commit d953d293ecfb811c64cc30c9642845d7dfef38c2
Author: Lokesh Mandvekar <l...@redhat.com>
Date: Sat Nov 2 23:40:25 2013 -0500
container networking enabled via unit file
Signed-off-by: Lokesh Mandvekar <l...@redhat.com>
docker-io.spec | 7 ++++++-
docker.service | 2 ++
2 files changed, 8 insertions(+), 1 deletions(-)
---
diff --git a/docker-io.spec b/docker-io.spec
index 7eeedf2..a43ad1a 100644
--- a/docker-io.spec
+++ b/docker-io.spec
@@ -11,7 +11,7 @@
Name: docker-io
Version: 0.7
-Release: 0.12.dm%{?dist}
+Release: 0.13.dm%{?dist}
Summary: Automates deployment of containerized applications
License: ASL 2.0
@@ -134,6 +134,11 @@ fi
%dir %{_sharedstatedir}/docker
%changelog
+* Sat Nov 02 2013 Lokesh Mandvekar <l...@redhat.com> - 0.7-0.13.dm
+- docker.service file sets iptables rules to allow container networking, this
+ is a stopgap approach, relevant pull request here:
+ https://github.com/dotcloud/docker/pull/2527
+
* Sat Oct 26 2013 Lokesh Mandvekar <l...@redhat.com> - 0.7-0.12.dm
- dm branch
- dockerinit -> docker-init
diff --git a/docker.service b/docker.service
index 9882939..b26d48d 100644
--- a/docker.service
+++ b/docker.service
@@ -5,6 +5,8 @@ Description=Docker container management daemon
Type=simple
ExecStartPre=/usr/sbin/sysctl -w net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
ExecStart=/usr/bin/docker -d
+ExecStartPost=/usr/sbin/iptables -I FORWARD -o docker0 -m conntrack --ctstate
RELATED,ESTABLISHED -j ACCEPT
+ExecStartPost=/usr/sbin/iptables -I FORWARD -i docker0 ! -o docker0 -j ACCEPT
Restart=on-failure
[Install]
_______________________________________________
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang
