-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Listing network from Docker fails during container removal #17341
Comments
Thanks for reaching out, @Agalin! I bookmarked the issue to fix it on Monday unless others beat me to it :) |
Thanks for a quick reaction. For now I can confirm that simply skipping non-existent containers in |
Care to open a PR? |
Don't believe my golang skills are good enough to do it right, it's an ugly hack right now that doesn't even pass linter checks. |
Handle a race condition in the REST API when listing networks. In between listing all containers and inspecting them, they may have already been removed, so handle this case gracefully. [NO NEW TESTS NEEDED] as it's a race condition. Fixes: containers#17341 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Handle a race condition in the REST API when listing networks. In between listing all containers and inspecting them, they may have already been removed, so handle this case gracefully. [NO NEW TESTS NEEDED] as it's a race condition. Fixes: containers#17341 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Issue Description
If you start Podman API server and try to inspect a network from Docker (or Docker-compatible library, e.g. one used by Gitlab Runner) you get also a list of containers in that network (for backward compatibility with Docker, Podman doesn't show that data).
But if container is currently being removed -or added, not sure here - this request fails with:
The interesting part is that you get the same error even if you run
docker network ls
instead ofdocker network inspect <network>
.I believe it may be the cause of this Gitlab Runner issue (or it's at least one of the causes) and one similar error that I believe has not been reported to Gitlab yet that I've only observed with Podman 4.4.
Steps to reproduce the issue
Steps to reproduce the issue
podman system service
).podman network create test
).export DOCKER_HOST=unix://<path to socket>
).docker network list
ordocker network inspect test
(check below the list for an example code).Example creation loop:
Example watch (you need to open the file to find those lines, terminal control keys used to clear screan are stored in it so simple
cat
won't work):watch -tn 0.1 --exec docker network ls | tee -a test.log
Describe the results you received
Podman server sometimes fails with container not found error. Log entry:
Describe the results you expected
No errors for either request.
Ff Podman finds it cannot retrieve container details because it does no longer exist it should just remove it from
network inspect
output.In case of
network list
I'm not even sure if there is a reason to create this containers list in the first place - does JSON response contain that field? I don't see an option in docker's cli to show containers in this view.podman info output
Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
Yes
Additional environment details
Running on Fedora 37 in a VM with self-compiled Podman and conmon. SELinux enabled.
Same error observed earlier using latest Fedora 37 packages (Podman 4.3.1, conmon 2.1.5).
Same Gitlab Runner issue observed even earlier (on Podman 4.3.0, older conmon, runc, netavark, aardvark, etc.) although I don't have exact versions nor a way to confirm 100% that it means it's caused by the same problem. If this is the case then oldest report (author of that Gitlab issue) comes from Podman 3.4.2.
Additional information
No response
The text was updated successfully, but these errors were encountered: