Merge pull request #271 from mrunalp/network_netns

runcom · web-flow · commit 638a80927c8b · 2017-09-16T00:05:21.000+02:00
Add support for --network=netns:/proc/pid/ns/net
diff --git a/daemon/container_operations.go b/daemon/container_operations.go
@@ -339,7 +339,7 @@ func (daemon *Daemon) updateContainerNetworkSettings(container *container.Contai
 	)
 
 	mode := container.HostConfig.NetworkMode
-	if container.Config.NetworkDisabled || mode.IsContainer() {
+	if container.Config.NetworkDisabled || mode.IsContainer() || mode.IsNetNs() {
 		return nil
 	}
 
@@ -397,7 +397,7 @@ func (daemon *Daemon) allocateNetwork(container *container.Container) error {
 
 	updateSettings := false
 	if len(container.NetworkSettings.Networks) == 0 {
-		if container.Config.NetworkDisabled || container.HostConfig.NetworkMode.IsContainer() {
+		if container.Config.NetworkDisabled || container.HostConfig.NetworkMode.IsContainer() || container.HostConfig.NetworkMode.IsNetNs() {
 			return nil
 		}
 
@@ -729,7 +729,7 @@ func (daemon *Daemon) releaseNetwork(container *container.Container) {
 	if daemon.netController == nil {
 		return
 	}
-	if container.HostConfig.NetworkMode.IsContainer() || container.Config.NetworkDisabled {
+	if container.HostConfig.NetworkMode.IsContainer() || container.HostConfig.NetworkMode.IsNetNs() || container.Config.NetworkDisabled {
 		return
 	}
 
diff --git a/daemon/oci_linux.go b/daemon/oci_linux.go
@@ -270,6 +270,8 @@ func setNamespaces(daemon *Daemon, s *specs.Spec, c *container.Container) error
 				nsUser.Path = fmt.Sprintf("/proc/%d/ns/user", nc.State.GetPID())
 				setNamespace(s, nsUser)
 			}
+		} else if parts[0] == "netns" {
+			ns.Path = parts[1]
 		} else if c.HostConfig.NetworkMode.IsHost() {
 			ns.Path = c.NetworkSettings.SandboxKey
 		}
diff --git a/runconfig/hostconfig_unix.go b/runconfig/hostconfig_unix.go
@@ -35,6 +35,13 @@ func ValidateNetMode(c *container.Config, hc *container.HostConfig) error {
 			return fmt.Errorf("--net: invalid net mode: invalid container format container:<name|id>")
 		}
 	}
+	if parts[0] == "netns" {
+		if len(parts) < 2 || parts[1] == "" {
+			return fmt.Errorf("--net: invalid net mode: invalid netns format netns:/path/to/netns")
+		} else {
+			return nil
+		}
+	}
 
 	if hc.NetworkMode.IsContainer() && c.Hostname != "" {
 		return ErrConflictNetworkHostname
diff --git a/vendor/src/github.com/docker/engine-api/types/container/hostconfig_unix.go b/vendor/src/github.com/docker/engine-api/types/container/hostconfig_unix.go
@@ -53,6 +53,12 @@ func (n NetworkMode) IsContainer() bool {
 	return len(parts) > 1 && parts[0] == "container"
 }
 
+// IsNetNs indicates whether container uses a container network namespace path.
+func (n NetworkMode) IsNetNs() bool {
+	parts := strings.SplitN(string(n), ":", 2)
+	return len(parts) > 1 && parts[0] == "netns"
+}
+
 // IsNone indicates whether container isn't using a network stack.
 func (n NetworkMode) IsNone() bool {
 	return n == "none"

Original file line number	Diff line number	Diff line change
`@@ -339,7 +339,7 @@ func (daemon Daemon) updateContainerNetworkSettings(container container.Contai`
`339`	`339`	`)`
`340`	`340`
`341`	`341`	`mode := container.HostConfig.NetworkMode`
`342`		`- if container.Config.NetworkDisabled \|\| mode.IsContainer() {`
	`342`	`+ if container.Config.NetworkDisabled \|\| mode.IsContainer() \|\| mode.IsNetNs() {`
`343`	`343`	`return nil`
`344`	`344`	`}`
`345`	`345`
`@@ -397,7 +397,7 @@ func (daemon Daemon) allocateNetwork(container container.Container) error {`
`397`	`397`
`398`	`398`	`updateSettings := false`
`399`	`399`	`if len(container.NetworkSettings.Networks) == 0 {`
`400`		`- if container.Config.NetworkDisabled \|\| container.HostConfig.NetworkMode.IsContainer() {`
	`400`	`+ if container.Config.NetworkDisabled \|\| container.HostConfig.NetworkMode.IsContainer() \|\| container.HostConfig.NetworkMode.IsNetNs() {`
`401`	`401`	`return nil`
`402`	`402`	`}`
`403`	`403`
`@@ -729,7 +729,7 @@ func (daemon Daemon) releaseNetwork(container container.Container) {`
`729`	`729`	`if daemon.netController == nil {`
`730`	`730`	`return`
`731`	`731`	`}`
`732`		`- if container.HostConfig.NetworkMode.IsContainer() \|\| container.Config.NetworkDisabled {`
	`732`	`+ if container.HostConfig.NetworkMode.IsContainer() \|\| container.HostConfig.NetworkMode.IsNetNs() \|\| container.Config.NetworkDisabled {`
`733`	`733`	`return`
`734`	`734`	`}`
`735`	`735`
Original file line number	Diff line number	Diff line change
`@@ -270,6 +270,8 @@ func setNamespaces(daemon Daemon, s specs.Spec, c *container.Container) error`
`270`	`270`	`nsUser.Path = fmt.Sprintf("/proc/%d/ns/user", nc.State.GetPID())`
`271`	`271`	`setNamespace(s, nsUser)`
`272`	`272`	`}`
	`273`	`+ } else if parts[0] == "netns" {`
	`274`	`+ ns.Path = parts[1]`
`273`	`275`	`} else if c.HostConfig.NetworkMode.IsHost() {`
`274`	`276`	`ns.Path = c.NetworkSettings.SandboxKey`
`275`	`277`	`}`
Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,13 @@ func ValidateNetMode(c container.Config, hc container.HostConfig) error {`
`35`	`35`	`return fmt.Errorf("--net: invalid net mode: invalid container format container:<name\|id>")`
`36`	`36`	`}`
`37`	`37`	`}`
	`38`	`+ if parts[0] == "netns" {`
	`39`	`+ if len(parts) < 2 \|\| parts[1] == "" {`
	`40`	`+ return fmt.Errorf("--net: invalid net mode: invalid netns format netns:/path/to/netns")`
	`41`	`+ } else {`
	`42`	`+ return nil`
	`43`	`+ }`
	`44`	`+ }`
`38`	`45`
`39`	`46`	`if hc.NetworkMode.IsContainer() && c.Hostname != "" {`
`40`	`47`	`return ErrConflictNetworkHostname`