Skip to content

tmpfs: Add support for noatime mount option #26238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-bot merged 1 commit into from
Jul 4, 2025
Merged

tmpfs: Add support for noatime mount option #26238

openshift-merge-bot merged 1 commit into from
Jul 4, 2025

Conversation

@ArthurWuTW
Copy link
Contributor

@ArthurWuTW ArthurWuTW commented May 30, 2025

What I did

How I did it

  1. Reproduced the Error
podman run --network host --tmpfs /mytmpfs:noatime alpine sh -c "mount | grep mytmpfs"

Output:

Error: unknown mount option "noatime": invalid mount option

  1. Code Trace
    Acceptable mount options defined in mount_opts.go (processOptionsInternal).

  2. Unit Test
    There is an existing unit test code pattern for mount options in utils_test.go (TestProcessOptions)
    I added a new test in tests array.

  3. Code Change
    add noatime option in mount_opts.go (processOptionsInternal).

  4. Documentation
    Updated supported mount options to include noatime with a short description.

How to verify it

  1. make localunit passes without errors.

  2. make validatepr without errors.

  3. make podman and check noatime mount option.

/home/arthur/podman/bin/podman run --network host --tmpfs /mytmpfs:noatime alpine sh -c "mount | grep mytmpfs"

Output: As we can see, /mytmpfs has the noatime option

WARN[0000] Using cgroups-v1 which is deprecated in favor of cgroups-v2 with Podman v5 and will be removed in a future version. Set environment variable `PODMAN_IGNORE_CGROUPSV1_WARNING` to hide this warning. 
tmpfs on /mytmpfs type tmpfs (rw,context="system_u:object_r:container_file_t:s0:c421,c672",nosuid,nodev,noatime,uid=1000,gid=1000)

Release Note

Add support for the `noatime` mount option in tmpfs

Luap99
Luap99 reviewed May 30, 2025
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to have a proper integration test in test/e2e or test/system for this to make sure the mount is actually correctly passed to the oci runtime and it mounted the tmpfs with it.

@jankaluza
Copy link
Member

jankaluza commented May 30, 2025

I don't see anything wrong with the patch. The tests are missing as @Luap99 pointed out.

baude
baude reviewed May 30, 2025
View reviewed changes
test/e2e/run_volume_test.go
})

It("podman run --tmpfs with noatime option", func() {
session := podmanTest.Podman([]string{"run", "--rm", "--tmpfs", "/mytmpfs:noatime", ALPINE, "grep", "mytmpfs", "/proc/self/mountinfo"})
Copy link
Member

@baude baude May 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

consider podmanTest.PodmanExitCleanly here ... I think you should also test the negative here too and as a result of the test, ensure the error message you added has been emitted.

Copy link
Contributor Author

@ArthurWuTW ArthurWuTW Jun 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@baude
Thank you for reviewing the code and providing your suggestions!
I'd like to share my findings step by step:

1. Define Negative Test Case

podman run -v ./testdir:/testdir:noatime alpine

I expect an error like

the 'noatime' option is only allowed with tmpfs mounts

However, the actual error was:

Error: invalid option type "noatime"

2. Investigation
I found this mount error already returned by ValidateVolumeOpts, just before processOptionsInternal. Also podman create... has the same result.
Untitled Diagram(4)

3. Expected Error via Rest API
Interestingly, I tried podman system serivce... and it returned the expected error message.

cd <PATH>/podman/bin
./podman system service --time=0 tcp:127.0.0.1:8080
# Another terminal
# Create a conatiner
curl -X POST http://127.0.0.1:8080/v4.5.1/libpod/containers/create -H "Content-Type: application/json" -d '{  "name": "myalpine",  "image": "alpine",  "command": ["sleep", "3600"],  "mounts": [{  "type": "bind",  "source": "/home/arthur/podman/bin/testdir",  "destination": "/testdir",  "options": ["noatime"]}]}'

# Response JSON
{"cause":"invalid mount option","message":"the 'noatime' option is only allowed with tmpfs mounts: invalid mount option","response":500}

4. Next Step
I'd like to add a negative test using curl(Step 3.). Since it needs podman system service... running at the beginning, I think I can use BATS...still look around test/system directory.. possibly adding a new bats file like 770-create.bats for noatime test.
Let me know if this direction makes sense, or if you have any suggestions.

