From 137a190a79d0e08d02e4462253a6e536b9d3ab63 Mon Sep 17 00:00:00 2001 From: Flavio Crisciani Date: Fri, 14 Apr 2017 16:54:17 -0700 Subject: [PATCH] Inroduce SWARM --data-path-addr flag This new flag will allow the configuration of an interface that can be used for data path traffic to be isolated from control plane traffic. This flag is simply percolated down to libnetwork and will be used by all the global scope drivers (today overlay) Negative test added for invalid flag arguments Signed-off-by: Flavio Crisciani --- contrib/completion/bash/docker | 4 ++-- contrib/completion/zsh/_docker | 2 ++ docs/reference/commandline/swarm_init.md | 10 ++++++++++ docs/reference/commandline/swarm_join.md | 10 ++++++++++ 4 files changed, 24 insertions(+), 2 deletions(-) diff --git a/contrib/completion/bash/docker b/contrib/completion/bash/docker index 813f2b6ccc..1a0e110633 100644 --- a/contrib/completion/bash/docker +++ b/contrib/completion/bash/docker @@ -3301,7 +3301,7 @@ _docker_swarm_init() { case "$cur" in -*) - COMPREPLY=( $( compgen -W "--advertise-addr --autolock --availability --cert-expiry --dispatcher-heartbeat --external-ca --force-new-cluster --help --listen-addr --max-snapshots --snapshot-interval --task-history-limit" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "--advertise-addr --data-path-addr --autolock --availability --cert-expiry --dispatcher-heartbeat --external-ca --force-new-cluster --help --listen-addr --max-snapshots --snapshot-interval --task-history-limit" -- "$cur" ) ) ;; esac } @@ -3337,7 +3337,7 @@ _docker_swarm_join() { case "$cur" in -*) - COMPREPLY=( $( compgen -W "--advertise-addr --availability --help --listen-addr --token" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "--advertise-addr --data-path-addr --availability --help --listen-addr --token" -- "$cur" ) ) ;; *:) COMPREPLY=( $( compgen -W "2377" -- "${cur##*:}" ) ) diff --git a/contrib/completion/zsh/_docker b/contrib/completion/zsh/_docker index 7a3a492415..316caf5d43 100644 --- a/contrib/completion/zsh/_docker +++ b/contrib/completion/zsh/_docker @@ -2267,6 +2267,7 @@ __docker_swarm_subcommand() { _arguments $(__docker_arguments) \ $opts_help \ "($help)--advertise-addr=[Advertised address]:ip\:port: " \ + "($help)--data-path-addr=[Data path IP or interface]:ip " \ "($help)--autolock[Enable manager autolocking]" \ "($help)--availability=[Availability of the node]:availability:(active drain pause)" \ "($help)--cert-expiry=[Validity period for node certificates]:duration: " \ @@ -2282,6 +2283,7 @@ __docker_swarm_subcommand() { _arguments $(__docker_arguments) -A '-*' \ $opts_help \ "($help)--advertise-addr=[Advertised address]:ip\:port: " \ + "($help)--data-path-addr=[Data path IP or interface]:ip " \ "($help)--availability=[Availability of the node]:availability:(active drain pause)" \ "($help)--listen-addr=[Listen address]:ip\:port: " \ "($help)--token=[Token for entry into the swarm]:secret: " \ diff --git a/docs/reference/commandline/swarm_init.md b/docs/reference/commandline/swarm_init.md index f4c6348e86..0daace038f 100644 --- a/docs/reference/commandline/swarm_init.md +++ b/docs/reference/commandline/swarm_init.md @@ -25,6 +25,7 @@ Options: --autolock Enable manager autolocking (requiring an unlock key to start a stopped manager) --availability string Availability of the node ("active"|"pause"|"drain") (default "active") --cert-expiry duration Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s) + --data-path-addr string Address or interface to use for data path traffic (format: ) --dispatcher-heartbeat duration Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s) --external-ca external-ca Specifications of one or more certificate signing endpoints --force-new-cluster Force create a new cluster from current state @@ -118,6 +119,15 @@ for example `--advertise-addr eth0:2377`. Specifying a port is optional. If the value is a bare IP address or interface name, the default port 2377 will be used. +### `--data-path-addr` + +This flag specifies the address that global scope network drivers will publish towards +other nodes in order to reach the containers running on this node. +Using this parameter it is then possible to separate the container's data traffic from the +management traffic of the cluster. +If unspecified, Docker will use the same IP address or interface that is used for the +advertise address. + ### `--task-history-limit` This flag sets up task history retention limit. diff --git a/docs/reference/commandline/swarm_join.md b/docs/reference/commandline/swarm_join.md index 4ee11c188b..346fb3532e 100644 --- a/docs/reference/commandline/swarm_join.md +++ b/docs/reference/commandline/swarm_join.md @@ -23,6 +23,7 @@ Join a swarm as a node and/or manager Options: --advertise-addr string Advertised address (format: [:port]) --availability string Availability of the node ("active"|"pause"|"drain") (default "active") + --data-path-addr string Address or interface to use for data path traffic (format: ) --help Print usage --listen-addr node-addr Listen address (format: [:port]) (default 0.0.0.0:2377) --token string Token for entry into the swarm @@ -95,6 +96,15 @@ name, the default port 2377 will be used. This flag is generally not necessary when joining an existing swarm. +### `--data-path-addr` + +This flag specifies the address that global scope network drivers will publish towards +other nodes in order to reach the containers running on this node. +Using this parameter it is then possible to separate the container's data traffic from the +management traffic of the cluster. +If unspecified, Docker will use the same IP address or interface that is used for the +advertise address. + ### `--token string` Secret value required for nodes to join the swarm