def dexec(self, cmd):
"""wrapper around docker exec"""
#docker exec needs cmd a seperate args, not a single string
cmd = 'docker exec -d $self.id ' + cmd
r(cmd)
def __init__(self, name, image):
self.nics = []
self.name = name
#start the container and record the container id sleeping randomly to try and improve performance at start
#time.sleep(random.uniform(1,3))
print("----DOCKER COMMAND----")
print(
"docker run -id --privileged --name $name --hostname $name --net=none $image"
)
self.id = r(
'docker run -id --privileged --name $name --hostname $name --net=none $image'
).strip()
self.pid = r(
"docker inspect -f '{{.State.Pid}}' $self.id").strip().strip(b"'")
self.pid = self.pid.decode("utf-8")
self.proc_path = '/proc/%s/ns/' % self.pid
self.mnt_fd = open(self.proc_path + 'mnt')
self.var_run = '/var/run/netns/' + self.name
if not os.path.exists('/var/run/netns'):
os.mkdir('/var/run/netns')
netns = self.proc_path + 'net'
#link this to /var/run/netns so ip tool can identify the network ns
r('ln -s $netns $self.var_run')
def __del__(self):
"""stop and delete the container"""
r('docker rm -f $self.id')
try:
#kill container and remove if it isn't a 'root' container
self.mnt_fd.close()
ns_root.ns.remove(self)
#r('docker kill $self.id')
#r('docker rm -f $self.id')
os.remove(self.var_run)
except:
pass
def setup_wifi(self, phy):
"""mov phy into this containers network namespace"""
r('iw phy $phy set netns $self.pid')
def connect(self, container):
"""This will create a ethernet connection to another ns"""
#creating a local var for the r() call
pid = container.pid
#count up our nics for naming scheme of container name + _number
tmp_n = 0
for nic in container.nics:
tmp_n += 1
#nicname = self.name + '_' + str(tmp_n)
nicname = container.name + '_' + str(tmp_n)
r('ip link add $nicname type veth peer name tmp')
r('ip link set tmp netns $self.pid')
r('ip link set $nicname netns $pid')
#need to research more, but pretty sure checksum offloading was
#screwing up udp packets.....
#http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2007q3/001506.html
#this disables offloading....
if self.name != 'root':
r('ip netns exec $self.name ethtool -K tmp rx off tx off')
self.enter_ns()
###########################################
#rename tmp to match veth peer in other ns
r('ip link set dev tmp name $nicname')
r('ethtool -K $nicname rx off tx off')
self.exit_ns()
#now append the nics to our list and the other containers
self.nics.append(nicname)
container.nics.append(nicname)
return nicname