Skip to content

Commit

Permalink
Vendoring libnetwork for 1.12.1-rc1
Browse files Browse the repository at this point in the history
* Fixes moby#25236
* Fixes moby#24789
* Fixes moby#25340
* Fixes moby#25130
* Fixes moby/libnetwork#1387
* Fix external DNS responses > 512 bytes getting dropped
* Fix crash when remote plugin returns empty address string
* Make service LB work from self
* Fixed a few race-conditions

Signed-off-by: Madhu Venugopal <madhu@docker.com>
  • Loading branch information
mavenugo committed Aug 11, 2016
1 parent 2a540c1 commit 6645ff8
Show file tree
Hide file tree
Showing 33 changed files with 321 additions and 177 deletions.
2 changes: 1 addition & 1 deletion hack/vendor.sh
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ clone git github.com/RackSec/srslog 259aed10dfa74ea2961eddd1d9847619f6e98837
clone git github.com/imdario/mergo 0.2.1

#get libnetwork packages
clone git github.com/docker/libnetwork 5e7bf83ab07c197d1bef6ec073d9f19ce59e3eb2
clone git github.com/docker/libnetwork f77a0c9f540536c37019cf64d09a9a932dd7b54b
clone git github.com/docker/go-events afb2b9f2c23f33ada1a22b03651775fdc65a5089
clone git github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
clone git github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
Expand Down
108 changes: 23 additions & 85 deletions vendor/src/github.com/docker/libnetwork/agent.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,10 +136,16 @@ func (c *controller) handleKeyChange(keys []*types.EncryptionKey) error {
}
}

key, tag := c.getPrimaryKeyTag(subsysGossip)
key, tag, err := c.getPrimaryKeyTag(subsysGossip)
if err != nil {
return err
}
a.networkDB.SetPrimaryKey(key)

key, tag = c.getPrimaryKeyTag(subsysIPSec)
key, tag, err = c.getPrimaryKeyTag(subsysIPSec)
if err != nil {
return err
}
drvEnc.Primary = key
drvEnc.PrimaryTag = tag

Expand All @@ -158,82 +164,6 @@ func (c *controller) handleKeyChange(keys []*types.EncryptionKey) error {
return nil
}

func (c *controller) handleKeyChangeV1(keys []*types.EncryptionKey) error {
drvEnc := discoverapi.DriverEncryptionUpdate{}

// Find the new key and add it to the key ring
a := c.agent
for _, key := range keys {
same := false
for _, cKey := range c.keys {
if same = cKey.LamportTime == key.LamportTime; same {
break
}
}
if !same {
c.keys = append(c.keys, key)
if key.Subsystem == subsysGossip {
a.networkDB.SetKey(key.Key)
}
if key.Subsystem == subsysGossip /*subsysIPSec*/ {
drvEnc.Key = key.Key
drvEnc.Tag = key.LamportTime
}
break
}
}
// Find the deleted key. If the deleted key was the primary key,
// a new primary key should be set before removing if from keyring.
deleted := []byte{}
for i, cKey := range c.keys {
same := false
for _, key := range keys {
if same = key.LamportTime == cKey.LamportTime; same {
break
}
}
if !same {
if cKey.Subsystem == subsysGossip {
deleted = cKey.Key
}
if cKey.Subsystem == subsysGossip /*subsysIPSec*/ {
drvEnc.Prune = cKey.Key
drvEnc.PruneTag = cKey.LamportTime
}
c.keys = append(c.keys[:i], c.keys[i+1:]...)
break
}
}

sort.Sort(ByTime(c.keys))
for _, key := range c.keys {
if key.Subsystem == subsysGossip {
a.networkDB.SetPrimaryKey(key.Key)
break
}
}
for _, key := range c.keys {
if key.Subsystem == subsysGossip /*subsysIPSec*/ {
drvEnc.Primary = key.Key
drvEnc.PrimaryTag = key.LamportTime
break
}
}
if len(deleted) > 0 {
a.networkDB.RemoveKey(deleted)
}

c.drvRegistry.WalkDrivers(func(name string, driver driverapi.Driver, capability driverapi.Capability) bool {
err := driver.DiscoverNew(discoverapi.EncryptionKeysUpdate, drvEnc)
if err != nil {
logrus.Warnf("Failed to update datapath keys in driver %s: %v", name, err)
}
return false
})

return nil
}

func (c *controller) agentSetup() error {
clusterProvider := c.cfg.Daemon.ClusterProvider

Expand Down Expand Up @@ -281,25 +211,22 @@ func (c *controller) getKeys(subsys string) ([][]byte, []uint64) {
}
}

if len(keys) < keyringSize {
return keys, tags
}
keys[0], keys[1] = keys[1], keys[0]
tags[0], tags[1] = tags[1], tags[0]
return keys, tags
}

// getPrimaryKeyTag returns the primary key for a given subsytem from the
// getPrimaryKeyTag returns the primary key for a given subsystem from the
// list of sorted key and the associated tag
func (c *controller) getPrimaryKeyTag(subsys string) ([]byte, uint64) {
func (c *controller) getPrimaryKeyTag(subsys string) ([]byte, uint64, error) {
sort.Sort(ByTime(c.keys))
keys := []*types.EncryptionKey{}
for _, key := range c.keys {
if key.Subsystem == subsys {
keys = append(keys, key)
}
}
return keys[1].Key, keys[1].LamportTime
return keys[1].Key, keys[1].LamportTime, nil
}

func (c *controller) agentInit(bindAddrOrInterface, advertiseAddr string) error {
Expand Down Expand Up @@ -462,6 +389,7 @@ func (ep *endpoint) addToCluster() error {
VirtualIP: ep.virtualIP.String(),
IngressPorts: ingressPorts,
Aliases: ep.svcAliases,
TaskAliases: ep.myAliases,
EndpointIP: ep.Iface().Address().IP.String(),
})

Expand Down Expand Up @@ -540,7 +468,10 @@ func (n *network) addDriverWatches() {
}

c.agent.networkDB.WalkTable(tableName, func(nid, key string, value []byte) bool {
d.EventNotify(driverapi.Create, n.ID(), tableName, key, value)
if nid == n.ID() {
d.EventNotify(driverapi.Create, nid, tableName, key, value)
}

return false
})
}
Expand Down Expand Up @@ -653,6 +584,7 @@ func (c *controller) handleEpTableEvent(ev events.Event) {
ip := net.ParseIP(epRec.EndpointIP)
ingressPorts := epRec.IngressPorts
aliases := epRec.Aliases
taskaliases := epRec.TaskAliases

if name == "" || ip == nil {
logrus.Errorf("Invalid endpoint name/ip received while handling service table event %s", value)
Expand All @@ -668,6 +600,9 @@ func (c *controller) handleEpTableEvent(ev events.Event) {
}

n.addSvcRecords(name, ip, nil, true)
for _, alias := range taskaliases {
n.addSvcRecords(alias, ip, nil, true)
}
} else {
if svcID != "" {
if err := c.rmServiceBinding(svcName, svcID, nid, eid, vip, ingressPorts, aliases, ip); err != nil {
Expand All @@ -677,5 +612,8 @@ func (c *controller) handleEpTableEvent(ev events.Event) {
}

n.deleteSvcRecords(name, ip, nil, true)
for _, alias := range taskaliases {
n.deleteSvcRecords(alias, ip, nil, true)
}
}
}
107 changes: 81 additions & 26 deletions vendor/src/github.com/docker/libnetwork/agent.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions vendor/src/github.com/docker/libnetwork/agent.proto
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ message EndpointRecord {

// A list of aliases which are alternate names for the service
repeated string aliases = 7;

// List of aliases task specific aliases
repeated string task_aliases = 8;
}

// PortConfig specifies an exposed port which can be
Expand Down
20 changes: 16 additions & 4 deletions vendor/src/github.com/docker/libnetwork/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ type NetworkController interface {
// Sandboxes returns the list of Sandbox(s) managed by this controller.
Sandboxes() []Sandbox

// WlakSandboxes uses the provided function to walk the Sandbox(s) managed by this controller.
// WalkSandboxes uses the provided function to walk the Sandbox(s) managed by this controller.
WalkSandboxes(walker SandboxWalker)

// SandboxByID returns the Sandbox which has the passed id. If not found, a types.NotFoundError is returned.
Expand Down Expand Up @@ -250,6 +250,21 @@ func (c *controller) SetKeys(keys []*types.EncryptionKey) error {
clusterConfigAvailable := c.clusterConfigAvailable
agent := c.agent
c.Unlock()

subsysKeys := make(map[string]int)
for _, key := range keys {
if key.Subsystem != subsysGossip &&
key.Subsystem != subsysIPSec {
return fmt.Errorf("key received for unrecognized subsystem")
}
subsysKeys[key.Subsystem]++
}
for s, count := range subsysKeys {
if count != keyringSize {
return fmt.Errorf("incorrect number of keys for susbsystem %v", s)
}
}

if len(existingKeys) == 0 {
c.Lock()
c.keys = keys
Expand All @@ -269,9 +284,6 @@ func (c *controller) SetKeys(keys []*types.EncryptionKey) error {
c.Unlock()
return nil
}
if len(keys) < keyringSize {
return c.handleKeyChangeV1(keys)
}
return c.handleKeyChange(keys)
}

Expand Down
Loading

0 comments on commit 6645ff8

Please sign in to comment.