Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Swarm scoped networks have wrong IPAM config on worker #37089

Open
stffabi opened this issue May 17, 2018 · 0 comments
Open

Swarm scoped networks have wrong IPAM config on worker #37089

stffabi opened this issue May 17, 2018 · 0 comments
Labels
area/networking/ipam area/networking area/swarm version/18.03

Comments

@stffabi
Copy link

stffabi commented May 17, 2018

Description

A swarm scoped bridge network with IPAM configs (e.g. --subnet) get created on the worker without the correct IPAM configs.

Steps to reproduce the issue:

  • Build a docker swarm (swarm-kit swarm) consisting of one manager (host-1) and one worker node (host-2).

  • On host-1 create a bridge network in swarm scope

    docker network create test_net --subnet=10.43.0.0/16 --scope=swarm

  • On host-1 create a test service, docker stack deploy -c test.yml test using the following yaml file.

version: "3"

services:
  proxy:
    image: emilevauge/whoami
    networks:
      - test_net
    deploy:
      mode: global
      placement:
        constraints:
          - node.role == worker
      update_config:
        parallelism: 1
        delay: 10s
      restart_policy:
        condition: on-failure

networks:
  test_net:
    external: true
  • On host-2 wait until task is started and inspect the network with docker network inspect test_net. The network has not the subnet as specified during the create on the manager node.
[
    {
...
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.21.0.0/16",
                    "Gateway": "172.21.0.1"
                }
            ]
        },
...
    }
]

Describe the results you received:

Creating a swarm scoped bridge network with a subnet, e.g. 10.43.0.0/16, results in a bridge network with another subnet on the worker nodes.

Describe the results you expected:

The created bridge network on the workers should have the same subnet as specified on the master node.

Implementation analysis:

During the creation of the agent network here, docker uses the IPAM settings of the network struct. Accordingly to the comment here this is the "Runtime state of the IPAM options". As the network is not currently running this should be nil and results in creating a network with the default options.

Shouldn't docker use the IPAM options from the Network.Spec instead?

Output of docker version:

Client:
 Version:	18.03.0-ce
 API version:	1.37
 Go version:	go1.9.2
 Git commit:	0520e24
 Built:	Wed Mar 21 23:05:52 2018
 OS/Arch:	linux/amd64
 Experimental:	false
 Orchestrator:	swarm

Server:
 Engine:
  Version:	18.03.0-ce
  API version:	1.37 (minimum version 1.12)
  Go version:	go1.9.4
  Git commit:	0520e24
  Built:	Wed Mar 21 23:14:54 2018
  OS/Arch:	linux/amd64
  Experimental:	false

Output of docker info:

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 18.03.0-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: active
 NodeID: qtjvbgl6eenm9zfrejrwieh9i
 Is Manager: true
 ClusterID: zctydfhrwm9zujvj2tjc6rr7g
 Managers: 1
 Nodes: 2
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 3
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
  Force Rotate: 0
 Autolock Managers: false
 Root Rotation In Progress: false
 Node Address: [IP-ADDRESS-REMOVED]
 Manager Addresses:
  [IP-ADDRESS-REMOVED]:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: cfd04396dc68220d1cecbe686a6cc3aa5ce3667c
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.14.32-rancher2
Operating System: RancherOS v1.4.0-rc1
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.949GiB
Name: test-swarm-manager-0
ID: LZ6B:V2XM:35FG:S7S5:P6OI:I75R:L7HZ:3BEW:RGQQ:MTHF:GLNR:475N
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/networking/ipam area/networking area/swarm version/18.03
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thaJeztah @stffabi @GordonTheTurtle