diff options
author | Paul Holzinger <paul.holzinger@web.de> | 2021-01-20 22:56:13 +0100 |
---|---|---|
committer | Paul Holzinger <paul.holzinger@web.de> | 2021-01-21 11:50:45 +0100 |
commit | 836fa4c493c3809da4bbcbbec0bf5ceb954e7410 (patch) | |
tree | a07df59ab8a8ca5ef913c69c977662d0cbb441aa | |
parent | c1cd512cb824c4c470efe7660c91ffeda62327bc (diff) | |
download | podman-836fa4c493c3809da4bbcbbec0bf5ceb954e7410.tar.gz podman-836fa4c493c3809da4bbcbbec0bf5ceb954e7410.tar.bz2 podman-836fa4c493c3809da4bbcbbec0bf5ceb954e7410.zip |
Move the cni lock file into the cni config dir
Commit(fe3faa517e1b) introduced a lock file for network create/rm calls.
There is a problem with the location of the lock file. The lock file was
stored in the tmpdir. Running multiple podman network create/remove
commands in parallel with different tmpdirs made the lockfile inaccessible
to the other process, and so parallel read/write operations to the cni
config directory continued to occur. This scenario happened frequently
during the e2e tests and caused some flakes.
Fixes #9041
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
-rw-r--r-- | libpod/network/create.go | 2 | ||||
-rw-r--r-- | libpod/network/lock.go | 13 | ||||
-rw-r--r-- | libpod/network/network.go | 3 |
3 files changed, 13 insertions, 5 deletions
diff --git a/libpod/network/create.go b/libpod/network/create.go index 094fbe349..e7f65358b 100644 --- a/libpod/network/create.go +++ b/libpod/network/create.go @@ -23,7 +23,7 @@ func Create(name string, options entities.NetworkCreateOptions, runtimeConfig *c return nil, err } // Acquire a lock for CNI - l, err := acquireCNILock(filepath.Join(runtimeConfig.Engine.TmpDir, LockFileName)) + l, err := acquireCNILock(runtimeConfig) if err != nil { return nil, err } diff --git a/libpod/network/lock.go b/libpod/network/lock.go index 0395359eb..037f41efa 100644 --- a/libpod/network/lock.go +++ b/libpod/network/lock.go @@ -1,6 +1,10 @@ package network import ( + "os" + "path/filepath" + + "github.com/containers/common/pkg/config" "github.com/containers/storage" ) @@ -8,8 +12,13 @@ import ( // delete cases to avoid unwanted collisions in network names. // TODO this uses a file lock and should be converted to shared memory // when we have a more general shared memory lock in libpod -func acquireCNILock(lockPath string) (*CNILock, error) { - l, err := storage.GetLockfile(lockPath) +func acquireCNILock(config *config.Config) (*CNILock, error) { + cniDir := GetCNIConfDir(config) + err := os.MkdirAll(cniDir, 0755) + if err != nil { + return nil, err + } + l, err := storage.GetLockfile(filepath.Join(cniDir, LockFileName)) if err != nil { return nil, err } diff --git a/libpod/network/network.go b/libpod/network/network.go index 89f0b67ac..0fb878b18 100644 --- a/libpod/network/network.go +++ b/libpod/network/network.go @@ -6,7 +6,6 @@ import ( "encoding/json" "net" "os" - "path/filepath" "github.com/containernetworking/cni/pkg/types" "github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator" @@ -172,7 +171,7 @@ func ValidateUserNetworkIsAvailable(config *config.Config, userNet *net.IPNet) e // RemoveNetwork removes a given network by name. If the network has container associated with it, that // must be handled outside the context of this. func RemoveNetwork(config *config.Config, name string) error { - l, err := acquireCNILock(filepath.Join(config.Engine.TmpDir, LockFileName)) + l, err := acquireCNILock(config) if err != nil { return err } |