search

docker / for-linux

Docker Engine for Linux
https://docs.docker.com/engine/installation/
753 stars 85 forks source link

Bridge option "com.docker.network.bridge.name" works unexpected #117

Open naviot opened 6 years ago

naviot commented 6 years ago

Expected behavior

Docker containers with custom bridge name must have working network

Actual behavior

If use custom bridge name through com.docker.network.bridge.name with bridge driver and run any container with new network - new bridge will lose network settings

Steps to reproduce the behavior

  1. Create CoreOS instantce 
    gcloud compute instances create coreos-stable-test --custom-cpu=2 --custom-memory=2048MiB --image-project coreos-cloud --image-family coreos-stable  --zone=us-central1-f
  2. Create new network 
    
docker network create \
           -o com.docker.network.bridge.enable_ip_masquerade=true \
           -o com.docker.network.bridge.enable_icc=true \
           -o com.docker.network.bridge.name=scalr-br-int \
           --driver=bridge \
           --subnet=172.19.5.0/16 \
           --ip-range=172.19.5.0/24 \
           --gateway=172.19.5.1 \
           scalr-int
check network settings

afafa@coreos-stable-test ~ $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens4v1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc mq state UP group default qlen 1000 link/ether 42:01:0a:f0:00:0d brd ff:ff:ff:ff:ff:ff inet 10.240.0.13/32 brd 10.240.0.13 scope global dynamic ens4v1 valid_lft 84560sec preferred_lft 84560sec inet6 fe80::4001:aff:fef0:d/64 scope link valid_lft forever preferred_lft forever 3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:0a:b5:1d:58 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 scope global docker0 valid_lft forever preferred_lft forever 15: scalr-br-int: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:06:eb:91:6c brd ff:ff:ff:ff:ff:ff inet 172.19.5.1/16 scope global scalr-br-int valid_lft forever preferred_lft forever

3. Run container with new network

docker run --net=scalr-int hello-world

check network settings

afafa@coreos-stable-test ~ $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens4v1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc mq state UP group default qlen 1000 link/ether 42:01:0a:f0:00:0d brd ff:ff:ff:ff:ff:ff inet 10.240.0.13/32 brd 10.240.0.13 scope global dynamic ens4v1 valid_lft 84451sec preferred_lft 84451sec inet6 fe80::4001:aff:fef0:d/64 scope link valid_lft forever preferred_lft forever 3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:0a:b5:1d:58 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 scope global docker0 valid_lft forever preferred_lft forever 15: scalr-br-int: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:06:eb:91:6c brd ff:ff:ff:ff:ff:ff inet6 fe80::42:6ff:feeb:916c/64 scope link valid_lft forever preferred_lft forever

as you can see scalr-br-int lose IPv4 settings

<!--
Describe the exact steps to reproduce. If possible, provide a *minimum*
reproduction example; take into account that others do not have access
to your private images, source code, and environment.

REMOVE SENSITIVE DATA BEFORE POSTING (replace those parts with "REDACTED")
-->

**Output of `docker version`:**

Client: Version: 1.12.6 API version: 1.24 Go version: go1.7.6 Git commit: a82d35e Built: Wed Sep 20 22:27:13 2017 OS/Arch: linux/amd64

Server: Version: 1.12.6 API version: 1.24 Go version: go1.7.6 Git commit: a82d35e Built: Wed Sep 20 22:27:13 2017 OS/Arch: linux/amd64


**Output of `docker info`:**

Containers: 6 Running: 0 Paused: 0 Stopped: 6 Images: 1 Server Version: 1.12.6 Storage Driver: overlay Backing Filesystem: extfs Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge null host overlay Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: seccomp selinux Kernel Version: 4.12.14-coreos Operating System: Container Linux by CoreOS 1465.8.0 (Ladybug) OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 1.957 GiB Name: coreos-stable-test.c.scalr-labs.internal ID: T6V5:AYV4:74QL:HBZG:YLAB:PATJ:6G5Y:NKES:QLSD:AXKY:ATS6:PBNO Docker Root Dir: /var/lib/docker Debug Mode (client): false
Debug Mode (server): true File Descriptors: 14 Goroutines: 22 System Time: 2017-10-02T13:34:38.211304229Z EventsListeners: 0 Registry: https://index.docker.io/v1/ Insecure Registries: 127.0.0.0/8


