mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
08a6f870ad
When the Nomad client restarts and restores allocations, the network namespace for an allocation may exist but no longer be correctly configured. For example, if the host is rebooted and the task was a Docker task using a pause container, the network namespace may be recreated by the docker daemon. When we restore an allocation, use the CNI "check" command to verify that any existing network namespace matches the expected configuration. This requires CNI plugins of at least version 1.2.0 to avoid a bug in older plugin versions that would cause the check to fail. If the check fails, destroy the network namespace and try to recreate it from scratch once. If that fails in the second pass, fail the restore so that the allocation can be recreated (rather than silently having networking fail). This should fix the gap left #24650 for Docker task drivers and any other drivers with the `MustInitiateNetwork` capability. Fixes: https://github.com/hashicorp/nomad/issues/24292 Ref: https://github.com/hashicorp/nomad/pull/24650
28 lines
1.4 KiB
Plaintext
28 lines
1.4 KiB
Plaintext
Nomad uses CNI plugins to configure network namespaces when using the `bridge`
|
|
network mode. You must install the CNI plugins on all Linux Nomad client nodes
|
|
that use network namespaces. Refer to the [CNI Plugins external
|
|
guide](https://www.cni.dev/plugins/current/) for details on individual plugins.
|
|
|
|
The following series of commands determines your operating system architecture,
|
|
downloads the [CNI 1.6.1
|
|
release](https://github.com/containernetworking/plugins/releases/tag/v1.6.1),
|
|
and then extracts the CNI plugin binaries into the `/opt/cni/bin` directory.
|
|
Update the `CNI_PLUGIN_VERSION` value to use a different release version.
|
|
|
|
```shell-session
|
|
$ export ARCH_CNI=$( [ $(uname -m) = aarch64 ] && echo arm64 || echo amd64)
|
|
$ export CNI_PLUGIN_VERSION=v1.6.1
|
|
$ curl -L -o cni-plugins.tgz "https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-linux-${ARCH_CNI}-${CNI_PLUGIN_VERSION}".tgz && \
|
|
sudo mkdir -p /opt/cni/bin && \
|
|
sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
|
|
```
|
|
|
|
Your Linux distribution's package manager may provide the CNI reference plugins
|
|
but we recommend installing the most recent stable version to ensure you have
|
|
fixes for known bugs shipping in those versions.
|
|
|
|
Nomad looks for CNI plugin binaries by default in the `/opt/cni/bin` directory.
|
|
However, you may install in the binaries in a different directory and then
|
|
configure using the [`cni_path`](/nomad/docs/configuration/client#cni_path)
|
|
attribute.
|