Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[e2e] network bind to HostIP: unexpected source IP #18269

Closed
edsantiago opened this issue Apr 19, 2023 · 0 comments · Fixed by #18270
Closed

[e2e] network bind to HostIP: unexpected source IP #18269

edsantiago opened this issue Apr 19, 2023 · 0 comments · Fixed by #18270
Labels
flakes Flakes from Continuous Integration kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@edsantiago
Copy link
Member

Infrequent, but persistent enough to merit filing:

  podman run network bind to HostIP
...
# podman [options] run --network slirp4netns:outbound_addr=10.88.0.1,allow_host_loopback=true -dt quay.io/libpod/alpine:latest nc -w 2 10.0.2.2 32975
Ncat: Version 7.93 ( https://nmap.org/ncat )
Ncat: Listening on :::32975
Ncat: Listening on 0.0.0.0:32975
Ncat: Connection from 10.128.0.96.            <----- SURPRISE!
Ncat: Connection from 10.128.0.96:43257.      <----- HERE TOO
...
Expected
      <string>: Ncat: Version 7.93 ( https://nmap.org/ncat ) Ncat: Listening on :::32975 Ncat: Listening on 0.0.0.0:32975 Ncat: Connection from 10.128.0.96. Ncat: Connection from 10.128.0.96:43257.
  to contain substring
      <string>: 10.88.0.1

podman and podman-remote. Only root, never rootless. f37 and debian. It appears to be a consistent failure within a CI run (if it fails once, it fails on all ginkgo retries) but please grain-of-salt this: my flake logger only gets single-flakes under rare conditions. It does appear reasonable that once the surprise interface appears, it will linger.

The source address is always 10.128.0.x. On Fedora, the string 10.128.0 does not appear anywhere else in the logs, only in the flakes. On Debian, though, the full (same) source IP appears in various tests that cat /etc/hosts:

10.128.0.96	cirrus-task-6474821115052032.c.libpod-218412.internal cirrus-task-6474821115052032

I think instrumenting the e2e tests to run ip a (on the host) might offer troubleshooting hints on future failures. If I can't find a fix or workaround for this flake, I'll look into doing that.

Podman run networking [It] podman run network bind to HostIP

@edsantiago edsantiago added flakes Flakes from Continuous Integration kind/bug Categorizes issue or PR as related to a bug. labels Apr 19, 2023
edsantiago added a commit to edsantiago/libpod that referenced this issue Apr 19, 2023
uber/jaeger-client-go library is deprecated. Remove it.

Only place it's used is in one e2e test, a test that is flaking
in a way that suggests that the HostIP() weighting heuristic from
that module was not actually getting the best outgoing IP address.
So, switch to using what seems to be the current best practice.
No need to make it reusable, since it's only used in one place.

Oh, also remove undesired "-dt" from two "podman run"s. In one
it's harmless, in the other it would cause a test failure under
some circumstances.

Closes: containers#18269   (optimistic, aren't I?)

Signed-off-by: Ed Santiago <santiago@redhat.com>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Aug 26, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 26, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
flakes Flakes from Continuous Integration kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant