phantom ip/mac vlan network after a powercycle #2295
+153
−52
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Please sign your commits following these rules: $ git clone -b "issue1743" git@github.com:rnataraja/libnetwork.git somewhere
$ cd somewhere
$ git commit --amend -s --no-edit
$ git push -fAmending updates the existing PR. You DO NOT need to open a new one. |
|
@fcrisciani what are your thoughts on these changes. |
|
is any progress about this PR? |
|
still present in 18.09.1 |
|
+1 |
|
still on 18.09.2 |
|
+1 |
arkodg
reviewed
May 7, 2019
| @@ -1051,7 +1051,13 @@ func (n *network) delete(force bool, rmLBEndpoint bool) error { | |||
|
|
|||
| if n.ConfigFrom() != "" { | |||
| if t, err := c.getConfigNetwork(n.ConfigFrom()); err == nil { | |||
| if err := t.getEpCnt().DecEndpointCnt(); err != nil { | |||
There was a problem hiding this comment.
for bridge networks , multiple networks can be created from a config (--config-from), so this will break that case
There was a problem hiding this comment.
@rnataraja
https://github.com/docker/libnetwork/blob/9ff9b57c344df5cd47443ad9e65702ec85c5aeb0/controller.go#L806
coupled with foundExisting should help you fix this problem
| @@ -60,10 +60,14 @@ func (d *driver) CreateNetwork(nid string, option map[string]interface{}, nInfo | |||
| // empty parent and --internal are handled the same. Set here to update k/v | |||
| config.Internal = true | |||
| } | |||
| err = d.createNetwork(config) | |||
| foundExisting, err := d.createNetwork(config) | |||
There was a problem hiding this comment.
for the re-create path, can you please add some integration test-cases, either in libnetwork or moby (https://github.com/moby/moby/blob/master/integration/network/service_test.go) . A SIGKILL on dockerd should be enough to reproduce this case
|
@rnataraja still there ? :) |
arkodg
pushed a commit
to arkodg/libnetwork
that referenced
this pull request
Jul 10, 2019
This commit carries forward the work done in moby#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
|
thanks for driving this issue @rnataraja , I'll be taking this PR forward using #2415 |
arkodg
pushed a commit
to arkodg/libnetwork
that referenced
this pull request
Jul 10, 2019
This commit carries forward the work done in moby#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Thanks @arkodg |
arkodg
pushed a commit
to arkodg/libnetwork
that referenced
this pull request
Jul 15, 2019
This commit carries forward the work done in moby#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Addresses: moby#1743 Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Jul 30, 2019
full diff: moby/libnetwork@83d30db...09cdcc8 changes included: - moby/libnetwork#2416 Fix hardcoded AF_INET for IPv6 address handling - moby/libnetwork#2411 Macvlan network handles netlabel.Internal wrong - fixes moby/libnetwork#2410 Macvlan network handles netlabel.Internal wrong - moby/libnetwork#2414 Allow network with --config-from to be --internal - fixes moby/libnetwork#2413 Network with --config-from does not honor --internal - moby/libnetwork#2351 Use fewer modprobes - relates to moby#38930 Use fewer modprobes - moby/libnetwork#2415 Support dockerd and system restarts for ipvlan and macvlan networks - carry of moby/libnetwork#2295 phantom ip/mac vlan network after a powercycle - fixes moby/libnetwork#1743 Phantom docker network Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Jul 31, 2019
full diff: moby/libnetwork@83d30db...09cdcc8 changes included: - moby/libnetwork#2416 Fix hardcoded AF_INET for IPv6 address handling - moby/libnetwork#2411 Macvlan network handles netlabel.Internal wrong - fixes moby/libnetwork#2410 Macvlan network handles netlabel.Internal wrong - moby/libnetwork#2414 Allow network with --config-from to be --internal - fixes moby/libnetwork#2413 Network with --config-from does not honor --internal - moby/libnetwork#2351 Use fewer modprobes - relates to moby/moby#38930 Use fewer modprobes - moby/libnetwork#2415 Support dockerd and system restarts for ipvlan and macvlan networks - carry of moby/libnetwork#2295 phantom ip/mac vlan network after a powercycle - fixes moby/libnetwork#1743 Phantom docker network Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 6f234db9fef23c591d8376f96db062e7107b658f Component: engine
arkodg
pushed a commit
to arkodg/libnetwork
that referenced
this pull request
Aug 15, 2019
This commit carries forward the work done in moby#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Addresses: moby#1743 Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
arkodg
pushed a commit
to arkodg/libnetwork
that referenced
this pull request
Aug 15, 2019
This commit carries forward the work done in moby#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Addresses: moby#1743 Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Sep 16, 2019
