Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reset endpoint port info on connectivity revoke in bridge driver #1504

Merged
merged 2 commits into from
Oct 13, 2016
Merged

Reset endpoint port info on connectivity revoke in bridge driver #1504

merged 2 commits into from
Oct 13, 2016

Conversation

aboch
Copy link
Contributor

@aboch aboch commented Oct 12, 2016

$ # create two networks and run a container on the second one in lexical order
$ docker network create nwa
11d1f4bc8e5e3c06d3025fb2509869fa8f31e0b428a2185e60a649ab5ede552f
$ docker network create nwb
d84ae082627e45ea3254a86b905a20869a9ca8d910be53c046a8f955991454bc
$
$ docker run -d --name w0 --restart always -d -p 8000:8000 -p 9000:9000 --network nwb busybox top
7b208647007d947855eecd8d43124d1c7f6bebfb2cc68c28db3438ec2602164f
$ 
$ sudo iptables -t nat -S POSTROUTING | grep dport
-A POSTROUTING -s 172.19.0.2/32 -d 172.19.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.19.0.2/32 -d 172.19.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
$ 
$ # connect the container to the first network to trigger the external connectivity change
$ docker network connect nwa w0
$ 
$ sudo iptables -t nat -S POSTROUTING | grep dport
-A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.18.0.2/32 -d 172.18.0.2/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
$ 
$ docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                                            NAMES
7b208647007d        busybox             "top"               About a minute ago   Up About a minute   0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp   w0
$ 
$ # now kill docker daemon and restart
$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
$ 

Logs from daemon start:

ERRO[0002] Failed to start container 7b208647007d947855eecd8d43124d1c7f6bebfb2cc68c28db3438ec2602164f: driver failed programming external connectivity on endpoint w0 (e9deb1c283c0dade7d25e614d1d16d332ae3a1df153ef9942a142bb135017440): Bind for 0.0.0.0:9000 failed: port is already allocated 

aboch added 2 commits October 12, 2016 13:02
- and update it to store. Otherwise after an ungraceful shutdown,
  at next boot there will be in store two bridge endpoints with
  same port-mapping data. When bridge driver will try to restore
  the endpoints, there will be conflicts and a container with
  restart policy could fail to start.

Signed-off-by: Alessandro Boch <aboch@docker.com>
Signed-off-by: Alessandro Boch <aboch@docker.com>
@mavenugo
Copy link
Contributor

LGTM

@davidxia
Copy link

What version of Docker will include this fix?

@aboch
Copy link
Contributor Author

aboch commented Nov 14, 2016

@davidxia Docker 1.12.3

@aboch aboch deleted the ports branch November 16, 2016 18:22
liusdu pushed a commit to liusdu/moby that referenced this pull request Oct 30, 2017
- and update it to store. Otherwise after an ungraceful shutdown,
  at next boot there will be in store two bridge endpoints with
  same port-mapping data. When bridge driver will try to restore
  the endpoints, there will be conflicts and a container with
  restart policy could fail to start.

cherry-pick from: moby/libnetwork#1504

Signed-off-by: Alessandro Boch <aboch@docker.com>
Signed-off-by: Lei Jitang <leijitang@huawei.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants