Resolve "bridge fdb show" hang issue
The output of "bridge fdb show" command invoked under a network namespace is unpredicable. Sometime it returns empty, and sometime non-stop rolling output. This perhaps is a bug in kernel and/or iproute2 implementation. To work around, display fdb for each bridge. Signed-off-by: Su Wang <su.wang@docker.com>
This commit is contained in:
parent
141b53c77a
commit
ff27bb0db4
|
@ -11,6 +11,7 @@ RUN apk add --no-cache \
|
||||||
iproute2 \
|
iproute2 \
|
||||||
ipvsadm \
|
ipvsadm \
|
||||||
conntrack-tools \
|
conntrack-tools \
|
||||||
|
jq \
|
||||||
bash
|
bash
|
||||||
|
|
||||||
WORKDIR /bin
|
WORKDIR /bin
|
||||||
|
|
|
@ -18,6 +18,7 @@ IPTABLES="${IPTABLES:-iptables}"
|
||||||
IPVSADM="${IPVSADM:-ipvsadm}"
|
IPVSADM="${IPVSADM:-ipvsadm}"
|
||||||
IP="${IP:-ip}"
|
IP="${IP:-ip}"
|
||||||
SSDBIN="${SSDBIN:-ssd}"
|
SSDBIN="${SSDBIN:-ssd}"
|
||||||
|
JQ="${JQ:-jq}"
|
||||||
|
|
||||||
networks=0
|
networks=0
|
||||||
containers=0
|
containers=0
|
||||||
|
@ -53,6 +54,7 @@ type -P ${BRIDGE} > /dev/null || echo "This tool requires bridge"
|
||||||
type -P ${IPTABLES} > /dev/null || echo "This tool requires iptables"
|
type -P ${IPTABLES} > /dev/null || echo "This tool requires iptables"
|
||||||
type -P ${IPVSADM} > /dev/null || echo "This tool requires ipvsadm"
|
type -P ${IPVSADM} > /dev/null || echo "This tool requires ipvsadm"
|
||||||
type -P ${IP} > /dev/null || echo "This tool requires ip"
|
type -P ${IP} > /dev/null || echo "This tool requires ip"
|
||||||
|
type -P ${JQ} > /dev/null || echo "This tool requires jq"
|
||||||
|
|
||||||
if ${DOCKER} network inspect --help | grep -q -- --verbose; then
|
if ${DOCKER} network inspect --help | grep -q -- --verbose; then
|
||||||
NETINSPECT_VERBOSE_SUPPORT="--verbose"
|
NETINSPECT_VERBOSE_SUPPORT="--verbose"
|
||||||
|
@ -89,7 +91,16 @@ for networkID in $(${DOCKER} network ls --no-trunc --filter driver=overlay -q) "
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IP} -o -4 address show
|
echo_and_run ${NSENTER} --net=${i} ${IP} -o -4 address show
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IP} -4 route show
|
echo_and_run ${NSENTER} --net=${i} ${IP} -4 route show
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IP} -4 neigh show
|
echo_and_run ${NSENTER} --net=${i} ${IP} -4 neigh show
|
||||||
echo_and_run ${NSENTER} --net=${i} ${BRIDGE} fdb show
|
bridges=$(${NSENTER} --net=${i} ${IP} -j link show type bridge | ${JQ} -r '.[].ifname')
|
||||||
|
# break string to array
|
||||||
|
bridges=(${bridges})
|
||||||
|
for b in "${bridges[@]}"
|
||||||
|
do
|
||||||
|
if [ -z ${b} ] || [ ${b} == "null" ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
echo_and_run ${NSENTER} --net=${i} ${BRIDGE} fdb show br ${b}
|
||||||
|
done
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t filter | grep -v '^$'
|
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t filter | grep -v '^$'
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t nat | grep -v '^$'
|
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t nat | grep -v '^$'
|
||||||
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
|
echo_and_run ${NSENTER} --net=${i} ${IPTABLES} -w1 -n -v -L -t mangle | grep -v '^$'
|
||||||
|
|
Loading…
Reference in New Issue