-
Notifications
You must be signed in to change notification settings - Fork 18.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
daemon: return an InvalidParameter error when ep settings are wrong #47159
Conversation
Since v25.0 (commit ff50388), we validate endpoint settings when containers are created, instead of doing so when containers are started. However, a container created prior to that release would still trigger validation error at start-time. In such case, the API returns a 500 status code because the Go error isn't wrapped into an InvalidParameter error. This is now fixed. Signed-off-by: Albin Kerouanton <albinker@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Hm.. it's unexpected for an existing container to no longer start; can we add a migration step to fix the container when upgrading from a previous version? Similar to the migration step that was added in #46926 for the (now removed) logentries logging driver? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change LGTM, but left a comment above to look at migration of existing containers
@akerouanton or @robmry could one of you open a cherry-pick for the 25.0 branch? |
Discussed internally -- I don't think any existing container would no longer start. It's rather that, it's now impossible to create a container with an invalid container. When network config |
@akerouanton Did that container start in v24, or did it fail to start? (wondering if the validation rules changed between v24 and v25; perhaps the logic (validate on start) is the same, but if the validation rules changed 🤔) |
@thaJeztah There might be -- I'm waiting for more details on docker/for-linux#1481. If that's the case, I agree we need to either fix the validation or add some migration logic. I'll open a backport. |
This validation logic has another unintended side-effect for Docker Swarm users, I think. We have a Docker Swarm cluster with the wrong subnet config of 10.0.0.1/16. I think this needs to be cleaned up, but it would be nice to leave an upgrade path for everyone that has a cluster with a slightly broken (but working) config. |
@s4ke Thanks for reporting. Could you please open a ticket describing how this issue manifests, etc...? |
Is it in that case that swarm has a service with an invalid config stored, which now fails (i.e. if it tries to (re)create tasks from that config, it fails? 🤔 |
@thaJeztah Exactly that. I am currently in the process of recreating at least part of our clusters, but I think that we are not the only people running into this. Sadly we have had this error also in our swarmsible repo (https://github.com/neuroforgede/swarmsible), so anyone that is using this will have run into the same issue as the examples there were wrong, but that is not your problem :) |
Do you know what option is invalid? (curious if this is something we could adjust for if the container is created through the SwarmKit executor) |
You mean the exact field in the service spec? EDIT: just checked. The service spec nor the output of docker inspect does not mention anything regarding the subnet config. This issue stems from the ingress creation that was done wrong:
|
- What I did
Since v25.0 (commit ff50388), we validate endpoint settings when containers are created, instead of doing so when containers are started. However, a container created prior to that release would still trigger validation error at start-time. In such case, the API returns a 500 status code because the Go error isn't wrapped into an InvalidParameter error. This is now fixed.
- How to verify it
- A picture of a cute animal (not mandatory but encouraged)