Skip to content

Commit

Permalink
Merge branch 'defOsSbox' into 'huawei-1.11.2'
Browse files Browse the repository at this point in the history
initialize defOsSbox in controller New()

This will initialize defOsSbox once controller is set.
It's a workaround to prevent problems described in
moby/libnetwork#1113
from happenning.

This issue has potential risk to create defOsSbox right on a
none-host namespace thread. thus all containers created with
--net=host won't work as expected. as defOsSbox has been bind to
a container network namespace

Signed-off-by: Deng Guangxing <dengguangxing@huawei.com>



See merge request docker/docker!617
  • Loading branch information
dengguangxing 00221763 authored and aarch64 committed Jun 30, 2017
2 parents bcfebf4 + 063cdba commit a17818b
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions vendor/src/github.com/docker/libnetwork/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,15 @@ func New(cfgOptions ...config.Option) (NetworkController, error) {
return nil, err
}

var err error
c.sboxOnce.Do(func() {
c.defOsSbox, err = osl.NewSandbox(osl.GenerateKey("default"), false, false)
})
if err != nil {
c.sboxOnce = sync.Once{}
log.Warnf("failed to create default sandbox in controller initializing: %v", err)
}

return c, nil
}

Expand Down Expand Up @@ -696,6 +705,8 @@ func (c *controller) NewSandbox(containerID string, options ...SandboxOption) (S
}

if sb.config.useDefaultSandBox {
// these code should never be called because we will
// create defOsSbox in libnetwork.New() once for all
c.sboxOnce.Do(func() {
c.defOsSbox, err = osl.NewSandbox(sb.Key(), false, false)
})
Expand Down

0 comments on commit a17818b

Please sign in to comment.