internal/libdocker: remove deprecated CheckDuplicate field in CreateNetwork

[skylenet]

No description provided.

[fjl]

Can you give some context about the issue?

[skylenet]

@fjl nothing clear yet. Still debugging an issue that I've noticed (That's why the PR is in draft) . I just noticed some weird iptables errors on CI runs on the discv4/discv5 runs:

can't create network: API error (500): add inter-network communication rule:  (iptables failed: iptables --wait -t filter -A DOCKER-ISOLATION-STAGE-1 -i br-a2d1363c17a5 ! -o br-a2d1363c17a5 -j DOCKER-ISOLATION-STAGE-2: iptables v1.8.10 (nf_tables): Chain 'DOCKER-ISOLATION-STAGE-2' does not exist
Try `iptables -h' or 'iptables --help' for more information.
 (exit status 2))

This suspiciously started happening after this was merged in: #1369 .

Example failure: https://hive.ethpandaops.io/#/test/generic/1764570861-3701a5362e7a8cb676b3706263cf78ee

[fjl]

https://docs.docker.com/reference/api/engine/version-history/#v144-api-changes

POST /networks/create now returns a 400 if the IPAMConfig has invalid values. Note that this change is unversioned and applied to all API versions on daemon that support version 1.44.
POST /networks/create with a duplicated name now fails systematically. As such, the CheckDuplicate field is now deprecated. Note that this change is unversioned and applied to all API versions on daemon that support version 1.44.

So we can definitely remove CheckDuplicate

[fjl]

Attachable also seems not needed, the docs just say:

Globally scoped network is manually attachable by regular containers from workers in swarm mode.

But we don't use swarm.

[fjl]

You can try Driver: "overlay" or Scope: "local", it might change the provisioning method of the network.

[skylenet]

Seems to be an issue the way docker is installed/started. Forcing a restart on the docker daemon after the installation seems to solve the issue. I'll update this PR just to remove the deprecated CheckDuplicate field.

[skylenet]

Yeah, I'm not sure about the Attachable field. I'll leave it around. The docs mention The --attachable option used in the example above disables this restriction, and allows for both swarm services and manually started containers to attach to the overlay network. ( https://docs.docker.com/reference/cli/docker/network/create/ ) . So.. we do indeed sometimes "manually" attach an existing container to the network. I think that's what docker network connect is doing, which we also seem to be using in the code via func (b *ContainerBackend) ConnectContainer(containerID, networkID string) error.