New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

secrets break idempotence of `docker stack deploy` #34746

Closed
xificurC opened this Issue Sep 6, 2017 · 0 comments

Comments

Projects
None yet
2 participants
@xificurC

xificurC commented Sep 6, 2017

Description

As noted in #30506 secrets in a compose file keep restarting services that have no changes. Suspecting hash table randomization issues.

Steps to reproduce the issue:

  1. create a service with multiple secrets
  2. run docker stack deploy on it simultaneously

Describe the results you received:

service keeps restarting even though there were no changes

Describe the results you expected:

service to not restart

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Version:      17.06.0-ce
 API version:  1.30
 Go version:   go1.8.3
 Git commit:   02c1d87
 Built:        Fri Jun 23 21:23:31 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.06.0-ce
 API version:  1.30 (minimum version 1.12)
 Go version:   go1.8.3
 Git commit:   02c1d87
 Built:        Fri Jun 23 21:19:04 2017
 OS/Arch:      linux/amd64
 Experimental: false

Output of docker info:

Containers: 18
 Running: 18
 Paused: 0
 Stopped: 0
Images: 2310
Server Version: 17.06.0-ce
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 1980
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: active
 NodeID: yr5ugwmlw38m145zo5qxxjwyn
 Is Manager: true
 ClusterID: td3klvwxglmqpkv2gqjp6yqfr
 Managers: 1
 Nodes: 1
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 3
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
  Force Rotate: 0
 Root Rotation In Progress: false
 Node Address: 192.168.137.72
 Manager Addresses:
  192.168.137.72:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: cfb82a876ecc11b5ca0977d1733adbe58599088a
runc version: 2d41c047c83e09a6d61d464906feb2a2f3c52aa4
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-89-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.6GiB
Name: nagyubupc
ID: SFES:FFHP:66HW:X66F:W3A3:UZZV:I3QA:4A3O:BHMB:DLIP:ZNGE:37TG
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

Additional environment details (AWS, VirtualBox, physical, etc.):
ubuntu 16.04

xificurC pushed a commit to xificurC/cli that referenced this issue Sep 7, 2017

pnagy
sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

xificurC pushed a commit to xificurC/cli that referenced this issue Sep 7, 2017

pnagy
sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>

xificurC pushed a commit to xificurC/cli that referenced this issue Sep 8, 2017

pnagy
sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>

riyazdf added a commit to riyazdf/cli that referenced this issue Sep 18, 2017

sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>

riyazdf added a commit to riyazdf/cli that referenced this issue Sep 18, 2017

sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>

riyazdf added a commit to riyazdf/cli that referenced this issue Sep 18, 2017

sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>

thaJeztah added a commit to thaJeztah/docker-ce that referenced this issue Sep 19, 2017

sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>
(cherry picked from commit 27e8bdf32bbcc49ff3f8201b6da26aba567aa58e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

thaJeztah added a commit to thaJeztah/docker-ce that referenced this issue Sep 19, 2017

sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>
(cherry picked from commit 27e8bdf32bbcc49ff3f8201b6da26aba567aa58e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

andrewhsu pushed a commit to docker/docker-ce that referenced this issue Sep 19, 2017

pnagy
sort secrets and configs to ensure idempotence
`docker stack deploy` keeps restarting services it doesn't need to (no changes)
because the entries' order gets randomized at some previous (de)serialization.
Maybe it would be worth looking into this at a higher level and ensure
all (de)serialization happens in an ordered collection.

This quick fix sorts secrets and configs (in place, mutably) which ensures the
same order for each run.

Based on
moby/moby#30506

Fixes
moby/moby#34746

Signed-off-by: Peter Nagy <xificurC@gmail.com>
Upstream-commit: 27e8bdf32bbcc49ff3f8201b6da26aba567aa58e
Component: cli
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment