Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal: Chained deletions should ignore errors #924

Closed
squeed opened this issue Nov 7, 2022 · 2 comments
Closed

Proposal: Chained deletions should ignore errors #924

squeed opened this issue Nov 7, 2022 · 2 comments
Milestone
CNI v1.1

Comments

@squeed
Copy link
Member

squeed commented Nov 7, 2022

Right now, the spec states that deletion is the same as ADD, but in reverse order, and that, crucially, an error message from a plugin stops the deletion "chain".

This can lead to leaked networks / IPs, especially in the case where some chained plugin has some fatal error.

We would like to change the spec so that deletion is error-tolerant.
@squeed squeed added this to the CNI v1.5 milestone Nov 7, 2022
@mars1024
Copy link
Member

mars1024 commented Nov 8, 2022

Hi @squeed , a little confused, what's the definition of error-tolerant?
I mean if we tolerate the errors coming from the first chained plugins to avoid IP leak, then what about the error from IPAM plugin? Should it be tolerated? If do, then this error will cause IP leak too.

@squeed squeed modified the milestones: CNI v1.5, CNI v1.1 Jan 9, 2023
@squeed
Copy link
Member Author

squeed commented Aug 14, 2023

We thought about this for some time, and we do not want this.

Doing so could lead to, for example, chained plugins receiving a DEL for an IP address that has subsequently been reused by another container. Not good.

@squeed squeed closed this as completed Aug 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
CNI v1.1
Development

No branches or pull requests
2 participants
@squeed @mars1024