Skip to content

Creating service with publish mode=host and without published port crashes swarm manager #30938

@anton-shirikov

Description

@anton-shirikov

Description

It seems like docker engine crashes when you are creating a service that exposes container port (using mode=host) on a random node port
When providing both target and published port this problem does not occur and container is scheduled immediately.

Steps to reproduce the issue:

  1. run docker service create --name nginx --publish mode=host,target=80 nginx

Describe the results you received:
When running the command memory usage starts to go up until OS runs out of memory and OOM decides to kill docker engine process.
After docker process restarts everything works fine, and the container is scheduled with a random port assigned to it (restarting docker before OOM kills it works fine as well).

It does not show published port on service inspect:

admin@ip-172-31-1-47:~$ docker service inspect --pretty nginx
ID:             nxvndc2nniywikroeg7ebpt5p
Name:           nginx
Service Mode:   Replicated
 Replicas:      1
Placement:
UpdateConfig:
 Parallelism:   1
 On failure:    pause
 Max failure ratio: 0
ContainerSpec:
 Image:         nginx:latest@sha256:f2d384a6ca8ada733df555be3edc427f2e5f285ebf468aae940843de8cf74645
Resources:
Endpoint Mode:  vip
Ports:
 PublishedPort 0
  Protocol = tcp
  TargetPort = 80 

But does on service ps:

admin@ip-172-31-1-47:~$ docker service ps nginx
ID            NAME     IMAGE         NODE            DESIRED STATE  CURRENT STATE           ERROR  PORTS
lwbw4suxil5k  nginx.1  nginx:latest  ip-172-31-1-82  Running        Running 10 minutes ago         *:32770->80/tcp

Describe the results you expected:
Container is scheduled with a random port assigned to it on a worker node without crashing manager's docker engine.

Output of docker version:

Client:
 Version:      1.13.1
 API version:  1.26
 Go version:   go1.7.5
 Git commit:   092cba3
 Built:        Wed Feb  8 06:42:29 2017
 OS/Arch:      linux/amd64

Server:
 Version:      1.13.1
 API version:  1.26 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   092cba3
 Built:        Wed Feb  8 06:42:29 2017
 OS/Arch:      linux/amd64
 Experimental: false

Output of docker info:

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 1.13.1
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: active
 NodeID: j0r7jtwgi2tmwvioytu5ihc74
 Is Manager: true
 ClusterID: xxmtdbgbjtn4590bxaqdz81c5
 Managers: 1
 Nodes: 3
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 3
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
 Node Address: 172.31.1.47
 Manager Addresses:
  172.31.1.47:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1
runc version: 9df8b306d01f59d3a8029be411de015b7304dd8f
init version: 949e6fa
Security Options:
 apparmor
Kernel Version: 4.2.0-040200-generic
Operating System: Ubuntu 14.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 487.2 MiB
Name: ip-172-31-1-47
ID: L4GS:BQCP:TDEH:OT4N:37XO:OV55:STBD:7W2N:G5OW:U6JC:IJAJ:ENHW
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, etc.):
AWS t2.nano instances - 1 swarm manager with availability=drain and 2 worker nodes

Metadata

Metadata

Assignees

Labels

area/swarmkind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.priority/P2Normal priority: default priority applied.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions