зеркало из https://github.com/microsoft/docker.git
Add bridge-nf-call-iptables/bridge-nf-call-ipv6tables to docker info
Signed-off-by: Lei Jitang <leijitang@huawei.com>
This commit is contained in:
Lei Jitang
Родитель
ba9db62e68
Коммит
57d12a0e0a
|
|
@ -76,6 +76,12 @@ func (cli *DockerCli) CmdInfo(args ...string) error {
|
||||||
if !info.IPv4Forwarding {
|
if !info.IPv4Forwarding {
|
||||||
fmt.Fprintf(cli.err, "WARNING: IPv4 forwarding is disabled.\n")
|
fmt.Fprintf(cli.err, "WARNING: IPv4 forwarding is disabled.\n")
|
||||||
}
|
}
|
||||||
|
if !info.BridgeNfIptables {
|
||||||
|
fmt.Fprintf(cli.err, "WARNING: bridge-nf-call-iptables is disabled\n")
|
||||||
|
}
|
||||||
|
if !info.BridgeNfIp6tables {
|
||||||
|
fmt.Fprintf(cli.err, "WARNING: bridge-nf-call-ip6tables is disabled\n")
|
||||||
|
}
|
||||||
if info.Labels != nil {
|
if info.Labels != nil {
|
||||||
fmt.Fprintln(cli.out, "Labels:")
|
fmt.Fprintln(cli.out, "Labels:")
|
||||||
for _, attribute := range info.Labels {
|
for _, attribute := range info.Labels {
|
||||||
|
|
|
||||||
|
|
@ -153,6 +153,8 @@ type Info struct {
|
||||||
CpuCfsPeriod bool
|
CpuCfsPeriod bool
|
||||||
CpuCfsQuota bool
|
CpuCfsQuota bool
|
||||||
IPv4Forwarding bool
|
IPv4Forwarding bool
|
||||||
|
BridgeNfIptables bool
|
||||||
|
BridgeNfIp6tables bool
|
||||||
Debug bool
|
Debug bool
|
||||||
NFd int
|
NFd int
|
||||||
OomKillDisable bool
|
OomKillDisable bool
|
||||||
|
|
|
||||||
|
|
@ -67,6 +67,8 @@ func (daemon *Daemon) SystemInfo() (*types.Info, error) {
|
||||||
CpuCfsPeriod: daemon.SystemConfig().CpuCfsPeriod,
|
CpuCfsPeriod: daemon.SystemConfig().CpuCfsPeriod,
|
||||||
CpuCfsQuota: daemon.SystemConfig().CpuCfsQuota,
|
CpuCfsQuota: daemon.SystemConfig().CpuCfsQuota,
|
||||||
IPv4Forwarding: !daemon.SystemConfig().IPv4ForwardingDisabled,
|
IPv4Forwarding: !daemon.SystemConfig().IPv4ForwardingDisabled,
|
||||||
|
BridgeNfIptables: !daemon.SystemConfig().BridgeNfCallIptablesDisabled,
|
||||||
|
BridgeNfIp6tables: !daemon.SystemConfig().BridgeNfCallIp6tablesDisabled,
|
||||||
Debug: os.Getenv("DEBUG") != "",
|
Debug: os.Getenv("DEBUG") != "",
|
||||||
NFd: fileutils.GetTotalUsedFds(),
|
NFd: fileutils.GetTotalUsedFds(),
|
||||||
OomKillDisable: daemon.SystemConfig().OomKillDisable,
|
OomKillDisable: daemon.SystemConfig().OomKillDisable,
|
||||||
|
|
|
||||||
|
|
@ -10,4 +10,6 @@ type SysInfo struct {
|
||||||
IPv4ForwardingDisabled bool
|
IPv4ForwardingDisabled bool
|
||||||
AppArmor bool
|
AppArmor bool
|
||||||
OomKillDisable bool
|
OomKillDisable bool
|
||||||
|
BridgeNfCallIptablesDisabled bool
|
||||||
|
BridgeNfCallIp6tablesDisabled bool
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -63,6 +63,21 @@ func New(quiet bool) *SysInfo {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if bridge-nf-call-iptables is disabled.
|
||||||
|
if data, err := ioutil.ReadFile("/proc/sys/net/bridge/bridge-nf-call-iptables"); os.IsNotExist(err) {
|
||||||
|
sysInfo.BridgeNfCallIptablesDisabled = true
|
||||||
|
} else {
|
||||||
|
enabled, _ := strconv.Atoi(strings.TrimSpace(string(data)))
|
||||||
|
sysInfo.BridgeNfCallIptablesDisabled = enabled == 0
|
||||||
|
}
|
||||||
|
// Check if bridge-nf-call-ip6tables is disabled.
|
||||||
|
if data, err := ioutil.ReadFile("/proc/sys/net/bridge/bridge-nf-call-ip6tables"); os.IsNotExist(err) {
|
||||||
|
sysInfo.BridgeNfCallIp6tablesDisabled = true
|
||||||
|
} else {
|
||||||
|
enabled, _ := strconv.Atoi(strings.TrimSpace(string(data)))
|
||||||
|
sysInfo.BridgeNfCallIp6tablesDisabled = enabled == 0
|
||||||
|
}
|
||||||
|
|
||||||
// Check if AppArmor is supported.
|
// Check if AppArmor is supported.
|
||||||
if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
|
if _, err := os.Stat("/sys/kernel/security/apparmor"); os.IsNotExist(err) {
|
||||||
sysInfo.AppArmor = false
|
sysInfo.AppArmor = false
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче