Split OS-specific code out of Sandbox.populateNetworkResources

And move the Endpoint.populateNetworkResources code into the all-platforms part of the Sandbox method. Signed-off-by: Rob Murray <rob.murray@docker.com>
2026-01-11 18:51:37 +00:00 · 2025-01-16 10:42:51 +00:00
parent a8b9eff902
commit 18b8e369ae
5 changed files with 53 additions and 73 deletions
--- a/daemon/libnetwork/endpoint.go
+++ b/daemon/libnetwork/endpoint.go
@@ -22,7 +22,6 @@ import (
 	"github.com/moby/moby/v2/daemon/libnetwork/netlabel"
 	"github.com/moby/moby/v2/daemon/libnetwork/scope"
 	"github.com/moby/moby/v2/daemon/libnetwork/types"
-	"github.com/moby/moby/v2/errdefs"
 	"go.opentelemetry.io/otel"
 )

@@ -577,9 +576,6 @@ func (ep *Endpoint) sbJoin(ctx context.Context, sb *Sandbox, options ...Endpoint
 		if err := sb.populateNetworkResources(ctx, ep); err != nil {
 			return err
 		}
-		if err := ep.populateNetworkResources(ctx, sb); err != nil {
-			return err
-		}
 		if err := ep.updateExternalConnectivity(ctx, sb, gwepBefore4, gwepBefore6); err != nil {
 			return err
 		}
@@ -591,41 +587,6 @@ func (ep *Endpoint) sbJoin(ctx context.Context, sb *Sandbox, options ...Endpoint
 	return nil
 }

-func (ep *Endpoint) populateNetworkResources(ctx context.Context, sb *Sandbox) (retErr error) {
-	n := ep.getNetwork()
-	if err := addEpToResolver(ctx, n.Name(), ep.Name(), &sb.config, ep.iface, n.Resolvers()); err != nil {
-		return errdefs.System(err)
-	}
-
-	if err := ep.addDriverInfoToCluster(); err != nil {
-		return err
-	}
-
-	defer func() {
-		if retErr != nil {
-			if e := ep.deleteDriverInfoFromCluster(); e != nil {
-				log.G(ctx).WithError(e).Error("Could not delete endpoint state from cluster on join failure")
-			}
-		}
-	}()
-
-	// Load balancing endpoints should never have a default gateway nor
-	// should they alter the status of a network's default gateway
-	if ep.loadBalancer && !sb.ingress {
-		return nil
-	}
-
-	if sb.needDefaultGW() && sb.getEndpointInGWNetwork() == nil {
-		return sb.setupDefaultGW()
-	}
-
-	// Enable upstream forwarding if the sandbox gained external connectivity.
-	if sb.resolver != nil {
-		sb.resolver.SetForwardingPolicy(sb.hasExternalAccess())
-	}
-	return nil
-}
-
 // updateExternalConnectivity configures an Endpoint when it becomes the gateway
 // endpoint for a network, revoking external connectivity from the previous gateway
 // endpoints, if necessary. (It does not update the Sandbox's default gateway, the
@@ -676,16 +637,6 @@ func (ep *Endpoint) updateExternalConnectivity(ctx context.Context, sb *Sandbox,
 		return err
 	}

-	if !sb.needDefaultGW() {
-		if e := sb.clearDefaultGW(); e != nil {
-			log.G(ctx).WithFields(log.Fields{
-				"error": e,
-				"sid":   sb.ID(),
-				"cid":   sb.ContainerID(),
-			}).Warn("Failure while disconnecting sandbox from gateway network")
-		}
-	}
-
 	return nil
 }

--- a/daemon/libnetwork/network_unix.go
+++ b/daemon/libnetwork/network_unix.go
@@ -3,7 +3,6 @@
 package libnetwork

 import (
-	"context"
 	"fmt"
 	"strconv"
 	"time"
@@ -21,16 +20,6 @@ type platformNetwork struct{} //nolint:nolintlint,unused // only populated on wi
 func (n *Network) startResolver() {
 }

-func addEpToResolver(
-	ctx context.Context,
-	netName, epName string,
-	config *containerConfig,
-	epIface *EndpointInterface,
-	resolvers []*Resolver,
-) error {
-	return nil
-}
-
 func deleteEpFromResolver(epName string, epIface *EndpointInterface, resolvers []*Resolver) error {
 	return nil
 }
--- a/daemon/libnetwork/sandbox.go
+++ b/daemon/libnetwork/sandbox.go
@@ -325,6 +325,52 @@ func (sb *Sandbox) addEndpoint(ep *Endpoint) {
 	sb.endpoints = slices.Insert(sb.endpoints, i, ep)
 }

