-
Notifications
You must be signed in to change notification settings - Fork 364
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Windows]Check HostNamespace value when removing HcnEndpoint #2306
Conversation
/test-all |
Codecov Report
@@ Coverage Diff @@
## main #2306 +/- ##
==========================================
+ Coverage 62.05% 65.48% +3.43%
==========================================
Files 277 277
Lines 21588 21588
==========================================
+ Hits 13396 14137 +741
+ Misses 6792 6008 -784
- Partials 1400 1443 +43
Flags with carried forward coverage won't be shown. Click here to find out more.
|
@wenyingd please backport to 0.13, 1.0 and 1.1 once this is merged (see https://github.com/antrea-io/antrea/blob/main/docs/contributors/cherry-picks.md for directions) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@wenyingd I feel the commit message is a bit hard to understand.
If a HnsEndpoint is created without HostComputeNamespace, a default
value "00000000-0000-0000-0000-000000000000" should be set.
In which situation the if condition could happen? does it depend on user input or it's always like this. And do you mean "If ..., a default value ... will be set."?
But we can't find and HnsEndpoint in this namespace.
s/and/the/ ?
@@ -363,6 +363,10 @@ func (ic *ifConfigurator) removeHNSEndpoint(endpoint *hcsshim.HNSEndpoint, conta | |||
return nil | |||
} | |||
|
|||
func isValidHostNamespace(hostNamespace string) bool { | |||
return hostNamespace != "" && hostNamespace != "00000000-0000-0000-0000-000000000000" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In which case hostNamespace will be "00000000-0000-0000-0000-000000000000"? Does it apply to all Pods we create or it's because the pod is removed in some specific order?
Is it safe to not call RemoveNamespaceEndpoint
at all in this case?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"00000000-0000-0000-0000-000000000000" is used if we use "docker" to create container on Windows. It is because docker doesn't create host namespace when creating the sandbox container. But for "containerd", creating host namespace is a step before calling CNI to configure container network, so there should be a valid value.
To support containerd, we have a check here to ensure we could remove the HcnEndpoint(HnsEndpoint) from the host namespace.
However, if we remove HcnEndpoint from host namespace "00000000-0000-0000-0000-000000000000", Windows HCN API might return an Error, and it will break the continual steps (deleting HndEndpoint), and kept the HnsEndpoint on the host.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the explanation. could we also add the comment to the code for future reference? and maybe add the runtime information to #2301 so people know it's specific to docker.
/test-windows-conformance |
Do you think it's possible to have a windows version of Line 182 in e8ca544
|
If a HnsEndpoint is created without HostComputeNamespace, a default value "00000000-0000-0000-0000-000000000000" should be set. But we can't find and HnsEndpoint in this namespace. Signed-off-by: wenyingd <[email protected]>
/test-all |
That would be great. But I would like to add it in next release. Besides, I am just confused do we have Windows e2e testbed now? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There are already some Windows specific e2e tests. I believe test-windows-e2e runs e2e on windows testbed? |
/test-windows-e2e |
3 similar comments
/test-windows-e2e |
/test-windows-e2e |
/test-windows-e2e |
/test-windows-networkpolicy |
/test-e2e |
/test-windows-e2e |
windows-e2e failed once but I don't think it's related to this PR, and the same test passed in normal e2e test: https://jenkins.antrea-ci.rocks/job/antrea-e2e-for-pull-request/2780/.
Merging it to start backporting, will watch latest windows-e2e test for this PR to see if the failure is consistent. |
Weird, windows-e2e failed another time for same reason:
|
Figured out the reason why it failed in windows-e2e only, filed #2330 to track the issue. It's a regression when Egress and AntreaProxy are enabled together. |
For docker on Windows, no HostComputeNamespace is created before calling CNI to add network configuration. But containerd would do it. If a HnsEndpoint is created without HostComputeNamespace, a default value "00000000-0000-0000-0000-000000000000" should be set. HCN API should return an Error if a HnsEndpoint is removed from host Namespace "00000000-0000-0000-0000-000000000000". Hence, we skip invocation of "hcn.RemoveNamespaceEndpoint" for docker case.
Signed-off-by: wenyingd [email protected]
Fixes #2301