Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to get namespace using GetFromDocker #27

Open
sbezverk opened this issue Jul 18, 2018 · 3 comments
Open

Failed to get namespace using GetFromDocker #27

sbezverk opened this issue Jul 18, 2018 · 3 comments

Comments

@sbezverk
Copy link
Contributor

Hello, when I try to get namespace from a docker container by its id function call fails with:

2018/07/18 13:13:08 Failed to get Linux namespace for pod default/pod-1 with error: Unable to find 
container: d64735b6ad2c77732b62b293c7573a591b6fec4bb47df525b813b3ac4f04b732

But if I run docker inspect for this ID docker finds this container. Anything I am doing wrong?

[root@kube-3 ~]# docker inspect d64735b6ad2c77732b62b293c7573a591b6fec4bb47df525b813b3ac4f04b732
[
    {
        "Id": "d64735b6ad2c77732b62b293c7573a591b6fec4bb47df525b813b3ac4f04b732",
        "Created": "2018-07-18T15:00:15.785074265Z",
        "Path": "/bin/sh",
        "Args": [
            "-xec",
            "while true; do ( echo \"Doing nothing\"; sleep 30; ) done\n"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 29842,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2018-07-18T15:00:15.918309182Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
@mestery mestery mentioned this issue Oct 9, 2018
Merged
@g00nix
Copy link

g00nix commented Jun 8, 2019
edited
Loading

You should be able to use GetFromPath instead of GetFromDocker. Have a look at https://github.com/vishvananda/netns/blob/master/netns_linux.go:

// GetFromPath gets a handle to a network namespace
// identified by the path
func GetFromPath(path string) (NsHandle, error) {
	fd, err := syscall.Open(path, syscall.O_RDONLY, 0)
	if err != nil {
		return -1, err
	}
	return NsHandle(fd), nil
}

You should be able to get the namespace from /var/run/docker/netns. You can also do ln -s /var/run/docker/netns /var/run/netns and use GetFromName but that just calls GetFromPath in the background, but this is good only if you desire to also be able to control the network namespaces with ip netns (for example if you also run some bash commands on the netns)

sarun87 added a commit to sarun87/k8snetlook that referenced this issue Aug 28, 2020
@sarun87
Use Pid to get netns handle
5b123b2 
Issue seen: Unable to find container
Github: vishvananda/netns#27
@sarun87 sarun87 mentioned this issue Aug 28, 2020
Merged
sarun87 added a commit to sarun87/k8snetlook that referenced this issue Aug 28, 2020
@sarun87
Use Pid to get netns handle
bfe9bb6 
Issue seen: Unable to find container
Github: vishvananda/netns#27
@stv0g
Copy link
Contributor

stv0g commented Oct 11, 2021

You should be able to get the namespace from /var/run/docker/netns. You can also do ln -s /var/run/docker/netns /var/run/netns and use GetFromName but that just calls GetFromPath in the background, but this is good only if you desire to also be able to control the network namespaces with ip netns (for example if you also run some bash commands on the netns)

My Docker version uses the Docker network sandbox id as identifiers in /var/run/docker/netns. This is not the same as the container id.

E.g.

CONTAINER="my_container"
SANDBOX_ID=$(docker inspect ${CONTAINER} | jq .[0].NetworkSettings.SandboxID[:12])
NETNS=/var/run/docker/netns/${SANDBOX_ID}

@stv0g
Copy link
Contributor

stv0g commented Oct 11, 2021
edited
Loading

Seems like the following is easier

CONTAINER="my_container"
PID=$(docker inspect ${CONTAINER} | jq .[0].State.Pid)
NETNS=/proc/${PID}/ns/net

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stv0g @g00nix @sbezverk