-
Notifications
You must be signed in to change notification settings - Fork 202
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
containers.conf: implement modules #1599
Conversation
ff4843b
to
56397b6
Compare
Now with docs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Look like these are either not used or you are not testing what you think you are testing because the default_network configs are incorrect.
pkg/config/testdata/modules/etc/containers/containers.conf.modules/sub/etc-only.conf
Outdated
Show resolved
Hide resolved
pkg/config/testdata/modules/etc/containers/containers.conf.modules/third.conf
Outdated
Show resolved
Hide resolved
pkg/config/testdata/modules/home/.config/containers/containers.conf.modules/third.conf
Outdated
Show resolved
Hide resolved
pkg/config/testdata/modules/usr/share/containers/containers.conf.modules/third.conf
Outdated
Show resolved
Hide resolved
Thanks! They're currently not tested but I'll update and add a check for third.conf. |
Sorry for not looking at the design doc earlier, I will add some comments there as I think there will be some big problem with the podman implementation part. |
I am cool to discuss here. I guess you'll also worry about how to handle the defaults on the CLI wrt to container creation etc? |
Yes the current assumption is configs are loaded before cli arguments. This is a hard requirement as the config currently is used to set defaults for said arguments. Loading the configs again when --module is used will not work as the defaults for cli args are already locked at that point. One example where defaults are locked is The other problem with that is that there currently is no consistent way of where we fill in defaults from the config, it is all over the place. In some cases modules will work correctly in others they will not. This will be impossible to document and test and thus cause a lot of pain for us and users. |
Another problem is do you want to support modules on the remote client? Because right now most defaults are only set on the server so I am not sure how this should behave at all there. |
Yes, I was thinking about this as well and do not have a good answer yet
The way I look at module is that it's just yet another way for loading containers.conf files. There are numerous issue in Podman wrt. to whether and where it respects the containers.conf settings, so I don't aim at fixing those for now.
My goal for now is to be able for |
I think the easy cheat would be passing modules via env variables but the UX is ugly. I want to get to a point where |
If we can come up with a means to parse |
Agreed, that would make it very hard to use and thus likely defeat the point of this feature.
But I think this assumption is not what a user would expect. If I use --module and the we ignore most option on remote users will file bug reports and get upset when we tell them yes this is expected you must set defaults on the server side. I think this would totally defeat the use case here. Overall I am worried that such a design causes a lot of pain for us in the future. So far my understanding is that there is exactly one user/customer wanting this so my immediate response would be why can they not keep doing what they are doing now? Is a wrapper around podman really that bad?! There is a point where we just need to say no. Then it looks like this here is trying to much more than the use case is, I was only part of one meeting so I could be missing context. My understanding is that they only care about container create options? If that is the case I think maybe going with a design that only focuses on that might be better than trying to generalize this to far. I like using the same config format but I don't think it is required to treat it like the real containers.conf |
Modules don't change the status quo. This issue already applies to Podman now. I don't think we should block modules on that - it's a connected but orthogonal problem.
I think you're conflating the pre-existing chaotic usage of containers.conf in Podman with this PR. I am convinced all issues you mention already apply to Podman today. Some options are on the client-side, some on the server side, some may be totally ignored. All that is already the case. I am not advertising against fixing these issues but I won't sign up for fixing them right now. What I think is important is that modules don't worsen the status quo. That's why I think we need to find a way to parse the --module CLI flag here: https://github.com/containers/podman/blob/main/cmd/podman/registry/config.go#L48 That's where the "default config" is parsed (and set) first. All other callers of
Let's focus on my above counter point on not changing the status quo before throwing everything over board. We've desired such an on-demand loading mechanism for a long time and I think this way of loading absolute paths and resolving to a "modules" directory is a sound design. I desire it for testing, for instance, |
I think it's worth mentioning that I brought the issue of "maybe some options won't work" up with the stakeholder. So seeing it from another angle, it's an occasion to make sure more options work as intended. |
I think modules worsen the situation because users are not switching from an existing containers.conf to modules but from an existing Having modules behave differently for remote vs local case is bad design for me and will cause a lot of trouble and we now have a lot of remote users on macos/windows. The current implementation would likely make modules unusable on remote for most things so I think this must be avoided. I think we totally agreed on containers.conf defaults are set on the server side but for modules this design makes no sense. IMO modules would either work on client side only or we send the module names to server and then the server looks up the files there in it own modules directory. |
Can you elaborate on where you see the difference between Same when editing
Same as above.
Same as above. |
Because my understanding of this feature is to combine multiple podman options in a single file. Modules will be used to replace |
That seems like a very new point in our discussion but a good one and (briefly) mentioned in design doc:
Finding a mechanism for containers.conf files to append/add instead of replace is future work. For now, we focus on the loading mechanism. |
The other thing is I have no problem with containers.conf reading the defaults on the server and I think this is the correct thing to do. We can always tell people to edit config files on the server. This is really my main point I tied to bring across here. A server side containers.conf can be edited and used. A server side module simply is impossible to use with the current design. |
I agree that it would be bad if there are expectations that $option works in the remote case but doesn't. What I don't agree on that --module would cause this expectation. This (hypothetical) problem is already there as remote clients already parse the various containers.conf files on the system (and the environment). I am sure there are problems today and that those need to be fixed eventually and limitations need to be documented. But again, I don't think this PR is the source of these problems.
It's as much (or less) use as any other containers.conf file today. |
Problem today: Some containers.conf option are read on the client other on the server. It is not documented what is used where and in it is a total mess in the podman code. However a user can simply add settings on either the server or the client to containers.conf so with a bit of testing you can get it to work just fine. Module problem: All options that are read on the server side can never be used for podman-remote --module. They will not work and there is no workaround as you cannot set the module on the server side to get what you need. I mean sure you could start So I argue this is a new problem that you are going to introduce! There is nothing I can tell a remote user to make such a module work. To me the use case described was lets make podman commands shorter and reusable by such small modules but if they do not function with the remote client I think this is a big no go to me. Maybe the customer does not care but feature wise I argue we should not add new things that do not work via remote unless there is a proper reason for it. |
Why not make --module not allowed on --remote? We already do this with a lot of global settings. |
I would like to see a WIP podman PR just to get a better feeling on how it will be implemented and that it does not add regressions. |
Totally agree. I don't want to merge it here without a Podman PR, so I'll keep it as a Draft. |
Here's the Podman PR: containers/podman#19567 Still raw but the new tests pass locally |
pkg/config/new.go
Outdated
// All callers are expected to use the returned Config read only. Changing | ||
// data may impact other call sites. | ||
func Default() (*Config, error) { | ||
if cachedConfig != nil || cachedConfigError != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Double checked locking (on its own) is not safe with Golang's memory model. While you may observe the write to cachedConfig, there is no happens-before guarantee on the preceding writes for the config structure as part of initialization (the pointer write may be reordered (speculative execution, compiler reordering etc) or coherence not yet achieved leading to a program to observe an uninitialized / incomplete config). See https://go.dev/ref/mem. Also https://gee.cs.oswego.edu/dl/jmm/cookbook.html is pretty dated but still nice overview/example of how compilers map a model to hardware.
I'd recommend using either sync.Once or an atomic Load Store for the pointer in combo with the DCL as it is (what Once does under the hood) . The go memory model does have a happens-before established at the location of an atomic store, but without the lock queuing or CAS overhead.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot, @n1hility ! Will fix accordingly
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
According to https://go.dev/ref/mem it's sufficient to remove this check. Lock() + check + Unlock()
makes sure the variables are synchronized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@vrothberg +1, only reason i suggested sync.Once was if you were trying to avoid the lock penalty. putting the Lock/Unlock in Do would give you that same DCL lock for just init behavior. I agree the opto isn't critical in this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot for checking! I did consider a sync.Once but with this PR New()
may override the "default" config which would have broken the contract Once would guarantee otherwise.
