3 files changed, 161 insertions, 5 deletions

diff --git a/libpod/network/create.go b/libpod/network/create.go
index 7e4fc574a..094fbe349 100644
--- a/libpod/network/create.go
+++ b/libpod/network/create.go
@@ -6,6 +6,7 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
+	"strconv"
 
 	"github.com/containernetworking/cni/pkg/version"
 	"github.com/containers/common/pkg/config"
@@ -76,6 +77,29 @@ func validateBridgeOptions(options entities.NetworkCreateOptions) error {
 
 }
 
+// parseMTU parses the mtu option
+func parseMTU(mtu string) (int, error) {
+	if mtu == "" {
+		return 0, nil // default
+	}
+	m, err := strconv.Atoi(mtu)
+	if err != nil {
+		return 0, err
+	}
+	if m < 0 {
+		return 0, errors.Errorf("the value %d for mtu is less than zero", m)
+	}
+	return m, nil
+}
+
+// parseVlan parses the vlan option
+func parseVlan(vlan string) (int, error) {
+	if vlan == "" {
+		return 0, nil // default
+	}
+	return strconv.Atoi(vlan)
+}
+
 // createBridge creates a CNI network
 func createBridge(name string, options entities.NetworkCreateOptions, runtimeConfig *config.Config) (string, error) {
 	var (
@@ -149,6 +173,28 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
 		ipMasq = false
 	}
 
+	var mtu int
+	var vlan int
+	for k, v := range options.Options {
+		var err error
+		switch k {
+		case "mtu":
+			mtu, err = parseMTU(v)
+			if err != nil {
+				return "", err
+			}
+
+		case "vlan":
+			vlan, err = parseVlan(v)
+			if err != nil {
+				return "", err
+			}
+
+		default:
+			return "", errors.Errorf("unsupported option %s", k)
+		}
+	}
+
 	// obtain host bridge name
 	bridgeDeviceName, err := GetFreeDeviceName(runtimeConfig)
 	if err != nil {
@@ -169,10 +215,10 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
 	}
 
 	// create CNI plugin configuration
-	ncList := NewNcList(name, version.Current())
+	ncList := NewNcList(name, version.Current(), options.Labels)
 	var plugins []CNIPlugins
 	// TODO need to iron out the role of isDefaultGW and IPMasq
-	bridge := NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, ipamConfig)
+	bridge := NewHostLocalBridge(bridgeDeviceName, isGateway, false, ipMasq, mtu, vlan, ipamConfig)
 	plugins = append(plugins, bridge)
 	plugins = append(plugins, NewPortMapPlugin())
 	plugins = append(plugins, NewFirewallPlugin())
@@ -223,7 +269,7 @@ func createMacVLAN(name string, options entities.NetworkCreateOptions, runtimeCo
 			return "", err
 		}
 	}
-	ncList := NewNcList(name, version.Current())
+	ncList := NewNcList(name, version.Current(), options.Labels)
 	macvlan := NewMacVLANPlugin(options.MacVLAN)
 	plugins = append(plugins, macvlan)
 	ncList["plugins"] = plugins
diff --git a/libpod/network/files.go b/libpod/network/files.go
index 7f1e3ee18..83cb1c23a 100644
--- a/libpod/network/files.go
+++ b/libpod/network/files.go
@@ -12,6 +12,7 @@ import (
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/podman/v2/libpod/define"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 )
 
 // ErrNoSuchNetworkInterface indicates that no network interface exists
@@ -89,6 +90,35 @@ func GetCNIPlugins(list *libcni.NetworkConfigList) string {
 	return strings.Join(plugins, ",")
 }
 
