feature: modify defaut bridge mode.

Change the default nat bridge network from 172.17.0.1/24 to 192.168.5.1/24
Complete the bridge network configure.
Don't to change bridge device ip address.

Signed-off-by: Rudy Zhang <[email protected]>

apis/swagger.yml

@@ -3406,12 +3406,16 @@ definitions:
     x-nullable: false
     properties:
       Subnet:
+        description: "subnet address for network"
         type: "string"
       IPRange:
+        description: "sub ip range in sub-network"
         type: "string"
       Gateway:
+        description: "gateway for sub-network"
         type: "string"
       AuxAddress:
+        description: "aux address in sub-network"
         type: "object"
         additionalProperties:
           type: "string"

daemon/config/config.go

@@ -25,10 +25,10 @@ type Config struct {
 	sync.Mutex
 
 	//Volume config
-	VolumeConfig volume.Config `json:"volume-config"`
+	VolumeConfig volume.Config `json:"volume-config,omitempty"`
 
 	// Network config
-	NetworkConfg network.Config
+	NetworkConfig network.Config `json:"network-config,omitempty"`
 
 	// Whether enable cri manager.
 	IsCriEnabled bool `json:"enable-cri,omitempty"`
@@ -132,7 +132,7 @@ func (cfg *Config) Validate() error {
 }
 
 //MergeConfigurations merges flagSet flags and config file flags into Config.
-func (cfg *Config) MergeConfigurations(config *Config, flagSet *pflag.FlagSet) error {
+func (cfg *Config) MergeConfigurations(flagSet *pflag.FlagSet) error {
 	contents, err := ioutil.ReadFile(cfg.ConfigFile)
 	if err != nil {
 		if os.IsNotExist(err) {
@@ -169,7 +169,7 @@ func (cfg *Config) MergeConfigurations(config *Config, flagSet *pflag.FlagSet) e
 	}
 
 	// merge configurations from command line flags and config file
-	err = mergeConfigurations(fileConfig, cfg.delValue(flagSet, fileFlags))
+	err = mergeConfigurations(cfg.delValue(flagSet, fileFlags), fileConfig)
 	return err
 
 }

daemon/daemon.go

@@ -279,7 +279,7 @@ func (d *Daemon) MetaStore() *meta.Store {
 }
 
 func (d *Daemon) networkInit(ctx context.Context) error {
-	return mode.NetworkModeInit(ctx, d.config.NetworkConfg, d.networkMgr)
+	return mode.NetworkModeInit(ctx, d.config.NetworkConfig, d.networkMgr)
 }
 
 // ContainerPlugin returns the container plugin fetched from shared file

daemon/mgr/network.go

@@ -67,8 +67,8 @@ type NetworkManager struct {
 // NewNetworkManager creates a brand new network manager.
 func NewNetworkManager(cfg *config.Config, store *meta.Store, ctrMgr ContainerMgr) (*NetworkManager, error) {
 	// Create a new controller instance
-	cfg.NetworkConfg.MetaPath = path.Dir(store.BaseDir)
-	cfg.NetworkConfg.ExecRoot = network.DefaultExecRoot
+	cfg.NetworkConfig.MetaPath = path.Dir(store.BaseDir)
+	cfg.NetworkConfig.ExecRoot = network.DefaultExecRoot
 
 	initNetworkLog(cfg)
 
@@ -81,17 +81,17 @@ func NewNetworkManager(cfg *config.Config, store *meta.Store, ctrMgr ContainerMg
 		logrus.Errorf("failed to new network manager, can not get container list")
 		return nil, errors.Wrap(err, "failed to get container list")
 	}
-	cfg.NetworkConfg.ActiveSandboxes = make(map[string]interface{})
+	cfg.NetworkConfig.ActiveSandboxes = make(map[string]interface{})
 	for _, c := range ctrs {
 		endpoint := BuildContainerEndpoint(c)
-		sbOptions, err := buildSandboxOptions(cfg.NetworkConfg, endpoint)
+		sbOptions, err := buildSandboxOptions(cfg.NetworkConfig, endpoint)
 		if err != nil {
 			return nil, errors.Wrap(err, "failed to build sandbox options")
 		}
-		cfg.NetworkConfg.ActiveSandboxes[c.NetworkSettings.SandboxID] = sbOptions
+		cfg.NetworkConfig.ActiveSandboxes[c.NetworkSettings.SandboxID] = sbOptions
 	}
 
