Preliminary NAT implementation for docker

3 files changed, 26 insertions, 5 deletions

diff --git a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/Docker.java b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/Docker.java
index bc94c39d135..b30b1f96dbb 100644
--- a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/Docker.java
+++ b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/Docker.java
@@ -45,6 +45,10 @@ public interface Docker {
         Map<String, Object> getBlkioStats();
     }
 
+    default boolean networkNATted() {
+        return false;
+    }
+
     Optional<ContainerStats> getContainerStats(ContainerName containerName);
     
     void startContainer(ContainerName containerName);
@@ -113,5 +117,5 @@ public interface Docker {
      */
     ProcessResult executeInContainerAsRoot(ContainerName containerName, Long timeoutSeconds, String... command);
 
-
+    String getGlobalIPv6Address(ContainerName name);
 }
diff --git a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/DockerImpl.java b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/DockerImpl.java
index fa093e0b4dc..e180dcffe47 100644
--- a/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/DockerImpl.java
+++ b/docker-api/src/main/java/com/yahoo/vespa/hosted/dockerapi/DockerImpl.java
@@ -4,6 +4,7 @@ package com.yahoo.vespa.hosted.dockerapi;
 import com.github.dockerjava.api.DockerClient;
 import com.github.dockerjava.api.command.ExecCreateCmdResponse;
 import com.github.dockerjava.api.command.ExecStartCmd;
+import com.github.dockerjava.api.command.InspectContainerCmd;
 import com.github.dockerjava.api.command.InspectContainerResponse;
 import com.github.dockerjava.api.command.InspectExecResponse;
 import com.github.dockerjava.api.command.InspectImageResponse;
@@ -125,15 +126,23 @@ public class DockerImpl implements Docker {
                 Duration minAgeToDelete = Duration.ofMinutes(config.imageGCMinTimeToLiveMinutes());
                 dockerImageGC = Optional.of(new DockerImageGarbageCollector(minAgeToDelete));
 
-                try {
-                    setupDockerNetworkIfNeeded();
-                } catch (Exception e) {
-                    throw new DockerException("Could not setup docker network", e);
+
+                if (!config.networkNATted()) {
+                    try {
+                        setupDockerNetworkIfNeeded();
+                    } catch (Exception e) {
+                        throw new DockerException("Could not setup docker network", e);
+                    }
                 }
             }
         }
     }
 
+    @Override
+    public boolean networkNATted() {
+        return config.networkNATted();
+    }
+
     static DefaultDockerClientConfig.Builder buildDockerClientConfig(DockerConfig config) {
         DefaultDockerClientConfig.Builder dockerConfigBuilder = new DefaultDockerClientConfig.Builder()
                 .withDockerHost(config.uri());
@@ -393,6 +402,12 @@ public class DockerImpl implements Docker {
         return asContainer(containerName.asString()).findFirst();
     }
 
+    @Override
+    public String getGlobalIPv6Address(ContainerName name) {
+        InspectContainerCmd cmd = dockerClient.inspectContainerCmd(name.asString());
+        return cmd.exec().getNetworkSettings().getGlobalIPv6Address();
+    }
+
     private Stream<Container> asContainer(String container) {
         return inspectContainerCmd(container)
                 .map(response ->
diff --git a/docker-api/src/main/resources/configdefinitions/docker.def b/docker-api/src/main/resources/configdefinitions/docker.def
index 5c6e52b2f63..20b156a9a6d 100644
--- a/docker-api/src/main/resources/configdefinitions/docker.def
+++ b/docker-api/src/main/resources/configdefinitions/docker.def
@@ -14,3 +14,5 @@ readTimeoutMillis int default = 1800000 # 30 min
 
 isRunningLocally bool default = false
 imageGCMinTimeToLiveMinutes int default = 45
+
+networkNATted bool default = false