%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/states/docker_network.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddlZddl	Z
ddlmZddl
mZddlmZddlmZeje�ZdZd	fZd
�Zd�Zeeeeed�Zd
�Zd�ZdS(u�
Management of Docker networks

.. versionadded:: 2017.7.0

:depends: docker_ Python module

.. note::
    Older releases of the Python bindings for Docker were called docker-py_ in
    PyPI. All releases of docker_, and releases of docker-py_ >= 1.6.0 are
    supported. These python bindings can easily be installed using
    :py:func:`pip.install <salt.modules.pip.install>`:

    .. code-block:: bash

        salt myminion pip.install docker

    To upgrade from docker-py_ to docker_, you must first uninstall docker-py_,
    and then install docker_:

    .. code-block:: bash

        salt myminion pip.uninstall docker-py
        salt myminion pip.install docker

.. _docker: https://pypi.python.org/pypi/docker
.. _docker-py: https://pypi.python.org/pypi/docker-py

These states were moved from the :mod:`docker <salt.states.docker>` state
module (formerly called **dockerng**) in the 2017.7.0 release.
i(tabsolute_importtprint_functiontunicode_literalsN(tCommandExecutionError(tsix(trange(t	ipaddressudocker_networkumoby_networkcC@s#dtkrtSttjd�fS(u?
    Only load if the docker execution module is available
    udocker.version(t__salt__t__virtualname__tFalsetmissing_fun_string(((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pyt__virtual__8scC@s�iidd6dd6d6idd6dd6d6}x;|dD]/}tj|jd��}||d|j<q;Wxm|dD]a}tj|jd��}|d|jdk	r�tdj|j���qy||d|j<qyW|ddr
|ddr
td��ngd	D](}|d|dk	r|d|^q|d<gd
D](}|d|dk	rJ|d|^qJ|d<dS(NiiuexistingudesireduConfiguSubnetu!Only one IPv{0} pool is permitteduVAn IPv4 pool is required when an IPv6 pool is used. See the documentation for details.(ii(ii(tNoneRt
ip_networktgettversiont
ValueErrortformat(texistingtdesiredtpoolstpooltsubnettx((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pyt_normalize_poolsAs$
,
c*K@sU
i|d6id6td6dd6}ytd|�}WnBtk
rz}	|	j�}
d|
krit}n|
|d<|SnXi}g}g}
x�td|p�g�D]�}ytd	|�}Wntk
r�|j|�npXy|d
}Wntk
r
|j|�nAX|jdi�jdt�r=|
j|�ni|d
6||<q�W|r�|j	dg�jdj
dj|���n|
r�|j	dg�jdj
dj|
���ni}y?tdtj
jjjd|d|d|td|��}Wn'tk
r(}	|	j�|d<|SnXi}ddddg}|jtdd�d�x9|D]1}y|j|�||<Wntk
r�nXqcWd|kr�t|�dkr�d|d<|Sn|d}nS|jdf�}ytd||�}Wn'tk
r&}	|	j�|d<|SnXt}|tk	r�tjd |�d!j
|�|d<tjd"||�djd#�td$�D��}y3|jd%t�}td&|dtd't|�Wn0tk
r�}	d(j
|	j��|d<|SnX|tk	r
||d%<nz:ytd|�}Wn0tk
rV}	d)j
|	j��|d<|SnXt|�|d*<||d+<t|d+d,�}t|d+d,�}d-�}|d.ko�|dko�||d+d,d.�r�g|d+d,<ntd/||d0d1�}|rt}n:||d|<td2r?t|d<d3|d<|Sn|d4rtj|d4�}|of|rx�|D]�}y~td	|�}|d5d6|}|jd7�p�g} |jd8�p�g}!| r�| ||d7<n|!r�|!||d8<nWntttfk
rqpnXqpWnnt|�}"|"dr<|"Sni|d4<Wd9ytd:|�Wn>tk
r�}	|j	dg�jd;j
||	j���nXXn|r�tjd<|�td2r�t|d<d=|d<|Sn||d<ytd&|dt|�Wn3tk
r6}	d>j
||	j��|d<|Sn\X|tk	rId?nd@}#t|d|#<dAj
||tkrxd@ndB�|d<iid46}n|tko�|o�|r�|}nx.t |�D] }||d4kr�||=nq�Wg}$|r�	x�t!j"|�D]�\}}%i}&||kr�x�dCdDfdEdFfd7dGfd8dHffD]k\}'}(y|%|'|&|(<Wntt#fk
r�qLn1X|'j$dI�r�|&|(j%dJd�d.|&|(<nqLWnytdK|||&�Wn�tk
ry	}	|&r	|$j|	j��nqytdK||�Wn&tk
rB	}	|$j|	j��n4X|dj	||kr_	dLndMg�j|%d
�n4X|dj	||kr�	dLndMg�j|%d
�qWn|$r�	|dr�	|dcdN7<n|dcdNj|$�dO7<n
t|d<xMt!j"|�D]<\}})||krM
|dj	dPg�j|)d
�nq
W|S(Qu>
    .. versionchanged:: 2018.3.0
        Support added for network configuration options other than ``driver``
        and ``driver_opts``, as well as IPAM configuration.

    Ensure that a network is present

    .. note::
        This state supports all arguments for network and IPAM pool
        configuration which are available for the release of docker-py
        installed on the minion. For that reason, the arguments described below
        in the :ref:`NETWORK CONFIGURATION
        <salt-states-docker-network-present-netconf>` and :ref:`IP ADDRESS
        MANAGEMENT (IPAM) <salt-states-docker-network-present-ipam>` sections
        may not accurately reflect what is available on the minion. The
        :py:func:`docker.get_client_args
        <salt.modules.dockermod.get_client_args>` function can be used to check
        the available arguments for the installed version of docker-py (they
        are found in the ``network_config`` and ``ipam_config`` sections of the
        return data), but Salt will not prevent a user from attempting to use
        an argument which is unsupported in the release of Docker which is
        installed. In those cases, network creation be attempted but will fail.

    name
        Network name

    skip_translate
        This function translates Salt SLS input into the format which
        docker-py expects. However, in the event that Salt's translation logic
        fails (due to potential changes in the Docker Remote API, or to bugs in
        the translation code), this argument can be used to exert granular
        control over which arguments are translated and which are not.

        Pass this argument as a comma-separated list (or Python list) of
        arguments, and translation for each passed argument name will be
        skipped. Alternatively, pass ``True`` and *all* translation will be
        skipped.

        Skipping tranlsation allows for arguments to be formatted directly in
        the format which docker-py expects. This allows for API changes and
        other issues to be more easily worked around. See the following links
        for more information:

        - `docker-py Low-level API`_
        - `Docker Engine API`_

        .. versionadded:: 2018.3.0

    .. _`docker-py Low-level API`: http://docker-py.readthedocs.io/en/stable/api.html#docker.api.container.ContainerApiMixin.create_container
    .. _`Docker Engine API`: https://docs.docker.com/engine/api/v1.33/#operation/ContainerCreate

    ignore_collisions : False
        Since many of docker-py's arguments differ in name from their CLI
        counterparts (with which most Docker users are more familiar), Salt
        detects usage of these and aliases them to the docker-py version of
        that argument. However, if both the alias and the docker-py version of
        the same argument (e.g. ``options`` and ``driver_opts``) are used, an error
        will be raised. Set this argument to ``True`` to suppress these errors
        and keep the docker-py version of the argument.

        .. versionadded:: 2018.3.0

    validate_ip_addrs : True
        For parameters which accept IP addresses/subnets as input, validation
        will be performed. To disable, set this to ``False``.

        .. versionadded:: 2018.3.0

    containers
        A list of containers which should be connected to this network.

        .. note::
            As of the 2018.3.0 release, this is not the recommended way of
            managing a container's membership in a network, for a couple
            reasons:

            1. It does not support setting static IPs, aliases, or links in the
               container's IP configuration.
            2. If a :py:func:`docker_container.running
               <salt.states.docker_container.running>` state replaces a
               container, it will not be reconnected to the network until the
               ``docker_network.present`` state is run again. Since containers
               often have ``require`` requisites to ensure that the network
               is present, this means that the ``docker_network.present`` state
               ends up being run *before* the :py:func:`docker_container.running
               <salt.states.docker_container.running>`, leaving the container
               unattached at the end of the Salt run.

