datapath: panic explicitly when IP of direct-routing-device not found #17064
Commits on Aug 16, 2021
-
datapath: panic explicitly when IP of direct-routing-device not found
A user reported the follow panic on agent startup: ``` level=info msg=" --devices=''" subsys=daemon level=info msg=" --direct-routing-device='wg0'" subsys=daemon ... level=info msg="Trying to auto-enable \"enable-node-port\", \"enable-external-ips\", \"enable-host-reachable-services\", \"enable-host-port\", \"enable-session-affinity\" features" subsys=daemon ... level=info msg="Cluster-ID is not specified, skipping ClusterMesh initialization" subsys=daemon panic: runtime error: index out of range [3] with length 0 goroutine 1 [running]: encoding/binary.bigEndian.Uint32(...) /usr/local/go/src/encoding/binary/binary.go:112 github.com/cilium/cilium/pkg/byteorder.HostSliceToNetwork(0x0, 0x0, 0x0, 0xa, 0x4795aa0, 0x41983f8) /go/src/github.com/cilium/cilium/pkg/byteorder/byteorder.go:134 +0x24f github.com/cilium/cilium/pkg/datapath/linux/config.(*HeaderfileWriter).WriteNodeConfig(0x4792cf0, 0x2e86b00, 0xc0005b4fe8, 0xc0000fcc68, 0x0, 0x0) /go/src/github.com/cilium/cilium/pkg/datapath/linux/config/config.go:426 +0x47db github.com/cilium/cilium/daemon/cmd.(*Daemon).createNodeConfigHeaderfile(0xc0001d5200, 0x0, 0x0) /go/src/github.com/cilium/cilium/daemon/cmd/datapath.go:72 +0x3e9 github.com/cilium/cilium/daemon/cmd.(*Daemon).init(0xc0001d5200, 0x4239c20, 0x42278e0) /go/src/github.com/cilium/cilium/daemon/cmd/daemon.go:233 +0x6a6 ``` With some investigations, this is how the panic happened: 1. --devices='' && --direct-routing-device='wg0' resulted in final option.Config.Devices=["eth0"] on his machine; which further led to 2. no ip address were initialized in NodePort IPv4 address map for `wg0`, then 3. `nodePortIPv4Addrs["wg0"]` returned an empty net.IP object, and the subsequent byteorder convertion paniced as above Although it's the user to blame for misconfiguration, the panic message is not so friendly either for ordinary users determining what's happened and how to fix it. This patch improves it by checking the existance of the IP address before using it, and panic explicitly with more user-friendly messages. Update: this patch also helps even if c042c05 is added recently, as the latter also accesses indexes before checking IP existance: ```go 10 // NetIPv4ToHost32 converts an net.IP to a uint32 in host byte order. ip 11 // must be a IPv4 address, otherwise the function will panic. 12 func NetIPv4ToHost32(ip net.IP) uint32 { 13 ipv4 := ip.To4() 14 _ = ipv4[3] // Assert length of ipv4. 15 return Native.Uint32(ipv4) 16 } ``` Signed-off-by: ArthurChiao <arthurchiao@hotmail.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.