2020-02-22 18:39:33 +00:00
|
|
|
// +build !windows
|
|
|
|
|
|
2019-01-01 08:23:01 +00:00
|
|
|
package syssetup
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"io/ioutil"
|
2019-05-09 19:23:33 +00:00
|
|
|
"os"
|
2019-01-26 04:52:29 +00:00
|
|
|
"os/exec"
|
2019-01-01 08:23:01 +00:00
|
|
|
|
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
)
|
|
|
|
|
|
2019-05-09 19:23:33 +00:00
|
|
|
func loadKernelModule(moduleName string) {
|
|
|
|
|
if _, err := os.Stat("/sys/module/" + moduleName); err == nil {
|
2020-09-21 16:56:03 +00:00
|
|
|
logrus.Info("Module " + moduleName + " was already loaded")
|
2019-05-09 19:23:33 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := exec.Command("modprobe", moduleName).Run(); err != nil {
|
2020-09-21 16:56:03 +00:00
|
|
|
logrus.Warn("Failed to start " + moduleName + " module")
|
2019-04-18 01:27:20 +00:00
|
|
|
}
|
2019-05-09 19:23:33 +00:00
|
|
|
}
|
|
|
|
|
|
2019-11-04 18:35:14 +00:00
|
|
|
func enableSystemControl(file string) {
|
|
|
|
|
if err := ioutil.WriteFile(file, []byte("1"), 0640); err != nil {
|
2020-09-21 16:56:03 +00:00
|
|
|
logrus.Warnf("Failed to write value 1 at "+file+": %v", err)
|
2019-04-18 01:27:20 +00:00
|
|
|
}
|
2019-11-04 18:35:14 +00:00
|
|
|
}
|
2019-04-18 01:27:20 +00:00
|
|
|
|
2019-11-04 18:35:14 +00:00
|
|
|
func Configure() {
|
2019-05-09 19:23:33 +00:00
|
|
|
loadKernelModule("overlay")
|
|
|
|
|
loadKernelModule("nf_conntrack")
|
2019-11-04 18:35:14 +00:00
|
|
|
loadKernelModule("br_netfilter")
|
2020-10-26 19:02:47 +00:00
|
|
|
loadKernelModule("iptable_nat")
|
2019-05-09 19:23:33 +00:00
|
|
|
|
2019-12-11 00:13:19 +00:00
|
|
|
// Kernel is inconsistent about how devconf is configured for
|
|
|
|
|
// new network namespaces between ipv4 and ipv6. Make sure to
|
|
|
|
|
// enable forwarding on all and default for both ipv4 and ipv8.
|
|
|
|
|
enableSystemControl("/proc/sys/net/ipv4/conf/all/forwarding")
|
|
|
|
|
enableSystemControl("/proc/sys/net/ipv4/conf/default/forwarding")
|
2019-11-04 18:35:14 +00:00
|
|
|
enableSystemControl("/proc/sys/net/ipv6/conf/all/forwarding")
|
2019-12-11 00:13:19 +00:00
|
|
|
enableSystemControl("/proc/sys/net/ipv6/conf/default/forwarding")
|
2019-11-04 18:35:14 +00:00
|
|
|
enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-iptables")
|
|
|
|
|
enableSystemControl("/proc/sys/net/bridge/bridge-nf-call-ip6tables")
|
2019-01-01 08:23:01 +00:00
|
|
|
}
|
