Add basic database setup for AWS, GCP although these are not yet used
by the setup code but will be useful later.
Currently each is gated by `mobyplatform` but this can be removed once we
construct Moby per platform, and once these are containerised so they
are not run from `openrc`.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Previously we allocated `sizeof(struct ring) + size`. This patch
allocates `sizeof(struct ring)` and then `size` for the payload
separately. Hopefully the payload will be better aligned.
Signed-off-by: David Scott <dave.scott@docker.com>
This patch adds a simple ring buffer implementation and uses it to buffer
the reads and writes to/from the AF_HYPERV socket and tap file descriptor.
This removes the need to perform small reads and writes for the per-packet
headers and allows a read on the Hyper-V socket to block at the same time
as a write to the tap device (and vice-versa)
The configuration in the init.d script is:
- a max message size (individual read or write) of 8192. Experimentally
this seems to be the largest completely reliable size across the Windows
versions we can support. Messages of length 16384 sometimes fail.
- a buffer size of 256KiB in each direction.
Single stream TCP throughput as measured by iperf increases modestly, by
another 100Mbit/sec.
Signed-off-by: David Scott <dave.scott@docker.com>
C version of #1006
Note that I switched all the C builds to use -O2 and that meant
that the compiler found some more warnings so I also fixed these
up. The possibly undefined ones were harmless, the aliasing one
is now more correct.
As these are small programs, the caching from `docker build` makes
no real difference, and worst case compile time is much better.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This means that multiple builds will not conflict, so we can
remove the lock from the CI. Also quieter when no errors.
Some still left to do, only done the ones used in build and CI
initially. Some of the others will be cleaned up anyway later.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Should fix issue with not sending hostname which Azure needs.
This should be requesting all the dhcp features we currently use.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
If the server side crashes and is restarted, this patch makes
tap-vsockd reconnect so the network is restored.
Signed-off-by: David Scott <dave.scott@docker.com>
This tells start-stop-daemon to run tap-vsockd as a daemon, and tells
tap-vsockd not to daemonize itself. This seems to work more reliably
than when tap-vsockd self-daemonizes.
Signed-off-by: David Scott <dave.scott@docker.com>
Linux xargs calls the command with no arguments if it gets no inputs, which
`docker rmi` complains about. It provides -r / --no-run-if-empty to prevent
this but unfortunately this isn't supported on OSX.
Ignore errors from `docker rmi` so that `make clean` will keep going and clean
up later stuff.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
The tap-vsockd service is started from eth1's pre-up script.
On the Mac: the bind of the AF_HYPERV socket fails, and eth1 is skipped.
On Windows: if there is no database then eth1 is skipped.
On Windows: if the database has network=native then eth1 is brought up.
Signed-off-by: David Scott <dave.scott@docker.com>
In `connect` mode the client looping calling `connect` and `close` on a timer.
This could result in the server accepting the connection and the client accidentally
closing it immediately. This patch makes `tap-vsockd` keep trying to (re-)establish
the connection. Note that daemonization is delayed until after the first successful
negotiation, so attempts to send a packet afterwards should succeed.
Signed-off-by: David Scott <dave.scott@docker.com>
Our convention is to print command-line parse failures to the terminal
to allow easier interactive debugging, rather than sending them to
the syslog.
Signed-off-by: David Scott <dave.scott@docker.com>
We daemonize after checking the command-line and binding/connecting
the socket and creating the tap device. Only the ethernet frame
processing happens afterwards.
This patch also includes a new well-known service GUID for the
VPN-proxy ethernet service.
Signed-off-by: David Scott <dave.scott@docker.com>
Older versions of the Linux AF_HVSOCK can only accept() as they
don't allow connections to the parent partition. Support both
modes for now.
Signed-off-by: David Scott <dave.scott@docker.com>
The vmnet protocol expects to tell the client what the MAC address is.
This patch sets it on the TAP device.
Signed-off-by: David Scott <dave.scott@docker.com>
