weave icon indicating copy to clipboard operation
weave copied to clipboard

Published 20 hours ago verified publisher icon weaveworks

Duplicate IP resulting from incorrect PID namespace

Open BRONSOLO opened this issue 9 months ago • 0 comments

What you expected to happen?

weaver detects/claims pre-existing IPs attached to the weave bridge on node via https://github.com/weaveworks/weave/blob/8c8476381d48820891356497bfcee6337e99a401/prog/weaver/reclaim.go#L26

What happened?

weaver stopped using the host process namespace (via hotsPID) as of https://github.com/weaveworks/weave/pull/3876, which was needed for detecting devices via the peer ids / process ids here: https://github.com/weaveworks/weave/blob/8c8476381d48820891356497bfcee6337e99a401/prog/weaver/reclaim.go#L84.

Specifically, given the change of #3876, the following command only detects processes within the PID namespace of the weave-net pod: https://github.com/weaveworks/weave/blob/8c8476381d48820891356497bfcee6337e99a401/prog/weaver/reclaim.go#L79

How to reproduce it?

  • Move the boltdb file so that the persisted data gets cleared
  • Rotate the weave-net pod in the kube-system namespace
  • Rotate any pod once the weave-net pod comes back up
  • Notice how the IP assigned to the pod has already been assigned to another pod on the cluster

Anything else we need to know?

This is specifically for weave running on k8s.

Versions:

weave version 2.8.1

BRONSOLO avatar Apr 29 '24 20:04 BRONSOLO