Add CNI networking to system-docker

2025-09-01 14:48:55 +00:00 · 2016-06-28 15:13:45 -07:00
parent 116c147620
commit 0323844ca6
76 changed files with 5603 additions and 35 deletions
--- a/vendor/github.com/docker/docker/daemon/hooks.go
+++ b/vendor/github.com/docker/docker/daemon/hooks.go
@@ -0,0 +1,98 @@
+package daemon
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"strings"
+
+	"github.com/docker/docker/container"
+	"github.com/opencontainers/specs/specs-go"
+	"github.com/pkg/errors"
+)
+
+var (
+	prestartDir  = "/etc/docker/hooks/prestart.d"
+	poststartDir = "/etc/docker/hooks/poststart.d"
+	poststopDir  = "/etc/docker/hooks/poststop.d"
+)
+
+func loadHooks(hookDir string) ([]specs.Hook, error) {
+	files, err := ioutil.ReadDir(hookDir)
+	if os.IsNotExist(err) {
+		return nil, nil
+	}
+	if err != nil {
+		return nil, errors.Wrap(err, "read hooks dir failed "+hookDir)
+	}
+
+	result := []specs.Hook{}
+
+	for _, f := range files {
+		if strings.HasPrefix(f.Name(), ".") {
+			continue
+		}
+
+		of, err := os.Open(path.Join(hookDir, f.Name()))
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to open "+f.Name())
+		}
+		defer of.Close()
+
+		var spec specs.Hook
+		if err := json.NewDecoder(of).Decode(&spec); err != nil {
+			return nil, errors.Wrap(err, "failed to unmarshall "+f.Name())
+		}
+
+		result = append(result, spec)
+	}
+
+	return result, nil
+}
+
+func addHooks(c *container.Container, spec *specs.Spec) error {
+	prestart, err := loadHooks(prestartDir)
+	if err != nil {
+		return err
+	}
+
+	poststart, err := loadHooks(poststartDir)
+	if err != nil {
+		return err
+	}
+
+	poststop, err := loadHooks(poststopDir)
+	if err != nil {
+		return err
+	}
+
+	configPath, err := c.ConfigPath()
+	if err != nil {
+		return errors.Wrap(err, "config path")
+	}
+
+	hostConfigPath, err := c.HostConfigPath()
+	if err != nil {
+		return errors.Wrap(err, "host config path")
+	}
+
+	spec.Hooks.Prestart = appendHooksForContainer(configPath, hostConfigPath, c, prestart)
+	spec.Hooks.Poststart = appendHooksForContainer(configPath, hostConfigPath, c, poststart)
+	spec.Hooks.Poststop = appendHooksForContainer(configPath, hostConfigPath, c, poststop)
+
+	return nil
+}
+
+func appendHooksForContainer(configPath, hostConfigPath string, c *container.Container, hooks []specs.Hook) []specs.Hook {
+	result := []specs.Hook{}
+	for _, hook := range hooks {
+		hook.Env = append(hook.Env,
+			fmt.Sprintf("DOCKER_CONFIG=%s", configPath),
+			fmt.Sprintf("DOCKER_HOST_CONFIG=%s", hostConfigPath))
+
+		result = append(result, hook)
+	}
+	return result
+}
--- a/vendor/github.com/docker/docker/daemon/oci_linux.go
+++ b/vendor/github.com/docker/docker/daemon/oci_linux.go
@@ -643,22 +643,6 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
 		return nil, fmt.Errorf("linux mounts: %v", err)
 	}

-	//for _, ns := range s.Linux.Namespaces {
-	//	if ns.Type == "network" && ns.Path == "" && !c.Config.NetworkDisabled {
-	//		target, err := os.Readlink(filepath.Join("/proc", strconv.Itoa(os.Getpid()), "exe"))
-	//		if err != nil {
-	//			return nil, err
-	//		}
-
-	//		s.Hooks = specs.Hooks{
-	//			Prestart: []specs.Hook{{
-	//				Path: target, // FIXME: cross-platform
-	//				Args: []string{"libnetwork-setkey", c.ID},
-	//			}},
-	//		}
-	//	}
-	//}
-
 	if apparmor.IsEnabled() {
 		appArmorProfile := "docker-default"
 		if len(c.AppArmorProfile) > 0 {
@@ -672,6 +656,10 @@ func (daemon *Daemon) createSpec(c *container.Container) (*libcontainerd.Spec, e
 	s.Process.NoNewPrivileges = c.NoNewPrivileges
 	s.Linux.MountLabel = c.MountLabel

+	if err := addHooks(c, &s); err != nil {
+		return nil, fmt.Errorf("failed to add hooks: %v", err)
+	}
+
 	return (*libcontainerd.Spec)(&s), nil
 }