From f68b85b86d000b28f8ce1d221d9b35ad7ec3d12c Mon Sep 17 00:00:00 2001
From: Nick Ethier <nethier@hashicorp.com>
Date: Mon, 6 Apr 2020 21:02:26 -0400
Subject: [PATCH] ar/bridge: ensure cni configuration is always loaded

---
 client/allocrunner/networking_bridge_linux.go | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/client/allocrunner/networking_bridge_linux.go b/client/allocrunner/networking_bridge_linux.go
index 75e9612d1fea..ed7aeb60d5ee 100644
--- a/client/allocrunner/networking_bridge_linux.go
+++ b/client/allocrunner/networking_bridge_linux.go
@@ -148,7 +148,7 @@ func (b *bridgeNetworkConfigurator) Setup(ctx context.Context, alloc *structs.Al
 		return fmt.Errorf("failed to initialize table forwarding rules: %v", err)
 	}
 
-	if err := b.cni.Load(cni.WithConfListBytes(b.buildNomadNetConfig())); err != nil {
+	if err := b.ensureCNIInitialized(); err != nil {
 		return err
 	}
 
@@ -176,9 +176,20 @@ func (b *bridgeNetworkConfigurator) Setup(ctx context.Context, alloc *structs.Al
 
 // Teardown calls the CNI plugins with the delete action
 func (b *bridgeNetworkConfigurator) Teardown(ctx context.Context, alloc *structs.Allocation, spec *drivers.NetworkIsolationSpec) error {
+	if err := b.ensureCNIInitialized(); err != nil {
+		return err
+	}
+
 	return b.cni.Remove(ctx, alloc.ID, spec.Path, cni.WithCapabilityPortMap(getPortMapping(alloc)))
 }
 
+func (b *bridgeNetworkConfigurator) ensureCNIInitialized() error {
+	if b.cni.Status() == cni.ErrCNINotInitialized {
+		return b.cni.Load(cni.WithConfListBytes(b.buildNomadNetConfig()))
+	}
+	return nil
+}
+
 // getPortMapping builds a list of portMapping structs that are used as the
 // portmapping capability arguments for the portmap CNI plugin
 func getPortMapping(alloc *structs.Allocation) []cni.PortMapping {