-
Notifications
You must be signed in to change notification settings - Fork 673
return error in case Weave CNI plug-in fails to perform CmdDel #3638
Conversation
ipam/allocator.go
Outdated
@@ -406,7 +406,7 @@ func (alloc *Allocator) Delete(ident string) error { | |||
func (alloc *Allocator) delete(ident string) error { | |||
cidrs := alloc.removeAllOwned(ident) | |||
if len(cidrs) == 0 { | |||
return fmt.Errorf("Delete: no addresses for %s", ident) | |||
return nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe log this to stderr in case it is of interest to someone debugging?
In the typical case stderr is inherited from kubelet, i.e. the message will show up in the kubelet logs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added debug log.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, sorry, I misread what you'd done. If you want to swallow the error for CNI that code should be in the CNI plugin.
Unless I'm missing the reason why you'd want to do it for every caller?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually this change goes into weaver
process. Either called directly or through CNI plugin, either way to me this method need to be idempotent. Hence suppressing the error here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I'm missing why it needs to be idempotent for every caller.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have restricted the changes to CNI plugin only by ignoring the error. PTAL
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is remarkably ugly 😝 I guess we can go with it.
Did wonder about changing ipam to return 204 for the no-addresses case, but I see it currently returns 204 in every case!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is remarkably ugly
Indeed. Could not think more idiomatic way. Thought of adding a custom error type but call crosses process boundaries.
rebased to 2.5 |
return error in case Weave CNI plug-in fails to perform CmdDel so that kubelet will retry DEL (preventing IP leak)
Also if there are no IP's associated with container iD just return (so that its idempotent) with out raising error. With out this change, if kubelet fails to perform successful ADD, it would perform DEL (as part of cleanup) with containerid. Weave IPAM will return an error as there are no IP's associated, resulting in kubelet performing the operation unsuccessfully (resulting in retry's forever).
Fixes #3587