Generate deterministically random MAC addresses for docker containers

author: Valerij Fredriksen <valerijf@oath.com> 2017-10-06 13:39:32 +0200
committer: Valerij Fredriksen <valerijf@oath.com> 2017-10-06 13:39:32 +0200
commit: 00a1d90ea6133f519424de86976313a90b809770 (patch)
tree: 5e6e19c496b5cc0ead2de2c031a040066a674129 /docker-api
parent: 73f7c6d30771a8a685e5458a7d9346076e82f950 (diff)
1 files changed, 16 insertions, 6 deletions
diff --git a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/CreateContainerCommandImpl.java b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/CreateContainerCommandImpl.java
index e676a86d9fd..1f568b325b9 100644
--- a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/CreateContainerCommandImpl.java
+++ b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/CreateContainerCommandImpl.java
@@ -9,6 +9,7 @@ import com.github.dockerjava.api.model.Ulimit;
 
 import java.net.Inet6Address;
 import java.net.InetAddress;
+import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -19,6 +20,7 @@ import java.util.Optional;
 import java.util.Random;
 import java.util.Set;
 import java.util.stream.Collectors;
+import java.util.stream.IntStream;
 
 class CreateContainerCommandImpl implements Docker.CreateContainerCommand {
     private final DockerClient docker;
@@ -205,17 +207,25 @@ class CreateContainerCommandImpl implements Docker.CreateContainerCommand {
     }
 
     private String generateRandomMACAddress() {
-        Random rand = new SecureRandom();
+        final String seed = hostName + ipv4Address.orElse("") + ipv6Address.orElse("");
+        Random rand = getPRNG(seed);
         byte[] macAddr = new byte[6];
         rand.nextBytes(macAddr);
 
         // Set second-last bit (locally administered MAC address), unset last bit (unicast)
         macAddr[0] = (byte) ((macAddr[0] | 2) & 254);
-        StringBuilder sb = new StringBuilder(18);
-        for (byte b : macAddr) {
-            sb.append(":").append(String.format("%02x", b));
-        }
+        return IntStream.range(0, macAddr.length)
+                .mapToObj(i -> String.format("%02x", macAddr[i]))
+                .collect(Collectors.joining(":"));
+    }
 
-        return sb.substring(1);
+    private static Random getPRNG(String seed) {
+        try {
+            SecureRandom rand = SecureRandom.getInstance("SHA1PRNG");
+            rand.setSeed(seed.getBytes());
+            return rand;
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException("Failed to get pseudo-random number generator", e);
+        }
     }
 }
author	Valerij Fredriksen <valerijf@oath.com>	2017-10-06 13:39:32 +0200
committer	Valerij Fredriksen <valerijf@oath.com>	2017-10-06 13:39:32 +0200
commit	00a1d90ea6133f519424de86976313a90b809770 (patch)
tree	5e6e19c496b5cc0ead2de2c031a040066a674129 /docker-api
parent	73f7c6d30771a8a685e5458a7d9346076e82f950 (diff)