Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

safely handle existing net namespace in default network manager #9757

Merged
merged 1 commit into from
Jan 11, 2021
Merged

safely handle existing net namespace in default network manager #9757

merged 1 commit into from
Jan 11, 2021

Conversation

tgross
Copy link
Member

@tgross tgross commented Jan 8, 2021

Fixes #9750. A similar problem was fixed for the Docker driver in 0.10.0 with #6315 but it looks like we missed the exec driver and other non-Docker drivers that support network isolation.

When a client restarts, the network_hook's prerun will call
CreateNetwork. Drivers that don't implement their own network manager will
fall back to the default network manager, which doesn't handle the case where
the network namespace is being recreated safely. This results in an error and
the task being restarted for exec tasks with network blocks (this also
impacts the community containerd and probably other community task drivers).

If we get an error when attempting to create the namespace and that error is
because the file already exists and is locked by its process, then we'll
return a nil error with the created flag set to false, just as we do with
the docker driver.

@tgross tgross mentioned this pull request Jan 8, 2021
Closed
@tgross tgross force-pushed the b-default-network-hook-restart branch from 870d955 to 1897708 Compare January 8, 2021 14:42
@vercel vercel bot temporarily deployed to Preview – nomad January 8, 2021 14:42 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad-storybook-and-ui January 8, 2021 14:42 Inactive
@tgross
safely handle existing net namespace in default network manager
83b31ea 
When a client restarts, the network_hook's prerun will call
`CreateNetwork`. Drivers that don't implement their own network manager will
fall back to the default network manager, which doesn't handle the case where
the network namespace is being recreated safely. This results in an error and
the task being restarted for `exec` tasks with `network` blocks (this also
impacts the community `containerd` and probably other community task drivers).

If we get an error when attempting to create the namespace and that error is
because the file already exists and is locked by its process, then we'll
return a `nil` error with the `created` flag set to false, just as we do with
the `docker` driver.
@tgross tgross force-pushed the b-default-network-hook-restart branch from 1897708 to 83b31ea Compare January 8, 2021 14:43
@vercel vercel bot temporarily deployed to Preview – nomad January 8, 2021 14:44 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad-storybook-and-ui January 8, 2021 14:44 Inactive
@shishir-a412ed shishir-a412ed mentioned this pull request Jan 8, 2021
Merged
@tgross tgross added this to the 1.0.2 milestone Jan 11, 2021
@tgross tgross merged commit d650863 into master Jan 11, 2021
@tgross tgross deleted the b-default-network-hook-restart branch January 11, 2021 16:31
@shishir-a412ed shishir-a412ed mentioned this pull request Jan 11, 2021
Closed
@angrycub angrycub mentioned this pull request Nov 11, 2022
Merged
This was referenced Nov 11, 2022
Merged
Merged
Merged
@github-actions
Copy link

github-actions bot commented Dec 4, 2022

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 4, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nickethier nickethier nickethier approved these changes

@schmichael schmichael Awaiting requested review from schmichael

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.0.2
Development

Successfully merging this pull request may close these issues.

network hook fails after client restart w/ non-Docker driver
2 participants
@tgross @nickethier