full diff: moby/libnetwork@83d30db...09cdcc8 changes included: - moby/libnetwork#2416 Fix hardcoded AF_INET for IPv6 address handling - moby/libnetwork#2411 Macvlan network handles netlabel.Internal wrong - fixes moby/libnetwork#2410 Macvlan network handles netlabel.Internal wrong - moby/libnetwork#2414 Allow network with --config-from to be --internal - fixes moby/libnetwork#2413 Network with --config-from does not honor --internal - moby/libnetwork#2351 Use fewer modprobes - relates to moby#38930 Use fewer modprobes - moby/libnetwork#2415 Support dockerd and system restarts for ipvlan and macvlan networks - carry of moby/libnetwork#2295 phantom ip/mac vlan network after a powercycle - fixes moby/libnetwork#1743 Phantom docker network Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 6f234db) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Sep 17, 2019
full diff: moby/libnetwork@83d30db...09cdcc8 changes included: - moby/libnetwork#2416 Fix hardcoded AF_INET for IPv6 address handling - moby/libnetwork#2411 Macvlan network handles netlabel.Internal wrong - fixes moby/libnetwork#2410 Macvlan network handles netlabel.Internal wrong - moby/libnetwork#2414 Allow network with --config-from to be --internal - fixes moby/libnetwork#2413 Network with --config-from does not honor --internal - moby/libnetwork#2351 Use fewer modprobes - relates to moby/moby#38930 Use fewer modprobes - moby/libnetwork#2415 Support dockerd and system restarts for ipvlan and macvlan networks - carry of moby/libnetwork#2295 phantom ip/mac vlan network after a powercycle - fixes moby/libnetwork#1743 Phantom docker network Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 6f234db9fef23c591d8376f96db062e7107b658f) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: b6190c2713623ab455d29da4771b684e4eafc63f Component: engine
burnMyDread
pushed a commit
to burnMyDread/moby
that referenced
this pull request
Oct 21, 2019
full diff: moby/libnetwork@83d30db...09cdcc8 changes included: - moby/libnetwork#2416 Fix hardcoded AF_INET for IPv6 address handling - moby/libnetwork#2411 Macvlan network handles netlabel.Internal wrong - fixes moby/libnetwork#2410 Macvlan network handles netlabel.Internal wrong - moby/libnetwork#2414 Allow network with --config-from to be --internal - fixes moby/libnetwork#2413 Network with --config-from does not honor --internal - moby/libnetwork#2351 Use fewer modprobes - relates to moby#38930 Use fewer modprobes - moby/libnetwork#2415 Support dockerd and system restarts for ipvlan and macvlan networks - carry of moby/libnetwork#2295 phantom ip/mac vlan network after a powercycle - fixes moby/libnetwork#1743 Phantom docker network Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: zach <Zachary.Joyner@linux.com>
cpuguy83
pushed a commit
to cpuguy83/docker
that referenced
this pull request
May 25, 2021
This commit carries forward the work done in moby/libnetwork#2295 and fixes two things 1. Allows macvlan and ipvlan to be restored properly after dockerd or the system is restarted 2. Makes sure the refcount for the configOnly network is not incremented for the above case so this network can be deleted after all the associated ConfigFrom networks are deleted Addresses: moby/libnetwork#1743 Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
|
I am still seeing this Version: 24.0.4 Subscribed to watch for a fix. |
|
/cc @akerouanton |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I am trying to address #1743 as part of this PR.
There are two issues as part of this
When a node is power cycled unplanned or dockerd goes through a restart (unplanned), swarm scope networks are not cleaned up, Infact they are recreated when the docker daemon starts. This recreate does not work as there is already a swarmScope network has been restored and uses the same uplink.
FIX: there was an earlier PR that tackled this problem by simply deleting the network if its created with same ID. As per comments in that PR, it was preferred to re-use instead of delete. In this PR, I am trying to essentially re-use the same network ID.
Even if the swarm Scope network can be recreated there is still a problem with config-only network. As there is an additional createNetwork after the docker daemon restarts. The endpoint count on the configOnly network becomes more than what it should be. Consider the case where node has been kicked out of swarm during this unplanned reboot and added back in.
I believe a swarm scope network to its config-only network is a one to one mapping for a particular worker node. If thats not the case, then more work is required for this PR. But if that is the case, there is no real need to track the endpoint count.
FIX: Upon deleteNetwork of a swarm scope network, the correspnding configOnly Network endpoint count is zeroed out essentially making configOnly network as deleteable.