-	ctlOptions, err := controllerOptions(cfg.NetworkConfg)
+	ctlOptions, err := controllerOptions(cfg.NetworkConfig)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to build network options")
 	}
@@ -104,7 +104,7 @@ func NewNetworkManager(cfg *config.Config, store *meta.Store, ctrMgr ContainerMg
 	return &NetworkManager{
 		store:      store,
 		controller: controller,
-		config:     cfg.NetworkConfg,
+		config:     cfg.NetworkConfig,
 	}, nil
 }
 
@@ -449,16 +449,16 @@ func controllerOptions(cfg network.Config) ([]nwconfig.Option, error) {
 	options = append(options, nwconfig.OptionDefaultNetwork("bridge"))
 
 	// set bridge options
-	options = append(options, bridgeDriverOptions())
+	options = append(options, bridgeDriverOptions(cfg.BridgeConfig))
 
 	return options, nil
 }
 
-func bridgeDriverOptions() nwconfig.Option {
+func bridgeDriverOptions(cfg network.BridgeConfig) nwconfig.Option {
 	bridgeConfig := options.Generic{
-		"EnableIPForwarding":  true,
-		"EnableIPTables":      true,
-		"EnableUserlandProxy": true}
+		"EnableIPForwarding":  cfg.IPForward,
+		"EnableIPTables":      cfg.IPTables,
+		"EnableUserlandProxy": cfg.UserlandProxy}
 	bridgeOption := options.Generic{netlabel.GenericData: bridgeConfig}
 
 	return nwconfig.OptionDriverConfig("bridge", bridgeOption)

extra/libnetwork/drivers/bridge/port_mapping.go

@@ -15,6 +15,10 @@ var (
 )
 
 func (n *bridgeNetwork) allocatePorts(ep *bridgeEndpoint, reqDefBindIP net.IP, ulPxyEnabled bool) ([]types.PortBinding, error) {
+	if ep.addr == nil {
+		return nil, fmt.Errorf("allocatePorts addr is null.")
+	}
+
 	if ep.extConnConfig == nil || ep.extConnConfig.PortBindings == nil {
 		return nil, nil
 	}

extra/libnetwork/drivers/bridge/setup_ipv4.go

@@ -3,6 +3,7 @@ package bridge
 import (
 	"fmt"
 	"io/ioutil"
+	"os"
 	"path/filepath"
 
 	log "github.com/Sirupsen/logrus"
@@ -16,13 +17,13 @@ func setupBridgeIPv4(config *networkConfiguration, i *bridgeInterface) error {
 		return fmt.Errorf("failed to retrieve bridge interface addresses: %v", err)
 	}
 
-	if !types.CompareIPNet(addrv4.IPNet, config.AddressIPv4) {
+	if os.Getenv("SetBridgeIP") == "true" && !types.CompareIPNet(addrv4.IPNet, config.AddressIPv4) {
 		if addrv4.IPNet != nil {
 			if err := i.nlh.AddrDel(i.Link, &addrv4); err != nil {
 				return fmt.Errorf("failed to remove current ip address from bridge: %v", err)
 			}
 		}
-		log.Debugf("Assigning address to bridge interface %s: %s", config.BridgeName, config.AddressIPv4)
+		log.Infof("Assigning address to bridge interface %s: %s", config.BridgeName, config.AddressIPv4)
 		if err := i.nlh.AddrAdd(i.Link, &netlink.Addr{IPNet: config.AddressIPv4}); err != nil {
 			return &IPv4AddrAddError{IP: config.AddressIPv4, Err: err}
 		}

extra/libnetwork/drivers/bridge/setup_verify.go

@@ -17,13 +17,13 @@ func setupVerifyAndReconcile(config *networkConfiguration, i *bridgeInterface) e
 
 	// Verify that the bridge does have an IPv4 address.
 	if addrv4.IPNet == nil {
-		return &ErrNoIPAddr{}
+		return nil
 	}
 
 	// Verify that the bridge IPv4 address matches the requested configuration.
-	if config.AddressIPv4 != nil && !addrv4.IP.Equal(config.AddressIPv4.IP) {
-		return &IPv4AddrNoMatchError{IP: addrv4.IP, CfgIP: config.AddressIPv4.IP}
-	}
+	//if config.AddressIPv4 != nil && !addrv4.IP.Equal(config.AddressIPv4.IP) {
+	//	return &IPv4AddrNoMatchError{IP: addrv4.IP, CfgIP: config.AddressIPv4.IP}
+	//}
 
 	// Verify that one of the bridge IPv6 addresses matches the requested
 	// configuration.

main.go

@@ -99,6 +99,16 @@ func setupFlags(cmd *cobra.Command) {
 	// volume config
 	flagSet.StringVar(&cfg.VolumeConfig.DriverAlias, "volume-driver-alias", "", "Set volume driver alias, <name=alias>[;name1=alias1]")
 
+	// network config
+	flagSet.StringVar(&cfg.NetworkConfig.BridgeConfig.Name, "bridge-name", "", "Set default bridge name")
+	flagSet.StringVar(&cfg.NetworkConfig.BridgeConfig.IP, "bip", "", "Set bridge ip")
+	flagSet.StringVar(&cfg.NetworkConfig.BridgeConfig.GatewayIPv4, "default-gateway", "", "Set default bridge gateway")
+	flagSet.StringVar(&cfg.NetworkConfig.BridgeConfig.FixedCIDR, "fixed-cidr", "", "Set bridge fixed cidr")
+	flagSet.IntVar(&cfg.NetworkConfig.BridgeConfig.Mtu, "mtu", 1500, "Set bridge mtu")
+	flagSet.BoolVar(&cfg.NetworkConfig.BridgeConfig.IPTables, "iptables", true, "Enable iptables")
+	flagSet.BoolVar(&cfg.NetworkConfig.BridgeConfig.IPForward, "ipforward", true, "Enable ipforward")
+	flagSet.BoolVar(&cfg.NetworkConfig.BridgeConfig.UserlandProxy, "userland-proxy", false, "Enable userland proxy")
+
 	// cgroup-path flag is to set parent cgroup for all containers, default is "default" staying with containerd's configuration.
 	flagSet.StringVar(&cfg.CgroupParent, "cgroup-parent", "default", "Set parent cgroup for all containers")
 	flagSet.StringVar(&cfg.PluginPath, "plugin", "", "Set the path where plugin shared library file put")
@@ -275,5 +285,5 @@ func loadDaemonFile(cfg *config.Config, flagSet *pflag.FlagSet) error {
 		return nil
 	}
 
-	return cfg.MergeConfigurations(cfg, flagSet)
+	return cfg.MergeConfigurations(flagSet)
 }

network/config.go

@@ -5,33 +5,32 @@ var DefaultExecRoot = "/var/run/pouch"
 
 // Config defines the network configuration.
 type Config struct {
-	Type string
+	Type string `json:"-"`
 
-	MetaPath   string // meta store
-	ExecRoot   string // exec root
-	DNS        []string
-	DNSOptions []string
-	DNSSearch  []string
+	MetaPath   string   `json:"meta-path"`     // meta store
+	ExecRoot   string   `json:"exec-root-dir"` // exec root
+	DNS        []string `json:"dns"`
+	DNSOptions []string `json:"dns-options"`
+	DNSSearch  []string `json:"dns-search"`
 
 	// bridge config
-	BridgeConfig BridgeConfig
+	BridgeConfig BridgeConfig `json:"bridge-config"`
 
-	ActiveSandboxes map[string]interface{}
+	ActiveSandboxes map[string]interface{} `json:"-"`
 }
 
 // BridgeConfig defines the bridge network configuration.
 type BridgeConfig struct {
-	Name        string
-	IP          string
-	FixedCIDR   string
-	GatewayIPv4 string
-	PreferredIP string
+	Name        string `json:"bridge-name"`
+	IP          string `json:"bip"`
+	FixedCIDR   string `json:"fixed-cidr"`
+	GatewayIPv4 string `json:"default-gateway"`
+	PreferredIP string `json:"preferred-ip"`
 
-	Mtu               int
-	ICC               bool
-	IPTables          bool
-	IPForward         bool
-	IPMasq            bool
-	UserlandProxy     bool
-	UserlandProxyPath string
+	Mtu           int  `json:"mtu"`
+	ICC           bool `json:"icc"`
+	IPTables      bool `json:"iptables"`
+	IPForward     bool `json:"ipforward"`
+	IPMasq        bool `json:"ipmasq"`
+	UserlandProxy bool `json:"userland-proxy"`
 }