Don't try to remove cleared docker_gwbridge endpoint

If a container is using a docker_gwbridge endpoint as its gateway, when it's connected to another network that provides a gateway, the docker_gwbridge endpoint is removed when that endpoint is added (in a recursive nightmare). So, the "before" gateway for the container has been removed before the new gateway is updateExternalConnectivity'd. Don't pass the old gateway to updateExternalConnectivity in that case, because the network driver's already forgotten about it. Signed-off-by: Rob Murray <rob.murray@docker.com>
2026-01-11 18:51:37 +00:00 · 2025-11-14 17:19:35 +00:00
parent e7d7771bce
commit 1731e9e729
1 changed files with 10 additions and 0 deletions
--- a/daemon/libnetwork/endpoint.go
+++ b/daemon/libnetwork/endpoint.go
@@ -567,6 +567,16 @@ func (ep *Endpoint) sbJoin(ctx context.Context, sb *Sandbox, options ...Endpoint
 		if err := sb.populateNetworkResources(ctx, ep); err != nil {
 			return err
 		}
+
+		// If the old gateway was in the docker_gwbridge network, it's already been removed if
+		// the new endpoint provides a gateway. Don't try to remove it again.
+		if gwepBefore4 != nil && sb.GetEndpoint(gwepBefore4.ID()) == nil {
+			gwepBefore4 = nil
+		}
+		if gwepBefore6 != nil && sb.GetEndpoint(gwepBefore6.ID()) == nil {
+			gwepBefore6 = nil
+		}
+
 		if err := ep.updateExternalConnectivity(ctx, sb, gwepBefore4, gwepBefore6); err != nil {
 			return err
 		}