Force a CNI Delete on refreshing containers#4086
Merged
openshift-merge-robot merged 1 commit intocontainers:masterfrom Sep 25, 2019
Merged
Force a CNI Delete on refreshing containers#4086openshift-merge-robot merged 1 commit intocontainers:masterfrom
openshift-merge-robot merged 1 commit intocontainers:masterfrom
Conversation
Collaborator
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mheon The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Member
|
lgtm, there will be a perf hit on this though ... i don't know what the implications are and what lead us to calling this code so maybe it wont matter. |
vrothberg
reviewed
Sep 24, 2019
Member
vrothberg
left a comment
There was a problem hiding this comment.
Code LGTM but CI isn't happy yet:
[+0042s] libpod/container_internal.go:626:25: c.runtime.getPodNetwork undefined (type *Runtime has no field or method getPodNetwork)
[+0042s] make: *** [Makefile:178: podman-remote-darwin] Error 2
Member
Author
|
Ahh. Windows compilation. |
CNI expects that a DELETE be run before re-creating container networks. If a reboot occurs quickly enough that containers can't stop and clean up, that DELETE never happens, and Podman currently wipes the old network info and thinks the state has been entirely cleared. Unfortunately, that may not be the case on the CNI side. Some things - like IP address reservations - may not have been cleared. To solve this, manually re-run CNI Delete on refresh. If the container has already been deleted this seems harmless. If not, it should clear lingering state. Fixes: containers#3759 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
bf2a1fe to
b57d2f4
Compare
Member
Author
|
CI is green now |
Member
|
/lgtm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
CNI expects that a DELETE be run before re-creating container networks. If a reboot occurs quickly enough that containers can't stop and clean up, that DELETE never happens, and Podman currently wipes the old network info and thinks the state has been entirely cleared. Unfortunately, that may not be the case on the CNI side. Some things - like IP address reservations - may not have been cleared.
To solve this, manually re-run CNI Delete on refresh. If the container has already been deleted this seems harmless. If not, it should clear lingering state.
Fixes: #3759