libnetwork/d/overlay: handle coalesced peer updates

corhere · corhere · commit e1a586a9a78f · 2025-07-22T11:51:18.000-04:00
The eventually-consistent nature of NetworkDB means we cannot depend on
events being received in the same order that they were sent. Nor can we
depend on receiving events for all intermediate states. It is possible
for a series of entry UPDATEs, or a DELETE followed by a CREATE with the
same key, to get coalesced into a single UPDATE event on the receiving
node. Watchers of NetworkDB tables therefore need to be prepared to
gracefully handle arbitrary UPDATEs of a key, including those where the
new value may have nothing in common with the previous value.

The overlay driver naively handled events for overlay_peer_table
assuming that an endpoint leave followed by a rejoin of the same
endpoint would always be expressed as a DELETE event followed by a
CREATE. It would handle a coalesced UPDATE as a CREATE, inserting a new
entry into peerDB without removing the old one. This would
have various side effects, such as having the "transient state" of
multiple entries in peerDB with the same peer IP never settle.

Update driverapi to pass both the previous and new value of a table
entry into the driver. Modify the overlay driver to handle an UPDATE by
removing the previous peer entry from peerDB then adding the new one.
Modify the Windows overlay driver to match.

Signed-off-by: Cory Snider &lt;csnider@mirantis.com&gt;
diff --git a/daemon/libnetwork/agent.go b/daemon/libnetwork/agent.go
@@ -822,25 +822,8 @@ func (n *Network) handleDriverTableEvent(ev events.Event) {
 		return
 	}
 
-	var (
-		etype driverapi.EventType
-		value []byte
-	)
-
 	event := ev.(networkdb.WatchEvent)
-	switch {
-	case event.IsCreate():
-		value = event.Value
-		etype = driverapi.Create
-	case event.IsDelete():
-		value = event.Prev
-		etype = driverapi.Delete
-	case event.IsUpdate():
-		value = event.Value
-		etype = driverapi.Update
-	}
-
-	ed.EventNotify(etype, n.ID(), event.Table, event.Key, value)
+	ed.EventNotify(n.ID(), event.Table, event.Key, event.Prev, event.Value)
 }
 
 func (c *Controller) handleNodeTableEvent(ev events.Event) {
diff --git a/daemon/libnetwork/driverapi/driverapi.go b/daemon/libnetwork/driverapi/driverapi.go
@@ -69,7 +69,7 @@ type TableWatcher interface {
 	// happened on a table of its interest as soon as this node
 	// receives such an event in the gossip layer. This method is
 	// only invoked for the global scope driver.
-	EventNotify(event EventType, nid string, tableName string, key string, value []byte)
+	EventNotify(nid string, tableName string, key string, prev, value []byte)
 
 	// DecodeTableEntry passes the driver a key, value pair from table it registered
 	// with libnetwork. Driver should return {object ID, map[string]string} tuple.
@@ -204,18 +204,6 @@ type IPAMData struct {
 	AuxAddresses map[string]*net.IPNet
 }
 
-// EventType defines a type for the CRUD event
-type EventType uint8
-
-const (
-	// Create event is generated when a table entry is created,
-	Create EventType = 1 + iota
-	// Update event is generated when a table entry is updated.
-	Update
-	// Delete event is generated when a table entry is deleted.
-	Delete
-)
-
 // ObjectType represents the type of object driver wants to store in libnetwork's networkDB
 type ObjectType int
 
diff --git a/daemon/libnetwork/drivers/overlay/joinleave.go b/daemon/libnetwork/drivers/overlay/joinleave.go
@@ -11,7 +11,6 @@ import (
 
 	"github.com/containerd/log"
 	"github.com/docker/docker/daemon/libnetwork/driverapi"
-	"github.com/docker/docker/daemon/libnetwork/internal/hashable"
 	"github.com/docker/docker/daemon/libnetwork/internal/netiputil"
 	"github.com/docker/docker/daemon/libnetwork/netlabel"
 	"github.com/docker/docker/daemon/libnetwork/ns"
@@ -161,41 +160,45 @@ func (d *driver) DecodeTableEntry(tablename string, key string, value []byte) (s
 	}
 }
 
