Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use full attach path, rather than a symlink #8979

Merged

Conversation

haircommander
Copy link
Collaborator

@haircommander haircommander commented Jan 14, 2021

conmon 2.0.24 (not yet released) will add the functionality to specify --full-attach, meaning the path to the attach socket will be accessed directly, rather than creating a symlink to a socketsDir. This not only drops a couple of unneeded operations, but also fixes issues that come up when a user runs podman with a sufficiently long UID (containers/conmon#225)

This PR does many things along those lines:

  • use the specified helper function AttachSocketPath, rather than building the path from scratch
  • drop the use of socketDir entirely, and add the --full-attach option to the conmon args, so neither podman nor conmon operate with the socketDir anymore
  • drops ExecContainerCleanup method from the oci interface, as the only work it was doing was cleaning up the exec specific socket dir
  • returns findConmon to podman (from c/common). I don't think moving it was the correct strategy, as it makes bumping the minimum required conmon bothersome (rather than coordinating two repos, we would have to coordinate three).
  • bumps the minimum required conmon to 2.0.24 to take advantage of all of this

A couple of notes:

  • I am open to not moving findConmon, but we do need some way to specify the minimum conmon version for podman. it can't live in c/common. The other strategy would be to change the FindConmon() method in c/common to take major, minor and patch versions, so the calling engine can configure it themselves. However, I find this approach is better for now, because no other engines actually use FindConmon to my knowledge.
  • I am not excited about throwing all of the findConmon code in libpod/runtime. it muddles up an otherwise pretty straight forward file. If there's other suggestions for where to put it, please let me know.
  • this obviously relies on 2.0.24 to exist, which it does not yet. You can look at the PR that caused all of this work here.

@haircommander
Copy link
Collaborator Author

haircommander commented Jan 14, 2021

properly fixes containers/conmon#225

libpod/runtime.go Outdated Show resolved Hide resolved
@haircommander haircommander force-pushed the full-attach-path branch 4 times, most recently from c8e21e5 to bb2ca01 Compare January 20, 2021 17:34
@haircommander
Copy link
Collaborator Author

/hold

added a commit that should bypass the smoke test (I'm not sure how we are to test this, should I check where the old socket dir was?)

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 20, 2021
@haircommander haircommander force-pushed the full-attach-path branch 3 times, most recently from c6510c2 to e1b8233 Compare January 27, 2021 17:13
@haircommander
Copy link
Collaborator Author

@edsantiago @cevich is there any way to force the sys tests to run without int passing on all platforms?

@edsantiago
Copy link
Member

Not that I know of, other than directly mucking with .cirrus.yml

@haircommander
Copy link
Collaborator Author

Not that I know of, other than directly mucking with .cirrus.yml

that seems clear now that you mention it. I am giving it a shot

@haircommander
Copy link
Collaborator Author

@edsantiago huzzah (?) it does fail on ubuntu :)

@edsantiago
Copy link
Member

@haircommander I see a failure on sys podman ubuntu-2004, not 2010; and the failure doesn't look like a relevant one:

# # podman run --name mybigdatacontainer --attach stderr --log-driver k8s-file quay.io/libpod/testimage:20200929 dd if=/dev/zero count=700000 bs=1
# #/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
# #|     FAIL: dd: number of records in
# #| expected: '700000+0 records in'
# #|   actual: ''
# #\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

That is: it never actually made it to the byte-count-check part of the test. Grrr.

@cevich
Copy link
Member

cevich commented Feb 3, 2021

@haircommander I think maybe you're just trying to temporarily get to the system tests sooner, for faster cycling/debugging purposes?

The easiest way to do this is going through and adding/changing skip: $CI == $CI to the tasks you don't want. Though I don't recommend doing this to the main build_task for (hopefully) obvious reasons 😄 It should work with nearly every other task in .cirrus.yml.

@edsantiago FYI ^^^

@openshift-ci-robot openshift-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 7, 2021
@openshift-ci-robot openshift-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 24, 2021
@haircommander
Copy link
Collaborator Author

I think the last piece missing is containers/conmon#241

and stop relying on socket path

Signed-off-by: Peter Hunt <[email protected]>
without the socketsDir, we no longer need to worry about cleaning up after an exec.

Signed-off-by: Peter Hunt <[email protected]>
I believe moving the conmon probing code to c/common wasn't the best strategy.
Different container engines have different requrements of which conmon version is required
(based on what flags they use).

Signed-off-by: Peter Hunt <[email protected]>
2.0.24 introduced the new behavior with --full-attach, allowing podman to no longer use the socketDir

Signed-off-by: Peter Hunt <[email protected]>
Signed-off-by: Peter Hunt <[email protected]>
@rhatdan
Copy link
Member

rhatdan commented Apr 17, 2021

/approve
LGTM
@containers/podman-maintainers PTAL
Thanks @haircommander

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: haircommander, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 17, 2021
@TomSweeneyRedHat
Copy link
Member

LGTM
but would like a head nod from @mheon

@haircommander
Copy link
Collaborator Author

haircommander commented Apr 17, 2021 via email

@edsantiago
Copy link
Member

what's the idiomatic way to skip adding a test

If you're seeing a CI failure because of missing tests, the test failure itself should give you pretty clear instructions on what to do. If the instructions aren't clear, that's a bug, and PRs (or suggestions) welcome.

@mheon
Copy link
Member

mheon commented Apr 19, 2021

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 19, 2021
@rhatdan
Copy link
Member

rhatdan commented Apr 21, 2021

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 21, 2021
@openshift-merge-robot openshift-merge-robot merged commit 41677b1 into containers:master Apr 21, 2021
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants