Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

needDefaultGW should not return true for remote drivers #775

Closed
jc-m opened this issue Nov 25, 2015 · 3 comments
Closed

needDefaultGW should not return true for remote drivers #775

jc-m opened this issue Nov 25, 2015 · 3 comments

Comments

@jc-m
Copy link

jc-m commented Nov 25, 2015

This code:

func (sb *sandbox) needDefaultGW() bool {
   var needGW bool

   for _, ep := range sb.getConnectedEndpoints() {
      if ep.endpointInGWNetwork() {
         continue
      }
      if ep.getNetwork().Type() == "null" || ep.getNetwork().Type() == "host" {
         continue
      }
      // TODO v6 needs to be handled.
      if len(ep.Gateway()) > 0 {
         return false
      }
      needGW = true
   }
   return needGW
}

assumes that a default gateway can be provided if the driver is remote. This cause many issues:
For example, :

Error response from daemon: Cannot start container 1c5b403b5e7e1f1627f1d33598fb9d7a5b045b6ccaacaa737a6a07580121df57: [8] System error: failed to set gateway while updating gateway: file exists

if the content of the join response is :

    respIface := &netApi.InterfaceName{
        SrcName: tempName,
        DstPrefix: "eth",
    }
    sandboxRoute := netApi.StaticRoute{
        Destination: "0.0.0.0/0",
        RouteType:     1, // CONNECTED
        NextHop:    "",
    }
    resp := &netApi.JoinResponse{
        StaticRoutes: []netApi.StaticRoute{sandboxRoute},
        InterfaceName: respIface,
    }

The daemon takes additional liberties if you just return:

    respIface := &netApi.InterfaceName{
        SrcName: tempName,
        DstPrefix: "eth",
    }
    resp := &netApi.JoinResponse{
        InterfaceName: respIface,
    }

in which case it creates a bridged interface anyway on the default docker network which can be a totally different network.
@chenchun chenchun mentioned this issue Nov 26, 2015
Merged
This was referenced Nov 26, 2015
Closed
Closed
@sanimej
Copy link

sanimej commented Nov 27, 2015

@jc-m needDefaultGW() returns True only if none of the endpoints connected to a container provide a Gateway. In the JoinResponse if you set the Gateway libnetwork will not connect the container to the default gateway bridge. The Gateway IP (could be the gateway provided by IPAM) will be setup as the default gatway; and the packets will get dropped if the driver doesn't handle the routing.

Can you give it a try ?

@jc-m
Copy link
Author

jc-m commented Nov 27, 2015

I tried to add a gateway, but my local IP/network is 10.1.1.1/32 and if I add a gateway, I have issues like:

Error response from daemon: Cannot start container 2fb05cf3ca8ca012fdfd80ae9d940140c137d8be27b25f7263da3f1fbde1d610: [8] System error: failed to set gateway while updating gateway: file exists

I still think the daemon tries to either add a default route.
my response looks like:

    respIface := &netApi.InterfaceName{
        SrcName:   tempName,
        DstPrefix: "eth",
    }
    sandboxRoute := netApi.StaticRoute{
        Destination: "0.0.0.0/0",
        RouteType:   1, // CONNECTED
        NextHop:     "",
    }
    resp := &netApi.JoinResponse{
        InterfaceName: respIface,
        Gateway:       fmt.Sprintf("%s", "10.164.0.1"),
        StaticRoutes:  []netApi.StaticRoute{sandboxRoute},
    }

@aboch
Copy link
Contributor

aboch commented Dec 4, 2015

Closed by #778

@aboch aboch closed this as completed Dec 4, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jc-m @sanimej @aboch