+// GetNetworkLabels returns a list of labels as a string
+func GetNetworkLabels(list *libcni.NetworkConfigList) NcLabels {
+	cniJSON := make(map[string]interface{})
+	err := json.Unmarshal(list.Bytes, &cniJSON)
+	if err != nil {
+		logrus.Errorf("failed to unmarshal network config %v %v", cniJSON["name"], err)
+		return nil
+	}
+	if args, ok := cniJSON["args"]; ok {
+		if key, ok := args.(map[string]interface{}); ok {
+			if labels, ok := key[PodmanLabelKey]; ok {
+				if labels, ok := labels.(map[string]interface{}); ok {
+					result := make(NcLabels, len(labels))
+					for k, v := range labels {
+						if v, ok := v.(string); ok {
+							result[k] = v
+						} else {
+							logrus.Errorf("network config %v invalid label value type %T should be string", cniJSON["name"], labels)
+						}
+					}
+					return result
+				}
+				logrus.Errorf("network config %v invalid label type %T should be map[string]string", cniJSON["name"], labels)
+			}
+		}
+	}
+	return nil
+}
+
 // GetNetworksFromFilesystem gets all the networks from the cni configuration
 // files
 func GetNetworksFromFilesystem(config *config.Config) ([]*allocator.Net, error) {
diff --git a/libpod/network/netconflist.go b/libpod/network/netconflist.go
index ee9adce14..a5fec5e80 100644
--- a/libpod/network/netconflist.go
+++ b/libpod/network/netconflist.go
@@ -4,6 +4,11 @@ import (
 	"net"
 	"os"
 	"path/filepath"
+	"strings"
+
+	"github.com/containernetworking/cni/libcni"
+	"github.com/containers/podman/v2/pkg/util"
+	"github.com/pkg/errors"
 )
 
 const (
@@ -14,22 +19,36 @@ const (
 // NcList describes a generic map
 type NcList map[string]interface{}
 
+// NcArgs describes the cni args field
+type NcArgs map[string]NcLabels
+
+// NcLabels describes the label map
+type NcLabels map[string]string
+
+// PodmanLabelKey key used to store the podman network label in a cni config
+const PodmanLabelKey = "podman_labels"
+
 // NewNcList creates a generic map of values with string
 // keys and adds in version and network name
-func NewNcList(name, version string) NcList {
+func NewNcList(name, version string, labels NcLabels) NcList {
 	n := NcList{}
 	n["cniVersion"] = version
 	n["name"] = name
+	if len(labels) > 0 {
+		n["args"] = NcArgs{PodmanLabelKey: labels}
+	}
 	return n
 }
 
 // NewHostLocalBridge creates a new LocalBridge for host-local
-func NewHostLocalBridge(name string, isGateWay, isDefaultGW, ipMasq bool, ipamConf IPAMHostLocalConf) *HostLocalBridge {
+func NewHostLocalBridge(name string, isGateWay, isDefaultGW, ipMasq bool, mtu int, vlan int, ipamConf IPAMHostLocalConf) *HostLocalBridge {
 	hostLocalBridge := HostLocalBridge{
 		PluginType:  "bridge",
 		BrName:      name,
 		IPMasq:      ipMasq,
+		MTU:         mtu,
 		HairpinMode: true,
+		Vlan:        vlan,
 		IPAM:        ipamConf,
 	}
 	if isGateWay {
@@ -159,3 +178,64 @@ func NewMacVLANPlugin(device string) MacVLANConfig {
 	}
 	return m
 }
+
+// IfPassesFilter filters NetworkListReport and returns true if the filter match the given config
+func IfPassesFilter(netconf *libcni.NetworkConfigList, filters map[string][]string) (bool, error) {
+	result := true
+	for key, filterValues := range filters {
+		result = false
+		switch strings.ToLower(key) {
+		case "name":
+			// matches one name, regex allowed
+			result = util.StringMatchRegexSlice(netconf.Name, filterValues)
+
+		case "plugin":
+			// match one plugin
+			plugins := GetCNIPlugins(netconf)
+			for _, val := range filterValues {
+				if strings.Contains(plugins, val) {
+					result = true
+					break
+				}
+			}
+
+		case "label":
+			// matches all labels
+			labels := GetNetworkLabels(netconf)
+		outer:
+			for _, filterValue := range filterValues {
+				filterArray := strings.SplitN(filterValue, "=", 2)
+				filterKey := filterArray[0]
+				if len(filterArray) > 1 {
+					filterValue = filterArray[1]
+				} else {
+					filterValue = ""
+				}
+				for labelKey, labelValue := range labels {
+					if labelKey == filterKey && ("" == filterValue || labelValue == filterValue) {
+						result = true
+						continue outer
+					}
+				}
+				result = false
+			}
+
+		case "driver":
+			// matches only for the DefaultNetworkDriver
+			for _, filterValue := range filterValues {
+				plugins := GetCNIPlugins(netconf)
+				if filterValue == DefaultNetworkDriver &&
+					strings.Contains(plugins, DefaultNetworkDriver) {
+					result = true
+				}
+			}
+
+		// TODO: add dangling filter
+		// TODO TODO: add id filter if we support ids
+
+		default:
+			return false, errors.Errorf("invalid filter %q", key)
+		}
+	}
+	return result, nil
+}