[lxc-devel] [lxd/master] Network: Minor improvements to bridge driver

Thu, 16 Jul 2020 07:26:20 -0700 

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7661

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Also improvements to validate network type conversion.

From 6d80e607c7c89aa52bccaac8d0c22681f2d840ff Mon Sep 17 00:00:00 2001
From: Thomas Parrott <[email protected]>
Date: Thu, 16 Jul 2020 15:10:59 +0100
Subject: [PATCH 1/5] lxc/network/driver/bridge: isRunning comment

Signed-off-by: Thomas Parrott <[email protected]>
---
 lxd/network/driver_bridge.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 57087295c6..b990338ce9 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -234,7 +234,7 @@ func (n *bridge) Validate(config map[string]string) error {
        return nil
 }
 
-// IsRunning returns whether the network is up.
+// isRunning returns whether the network is up.
 func (n *bridge) isRunning() bool {
        return shared.PathExists(fmt.Sprintf("/sys/class/net/%s", n.name))
 }

From 4196f225f6c0c5f286a9867bc273980300057859 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <[email protected]>
Date: Thu, 16 Jul 2020 15:11:30 +0100
Subject: [PATCH 2/5] lxd/network/driver/bridge: Unexports hasIPv4Firewall and
 hasIPv6Firewall

Signed-off-by: Thomas Parrott <[email protected]>
---
 lxd/network/driver_bridge.go | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index b990338ce9..9de8f6bf6f 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -497,7 +497,7 @@ func (n *bridge) setup(oldConfig map[string]string) error {
 
        // Configure IPv4 firewall (includes fan)
        if n.config["bridge.mode"] == "fan" || 
!shared.StringInSlice(n.config["ipv4.address"], []string{"", "none"}) {
-               if n.HasDHCPv4() && n.HasIPv4Firewall() {
+               if n.HasDHCPv4() && n.hasIPv4Firewall() {
                        // Setup basic iptables overrides for DHCP/DNS
                        err = 
n.state.Firewall.NetworkSetupDHCPDNSAccess(n.name, 4)
                        if err != nil {
@@ -506,7 +506,7 @@ func (n *bridge) setup(oldConfig map[string]string) error {
                }
 
                // Attempt a workaround for broken DHCP clients
-               if n.HasIPv4Firewall() {
+               if n.hasIPv4Firewall() {
                        err = 
n.state.Firewall.NetworkSetupDHCPv4Checksum(n.name)
                        if err != nil {
                                return err
@@ -520,14 +520,14 @@ func (n *bridge) setup(oldConfig map[string]string) error 
{
                                return err
                        }
 
-                       if n.HasIPv4Firewall() {
+                       if n.hasIPv4Firewall() {
                                err = 
n.state.Firewall.NetworkSetupForwardingPolicy(n.name, 4, true)
                                if err != nil {
                                        return err
                                }
                        }
                } else {
-                       if n.HasIPv4Firewall() {
+                       if n.hasIPv4Firewall() {
                                err = 
n.state.Firewall.NetworkSetupForwardingPolicy(n.name, 4, false)
                                if err != nil {
                                        return err
@@ -1668,8 +1668,8 @@ func (n *bridge) updateForkdnsServersFile(addresses 
[]string) error {
        return nil
 }
 
-// HasIPv4Firewall indicates whether the network has IPv4 firewall enabled.
-func (n *bridge) HasIPv4Firewall() bool {
+// hasIPv4Firewall indicates whether the network has IPv4 firewall enabled.
+func (n *bridge) hasIPv4Firewall() bool {
        if n.config["ipv4.firewall"] == "" || 
shared.IsTrue(n.config["ipv4.firewall"]) {
                return true
        }
@@ -1677,8 +1677,8 @@ func (n *bridge) HasIPv4Firewall() bool {
        return false
 }
 
-// HasIPv6Firewall indicates whether the network has IPv6 firewall enabled.
-func (n *bridge) HasIPv6Firewall() bool {
+// hasIPv6Firewall indicates whether the network has IPv6 firewall enabled.
+func (n *bridge) hasIPv6Firewall() bool {
        if n.config["ipv6.firewall"] == "" || 
shared.IsTrue(n.config["ipv6.firewall"]) {
                return true
        }

From e0982411e8ace9dd72d6692ae76695f9647608db Mon Sep 17 00:00:00 2001
From: Thomas Parrott <[email protected]>
Date: Thu, 16 Jul 2020 15:19:28 +0100
Subject: [PATCH 3/5] lxd/networks: Detect unknown network type in
 networksPost, dont assume bridge

When network type is not supplied, defaults to bridge to maintain compat with 
older clients.

Signed-off-by: Thomas Parrott <[email protected]>
---
 lxd/networks.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lxd/networks.go b/lxd/networks.go
index 2544461bfa..ac06ba4574 100644
--- a/lxd/networks.go
+++ b/lxd/networks.go
@@ -121,12 +121,13 @@ func networksPost(d *Daemon, r *http.Request) 
response.Response {
                return response.BadRequest(err)
        }
 
+       // Convert requested network type to DB type code.
        var dbNetType db.NetworkType
        switch req.Type {
        case "bridge":
                dbNetType = db.NetworkTypeBridge
        default:
-               dbNetType = db.NetworkTypeBridge
+               return response.BadRequest(fmt.Errorf("Unrecognised network 
type"))
        }
 
        url := fmt.Sprintf("/%s/networks/%s", version.APIVersion, req.Name)

From 3b5fe959231ad31b0898b811a002199a22717ef9 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <[email protected]>
Date: Thu, 16 Jul 2020 15:20:09 +0100
Subject: [PATCH 4/5] lxd/networks: comment fix in networksPostCluster

Signed-off-by: Thomas Parrott <[email protected]>
---
 lxd/networks.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxd/networks.go b/lxd/networks.go
index ac06ba4574..bdaf20cdc9 100644
--- a/lxd/networks.go
+++ b/lxd/networks.go
@@ -272,7 +272,7 @@ func networksPostCluster(d *Daemon, req api.NetworksPost) 
error {
        }
 
        // We need to mark the network as created now, because the
-       // network.LoadByName call invoked by doNetworkCreate would fail with
+       // network.LoadByName call invoked by doNetworksCreate would fail with
        // not-found otherwise.
        createErr := d.cluster.Transaction(func(tx *db.ClusterTx) error {
                return tx.NetworkCreated(req.Name)

From 36a9cd84431c927e140b4971af918482388c65cc Mon Sep 17 00:00:00 2001
From: Thomas Parrott <[email protected]>
Date: Thu, 16 Jul 2020 15:20:31 +0100
Subject: [PATCH 5/5] lxd/db/network: Provide way to identifty unknown network
 type in getNetwork

Don't silently convert to bridge. Existing networks will get the default type 
ID of 0, so will be recognised as bridge correctly.

Signed-off-by: Thomas Parrott <[email protected]>
---
 lxd/db/networks.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxd/db/networks.go b/lxd/db/networks.go
index 36ec050739..558c788f9b 100644
--- a/lxd/db/networks.go
+++ b/lxd/db/networks.go
@@ -370,7 +370,7 @@ func (c *Cluster) getNetwork(name string, onlyCreated bool) 
(int64, *api.Network
        case NetworkTypeBridge:
                network.Type = "bridge"
        default:
-               network.Type = "bridge"
+               network.Type = "" // Unknown
        }
 
        nodes, err := c.networkNodes(id)

_______________________________________________
lxc-devel mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to