Fix xtables_lock message probe
- iptables pkg functions are coded to discard the xtables_lock error message about acquiring the lock, because all the calls are done with the wait logic. But the error message has slightly changed between iptables 1.4.x and 1.6. This lead to false positives causing docker network create to fil in presence of concurrent calls. - Fixed message mark to be common among the two main versions. Signed-off-by: Alessandro Boch <aboch@docker.com>
This commit is contained in:
parent
afcec80137
commit
e2f0070492
1 changed files with 2 additions and 1 deletions
|
@ -45,6 +45,7 @@ var (
|
||||||
iptablesPath string
|
iptablesPath string
|
||||||
supportsXlock = false
|
supportsXlock = false
|
||||||
supportsCOpt = false
|
supportsCOpt = false
|
||||||
|
xLockWaitMsg = "Another app is currently holding the xtables lock; waiting"
|
||||||
// used to lock iptables commands if xtables lock is not supported
|
// used to lock iptables commands if xtables lock is not supported
|
||||||
bestEffortLock sync.Mutex
|
bestEffortLock sync.Mutex
|
||||||
// ErrIptablesNotFound is returned when the rule is not found.
|
// ErrIptablesNotFound is returned when the rule is not found.
|
||||||
|
@ -402,7 +403,7 @@ func raw(args ...string) ([]byte, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// ignore iptables' message about xtables lock
|
// ignore iptables' message about xtables lock
|
||||||
if strings.Contains(string(output), "waiting for it to exit") {
|
if strings.Contains(string(output), xLockWaitMsg) {
|
||||||
output = []byte("")
|
output = []byte("")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue