From 3f22960b0276e1cc1daf85588d55fe5f0b9f8af2 Mon Sep 17 00:00:00 2001
From: saiwl <saiwl@zhihu.com>
Date: Tue, 6 Jun 2017 12:45:57 +0800
Subject: [PATCH 1/2] Fix possible ports leak after abnormal restarts. Close
 #1790 Signed-off-by: saiwl <wanglu_bx@163.com>

---
 sandbox_store.go | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/sandbox_store.go b/sandbox_store.go
index 38b2bd7e8b..2217758a27 100644
--- a/sandbox_store.go
+++ b/sandbox_store.go
@@ -207,9 +207,36 @@ func (c *controller) sandboxCleanup(activeSandboxes map[string]interface{}) {
 
 	// It's normal for no sandboxes to be found. Just bail out.
 	if err == datastore.ErrKeyNotFound {
+
+		return
+	}
+	// Get all the endpoints
+	endpoints_from_networks := []*endpoint{}
+	nl, err := c.getNetworksForScope(datastore.LocalScope)
+	if err != nil {
+		logrus.Warnf("Could not get list of networks during sandbox cleanup: %v", err)
 		return
 	}
 
+	for _, n := range nl {
+		epl, err := n.getEndpointsFromStore()
+		if err != nil {
+			logrus.Warnf("Could not get list of endpoints in network %s during sandbox cleanup: %v", n.name, err)
+			continue
+		}
+		for _, ep := range epl {
+			ep, err = n.getEndpointFromStore(ep.id)
+			if err != nil {
+				logrus.Warnf("Could not get endpoint in network %s during sandbox cleanup: %v", n.name, err)
+				continue
+			}
+			endpoints_from_networks = append(endpoints_from_networks, ep)
+		}
+	}
+
+	// To store the endpoints already stored in sanbox
+	epMap := make(map[string]int8)
+
 	for _, kvo := range kvol {
 		sbs := kvo.(*sbState)
 
@@ -275,6 +302,17 @@ func (c *controller) sandboxCleanup(activeSandboxes map[string]interface{}) {
 				continue
 			}
 			heap.Push(&sb.endpoints, ep)
+			epMap[ep.id] = 1
+		}
+
+		// If endpoint has sb id, but not in sb eps, push it
+		for _, ep := range endpoints_from_networks {
+			if ep.sandboxID != sb.id {
+				continue
+			}
+			if _, ok := epMap[ep.id]; !ok {
+				heap.Push(&sb.endpoints, ep)
+			}
 		}
 
 		if _, ok := activeSandboxes[sb.ID()]; !ok {

From 8cf1ab0068acef34c385cc6aea6d3fefbdde21c7 Mon Sep 17 00:00:00 2001
From: saiwl <saiwl@zhihu.com>
Date: Tue, 6 Jun 2017 12:53:45 +0800
Subject: [PATCH 2/2] Fix naming. Signed-off-by: saiwl <wanglu_bx@163.com>

---
 sandbox_store.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sandbox_store.go b/sandbox_store.go
index 2217758a27..a1c0505146 100644
--- a/sandbox_store.go
+++ b/sandbox_store.go
@@ -211,7 +211,7 @@ func (c *controller) sandboxCleanup(activeSandboxes map[string]interface{}) {
 		return
 	}
 	// Get all the endpoints
-	endpoints_from_networks := []*endpoint{}
+	endpointsFromNetworks := []*endpoint{}
 	nl, err := c.getNetworksForScope(datastore.LocalScope)
 	if err != nil {
 		logrus.Warnf("Could not get list of networks during sandbox cleanup: %v", err)
@@ -230,7 +230,7 @@ func (c *controller) sandboxCleanup(activeSandboxes map[string]interface{}) {
 				logrus.Warnf("Could not get endpoint in network %s during sandbox cleanup: %v", n.name, err)
 				continue
 			}
-			endpoints_from_networks = append(endpoints_from_networks, ep)
+			endpointsFromNetworks = append(endpointsFromNetworks, ep)
 		}
 	}
 
@@ -306,7 +306,7 @@ func (c *controller) sandboxCleanup(activeSandboxes map[string]interface{}) {
 		}
 
 		// If endpoint has sb id, but not in sb eps, push it
-		for _, ep := range endpoints_from_networks {
+		for _, ep := range endpointsFromNetworks {
 			if ep.sandboxID != sb.id {
 				continue
 			}