Skip to content
This repository has been archived by the owner on Feb 24, 2020. It is now read-only.

*: recipe for running acbuild in container #86

Open
jonboulle opened this issue Oct 30, 2015 · 9 comments
Open

*: recipe for running acbuild in container #86

jonboulle opened this issue Oct 30, 2015 · 9 comments

Comments

@jonboulle
Copy link
Contributor

We should have acbuild packaged in an ACI and then be able to invoke it using any appc runtime, e.g. rkt. I expect this would just mount in the user's project/asset directly to a known location (/data or whatever) and then run the script they pass to it.

For example with rkt this might look like:

$ ls
app.js
build-nodejs.sh
$ rkt run --volume data,kind=host,source=$(pwd) appc.io/acbuild ./build-nodejs.sh

Where "data" would be defined as a mountpoint in the appc.io/acbuild image.
Then this would output the ACI in the same directory.

$ ls
app.js
build-nodejs.sh
nodejs-latest-linux-amd64.aci
@cgonyeo
Copy link
Member

cgonyeo commented Nov 2, 2015

In a fedora 22 container:

[root@rkt-a29fb369-a1dd-498d-863f-5de4eb5fe7f7 /]# systemd-nspawn
Not running on a systemd system.

Perhaps once alternate execution environments is implemented this will be possible, but it doesn't look like this is feasible with the current state of acbuild.

@jonboulle
Copy link
Contributor Author

@dgonyeo how about a container based on CoreOS or something to pick up a more modern systemd-nspawn? That check was removed a while ago: systemd/systemd@4f923a1

@cgonyeo
Copy link
Member

cgonyeo commented Nov 3, 2015

I made a container out of coreos_developer_container.bin.bz2 from http://alpha.release.core-os.net/amd64-usr/current/, but when I attempt to run the nginx example in it I get the following:

root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild begin
root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild dep add quay.io/coreos/alpine-sh
root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild run -- apk update
Downloading quay.io/coreos/alpine-sh: [========================] 2.65 MB/2.65 MB
Failed to open system bus: No such file or directory
Failed to create directory /root/.acbuild/target/sys/fs/selinux: Read-only file system
Failed to create directory /root/.acbuild/target/sys/fs/selinux: Read-only file system
/etc/localtime is not a symlink, not updating container timezone.
Failed to copy /etc/resolv.conf to /root/.acbuild/target/etc/resolv.conf: No such device or address
Attempted to remove disk file system, and we can't allow that.
run: exit status 1

Any clue what's going on here? I can't figure out why it would be a read-only file system.

@jonboulle
Copy link
Contributor Author

Weird. Can you narrow it down to an explicit systemd nspawn invocation case
to reproduce?

On Tue, Nov 3, 2015, 19:40 Derek Gonyeo [email protected] wrote:

I made a container out of coreos_developer_container.bin.bz2 from
http://alpha.release.core-os.net/amd64-usr/current/, but when I attempt
to run the nginx example in it I get the following:

root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild begin
root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild dep add quay.io/coreos/alpine-sh
root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # acbuild run -- apk update
Downloading quay.io/coreos/alpine-sh: [========================] 2.65 MB/2.65 MB
Failed to open system bus: No such file or directory
Failed to create directory /root/.acbuild/target/sys/fs/selinux: Read-only file system
Failed to create directory /root/.acbuild/target/sys/fs/selinux: Read-only file system
/etc/localtime is not a symlink, not updating container timezone.
Failed to copy /etc/resolv.conf to /root/.acbuild/target/etc/resolv.conf: No such device or address
Attempted to remove disk file system, and we can't allow that.
run: exit status 1

Any clue what's going on here? I can't figure out why it would be a
read-only file system.


Reply to this email directly or view it on GitHub
#86 (comment).

@cgonyeo
Copy link
Member

cgonyeo commented Nov 3, 2015

Yup. The directory I'm pointing systemd-nspawn at here is the rootfs from quay.io/coreos/alpine-sh.

root@rkt-98235c83-868a-48a4-8d17-8ce7dd5da102 ~ # systemd-nspawn -D ./rootfs/ /sbin/apk update   
Spawning container rootfs on /root/rootfs.
Press ^] three times within 1s to kill container.
Failed to open system bus: No such file or directory
Failed to create directory /root/rootfs/sys/fs/selinux: Read-only file system
Failed to create directory /root/rootfs/sys/fs/selinux: Read-only file system
/etc/localtime is not a symlink, not updating container timezone.
Attempted to remove disk file system, and we can't allow that.

@cgonyeo
Copy link
Member

cgonyeo commented Nov 3, 2015

I just tried this in an ACI made out of gentoo's stage 3, and get a different, but similar output to when it was in the coreos ACI.

root@rkt-983d74af-c0f5-4c36-a39f-4d0e2350a9e2 ~ # systemd-nspawn -D ./rootfs/ /sbin/apk update
Spawning container rootfs on /root/rootfs.
Press ^] three times within 1s to kill container.
Failed to open system bus: No such file or directory
/etc/localtime is not a symlink, not updating container timezone.
Parent died too earlyAttempted to remove disk file system, and we can't allow that.

@jonboulle
Copy link
Contributor Author

Any luck troubleshooting this further? perhaps ping upstream systemd?

@chancez
Copy link
Contributor

chancez commented Nov 11, 2015

You might try invoking nspawn with --boot so it starts an init.
On Tue, Nov 10, 2015 at 6:17 PM Jonathan Boulle [email protected]
wrote:

Any luck troubleshooting this further? perhaps ping upstream systemd?


Reply to this email directly or view it on GitHub
#86 (comment).

@blalor
Copy link
Contributor

blalor commented Dec 7, 2015

I really want this. Not sure how this'll be solved given the need for OverlayFS… Is it even possible to interact with kernel-level stuff like that in an ACE container?

@cgonyeo cgonyeo modified the milestones: v0.4.0, v0.3.0 Feb 17, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

4 participants