From 67ea2e9305cd6db0b8a481d5d6b7a9ff903f918f Mon Sep 17 00:00:00 2001
From: Nick Ethier <nethier@hashicorp.com>
Date: Fri, 14 Jun 2019 22:16:31 -0400
Subject: [PATCH] docker: add additional commens

---
 drivers/docker/coordinator.go | 1 +
 drivers/docker/driver.go      | 5 +++++
 drivers/docker/network.go     | 9 ++++++++-
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/drivers/docker/coordinator.go b/drivers/docker/coordinator.go
index fbd5c2ee4..4d8cb8d5f 100644
--- a/drivers/docker/coordinator.go
+++ b/drivers/docker/coordinator.go
@@ -65,6 +65,7 @@ type DockerImageClient interface {
 // LogEventFn is a callback which allows Drivers to emit task events.
 type LogEventFn func(message string, annotations map[string]string)
 
+// noopLogEventFn satisfies the LogEventFn type but noops when called
 func noopLogEventFn(string, map[string]string) {}
 
 // dockerCoordinatorConfig is used to configure the Docker coordinator.
diff --git a/drivers/docker/driver.go b/drivers/docker/driver.go
index 1c7fe7497..c2042735e 100644
--- a/drivers/docker/driver.go
+++ b/drivers/docker/driver.go
@@ -869,9 +869,14 @@ func (d *Driver) createContainerConfig(task *drivers.TaskConfig, driverConfig *T
 
 	hostConfig.ReadonlyRootfs = driverConfig.ReadonlyRootfs
 
+	// set the docker network mode
 	hostConfig.NetworkMode = driverConfig.NetworkMode
+
+	// if the driver config does not specify a network mode then try to use the
+	// shared alloc network
 	if hostConfig.NetworkMode == "" {
 		if task.NetworkIsolation.Path != "" {
+			// find the previously created parent container to join networks with
 			netMode := fmt.Sprintf("container:%s", task.NetworkIsolation.Labels[dockerNetSpecLabelKey])
 			logger.Debug("configuring network mode for task group", "network_mode", netMode)
 			hostConfig.NetworkMode = netMode
diff --git a/drivers/docker/network.go b/drivers/docker/network.go
index 00ce4daa6..3293e4ee1 100644
--- a/drivers/docker/network.go
+++ b/drivers/docker/network.go
@@ -7,7 +7,12 @@ import (
 	"github.com/hashicorp/nomad/plugins/drivers"
 )
 
+// infraContainerImage is the image used for the parent namespace container
 const infraContainerImage = "gcr.io/google_containers/pause-amd64:3.0"
+
+// dockerNetSpecLabelKey is used when creating a parent container for
+// shared networking. It is a label whos value identifies the container ID of
+// the parent container so tasks can configure their network mode accordingly
 const dockerNetSpecLabelKey = "docker_sandbox_container_id"
 
 func (d *Driver) CreateNetwork(allocID string) (*drivers.NetworkIsolationSpec, error) {
@@ -73,11 +78,13 @@ func (d *Driver) DestroyNetwork(allocID string, spec *drivers.NetworkIsolationSp
 func (d *Driver) createSandboxContainerConfig(allocID string) (*docker.CreateContainerOptions, error) {
 
 	return &docker.CreateContainerOptions{
-		Name: fmt.Sprintf("nomad_%s", allocID),
+		Name: fmt.Sprintf("nomad_init_%s", allocID),
 		Config: &docker.Config{
 			Image: infraContainerImage,
 		},
 		HostConfig: &docker.HostConfig{
+			// set the network mode to none which creates a network namespace with
+			// only a loopback interface
 			NetworkMode: "none",
 		},
 	}, nil