[lxc-devel] [crio-lxc/master] Fix container start sequence
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/crio-lxc/pull/6
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Warning! Major hack alert.
When we create a crio-lxc container, we start the lxc container to
wait for the syncfifo. The crio-lxc container isn't really started
until the fifo is written to.
So we can't just use c.Running() to tell us that the crio-lxc container
is running.
Ideally we could add a 'criolxc.state' key in the container config.
Lxc would happily ignore that. However, we cannot use the lxc api
to do that because it doesn't know about the keys. And if we do it
ourselves, then we need to worry about locking.
So, add a pre-start hook of /bin/true to the config file when the
syncfifo is unlocked. If anyone wants to set /bin/true as a real
pre-start hook, come talk to me.
Other ideas are definitely welcome!
Signed-off-by: Serge Hallyn
From 7c4744ac1da8e73824e9368d7b9104c0ca4fdc7e Mon Sep 17 00:00:00 2001
From: Serge Hallyn
Date: Fri, 19 Apr 2019 13:06:57 -0500
Subject: [PATCH] Fix container start sequence
Warning! Major hack alert.
When we create a crio-lxc container, we start the lxc container to
wait for the syncfifo. The crio-lxc container isn't really started
until the fifo is written to.
So we can't just use c.Running() to tell us that the crio-lxc container
is running.
Ideally we could add a 'criolxc.state' key in the container config.
Lxc would happily ignore that. However, we cannot use the lxc api
to do that because it doesn't know about the keys. And if we do it
ourselves, then we need to worry about locking.
So, add a pre-start hook of /bin/true to the config file when the
syncfifo is unlocked. If anyone wants to set /bin/true as a real
pre-start hook, come talk to me.
Other ideas are definitely welcome!
Signed-off-by: Serge Hallyn
---
cmd/create.go | 8 +++-
cmd/delete.go | 2 +-
cmd/start.go | 29 +++--
cmd/state.go | 2 +-
4 files changed, 36 insertions(+), 5 deletions(-)
diff --git a/cmd/create.go b/cmd/create.go
index 6c52d33..51a9949 100644
--- a/cmd/create.go
+++ b/cmd/create.go
@@ -10,6 +10,7 @@ import (
"path"
"path/filepath"
"strings"
+ "time"
"github.com/apex/log"
"github.com/opencontainers/runtime-spec/specs-go"
@@ -207,6 +208,11 @@ func startContainer(c *lxc.Container, spec *specs.Spec)
error {
cmdErr := cmd.Start()
- return cmdErr
+ if cmdErr == nil {
+ if !c.Wait(lxc.RUNNING, 30*time.Second) {
+ cmdErr = fmt.Errorf("Container failed to initialize")
+ }
+ }
+ return cmdErr
}
diff --git a/cmd/delete.go b/cmd/delete.go
index 21f366d..91b6ee1 100644
--- a/cmd/delete.go
+++ b/cmd/delete.go
@@ -48,7 +48,7 @@ func doDelete(ctx *cli.Context) error {
}
- if c.Running() {
+ if c.Running() && checkHackyPreStart(c) == "started" {
return fmt.Errorf("container '%s' is running, cannot delete.",
containerID)
}
diff --git a/cmd/start.go b/cmd/start.go
index 275ea77..7e248a2 100644
--- a/cmd/start.go
+++ b/cmd/start.go
@@ -23,6 +23,27 @@ starts
`,
}
+func checkHackyPreStart(c *lxc.Container) string {
+ hooks := c.ConfigItem("lxc.hook.pre-start")
+ for _, h := range hooks {
+ if h == "/bin/true" {
+ return "started"
+ }
+ }
+ return "prestart"
+}
+
+func setHackyPreStart(c *lxc.Container) {
+ err := c.SetConfigItem("lxc.hook.pre-start", "/bin/true")
+ if err != nil {
+ log.Warnf("Failed to set \"container started\" indicator: %v",
err)
+ }
+ err = c.SaveConfigFile(filepath.Join(LXC_PATH, c.Name(), "config"))
+ if err != nil {
+ log.Warnf("Failed to save \"container started\" indicator: %v",
err)
+ }
+}
+
func doStart(ctx *cli.Context) error {
containerID := ctx.Args().Get(0)
if len(containerID) == 0 {
@@ -37,10 +58,14 @@ func doStart(ctx *cli.Context) error {
}
defer c.Release()
log.Infof("checking if running")
- if c.Running() {
- return fmt.Errorf("'%s' is already running", containerID)
+ if !c.Running() {
+ return fmt.Errorf("'%s' is not ready", containerID)
+ }
+ if checkHackyPreStart(c) == "started" {
+ return fmt.Errorf("'%s' already running", containerID)
}
log.Infof("not running, can start")
+ setHackyPreStart(c)
fifoPath := filepath.Join(LXC_PATH, containerID, "syncfifo")
log.Infof("opening fifo '%s'", fifoPath)
f, err := os.OpenFile(fifoPath, os.O_RDWR, 0)
diff --git a/cmd/state.go b/cmd/state.go
index 955acb6..5e8af42 100644
--- a/cmd/state.go
+++
[lxc-devel] [lxc/lxc] c8ca5a: netns_getifaddrs: adapt to kernel changes
Branch: refs/heads/master Home: https://github.com/lxc/lxc Commit: c8ca5a435cc4bc28c3f14d89cc30c38fd177a310 https://github.com/lxc/lxc/commit/c8ca5a435cc4bc28c3f14d89cc30c38fd177a310 Author: Christian Brauner Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M src/include/netns_ifaddrs.c M src/lxc/macro.h Log Message: --- netns_getifaddrs: adapt to kernel changes s/NETLINK_DUMP_STRICT_CHK/NETLINK_GET_STRICT_CHK/g Signed-off-by: Christian Brauner Commit: 60c20c6e0e85efb236e00eb3396f064e9e7c82e8 https://github.com/lxc/lxc/commit/60c20c6e0e85efb236e00eb3396f064e9e7c82e8 Author: Stéphane Graber Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M src/include/netns_ifaddrs.c M src/lxc/macro.h Log Message: --- Merge pull request #2945 from brauner/2019-04-19/netns_getifaddrs_adapt_to_kernel_changes netns_getifaddrs: adapt to kernel changes Compare: https://github.com/lxc/lxc/compare/e12b27e5fbdf...60c20c6e0e85 ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [crio-lxc/master] readme: mention new enough liblxc is needed
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/crio-lxc/pull/5 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Serge Hallyn From 33a0390ea02ab1a7e6060bb19811fb5adfd7d107 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Fri, 19 Apr 2019 12:15:02 -0500 Subject: [PATCH] readme: mention new enough liblxc is needed Signed-off-by: Serge Hallyn --- README.md | 7 +++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index fa4be14..bfa2b23 100644 --- a/README.md +++ b/README.md @@ -12,3 +12,10 @@ make Then specify the `crio-lxc` binary you just built as the value for `default_runtime` in the `crio.runtime` section of `/etc/crio/crio.conf`. + +## Notes + +Note that you must have a new enough liblxc, one which supports the +"lxc.rootfs.managed" key. 3.0.3 is not new enough, 3.1 is. On Ubuntu, +you can upgrade using the ubuntu-lxc/lxc-git-master PPA. Arch and +OpenSUSE tumbleweed should be uptodate. ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [crio-lxc/master] create: pass right lxcpath to internal command
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/crio-lxc/pull/4
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
the lxcpath is not the rootfs of the container, but rather the base used
for calculating various things, such as the command socket path or default
rootfs/config locations.
Signed-off-by: Tycho Andersen
From ad7e2201130520e354cbfed5b9d4f5fbe1b1d67f Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Fri, 19 Apr 2019 10:24:56 -0600
Subject: [PATCH] create: pass right lxcpath to internal command
the lxcpath is not the rootfs of the container, but rather the base used
for calculating various things, such as the command socket path or default
rootfs/config locations.
