From d1e6cfa6a1bc33a1db4b5c9be8768ec90eba8501 Mon Sep 17 00:00:00 2001 From: Flavio Crisciani Date: Fri, 23 Feb 2018 10:37:12 -0800 Subject: [PATCH] Add an explicit flag to join network in diagnostic Usually a diagnostic session wants to check the local state without this flag the network is joined and left every iteration altering actually the daemon status. Also if the diagnostic client is used against a live node, the network leave has a very bad side effect of kicking the node out of the network killing its internal status. For the above reason introducing the flag -a to be explicit so that the current state is always preserved Signed-off-by: Flavio Crisciani --- libnetwork/cmd/diagnostic/Dockerfile.dind | 1 + libnetwork/cmd/diagnostic/README.md | 14 ++++++++-- libnetwork/cmd/diagnostic/main.go | 32 ++++++++++++++++++----- 3 files changed, 38 insertions(+), 9 deletions(-) diff --git a/libnetwork/cmd/diagnostic/Dockerfile.dind b/libnetwork/cmd/diagnostic/Dockerfile.dind index fa66272168..e0629fa666 100644 --- a/libnetwork/cmd/diagnostic/Dockerfile.dind +++ b/libnetwork/cmd/diagnostic/Dockerfile.dind @@ -1,4 +1,5 @@ FROM docker:17.12-dind RUN apk add --no-cache curl +ENV DIND_CLIENT=true COPY daemon.json /etc/docker/daemon.json COPY diagnosticClient /usr/local/bin/diagnosticClient diff --git a/libnetwork/cmd/diagnostic/README.md b/libnetwork/cmd/diagnostic/README.md index 4c6ce6c35f..417d44747d 100644 --- a/libnetwork/cmd/diagnostic/README.md +++ b/libnetwork/cmd/diagnostic/README.md @@ -199,8 +199,18 @@ The following flags are supported: | -ip | The IP address to query. Defaults to 127.0.0.1. | | -net | The target network ID. | | -port | The target port. (default port is 2000) | +| -a | Join/leave network | | -v | Enable verbose output. | +*NOTE* +By default the tool won't try to join the network. This is following the intent to not change +the state on which the node is when the diagnostic client is run. This means that it is safe +to run the diagnosticClient against a running daemon because it will just dump the current state. +When using instead the diagnosticClient in the containerized version the flag `-a` MUST be passed +to avoid retrieving empty results. On the other side using the `-a` flag against a loaded daemon +will have the undesirable side effect to leave the network and so cutting down the data path for +that daemon. + ### Container version of the diagnostic tool The CLI is provided as a container with a 17.12 engine that needs to run using privileged mode. @@ -242,11 +252,11 @@ Remember to use the full network ID, you can easily find that with `docker netwo **Service discovery and load balancer:** ```bash -$ diagnostiClient -c sd -v -net n8a8ie6tb3wr2e260vxj8ncy4 +$ diagnostiClient -c sd -v -net n8a8ie6tb3wr2e260vxj8ncy4 -a ``` **Overlay network:** ```bash -$ diagnostiClient -port 2001 -c overlay -v -net n8a8ie6tb3wr2e260vxj8ncy4 +$ diagnostiClient -port 2001 -c overlay -v -net n8a8ie6tb3wr2e260vxj8ncy4 -a ``` diff --git a/libnetwork/cmd/diagnostic/main.go b/libnetwork/cmd/diagnostic/main.go index 0f3f559ec5..869089d256 100644 --- a/libnetwork/cmd/diagnostic/main.go +++ b/libnetwork/cmd/diagnostic/main.go @@ -45,6 +45,7 @@ func main() { networkPtr := flag.String("net", "", "target network") tablePtr := flag.String("t", "", "table to process ") remediatePtr := flag.Bool("r", false, "perform remediation deleting orphan entries") + joinPtr := flag.Bool("a", false, "join/leave network") verbosePtr := flag.Bool("v", false, "verbose output") flag.Parse() @@ -53,6 +54,11 @@ func main() { logrus.SetLevel(logrus.DebugLevel) } + if _, ok := os.LookupEnv("DIND_CLIENT"); !ok && *joinPtr { + logrus.Fatal("you are not using the client in docker in docker mode, the use of the -a flag can be disruptive, " + + "please remove it (doc:https://github.com/docker/libnetwork/blob/master/cmd/diagnostic/README.md)") + } + logrus.Infof("Connecting to %s:%d checking ready", *ipPtr, *portPtr) resp, err := http.Get(fmt.Sprintf(readyPath, *ipPtr, *portPtr)) if err != nil { @@ -64,14 +70,20 @@ func main() { var networkPeers map[string]string var joinedNetwork bool if *networkPtr != "" { - logrus.Infof("Joining the network:%s", *networkPtr) - resp, err = http.Get(fmt.Sprintf(joinNetwork, *ipPtr, *portPtr, *networkPtr)) - if err != nil { - logrus.WithError(err).Fatalf("Failed joining the network") + if *joinPtr { + logrus.Infof("Joining the network:%q", *networkPtr) + resp, err = http.Get(fmt.Sprintf(joinNetwork, *ipPtr, *portPtr, *networkPtr)) + if err != nil { + logrus.WithError(err).Fatalf("Failed joining the network") + } + httpIsOk(resp.Body) + joinedNetwork = true } - httpIsOk(resp.Body) + networkPeers = fetchNodePeers(*ipPtr, *portPtr, *networkPtr) - joinedNetwork = true + if len(networkPeers) == 0 { + logrus.Warnf("There is no peer on network %q, check the network ID, and verify that is the non truncated version", *networkPtr) + } } switch *tablePtr { @@ -82,6 +94,7 @@ func main() { } if joinedNetwork { + logrus.Infof("Leaving the network:%q", *networkPtr) resp, err = http.Get(fmt.Sprintf(leaveNetwork, *ipPtr, *portPtr, *networkPtr)) if err != nil { logrus.WithError(err).Fatalf("Failed leaving the network") @@ -91,7 +104,12 @@ func main() { } func fetchNodePeers(ip string, port int, network string) map[string]string { - logrus.Infof("Fetch peers %s", network) + if network == "" { + logrus.Infof("Fetch cluster peers") + } else { + logrus.Infof("Fetch peers network:%q", network) + } + var path string if network != "" { path = fmt.Sprintf(networkPeers, ip, port, network)