Copy link
Member

@Luap99 Luap99 Jun 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the negative case is that without adding noatime then checking that mountinfo should not include the noatime mount option.

I'd like to add a negative test using curl(Step 3.). Since it needs podman system service... running at the beginning, I think I can use BATS...still look around test/system directory.. possibly adding a new bats file like 770-create.bats for noatime test.

That is not right, test/system runs podman just like the e2e it should not be used for direct API calls generally. If you want api calls look at test/apiv2

@packit-as-a-service
Copy link

packit-as-a-service bot commented May 30, 2025

[NON-BLOCKING] Packit jobs failed. @containers/packit-build please check. Everyone else, feel free to ignore.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jun 4, 2025
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jun 6, 2025
@ArthurWuTW
Copy link
Contributor Author

ArthurWuTW commented Jun 7, 2025
edited
Loading

@Luap99
Thanks for clarifying the negative case.
I was wondering we also need API tests for what @baude suggested.

ensure the error message you added has been emitted.

Let me summarize all tests I added for this pull request.

Unit Test

  • Positive Case: test func processOptionsInternal with noatime option and isTmpfs flag is true

  • Negative Case: test func processOptionsInternal with noatime option and isTmpfs flag is false, error expected

make localunit
--- PASS: TestProcessOptions (0.00s)
...
    --- PASS: TestProcessOptions/noatime_allowed_only_with_tmpfs (0.00s)
...

E2E

  • Positive Case: run with tmpfs mount and noatime

  • Negative Case: run with tmpfs mount but without noatime

make localintegration FOCUS="podman run --tmpfs with noatime option"
...
Ran 1 of 2377 Specs in 26.473 seconds
SUCCESS! -- 1 Passed | 0 Failed | 0 Pending | 2376 Skipped

API

  • Positive Case: tmpfs with noatime

  • Negative Case: unsupported noatime for bind mount, expect new added error message shows up.

cd test/apiv2
./test-apiv2 44-mounts
...
ok 1 [44-mounts] POST containers/create?name=hostconfig_test [-d {"Image":"quay.io/libpod/testimage:20241011","Cmd":["df","-P","/mytmpfs"],"HostConfig":{"Binds":["/tmp/doesnotexist:/test1"],"TmpFs":{"/mytmpfs":"rw,noatime"}}}] : status=201
...
ok 11 [44-mounts] POST libpod/containers/create [-d {"Image":"quay.io/libpod/testimage:20241011","Mounts":[{"type":"bind","source":"/nosuchdir","destination":"/data","options":["noatime"]}]}] : .message ('the 'noatime' option is only allowed with tmpfs mounts: invalid mount option') ~ the 'noatime' option is only allowed with tmpfs mounts
...

@ArthurWuTW
tmpfs: Add support for noatime mount option
2825521 
'noatime' flag disables updates to file access times when files are read. This can reduce unnecessary writes and improve performance, especially in read-heavy workloads. Previously, tmpfs did not recognize the 'noatime' mount option and would return an error.

With this change, tmpfs now properly accepts and handles the 'noatime' option.

Fixes: containers#26102

Signed-off-by: Arthur Wu <lion811004@gmail.com>
@ArthurWuTW ArthurWuTW requested a review from Luap99 June 10, 2025 14:45
Luap99
Luap99 approved these changes Jun 10, 2025
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 10, 2025
@ArthurWuTW ArthurWuTW requested a review from baude June 10, 2025 16:10
@Luap99
Copy link
Member

Luap99 commented Jul 4, 2025

@giuseppe PTAL, this should be good to merge

giuseppe
giuseppe approved these changes Jul 4, 2025
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 4, 2025
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 4, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ArthurWuTW, giuseppe, Luap99

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 00c431c into containers:main Jul 4, 2025
75 of 77 checks passed
@stale-locking-app stale-locking-app bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Oct 3, 2025
@stale-locking-app stale-locking-app bot locked as resolved and limited conversation to collaborators Oct 3, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@giuseppe giuseppe giuseppe approved these changes

@Luap99 Luap99 Luap99 approved these changes

@baude baude Awaiting requested review from baude

Assignees

@giuseppe giuseppe

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. release-note

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

noatime support for tmpfs mounts

6 participants

@ArthurWuTW @jankaluza @Luap99 @giuseppe @baude @openshift-merge-robot