Output network attachment task information #35246
Conversation
dperny
force-pushed
the
attachment-inspect
branch
4 times, most recently
from
82d615f to
d03df03
Compare
|
Failure are unrelated to the PR. |
yongtang
added
status/2-code-review
rebuild/experimental
and removed
status/0-triage
labels
|
🎉 It's green 🎉 |
api/types/swarm/task.go
Outdated
| // AttachmentSpec will be used when the `Runtime` field is set to `attachment` | ||
| ContainerSpec *ContainerSpec `json:",omitempty"` | ||
| PluginSpec *runtime.PluginSpec `json:",omitempty"` | ||
| NetworkAttachmentSpec *NetworkAttachmentSpec `json:",omitempty"` |
There was a problem hiding this comment.
I think we may need to error out on swarm create/update if it includes a NetworkAttachmentSpec?
There was a problem hiding this comment.
Should we have a separate type for inspect vs create? I know we're reusing some types at various locations (sometimes resulting in information being shown that happens to be there, but is not needed)
There was a problem hiding this comment.
I don't think a separate type is such a good idea. This is the task spec, having the task spec in the inspect output I think is hugely important.
|
Putting this in design review as it's an API change with a few potential implications. |
|
@dperny would it be possible to have the error message show the container id instead of the task if it's a container that's attached to the network? |
|
Also needs an update to the swagger.yml |
|
Does not need an update for creation and deletion, because it will already fail with an appropriate error, see: https://github.com/moby/moby/blob/master/daemon/cluster/convert/service.go#L202-L203 |
dperny
force-pushed
the
attachment-inspect
branch
from
d03df03 to
f0710f2
Compare
|
@cpuguy83 updated to prevent write operations with network attachment runtime specs. Also fixed some edge cases in runtime type conversion in the process. |
dperny
force-pushed
the
attachment-inspect
branch
from
f0710f2 to
8a9f230
Compare
|
CI failing on a godoc; |
dperny
force-pushed
the
attachment-inspect
branch
2 times, most recently
from
9f220c7 to
bce0158
Compare
GordonTheTurtle
removed
the
dco/no
|
rebased. |
daemon/cluster/convert/service.go
Outdated
| } | ||
| case types.RuntimeNetworkAttachment: | ||
| // agree to parse this runtime type, but it's not actually valid to | ||
| // create a service with this runtime type. but that logic is someone |
There was a problem hiding this comment.
whose responsibility is it? do we check for this situation? (because this looks to be the code you referred to to produce a proper error in #35246 (comment))
|
Thanks for the reminder @thaJeztah. I've fixed your comment and rebased. Sorry about the poor attention. |
dperny
force-pushed
the
attachment-inspect
branch
2 times, most recently
from
31369fd to
6718b44
Compare
There was a problem hiding this comment.
LGTM, but can you also add a note in the API version history; https://github.com/moby/moby/blob/master/docs/api/version-history.md ?
Adds functionality to parse and return network attachment spec information. Network attachment tasks are phony tasks created in swarmkit to deal with unmanaged containers attached to swarmkit. Before this change, attempting `docker inspect` on the task id of a network attachment task would result in an empty task object. After this change, a full task object is returned Fixes moby#26548 the correct way. Signed-off-by: Drew Erny <drew.erny@docker.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
api/types/swarm/task.go
Outdated
| @@ -56,10 +56,12 @@ type Task struct { | |||
|
|
|||
| // TaskSpec represents the spec of a task. | |||
| type TaskSpec struct { | |||
| // ContainerSpec and PluginSpec are mutually exclusive. | |||
| // ContainerSpec, AttachmentSpec and PluginSpec are mutually exclusive. | |||
There was a problem hiding this comment.
s/AttachmentSpec/NetworkAttachmentSpec/`
api/types/swarm/task.go
Outdated
| // PluginSpec will only be used when the `Runtime` field is set to `plugin` | ||
| ContainerSpec *ContainerSpec `json:",omitempty"` | ||
| PluginSpec *runtime.PluginSpec `json:",omitempty"` | ||
| // AttachmentSpec will be used when the `Runtime` field is set to `attachment` |
There was a problem hiding this comment.
s/AttachmentSpec/NetworkAttachmentSpec/`
api/swagger.yaml
Outdated
| @@ -2683,6 +2683,13 @@ definitions: | |||
| - "default" | |||
| - "process" | |||
| - "hyperv" | |||
| NetworkAttachmentSpec: | |||
| description: "Read-only spec type for non-swarm containers attached to swarm overlay networks" | |||
There was a problem hiding this comment.
Think we can use a common description for these being mutually exclusive (let me add a commit to address that)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
force-pushed
the
attachment-inspect
branch
from
6718b44 to
3682703
Compare
| > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are | ||
| > mutually exclusive. PluginSpec is only used when the Runtime field | ||
| > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime | ||
| > field is set to `attachment`. |
There was a problem hiding this comment.
@dperny I took this description from the type godoc; let me know if you think these look correct
|
Arf... Windows cleanup script before CI started hung |
Codecov Report
@@ Coverage Diff @@
## master #35246 +/- ##
==========================================
+ Coverage 35.04% 35.05% +<.01%
==========================================
Files 615 615
Lines 45813 45829 +16
==========================================
+ Hits 16057 16066 +9
- Misses 27646 27651 +5
- Partials 2110 2112 +2 |
- What I did
Network attachment tasks are phony tasks created in swarmkit to deal with unmanaged containers attached to swarmkit. Before this change, attempting
docker inspecton the task id of a network attachment task would result in an empty task object. After this change, a full task object is returnedFixes #26548 the correct way.
Fixes #36498
- How I did it
Adds functionality to parse and return network attachment spec information.
- How to verify it
docker network create --driver overlay --attachable testnetdocker run -d --network testnet nginxdocker network rm testnet. Note that it will return an error because the network is in use, and that error will include a task id.docker inspectthe task id from the previous spec.Before this change, the output of the inspect will be an empty task.
After this change, the output will be a full task object, including the ID of the container that this task represents.
- Description for the changelog
Running
docker inspecton network attachment tasks now returns a full task object