Created
December 17, 2018 01:35
-
-
Save BSWANG/c87681c2ccbcd79ccc5cfd5155b91412 to your computer and use it in GitHub Desktop.
cleanup cni host local ipam leak
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| exist_container=() | |
| containsElement () { | |
| local e match="$1" | |
| shift | |
| for e; do [[ "$e" == "$match" ]] && return 0; done | |
| return 1 | |
| } | |
| for sandbox in $(docker ps -q --no-trunc --filter label=io.kubernetes.docker.type=podsandbox); do | |
| if docker inspect $sandbox | grep -q SandboxKey; then | |
| sandboxKey=$(docker inspect $sandbox | grep SandboxKey | awk '{print $NF}' | cut -d '"' -f 2) | |
| if [ -z sandboxKey ] || [ "/var/run/docker/netns/default" == "$sandboxKey" ]; then | |
| continue; | |
| fi | |
| exist_container+=($sandbox) | |
| fi | |
| done | |
| for ipfile in `ls /var/lib/cni/networks`; do | |
| if echo $ipfile | grep -q -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'; then | |
| if ! containsElement `cat /var/lib/cni/networks/$ipfile` "${exist_container[@]}"; then | |
| echo "file need to cleanup:" /var/lib/cni/networks/$ipfile | |
| echo "container id:" `cat /var/lib/cni/networks/$ipfile` | |
| if [ "1" == "$AUTO_CLEAN" ]; then | |
| echo "removing: $/var/lib/cni/networks/$ipfile" | |
| rm -f /var/lib/cni/networks/$ipfile | |
| fi | |
| fi | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment