diff options
author | Matthew Heon <matthew.heon@pm.me> | 2019-09-23 14:54:10 -0400 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2019-09-24 09:52:11 -0400 |
commit | b57d2f4cc7bb26e8bd2ec4cf4eb66f739ed3beb4 (patch) | |
tree | 4d0c22a5d8977b330c7431c72bd53899ff6f07e7 | |
parent | c0eff1a81c2718498aa8e75f7e45bfb688c91482 (diff) | |
download | podman-b57d2f4cc7bb26e8bd2ec4cf4eb66f739ed3beb4.tar.gz podman-b57d2f4cc7bb26e8bd2ec4cf4eb66f739ed3beb4.tar.bz2 podman-b57d2f4cc7bb26e8bd2ec4cf4eb66f739ed3beb4.zip |
Force a CNI Delete on refreshing containers
CNI expects that a DELETE be run before re-creating container
networks. If a reboot occurs quickly enough that containers can't
stop and clean up, that DELETE never happens, and Podman
currently wipes the old network info and thinks the state has
been entirely cleared. Unfortunately, that may not be the case on
the CNI side. Some things - like IP address reservations - may
not have been cleared.
To solve this, manually re-run CNI Delete on refresh. If the
container has already been deleted this seems harmless. If not,
it should clear lingering state.
Fixes: #3759
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
-rw-r--r-- | libpod/container_internal.go | 2 | ||||
-rw-r--r-- | libpod/container_internal_linux.go | 7 | ||||
-rw-r--r-- | libpod/container_internal_unsupported.go | 4 |
3 files changed, 12 insertions, 1 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 8b96b3f62..7403a216b 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -622,7 +622,7 @@ func (c *Container) refresh() error { return err } - return nil + return c.refreshCNI() } // Remove conmon attach socket and terminal resize FIFO diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 355b9bea4..ad218e757 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1294,3 +1294,10 @@ func (c *Container) copyOwnerAndPerms(source, dest string) error { } return nil } + +// Teardown CNI config on refresh +func (c *Container) refreshCNI() error { + // Let's try and delete any lingering network config... + podNetwork := c.runtime.getPodNetwork(c.ID(), c.config.Name, "", c.config.Networks, c.config.PortMappings, c.config.StaticIP) + return c.runtime.netPlugin.TearDownPod(podNetwork) +} diff --git a/libpod/container_internal_unsupported.go b/libpod/container_internal_unsupported.go index 6fa19a778..05a587c59 100644 --- a/libpod/container_internal_unsupported.go +++ b/libpod/container_internal_unsupported.go @@ -40,3 +40,7 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti func (c *Container) copyOwnerAndPerms(source, dest string) error { return nil } + +func (c *Container) refreshCNI() error { + return define.ErrNotImplemented +} |