Update libnetwork to 4ded6fe3641b71863cc5985652930ce40efc3af4

Signed-off-by: David Calavera <david.calavera@gmail.com>

vendor/src/github.com/docker/libnetwork/drivers/bridge/bridge.go

@@ -3,9 +3,11 @@ package bridge
 import (
 	"errors"
 	"net"
+	"os/exec"
 	"strings"
 	"sync"
 
+	"github.com/Sirupsen/logrus"
 	"github.com/docker/libnetwork/driverapi"
 	"github.com/docker/libnetwork/ipallocator"
 	"github.com/docker/libnetwork/netlabel"
@@ -102,6 +104,12 @@ func newDriver() driverapi.Driver {
 
 // Init registers a new instance of bridge driver
 func Init(dc driverapi.DriverCallback) error {
+	// try to modprobe bridge first
+	// see gh#12177
+	if out, err := exec.Command("modprobe", "-va", "bridge", "nf_nat", "br_netfilter").Output(); err != nil {
+		logrus.Warnf("Running modprobe bridge nf_nat failed with message: %s, error: %v", out, err)
+	}
+
 	return dc.RegisterDriver(networkType, newDriver())
 }
 
@@ -287,6 +295,11 @@ func (d *driver) CreateNetwork(id types.UUID, option map[string]interface{}) err
 	// Even if a bridge exists try to setup IPv4.
 	bridgeSetup.queueStep(setupBridgeIPv4)
 
+	enableIPv6Forwarding := false
+	if d.config != nil && d.config.EnableIPForwarding && config.FixedCIDRv6 != nil {
+		enableIPv6Forwarding = true
+	}
+
 	// Conditionally queue setup steps depending on configuration values.
 	for _, step := range []struct {
 		Condition bool
@@ -310,6 +323,9 @@ func (d *driver) CreateNetwork(id types.UUID, option map[string]interface{}) err
 		// specified subnet.
 		{config.FixedCIDRv6 != nil, setupFixedCIDRv6},
 
+		// Enable IPv6 Forwarding
+		{enableIPv6Forwarding, setupIPv6Forwarding},
+
 		// Setup Loopback Adresses Routing
 		{!config.EnableUserlandProxy, setupLoopbackAdressesRouting},
 

vendor/src/github.com/docker/libnetwork/drivers/bridge/setup_fixedcidrv6.go

@@ -1,7 +1,10 @@
 package bridge
 
 import (
+	"os"
+
 	log "github.com/Sirupsen/logrus"
+	"github.com/vishvananda/netlink"
 )
 
 func setupFixedCIDRv6(config *NetworkConfiguration, i *bridgeInterface) error {
@@ -10,5 +13,15 @@ func setupFixedCIDRv6(config *NetworkConfiguration, i *bridgeInterface) error {
 		return &FixedCIDRv6Error{Net: config.FixedCIDRv6, Err: err}
 	}
 
+	// Setting route to global IPv6 subnet
+	log.Debugf("Adding route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
+	err := netlink.RouteAdd(&netlink.Route{
+		Scope:     netlink.SCOPE_UNIVERSE,
+		LinkIndex: i.Link.Attrs().Index,
+		Dst:       config.FixedCIDRv6,
+	})
+	if err != nil && !os.IsExist(err) {
+		log.Errorf("Could not add route to IPv6 network %s via device %s", config.FixedCIDRv6.String(), config.BridgeName)
+	}
 	return nil
 }

vendor/src/github.com/docker/libnetwork/drivers/bridge/setup_ipv6.go

@@ -5,12 +5,16 @@ import (
 	"io/ioutil"
 	"net"
 
+	"github.com/Sirupsen/logrus"
 	"github.com/vishvananda/netlink"
 )
 
 var bridgeIPv6 *net.IPNet
 
-const bridgeIPv6Str = "fe80::1/64"
+const (
+	bridgeIPv6Str       = "fe80::1/64"
+	ipv6ForwardConfPerm = 0644
+)
 
 func init() {
 	// We allow ourselves to panic in this special case because we indicate a
@@ -25,7 +29,7 @@ func init() {
 func setupBridgeIPv6(config *NetworkConfiguration, i *bridgeInterface) error {
 	// Enable IPv6 on the bridge
 	procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6"
-	if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, 0644); err != nil {
+	if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil {
 		return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err)
 	}
 
@@ -64,3 +68,14 @@ func setupGatewayIPv6(config *NetworkConfiguration, i *bridgeInterface) error {
 
 	return nil
 }
+
+func setupIPv6Forwarding(config *NetworkConfiguration, i *bridgeInterface) error {
+	// Enable IPv6 forwarding
+	if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/default/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
+		logrus.Warnf("Unable to enable IPv6 default forwarding: %v", err)
+	}
+	if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/all/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
+		logrus.Warnf("Unable to enable IPv6 all forwarding: %v", err)
+	}
+	return nil
+}

vendor/src/github.com/docker/libnetwork/network.go

@@ -60,14 +60,23 @@ type network struct {
 }
 
 func (n *network) Name() string {
+	n.Lock()
+	defer n.Unlock()
+
 	return n.name
 }
 
 func (n *network) ID() string {
+	n.Lock()
+	defer n.Unlock()
+
 	return string(n.id)
 }
 
 func (n *network) Type() string {
+	n.Lock()
+	defer n.Unlock()
+
 	if n.driver == nil {
 		return ""
 	}

vendor/src/github.com/docker/libnetwork/sandbox/namespace_linux.go

@@ -51,7 +51,11 @@ func createBasePath() {
 }
 
 func removeUnusedPaths() {
-	for range time.Tick(gpmCleanupPeriod) {
+	gpmLock.Lock()
+	period := gpmCleanupPeriod
+	gpmLock.Unlock()
+
+	for range time.Tick(period) {
 		gpmLock.Lock()
 		pathList := make([]string, 0, len(garbagePathMap))
 		for path := range garbagePathMap {

vendor/src/github.com/docker/libnetwork/sandbox/sandbox_linux_test.go

@@ -33,7 +33,9 @@ func newKey(t *testing.T) (string, error) {
 	}
 
 	// Set the rpmCleanupPeriod to be low to make the test run quicker
+	gpmLock.Lock()
 	gpmCleanupPeriod = 2 * time.Second
+	gpmLock.Unlock()
 
 	return name, nil
 }