-func (d *driver) EventNotify(etype driverapi.EventType, nid, tableName, key string, value []byte) {
+func (d *driver) EventNotify(nid, tableName, key string, prev, value []byte) {
 	if tableName != OverlayPeerTable {
 		log.G(context.TODO()).Errorf("Unexpected table notification for table %s received", tableName)
 		return
 	}
 
 	eid := key
 
-	var peer PeerRecord
-	if err := proto.Unmarshal(value, &peer); err != nil {
-		log.G(context.TODO()).Errorf("Failed to unmarshal peer record: %v", err)
-		return
-	}
-
-	// Ignore local peers. We already know about them and they
-	// should not be added to vxlan fdb.
-	if addr, _ := netip.ParseAddr(peer.TunnelEndpointIP); addr == d.advertiseAddress {
-		return
+	var prevPeer, newPeer *Peer
+	if prev != nil {
+		var err error
+		prevPeer, err = UnmarshalPeerRecord(prev)
+		if err != nil {
+			log.G(context.TODO()).WithError(err).Error("Failed to unmarshal previous peer record")
+		}
+		if prevPeer.TunnelEndpointIP == d.advertiseAddress {
+			// Ignore local peers. We don't add them to the VXLAN
+			// FDB so don't need to remove them.
+			prevPeer = nil
+		}
 	}
-
-	addr, err := netip.ParsePrefix(peer.EndpointIP)
-	if err != nil {
-		log.G(context.TODO()).WithError(err).Errorf("Invalid peer IP %s received in event notify", peer.EndpointIP)
-		return
+	if value != nil {
+		var err error
+		newPeer, err = UnmarshalPeerRecord(value)
+		if err != nil {
+			log.G(context.TODO()).WithError(err).Error("Failed to unmarshal peer record")
+		}
+		if newPeer.TunnelEndpointIP == d.advertiseAddress {
+			newPeer = nil
+		}
 	}
 
-	mac, err := hashable.ParseMAC(peer.EndpointMAC)
-	if err != nil {
-		log.G(context.TODO()).WithError(err).Errorf("Invalid mac %s received in event notify", peer.EndpointMAC)
+	if prevPeer == nil && newPeer == nil {
+		// Nothing to do! Either the event was for a local peer,
+		// or unmarshaling failed.
 		return
 	}
-
-	vtep, err := netip.ParseAddr(peer.TunnelEndpointIP)
-	if err != nil {
-		log.G(context.TODO()).WithError(err).Errorf("Invalid VTEP %s received in event notify", peer.TunnelEndpointIP)
+	if prevPeer != nil && newPeer != nil && *prevPeer == *newPeer {
+		// The update did not materially change the FDB entry.
 		return
 	}
 
@@ -209,21 +212,23 @@ func (d *driver) EventNotify(etype driverapi.EventType, nid, tableName, key stri
 	}
 	defer unlock()
 
-	var opname string
-	if etype == driverapi.Delete {
-		opname = "delete"
-		err = n.peerDelete(eid, addr, mac, vtep)
-	} else {
-		opname = "add"
-		err = n.peerAdd(eid, addr, mac, vtep)
+	if prevPeer != nil {
+		if err := n.peerDelete(eid, prevPeer.EndpointIP, prevPeer.EndpointMAC, prevPeer.TunnelEndpointIP); err != nil {
+			log.G(context.TODO()).WithFields(log.Fields{
+				"error": err,
+				"nid":   n.id,
+				"peer":  prevPeer,
+			}).Warn("overlay: failed to delete peer entry")
+		}
 	}
-	if err != nil {
-		log.G(context.TODO()).WithFields(log.Fields{
-			"error": err,
-			"nid":   n.id,
-			"peer":  peer,
-			"op":    opname,
-		}).Warn("Peer operation failed")
+	if newPeer != nil {
+		if err := n.peerAdd(eid, newPeer.EndpointIP, newPeer.EndpointMAC, newPeer.TunnelEndpointIP); err != nil {
+			log.G(context.TODO()).WithFields(log.Fields{
+				"error": err,
+				"nid":   n.id,
+				"peer":  newPeer,
+			}).Warn("overlay: failed to add peer entry")
+		}
 	}
 }
 
diff --git a/daemon/libnetwork/drivers/overlay/peer.go b/daemon/libnetwork/drivers/overlay/peer.go
@@ -1,4 +1,42 @@
 package overlay
 
