Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Macvlan: Separate empty parent and internal #2523

Merged
merged 1 commit into from
Mar 5, 2020
Merged

Macvlan: Separate empty parent and internal #2523

merged 1 commit into from
Mar 5, 2020

Conversation

arkodg
Copy link
Contributor

@arkodg arkodg commented Mar 3, 2020
edited
Loading

#2419 and
#2407
attempted to seperate out empty parent and internal for
macvlan and ipvlan networks

However it didnt pass the integration tests in moby
moby/moby#40596 and exposed some
more plumbing that needed to be done to make sure
we separate the two things

If the -o parent is empty we create a dummylink
and if internal is set we dont add a default gateway
and make sure north-south communication cannot take place
(only east-west / container-container can)

Signed-off-by: Arko Dasgupta arko.dasgupta@docker.com

@arkodg arkodg requested review from selansen and thaJeztah March 3, 2020 22:52
@arkodg
Copy link
Contributor Author

arkodg commented Mar 3, 2020

PTAL @lemrouch

@lemrouch
Copy link
Contributor

lemrouch commented Mar 4, 2020
edited
Loading

It has been 6 months since I read those sources. Are you sure the

If the -o parent is empty we create a dummylink

happens after application of config-from network?
In such case it's ACK from me.
I'm sorry I don't have time to rebuild and test it all right now.

@arkodg arkodg changed the title Macvlan: Seperate empty parent and internal Macvlan: Separate empty parent and internal Mar 4, 2020
@arkodg arkodg force-pushed the seperate-internal-empty-parent branch from de9a5d0 to 0acbc1b Compare March 4, 2020 21:23
Macvlan: Separate empty parent and internal
3a4b08f 
moby#2419 and
moby#2407
attempted to seperate out empty parent and internal for
macvlan and ipvlan networks

However it didnt pass the integration tests in moby
moby/moby#40596 and exposed some
more plumbing that needed to be done to make sure
we separate the two things

If the -o parent is empty we create a dummylink
and if internal is set we dont add a default gateway
and make sure north-south communication cannot take place
(only east-west / container-container can)

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
@arkodg arkodg force-pushed the seperate-internal-empty-parent branch from 0acbc1b to 3a4b08f Compare March 4, 2020 21:24
thaJeztah
thaJeztah approved these changes Mar 4, 2020
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SGTM

@arkodg
Copy link
Contributor Author

arkodg commented Mar 4, 2020

@lemrouch that should have happened in parseNetworkOptions much before https://github.com/docker/libnetwork/blob/aca52ced73f77d25a1bd78684e2405416bb3a5e5/drivers/macvlan/macvlan_network.go#L62

@selansen selansen merged commit bf2bd42 into moby:master Mar 5, 2020
@thaJeztah thaJeztah mentioned this pull request Mar 5, 2020
Merged
kwanhur pushed a commit to kwanhur/libnetwork that referenced this pull request Mar 9, 2020
@selansen @kwanhur
Merge pull request moby#2523 from arkodg/seperate-internal-empty-parent
c6a82b3 
Macvlan: Separate empty parent and internal
Signed-off-by: kwanhur <huang_hua2012@163.com>
@trapier trapier mentioned this pull request Mar 11, 2020
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@thaJeztah thaJeztah thaJeztah approved these changes

@selansen selansen Awaiting requested review from selansen

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@arkodg @lemrouch @thaJeztah @selansen