            For these reasons, it is recommended to use
            :ref:`docker_container.running's network management support
            <salt-states-docker-container-network-management>`.

    reconnect : True
        If ``containers`` is not used, and the network is replaced, then Salt
        will keep track of the containers which were connected to the network
        and reconnect them to the network after it is replaced. Salt will first
        attempt to reconnect using the same IP the container had before the
        network was replaced. If that fails (for instance, if the network was
        replaced because the subnet was modified), then the container will be
        reconnected without an explicit IP address, and its IP will be assigned
        by Docker.

        Set this option to ``False`` to keep Salt from trying to reconnect
        containers. This can be useful in some cases when :ref:`managing static
        IPs in docker_container.running
        <salt-states-docker-container-network-management>`. For instance, if a
        network's subnet is modified, it is likely that the static IP will need
        to be updated in the ``docker_container.running`` state as well. When
        the network is replaced, the initial reconnect attempt would fail, and
        the container would be reconnected with an automatically-assigned IP
        address. Then, when the ``docker_container.running`` state executes, it
        would disconnect the network *again* and reconnect using the new static
        IP. Disabling the reconnect behavior in these cases would prevent the
        unnecessary extra reconnection.

        .. versionadded:: 2018.3.0

    .. _salt-states-docker-network-present-netconf:

    **NETWORK CONFIGURATION ARGUMENTS**

    driver
        Network driver

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - driver: macvlan

    driver_opts (or *driver_opt*, or *options*)
        Options for the network driver. Either a dictionary of option names and
        values or a Python list of strings in the format ``varname=value``. The
        below three examples are equivalent:

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - driver: macvlan
                - driver_opts: macvlan_mode=bridge,parent=eth0

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - driver: macvlan
                - driver_opts:
                  - macvlan_mode=bridge
                  - parent=eth0

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - driver: macvlan
                - driver_opts:
                  - macvlan_mode: bridge
                  - parent: eth0

        The options can also simply be passed as a dictionary, though this can
        be error-prone due to some :ref:`idiosyncrasies <yaml-idiosyncrasies>`
        with how PyYAML loads nested data structures:

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - driver: macvlan
                - driver_opts:
                    macvlan_mode: bridge
                    parent: eth0

    check_duplicate : True
        If ``True``, checks for networks with duplicate names. Since networks
        are primarily keyed based on a random ID and not on the name, and
        network name is strictly a user-friendly alias to the network which is
        uniquely identified using ID, there is no guaranteed way to check for
        duplicates. This option providess a best effort, checking for any
        networks which have the same name, but it is not guaranteed to catch
        all name collisions.

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - check_duplicate: False

    internal : False
        If ``True``, restricts external access to the network

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - internal: True

    labels
        Add metadata to the network. Labels can be set both with and without
        values, and labels with values can be passed either as ``key=value`` or
        ``key: value`` pairs. For example, while the below would be very
        confusing to read, it is technically valid, and demonstrates the
        different ways in which labels can be passed:

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - labels:
                  - foo
                  - bar=baz
                  - hello: world

        The labels can also simply be passed as a YAML dictionary, though this
        can be error-prone due to some :ref:`idiosyncrasies
        <yaml-idiosyncrasies>` with how PyYAML loads nested data structures:

        .. code-block:: yaml

            foo:
              docker_network.present:
                - labels:
                    foo: ''
                    bar: baz
                    hello: world

        .. versionchanged:: 2018.3.0
            Methods for specifying labels can now be mixed. Earlier releases
            required either labels with or without values.

    enable_ipv6 (or *ipv6*) : False
        Enable IPv6 on the network

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - enable_ipv6: True

        .. note::
            While it should go without saying, this argument must be set to
            ``True`` to :ref:`configure an IPv6 subnet
            <salt-states-docker-network-present-ipam>`. Also, if this option is
            turned on without an IPv6 subnet explicitly configured, you will
            get an error unless you have set up a fixed IPv6 subnet. Consult
            the `Docker IPv6 docs`_ for information on how to do this.

            .. _`Docker IPv6 docs`: https://docs.docker.com/v17.09/engine/userguide/networking/default_network/ipv6/

    attachable : False
        If ``True``, and the network is in the global scope, non-service
        containers on worker nodes will be able to connect to the network.

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - attachable: True

        .. note::
            This option cannot be reliably managed on CentOS 7. This is because
            while support for this option was added in API version 1.24, its
            value was not added to the inpsect results until API version 1.26.
            The version of Docker which is available for CentOS 7 runs API
            version 1.24, meaning that while Salt can pass this argument to the
            API, it has no way of knowing the value of this config option in an
            existing Docker network.

    scope
        Specify the network's scope (``local``, ``global`` or ``swarm``)

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - scope: local

    ingress : False
        If ``True``, create an ingress network which provides the routing-mesh in
        swarm mode

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ingress: True

    .. _salt-states-docker-network-present-ipam:

    **IP ADDRESS MANAGEMENT (IPAM)**

    This state supports networks with either IPv4, or both IPv4 and IPv6. If
    configuring IPv4, then you can pass the :ref:`IPAM pool arguments
    <salt-states-docker-network-present-ipam-pool-arguments>` below as
    individual arguments. However, if configuring IPv4 and IPv6, the arguments
    must be passed as a list of dictionaries, in the ``ipam_pools`` argument
    (click :ref:`here <salt-states-docker-network-present-ipam-examples>` for
    some examples). `These docs`_ also have more information on these
    arguments.

    .. _`These docs`: http://docker-py.readthedocs.io/en/stable/api.html#docker.types.IPAMPool

    *IPAM ARGUMENTS*

    ipam_driver
        IPAM driver to use, if different from the default one

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ipam_driver: foo

    ipam_opts
        Options for the IPAM driver. Either a dictionary of option names and
        values or a Python list of strings in the format ``varname=value``. The
        below three examples are equivalent:

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ipam_driver: foo
                - ipam_opts: foo=bar,baz=qux

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ipam_driver: foo
                - ipam_opts:
                  - foo=bar
                  - baz=qux

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ipam_driver: foo
                - ipam_opts:
                  - foo: bar
                  - baz: qux

        The options can also simply be passed as a dictionary, though this can
        be error-prone due to some :ref:`idiosyncrasies <yaml-idiosyncrasies>`
        with how PyYAML loads nested data structures:

        .. code-block:: yaml

            mynet:
              docker_network.present:
                - ipam_driver: macvlan
                - ipam_opts:
                    foo: bar
                    baz: qux

    .. _salt-states-docker-network-present-ipam-pool-arguments:

    *IPAM POOL ARGUMENTS*

    subnet
        Subnet in CIDR format that represents a network segment

    iprange (or *ip_range*)
        Allocate container IP from a sub-range within the subnet

        Subnet in CIDR format that represents a network segment

    gateway
        IPv4 or IPv6 gateway for the master subnet

    aux_addresses (or *aux_address*)
        A dictionary of mapping container names to IP addresses which should be
        allocated for them should they connect to the network. Either a
        dictionary of option names and values or a Python list of strings in
        the format ``host=ipaddr``.

    .. _salt-states-docker-network-present-ipam-examples:

    *IPAM CONFIGURATION EXAMPLES*

    Below is an example of an IPv4-only network (keep in mind that ``subnet``
    is the only required argument).

    .. code-block:: yaml

        mynet:
          docker_network.present:
            - subnet: 10.0.20.0/24
            - iprange: 10.0.20.128/25
            - gateway: 10.0.20.254
            - aux_addresses:
              - foo.bar.tld: 10.0.20.50
              - hello.world.tld: 10.0.20.51

    .. note::
        The ``aux_addresses`` can be passed differently, in the same way that
        ``driver_opts`` and ``ipam_opts`` can.

    This same network could also be configured this way:

    .. code-block:: yaml

        mynet:
          docker_network.present:
            - ipam_pools:
              - subnet: 10.0.20.0/24
                iprange: 10.0.20.128/25
                gateway: 10.0.20.254
                aux_addresses:
                  foo.bar.tld: 10.0.20.50
                  hello.world.tld: 10.0.20.51

    Here is an example of a mixed IPv4/IPv6 subnet.

    .. code-block:: yaml

        mynet:
          docker_network.present:
            - ipam_pools:
              - subnet: 10.0.20.0/24
                gateway: 10.0.20.1
              - subnet: fe3f:2180:26:1::/123
                gateway: fe3f:2180:26:1::1
    unameuchangesuresultuucommentudocker.inspect_networku404uargs.split_inputudocker.inspect_containeruIduStateuRunninguNameuwarningsu+The following containers do not exist: {0}.u, u.The following containers are not running: {0}.udocker.translate_inputtskip_translatetignore_collisionstvalidate_ip_addrsuargs.clean_kwargsuipamuipam_driveru	ipam_optsu
ipam_poolsudocker.get_client_argsuipam_configiudCannot mix the 'ipam' argument with any of the IPAM config arguments. See documentation for details.udocker.create_ipam_configu"Docker network '%s' already existsu<Network '{0}' already exists, and is configured as specifiedu"Details of docker network '%s': %scs@s!|]}tjtj�VqdS(N(trandomtchoicetstringtascii_lowercase(t.0t_((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pys	<genexpr>|siuenable_ipv6udocker.create_networktenable_ipv6u1Failed to create temp network for comparison: {0}u#Failed to inspect temp network: {0}u
EnableIPv6uIPAMuConfigcS@s t|�ddgkrtStS(NuGatewayuSubnet(tsortedtTrueR	(R((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pyt<lambda>�siudocker.compare_networkstignoreuName,Id,Created,Containersutestu*Network would be recreated with new configu
ContainersuNetworkSettingsuNetworksuLinksuAliasesNudocker.remove_networku)Failed to remove temp network '{0}': {1}.uNetwork '%s' will be createduNetwork will be createdu#Failed to create network '{0}': {1}u	recreateducreateduNetwork '{0}' {1}u was replaced with updated configuIPv4Addressuipv4_addressuIPV6Addressuipv6_addressulinksualiasesuAddressu/u#docker.connect_container_to_networkureconnectedu	connectedu. u.udisconnected(&R	RRt__str__Rt	__utils__tappendtKeyErrorRt
setdefaultRtjointsalttutilstdockert	translatetnetworkt	ExceptiontextendtpoptlenR$tlogtdebugttraceRtboolt__opts__tcopytdeepcopyRt_remove_networktlistRt	iteritemstAttributeErrortendswithtrsplit(*tnameRRRt
containerst	reconnecttkwargstretR1texctmsgt
to_connecttmissing_containerststopped_containerstcnametcinfotcidtdisconnected_containerstipam_kwargstipam_kwarg_namestkeytipam_configt
ipam_poolstcreate_networkt
temp_net_nameR"t
temp_net_infotexisting_pool_counttdesired_pool_counttis_default_pooltchangestnetinfot	net_linkstnet_aliasest
remove_resulttactionterrorstconnect_infotconnect_kwargstkey_nametarg_nametc_info((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pytpresent_s���

	










			










			(
	
	
 
(cC@s�i|d6id6td6dd6}ytd|�}WnBtk
rz}|j�}d|krid}q{||d<|SnX|dkr�t|d<dj|�|d<|Std	r�d|d<d
j|�|d<|St|�S(u�
    Ensure that a network is absent.

    name
        Name of the network

    Usage Example:

    .. code-block:: yaml

        network_foo:
          docker_network.absent
    unameuchangesuresultuucommentudocker.inspect_networku404uNetwork '{0}' already absentutestuNetwork '{0}' will be removedN(	R	RRR'RR$RR:R=(RCRGR1RHRI((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pytabsent}s*

	



cC@swi|dd6id6td6dd6}g}x�|dD]�}ytd|�}Wntk
rj|}nX|jdd�jd	�}ytd
||d�Wn%tk
r�}dj||�}q7X|djdg�j|�q7W|rd
j|�|d<|Sytd|d�Wn&tk
rC}dj|�|d<n0Xt	|dd<t	|d<dj|d�|d<|S(u<
    Remove network, including all connected containers
    uNameunameuchangesuresultuucommentu
Containersudocker.inspect_containeru/u(docker.disconnect_container_from_networku*Failed to disconnect container '{0}' : {1}udisconnectedu
udocker.remove_networkuFailed to remove network: {0}uremoveduRemoved network '{0}'(
R	RRRtlstripRR+R)R,R$(R1RGRbRORNRMRH((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pyR=�s8


!
( t__doc__t
__future__RRRR;tloggingRRt#salt.utils.docker.translate.networkR-tsalt.exceptionsRtsalt.extRtsalt.ext.six.movesRtsalt._compatRt	getLoggert__name__R6Rt__virtual_aliases__RRRR	R$RhRiR=(((s>/usr/lib/python2.7/site-packages/salt/states/docker_network.pyt<module> s2				���	+

Zerion Mini Shell 1.0