CI: network bind: timeout #23263
Comments
|
CNI conflicts should no longer be possible as no CNI code is compiled into the binary as of 5.0. However in this case --network slirp4netns is used which means it does not use the normal rootful netavark firewall rules at all. It is a user mode proxy. The one issue I could see is that nc binds the port on the host after the container sends the data via nc. The easiest thing to do is remove the |
|
I think this is the same failure we're seeing in gating, except that's a hard failure, not a flake. Reproduces easily and on the first try in 1mt: $ # hack/bats 500:"port forward range"
# bats --filter port forward range test/system/500-networking.bats
500-networking.bats
✗ [500] podman run port forward range
port 5355 is in use; trying another.
tags: distro-integration
(from function `basic_teardown' in file test/system/helpers.bash, line 232,
from function `teardown' in test file test/system/helpers.bash, line 242)
`basic_teardown' failed
[15:59:51.554142118] # /root/go/podman/bin/podman info --format {{.Host.Slirp4NetNS.Executable}}
[15:59:51.654975142] /usr/bin/slirp4netns
[15:59:51.824258497] # /root/go/podman/bin/podman run --network bridge -p 5596-5598:5596-5598 -d quay.io/libpod/testimage:20240123 sleep inf
[15:59:52.145671161] c4dbf4902e6569b0b5a52b4671993b1cabccb503f847cee3ec374f647de81714
#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
#| FAIL: ncat unexpected exit code
#| expected: -eq 2
#| actual: 124
#\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
#| FAIL: ncat error message
#| expected: =~ 127.0.0.1:5596: Address already in use
#| actual: ''
#\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[several more times]
#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
#| FAIL: 6 test assertions failed. Search for 'FAIL:' above this line.
#\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^Oof. I think I have it. # nc -l -n -v -p 9012 127.0.0.1
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Listening on 127.0.0.1:31337 <----- this is not 9012
! reorder args, remove -p, put port at end
# nc -l -n -v 127.0.0.1 9012
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Listening on 127.0.0.1:9012 <------ this isStudying some more. Will file PR if this solves it. |
|
I don't think the gating test is related to this at all. |
New flake, started July 11, same day as my local-registry PR (not sure if related, but it seems suspicious). Mostly in
network bind to 127.0.0.1test:...but also in a kube test (weirdly, in
pod rm):Only common factor is
root.My go-to when I see socket hangs is "somehow I've mixed CNI and netavark". It's possible that my local-registry work is doing that because it uses system-installed podman. But, even on f40 and rawhide? And it seems weird, because that tends to hang EVERYTHING, not just intermittent. I will look into it on Monday.
debian-13 : int remote debian-13 root host sqlite [remote]07-11 23:13 in TOP-LEVEL [AfterEach] Podman kube play test with annotation size within limitsThe text was updated successfully, but these errors were encountered: