Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent creating host container network #3788

Merged
merged 14 commits into from
Dec 12, 2022
Merged

Prevent creating host container network #3788

Changes from 8 commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
2ad8ede
Prevent creating host container network
hez2010 Mar 25, 2022
0e23f20
Remove redundant empty lines
hez2010 Mar 25, 2022
009830e
Fix invalid knob value fetching
hez2010 Mar 25, 2022
66af14d
Merge branch 'master' into master
DenisRumyantsev Apr 19, 2022
6633191
Merge branch 'master' into master
hez2010 Jun 14, 2022
98a65d0
Merge branch 'master' into master
hez2010 Aug 12, 2022
ee692e9
Merge branch 'master' into master
DenisRumyantsev Aug 22, 2022
ee1b62b
Merge branch 'master' into master
DenisRumyantsev Aug 23, 2022
b71cde4
Merge branch 'master' into master
kirill-ivlev Sep 28, 2022
ebd179d
Merge branch 'master' into master
DenisRumyantsev Dec 1, 2022
f7a2803
Merge branch 'master' into master
DenisRumyantsev Dec 2, 2022
8ccacfa
Merge branch 'master' into master
KonstantinTyukalov Dec 8, 2022
0a94632
Update ContainerOperationProvider.cs
hez2010 Dec 9, 2022
8f00088
Merge branch 'master' into master
KonstantinTyukalov Dec 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 29 additions & 12 deletions src/Agent.Worker/ContainerOperationProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,13 @@ public override void Initialize(IHostContext hostContext)
{
base.Initialize(hostContext);
_dockerManger = HostContext.GetService<IDockerCommandManager>();
_containerNetwork = $"vsts_network_{Guid.NewGuid().ToString("N")}";
_containerNetwork = $"vsts_network_{Guid.NewGuid():N}";
}

private string GetContainerNetwork(IExecutionContext executionContext)
{
var useHostNetwork = AgentKnobs.DockerNetworkCreateDriver.GetValue(executionContext).AsString() == "host";
return useHostNetwork ? "host" : _containerNetwork;
}

public async Task StartContainersAsync(IExecutionContext executionContext, object data)
Expand Down Expand Up @@ -103,8 +109,9 @@ public async Task StartContainersAsync(IExecutionContext executionContext, objec

// Create local docker network for this job to avoid port conflict when multiple agents run on same machine.
// All containers within a job join the same network
await CreateContainerNetworkAsync(executionContext, _containerNetwork);
containers.ForEach(container => container.ContainerNetwork = _containerNetwork);
var containerNetwork = GetContainerNetwork(executionContext);
await CreateContainerNetworkAsync(executionContext, containerNetwork);
containers.ForEach(container => container.ContainerNetwork = containerNetwork);

foreach (var container in containers)
{
Expand Down Expand Up @@ -139,7 +146,8 @@ public async Task StopContainersAsync(IExecutionContext executionContext, object
await StopContainerAsync(executionContext, container);
}
// Remove the container network
await RemoveContainerNetworkAsync(executionContext, _containerNetwork);
var containerNetwork = GetContainerNetwork(executionContext);
await RemoveContainerNetworkAsync(executionContext, containerNetwork);
}

private async Task PullContainerAsync(IExecutionContext executionContext, ContainerInfo container)
Expand Down Expand Up @@ -676,11 +684,16 @@ private async Task CreateContainerNetworkAsync(IExecutionContext executionContex
{
Trace.Entering();
ArgUtil.NotNull(executionContext, nameof(executionContext));
int networkExitCode = await _dockerManger.DockerNetworkCreate(executionContext, network);
if (networkExitCode != 0)

if (network != "host")
{
throw new InvalidOperationException($"Docker network create failed with exit code {networkExitCode}");
int networkExitCode = await _dockerManger.DockerNetworkCreate(executionContext, network);
if (networkExitCode != 0)
{
throw new InvalidOperationException($"Docker network create failed with exit code {networkExitCode}");
}
hez2010 marked this conversation as resolved.
Show resolved Hide resolved
}

// Expose docker network to env
executionContext.Variables.Set(Constants.Variables.Agent.ContainerNetwork, network);
}
Expand All @@ -691,13 +704,17 @@ private async Task RemoveContainerNetworkAsync(IExecutionContext executionContex
ArgUtil.NotNull(executionContext, nameof(executionContext));
ArgUtil.NotNull(network, nameof(network));

executionContext.Output($"Remove container network: {network}");

int removeExitCode = await _dockerManger.DockerNetworkRemove(executionContext, network);
if (removeExitCode != 0)
if (network != "host")
{
executionContext.Warning($"Docker network rm failed with exit code {removeExitCode}");
executionContext.Output($"Remove container network: {network}");

int removeExitCode = await _dockerManger.DockerNetworkRemove(executionContext, network);
if (removeExitCode != 0)
{
executionContext.Warning($"Docker network rm failed with exit code {removeExitCode}");
}
}

// Remove docker network from env
executionContext.Variables.Set(Constants.Variables.Agent.ContainerNetwork, null);
}
Expand Down