+func (sb *Sandbox) populateNetworkResources(ctx context.Context, ep *Endpoint) (retErr error) {
+	ctx, span := otel.Tracer("").Start(ctx, "libnetwork.Sandbox.populateNetworkResources", trace.WithAttributes(
+		attribute.String("endpoint.Name", ep.Name())))
+	defer span.End()
+
+	if err := sb.populateNetworkResourcesOS(ctx, ep); err != nil {
+		return err
+	}
+
+	if err := ep.addDriverInfoToCluster(); err != nil {
+		return err
+	}
+	defer func() {
+		if retErr != nil {
+			if e := ep.deleteDriverInfoFromCluster(); e != nil {
+				log.G(ctx).WithError(e).Error("Could not delete endpoint state from cluster on join failure")
+			}
+		}
+	}()
+
+	// Load balancing endpoints should never have a default gateway nor
+	// should they alter the status of a network's default gateway
+	if !ep.loadBalancer || sb.ingress {
+		if sb.needDefaultGW() {
+			if sb.getEndpointInGWNetwork() == nil {
+				// sb.populateNetworkResources() will be called recursively for the new
+				// gateway endpoint. So, it'll set the resolver's forwarding policy.
+				return sb.setupDefaultGW()
+			}
+		} else if err := sb.clearDefaultGW(); err != nil {
+			log.G(ctx).WithFields(log.Fields{
+				"error": err,
+				"sid":   sb.ID(),
+				"cid":   sb.ContainerID(),
+			}).Warn("Failure while disconnecting sandbox from gateway network")
+		}
+
+		// Enable upstream forwarding if the sandbox gained external connectivity.
+		if sb.resolver != nil {
+			sb.resolver.SetForwardingPolicy(sb.hasExternalAccess())
+		}
+	}
+
+	return nil
+}
+
 func (sb *Sandbox) GetEndpoint(id string) *Endpoint {
 	sb.mu.Lock()
 	defer sb.mu.Unlock()
--- a/daemon/libnetwork/sandbox_linux.go
+++ b/daemon/libnetwork/sandbox_linux.go
@@ -10,9 +10,6 @@ import (
 	"github.com/moby/moby/v2/daemon/libnetwork/netutils"
 	"github.com/moby/moby/v2/daemon/libnetwork/osl"
 	"github.com/moby/moby/v2/daemon/libnetwork/types"
-	"go.opentelemetry.io/otel"
-	"go.opentelemetry.io/otel/attribute"
-	"go.opentelemetry.io/otel/trace"
 )

 // Linux-specific container configuration flags.
@@ -330,9 +327,6 @@ func (sb *Sandbox) finishEndpointConfig(ctx context.Context) error {
 		if err := sb.populateNetworkResources(ctx, ep); err != nil {
 			return err
 		}
-		if err := ep.populateNetworkResources(ctx, sb); err != nil {
-			return err
-		}
 	}

 	gwep4, gwep6 := sb.getGatewayEndpoint()
@@ -355,11 +349,7 @@ func (sb *Sandbox) canPopulateNetworkResources() bool {
 	return sb.osSbox != nil
 }

-func (sb *Sandbox) populateNetworkResources(ctx context.Context, ep *Endpoint) error {
-	ctx, span := otel.Tracer("").Start(ctx, "libnetwork.Sandbox.populateNetworkResources", trace.WithAttributes(
-		attribute.String("endpoint.Name", ep.Name())))
-	defer span.End()
-
+func (sb *Sandbox) populateNetworkResourcesOS(ctx context.Context, ep *Endpoint) error {
 	sb.mu.Lock()
 	if sb.osSbox == nil {
 		sb.mu.Unlock()
--- a/daemon/libnetwork/sandbox_windows.go
+++ b/daemon/libnetwork/sandbox_windows.go
@@ -4,6 +4,7 @@ import (
 	"context"

 	"github.com/moby/moby/v2/daemon/libnetwork/osl"
+	"github.com/moby/moby/v2/errdefs"
 )

 func releaseOSSboxResources(*osl.Namespace, *Endpoint) {}
@@ -37,8 +38,11 @@ func (sb *Sandbox) canPopulateNetworkResources() bool {
 	return true
 }

-func (sb *Sandbox) populateNetworkResources(context.Context, *Endpoint) error {
-	// not implemented on Windows (Sandbox.osSbox is always nil)
+func (sb *Sandbox) populateNetworkResourcesOS(ctx context.Context, ep *Endpoint) error {
+	n := ep.getNetwork()
+	if err := addEpToResolver(ctx, n.Name(), ep.Name(), &sb.config, ep.iface, n.Resolvers()); err != nil {
+		return errdefs.System(err)
+	}
 	return nil
 }