Browse Source

Merge pull request #15825 from TDT-AG/pr/20210611-dockerd

dockerd: refactoring uciadd and ucidel handling
lilik-openwrt-22.03
Florian Eckert 3 years ago
committed by GitHub
parent
commit
a4eb7f4499
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 51 additions and 15 deletions
  1. +1
    -1
      utils/dockerd/Makefile
  2. +50
    -14
      utils/dockerd/files/dockerd.init

+ 1
- 1
utils/dockerd/Makefile View File

@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dockerd PKG_NAME:=dockerd
PKG_VERSION:=20.10.7 PKG_VERSION:=20.10.7
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_LICENSE:=Apache-2.0 PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE PKG_LICENSE_FILES:=LICENSE


+ 50
- 14
utils/dockerd/files/dockerd.init View File

@ -17,6 +17,28 @@ json_add_array_string() {
json_add_string "" "${1}" json_add_string "" "${1}"
} }
find_network_device() {
local device="${1}"
local device_section=""
check_device() {
local cfg="${1}"
local device="${2}"
local type name
config_get type "${cfg}" type
config_get name "${cfg}" name
[ "${type}" = "bridge" ] && [ "${name}" = "${device}" ] \
&& device_section="${cfg}"
}
config_load network
config_foreach check_device device "${device}"
echo "${device_section}"
}
boot() { boot() {
uciadd uciadd
rc_procd start_service rc_procd start_service
@ -40,32 +62,31 @@ uciadd() {
# Add network interface # Add network interface
if ! uci_quiet get network.${iface}; then if ! uci_quiet get network.${iface}; then
logger -t "dockerd-init" -p notice "Adding docker default interface to network uci config (${iface})"
logger -t "dockerd-init" -p notice "Adding interface '${iface}' to network config"
uci_quiet add network interface uci_quiet add network interface
uci_quiet rename network.@interface[-1]="${iface}" uci_quiet rename network.@interface[-1]="${iface}"
uci_quiet set network.@interface[-1].ifname="${device}"
uci_quiet set network.@interface[-1].device="${device}"
uci_quiet set network.@interface[-1].proto="none" uci_quiet set network.@interface[-1].proto="none"
uci_quiet set network.@interface[-1].auto="0" uci_quiet set network.@interface[-1].auto="0"
uci_quiet commit network uci_quiet commit network
fi fi
# Add docker bridge device # Add docker bridge device
if ! uci_quiet get network.${device}; then
logger -t "dockerd-init" -p notice "Adding docker default bridge device to network uci config (${device})"
if [ "$(find_network_device "$device")" = "" ]; then
logger -t "dockerd-init" -p notice "Adding bridge device '${device}' to network config"
uci_quiet add network device uci_quiet add network device
uci_quiet rename network.@device[-1]="${device}"
uci_quiet set network.@device[-1].type="bridge" uci_quiet set network.@device[-1].type="bridge"
uci_quiet set network.@device[-1].name="${device}" uci_quiet set network.@device[-1].name="${device}"
uci_quiet add_list network.@device[-1].ifname="${device}"
uci_quiet commit network uci_quiet commit network
else
logger -t "dockerd-init" -p notice "Bridge device '${device}' already defined in network config"
fi fi
# Add firewall zone # Add firewall zone
if ! uci_quiet get firewall.${zone}; then if ! uci_quiet get firewall.${zone}; then
logger -t "dockerd-init" -p notice "Adding docker default firewall zone to firewall uci config (${zone})"
logger -t "dockerd-init" -p notice "Adding firewall zone '${zone}' to firewall config"
uci_quiet add firewall zone uci_quiet add firewall zone
uci_quiet rename firewall.@zone[-1]="${zone}" uci_quiet rename firewall.@zone[-1]="${zone}"
uci_quiet set firewall.@zone[-1].network="${iface}"
uci_quiet set firewall.@zone[-1].input="ACCEPT" uci_quiet set firewall.@zone[-1].input="ACCEPT"
uci_quiet set firewall.@zone[-1].output="ACCEPT" uci_quiet set firewall.@zone[-1].output="ACCEPT"
uci_quiet set firewall.@zone[-1].forward="ACCEPT" uci_quiet set firewall.@zone[-1].forward="ACCEPT"
@ -73,6 +94,13 @@ uciadd() {
uci_quiet commit firewall uci_quiet commit firewall
fi fi
# Add interface to firewall zone
if uci_quiet get firewall.${zone}; then
uci_quiet del_list firewall.${zone}.network="${iface}"
uci_quiet add_list firewall.${zone}.network="${iface}"
uci_quiet commit firewall
fi
reload_config reload_config
} }
@ -92,21 +120,29 @@ ucidel() {
exit 0 exit 0
} }
if uci_quiet get network.${device}; then
logger -t "dockerd-init" -p notice "Deleting docker default bridge device from network uci config (${device})"
uci_quiet delete network.${device}
# Remove network device
if uci_quiet delete network.$(find_network_device "${device}"); then
logger -t "dockerd-init" -p notice "Deleting bridge device '${device}' from network config"
uci_quiet commit network uci_quiet commit network
fi fi
# Remove network interface
if uci_quiet get network.${iface}; then if uci_quiet get network.${iface}; then
logger -t "dockerd-init" -p notice "Deleting docker default interface from network uci config (${iface})"
logger -t "dockerd-init" -p notice "Deleting interface '${iface}' from network config"
uci_quiet delete network.${iface} uci_quiet delete network.${iface}
uci_quiet commit network uci_quiet commit network
fi fi
# Remove interface from firewall zone
if uci_quiet get firewall.${zone}; then if uci_quiet get firewall.${zone}; then
logger -t "dockerd-init" -p notice "Deleting docker firewall zone from firewall uci config (${zone})"
uci_quiet delete firewall.${zone}
logger -t "dockerd-init" -p notice "Deleting network interface '${iface}' in zone '${zone}' from firewall config"
uci_quiet del_list firewall.${zone}.network="${iface}"
uci_quiet commit firewall
# Remove Firewall zone if network is empty
if ! uci_quiet get firewall.${zone}.network; then
logger -t "dockerd-init" -p notice "Deleting firewall zone '${zone}' from firewall config"
uci_quiet delete firewall.${zone}
fi
uci_quiet commit firewall uci_quiet commit firewall
fi fi


Loading…
Cancel
Save