diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index 8392653d947..a9d60a975b4 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -296,7 +296,7 @@ func makePortsAndBindings(container *api.Container) (map[docker.Port]struct{}, m return exposedPorts, portBindings } -func (kl *Kubelet) RunContainer(manifest *api.ContainerManifest, container *api.Container) (name string, err error) { +func (kl *Kubelet) RunContainer(manifest *api.ContainerManifest, container *api.Container, netMode string) (name string, err error) { name = manifestAndContainerToDockerName(manifest, container) envVariables := makeEnvironmentVariables(container) @@ -321,6 +321,7 @@ func (kl *Kubelet) RunContainer(manifest *api.ContainerManifest, container *api. return name, kl.DockerClient.StartContainer(dockerContainer.ID, &docker.HostConfig{ PortBindings: portBindings, Binds: binds, + NetworkMode: netMode, }) } @@ -536,12 +537,59 @@ func (kl *Kubelet) WatchEtcd(watchChannel <-chan *etcd.Response, changeChannel c } } +const networkContainerName = "k8snet" + +func (kl *Kubelet) networkContainerExists(manifest *api.ContainerManifest) (string, bool, error) { + pods, err := kl.ListContainers() + if err != nil { + return "", false, err + } + for _, name := range pods { + if strings.Contains(name, networkContainerName+"--"+manifest.Id+"--") { + return name, true, nil + } + } + return "", false, nil +} + +func (kl *Kubelet) createNetworkContainer(manifest *api.ContainerManifest) (string, error) { + var ports []api.Port + // Docker only exports ports from the network container. Let's + // collect all of the relevant ports and export them. + for _, container := range manifest.Containers { + ports = append(ports, container.Ports...) + } + container := &api.Container{ + Name: networkContainerName, + Image: "busybox", + Command: []string{"sh", "-c", "rm -f nap && mkfifo nap && exec cat nap"}, + Ports: ports, + } + kl.pullImage("busybox") + return kl.RunContainer(manifest, container, "") +} + // Sync the configured list of containers (desired state) with the host current state func (kl *Kubelet) SyncManifests(config []api.ContainerManifest) error { log.Printf("Desired:%#v", config) var err error desired := map[string]bool{} for _, manifest := range config { + netName, exists, err := kl.networkContainerExists(&manifest) + if err != nil { + log.Printf("Failed to introspect network container. (%#v) Skipping container %s", err, manifest.Id) + continue + } + if !exists { + log.Printf("Network container doesn't exit, creating") + netName, err = kl.createNetworkContainer(&manifest) + if err != nil { + log.Printf("Failed to create network container: %#v", err) + } + // Docker list prefixes '/' for some reason, so let's do that... + netName = "/" + netName + } + desired[netName] = true for _, element := range manifest.Containers { var exists bool exists, actualName, err := kl.ContainerExists(&manifest, &element) @@ -556,7 +604,9 @@ func (kl *Kubelet) SyncManifests(config []api.ContainerManifest) error { log.Printf("Error pulling container: %#v", err) continue } - actualName, err = kl.RunContainer(&manifest, &element) + // netName has the '/' prefix, so slice it off + networkContainer := netName[1:] + actualName, err = kl.RunContainer(&manifest, &element, "container:"+networkContainer) // For some reason, list gives back names that start with '/' actualName = "/" + actualName diff --git a/pkg/kubelet/kubelet_test.go b/pkg/kubelet/kubelet_test.go index af0b5010feb..0d23a582fea 100644 --- a/pkg/kubelet/kubelet_test.go +++ b/pkg/kubelet/kubelet_test.go @@ -89,7 +89,7 @@ type FakeDockerClient struct { container *docker.Container err error called []string - stopped string + stopped []string } func (f *FakeDockerClient) clearCalls() { @@ -122,7 +122,7 @@ func (f *FakeDockerClient) StartContainer(id string, hostConfig *docker.HostConf func (f *FakeDockerClient) StopContainer(id string, timeout uint) error { f.appendCall("stop") - f.stopped = id + f.stopped = append(f.stopped, id) return nil } @@ -497,6 +497,11 @@ func TestSyncManifestsDoesNothing(t *testing.T) { Names: []string{"bar--foo"}, ID: "1234", }, + { + // network container + Names: []string{"k8snet--foo--"}, + ID: "9876", + }, } fakeDocker.container = &docker.Container{ ID: "1234", @@ -513,11 +518,12 @@ func TestSyncManifestsDoesNothing(t *testing.T) { }, }) expectNoError(t, err) - if len(fakeDocker.called) != 4 || + if len(fakeDocker.called) != 5 || fakeDocker.called[0] != "list" || fakeDocker.called[1] != "list" || - fakeDocker.called[2] != "inspect" || - fakeDocker.called[3] != "list" { + fakeDocker.called[2] != "list" || + fakeDocker.called[3] != "inspect" || + fakeDocker.called[4] != "list" { t.Errorf("Unexpected call sequence: %#v", fakeDocker.called) } } @@ -532,6 +538,11 @@ func TestSyncManifestsDeletes(t *testing.T) { Names: []string{"foo--bar"}, ID: "1234", }, + { + // network container + Names: []string{"k8snet--foo--"}, + ID: "9876", + }, { Names: []string{"foo"}, ID: "4567", @@ -542,12 +553,15 @@ func TestSyncManifestsDeletes(t *testing.T) { } err := kubelet.SyncManifests([]api.ContainerManifest{}) expectNoError(t, err) - if len(fakeDocker.called) != 3 || + if len(fakeDocker.called) != 5 || fakeDocker.called[0] != "list" || fakeDocker.called[1] != "list" || fakeDocker.called[2] != "stop" || - fakeDocker.stopped != "1234" { - t.Errorf("Unexpected call sequence: %#v", fakeDocker.called) + fakeDocker.called[3] != "list" || + fakeDocker.called[4] != "stop" || + fakeDocker.stopped[0] != "1234" || + fakeDocker.stopped[1] != "9876" { + t.Errorf("Unexpected call sequence: %#v %s", fakeDocker.called, fakeDocker.stopped) } }