swarmd: support networking via Weave and the CNI reference plugins

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2025-07-21 10:09:07 +00:00 · 2017-05-11 19:13:40 +01:00 · 2017-05-11 19:13:40 +01:00 · 0277df421d
commit 0277df421d
parent dcb40158c6
2 changed files with 75 additions and 13 deletions
--- a/projects/swarmd/swarmd.yml
+++ b/projects/swarmd/swarmd.yml
@ -34,6 +34,16 @@ services:
    image: "linuxkit/rngd:1516d5d70683a5d925fe475eb1b6164a2f67ac3b"
  - name: ntpd
    image: "linuxkit/openntpd:19370f5d9bec84eb91073b7196b732f1301d9c90"
+  - name: weave
+    image: weaveworks/weave@sha256:05172329b6ff72099db7bb891ac311b89948a3064ca9b8641c6b4abe38548677 # Must match swarmd/Dockerfile
+    command: ["/bin/sh", "/home/weave/weaver-wrapper"]
+    capabilities:
+     - all
+    pid: host
+    binds:
+      - /usr/local/bin/weaver-wrapper:/home/weave/weaver-wrapper
+      - /var:/var
+      - /var/lib/swarmd:/weavedb
  - name: swarmd
    image: "linuxkit/swarmd:a65dc4a5464a56771af056387b85d3d4593dbcf0"
    command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
@ -49,3 +59,19 @@ services:
 files:
  - path: /etc/sysctl.d/01-swarmd.conf
    contents: 'net.ipv4.ip_forward = 1'
+  - path: usr/local/bin/weaver-wrapper
+    contents: |
+      /home/weave/weaver \
+          --weave-bridge=weave \
+          --datapath=datapath \
+          --docker-api="" \
+          --ipalloc-range=192.168.106.0/24 \
+          --http-addr=127.0.0.1:6784 \
+          --status-addr=127.0.0.1:6782 &
+
+      while [ ! -e /sys/class/net/weave/ ] ; do
+         sleep 1s
+      done
+
+      /home/weave/weave --local expose net:default
+      wait %1
--- a/projects/swarmd/swarmd/Dockerfile
+++ b/projects/swarmd/swarmd/Dockerfile
@ -1,18 +1,44 @@
+FROM weaveworks/weave@sha256:05172329b6ff72099db7bb891ac311b89948a3064ca9b8641c6b4abe38548677 AS weave
+
+# Nothing to do in here, just for COPY --from=weave below
+
 FROM linuxkit/alpine:9bcf61f605ef0ce36cc94d59b8eac307862de6e1 AS build

 RUN \
  apk update && apk upgrade && \
  apk add --no-cache \
+  bash \
  ca-certificates \
  gcc \
  git \
  go \
  libc-dev \
+  linux-headers \
  make \
  && true

 ENV GOPATH=/root/go

+#####################################################################
+# Output filesystem skeleton
+
+RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
+RUN apk add --no-cache --initdb -p /out \
+    alpine-baselayout \
+    busybox \
+    ca-certificates \
+    iptables \
+    musl \
+    util-linux
+
+# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
+RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
+
+RUN mkdir -p /out/usr/bin/ /out/etc  /out/opt/cni/bin /out/etc/cni/net.d
+
+#####################################################################
+# Swarmd
+
 # https://github.com/ijc25/swarmkit/tree/containerd-wip
 ENV SWARMKIT_REPO=https://github.com/ijc25/swarmkit
 ENV SWARMKIT_BRANCH=containerd-wip
@ -27,22 +53,32 @@ RUN git checkout $SWARMKIT_COMMIT

 RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"

-RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
-RUN apk add --no-cache --initdb -p /out \
-    alpine-baselayout \
-    busybox \
-    ca-certificates \
-    iptables \
-    musl \
-    util-linux
-
-# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
-RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
-
-RUN mkdir -p /out/usr/bin/ /out/etc
 RUN cp bin/swarmd bin/swarmctl /out/usr/bin/
 RUN strip /out/usr/bin/swarmd /out/usr/bin/swarmctl

+#####################################################################
+# CNI
+
+ENV CNI_REPO=https://github.com/containernetworking/cni
+ENV CNI_COMMIT=v0.5.2
+
+RUN mkdir -p $GOPATH/src/github.com/containernetworking && \
+  cd $GOPATH/src/github.com/containernetworking && \
+  git clone $CNI_REPO
+WORKDIR $GOPATH/src/github.com/containernetworking/cni
+RUN [ -z "$CNI_BRANCH" ] || git fetch origin $CNI_BRANCH
+RUN git checkout $CNI_COMMIT
+
+RUN ./build.sh -buildmode pie --ldflags '-extldflags "-fno-PIC -static"'
+
+RUN cp bin/bridge bin/host-local bin/dhcp /out/opt/cni/bin/
+
+#####################################################################
+# Weave
+
+COPY --from=weave /usr/bin/weaveutil /out/opt/cni/bin/weave-net
+RUN ln -s weave-net /out/opt/cni/bin/weave-ipam
+
 FROM scratch
 WORKDIR /
 ENTRYPOINT []