Signed-off-by: Tycho Andersen
---
cmd/create.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cmd/create.go b/cmd/create.go
index c867ef2..6c52d33 100644
--- a/cmd/create.go
+++ b/cmd/create.go
@@ -195,7 +195,7 @@ func startContainer(c *lxc.Container, spec *specs.Spec)
error {
binary,
"internal",
c.Name(),
- spec.Root.Path,
+ LXC_PATH,
filepath.Join(LXC_PATH, c.Name(), "config"),
)
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/master] netns_getifaddrs: adapt to kernel changes
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2945
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
s/NETLINK_DUMP_STRICT_CHK/NETLINK_GET_STRICT_CHK/g
Signed-off-by: Christian Brauner
From c8ca5a435cc4bc28c3f14d89cc30c38fd177a310 Mon Sep 17 00:00:00 2001
From: Christian Brauner
Date: Fri, 19 Apr 2019 15:24:51 +0200
Subject: [PATCH] netns_getifaddrs: adapt to kernel changes
s/NETLINK_DUMP_STRICT_CHK/NETLINK_GET_STRICT_CHK/g
Signed-off-by: Christian Brauner
---
src/include/netns_ifaddrs.c | 2 +-
src/lxc/macro.h | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/include/netns_ifaddrs.c b/src/include/netns_ifaddrs.c
index 1c8b92b66b..7ac80e3d60 100644
--- a/src/include/netns_ifaddrs.c
+++ b/src/include/netns_ifaddrs.c
@@ -468,7 +468,7 @@ static int __rtnl_enumerate(int link_af, int addr_af, __s32
netns_id,
if (fd < 0)
return -1;
- r = setsockopt(fd, SOL_NETLINK, NETLINK_DUMP_STRICT_CHK, &(int){1},
+ r = setsockopt(fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, &(int){1},
sizeof(int));
if (r < 0 && netns_id >= 0) {
close(fd);
diff --git a/src/lxc/macro.h b/src/lxc/macro.h
index 6e07516f20..b83e439115 100644
--- a/src/lxc/macro.h
+++ b/src/lxc/macro.h
@@ -240,8 +240,8 @@ extern int __build_bug_on_failed;
#define prctl_arg(x) ((unsigned long)x)
/* networking */
-#ifndef NETLINK_DUMP_STRICT_CHK
-#define NETLINK_DUMP_STRICT_CHK 12
+#ifndef NETLINK_GET_STRICT_CHK
+#define NETLINK_GET_STRICT_CHK 12
#endif
#ifndef SOL_NETLINK
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] netns_getifaddrs: adapt to kernel changes
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/5689
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
s/NETLINK_DUMP_STRICT_CHK/NETLINK_GET_STRICT_CHK/g
Signed-off-by: Christian Brauner
From 5c2df8b52c54b8c6ee9159dd632bb4f9a1c2e2b9 Mon Sep 17 00:00:00 2001
From: Christian Brauner
Date: Fri, 19 Apr 2019 15:15:28 +0200
Subject: [PATCH] netns_getifaddrs: adapt to kernel changes
s/NETLINK_DUMP_STRICT_CHK/NETLINK_GET_STRICT_CHK/g
Signed-off-by: Christian Brauner
---
lxd/include/macro.h | 4 ++--
lxd/main_checkfeature.go | 6 +++---
shared/netns_getifaddrs.c | 2 +-
shared/network.c | 29 -
4 files changed, 6 insertions(+), 35 deletions(-)
diff --git a/lxd/include/macro.h b/lxd/include/macro.h
index 3384184e9c..7ff60c385d 100644
--- a/lxd/include/macro.h
+++ b/lxd/include/macro.h
@@ -135,8 +135,8 @@ extern int __build_bug_on_failed;
#define prctl_arg(x) ((unsigned long)x)
/* networking */
-#ifndef NETLINK_DUMP_STRICT_CHK
-#define NETLINK_DUMP_STRICT_CHK 12
+#ifndef NETLINK_GET_STRICT_CHK
+#define NETLINK_GET_STRICT_CHK 12
#endif
#ifndef SOL_NETLINK
diff --git a/lxd/main_checkfeature.go b/lxd/main_checkfeature.go
index 653aff6e4b..ccd1070dd6 100644
--- a/lxd/main_checkfeature.go
+++ b/lxd/main_checkfeature.go
@@ -107,13 +107,13 @@ void is_netnsid_aware(int *hostnetns_fd, int *newnetns_fd)
return;
}
- ret = setsockopt(sock_fd, SOL_NETLINK, NETLINK_DUMP_STRICT_CHK,
&(int){1}, sizeof(int));
+ ret = setsockopt(sock_fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK,
&(int){1}, sizeof(int));
if (ret < 0) {
- // NETLINK_DUMP_STRICT_CHK isn't supported
+ // NETLINK_GET_STRICT_CHK isn't supported
return;
}
- // NETLINK_DUMP_STRICT_CHK is supported
+ // NETLINK_GET_STRICT_CHK is supported
netnsid_aware = true;
}
