[Bug 1362423] [NEW] docker.io inspect shows docker pid as 0

2014-08-27 Thread Alan Robertson 
Public bug reported:

 I'm doing a bunch of testing with dozens to hundreds of Docker
containers.  In the process, I gather the pid, hostname, etc. for each
docker instance as I spawn it so I can control what is going on in those
containers.

Every so often (that is every few thousand containers), I get one which
the State.Pid is 0 - and remains zero.  It seems to happen more often
when I spawn a lot of them (like 200) as fast as I can.

Here's the command I use to get the pid:
docker.io 'inspect' '--format' '{{.State.Pid}}' docker-instance-name

This almost always works, but occasionally it doesn't -- and returns a
line containing only 0.  I retry every second for 100 seconds just in
case it's a transient error.  It's not.

Since it takes a long time to spawn 200 containers and even longer to
shut them down (like 5 seconds each), this *really* puts a kink in my
testing.

Here's the output from my code when it encounters this condition:
.State.Pid is currently zero for instance 
DockerSystem.13183-00107/897886a7ad01 [0]

The string in [] at the end of the line is the contents of what I read
from the docker.io inspect command listed above.  So, it's not an empty
string being treated as or converted to a zero.  It's a 0 string.  The
code I'm using to manage these docker instances is here: http://hg
.linux-ha.org/assimilation/file/tip/cma/systemtests/docker.py


$ docker.io --version
Docker version 0.9.1, build 3600720

I'm running Ubuntu 14.04.

Hopefully all this stuff (and a lot more) showed up in the data gathered
by the ubuntu-bug command.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: docker.io 0.9.1~dfsg1-2
ProcVersionSignature: Ubuntu 3.13.0-32.57-generic 3.13.11.4
Uname: Linux 3.13.0-32-generic x86_64
ApportVersion: 2.14.1-0ubuntu2
Architecture: amd64
Date: Wed Aug 27 22:57:50 2014
InstallationDate: Installed on 2014-04-03 (146 days ago)
InstallationMedia: Ubuntu-Server 14.04 LTS Trusty Tahr - Beta amd64 (20140326)
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=set
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: docker.io
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile..etc.init.docker.io.conf: 2014-06-26T14:53:37.308799

** Affects: docker.io (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug trusty

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to docker.io in Ubuntu.
https://bugs.launchpad.net/bugs/1362423

Title:
  docker.io inspect shows docker pid as 0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1362423/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1327442] [NEW] docker multicast packets origination addresses are mangled

2014-06-06 Thread Alan Robertson 
Public bug reported:

Although I've filed this as a docker bug, it is far more likely to be a
kernel (bridge) bug.  I have enabled nothing extra in terms of docker
networking.   Both of these two

ubuntu72:~/monitor/src/cma $ uname -a
Linux ubuntu72 3.13.0-27-generic #50-Ubuntu SMP Thu May 15 18:06:16 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux
ubuntu72:~/monitor/src/cma $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:Ubuntu 14.04 LTS
Release:14.04
Codename:   trusty

ubuntu72:~/monitor/src/cma $ brctl show docker0
bridge name bridge id   STP enabled interfaces
docker0 8000.d6b7b71c12ab   no  veth3d9d
vetha7dd
vethade0


I have a couple of docker instances.  One is a client with IP address
172.17.0.4, and one a server with address 172.17.0.3.

The client sends out a multicast UDP packet to a certain address
(224.0.2.5) reserved for the use of this software.

The server dutifully listens for the packet, and it receives it.  HOWEVER, the 
source address of the packet is 172.17.42.1 - which is the address of the 
docker interface on the host (and of course, not the proper source address).  
The tcpdump trace of this packet being sent is below:
20:28:39.474887 IP 172.17.42.1.bb  224.0.2.5.bb: UDP, length 713
Needless to say, this is extraordinarily confusing to my software - and when it 
attempts to reply, nothing good happens...
You can see that it gets 'port unreachable' for that attempt to reply (as it 
should).

The subsequent packet sent to the (correct) 0.4 address happens because
that address is in the _content_ of initial multicast packet, and by
then the software is operating on the contents of the packet, not the
(incorrect) origination address..

