Adjusting docker creation to include ports forwarding and docker network type

[azmy98]

Why I did it

To support docker network configuration and support port forwarding from values in the manifest file

How I did it

update the docker_image_ctl.j2 file

How to verify it

In order to verify this feature, we need to have the complementary part in the sonic-utilities repo
and then need to install a docker image file with manifest that includes ports in it and network type as well using sonic-package-manager and validate that they are as expected using docker commands such as: 'docker ps' and 'docker inspect' commands

[lguohan]

what feature requires this, can you explain the motivation?

[azmy98]

@lguohan

what feature requires this, can you explain the motivation?

the purpose of this change is to be able to support docker creation with specified network type (host, bridge) and the forwarding ports found in the docker manifest when installing docker image from sonic-package-manager. Please check the following PR: sonic-net/sonic-utilities#2952 to understand the whole picture. the manifest attributes will finally be exported to dictionary in docker_image_run_opt including the net type of the docker, so it will help us containerize the docker image and block it from accessing all the host network.

[qiluo-msft]

if

This if will possibly override NET related feature in this file. Please unify the solution like docker_image_run_opt and stop using NET.

[azmy98]

If a docker does not have network attribute, he will have a default value from this file. I used the if statement to make code backward compatible.

[azmy98]

@qiluo-msft, can you please confirm?

[azmy98]

@qiluo-msft, there is a conflict also on this PR:

docker create {{docker_image_run_opt}} 
{%- if docker_container_name != "dhcp_server" %}
        --net=$NET \
{%- endif %}

can you please direct me to who wrote this new code:

{%- if docker_container_name != "dhcp_server" %}

since I want to know how to resolve this conflict because I think it is redundant if the --net is not in dhcp_server docker manifest.

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: azmyali98 (72d83e5)

[azmy98]

/azpw run Azure.sonic-utilities

[mssonicbld]

/AzurePipelines run Azure.sonic-utilities

[azure-pipelines]

No pipelines are associated with this pull request.

[azmy98]

/azpw run Azure.sonic-buildimage

[mssonicbld]

/AzurePipelines run Azure.sonic-buildimage

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[fastiuk]

@qiluo-msft , could you please merge it? It was approved, so now ready to be merged

[fastiuk]

@qiluo-msft , could you please approve this PR? It was approved

[fastiuk]

@qiluo-msft gentle reminder to merge this PR

[fastiuk]

@qiluo-msft gentle reminder to merge this PR