Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Reset endpoint port info on connectivity revoke in bridge driver #1504

Merged
merged 2 commits into from
Oct 13, 2016
Merged

Reset endpoint port info on connectivity revoke in bridge driver #1504

merged 2 commits into from
Oct 13, 2016

Conversation

aboch
Copy link
Contributor

@aboch aboch commented Oct 12, 2016
edited
Loading 

$ # create two networks and run a container on the second one in lexical order
$ docker network create nwa
11d1f4bc8e5e3c06d3025fb2509869fa8f31e0b428a2185e60a649ab5ede552f
$ docker network create nwb
d84ae082627e45ea3254a86b905a20869a9ca8d910be53c046a8f955991454bc
$
$ docker run -d --name w0 --restart always -d -p 8000:8000 -p 9000:9000 --network nwb busybox top
7b208647007d947855eecd8d43124d1c7f6bebfb2cc68c28db3438ec2602164f
$ 
$ sudo iptables -t nat -S POSTROUTING | grep dport
-A POSTROUTING -s 172.19.0.2/32 -d 172.19.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.19.0.2/32 -d 172.19.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
$ 
$ # connect the container to the first network to trigger the external connectivity change
$ docker network connect nwa w0
$ 
$ sudo iptables -t nat -S POSTROUTING | grep dport
-A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
$ 
$ docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                                            NAMES
7b208647007d        busybox             "top"               About a minute ago   Up About a minute   0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp   w0
$ 
$ # now kill docker daemon and restart
$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
$ 

Logs from daemon start:

ERRO[0002] Failed to start container 7b208647007d947855eecd8d43124d1c7f6bebfb2cc68c28db3438ec2602164f: driver failed programming external connectivity on endpoint w0 (e9deb1c283c0dade7d25e614d1d16d332ae3a1df153ef9942a142bb135017440): Bind for 0.0.0.0:9000 failed: port is already allocated

aboch added 2 commits October 12, 2016 13:02
@aboch
Reset endpoint port info on connectivity revoke in bridge driver
c0271af 
- and update it to store. Otherwise after an ungraceful shutdown,
  at next boot there will be in store two bridge endpoints with
  same port-mapping data. When bridge driver will try to restore
  the endpoints, there will be conflicts and a container with
  restart policy could fail to start.

Signed-off-by: Alessandro Boch <aboch@docker.com>
@aboch
Force go 1.7.1 in circle.yml to resolve failure to get golint
529a4c3 
Signed-off-by: Alessandro Boch <aboch@docker.com>
@mavenugo
Copy link
Contributor

LGTM

@mavenugo mavenugo merged commit 5148486 into moby:master Oct 13, 2016
This was referenced Oct 18, 2016
Open
Merged
Closed
@cirocosta cirocosta mentioned this pull request Oct 28, 2016
Open
@davidxia
Copy link

What version of Docker will include this fix?

@aboch
Copy link
Contributor Author

aboch commented Nov 14, 2016

@davidxia Docker 1.12.3

@aboch aboch deleted the ports branch November 16, 2016 18:22
@aboch aboch mentioned this pull request Dec 23, 2016
Closed
liusdu pushed a commit to liusdu/moby that referenced this pull request Oct 30, 2017
@coolljt0725
Reset endpoint port info on connectivity revoke in bridge driver
41cb90a 
- and update it to store. Otherwise after an ungraceful shutdown,
  at next boot there will be in store two bridge endpoints with
  same port-mapping data. When bridge driver will try to restore
  the endpoints, there will be conflicts and a container with
  restart policy could fail to start.

cherry-pick from: moby/libnetwork#1504

Signed-off-by: Alessandro Boch <aboch@docker.com>
Signed-off-by: Lei Jitang <leijitang@huawei.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status/2-needs-code-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aboch @mavenugo @davidxia @GordonTheTurtle