Conversation
add checks on node LB in support.sh
Fix TestValidRemoteDriver GetCapabilities errors
RFC434 states that DNS Servers should be case insensitive
This commit makes sure that all DNS queries will be translated
to lower ASCII characters and all svcRecords will be saved in
lower case to abide by the RFC
Relates to moby#21169
Signed-off-by: Arko Dasgupta <[email protected]>
Make DNS records and queries case-insensitive
controller: Check if IPTables is enabled for arrangeUserFilterRule
- Add Euan and Elango - Remove inactive maintainers Signed-off-by: Madhu Venugopal <[email protected]>
Reformat vendor.conf, update docker/docker and dependencies
Changes included:
- Allow index specification at link creation time
- replace syscall with golang.org/x/sys/unix
- related: Use IFF_MULTI_QUEUE from x/sys/unix to define TUNTAP_MULTI_QUEUE
- related: Use IFLA_* constants from x/sys/unix
- Fix index out of range when no metadata for gretap
- added encapsulation attributes for Iptun and Sittun to support SIT tunnels
- Expose xfrm state's statistics
- Support invert in ip rules
- Support LWTUNNEL_ENCAP_SEG6
- Support setting and retrieving route MTU/AdvMSS
- Fix CalcRtable array parameter bug
- added support for Foo-over-UDP netlink calls
- Support num{tx,rx}queues and udp6zerocsum{tx,rx}
- tuntap: Add multiqueue support
- Retrieve VLAN ID when listing neighbour
- Fix LinkAdd for sit tunnel on 3.10 kernel
- Add support for managing source MACVLANs
- Two functions: one for adding bond slave, one for getting veth peer index
- Eliminate cgo from netlink
- Don't overwrite the XDP file descriptor with flags
- Fix reference to BPF instructions (on Kernel 4.13)
- Add Matchall filter
- Send IFA_CACHEINFO when setting up addresses
- Support IPv6 GRE Tun and Tap
- Add List option to RouteSubscribeWithOptions, AddrSubscribeWithOptions, and LinkSubscribeWithOptions
- Add Fq and Fq_Codel Qdisc support
Signed-off-by: Sebastiaan van Stijn <[email protected]>
…80abd Signed-off-by: Sebastiaan van Stijn <[email protected]>
Bump vishvananda/netlink to 1.0.0
Maintainers update
moby/moby commit b27f70d wraps the ErrNotFound error returned when a plugin cannot be found, to include a backtrace. This changes the type of the error, so contoller.loadIPAMDriver no longer converts it to a libnetwork plugin.NotFoundError. This is a similar patch as was merged in 9b11497 Signed-off-by: Sebastiaan van Stijn <[email protected]>
This commit updates the vendored ishidawataru/sctp and adapts its used types. Signed-off-by: Sascha Grunert <[email protected]> Signed-off-by: Sebastiaan van Stijn <[email protected]>
up to date
Signed-off-by: Smark <[email protected]>
clarifications and typo fixes for the design documentation
Change wording for Endpoint description
[carry 2370] Update sctp package
…handling controller.loadIPAMDriver: Unwrap error type returned by PluginGetter
Remove roadmap link from README.md
Signed-off-by: Tonis Tiigi <[email protected]>
Since docker container can be connected to combination of several internal and external networks change of default gateway of the internal ones breaks communication via the external ones. This fixes only macvlan network type Signed-off-by: Pavel Matěja <[email protected]>
bridge: add riscv64 build tags
Signed-off-by: Euan Harris <[email protected]>
Signed-off-by: Euan Harris <[email protected]>
Signed-off-by: Euan Harris <[email protected]>
Signed-off-by: Euan Harris <[email protected]>
Update to Golang 1.12.6
Removed unused integration test code
Add support for Internal and Private network types on windows
Signed-off-by: Brian Goff <[email protected]>
|
This is all green |
|
Minus DCO because some of these commits we are pulling in do not have DCO sign-offs. |
Jenkinsfile
Outdated
| -e VALIDATE_BRANCH=${CHANGE_TARGET} \ | ||
| docker:${GIT_COMMIT} \ | ||
| hack/test/unit | ||
| hack/test/unit" |
| docker:${GIT_COMMIT} \ | ||
| hack/test/unit" | ||
| hack/test/unit | ||
| ''' |
There was a problem hiding this comment.
Ah! Hm.. if you need to do another fix, perhaps you could fix the first commit
| } | ||
|
|
||
| func TestNAT(t *testing.T) { | ||
| t.Skip("Test does not work on CI and was never running to begin with") |
There was a problem hiding this comment.
Perhaps we should create tracking issues for these
libnetwork/resolver_test.go
Outdated
|
|
||
| func TestDNSProxyServFail(t *testing.T) { | ||
| if runtime.GOARCH == "arm64" { | ||
| t.Skip("This test fails on arm64 foor some reason... this need to be fixed") |
There was a problem hiding this comment.
Same for this one; we should create a tracking ticket
There was a problem hiding this comment.
I resolved this later on... guess I missed the commit this was in.
| for _, m := range index.Manifests { | ||
| if m.MediaType == images.MediaTypeContainerd1Checkpoint { | ||
| cpDesc = &m | ||
| cpDesc = &m // nolint:gosec |
There was a problem hiding this comment.
I think this one may be legit, and should probably be:
| for _, m := range index.Manifests { | |
| if m.MediaType == images.MediaTypeContainerd1Checkpoint { | |
| cpDesc = &m | |
| cpDesc = &m // nolint:gosec | |
| for _, m := range index.Manifests { | |
| m := m | |
| if m.MediaType == images.MediaTypeContainerd1Checkpoint { | |
| cpDesc = &m |
There was a problem hiding this comment.
The break on the next line makes me think this is irrelevant. The warning is that m will have the same address through every iteration of the loop and taking the address could mean reading a different value than you intend; however, since we're immediately ending the loop and no new data will be written into m we have the correct value in cpDesc.
The m := m suggestion should silence the warning and be resilient to further changes in this function so it might be slightly better from a maintenance perspective, but I'm not really concerned with the code as-is.
| defer s.Unlock() | ||
|
|
||
| s.srv.Shutdown(context.Background()) | ||
| s.srv.Shutdown(context.Background()) // nolint:errcheck |
There was a problem hiding this comment.
Note: nolint comments should not have a leading whitespace (comments for automation don't have a leading whitespace)
Probably slightly more cleaner to use _ to ignore the error than the //nolint comments
| iptables.OnReloaded(func() { | ||
| logrus.Debugf("Recreating iptables chains on firewall reload") | ||
| setupIPChains(config, iptables.IPv4) | ||
| if _, _, _, _, err := setupIPChains(config, iptables.IPv4); err != nil { |
There was a problem hiding this comment.
hehe, I recalled the lib network code when I enabled the dogsled linter (best name ever); https://github.com/alexkohler/dogsled
| // TODO(cpuguy83): So yeah, this isn't checking any errors anywhere. | ||
| // Seems like we should be checking errors even because of memory related issues that can arise. | ||
| // Alas it seems like given the nature of this data we could introduce problems if we start checking these errors. | ||
| // | ||
| // If anyone ever comes here and figures out one way or another if we can/should be checking these errors and it turns out we can't... then please document *why* | ||
|
|
There was a problem hiding this comment.
Probably should do a tracking issue for this if important
| func (nDB *NetworkDB) triggerFunc(stagger time.Duration, C <-chan time.Time, f func()) { | ||
| // Use a random stagger to avoid synchronizing | ||
| randStagger := time.Duration(uint64(rnd.Int63()) % uint64(stagger)) | ||
| randStagger := time.Duration(uint64(rnd.Int63()) % uint64(stagger)) // nolint:gosec |
There was a problem hiding this comment.
Do you recall what it was complaining about here (i suspect rnd.Int63() not being random?) If you do, would be great to leave it as a comment. You can use this format:
| randStagger := time.Duration(uint64(rnd.Int63()) % uint64(stagger)) // nolint:gosec | |
| randStagger := time.Duration(uint64(rnd.Int63()) % uint64(stagger)) //nolint:gosec // some comment here what we're ignoring |
There was a problem hiding this comment.
Ah was trying to add extra comments, didn't realize a 2nd // was needed.
