mirror of
https://github.com/devplayer0/docker-net-dhcp
synced 2024-10-30 09:20:28 +00:00
Enter network namespace by PID instead of "sandbox key"
This commit is contained in:
parent
00e08f1c14
commit
e109e9923e
@ -17,8 +17,8 @@ The plugin can be installed with the `docker plugin install` command:
|
||||
$ docker plugin install ghcr.io/devplayer0/docker-net-dhcp:release-linux-amd64
|
||||
Plugin "ghcr.io/devplayer0/docker-net-dhcp:release-linux-amd64" is requesting the following privileges:
|
||||
- network: [host]
|
||||
- host pid namespace: [true]
|
||||
- mount: [/var/run/docker.sock]
|
||||
- mount: [/var/run/docker]
|
||||
- capabilities: [CAP_NET_ADMIN CAP_SYS_ADMIN]
|
||||
Do you grant the above permissions? [y/N] y
|
||||
release-linux-amd64: Pulling from ghcr.io/devplayer0/docker-net-dhcp
|
||||
|
@ -21,6 +21,7 @@
|
||||
"network": {
|
||||
"type": "host"
|
||||
},
|
||||
"pidhost": true,
|
||||
"mounts": [
|
||||
{
|
||||
"source": "/var/run/docker.sock",
|
||||
@ -29,14 +30,6 @@
|
||||
"options": [
|
||||
"bind"
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "/var/run/docker",
|
||||
"destination": "/run/docker",
|
||||
"type": "bind",
|
||||
"options": [
|
||||
"bind"
|
||||
]
|
||||
}
|
||||
],
|
||||
"linux": {
|
||||
|
@ -27,6 +27,7 @@ type dhcpManager struct {
|
||||
LastIP *netlink.Addr
|
||||
LastIPv6 *netlink.Addr
|
||||
|
||||
nsPath string
|
||||
hostname string
|
||||
nsHandle netns.NsHandle
|
||||
netHandle *netlink.Handle
|
||||
@ -125,7 +126,7 @@ func (m *dhcpManager) setupClient(v6 bool) (chan error, error) {
|
||||
client, err := udhcpc.NewDHCPClient(m.ctrLink.Attrs().Name, &udhcpc.DHCPClientOptions{
|
||||
Hostname: m.hostname,
|
||||
V6: v6,
|
||||
Namespace: m.joinReq.SandboxKey,
|
||||
Namespace: m.nsPath,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create DHCP%v client: %w", v6Str, err)
|
||||
@ -198,8 +199,32 @@ func (m *dhcpManager) setupClient(v6 bool) (chan error, error) {
|
||||
}
|
||||
|
||||
func (m *dhcpManager) Start(ctx context.Context) error {
|
||||
var err error
|
||||
m.nsHandle, err = util.AwaitNetNS(ctx, m.joinReq.SandboxKey, pollTime)
|
||||
dockerNet, err := m.docker.NetworkInspect(ctx, m.joinReq.NetworkID, dTypes.NetworkInspectOptions{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get Docker network info: %w", err)
|
||||
}
|
||||
|
||||
var ctrID string
|
||||
for id, info := range dockerNet.Containers {
|
||||
if info.EndpointID == m.joinReq.EndpointID {
|
||||
ctrID = id
|
||||
break
|
||||
}
|
||||
}
|
||||
if ctrID == "" {
|
||||
return util.ErrNoContainer
|
||||
}
|
||||
|
||||
ctr, err := m.docker.ContainerInspect(ctx, ctrID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get Docker container info: %w", err)
|
||||
}
|
||||
|
||||
// Using the "sandbox key" directly causes issues on some platforms
|
||||
m.nsPath = fmt.Sprintf("/proc/%v/ns/net", ctr.State.Pid)
|
||||
m.hostname = ctr.Config.Hostname
|
||||
|
||||
m.nsHandle, err = util.AwaitNetNS(ctx, m.nsPath, pollTime)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get sandbox network namespace: %w", err)
|
||||
}
|
||||
@ -237,28 +262,6 @@ func (m *dhcpManager) Start(ctx context.Context) error {
|
||||
return err
|
||||
}
|
||||
|
||||
dockerNet, err := m.docker.NetworkInspect(ctx, m.joinReq.NetworkID, dTypes.NetworkInspectOptions{})
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get Docker network info: %w", err)
|
||||
}
|
||||
|
||||
var ctrID string
|
||||
for id, info := range dockerNet.Containers {
|
||||
if info.EndpointID == m.joinReq.EndpointID {
|
||||
ctrID = id
|
||||
break
|
||||
}
|
||||
}
|
||||
if ctrID == "" {
|
||||
return util.ErrNoContainer
|
||||
}
|
||||
|
||||
ctr, err := m.docker.ContainerInspect(ctx, ctrID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to get Docker container info: %w", err)
|
||||
}
|
||||
m.hostname = ctr.Config.Hostname
|
||||
|
||||
if m.errChan, err = m.setupClient(false); err != nil {
|
||||
close(m.stopChan)
|
||||
return err
|
||||
|
Loading…
Reference in New Issue
Block a user