Docket Network Naming Requirement Inconsistent with Error Message

[patran]

Description

Cannot create a network with a name that contains "."

Steps to reproduce the issue:

1. docker network create --driver overlay a.b.c

Describe the results you received:
Error response from daemon: rpc error: code = 3 desc = name must be valid as a DNS name component

Describe the results you expected:
Expected for the network to be created. As it turns out, the name cannot contain "." is that a requirement?

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Version:      17.03.0-ce
 API version:  1.26
 Go version:   go1.7.5
 Git commit:   60ccb22
 Built:        Thu Feb 23 11:02:43 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.0-ce
 API version:  1.26 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   60ccb22
 Built:        Thu Feb 23 11:02:43 2017
 OS/Arch:      linux/amd64
 Experimental: false

Output of docker info:

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 15
Server Version: 17.03.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: active
 NodeID: tx0s9bitg2858pprm672u4sjk
 Is Manager: true
 ClusterID: 9s5f2yjdf2hgzihiqxxaj7qqc
 Managers: 3
 Nodes: 4
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 3
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
 Node Address: 192.168.2.10
 Manager Addresses:
  192.168.2.10:2377
  192.168.2.11:2377
  192.168.2.12:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 977c511eda0925a723debdc94d09459af49d082a
runc version: a01dafd48bc1c7cc12bdb01206f9fea7dd6feb70
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-66-generic
Operating System: Ubuntu 16.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 62.81 GiB
Name: abc-1-0
ID: IANG:AAAV:VMKY:LED7:DZVV:Z3HO:FIPC:CW2A:4GB7:OACF:MKM7:F6I6
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Experimental: false
Insecure Registries:
 192.168.1.1:4000
 127.0.0.0/8
Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, etc.):
uname -a
Linux aulac-1-0 4.4.0-66-generic #87-Ubuntu SMP Fri Mar 3 15:29:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Baremetal physical servers

[thaJeztah]

/cc @aboch

[aboch]

This is because the swarmkit validation of annotations' names.
It was added to reject dots in service names, so that they would not pollute the task DNS name (moby/swarmkit/pull/898)

But given the validation function is run on the annotations of all top objects, this rule gets enforced for swarm networks as well.

[patran]

@aboch , sure. However, the error message is probably misleading:

"name must be valid as a DNS name component"

as a.b.c, a.b.com, etc. would seem to be perfectly valid DNS name

[aboch]

@patran
From my side I was saying that probably the restriction to the network name happened accidentally.
Are you instead saying you are ok with this restriction on the network name, and that you are just requesting a change to the error message ?

Regarding the error message, the rationale behind it, I would let @dperny comment.

[aluzzardi]

It's not accidental, Swarm enforces DNS name validation.

Dots are reserved for swarmkit, e.g., in the future we might have networkname.<namespace>.<clustername>.

[thaJeztah]

as a.b.c, a.b.com, etc. would seem to be perfectly valid DNS name

The confusion here is probably in the component part of the error message. a.b.com is a perfectly valid DNS name, but not a valid component (i.e. <component>.<component>.<tld>)

[patran]

I would prefer no restriction, but I am ok with the naming restriction. Especially, I think the documentation needs to be updated to be crystal clear about what naming convention to avoid so as not to conflict with future internal docker stuff. I can image the fun of tracing those conflicts at 2:00am :)

@thaJeztah varies wildly these days. The number of tld keeps on increasing too. I would suggest either allow dots in the names or disallow and make the documentation and error messages plainly clear to the effect