+import (
+	"fmt"
+	"net/netip"
+
+	"github.com/docker/docker/daemon/libnetwork/internal/hashable"
+	"github.com/gogo/protobuf/proto"
+)
+
 // OverlayPeerTable is the NetworkDB table for overlay network peer discovery.
 const OverlayPeerTable = "overlay_peer_table"
+
+type Peer struct {
+	EndpointIP       netip.Prefix
+	EndpointMAC      hashable.MACAddr
+	TunnelEndpointIP netip.Addr
+}
+
+func UnmarshalPeerRecord(data []byte) (*Peer, error) {
+	var pr PeerRecord
+	if err := proto.Unmarshal(data, &pr); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal peer record: %w", err)
+	}
+	var (
+		p   Peer
+		err error
+	)
+	p.EndpointIP, err = netip.ParsePrefix(pr.EndpointIP)
+	if err != nil {
+		return nil, fmt.Errorf("invalid peer IP %q received: %w", pr.EndpointIP, err)
+	}
+	p.EndpointMAC, err = hashable.ParseMAC(pr.EndpointMAC)
+	if err != nil {
+		return nil, fmt.Errorf("invalid MAC %q received: %w", pr.EndpointMAC, err)
+	}
+	p.TunnelEndpointIP, err = netip.ParseAddr(pr.TunnelEndpointIP)
+	if err != nil {
+		return nil, fmt.Errorf("invalid VTEP %q received: %w", pr.TunnelEndpointIP, err)
+	}
+	return &p, nil
+}
diff --git a/daemon/libnetwork/drivers/windows/overlay/joinleave_windows.go b/daemon/libnetwork/drivers/windows/overlay/joinleave_windows.go
@@ -3,12 +3,10 @@ package overlay
 import (
 	"context"
 	"fmt"
-	"net"
 
 	"github.com/containerd/log"
 	"github.com/docker/docker/daemon/libnetwork/driverapi"
 	"github.com/docker/docker/daemon/libnetwork/drivers/overlay"
-	"github.com/docker/docker/daemon/libnetwork/types"
 	"github.com/gogo/protobuf/proto"
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/attribute"
@@ -57,57 +55,70 @@ func (d *driver) Join(ctx context.Context, nid, eid string, sboxKey string, jinf
 	return nil
 }
 
-func (d *driver) EventNotify(etype driverapi.EventType, nid, tableName, key string, value []byte) {
+func (d *driver) EventNotify(nid, tableName, key string, prev, value []byte) {
 	if tableName != overlay.OverlayPeerTable {
 		log.G(context.TODO()).Errorf("Unexpected table notification for table %s received", tableName)
 		return
 	}
 
 	eid := key
 
-	var peer overlay.PeerRecord
-	if err := proto.Unmarshal(value, &peer); err != nil {
-		log.G(context.TODO()).Errorf("Failed to unmarshal peer record: %v", err)
-		return
-	}
-
 	n := d.network(nid)
 	if n == nil {
 		return
 	}
 
-	// Ignore local peers. We already know about them and they
-	// should not be added to vxlan fdb.
-	if peer.TunnelEndpointIP == n.providerAddress {
-		return
-	}
-
-	addr, err := types.ParseCIDR(peer.EndpointIP)
-	if err != nil {
-		log.G(context.TODO()).Errorf("Invalid peer IP %s received in event notify", peer.EndpointIP)
-		return
-	}
-
-	mac, err := net.ParseMAC(peer.EndpointMAC)
-	if err != nil {
-		log.G(context.TODO()).Errorf("Invalid mac %s received in event notify", peer.EndpointMAC)
-		return
-	}
-
-	vtep := net.ParseIP(peer.TunnelEndpointIP)
-	if vtep == nil {
-		log.G(context.TODO()).Errorf("Invalid VTEP %s received in event notify", peer.TunnelEndpointIP)
+	var prevPeer, newPeer *overlay.Peer
+	if prev != nil {
+		var err error
+		prevPeer, err = overlay.UnmarshalPeerRecord(prev)
+		if err != nil {
+			log.G(context.TODO()).WithError(err).Error("Failed to unmarshal previous peer record")
+		}
+		if prevPeer.TunnelEndpointIP.String() == n.providerAddress {
+			// Ignore local peers. We don't add them to the VXLAN
+			// FDB so don't need to remove them.
+			prevPeer = nil
+		}
+	}
+	if value != nil {
+		var err error
+		newPeer, err = overlay.UnmarshalPeerRecord(value)
+		if err != nil {
+			log.G(context.TODO()).WithError(err).Error("Failed to unmarshal peer record")
+		}
+		if prevPeer.TunnelEndpointIP.String() == n.providerAddress {
+			newPeer = nil
+		}
+	}
+
+	if prevPeer == nil && newPeer == nil {
+		// Nothing to do! Either the event was for a local peer,
+		// or unmarshaling failed.
 		return
 	}
-
-	if etype == driverapi.Delete {
-		d.peerDelete(nid, eid, addr.IP, addr.Mask, mac, vtep, true)
+	if prevPeer != nil && newPeer != nil && *prevPeer == *newPeer {
+		// The update did not materially change the FDB entry.
 		return
 	}
 
-	err = d.peerAdd(nid, eid, addr.IP, addr.Mask, mac, vtep, true)
-	if err != nil {
-		log.G(context.TODO()).Errorf("peerAdd failed (%v) for ip %s with mac %s", err, addr.IP.String(), mac.String())
+	if prevPeer != nil {
+		if err := d.peerDelete(nid, eid, prevPeer.EndpointIP.Addr().AsSlice(), true); err != nil {
+			log.G(context.TODO()).WithFields(log.Fields{
+				"error": err,
+				"nid":   n.id,
+				"peer":  prevPeer,
+			}).Warn("overlay: failed to delete peer entry")
+		}
+	}
+	if newPeer != nil {
+		if err := d.peerAdd(nid, eid, newPeer.EndpointIP.Addr().AsSlice(), newPeer.EndpointMAC.AsSlice(), newPeer.TunnelEndpointIP.AsSlice(), true); err != nil {
+			log.G(context.TODO()).WithFields(log.Fields{
+				"error": err,
+				"nid":   n.id,
+				"peer":  newPeer,
+			}).Warn("overlay: failed to add peer entry")
+		}
 	}
 }
 
diff --git a/daemon/libnetwork/drivers/windows/overlay/peerdb_windows.go b/daemon/libnetwork/drivers/windows/overlay/peerdb_windows.go
@@ -12,7 +12,7 @@ import (
 	"github.com/docker/docker/daemon/libnetwork/types"
 )
 
-func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerIPMask net.IPMask, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {
+func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {
 	log.G(context.TODO()).Debugf("WINOVERLAY: Enter peerAdd for ca ip %s with ca mac %s", peerIP.String(), peerMac.String())
 
 	if err := validateID(nid, eid); err != nil {
@@ -82,7 +82,7 @@ func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerIPMask net.IPMask,
 	return nil
 }
 
-func (d *driver) peerDelete(nid, eid string, peerIP net.IP, peerIPMask net.IPMask, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {
+func (d *driver) peerDelete(nid, eid string, peerIP net.IP, updateDb bool) error {
 	log.G(context.TODO()).Infof("WINOVERLAY: Enter peerDelete for endpoint %s and peer ip %s", eid, peerIP.String())
 
 	if err := validateID(nid, eid); err != nil {

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ import (`
`12`	`12`	`"github.com/docker/docker/daemon/libnetwork/types"`
`13`	`13`	`)`
`14`	`14`
`15`		`-func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerIPMask net.IPMask, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {`
	`15`	`+func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {`
`16`	`16`	`log.G(context.TODO()).Debugf("WINOVERLAY: Enter peerAdd for ca ip %s with ca mac %s", peerIP.String(), peerMac.String())`
`17`	`17`
`18`	`18`	`if err := validateID(nid, eid); err != nil {`
`@@ -82,7 +82,7 @@ func (d *driver) peerAdd(nid, eid string, peerIP net.IP, peerIPMask net.IPMask,`
`82`	`82`	`return nil`
`83`	`83`	`}`
`84`	`84`
`85`		`-func (d *driver) peerDelete(nid, eid string, peerIP net.IP, peerIPMask net.IPMask, peerMac net.HardwareAddr, vtep net.IP, updateDb bool) error {`
	`85`	`+func (d *driver) peerDelete(nid, eid string, peerIP net.IP, updateDb bool) error {`
`86`	`86`	`log.G(context.TODO()).Infof("WINOVERLAY: Enter peerDelete for endpoint %s and peer ip %s", eid, peerIP.String())`
`87`	`87`
`88`	`88`	`if err := validateID(nid, eid); err != nil {`