**Additional environment details (AWS, VirtualBox, physical, etc.)**
**CoreOS info:**

DISTRIB_ID="Container Linux by CoreOS" DISTRIB_RELEASE=1465.8.0 DISTRIB_CODENAME="Ladybug"
DISTRIB_DESCRIPTION="Container Linux by CoreOS 1465.8.0 (Ladybug)"

**Output of docker debug log:**

Oct 02 13:24:17 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:17.994822136Z" level=debug msg="Calling POST /v1.24/containers/create" Oct 02 13:24:17 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:17.995175713Z" level=debug msg="form data: {\"AttachStderr\":true,\"Atta chStdin\":false,\"AttachStdout\":true,\"Cmd\":null,\"Domainname\":\"\",\"Entrypoint\":null,\"Env\":[],\"HostConfig\":{\"AutoRemove\":false,\"Binds\":null,\"BlkioDe viceReadBps\":null,\"BlkioDeviceReadIOps\":null,\"BlkioDeviceWriteBps\":null,\"BlkioDeviceWriteIOps\":null,\"BlkioWeight\":0,\"BlkioWeightDevice\":null,\"CapAdd\":null,\"CapDrop\":null,\"Cgroup\":\"\",\"CgroupParent\":\"\",\"ConsoleSize\":[0,0],\"ContainerIDFile\":\"\",\"CpuCount\":0,\"CpuPercent\":0,\"CpuPeriod\":0,\"CpuQuota\":0,\"CpuShares\":0,\"CpusetCpus\":\"\",\"CpusetMems\":\"\",\"Devices\":[],\"DiskQuota\":0,\"Dns\":[],\"DnsOptions\":[],\"DnsSearch\":[],\"ExtraHosts\":null,\"GroupAdd\":null,\"IOMaximumBandwidth\":0,\"IOMaximumIOps\":0,\"IpcMode\":\"\",\"Isolation\":\"\",\"KernelMemory\":0,\"Links\":null,\"LogConfig\":{\"Config\":{},\"Type\":\"\"},\"Memory\":0,\"MemoryReservation\":0,\"MemorySwap\":0,\"MemorySwappiness\":-1,\"NetworkMode\":\"scalr-int\",\"OomKillDisable\":false,\"OomScoreAdj\":0,\"PidMode\":\"\",\"PidsLimit\":0,\"PortBindings\":{},\"Privileged\":false,\"PublishAllPorts\":false,\"ReadonlyRootfs\":false,\"RestartPolicy\":{\"MaximumRetryCount\":0,\"Name\":\"no\"},\"SecurityOpt\":null,\"ShmSize\":0,\"UTSMode\":\"\",\"Ulimits\":null,\"UsernsMode\":\"\",\"VolumeDriver\":\"\",\"VolumesFrom\":null},\"Hostname\":\"\",\"Image\":\"hello-world\",\"Labels\":{},\"NetworkingConfig\":{\"EndpointsConfig\":{}},\"OnBuild\":null,\"OpenStdin\":false,\"StdinOnce\":false,\"Tty\":false,\"User\":\"\",\"Volumes\":{},\"WorkingDir\":\"\"}" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.014822872Z" level=debug msg="container mounted via layerStore: /var/lib/docker/overlay/30bfbf531f2f50190a265d3cb933283631a3dd162e4988ad1bc5715dc5680fc9/merged" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.028120030Z" level=debug msg="Calling POST /v1.24/containers/1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a/attach?stderr=1&stdout=1&stream=1" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.028267142Z" level=debug msg="attach: stdout: begin" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.028312634Z" level=debug msg="attach: stderr: begin" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.028868448Z" level=debug msg="Calling POST /v1.24/containers/1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a/start" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.029935607Z" level=debug msg="container mounted via layerStore: /var/lib/docker/overlay/30bfbf531f2f50190a265d3cb933283631a3dd162e4988ad1bc5715dc5680fc9/merged" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.030296353Z" level=debug msg="Assigning addresses for endpoint modest_kirch's interface on network scalr-int" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.030518289Z" level=debug msg="RequestAddress(LocalDefault/172.19.0.0/16/172.19.5.0/24, , map[])" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.081997177Z" level=debug msg="Assigning addresses for endpoint modest_kirch's interface on network scalr-int" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.117951250Z" level=debug msg="Programming external connectivity on endpoint modest_kirch (9ffa5ebaa933817f8d97c9806fdb10144cf9f0ce9aefda9f6eff620e413d6a9d)" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18Z" level=info msg="Firewalld running: false" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.257790271Z" level=debug msg="sandbox set key processing took 83.926806ms for container 1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.292986826Z" level=debug msg="libcontainerd: received containerd event: &types.Event{Type:\"start-container\", Id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\", Status:0x0, Pid:\"\", Timestamp:(timestamp.Timestamp)(0xc4207aade0)}" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.299831631Z" level=debug msg="libcontainerd: event unhandled: type:\"start-container\" id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\" timestamp: " Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.310772734Z" level=debug msg="libcontainerd: received containerd event: &types.Event{Type:\"exit\", Id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\", Status:0x0, Pid:\"init\", Timestamp:(timestamp.Timestamp)(0xc42076eca0)}" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311034329Z" level=debug msg="attach: stdout: end" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311061166Z" level=debug msg="attach: stderr: end" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311274576Z" level=debug msg="Revoking external connectivity on endpoint modest_kirch (9ffa5ebaa933817f8d97c9806fdb10144cf9f0ce9aefda9f6eff620e413d6a9d)" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18Z" level=info msg="Firewalld running: false" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.257790271Z" level=debug msg="sandbox set key processing took 83.926806ms for container 1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.292986826Z" level=debug msg="libcontainerd: received containerd event: &types.Event{Type:\"start-container\", Id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\", Status:0x0, Pid:\"\", Timestamp:(timestamp.Timestamp)(0xc4207aade0)}" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.299831631Z" level=debug msg="libcontainerd: event unhandled: type:\"start-container\" id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\" timestamp: " Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.310772734Z" level=debug msg="libcontainerd: received containerd event: &types.Event{Type:\"exit\", Id:\"1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a\", Status:0x0, Pid:\"init\", Timestamp:(timestamp.Timestamp)(0xc42076eca0)}" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311034329Z" level=debug msg="attach: stdout: end" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311061166Z" level=debug msg="attach: stderr: end" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.311274576Z" level=debug msg="Revoking external connectivity on endpoint modest_kirch (9ffa5ebaa933817f8d97c9806fdb10144cf9f0ce9aefda9f6eff620e413d6a9d)" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.312230893Z" level=debug msg="Calling POST /v1.24/containers/1cb1cebf18345469507a10e80d821c7872ee1b0bcf3d6b6d4b4fb9cdf3d1a03a/wait" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.371661381Z" level=debug msg="Releasing addresses for endpoint modest_kirch's interface on network scalr-int" Oct 02 13:24:18 coreos-stable-test.c.scalr-labs.internal env[1757]: time="2017-10-02T13:24:18.371709163Z" level=debug msg="ReleaseAddress(LocalDefault/172.19.0.0/16/172.19.5.0/24, 172.19.5.0)"


### Workaround
Use docker name with pattern docker[0-100]:
if change bridge name to docker1 or docker10
after running container it will keep IPv4 settings

21: docker10: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:88:b4:46:03 brd ff:ff:ff:ff:ff:ff inet 172.19.5.1/16 scope global docker10 valid_lft forever preferred_lft forever inet6 fe80::42:88ff:feb4:4603/64 scope link valid_lft forever preferred_lft forever

fewebahr commented 6 years ago

+1

fewebahr commented 6 years ago

You can also work around the issue by leaving the option on entirely and letting the name default