bugfix: use netNSPath dynamically #2443
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #2443 +/- ##
==========================================
+ Coverage 68.71% 68.84% +0.13%
==========================================
Files 276 276
Lines 18252 18220 -32
==========================================
+ Hits 12541 12543 +2
+ Misses 4288 4256 -32
+ Partials 1423 1421 -2
|
starnop
force-pushed
the
delete-netnspath
branch
from
a8ee4f1 to
aee86dc
Compare
fengzixu
reviewed
Nov 7, 2018
cri/ocicni/cni_manager.go
Outdated
| @@ -77,6 +77,9 @@ func (c *CniManager) SetUpPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| func (c *CniManager) TearDownPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| err := c.plugin.TearDownPod(*podNetwork) | |||
| if err != nil { | |||
| if _, err = os.Stat(podNetwork.NetNS); err != nil { | |||
There was a problem hiding this comment.
There is a more clear codestyle:
if err == nil {
return nil
}
if _, err = os.Stat(podNetwork.NetNS); err != nil {
return err
}
return fmt.Errorf("failed to destroy network for sandbox %q: %v", podNetwork.ID, err)
Decrease the nested layers is a quie important rule in clean codes
There was a problem hiding this comment.
Agree with that, THX.
cri/v1alpha2/cri_utils.go
Outdated
| @@ -473,10 +473,10 @@ func (c *CriManager) setupPodNetwork(ctx context.Context, id string, config *run | |||
| PortMappings: toCNIPortMappings(config.GetPortMappings()), | |||
| }) | |||
| if err != nil { | |||
| return "", err | |||
| return err | |||
There was a problem hiding this comment.
It seems like that there is no need to check error single. A recommended format:
if err := c.CniMgr.SetUpPodNetwork(&ocicni.PodNetwork{
PortMappings: toCNIPortMappings(config.GetPortMappings()),
}); err != nil {
return err
}
starnop
force-pushed
the
delete-netnspath
branch
from
aee86dc to
6f53348
Compare
rudyfly
reviewed
Nov 7, 2018
cri/ocicni/cni_manager.go
Outdated
| @@ -77,6 +77,9 @@ func (c *CniManager) SetUpPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| func (c *CniManager) TearDownPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| err := c.plugin.TearDownPod(*podNetwork) | |||
| if err != nil { | |||
| if _, err = os.Stat(podNetwork.NetNS); err != nil { | |||
| return err | |||
| } | |||
| return fmt.Errorf("failed to destroy network for sandbox %q: %v", podNetwork.ID, err) | |||
There was a problem hiding this comment.
use errors.Wrapf to wrap error
cri/ocicni/cni_manager.go
Outdated
| @@ -77,6 +77,9 @@ func (c *CniManager) SetUpPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| func (c *CniManager) TearDownPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| err := c.plugin.TearDownPod(*podNetwork) | |||
| if err != nil { | |||
| if _, err = os.Stat(podNetwork.NetNS); err != nil { | |||
starnop
force-pushed
the
delete-netnspath
branch
from
6f53348 to
b000337
Compare
HusterWan
reviewed
Nov 7, 2018
| @@ -76,10 +77,14 @@ func (c *CniManager) SetUpPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| // TearDownPodNetwork is the method called before a pod's sandbox container will be deleted. | |||
| func (c *CniManager) TearDownPodNetwork(podNetwork *ocicni.PodNetwork) error { | |||
| err := c.plugin.TearDownPod(*podNetwork) | |||
There was a problem hiding this comment.
how about:
if err := c.plugin.TearDownPod(*podNetwork); err == nil {
return nil
}
There was a problem hiding this comment.
err will be used later. So no need to change. :)
Signed-off-by: Starnop <[email protected]>
starnop
force-pushed
the
delete-netnspath
branch
from
b000337 to
04bf872
Compare
|
LGTM |
pouchrobot
added
the
LGTM
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Starnop [email protected]
Ⅰ. Describe what this PR did
The sandbox will be stopped due to various reasons ,such as the physical machine restart, if perform delete operations at this time which will cause the failure of network IP release. The reason for this is that can't find netnspath because the pid has changed and the cache has not been updated. Eventually leading to pod has been terminating and IP leakage.
So instead of using cache, we use container's pid to splice netnspath which will ensure that the netNSPath is correct.
Ⅱ. Does this pull request fix one issue?
None.
Ⅲ. Why don't you add test cases (unit test/integration test)? (你真的觉得不需要加测试吗?)
None.
Ⅳ. Describe how to verify it
Ⅴ. Special notes for reviews