Comments (5)
Taking a deeper look, I believe the issue I'm seeing is right around her: https://github.com/lyft/metadataproxy/blob/master/metadataproxy/roles.py#L92
if ip in CONTAINER_MAPPING:
log.info('Container id for IP {0} in cache'.format(ip))
try:
with PrintingBlockTimer('Container inspect'):
container = client.inspect_container(CONTAINER_MAPPING[ip])
return container
except docker.errors.NotFound:
msg = 'Container id {0} no longer mapped to {1}'
log.error(msg.format(CONTAINER_MAPPING[ip], ip))
del CONTAINER_MAPPING[ip]
On this line, when it does the inspect_container, the container technically still exists (it's just stopped), so the except case won't get invoked if I'm correct. Probably just need to add a couple of lines to sanity check that the IP address is still assigned to that container upon docker inspect, and that the container is still running. If neither case is true, just let it continue with the remainder of the workflow and update the caches accordingly.
from metadataproxy.
p.s. - looking forward to another pair of eyes on this. I am still pretty new to this one and could be completely wrong
from metadataproxy.
I was just looking at the same lines of code and thinking "I wonder if the container still exists...". It looks like we should be checking the container's state, rather than just relying on it existing or not existing. Good find. I'll try to get a fix in for this soon!
from metadataproxy.
If you'd like to fix this before I get to it, send in a PR. I'd be happy to merge. We do have a CLA that needs to be accepted first though: https://oss.lyft.com/cla
from metadataproxy.
If nobody beats me to it, when I get back from my long weekend, I'll take a stab at it early next week. Thank you!
from metadataproxy.
Related Issues (20)
- Cannot match ip to swarm container HOT 1
- docker-py - pretty old package, switch to docker one
- Kubernetes IP address belongs to pod, not container HOT 6
- Logging not working from flask HOT 2
- Error when creating trust policy HOT 5
- RFC: Using metadataproxy for non-container workloads HOT 9
- Setting environment variable on running container is not working HOT 2
- Config file not being used? HOT 4
- Principals used for Docker Container Role Trust Not Appropriate HOT 3
- ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: User: is not authorized to perform: sts:AssumeRole on resource HOT 11
- Curl hangs on 169.254.169.254 HOT 11
- Boto3 cannot find credentials when using AWS_PROFILE env var HOT 1
- container launched with --net=host getting EC2 host credentials HOT 10
- Mock URI for determining availability-zone is incorrect HOT 1
- DEFAULT_ROLE cannot be an ARN HOT 4
- Support for mesos containeriser not available HOT 3
- Cannot find container ip when using host-mode networking HOT 4
- The role expiration check should be configurable, and 15 minutes at minimum HOT 2
- FileExistsError is not defined in python 2.x HOT 3
- IMDSv2 : PUT method is not supporting for http://169.254.169.254/latest/api/token HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from metadataproxy.