Advertise Conmon PID via MAINPID #6689
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: goochjj The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
needs-ok-to-test
|
Hi @goochjj. Thanks for your PR. I'm waiting for a containers member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
openshift-ci-robot
added
ok-to-test
and removed
needs-ok-to-test
libpod/oci_conmon_linux.go
Outdated
| @@ -37,6 +37,7 @@ import ( | |||
| "github.com/sirupsen/logrus" | |||
| "golang.org/x/sys/unix" | |||
| "k8s.io/client-go/tools/remotecommand" | |||
| "github.com/coreos/go-systemd/v22/daemon" | |||
There was a problem hiding this comment.
@goochjj gating doesn't like the location of this line, it needs to move up in alpha order. I think to line 32.5
|
Gating is complaining about gofmt. @giuseppe PTAL |
|
Once gating and happy tests are complete |
goochjj
force-pushed
the
libpod-sd-notify
branch
from
80c6c37 to
f4c3779
Compare
|
I'll pass it to @giuseppe :^) |
goochjj
force-pushed
the
libpod-sd-notify
branch
2 times, most recently
from
491e018 to
f4a93ec
Compare
|
I'm not sure how to fix the vendor check. When I run the go mod commands locally it deletes many many things. |
goochjj
force-pushed
the
libpod-sd-notify
branch
from
f4a93ec to
642da3e
Compare
|
I think I figured it out |
We require go >= 1.1.3. If you're below that, you can run |
There was a problem hiding this comment.
runc already sends a MAINPID=$PID-CONTAINER, crun doesn't. More in general we are already delegating the sd-notify logic to the OCI runtime.
The safest is probably to override it from Podman once the container is already started (after "start" terminates). Does systemd work fine if you use MAINPID= multiple times?
goochjj
force-pushed
the
libpod-sd-notify
branch
2 times, most recently
from
23bb7b9 to
03666d3
Compare
When NOTIFY_SOCKET is passed from systemd, we send MAINPID=<pid of conmon> so systemd monitors the correct PID. We do this both Before and After the OCI runtime engine start is called. Imported daemon/ from go-systemd dependency. Signed-off-by: Joseph Gooch <[email protected]> Co-authored-by: Giuseppe Scrivano <[email protected]>
goochjj
force-pushed
the
libpod-sd-notify
branch
from
03666d3 to
2600763
Compare
|
yes I agree. We need only for start, then LGTM |
I sent it twice, in case runc or crun passes a different MAINPID. conmon happens before OCI runtime, start happens after. Note also this PR is superceded by #6693 |
github-actions
bot
added
the
locked - please file new issue/PR
When NOTIFY_SOCKET is passed from systemd, we
send MAINPID= so systemd monitors the correct PID.
Imported daemon/ from go-systemd dependency.
Signed-off-by: Joseph Gooch [email protected]