podman: better error message required in case error in CNI plugin.

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line) /kind bug

Description

In case of any error in CNI config file, the error message while creating container with network of CNI plugin simply show error CNI network "<network-name>" not found. This error message is confusing for end user.

A better error message will be helpful to understand where actually error is.

Raised by podman end user:

Steps to reproduce the issue:

Create CNI plugin with some error.

$ cat /etc/cni/net.d/77-ipvlan.conflist 
{
    "cniVersion": "0.3.0",
    "name": "myvlan",
    "plugins": [
      {
        "type": "ipvlan",
        "master": "enp1s0", #some comments
        "ipam": {
            "type": "host-local",
            "subnet": "10.88.0.0/16",
            "routes": [
                { "dst": "0.0.0.0/0" }
            ]
        }
     }
    ]
}

create container with myvlan network.

$ sudo podman  run --rm -it --network=myvlan docker.io/library/alpine sh
ERRO[0000] CNI network "myvlan" not found               
Error: error configuring network namespace for container baf2fda585db0cc2c874a4bfc00bca3dd27e8402a18ec8e157124240ca887f29: CNI network "myvlan" not found

To understand complete details of error, users has to run podman create with --log-level-debug option.

DEBU[0000] overlay test mount indicated that metacopy is not being used
DEBU[0000] backingFs=extfs, projectQuotaSupported=false, useNativeDiff=true, usingMetacopy=false
WARN[0000] Error loading CNI config list file /etc/cni/net.d/77-ipvlan.conflist: error parsing configuration list: invalid character '#' looking for beginning of object key string
INFO[0000] Found CNI network podman (type=bridge) at /etc/cni/net.d/87-podman-bridge.conflist
WARN[0000] Error loading CNI config file /etc/cni/net.d/97-podman-macvlan.conf: error parsing configuration: missing 'type'
INFO[0000] Found CNI network lo (type=loopback) at /etc/cni/net.d/99-loopback.conf

Describe the results you received:

ERRO[0000] CNI network "myvlan" not found               
Error: error configuring network namespace for container baf2fda585db0cc2c874a4bfc00bca3dd27e8402a18ec8e157124240ca887f29: CNI network "myvlan" not found

Describe the results you expected: A better error message suggesting where error exist.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

$ podman version
Version:            1.3.0-dev
RemoteAPI Version:  1
Go Version:         go1.12.3
Git Commit:         cb2b019d5debadbe29cba59e93130bd8c562771a-dirty
Built:              Fri Apr 12 10:07:18 2019
OS/Arch:            linux/amd64

Output of podman info --debug:

$ podman info --debug                                                                       
debug:
  compiler: gc
  git commit: cb2b019d5debadbe29cba59e93130bd8c562771a-dirty
  go version: go1.12.3
  podman version: 1.3.0-dev
host:
  BuildahVersion: 1.7.2
  Conmon:
    package: Unknown
    path: /usr/libexec/podman/conmon
    version: 'conmon version 1.14.0-dev, commit: f02fc40ed55504247af4fbf09fd8577d315a6c73'
  Distribution:
    distribution: elementary
    version: "5.0"
  MemFree: 6248939520
  MemTotal: 24985653248
  OCIRuntime:
    package: 'cri-o-runc: /usr/bin/runc'
    path: /usr/bin/runc
    version: 'runc version spec: 1.0.1-dev'
  SwapFree: 2140925952
  SwapTotal: 2147479552
  arch: amd64
  cpus: 8
  hostname: kunal-HP-dev
  kernel: 4.15.0-46-generic
  os: linux
  rootless: true
  uptime: 167h 43m 36.61s (Approximately 6.96 days)
insecure registries:
  registries: []
registries:
  registries:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  ConfigFile: /home/kunal/.config/containers/storage.conf
  ContainerStore:
    number: 0
  GraphDriverName: vfs
  GraphOptions: null
  GraphRoot: /home/kunal/.local/share/containers/storage
  GraphStatus: {}
  ImageStore:
    number: 0
  RunRoot: /run/user/1000/run
  VolumePath: /home/kunal/.local/share/containers/storage/volumes

Additional environment details (AWS, VirtualBox, physical, etc.):

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 17 (9 by maintainers)

Commits related to this issue

display file name of bad cni conf if one of the cni conf files is badly formatted or cannot be loaded, we now display the error as well as the filename. Fixes: #2909 Signed-off-by: Brent Baude <bbau... — committed to baude/podman by baude 4 years ago
display file name of bad cni conf if one of the cni conf files is badly formatted or cannot be loaded, we now display the error as well as the filename. Fixes: #2909 Signed-off-by: Brent Baude <bbau... — committed to baude/podman by baude 4 years ago

Most upvoted comments

If we’re going to start adding podman network commands (and I’m certainly not opposed to doing so), network ls is definitely a good starting point.

mheon on Apr 15, 2019

Will be in 1.5.2

mheon on Aug 27, 2019

It may not be clean to show error messages of CNI config as, all CNI configs are loaded during container create.

If we have some additional commands like podman network ls which can list all valid network possible as result of scanning CNI networks. In case of invalid configurations, showing error message will be easy and not out of context.

This may be also helpful, to understand end user (not familiar with CNI), to see options of network available on system without looking at CNI config path.

kunalkushwaha on Apr 12, 2019