Because that's what it actually does. Signed-off-by: Valentin Rothberg <[email protected]>
It has no external user and should not be exported to avoid any API misuse; built-in defaults are an implementation detail. Signed-off-by: Valentin Rothberg <[email protected]>
It's wasteful and `sut` was not a name I would now understand. Change the tests that need a default config. The diff also shows that the tests would benefit a lot from a rewrite into a table-driven form but I do not want to shave the entire Yak. Signed-off-by: Valentin Rothberg <[email protected]>
Add `New()` function to create a Config and deprecate `NewConfig` which is a) not extensible and b) broken in the sense that no external caller was actually using the argument. Many call sites use `Default()` which now has improved documentation and allows for interacting with `New(). Most call sites just need to access a pro-loaded config (via `Default()`). This config can overridden by `New()` if the caller sets the specific option - a requirement for an upcoming feature for Podman allowing to load user-specified configs via CLI flags. Signed-off-by: Valentin Rothberg <[email protected]>
Add a new concept to containers.conf called "modules". A "module" is a containers.conf file located at a specific directory. More than one module can be loaded in the specified order, following existing override semantics. There are three directories to load modules from: - $CONFIG_HOME/containers/containers.conf.modules - /etc/containers/containers.conf.modules - /usr/share/containers/containers.conf.modules With CONFIG_HOME pointing to $HOME/.config or, if set, $XDG_CONFIG_HOME. Absolute paths will be loaded as is, relative paths will be resolved relative to the three directories above allowing for admin configs (/etc/) to override system configs (/usr/share/) and user configs ($CONFIG_HOME) to override admin configs. Also move some functions from config.go for locality. Signed-off-by: Valentin Rothberg <[email protected]>
To return absolute paths to modules a config was loaded with. Knowing the modules is required for conmon's callback to Podman's cleanup. Returning them as absolute paths makes loading the modules a bit faster as it avoids the lookup. Also drop the attempted performance tune in `Default()` to accommodate for go's memory model. Signed-off-by: Valentin Rothberg <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
LGTM |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe, Luap99, rhatdan, vrothberg The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Support a new concept in containers.conf called "modules". A "module" is a containers.conf file located at a specific directory. More than one module can be loaded in the specified order, following existing override semantics. There are three directories to load modules from: - $CONFIG_HOME/containers/containers.conf.modules - /etc/containers/containers.conf.modules - /usr/share/containers/containers.conf.modules With CONFIG_HOME pointing to $HOME/.config or, if set, $XDG_CONFIG_HOME. Absolute paths will be loaded as is, relative paths will be resolved relative to the three directories above allowing for admin configs (/etc/) to override system configs (/usr/share/) and user configs ($CONFIG_HOME) to override admin configs. Pulls in containers/common/pull/1599. Signed-off-by: Valentin Rothberg <[email protected]>
Add a new concept to containers.conf called "modules". A "module" is
a containers.conf file located at a specific directory. More than one
modules can be loaded in the specified order, following existing
override semantics.
There are three directories to load modules from:
With CONFIG_HOME pointing to $HOME/.config or, if set, $XDG_CONFIG_HOME.
Absolute paths will be loaded as is, relative paths will be resolved
relative to the three directories above allowing for admin configs
(/etc/) to override system configs (/usr/share/) and user configs
($CONFIG_HOME) to override admin configs.
Also move some functions from config.go for locality.
Signed-off-by: Valentin Rothberg [email protected]
Still a draft but there are fairly comprehensive tests.
@rhatdan @Luap99 @giuseppe @containers/podman-maintainers PTAL. I've received contradicting feedback with respect to the "modules" name. So far, it's my favorite but I am not married to it.
Please also take a look at the initial refactoring. I found it important to first clean up the API a bit to make sure it remains maintainable.