DOCKNET - golang package for Linux networking

DevOps Exchange London, #DOXLON26th June, 2014

About me…

• Ex-Rackspace, couple of startups in and outside of UK

• Currently freelancing

• Twitter: @milosgajdos

• Linkedin: http://uk.linkedin.com/in/milosgajdos

• Professional (technology) ranter or better - Ops guy

• Programming language tourist currently loving Go

How and why docknet

• Started as a personal interest in Linux container networking(http://containerops.org/2013/11/19/lxc-networking/)

• Docker does not offer advanced networking functionality available in LXC/OpenVZ

• No properly functional Go library which would allow you to configure Linux networking programatically without shelling out

Application delivery DOCKERIZE ALL THE THINGS!

Infrastructure delivery

• Network is an essential part of IT infrastructure

• Well designed network offers better scalability, security, easier management etc.

• Legacy network setups and various esoteric or financial requirements leave us deal with ….

Insane network infrastructures o_O

Netlink & RTNetlink

• Netlink is a datagram-oriented messaging system in Linux for user-space applications to communicate with Linux kernel

• mostly used by networking tools (iproute2), but there is some use of it in other non-networking kernel subsystems

• RtNetlink is a library used for configuring and managing networking devices, routing, neighbouring etc.

Go netlink

• Found 2 Go implementations:

1. github.com/abneptis/GoNetlink

• does not seem to be actively developed any more - last commit about 4 years ago

• couldn’t compile it with latest Go compiler

2. github.com/docker/libcontainer/ (netlink package)

• used by Docker \o/

• more idiomatic, still work in progress

• seems broken - NEEDS FIXING

Fixing netlink package

docknet

• general network managing and configuration library for Linux OS - not just containers!

• uses properly functioning netlink package which offers more functionality than libcontainer’s one (VLANs, MAC VLANs etc.)

• no syscalls in netlink package any more - syscalls are NOT netlink !

• allows for advanced networking configuration of your containers (not necessarily Docker based): VLANs, MAC VLANs, multiple network interfaces etc.

• Still WORK IN PROGRESS… still private, should be released in a week or two

docknet sneak peek

• Add an extra veth interface into Docker from the host machine:

https://gist.github.com/milosgajdos83/7cc9028a962fb5635ada

• Add a MAC VLAN interfaces into Docker from the host machine:

https://gist.github.com/milosgajdos83/296fb90d076f259a5b0a

TIME FOR LIVE DEMO!

I AM HIRING ……

Links

• http://www.linuxjournal.com/article/8498

• http://man7.org/linux/man-pages/man7/netlink.7.html

• http://man7.org/linux/man-pages/man3/netlink.3.html

• https://github.com/torvalds/linux/blob/master/net/core/rtnetlink.c

• https://github.com/torvalds/linux/blob/master/include/linux/rtnetlink.h

• https://github.com/docker/libcontainer/blob/master/netlink/netlink_linux.go