Below is the full tcpdump trace of what's going on here from the server
perspective:

# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:28:35.933507 IP 7db9eb0e89ee  igmp.mcast.net: igmp v3 report, 1 group 
record(s)
20:28:35.934144 IP 7db9eb0e89ee.42650  10.10.10.20.domain: 18534+ PTR? 
22.0.0.224.in-addr.arpa. (41)
20:28:35.960407 IP 10.10.10.20.domain  7db9eb0e89ee.42650: 18534 1/6/0 PTR 
igmp.mcast.net. (181)
20:28:35.960737 IP 7db9eb0e89ee.47869  10.10.10.20.domain: 19922+ PTR? 
20.10.10.10.in-addr.arpa. (42)
20:28:35.986002 IP 10.10.10.20.domain  7db9eb0e89ee.47869: 19922 0/1/0 (101)
20:28:36.113623 IP 7db9eb0e89ee  igmp.mcast.net: igmp v3 report, 1 group 
record(s)
20:28:39.474887 IP 172.17.42.1.bb  224.0.2.5.bb: UDP, length 713
20:28:39.475003 IP 7db9eb0e89ee.33748  10.10.10.20.domain: 3617+ PTR? 
5.2.0.224.in-addr.arpa. (40)
20:28:39.525434 IP 7db9eb0e89ee.bb  172.17.42.1.bb: UDP, length 1091
20:28:39.525488 IP 172.17.42.1  7db9eb0e89ee: ICMP 172.17.42.1 udp port bb 
unreachable, length 556
20:28:39.529629 IP 7db9eb0e89ee.bb  172.17.0.4.bb: UDP, length 924
20:28:39.545780 IP 172.17.0.4.bb  7db9eb0e89ee.bb: UDP, length 70
20:28:39.568680 IP 10.10.10.20.domain  7db9eb0e89ee.33748: 3617 NXDomain 0/1/0 
(97)
20:28:39.568878 IP 7db9eb0e89ee.44605  10.10.10.20.domain: 47116+ PTR? 
1.42.17.172.in-addr.arpa. (42)
20:28:39.593858 IP 10.10.10.20.domain  7db9eb0e89ee.44605: 47116 0/1/0 (101)
20:28:39.594120 IP 7db9eb0e89ee.36687  10.10.10.20.domain: 20755+ PTR? 
4.0.17.172.in-addr.arpa. (41)
20:28:39.620179 IP 10.10.10.20.domain  7db9eb0e89ee.36687: 20755 0/1/0 (100)
20:28:40.941627 ARP, Request who-has 172.17.42.1 tell 7db9eb0e89ee, length 28
20:28:40.941687 ARP, Reply 172.17.42.1 is-at d6:b7:b7:1c:12:ab (oui Unknown), 
length 28
20:28:41.638772 IP 7db9eb0e89ee.bb  172.17.42.1.bb: UDP, length 1091
20:28:41.638811 IP 172.17.42.1  7db9eb0e89ee: ICMP 172.17.42.1 udp port bb 
unreachable, length 556
20:28:43.639166 IP 7db9eb0e89ee.bb  172.17.42.1.bb: UDP, length 1091
20:28:43.639193 IP 172.17.42.1  7db9eb0e89ee: ICMP 172.17.42.1 udp port bb 
unreachable, length 556

On the client side, the packet was sent correctly (according to tcpdump):
20:48:13.277353 IP 172.17.0.4.bb  224.0.2.5.bb: UDP, length 713

So, somebody somewhere is screwing over my source IP addresses...

This could _conceivably_ be considered a security bug I suppose because
information being misrouted might be security-sensitive, and would be
visible to the wrong party.

Below is some misc networking configuration for the host and the two
containers:

ubuntu72:~/monitor/src/cma $ uname -n; ifconfig; route -n
ubuntu72
docker0   Link encap:Ethernet  HWaddr d6:b7:b7:1c:12:ab  
  inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
  inet6 addr: fe80::e8cd:69ff:feb7:d419/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:786010 errors:0 dropped:0 overruns:0 frame:0
  TX packets:1180631 errors:0 dropped:0

[Bug 511401] Re: netstat doesn't display ipv6 addresses correctly (they are truncated)

2014-06-02 Thread Alan Robertson 
Problem still exists!

# netstat -ntp | grep pidgin
tcp6  0  0 2601:1:ad80:1445::54776  2620:0:861:52:208::6667 ESTABLISHED 
2043/pidgin

This address is  from irc.freenode.net
2620:0:861:52:208:80:155:68

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-tools in Ubuntu.
https://bugs.launchpad.net/bugs/511401

Title:
  netstat doesn't display ipv6 addresses correctly (they are truncated)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/511401/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs