Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

On Read/only additional stores, ignore Read/Only errors #1763

Merged
merged 1 commit into from Nov 27, 2023
Merged

On Read/only additional stores, ignore Read/Only errors #1763

merged 1 commit into from Nov 27, 2023

Conversation

rhatdan
Copy link
Member

@rhatdan rhatdan commented Nov 24, 2023

We want to setup empty additonal stores which could potentially be stored on a read-only mount point (ostree). Currently empty stores work fine as long as the directory is read/write, because when we attempt to lock them, the code wants to create a lock file directory. This returns an error on read-only directories.

This patch ignores read-only addiitonal stores with no content.

@rhatdan
Copy link
Member Author

rhatdan commented Nov 24, 2023

@alexlarsson @giuseppe @nalind @flouthoc PTAL

vrothberg
vrothberg reviewed Nov 24, 2023
View reviewed changes
Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does it really work when the additional store is truly read-only but fully populated with a lockfile? At the moment we just ignore when trying to create the lockfile.

store.go
@@ -961,6 +962,9 @@ func (s *store) load() error {
} else {
ris, err = newROImageStore(gipath)
if err != nil {
if errors.Is(err, syscall.EROFS) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a debug line.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added and it seems to when there are images in the additional store and it is mounted read-only.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you repush? I don't see the change yet.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it also make sense to handle ENOENT here? Like, to support configuring an optional directory you can easily create when needed.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also wondered about ENOENT. One issue with ignoring ENOENT is detecting misconfiguration. An admin may introduce a typo and be tricked into believing everything's 0K.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the underlying lock code creates missing directories.

flouthoc
flouthoc reviewed Nov 27, 2023
View reviewed changes
Copy link
Collaborator

@flouthoc flouthoc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR LGTM Just a general question: c/storage should be aware of read-only stores and should not attempt to create lockfiles at all right ? If its read-only then why is storagemaintaining a lockfile.

@vrothberg
Copy link
Member

PR LGTM Just a general question: c/storage should be aware of read-only stores and should not attempt to create lockfiles at all right ? If its read-only then why is storagemaintaining a lockfile.

It may be readable for this user, but writable for others.

@flouthoc
Copy link
Collaborator

PR LGTM Just a general question: c/storage should be aware of read-only stores and should not attempt to create lockfiles at all right ? If its read-only then why is storagemaintaining a lockfile.

It may be readable for this user, but writable for others.

@vrothberg Ah I meant if other instances of c/storage are write-able then they will be able to create lockfile anyways, afaics here the process of creating lockfileitself fails and PR is ignoring the error later, so my idea was prevent write op if its guaranteed to fail instead and make c/storage aware so it should just omit that step.

@rhatdan
On Read/only additional stores, ignore Read/Only errors
2472af8 
We want to setup empty additonal stores which could potentially
be stored on a read-only mount point (ostree).  Currently empty
stores work fine as long as the directory is read/write, because
when we attempt to lock them, the code wants to create a lock file
directory. This returns an error on read-only directories.

This patch ignores read-only addiitonal stores with no content.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
vrothberg
vrothberg approved these changes Nov 27, 2023
View reviewed changes
Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

giuseppe
giuseppe approved these changes Nov 27, 2023
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Nov 27, 2023
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 27, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe, rhatdan, vrothberg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [giuseppe,rhatdan,vrothberg]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit d57456e into containers:main Nov 27, 2023
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexlarsson alexlarsson alexlarsson left review comments

@flouthoc flouthoc flouthoc left review comments

@giuseppe giuseppe giuseppe approved these changes

@vrothberg vrothberg vrothberg approved these changes

Assignees

@giuseppe giuseppe

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@rhatdan @vrothberg @flouthoc @giuseppe @alexlarsson