This repository has been archived by the owner on Mar 12, 2020. It is now read-only.
forked from ctelfer/docker-ip-util-check
/
ip-util-check
executable file
·102 lines (85 loc) · 3.64 KB
/
ip-util-check
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
#!/bin/bash
export DOCKER_CERT_PATH
export DOCKER_HOST
export DOCKER_TLS_VERIFY
set -e
# Per-network state keyed on network ID
#
declare -A NET2SUB # list of subnets for each overlay network
declare -A NET2CAP # network capacity of each overlay network
declare -A NET2NAME # network name of each overlay network
declare -A NET2NCIP # number of container IP addresses for each overlay network
declare -A NET2NVIP # number of virtual IP addresses for each overlay network
declare -A NET2NNODES # number of nodes where the overlay is currently used
# Report the general IP utilization status of an overlay network
# Args:
# - $1 - network ID to report on
report() {
echo "----"
if [ "${NET2CAP[$1]}" -eq 0 ] ; then
echo "Network ${NET2NAME[$1]}/$1 has no assigned IP addresses"
echo " Network OK"
else
USE=$(( ${NET2NCIP[$1]} + ${NET2NVIP[$1]} )) # how many IPs are currently in use
SAFECAP=$(( ${NET2CAP[$1]} * 75 / 100 )) # safe capacity is the 75% of the whole address space
HDRM=$(( ${NET2CAP[$1]} - $USE - ${NET2NNODES[$1]})) # how many IPs are currently free in the network
echo "Network ${NET2NAME[$1]}/$1 has an IP address capacity of ${NET2CAP[$1]} and uses $USE addresses spanning over ${NET2NNODES[$1]} nodes"
if [ $(( $USE + ${NET2NNODES[$1]} )) -ge ${NET2CAP[$1]} ] ; then
echo " ERROR: network will be over capacity if upgrading Docker Enterprise engine version 18.09 or later"
elif [ $(( $USE + ${NET2NNODES[$1]} )) -ge $SAFECAP ] ; then
echo -n " WARNING: network is using more than the 75% of the total space. "
echo "Remaining only $HDRM IPs after upgrade"
else
echo " Network OK: network will have $(( $SAFECAP - $USE - ${NET2NNODES[$1]} )) available IPs before passing the 75% subnet use"
fi
fi
}
# Gather node, overlay network and service IDs
echo "Gathering basic cluster state"
NNODES=$(docker node ls -q | wc -l)
NODEIDS=$(docker node ls -q)
NETS=$(docker network ls --filter driver=overlay | awk 'NR != 1 && $2 != "ingress" {print $1}')
SVCIDS=$(docker service ls -q)
echo "Gathering overlay network information"
for net in $NETS ; do
networkInspect=$( docker network inspect $net )
NET2NAME[$net]=$(echo $networkInspect | jq -r '.[].Name')
set +e
NET2SUB[$net]=$(echo $networkInspect | jq -r '.[].IPAM.Config[].Subnet' 2>/dev/null)
if [ -z "${NET2SUB[$net]}" ] ; then
NET2SUB[$net]=$(docker network inspect ${NET2NAME[$net]} | jq -r '.[].IPAM.Config[].Subnet' 2>/dev/null)
fi
set -e
NET2CAP[$net]=0
NET2NCIP[$net]=0
NET2NVIP[$net]=0
NET2NNODES[$net]=$( echo $networkInspect | jq -r '.[].Peers | length' )
for sub in ${NET2SUB[$net]} ; do
pfxlen=$(echo $sub | awk -F / '{print $2}')
subcap=$(( (1 << (32 - $pfxlen)) - 3 ))
NET2CAP[$net]=$(( ${NET2CAP[$net]} + $subcap ))
done
done
echo "Counting container IP allocations per network"
for node in $NODEIDS ; do
for task in $(docker node ps -f 'desired-state = running' -q $node) ; do
nets=$(docker inspect $task | jq -r '.[].Spec.Networks[].Target' 2>/dev/null | cut -c 1-12)
for net in $nets; do
NET2NCIP[$net]=$((${NET2NCIP[$net]} + 1))
done
done
done
echo "Counting service VIP allocations per network"
for svc in $SVCIDS ; do
for viprec in $(docker service inspect $svc | jq -rc '.[].Endpoint.VirtualIPs[]' 2>/dev/null); do
net=$(echo "$viprec" | jq -r '.NetworkID' | cut -c 1-12)
addr=$(echo "$viprec" | jq -r '.Addr')
NET2NVIP[$net]=$((${NET2NVIP[$net]} + 1))
done
done
# Report the IP utilization for each overlay network
echo ""
echo "Overlay IP Utilization Report"
for net in $NETS ; do
report $net
done