This is do to rand use.
| echo "${pkg_list}" | grep --fixed-strings "libnetwork/drivers/bridge" \ | ||
| && if ! type docker-proxy; then | ||
| hack/make.sh binary-proxy install-proxy | ||
| fi |
There was a problem hiding this comment.
| echo "${pkg_list}" | grep --fixed-strings "libnetwork/drivers/bridge" \ | |
| && if ! type docker-proxy; then | |
| hack/make.sh binary-proxy install-proxy | |
| fi | |
| if grep <<<"${pkg_list}" --quiet --fixed-strings 'libnetwork/drivers/bridge' && ! command -v docker-proxy > /dev/null; then | |
| hack/make.sh binary-proxy install-proxy | |
| fi |
libnetwork/CHANGELOG.md
Outdated
libnetwork/MAINTAINERS
Outdated
There was a problem hiding this comment.
👀❓
Thoughts on whether it still makes sense to keep this file in this repository?
| @@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6 | |||
| golang.org/x/sync 6e8e738ad208923de99951fe0b48239bfd864f28 | |||
|
|
|||
| # buildkit | |||
| github.com/moby/buildkit 244e8cde639f71a05a1a2e0670bd88e0206ce55c # v0.8.3-3-g244e8cde | |||
| github.com/moby/buildkit 7e03277b32d4f0150bed0e081d4253b3a8557f13 https://github.com/cpuguy83/buildkit.git # v0.8.3-3-g244e8cde + libnetwork changes | |||
| @@ -145,7 +146,7 @@ github.com/klauspost/compress a3b7545c88eea469c2246bee0e6c | |||
| github.com/pelletier/go-toml 65ca8064882c8c308e5c804c5d5443d409e0738c # v1.8.1 | |||
|
|
|||
| # cluster | |||
| github.com/docker/swarmkit 5a5494a9a7b408b790533a5e4e1cb43ca1c32aad | |||
| github.com/docker/swarmkit 60d87cb7cdb070801ec550d7f4d7dc1210fb7e9f git://github.com/cpuguy83/swarmkit.git | |||
There was a problem hiding this comment.
Yeah, we'll need to update these projects once merged.
| @@ -62,6 +62,7 @@ github.com/docker/libkv 458977154600b9f23984d9f4b82e | |||
| github.com/vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202 | |||
| github.com/vishvananda/netlink f049be6f391489d3f374498fe0c8df8449258372 # v1.1.0 | |||
| github.com/moby/ipvs 4566ccea0e08d68e9614c3e7a64a23b850c4bb35 # v1.0.1 | |||
| github.com/urfave/cli a65b733b303f0055f8d324d805f393cd3e7a7904 | |||
There was a problem hiding this comment.
😬 fun times
(How many different flag parsers are involved in moby/moby post-merge here? 😩)
There was a problem hiding this comment.
Yeah, we should move this to cobra. I recall when we moved moby to use Cobra, we created a copy of the mflags package to libnetwork.
|
DCO is failing because committer name doesn't match sign-off; wondering if adding an entry to (we can also mark it to "pass" manually; mostly curious if it takes |
|
There's some missing sign-offs as well. |
samuelkarp
left a comment
samuelkarp
left a comment
There was a problem hiding this comment.
I've gotten about a quarter of the way through this so far.
For anyone else looking to review: I found it helpful to check out this PR and the tip of libnetwork and use git diff to compare them. For example: git diff libnetwork/config/config.go docker/libnetwork/config/config.go will show me that just the imports have changed even though GitHub's diff view is confused.
| @@ -0,0 +1,79 @@ | |||
| version: 2 | |||
There was a problem hiding this comment.
Do we have CircleCI set up here? Will CircleCI correctly read a file in libnetwork/.circleci rather than .circleci?
There was a problem hiding this comment.
No this can be removed. All testing is being done by the jenkins runner.
AkihiroSuda
left a comment
AkihiroSuda
left a comment
There was a problem hiding this comment.
LGTM, let's merge this ASAP to avoid rebase hell
|
Merged per @thaJeztah and @tianon Will follow-up to address PR comments. |
|
Can we cherry-pick this into 20.10, and archive the old libnetwork repo? |
20 participants
This moves libnetwork in-tree as discussed in moby/libnetwork#2522