diff --git a/shared/netns_getifaddrs.c b/shared/netns_getifaddrs.c
index 2e854a44dd..7487b13621 100644
--- a/shared/netns_getifaddrs.c
+++ b/shared/netns_getifaddrs.c
@@ -432,7 +432,7 @@ static int __rtnl_enumerate(int link_af, int addr_af, __s32
netns_id,
if (fd < 0)
return -1;
- r = setsockopt(fd, SOL_NETLINK, NETLINK_DUMP_STRICT_CHK, &(int){1},
+ r = setsockopt(fd, SOL_NETLINK, NETLINK_GET_STRICT_CHK, &(int){1},
sizeof(int));
if (r < 0 && netns_id >= 0) {
close(fd);
diff --git a/shared/network.c b/shared/network.c
index 421f99b49f..d0f40b0393 100644
--- a/shared/network.c
+++ b/shared/network.c
@@ -26,35 +26,6 @@
((struct rtattr *)(((char *)(r)) + NLMSG_ALIGN(sizeof(struct
rtgenmsg
#endif
-#ifndef SOL_NETLINK
-#define SOL_NETLINK 270
-#endif
-
-#ifndef NETLINK_DUMP_STRICT_CHK
-#define NETLINK_DUMP_STRICT_CHK 12
-#endif
-
-#ifndef RTM_GETLINK
-#define RTM_GETLINK 18
-#endif
-
-#ifndef RTM_GETNSID
-#define RTM_GETNSID 90
-#endif
-
-#ifdef IFLA_IF_NETNSID
-#ifndef IFLA_TARGET_NETNSID
-#define IFLA_TARGET_NETNSID = IFLA_IF_NETNSID
-#endif
-#else
-#define IFLA_IF_NETNSID 46
-#define IFLA_TARGET_NETNSID 46
-#endif
-
-#ifndef IFA_TARGET_NETNSID
-#define IFA_TARGET_NETNSID 10
-#endif
-
#define IFADDRS_HASH_SIZE 64
#define __NETLINK_ALIGN(len) (((len) + 3) & ~3)
___
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/lxc] 7da4e4: raw_syscalls: lxc_raw_clone()
Branch: refs/heads/stable-3.0 Home: https://github.com/lxc/lxc Commit: 7da4e44b321346b5f3d567d70c88e2463718ddcd https://github.com/lxc/lxc/commit/7da4e44b321346b5f3d567d70c88e2463718ddcd Author: Christian Brauner Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M src/lxc/raw_syscalls.c Log Message: --- raw_syscalls: lxc_raw_clone() Account for different trap number on 32bit SPARC. Link: https://bugs.gentoo.org/656368 Signed-off-by: Christian Brauner Commit: 9e5d932ccd88e34043c9b936ca8b75c69735c81c https://github.com/lxc/lxc/commit/9e5d932ccd88e34043c9b936ca8b75c69735c81c Author: Felix Abecassis Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M hooks/nvidia Log Message: --- hooks/nvidia: handle spaces in NVIDIA_REQUIRE variables Previously, environment variables with a space where splitted. Signed-off-by: Felix Abecassis Compare: https://github.com/lxc/lxc/compare/3f76bcd6a9b0...9e5d932ccd88 ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxc/lxc] 1e04bb: cgfsng: backport new cgroup handling logic
Branch: refs/heads/stable-3.0 Home: https://github.com/lxc/lxc Commit: 1e04bb71da3ed829761ae8c729c3d021a6a709df https://github.com/lxc/lxc/commit/1e04bb71da3ed829761ae8c729c3d021a6a709df Author: Christian Brauner Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M configure.ac M src/lxc/attach.c M src/lxc/cgroups/cgfsng.c M src/lxc/cgroups/cgroup.c M src/lxc/cgroups/cgroup.h M src/lxc/criu.c M src/lxc/freezer.c M src/lxc/initutils.c M src/lxc/lxc.h M src/lxc/lxccontainer.c M src/lxc/start.c M src/tests/cgpath.c Log Message: --- cgfsng: backport new cgroup handling logic BugLink: https://bugs.launchpad.net/bugs/1825155 This will allow us to better support cgroup2 layouts on stable-3.0. Signed-off-by: Christian Brauner Commit: 3f76bcd6a9b04aea0903a0c2aa52808d96a6b844 https://github.com/lxc/lxc/commit/3f76bcd6a9b04aea0903a0c2aa52808d96a6b844 Author: Christian Brauner Date: 2019-04-19 (Fri, 19 Apr 2019) Changed paths: M configure.ac M src/lxc/attach.c M src/lxc/cgroups/cgfsng.c M src/lxc/cgroups/cgroup.c M src/lxc/cgroups/cgroup.h M src/lxc/criu.c M src/lxc/freezer.c M src/lxc/initutils.c M src/lxc/lxc.h M src/lxc/lxccontainer.c M src/lxc/start.c M src/tests/cgpath.c Log Message: --- Merge pull request #2944 from brauner/lxc/stable-3.0 cgfsng: backport new cgroup handling logic Compare: https://github.com/lxc/lxc/compare/bccf738c78b8...3f76bcd6a9b0 ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
