We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
moby
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: debcb76939
分支列表 標籤列表
moby
/
libnetwork
/
support
/
support.sh

support.sh 4.7 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. #!/usr/bin/env bash
    2. 

  2. 

  3. while getopts ":s" opt; do
    4. 

  4. 	case $opt in
    5. 

  5. 		s)
    6. 

  6. 			SSD="true"
    7. 

  7. 			;;
    8. 

  8. 	esac
    9. 

  9. done
    10. 

  10. 

  11. SSD="${SSD:-false}"
    12. 

  12. 

  13. # Required tools
    14. 

  14. DOCKER="${DOCKER:-docker}"
    15. 

  15. NSENTER="${NSENTER:-nsenter}"
    16. 

  16. BRIDGE="${BRIDGE:-bridge}"
    17. 

  17. IPTABLES="${IPTABLES:-iptables}"
    18. 

  18. IPVSADM="${IPVSADM:-ipvsadm}"
    19. 

  19. IP="${IP:-ip}"
    20. 

  20. SSDBIN="${SSDBIN:-ssd}"
    21. 

  21. JQ="${JQ:-jq}"
    22. 

  22. 

  23. networks=0
    24. 

  24. containers=0
    25. 

  25. ip_overlap=0
    26. 

  26. 

  27. NSDIR=/var/run/docker/netns
    28. 

  28. 

  29. function die() {
    30. 

  30. 	echo $*
    31. 

  31. 	exit 1
    32. 

  32. }
    33. 

  33. 

  34. function echo_and_run() {
    35. 

  35. 	echo "#" "$@"
    36. 

  36. 	eval $(printf '%q ' "$@") < /dev/stdout
    37. 

  37. }
    38. 

  38. 

  39. function check_ip_overlap() {
    40. 

  40. 	inspect=$1
    41. 

  41. 	overlap=$(echo "$inspect_output" | grep "EndpointIP\|VIP" | cut -d':' -f2 | sort | uniq -c | grep -v "1 ")
    42. 

  42. 	if [ ! -z "$overlap" ]; then
    43. 

  43. 		echo -e "\n\n*** OVERLAP on Network ${networkID} ***"
    44. 

  44. 		echo -e "${overlap} \n\n"
    45. 

  45. 		((ip_overlap++))
    46. 

  46. 	else
    47. 

  47. 		echo "No overlap"
    48. 

  48. 	fi
    49. 

  49. }
    50. 

  50. 

  51. type -P ${DOCKER} > /dev/null || echo "This tool requires the docker binary"
    52. 

  52. type -P ${NSENTER} > /dev/null || echo "This tool requires nsenter"
    53. 

  53. type -P ${BRIDGE} > /dev/null || echo "This tool requires bridge"
    54. 

  54. type -P ${IPTABLES} > /dev/null || echo "This tool requires iptables"
    55. 

  55. type -P ${IPVSADM} > /dev/null || echo "This tool requires ipvsadm"
    56. 

  56. type -P ${IP} > /dev/null || echo "This tool requires ip"
    57. 

  57. type -P ${JQ} > /dev/null || echo "This tool requires jq"
    58. 

  58. 

  59. if ${DOCKER} network inspect --help | grep -q -- --verbose; then
    60. 

  60. 	NETINSPECT_VERBOSE_SUPPORT="--verbose"
    61. 

  61. else
    62. 

  62. 	NETINSPECT_VERBOSE_SUPPORT=""
    63. 

  63. fi
    64. 

  64. 

  65. echo "Host iptables"
    66. 

  66. echo_and_run ${IPTABLES} -w1 -n -v -L -t filter | grep -v '^$'
    67. 

  67. echo_and_run ${IPTABLES} -w1 -n -v -L -t nat | grep -v '^$'
    68. 

  68. echo_and_run ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
    69. 

  69. printf "\n"
    70. 

  70. 

  71. echo "Host links addresses and routes"
    72. 

  72. echo_and_run ${IP} -o link show
    73. 

  73. echo_and_run ${IP} -o -4 address show
    74. 

  74. echo_and_run ${IP} -4 route show
    75. 

  75. printf "\n"
    76. 

  76. 

  77. echo "Overlay network configuration"
    78. 

  78. for networkID in $(${DOCKER} network ls --no-trunc --filter driver=overlay -q) "ingress_sbox"; do
    79. 

  79. 	echo "nnn Network ${networkID}"
    80. 

  80. 	if [ "${networkID}" != "ingress_sbox" ]; then
    81. 

  81. 		nspath=($(ls ${NSDIR}/*${networkID:0:9}*))
    82. 

  82. 		inspect_output=$(${DOCKER} network inspect ${NETINSPECT_VERBOSE_SUPPORT} ${networkID})
    83. 

  83. 		echo "$inspect_output"
    84. 

  84. 		check_ip_overlap $inspect_output
    85. 

  85. 	else
    86. 

  86. 		nspath=(${NSDIR}/${networkID})
    87. 

  87. 	fi
    88. 

  88. 

  89. 	for i in "${nspath[@]}"; do
    90. 

  90. 		echo_and_run ${NSENTER} --net=${i} ${IP} -o -4 address show
    91. 

  91. 		echo_and_run ${NSENTER} --net=${i} ${IP} -4 route show
    92. 

  92. 		echo_and_run ${NSENTER} --net=${i} ${IP} -4 neigh show
    93. 

  93. 		bridges=$(${NSENTER} --net=${i} ${IP} -j link show type bridge | ${JQ} -r '.[].ifname')
    94. 

  94. 		# break string to array
    95. 

  95. 		bridges=(${bridges})
    96. 

  96. 		for b in "${bridges[@]}"; do
    97. 

  97. 			if [ -z ${b} ] || [ ${b} == "null" ]; then
    98. 

  98. 				continue
    99. 

  99. 			fi
    100. 

  100. 			echo_and_run ${NSENTER} --net=${i} ${BRIDGE} fdb show br ${b}
    101. 

  101. 		done
    102. 

  102. 		echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t filter | grep -v '^$'
    103. 

  103. 		echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t nat | grep -v '^$'
    104. 

  104. 		echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
    105. 

  105. 		echo_and_run ${NSENTER} --net=${i} ${IPVSADM} -l -n
    106. 

  106. 		printf "\n"
    107. 

  107. 		((networks++))
    108. 

  108. 	done
    109. 

  109. done
    110. 

  110. 

  111. echo "Container network configuration"
    112. 

  112. while read containerID status; do
    113. 

  113. 	echo "ccc Container ${containerID} state: ${status}"
    114. 

  114. 	${DOCKER} container inspect ${containerID} --format 'Name:{{json .Name | printf "%s\n"}}Id:{{json .Id | printf "%s\n"}}Hostname:{{json .Config.Hostname | printf "%s\n"}}CreatedAt:{{json .Created | printf "%s\n"}}State:{{json .State|printf "%s\n"}}RestartCount:{{json .RestartCount | printf "%s\n" }}Labels:{{json .Config.Labels | printf "%s\n"}}NetworkSettings:{{json .NetworkSettings}}' | sed '/^State:/ {s/\\"/QUOTE/g; s/,"Output":"[^"]*"//g;}'
    115. 

  115. 	if [ ${status} = "Up" ]; then
    116. 

  116. 		nspath=$(docker container inspect --format {{.NetworkSettings.SandboxKey}} ${containerID})
    117. 

  117. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IP} -o -4 address show
    118. 

  118. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IP} -4 route show
    119. 

  119. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IP} -4 neigh show
    120. 

  120. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IPTABLES} -w1 -n -v -L -t nat | grep -v '^$'
    121. 

  121. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
    122. 

  122. 		echo_and_run ${NSENTER} --net=${nspath[0]} ${IPVSADM} -l -n
    123. 

  123. 		((containers++))
    124. 

  124. 	fi
    125. 

  125. 	printf "\n"
    126. 

  126. done < <(${DOCKER} container ls -a --format '{{.ID}} {{.Status}}' | cut -d' ' -f1,2)
    127. 

  127. 

  128. if [ "true" == ${SSD} ]; then
    129. 

  129. 	echo ""
    130. 

  130. 	echo "#### SSD control-plane and datapath consistency check on a node ####"
    131. 

  131. 	for netName in $(docker network ls -f driver=overlay --format "{{.Name}}"); do
    132. 

  132. 		echo "## $netName ##"
    133. 

  133. 		${SSDBIN} $netName
    134. 

  134. 		echo ""
    135. 

  135. 	done
    136. 

  136. fi
    137. 

  137. 

  138. echo -e "\n\n==SUMMARY=="
    139. 

  139. echo -e "\t Processed $networks networks"
    140. 

  140. echo -e "\t IP overlap found: $ip_overlap"
    141. 

  141. echo -e "\t Processed $containers running containers"
    142.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5