daemon/libnetwork/drivers/bridge: Check if endpoint data exists in po…#52121
Open
Wang-squirrel wants to merge 1 commit intomoby:masterfrom
Open
daemon/libnetwork/drivers/bridge: Check if endpoint data exists in po…#52121Wang-squirrel wants to merge 1 commit intomoby:masterfrom
Wang-squirrel wants to merge 1 commit intomoby:masterfrom
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In the populateEndpoints function, only the existence of the network corresponding to the bridge-endpoint is checked. We should also ensure that the endpoint data exists; otherwise, ports may be erroneously listened on due to residual bridge-endpoint data. This issue may occur in scenarios where container run or remove processes are abnormal.
otherwise like this:
[root@anolis~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@anolis~]# netstat -tunlp |grep 5000
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 3650/docker-proxy
tcp6 0 0 :::5000 :::* LISTEN 3657/docker-proxy
fixes #52092
- What I did
Prevent mislistening of container ports due to residual data in local-kv.db
- How I did it
Check for the existence of endpoint data associated with the bridge-endpoint before exposing the container port.
- How to verify it