dmartin
commented
1 year ago I'd like to rethink this a bit, based on recent experiences with Docker network behavior. Will possibly re-propose something later on in PR form.
Closed dmartin closed 1 year ago
dmartin
commented
1 year ago I'd like to rethink this a bit, based on recent experiences with Docker network behavior. Will possibly re-propose something later on in PR form.
When an instance of a build is started, there are two types of Docker resources created:
Currently cmgr explicitly tracks the containers associated with an instance in a
containerstable, which looks like:however, the network is only implicitly associated with the instance, by naming it
cmgr-{instance_id}.This is usually fine, but can lead to issues when cmgr's state becomes out of sync with Docker's.
For example, say a user "forcibly resets" their cmgr state by deleting
cmgr.db. Afterwards, attempts to start new instances will fail (as the generated network names will conflict with ones left over from before), unless the user manually runsdocker network prune / rm.However, even that may not work, as Docker will sometimes fail to delete a network even when it does not actually have any remaining containers attached (this can also prevent stopping an instance in typical usage).
I have two proposed changes to make cmgr more resilient to mismatches with Docker engine state and networking bugs:
Allow Docker to generate network IDs, and explicitly store them in a
networkstable:which would then be used when calling
Manager.stopNetwork.Manager.stopInstance. I think this change would be justifiable, as failure to remove a network would no longer lead to name conflicts.As a note, a similar unlinking-of-IDs might be useful to avoid state-mismatch issues at the build level as well (using database-stored hashes for image tags and artifact directory names). In the worst case, this might lead to orphaned images and artifact files on disk, but would prevent the possibility of serving outdated content from prior cmgr installations.