Overlay Driver fixes required for CNI providers

* Support HostAccess overlay option
* Make HostMode configurable via overlay driver label
* Disble SD and start in host-mode by default for CNI dnet
* Moving the default dnet port from 2385 to 2389
* Fix hostAccess iptables rules
* Implement JoinInfo and LeaveInfo interfaces on all builtin drivers
* Enhance JoinInfo and LeaveInfo to allow ip allocation for gateway-ip
* Make use of the RequestAddress feature for hostAccess overlay network
* HostAccess network must also handle traffic from bridge to ! bridge. This is required for the ingress cases

Signed-off-by: Madhu Venugopal <madhu@docker.com>

Author: mavenugo

api/api.go

@@ -646,6 +646,10 @@ func procPublishService(c libnetwork.NetworkController, vars map[string]string,
 		setFctList = append(setFctList, libnetwork.CreateOptionMyAlias(str))
 	}
 
+	if sp.DisableResolution {
+		setFctList = append(setFctList, libnetwork.CreateOptionDisableResolution())
+	}
+
 	ep, err := n.CreateEndpoint(sp.Name, setFctList...)
 	if err != nil {
 		return "", endpointToService(convertNetworkError(err))

api/types.go

@@ -84,9 +84,10 @@ type endpointJoin struct {
 
 // servicePublish represents the body of the "publish service" http request message
 type servicePublish struct {
-	Name      string   `json:"name"`
-	MyAliases []string `json:"my_aliases"`
-	Network   string   `json:"network_name"`
+	Name              string   `json:"name"`
+	MyAliases         []string `json:"my_aliases"`
+	Network           string   `json:"network_name"`
+	DisableResolution bool     `json:"disable_resolution"`
 }
 
 // serviceDelete represents the body of the "unpublish service" http request message

client/types.go

@@ -54,9 +54,10 @@ type networkCreate struct {
 
 // ServiceCreate represents the body of the "publish service" http request message
 type ServiceCreate struct {
-	Name      string   `json:"name"`
-	MyAliases []string `json:"my_aliases"`
-	Network   string   `json:"network_name"`
+	Name              string   `json:"name"`
+	MyAliases         []string `json:"my_aliases"`
+	Network           string   `json:"network_name"`
+	DisableResolution bool     `json:"disable_resolution"`
 }
 
 // ServiceDelete represents the body of the "unpublish service" http request message

cmd/dnet/dnet.go

@@ -43,7 +43,7 @@ const (
 	// DefaultHTTPHost is used if only port is provided to -H flag e.g. docker -d -H tcp://:8080
 	DefaultHTTPHost = "0.0.0.0"
 	// DefaultHTTPPort is the default http port used by dnet
-	DefaultHTTPPort = 2385
+	DefaultHTTPPort = 2389
 	// DefaultUnixSocket exported
 	DefaultUnixSocket = "/var/run/dnet.sock"
 	cfgFileEnv        = "LIBNETWORK_CFG"
@@ -447,7 +447,7 @@ func (d *dnetConnection) httpCall(method, path string, data interface{}, headers
 
 	req.URL.Host = d.addr
 	req.URL.Scheme = "http"
-	fmt.Printf("Requesting http: %+v",req)
+	fmt.Printf("Requesting http: %+v", req)
 	httpClient := &http.Client{}
 	resp, err := httpClient.Do(req)
 	statusCode := -1

config/libnetwork.toml

@@ -1,12 +1,18 @@
 title = "LibNetwork Configuration file"
 
 [daemon]
-  debug = false
+  debug = true
+  labels = ["com.docker.network.driver.overlay.hostmode=true"]
 [cluster]
-  discovery = "token://swarm-discovery-token"
-  Address = "Cluster-wide reachable Host IP"
+  discovery = "etcd://localhost:2379"
+  Address = "192.168.56.101"
 [datastore]
   embedded = false
 [datastore.client]
-  provider = "consul"
-  Address = "localhost:8500"
+  provider = "etcd"
+  Address = "localhost:2379"
+[scopes]
+  [scopes.global]
+      [scopes.global.client]
+            provider = "etcd"
+                  address = "localhost:2379"

default_gateway.go

@@ -47,7 +47,7 @@ func (sb *sandbox) setupDefaultGW() error {
 		}
 	}
 
-	createOptions := []EndpointOption{CreateOptionAnonymous()}
+	createOptions := []EndpointOption{CreateOptionAnonymous(), CreateOptionDisableResolution()}
 
 	eplen := gwEPlen
 	if len(sb.containerID) < gwEPlen {

driverapi/driverapi.go

@@ -56,7 +56,7 @@ type Driver interface {
 	Join(nid, eid string, sboxKey string, jinfo JoinInfo, options map[string]interface{}) error
 
 	// Leave method is invoked when a Sandbox detaches from an endpoint.
-	Leave(nid, eid string) error
+	Leave(nid, eid string, linfo LeaveInfo) error
 
 	// ProgramExternalConnectivity invokes the driver method which does the necessary
 	// programming to allow the external connectivity dictated by the passed options
@@ -136,6 +136,9 @@ type JoinInfo interface {
 	// SetGateway sets the default IPv4 gateway when a container joins the endpoint.
 	SetGateway(net.IP) error
 
+	// RequestAddress allocates an IP address as required by the driver
+	RequestAddress(*net.IPNet) (*net.IPNet, error)
+
 	// SetGatewayIPv6 sets the default IPv6 gateway when a container joins the endpoint.
 	SetGatewayIPv6(net.IP) error
 
@@ -151,6 +154,11 @@ type JoinInfo interface {
 	AddTableEntry(tableName string, key string, value []byte) error
 }
 
+type LeaveInfo interface {
+	// ReleaseAddress frees up allocated IP
+	ReleaseAddress(net.IP) error
+}
+
 // DriverCallback provides a Callback interface for Drivers into LibNetwork
 type DriverCallback interface {
 	// GetPluginGetter returns the pluginv2 getter.

drivers/bridge/bridge.go

@@ -1244,7 +1244,7 @@ func (d *driver) Join(nid, eid string, sboxKey string, jinfo driverapi.JoinInfo,
 }
 
 // Leave method is invoked when a Sandbox detaches from an endpoint.
-func (d *driver) Leave(nid, eid string) error {
+func (d *driver) Leave(nid, eid string, linfo driverapi.LeaveInfo) error {
 	defer osl.InitOSContext()()
 
 	network, err := d.getNetwork(nid)

drivers/bridge/bridge_test.go

@@ -686,7 +686,7 @@ func testQueryEndpointInfo(t *testing.T, ulPxyEnabled bool) {
 	}
 
 	// release host mapped ports
-	err = d.Leave("net1", "ep1")
+	err = d.Leave("net1", "ep1", nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -810,7 +810,7 @@ func TestLinkContainers(t *testing.T) {
 		t.Fatalf("Failed to revoke external connectivity: %v", err)
 	}
 
-	err = d.Leave("net1", "ep2")
+	err = d.Leave("net1", "ep2", nil)
 	if err != nil {
 		t.Fatal("Failed to unlink ep1 and ep2")
 	}

drivers/bridge/brmanager/brmanager.go

@@ -59,7 +59,7 @@ func (d *driver) Join(nid, eid string, sboxKey string, jinfo driverapi.JoinInfo,
 	return types.NotImplementedErrorf("not implemented")
 }
 
-func (d *driver) Leave(nid, eid string) error {
+func (d *driver) Leave(nid, eid string, linfo driverapi.LeaveInfo) error {
 	return types.NotImplementedErrorf("not implemented")
 }