cni: prevent NPE if no interface has sandbox field set #9648
Conversation
When we iterate over the interfaces returned from CNI setup, we filter for one with the `Sandbox` field set. Ensure that if none of the interfaces has that field set that we still return an available interface.
client/allocrunner/networking_cni.go
Outdated
| // interface has it set | ||
| iface, name := func(r *cni.CNIResult) (iface *cni.Config, name string) { | ||
| for name, iface = range r.Interfaces { | ||
| if iface.Sandbox != "" { |
There was a problem hiding this comment.
Questions to clarify later: should we aim for a deterministic arbitration when multiple interfaces are present? Also, Is it possible to have multiple interfaces with Sandboxes set?
vercel
bot
temporarily deployed
to
Preview – nomad-storybook-and-ui
vercel
bot
temporarily deployed
to
Preview – nomad-storybook-and-ui
|
Added changelog entry. |
| return nil, "" | ||
| }(res) | ||
| } | ||
| if iface == nil { |
There was a problem hiding this comment.
Would iface be nil here? My impression is the original bug is from iface never being set; here it is being set in the loop.
There was a problem hiding this comment.
Right, this isn't for protecting from the original bug, but for hopefully-unlikely situations from third-party plugins like:
res.Interfaces = map[string]*cni.Config{"foo": nil}There was a problem hiding this comment.
Oooh I see, makes sense with the your comment above, thanks!
|
I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions. |
Fixes #9647
When we iterate over the interfaces returned from CNI setup, we filter for one
with the
Sandboxfield set. Ensure that if none of the interfaces has thatfield set that we still return an available interface.