[PATCH 5/8] network: Clean up after inactive objects during start

Martin Kletzander posted 8 patches 1 month, 4 weeks ago
[PATCH 5/8] network: Clean up after inactive objects during start
Posted by Martin Kletzander 1 month, 4 weeks ago
Once networkUpdateState() identifies a dead network it should clean up
after it as well.

Resolves: https://issues.redhat.com/browse/RHEL-50968
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
---
 src/network/bridge_driver.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index e507dcd4c5c9..ebdb39d0743b 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -510,6 +510,12 @@ networkUpdateState(virNetworkObj *obj,
         virNetworkObjSetDnsmasqPid(obj, dnsmasqPid);
     }
 
+    /* Clean up after networks which were active but we have found out they are
+     * actually down */
+    if (!virNetworkObjIsActive(obj)) {
+        networkShutdownNetwork(driver, obj);
+    }
+
     return 0;
 }
 
-- 
2.46.0
Re: [PATCH 5/8] network: Clean up after inactive objects during start
Posted by Laine Stump 1 month, 2 weeks ago
On 9/3/24 10:36 AM, Martin Kletzander wrote:
> Once networkUpdateState() identifies a dead network it should clean up
> after it as well.
> 
> Resolves: https://issues.redhat.com/browse/RHEL-50968
> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
> ---
>   src/network/bridge_driver.c | 6 ++++++
>   1 file changed, 6 insertions(+)
> 
> diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
> index e507dcd4c5c9..ebdb39d0743b 100644
> --- a/src/network/bridge_driver.c
> +++ b/src/network/bridge_driver.c
> @@ -510,6 +510,12 @@ networkUpdateState(virNetworkObj *obj,
>           virNetworkObjSetDnsmasqPid(obj, dnsmasqPid);
>       }
>   
> +    /* Clean up after networks which were active but we have found out they are
> +     * actually down */
> +    if (!virNetworkObjIsActive(obj)) {
> +        networkShutdownNetwork(driver, obj);
> +    }
> +

The good part of this is that it will properly/completely clean up the 
remnants of any network that has somehow failed (e.g. the bridge device 
gets deleted by someone else).

The bad part is that it means we end up calling all of the cleanup stuff 
(e.g. birNetDevBandwidthClear(), deleting the bridge device) even for 
networks that *were* properly shutdown (and so shouldn't have any of 
that stuff done). Aside from taking extra time (especially if someone 
has dozen's of inactive networks), this could be problematic if, for 
example, someone has two virtual networks that they've hand-configured 
to use the same bridge device (but obey their own policy to never start 
both at the same time). I *think* calling networkShutdownNetwork on the 
inactive network then would end up deleting the bridge device that's in 
use by the active network. (Arguably it's not a good idea to have 
configs like that when you could just use different bridge names for 
each, but I can think of at least one esoteric situation where someone 
might want to do it).

Maybe this could be solved by having 3 states instead of 2 - "active" 
(should be working), "inactive" (definitely confirmed down, all teardown 
completed), and "zombie" (something has gone wrong with the network, but 
it hasn't been completely destroyed yet). Then you would only go ahead 
with the Shutdown if the network was "active" or "zombie", but skip it 
if the network was "inactive". Or something like that.


>       return 0;
>   }
>
Re: [PATCH 5/8] network: Clean up after inactive objects during start
Posted by Laine Stump 1 month, 2 weeks ago
Aha! Here's the message that I couldn't find! I accidentally sent it 
from my personal email address, and it showed up only in my personal 
inbox (and not in the libvirt folder).

Anyway, as I said in the reply to 0/8 - completely disregard what I said 
here. Again, I have *no idea* what I thought I saw and how I 
misunderstood it so badly :-/

On 9/16/24 12:02 PM, Laine Stump wrote:
> On 9/3/24 10:36 AM, Martin Kletzander wrote:
>> Once networkUpdateState() identifies a dead network it should clean up
>> after it as well.
>>
>> Resolves: https://issues.redhat.com/browse/RHEL-50968
>> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
>> ---
>>   src/network/bridge_driver.c | 6 ++++++
>>   1 file changed, 6 insertions(+)
>>
>> diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
>> index e507dcd4c5c9..ebdb39d0743b 100644
>> --- a/src/network/bridge_driver.c
>> +++ b/src/network/bridge_driver.c
>> @@ -510,6 +510,12 @@ networkUpdateState(virNetworkObj *obj,
>>           virNetworkObjSetDnsmasqPid(obj, dnsmasqPid);
>>       }
>> +    /* Clean up after networks which were active but we have found 
>> out they are
>> +     * actually down */
>> +    if (!virNetworkObjIsActive(obj)) {
>> +        networkShutdownNetwork(driver, obj);
>> +    }
>> +
> 
> The good part of this is that it will properly/completely clean up the 
> remnants of any network that has somehow failed (e.g. the bridge device 
> gets deleted by someone else).
> 
> The bad part is that it means we end up calling all of the cleanup stuff 
> (e.g. birNetDevBandwidthClear(), deleting the bridge device) even for 
> networks that *were* properly shutdown (and so shouldn't have any of 
> that stuff done). Aside from taking extra time (especially if someone 
> has dozen's of inactive networks), this could be problematic if, for 
> example, someone has two virtual networks that they've hand-configured 
> to use the same bridge device (but obey their own policy to never start 
> both at the same time). I *think* calling networkShutdownNetwork on the 
> inactive network then would end up deleting the bridge device that's in 
> use by the active network. (Arguably it's not a good idea to have 
> configs like that when you could just use different bridge names for 
> each, but I can think of at least one esoteric situation where someone 
> might want to do it).
> 
> Maybe this could be solved by having 3 states instead of 2 - 
> "active" (should be working), "inactive" (definitely confirmed down, all 
> teardown completed), and "zombie" (something has gone wrong with the 
> network, but it hasn't been completely destroyed yet). Then you would 
> only go ahead with the Shutdown if the network was "active" or "zombie", 
> but skip it if the network was "inactive". Or something like that.
> 
> 
>>       return 0;
>>   }
>