Allow user to specify default address pools for docker networks #36396
Conversation
selansen
force-pushed
the
master
branch
2 times, most recently
from
d6a1679 to
b167edd
Compare
Codecov Report
@@ Coverage Diff @@
## master #36396 +/- ##
=========================================
Coverage ? 35.09%
=========================================
Files ? 615
Lines ? 45745
Branches ? 0
=========================================
Hits ? 16053
Misses ? 27582
Partials ? 2110 |
|
@thaJeztah , @dnephin , @vdemeester , Pls use this for #36054. |
daemon/config/config_unix.go
Outdated
| // NetworkConfig stores the daemon-wide networking configurations | ||
| type NetworkConfig struct { | ||
| // Default address pools for docker networks | ||
| DefaultAddressPools []*ipamutils.NetworkToSplit `json:"default-node-local-address-pools,omitempty"` |
There was a problem hiding this comment.
It looks like this is identical in both unix and windows. Can this go into CommonConfig instead?
There was a problem hiding this comment.
Currently we dont support it on windows.
There was a problem hiding this comment.
I see you adding this same field in config_windows.go. Should it be removed then?
There was a problem hiding this comment.
My CI for windows p *windowsRS1 * failed due to build issue. so I had to
modify to fix CI failure.
There was a problem hiding this comment.
Either way there is a problem here.
Either the code needs to be changed so it's not referenced on windows, or this field needs to be moved into a non-platform specific file. It does not make sense to dupliacte it.
opts/address_pools.go
Outdated
| func (p *PoolsOpt) Value() []*types.NetworkToSplit { | ||
| var pd []*types.NetworkToSplit | ||
| pd = append(pd, *p.values...) | ||
| return pd |
There was a problem hiding this comment.
Why not return *p.values ? Might also be good to check for nil.
There was a problem hiding this comment.
make sense. will modify
opts/address_pools.go
Outdated
|
|
||
| // PoolsOpt is a Value type for parsing the default address pools definitions | ||
| type PoolsOpt struct { | ||
| values *[]*types.NetworkToSplit |
There was a problem hiding this comment.
I don't think this needs to be a pointer. The PoolsOpt receiver is already a pointer, so you should be able to p.values = append(p.values, ...)
| //c.Assert(out, checker.Contains, "175.30.0.0/16") | ||
| c.Assert(out.IPAM.Config[0].Subnet, checker.Equals, "175.30.0.0/16") | ||
|
|
||
| // Create a bridge network and verify its subnet is the second default pool |
There was a problem hiding this comment.
It looks like these are separate cases? Can you split this into separate Test functions?
There was a problem hiding this comment.
It is same test case. We are testing it by creating 2 different network and make sure they fall into same user defined subnet. thats all.
|
@dnephin , Addressed all the comments that we discussed yesterday. Pls take a look at it when you have time. |
daemon/config/config_windows.go
Outdated
| @@ -15,7 +15,7 @@ type BridgeConfig struct { | |||
| // to the docker daemon when you launch it with say: `dockerd -e windows` | |||
| type Config struct { | |||
| CommonConfig | |||
|
|
|||
| NetworkConfig | |||
There was a problem hiding this comment.
Still not sure why this is being added on windows if you say it isn't used, but at least now the struct isn't duplicated.
There was a problem hiding this comment.
missed this one. will remove it.
cmd/dockerd/config_unix.go
Outdated
| @@ -44,4 +44,6 @@ func installConfigFlags(conf *config.Config, flags *pflag.FlagSet) { | |||
| flags.Var(&conf.ShmSize, "default-shm-size", "Default shm size for containers") | |||
| flags.BoolVar(&conf.NoNewPrivileges, "no-new-privileges", false, "Set no-new-privileges by default for new containers") | |||
| flags.StringVar(&conf.IpcMode, "default-ipc-mode", config.DefaultIpcMode, `Default mode for containers ipc ("shareable" | "private")`) | |||
| flags.Var(opts.NewPoolsOpt(conf.NetworkConfig.DefaultAddressPools), "default-node-local-address-pools", "Set the default address pools for node specific local networks") | |||
There was a problem hiding this comment.
You can remove "Set the". I see we have it for one other flag, but it reads better without it.
opts/address_pools.go
Outdated
| func (p *PoolsOpt) String() string { | ||
| pools := []string{} | ||
| for _, pool := range p.values { | ||
| repr := fmt.Sprintf(" %s %s", pool.Base, pool.Size) |
There was a problem hiding this comment.
Why the leading space in the format? There's already a space added by strings.Join()
daemon/config/config.go
Outdated
| // NetworkConfig stores the daemon-wide networking configurations | ||
| type NetworkConfig struct { | ||
| // Default address pools for docker networks | ||
| DefaultAddressPools []*ipamutils.NetworkToSplit `json:"default-node-local-address-pools,omitempty"` |
There was a problem hiding this comment.
Now I see why you were using a pointer to a slice.
The type here can be PoolsOpt instead of []*ipamutils.NetworkToSplit.
That way you don't need to accept any value in NewPoolsOpt, and to get the value out you can use: DefaultAddressPools.Value()
|
Yup, tests look to be failing; |
|
I will start working on this tomorrow .
…On Mon, Mar 5, 2018 at 7:48 PM, Sebastiaan van Stijn < ***@***.***> wrote:
Yup, tests look to be failing;
20:44:12 ----------------------------------------------------------------------
20:44:12 FAIL: docker_api_network_test.go:182: DockerDaemonSuite.TestAPIDaemonNetworkPools
20:44:12
20:44:12 [d4ac7cc665224] waiting for daemon to start
20:44:12 [d4ac7cc665224] daemon started
20:44:12
20:44:12 docker_api_network_test.go:199:
20:44:12 //c.Assert(out, checker.Contains, "175.30.0.0/16")
20:44:12 c.Assert(out.IPAM.Config[0].Subnet, checker.Equals, "175.30.0.0/16")
20:44:12 ... obtained string = "172.18.0.0/16"
20:44:12 ... expected string = "175.30.0.0/16"
20:44:12
20:44:12 [d4ac7cc665224] exiting daemon
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#36396 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AKEKn059DfQk7Ig_UfdB7gqOcpksFVRdks5tbdzrgaJpZM4SRmqc>
.
|
selansen
force-pushed
the
master
branch
5 times, most recently
from
cbe247b to
d853a4c
Compare
|
@dnephin , All your suggestions have been taken care. Both manual and integration tests are working fine. |
|
Looks great! I really can't wait to use it in my setup :) @vdemeester Could you review this as well? |
|
@vdemeester @thaJeztah , I think we have gone through multiple review cycle on this. |
|
Note that Docker remembers its networks, and this setting is only applied to new networks. If, like me, you are using docker-compose but are still finding routes that do not conform to your settings in the JSON configuration, then executing |
|
@mavenugo in the thread above you mention, "given that you identified my earlier comment on this topic." I'm looking to customize the IPAM for swarm network creation without having to specify the subnet for every stack I deploy. Is there, by chance, some trick that can be used until this is implemented for swarm networks as well. Thank you! |
|
We are working on overlay network support at this moment. New feature will be available in the next release. |
|
Yep, that's how I've been getting around this, and I'm looking to get out of the subnet management business. ;) Thanks for the response, @selansen ! |
|
Hopefully soon :) |
|
I'm using 18.09.1, but I get "unknown flag: --default-address-pools". Do we know which release this will be in? Is there a way I can check so I don't clutter the forum with inane questions? thank you! |
|
Should be there in 18.09.1; And for swarm; |
|
Ah; I see you're using |
|
For docker daemon create a /etc/docker/daemon.json and add : Or whatever you need. |
|
The option does not seem to be in 18.09.1 for windows: Maybe the mac build is missing it too? |
|
Hello. |
I have the same. The automatically created Automatically created ingress network gets 10.255.0.0/16: Manually creating a network gets 10.20.0.0/24 I can even re-create the It would be nice if the automatically created |
|
Ingress network gets created before default IP pool init happens. Will have to take a look at on how we can get around current design. will take a look at it. |
|
@Jamuz perhaps you can create a ticket for that so that it doesn't get lost? |
|
This merge seems to be incomplete by any means, especially docs Beside this "help" does not help in a single way it is even wrong, since the setting is default-address-poolS ( plural ) It is also listed here https://docs.docker.com/engine/reference/commandline/dockerd/ as singular .. And it does only work in plural needs to be done this way I'am running Considering the existince of bip/fixed-cidr and now this and the crazyness of DNS difference between "default networks" and "docker-compose bridge based" things seem to go out of control or at least it seems to me, there is no "big plot" anymore. Sorry for the rant. But those topics hindered me in the last 2 months and wasted way too much time considering how easy they are solved in the end - which does not remove any of it's inconsistency or hidden features / confusion after all |
This is continuation of PR #36054
. I updated all review comments and re-vendor libnetwork. While doing so , I accidentally deleted my commits. Hence I was not able to update into PR 36054.
Description
When user creates a network without specifying a --subnet, docker will pick a subnet for the network from the static set 172.[17-31].0.0/16 and 192.168.[0-240].0/20 for the local scope networks and from the static set 10.[0-255].[0-255].0/24 for the global scope networks.
For different reasons, several users have asked to be able to control these defaults.
This PR brings in a change to allow users to control the default address pools at daemon boot.
As an example,
dockerd --default-address-pools base=10.10.0.0/16,size=24
would allow user to set the 256 pools 10.10.[0-255].0/24 as default for the local scope networks.
Multiple --default-address-pools can be specified.
To specify the option in the config json file:
{"default-address-pools":[{"base":"172.80.0.0/16","size":24},{"base":"172.90.0.0/16","size":24}]}