From 0277df421dc3d5ae149dcbee79352e16cbd616df Mon Sep 17 00:00:00 2001
From: Ian Campbell <ian.campbell@docker.com>
Date: Thu, 11 May 2017 19:13:40 +0100
Subject: [PATCH] swarmd: support networking via Weave and the CNI reference
 plugins

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
---
 projects/swarmd/swarmd.yml        | 26 +++++++++++++
 projects/swarmd/swarmd/Dockerfile | 62 ++++++++++++++++++++++++-------
 2 files changed, 75 insertions(+), 13 deletions(-)

diff --git a/projects/swarmd/swarmd.yml b/projects/swarmd/swarmd.yml
index 960a1fe3b..9d97644e2 100644
--- a/projects/swarmd/swarmd.yml
+++ b/projects/swarmd/swarmd.yml
@@ -34,6 +34,16 @@ services:
     image: "linuxkit/rngd:1516d5d70683a5d925fe475eb1b6164a2f67ac3b"
   - name: ntpd
     image: "linuxkit/openntpd:19370f5d9bec84eb91073b7196b732f1301d9c90"
+  - name: weave
+    image: weaveworks/weave@sha256:05172329b6ff72099db7bb891ac311b89948a3064ca9b8641c6b4abe38548677 # Must match swarmd/Dockerfile
+    command: ["/bin/sh", "/home/weave/weaver-wrapper"]
+    capabilities:
+     - all
+    pid: host
+    binds:
+      - /usr/local/bin/weaver-wrapper:/home/weave/weaver-wrapper
+      - /var:/var
+      - /var/lib/swarmd:/weavedb
   - name: swarmd
     image: "linuxkit/swarmd:a65dc4a5464a56771af056387b85d3d4593dbcf0"
     command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
@@ -49,3 +59,19 @@ services:
 files:
   - path: /etc/sysctl.d/01-swarmd.conf
     contents: 'net.ipv4.ip_forward = 1'
+  - path: usr/local/bin/weaver-wrapper
+    contents: |
+      /home/weave/weaver \
+          --weave-bridge=weave \
+          --datapath=datapath \
+          --docker-api="" \
+          --ipalloc-range=192.168.106.0/24 \
+          --http-addr=127.0.0.1:6784 \
+          --status-addr=127.0.0.1:6782 &
+
+      while [ ! -e /sys/class/net/weave/ ] ; do
+         sleep 1s
+      done
+
+      /home/weave/weave --local expose net:default
+      wait %1
diff --git a/projects/swarmd/swarmd/Dockerfile b/projects/swarmd/swarmd/Dockerfile
index 005ce7914..b7fb8f948 100644
--- a/projects/swarmd/swarmd/Dockerfile
+++ b/projects/swarmd/swarmd/Dockerfile
@@ -1,18 +1,44 @@
+FROM weaveworks/weave@sha256:05172329b6ff72099db7bb891ac311b89948a3064ca9b8641c6b4abe38548677 AS weave
+
+# Nothing to do in here, just for COPY --from=weave below
+
 FROM linuxkit/alpine:9bcf61f605ef0ce36cc94d59b8eac307862de6e1 AS build
 
 RUN \
   apk update && apk upgrade && \
   apk add --no-cache \
+  bash \
   ca-certificates \
   gcc \
   git \
   go \
   libc-dev \
+  linux-headers \
   make \
   && true
 
 ENV GOPATH=/root/go
 
+#####################################################################
+# Output filesystem skeleton
+
+RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
+RUN apk add --no-cache --initdb -p /out \
+    alpine-baselayout \
+    busybox \
+    ca-certificates \
+    iptables \
+    musl \
+    util-linux
+
+# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
+RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
+
+RUN mkdir -p /out/usr/bin/ /out/etc  /out/opt/cni/bin /out/etc/cni/net.d
+
+#####################################################################
+# Swarmd
+
 # https://github.com/ijc25/swarmkit/tree/containerd-wip
 ENV SWARMKIT_REPO=https://github.com/ijc25/swarmkit
 ENV SWARMKIT_BRANCH=containerd-wip
@@ -27,22 +53,32 @@ RUN git checkout $SWARMKIT_COMMIT
 
 RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
 
-RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
-RUN apk add --no-cache --initdb -p /out \
-    alpine-baselayout \
-    busybox \
-    ca-certificates \
-    iptables \
-    musl \
-    util-linux
-
-# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
-RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
-
-RUN mkdir -p /out/usr/bin/ /out/etc
 RUN cp bin/swarmd bin/swarmctl /out/usr/bin/
 RUN strip /out/usr/bin/swarmd /out/usr/bin/swarmctl
 
+#####################################################################
+# CNI
+
+ENV CNI_REPO=https://github.com/containernetworking/cni
+ENV CNI_COMMIT=v0.5.2
+
+RUN mkdir -p $GOPATH/src/github.com/containernetworking && \
+  cd $GOPATH/src/github.com/containernetworking && \
+  git clone $CNI_REPO
+WORKDIR $GOPATH/src/github.com/containernetworking/cni
+RUN [ -z "$CNI_BRANCH" ] || git fetch origin $CNI_BRANCH
+RUN git checkout $CNI_COMMIT
+
+RUN ./build.sh -buildmode pie --ldflags '-extldflags "-fno-PIC -static"'
+
+RUN cp bin/bridge bin/host-local bin/dhcp /out/opt/cni/bin/
+
+#####################################################################
+# Weave
+
+COPY --from=weave /usr/bin/weaveutil /out/opt/cni/bin/weave-net
+RUN ln -s weave-net /out/opt/cni/bin/weave-ipam
+
 FROM scratch
 WORKDIR /
 ENTRYPOINT []