def container_remove(container_id):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_id: The namespace path or the ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
if container_id.startswith("/") and os.path.exists(container_id):
# The ID is a path. Don't do any docker lookups
orchestrator_id = NAMESPACE_ORCHESTRATOR_ID
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=escape_etcd(container_id))
else:
# We know we're using "docker" as the orchestrator. If we have a direct
# hit on the container id then we can proceed. Otherwise, ask docker to
# try converting the name/id fragment into a full ID.
orchestrator_id = DOCKER_ORCHESTRATOR_ID
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=container_id)
if not endpoints:
container_id = get_workload_id(container_id)
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=container_id)
for endpoint in endpoints:
# Remove any IP address assignments that this endpoint has
client.release_ips(
set(map(IPAddress, endpoint.ipv4_nets | endpoint.ipv6_nets)))
try:
# Remove the interface if it exists
netns.remove_veth(endpoint.name)
except CalledProcessError:
print "Could not remove Calico interface %s" % endpoint.name
# Always try to remove the workload, even if we didn't find any
# endpoints.
try:
client.remove_workload(hostname, orchestrator_id, container_id)
print "Removed Calico from %s" % container_id
except KeyError:
print "Failed find Calico data for %s" % container_id
def container_remove(container_id):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_id: The namespace path or the ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
if container_id.startswith("/") and os.path.exists(container_id):
# The ID is a path. Don't do any docker lookups
workload_id = escape_etcd(container_id)
orchestrator_id = NAMESPACE_ORCHESTRATOR_ID
else:
workload_id = get_workload_id(container_id)
orchestrator_id = DOCKER_ORCHESTRATOR_ID
# Find the endpoint ID. We need this to find any ACL rules
try:
endpoint = client.get_endpoint(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=workload_id)
except KeyError:
print "Container %s doesn't contain any endpoints" % container_id
sys.exit(1)
# Remove any IP address assignments that this endpoint has
for net in endpoint.ipv4_nets | endpoint.ipv6_nets:
assert(net.size == 1)
ip = net.ip
pools = client.get_ip_pools(ip.version)
for pool in pools:
if ip in pool:
# Ignore failure to unassign address, since we're not
# enforcing assignments strictly in datastore.py.
client.unassign_address(pool, ip)
try:
# Remove the interface if it exists
netns.remove_veth(endpoint.name)
except CalledProcessError:
print "Could not remove Calico interface %s" % endpoint.name
sys.exit(1)
# Remove the container from the datastore.
client.remove_workload(hostname, orchestrator_id, workload_id)
print "Removed Calico interface from %s" % container_id
def container_remove(container_id):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_id: The namespace path or the ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
if container_id.startswith("/") and os.path.exists(container_id):
# The ID is a path. Don't do any docker lookups
orchestrator_id = NAMESPACE_ORCHESTRATOR_ID
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=escape_etcd(container_id))
else:
# We know we're using "docker" as the orchestrator. If we have a direct
# hit on the container id then we can proceed. Otherwise, ask docker to
# try converting the name/id fragment into a full ID.
orchestrator_id = DOCKER_ORCHESTRATOR_ID
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=container_id)
if not endpoints:
container_id = get_workload_id(container_id)
endpoints = client.get_endpoints(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=container_id)
for endpoint in endpoints:
# Remove any IP address assignments that this endpoint has
client.release_ips(set(map(IPAddress,
endpoint.ipv4_nets | endpoint.ipv6_nets)))
try:
# Remove the interface if it exists
netns.remove_veth(endpoint.name)
except CalledProcessError:
print "Could not remove Calico interface %s" % endpoint.name
# Always try to remove the workload, even if we didn't find any
# endpoints.
try:
client.remove_workload(hostname, orchestrator_id, container_id)
print "Removed Calico from %s" % container_id
except KeyError:
print "Failed find Calico data for %s" % container_id
def container_remove(container_id):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_id: The namespace path or the ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
if container_id.startswith("/") and os.path.exists(container_id):
# The ID is a path. Don't do any docker lookups
workload_id = escape_etcd(container_id)
orchestrator_id = NAMESPACE_ORCHESTRATOR_ID
else:
workload_id = get_workload_id(container_id)
orchestrator_id = DOCKER_ORCHESTRATOR_ID
# Find the endpoint ID. We need this to find any ACL rules
try:
endpoint = client.get_endpoint(hostname=hostname,
orchestrator_id=orchestrator_id,
workload_id=workload_id)
except KeyError:
print "Container %s doesn't contain any endpoints" % container_id
sys.exit(1)
# Remove any IP address assignments that this endpoint has
for net in endpoint.ipv4_nets | endpoint.ipv6_nets:
assert (net.size == 1)
ip = net.ip
pools = client.get_ip_pools(ip.version)
for pool in pools:
if ip in pool:
# Ignore failure to unassign address, since we're not
# enforcing assignments strictly in datastore.py.
client.unassign_address(pool, ip)
try:
# Remove the interface if it exists
netns.remove_veth(endpoint.name)
except CalledProcessError:
print "Could not remove Calico interface %s" % endpoint.name
sys.exit(1)
# Remove the container from the datastore.
client.remove_workload(hostname, orchestrator_id, workload_id)
print "Removed Calico interface from %s" % container_id
def container_remove(container_name):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_name: The name or ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
workload_id = get_container_id(container_name)
# Find the endpoint ID. We need this to find any ACL rules
try:
endpoint = client.get_endpoint(hostname=hostname,
orchestrator_id=ORCHESTRATOR_ID,
workload_id=workload_id)
except KeyError:
print "Container %s doesn't contain any endpoints" % container_name
sys.exit(1)
# Remove any IP address assignments that this endpoint has
for net in endpoint.ipv4_nets | endpoint.ipv6_nets:
assert(net.size == 1)
ip = net.ip
pools = client.get_ip_pools(ip.version)
for pool in pools:
if ip in pool:
# Ignore failure to unassign address, since we're not
# enforcing assignments strictly in datastore.py.
client.unassign_address(pool, ip)
# Remove the endpoint
netns.remove_veth(endpoint.name)
# Remove the container from the datastore.
client.remove_workload(hostname, ORCHESTRATOR_ID, workload_id)
print "Removed Calico interface from %s" % container_name
def container_remove(container_name):
"""
Remove a container (on this host) from Calico networking.
The container may be left in a state without any working networking.
If there is a network adaptor in the host namespace used by the container
then it is removed.
:param container_name: The name or ID of the container.
"""
# The netns manipulations must be done as root.
enforce_root()
# Resolve the name to ID.
workload_id = get_container_id(container_name)
# Find the endpoint ID. We need this to find any ACL rules
try:
endpoint = client.get_endpoint(hostname=hostname, orchestrator_id=ORCHESTRATOR_ID, workload_id=workload_id)
except KeyError:
print "Container %s doesn't contain any endpoints" % container_name
sys.exit(1)
# Remove any IP address assignments that this endpoint has
for net in endpoint.ipv4_nets | endpoint.ipv6_nets:
assert net.size == 1
ip = net.ip
pools = client.get_ip_pools(ip.version)
for pool in pools:
if ip in pool:
# Ignore failure to unassign address, since we're not
# enforcing assignments strictly in datastore.py.
client.unassign_address(pool, ip)
# Remove the endpoint
netns.remove_veth(endpoint.name)
# Remove the container from the datastore.
client.remove_workload(hostname, ORCHESTRATOR_ID, workload_id)
print "Removed Calico interface from %s" % container_name
