Skip to content

ipam: Protect release from releasing alive IP #10066

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 6, 2020
Merged

ipam: Protect release from releasing alive IP #10066

merged 1 commit into from
Feb 6, 2020

Conversation

tgraf
Copy link
Member

@tgraf tgraf commented Feb 5, 2020
edited
Loading

It has been observed that kubelet calls CNI DELETE multiple times with
potentially stale CNI result information. This can lead to a race condition
where the initial CNI DELETE properly releases the IP in use which then gets
reused by a different pod. Any subsequent CNI DELETE with the stale IP will
then cause the IP of the live pod to be released. While the pod will continue
to function, the next scheduled pod will attempt to use that IP and
continuously fail to be scheduled due to a IP in use error.

This is a regression of commit ab61853 which introduced the ability for CNI
DELETE to release an IP even if the endpoint deletion fails which is required
to fix the race condition when the CNI binary gets killed in between allocating
an IP and creating the endpoint.

Fixes: ab61853 ("cni: Release IP even when endpoint deletion fails")
Fixes: #10065

This change is Reviewable

@tgraf
ipam: Protect release from releasing alive IP
a9e5656 
It has been observed that kubelet calls CNI DELETE multiple times with
potentially stale CNI result information. This can lead to a race condition
where the initial CNI DELETE properly releases the IP in use which then gets
reused by a different pod. Any subsequent CNI DELETE with the stale IP will
then cause the IP of the live pod to be released. While the pod will continue
to function, the next scheduled pod will attempt to use that IP and
continuously fail to be scheduled due to a IP in use error.

This is a regression of commit ab61853 which introduced the ability for CNI
DELETE to release an IP even if the endpoint deletion fails which is required
to fix the race condition when the CNI binary gets killed in between allocating
an IP and creating the endpoint.

Fixes: ab61853 ("cni: Release IP even when endpoint deletion fails")
Fixes: #10065

Signed-off-by: Thomas Graf <thomas@cilium.io>
@tgraf tgraf added kind/bug This is a bug in the Cilium logic. pending-review release-note/bug This PR fixes an issue in a previous release of Cilium. labels Feb 5, 2020
@tgraf tgraf requested a review from a team February 5, 2020 15:37
@tgraf
Copy link
Member Author

tgraf commented Feb 5, 2020

test-me-please

@coveralls
Copy link

Coverage Status

Coverage increased (+0.03%) to 44.712% when pulling a9e5656 on pr/tgraf/ipam-release-protection into 161fcd4 on master.

@aanm aanm added this to the 1.7 milestone Feb 5, 2020
@ungureanuvladvictor
Copy link
Member

test-me-please

@aanm aanm merged commit 4890a15 into master Feb 6, 2020
@aanm aanm deleted the pr/tgraf/ipam-release-protection branch February 6, 2020 05:19
@borkmann borkmann mentioned this pull request Feb 7, 2020
Merged
@aanm aanm mentioned this pull request Feb 7, 2020
Merged
@raybejjani raybejjani mentioned this pull request Feb 11, 2020
Merged
@jrfastab
Copy link
Contributor

@raybejjani Looks like this is already backported? Did we just forget to update tags?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aanm aanm aanm approved these changes

Assignees
No one assigned
Labels
kind/bug This is a bug in the Cilium logic. release-note/bug This PR fixes an issue in a previous release of Cilium.
Projects
None yet
Milestone
1.7
Development

Successfully merging this pull request may close these issues.

Alive IP can be released if CNI DELETE is called with stale result
7 participants
@tgraf @coveralls @ungureanuvladvictor @jrfastab @aanm @borkmann @joestringer