Add --userland-proxy daemon flag
The `--userland-proxy` daemon flag makes it possible to rely on hairpin NAT and additional iptables routes instead of userland proxy for port publishing and inter-container communication. Usage of the userland proxy remains the default as hairpin NAT is unsupported by older kernels. Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com> Upstream-commit: f42348e18f73d1d775d77ac75bc96466aae56d7c Component: engine
This commit is contained in:
Arnaud Porterie
@ -4,14 +4,26 @@ import (
|
||||
"fmt"
|
||||
"net"
|
||||
"os/exec"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/go-check/check"
|
||||
)
|
||||
|
||||
func (s *DockerSuite) TestNetworkNat(c *check.C) {
|
||||
testRequires(c, SameHostDaemon, NativeExecDriver)
|
||||
func startServerContainer(c *check.C, proto string, port int) string {
|
||||
cmd := []string{"-d", "-p", fmt.Sprintf("%d:%d", port, port), "busybox", "nc", "-lp", strconv.Itoa(port)}
|
||||
if proto == "udp" {
|
||||
cmd = append(cmd, "-u")
|
||||
}
|
||||
|
||||
name := "server"
|
||||
if err := waitForContainer(name, cmd...); err != nil {
|
||||
c.Fatalf("Failed to launch server container: %v", err)
|
||||
}
|
||||
return name
|
||||
}
|
||||
|
||||
func getExternalAddress(c *check.C) net.IP {
|
||||
iface, err := net.InterfaceByName("eth0")
|
||||
if err != nil {
|
||||
c.Skip(fmt.Sprintf("Test not running with `make test`. Interface eth0 not found: %v", err))
|
||||
@ -27,35 +39,65 @@ func (s *DockerSuite) TestNetworkNat(c *check.C) {
|
||||
c.Fatalf("Error retrieving the up for eth0: %s", err)
|
||||
}
|
||||
|
||||
runCmd := exec.Command(dockerBinary, "run", "-dt", "-p", "8080:8080", "busybox", "nc", "-lp", "8080")
|
||||
return ifaceIP
|
||||
}
|
||||
|
||||
func getContainerLogs(c *check.C, containerID string) string {
|
||||
runCmd := exec.Command(dockerBinary, "logs", containerID)
|
||||
out, _, err := runCommandWithOutput(runCmd)
|
||||
if err != nil {
|
||||
c.Fatal(out, err)
|
||||
}
|
||||
return strings.Trim(out, "\r\n")
|
||||
}
|
||||
|
||||
cleanedContainerID := strings.TrimSpace(out)
|
||||
|
||||
runCmd = exec.Command(dockerBinary, "run", "busybox", "sh", "-c", fmt.Sprintf("echo hello world | nc -w 30 %s 8080", ifaceIP))
|
||||
out, _, err = runCommandWithOutput(runCmd)
|
||||
func getContainerStatus(c *check.C, containerID string) string {
|
||||
runCmd := exec.Command(dockerBinary, "inspect", "-f", "{{.State.Running}}", containerID)
|
||||
out, _, err := runCommandWithOutput(runCmd)
|
||||
if err != nil {
|
||||
c.Fatal(out, err)
|
||||
}
|
||||
|
||||
runCmd = exec.Command(dockerBinary, "logs", cleanedContainerID)
|
||||
out, _, err = runCommandWithOutput(runCmd)
|
||||
if err != nil {
|
||||
c.Fatalf("failed to retrieve logs for container: %s, %v", out, err)
|
||||
}
|
||||
|
||||
out = strings.Trim(out, "\r\n")
|
||||
|
||||
if expected := "hello world"; out != expected {
|
||||
c.Fatalf("Unexpected output. Expected: %q, received: %q for iface %s", expected, out, ifaceIP)
|
||||
}
|
||||
|
||||
killCmd := exec.Command(dockerBinary, "kill", cleanedContainerID)
|
||||
if out, _, err = runCommandWithOutput(killCmd); err != nil {
|
||||
c.Fatalf("failed to kill container: %s, %v", out, err)
|
||||
}
|
||||
|
||||
return strings.Trim(out, "\r\n")
|
||||
}
|
||||
|
||||
func (s *DockerSuite) TestNetworkNat(c *check.C) {
|
||||
testRequires(c, SameHostDaemon, NativeExecDriver)
|
||||
defer deleteAllContainers()
|
||||
|
||||
srv := startServerContainer(c, "tcp", 8080)
|
||||
|
||||
// Spawn a new container which connects to the server through the
|
||||
// interface address.
|
||||
endpoint := getExternalAddress(c)
|
||||
runCmd := exec.Command(dockerBinary, "run", "busybox", "sh", "-c", fmt.Sprintf("echo hello world | nc -w 30 %s 8080", endpoint))
|
||||
if out, _, err := runCommandWithOutput(runCmd); err != nil {
|
||||
c.Fatalf("Failed to connect to server: %v (output: %q)", err, string(out))
|
||||
}
|
||||
|
||||
result := getContainerLogs(c, srv)
|
||||
if expected := "hello world"; result != expected {
|
||||
c.Fatalf("Unexpected output. Expected: %q, received: %q", expected, result)
|
||||
}
|
||||
}
|
||||
|
||||
func (s *DockerSuite) TestNetworkLocalhostTCPNat(c *check.C) {
|
||||
testRequires(c, SameHostDaemon, NativeExecDriver)
|
||||
defer deleteAllContainers()
|
||||
|
||||
srv := startServerContainer(c, "tcp", 8081)
|
||||
|
||||
// Attempt to connect from the host to the listening container.
|
||||
conn, err := net.Dial("tcp", "localhost:8081")
|
||||
if err != nil {
|
||||
c.Fatalf("Failed to connect to container (%v)", err)
|
||||
}
|
||||
if _, err := conn.Write([]byte("hello world\n")); err != nil {
|
||||
c.Fatal(err)
|
||||
}
|
||||
conn.Close()
|
||||
|
||||
result := getContainerLogs(c, srv)
|
||||
if expected := "hello world"; result != expected {
|
||||
c.Fatalf("Unexpected output. Expected: %q, received: %q", expected, result)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user