From fd675380c08d141b5f3a5e7d9e3c9822b9bb1783 Mon Sep 17 00:00:00 2001 From: Jessica Frazelle Date: Wed, 16 Sep 2015 09:55:14 -0700 Subject: [PATCH] Revert "Make daemon to start with no userlandproxy by default" This reverts commit bf2b8ec8165468d7454f6bd86f4a78e7e8b58d8e. Signed-off-by: Jessica Frazelle Upstream-commit: 50d7fba7758e8890d49f492c284262ec9aa22190 Component: engine --- components/engine/daemon/config_unix.go | 2 +- components/engine/docs/articles/networking.md | 2 +- components/engine/docs/reference/commandline/daemon.md | 2 +- components/engine/hack/make/.integration-daemon-start | 2 +- components/engine/integration-cli/docker_cli_daemon_test.go | 1 + components/engine/integration-cli/docker_utils.go | 2 +- components/engine/man/docker.1.md | 2 +- 7 files changed, 7 insertions(+), 6 deletions(-) diff --git a/components/engine/daemon/config_unix.go b/components/engine/daemon/config_unix.go index bffaaf9922..d4f127c29c 100644 --- a/components/engine/daemon/config_unix.go +++ b/components/engine/daemon/config_unix.go @@ -74,7 +74,7 @@ func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) strin cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address")) cmd.BoolVar(&config.Bridge.InterContainerCommunication, []string{"#icc", "-icc"}, true, usageFn("Enable inter-container communication")) cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports")) - cmd.BoolVar(&config.Bridge.EnableUserlandProxy, []string{"-userland-proxy"}, false, usageFn("Use userland proxy for loopback traffic")) + cmd.BoolVar(&config.Bridge.EnableUserlandProxy, []string{"-userland-proxy"}, true, usageFn("Use userland proxy for loopback traffic")) cmd.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, usageFn("Enable CORS headers in the remote API, this is deprecated by --api-cors-header")) cmd.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", usageFn("Set CORS headers in the remote API")) diff --git a/components/engine/docs/articles/networking.md b/components/engine/docs/articles/networking.md index 98a91e1a2d..e2d4331973 100644 --- a/components/engine/docs/articles/networking.md +++ b/components/engine/docs/articles/networking.md @@ -471,7 +471,7 @@ editing this setting. > container. In such conflicting situation, Docker created iptables rules will > take precedence and route to the container. -The `--userland-proxy` parameter, false by default, provides a userland +The `--userland-proxy` parameter, true by default, provides a userland implementation for inter-container and outside-to-container communication. When disabled, Docker uses both an additional `MASQUERADE` iptable rule and the `net.ipv4.route_localnet` kernel parameter which allow the host machine to diff --git a/components/engine/docs/reference/commandline/daemon.md b/components/engine/docs/reference/commandline/daemon.md index 57f3ed7c12..22394b72a8 100644 --- a/components/engine/docs/reference/commandline/daemon.md +++ b/components/engine/docs/reference/commandline/daemon.md @@ -56,7 +56,7 @@ weight=1 --tlscert="~/.docker/cert.pem" Path to TLS certificate file --tlskey="~/.docker/key.pem" Path to TLS key file --tlsverify=false Use TLS and verify the remote - --userland-proxy=false Use userland proxy for loopback traffic + --userland-proxy=true Use userland proxy for loopback traffic Options with [] may be specified multiple times. diff --git a/components/engine/hack/make/.integration-daemon-start b/components/engine/hack/make/.integration-daemon-start index ea31894489..7c89a27d24 100644 --- a/components/engine/hack/make/.integration-daemon-start +++ b/components/engine/hack/make/.integration-daemon-start @@ -14,7 +14,7 @@ exec 41>&1 42>&2 export DOCKER_GRAPHDRIVER=${DOCKER_GRAPHDRIVER:-vfs} export DOCKER_EXECDRIVER=${DOCKER_EXECDRIVER:-native} -export DOCKER_USERLANDPROXY=${DOCKER_USERLANDPROXY:-false} +export DOCKER_USERLANDPROXY=${DOCKER_USERLANDPROXY:-true} # example usage: DOCKER_STORAGE_OPTS="dm.basesize=20G,dm.loopdatasize=200G" storage_params="" diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 0870655402..b3083b4461 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -860,6 +860,7 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { out, err := d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") c.Assert(err, check.NotNil, check.Commentf("Running a container must fail with an invalid --ip option")) + c.Assert(strings.Contains(out, "Error starting userland proxy"), check.Equals, true) ifName := "dummy" out, err = createInterface(c, "dummy", ifName, ipStr) diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index 4c06929289..61dd90791a 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -69,7 +69,7 @@ func NewDaemon(c *check.C) *Daemon { c.Fatalf("Could not create %s/graph directory", daemonFolder) } - userlandProxy := false + userlandProxy := true if env := os.Getenv("DOCKER_USERLANDPROXY"); env != "" { if val, err := strconv.ParseBool(env); err != nil { userlandProxy = val diff --git a/components/engine/man/docker.1.md b/components/engine/man/docker.1.md index b5b93ba4b5..50c9baa207 100644 --- a/components/engine/man/docker.1.md +++ b/components/engine/man/docker.1.md @@ -162,7 +162,7 @@ unix://[/path/to/socket] to use. Default is false. **--userland-proxy**=*true*|*false* - Rely on a userland proxy implementation for inter-container and outside-to-container loopback communications. Default is false. + Rely on a userland proxy implementation for inter-container and outside-to-container loopback communications. Default is true. **-v**, **--version**=*true*|*false* Print version information and quit. Default is false.