github.com/sijibomii/docker@v0.0.0-20231230191044-5cf6ca554647/runconfig/hostconfig_unix.go

github.com/sijibomii/docker@v0.0.0-20231230191044-5cf6ca554647/runconfig/hostconfig_unix.go (about)

     1  // +build !windows
     2  
     3  package runconfig
     4  
     5  import (
     6  	"fmt"
     7  	"runtime"
     8  	"strings"
     9  
    10  	"github.com/docker/engine-api/types/container"
    11  )
    12  
    13  // DefaultDaemonNetworkMode returns the default network stack the daemon should
    14  // use.
    15  func DefaultDaemonNetworkMode() container.NetworkMode {
    16  	return container.NetworkMode("bridge")
    17  }
    18  
    19  // IsPreDefinedNetwork indicates if a network is predefined by the daemon
    20  func IsPreDefinedNetwork(network string) bool {
    21  	n := container.NetworkMode(network)
    22  	return n.IsBridge() || n.IsHost() || n.IsNone() || n.IsDefault()
    23  }
    24  
    25  // ValidateNetMode ensures that the various combinations of requested
    26  // network settings are valid.
    27  func ValidateNetMode(c *container.Config, hc *container.HostConfig) error {
    28  	// We may not be passed a host config, such as in the case of docker commit
    29  	if hc == nil {
    30  		return nil
    31  	}
    32  	parts := strings.Split(string(hc.NetworkMode), ":")
    33  	if parts[0] == "container" {
    34  		if len(parts) < 2 || parts[1] == "" {
    35  			return fmt.Errorf("--net: invalid net mode: invalid container format container:<name|id>")
    36  		}
    37  	}
    38  
    39  	if hc.NetworkMode.IsContainer() && c.Hostname != "" {
    40  		return ErrConflictNetworkHostname
    41  	}
    42  
    43  	if hc.UTSMode.IsHost() && c.Hostname != "" {
    44  		return ErrConflictUTSHostname
    45  	}
    46  
    47  	if hc.NetworkMode.IsHost() && len(hc.Links) > 0 {
    48  		return ErrConflictHostNetworkAndLinks
    49  	}
    50  
    51  	if hc.NetworkMode.IsContainer() && len(hc.Links) > 0 {
    52  		return ErrConflictContainerNetworkAndLinks
    53  	}
    54  
    55  	if (hc.NetworkMode.IsHost() || hc.NetworkMode.IsContainer()) && len(hc.DNS) > 0 {
    56  		return ErrConflictNetworkAndDNS
    57  	}
    58  
    59  	if (hc.NetworkMode.IsContainer() || hc.NetworkMode.IsHost()) && len(hc.ExtraHosts) > 0 {
    60  		return ErrConflictNetworkHosts
    61  	}
    62  
    63  	if (hc.NetworkMode.IsContainer() || hc.NetworkMode.IsHost()) && c.MacAddress != "" {
    64  		return ErrConflictContainerNetworkAndMac
    65  	}
    66  
    67  	if hc.NetworkMode.IsContainer() && (len(hc.PortBindings) > 0 || hc.PublishAllPorts == true) {
    68  		return ErrConflictNetworkPublishPorts
    69  	}
    70  
    71  	if hc.NetworkMode.IsContainer() && len(c.ExposedPorts) > 0 {
    72  		return ErrConflictNetworkExposePorts
    73  	}
    74  	return nil
    75  }
    76  
    77  // ValidateIsolation performs platform specific validation of
    78  // isolation in the hostconfig structure. Linux only supports "default"
    79  // which is LXC container isolation
    80  func ValidateIsolation(hc *container.HostConfig) error {
    81  	// We may not be passed a host config, such as in the case of docker commit
    82  	if hc == nil {
    83  		return nil
    84  	}
    85  	if !hc.Isolation.IsValid() {
    86  		return fmt.Errorf("invalid --isolation: %q - %s only supports 'default'", hc.Isolation, runtime.GOOS)
    87  	}
    88  	return nil
    89  }