com/docker/docker 162ba6016def672690ee4a1f3978368853a1e149
-github.com/docker/go-connections 7beb39f0b969b075d1325fecb092faf27fd357b6
-github.com/docker/go-events 9461782956ad83b30282bf90e31fa6a70c255ba9
-github.com/docker/go-units 9e638d38cf6977a37a8ea0078f3ee75a7cdb2dd1
-github.com/docker/libkv 458977154600b9f23984d9f4b82e79570b5ae12b
-
-github.com/godbus/dbus v4.0.0
-github.com/gogo/protobuf v1.0.0
-github.com/gorilla/context v1.1
-github.com/gorilla/mux v1.1
-github.com/hashicorp/consul v0.5.2
-github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b
-github.com/hashicorp/go-multierror fcdddc395df1ddf4247c69bd436e84cfa0733f7e
-github.com/hashicorp/memberlist 3d8438da9589e7b608a83ffac1ef8211486bcb7c
-github.com/sean-/seed e2103e2c35297fb7e17febb81e49b312087a2372
-github.com/hashicorp/go-sockaddr 6d291a969b86c4b633730bfc6b8b9d64c3aafed9
-github.com/hashicorp/serf 598c54895cc5a7b1a24a398d635e8c0ea0959870
-github.com/mattn/go-shellwords v1.0.3
-github.com/miekg/dns v1.0.7
-github.com/opencontainers/go-digest v1.0.0-rc1
-github.com/opencontainers/image-spec v1.0.1
-github.com/opencontainers/runc 69663f0bd4b60df09991c08812a60108003fa340
-github.com/opencontainers/runtime-spec v1.0.1
-github.com/samuel/go-zookeeper d0e0d8e11f318e000a8cc434616d69e329edc374
-github.com/sirupsen/logrus v1.0.3
-github.com/ugorji/go f1f1a805ed361a0e078bb537e4ea78cd37dcf065
-github.com/vishvananda/netlink b2de5d10e38ecce8607e6b438b6d174f389a004e
-github.com/vishvananda/netns 604eaf189ee867d8c147fafc28def2394e878d25
-golang.org/x/crypto 1a580b3eff7814fc9b40602fd35256c63b50f491
-golang.org/x/net 0ed95abb35c445290478a5348a7b38bb154135fd
-golang.org/x/sys 37707fdb30a5b38865cfb95e5aab41707daec7fd
-golang.org/x/sync fd80eb99c8f653c847d294a001bdf2a3a6f768f5
-github.com/pkg/errors 839d9e913e063e28dfd0e6c7b7512793e0a48be9
-github.com/ishidawataru/sctp 07191f837fedd2f13d1ec7b5f885f0f3ec54b1cb
-
-gotest.tools v2.1.0
-github.com/google/go-cmp v0.2.0