Add check for IP overlap in support.sh

Add a simple check and a summary report for the support script. Report: ==SUMMARY== Processed 3 networks IP overlap found: 1 Processed 167 containers Overlap found: *** OVERLAP on Network 0ewr5iqraa8zv9l4qskp93wxo *** 2 "192.168.1.138", Signed-off-by: Flavio Crisciani <flavio.crisciani@docker.com>
2022-11-09 12:21:53 -05:00 · 2018-03-05 10:14:53 -08:00 · 2018-03-05 10:14:53 -08:00 · cf89f97a14
commit cf89f97a14
parent 9bade4d29c
1 changed files with 26 additions and 1 deletions
--- a/libnetwork/support.sh
+++ b/libnetwork/support.sh
@ -8,6 +8,10 @@ IPTABLES="${IPTABLES:-iptables}"
 IPVSADM="${IPVSADM:-ipvsadm}"
 IP="${IP:-ip}"

+networks=0
+containers=0
+ip_overlap=0
+
 NSDIR=/var/run/docker/netns

 function die {
@ -20,6 +24,18 @@ function echo_and_run {
  eval $(printf '%q ' "$@") < /dev/stdout
 }

+function check_ip_overlap {
+  inspect=$1
+  overlap=$(echo "$inspect_output" | grep "EndpointIP\|VIP" | awk -F ':' '{print $2}' | sort | uniq -c | grep -v "1 ")
+  if [ ! -z "$overlap" ]; then
+    echo -e "\n\n*** OVERLAP on Network ${networkID} ***";
+    echo -e "${overlap} \n\n"
+    ((ip_overlap++))
+  else
+    echo "No overlap"
+  fi
+}
+
 type -P ${DOCKER} > /dev/null || echo "This tool requires the docker binary"
 type -P ${NSENTER} > /dev/null || echo "This tool requires nsenter"
 type -P ${BRIDGE} > /dev/null || echo "This tool requires bridge"
@ -49,7 +65,9 @@ for networkID in $(${DOCKER} network ls --no-trunc --filter driver=overlay -q) "
    echo "nnn Network ${networkID}"
    if [ "${networkID}" != "ingress_sbox" ]; then
        nspath=(${NSDIR}/*-${networkID:0:10})
-        ${DOCKER} network inspect ${NETINSPECT_VERBOSE_SUPPORT} ${networkID}
+        inspect_output=$(${DOCKER} network inspect ${NETINSPECT_VERBOSE_SUPPORT} ${networkID})
+        echo "$inspect_output"
+        check_ip_overlap $inspect_output
    else
        nspath=(${NSDIR}/${networkID})
    fi
@ -62,6 +80,7 @@ for networkID in $(${DOCKER} network ls --no-trunc --filter driver=overlay -q) "
    echo_and_run ${NSENTER} --net=${nspath[0]} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
    echo_and_run ${NSENTER} --net=${nspath[0]} ${IPVSADM} -l -n
    printf "\n"
+    ((networks++))
 done

 echo "Container network configuration"
@ -76,4 +95,10 @@ for containerID in $(${DOCKER} container ls -q); do
    echo_and_run ${NSENTER} --net=${nspath[0]} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
    echo_and_run ${NSENTER} --net=${nspath[0]} ${IPVSADM} -l -n
    printf "\n"
+    ((containers++))
 done
+
+echo -e "\n\n==SUMMARY=="
+echo -e "\t Processed $networks networks"
+echo -e "\t IP overlap found: $ip_overlap"
+echo -e "\t Processed $containers containers"