Conversation
|
@doanac Initially, I considered enforcing the use of the overlay2 storage driver unless it was already specified in daemon.json. However, after exploring and analyzing various edge cases, I realized that it would be safer and less intrusive not to modify any configuration and to fail only when it is certain that the current setup is incorrect. For example, it is quite difficult impossible to distinguish between scenarios where docker.io was just installed as a dependency during |
|
this seems sane to me. let's get a debian person's opinion once you are ready |
basak-qcom
left a comment
basak-qcom
left a comment
There was a problem hiding this comment.
What happens when docker.io isn't installed (yet), and someone runs apt install docker.io fioup or apt install fioup (in the latter case, the dependency on docker.io would make it equivalent to the former case)? Or, if someone runs apt install docker.io and then apt install fioup? If the default storage driver is no longer overlay2, won't that fail?
What happens if the Docker configuration is changed while the fioup service is running, or is that not possible?
|
Why not check at fioup runtime instead, before doing whatever action that would be problematic? Preventing package installs is usually hard to deal with for end-users, I'd recommend doing this inside your app instead. |
The
In such the case the
It is possible, however it is very unlikely can happen on production devices/hosts as change of a docker storage type implies loosing all currently installed container images (unless some migration has been conducted before). The goal of this |
My plan is to do both. At first, to do the best effort in determining of inappropriate docker configuration during installation of Secondly, do similar check in the |
As a user, I personally prefer being able to install the program and it telling me "your current config doesn't allow this program to work" rather than getting a package installation error. Perhaps you can print a warning message instead of failing the installation. |
The question is whether users would be willing to change their configuration after installing fioup, upon seeing the error message produced by the fioup command: “Your current configuration does not allow this program to work.” This is not just another Docker configuration parameter — it defines the storage backend. Changing it means that all existing container images will no longer be visible or runnable after restarting dockerd. If changing the configuration is not an option, then it raises the question of what the point of installing fioup is in the first place. In that sense, this behaves more like an installation-time dependency. Ideally, we should validate it during installation and fail if the requirement is not met. That said, I think it’s acceptable to emit only a warning for now, since fioup is currently targeted at hobbyist use cases rather than production environments. I'll amend the PR accordingly. |
|
FWIW, this is an interesting interaction between configuration and packaging that we bump into every so often. Unfortunately they were never designed to interact like this, so it tends to never work very well :-( |
mike-sul
force-pushed
the
feat/check-storage-driver
branch
from
0484ad2 to
e86d783
Compare
@lool I've updated the PR accordingly. |
Yeah, so the scenario would be:
I have only now seen that you already skip the tests if docker is not present, so it was already possible to install fioup even if it can't be used to manage containers at all because docker is missing. So now we're consistent and letting you install it if you have docker installed and the backend is wrong.
...and that's ok in the end, right? People will try things and then question their life choices. I've installed Atlassian's ACLI yesterday only to realize I couldn't point it at our onprem instance (I'm a real hacker, I don't read docs). Then I removed it :)
I think that's only needed if you automate some system-level integration. For instance: that I would expect to fail at package installation time if the system setup doesn't allow the desired setup to be achieved. But for an interactive user-level command, I personally think it's user-friendlier to defer the checks. As an end-user, the pattern I'm thinking about here are things like If you had a |
lool
left a comment
lool
left a comment
There was a problem hiding this comment.
I'm not qualified to review the other changes, but I think the debian/preinst logic to diagnose system state would be better in postinst, that would allow:
- calling fioup itself to do the tests
- relying on dependencies being installed (but I'm not sure if fioup depends on docker; that itself might be a bad idea since there are multiple docker deb sources available with different package names)
Good point on moving this to postinst — I agree that’s a better place for this kind of check, especially since we only print a warning and don’t interrupt installation.
For now, I’d keep the checks local to the |
|
@lool I suppose we might want (or need) to enforce the overlay2 graph driver setting (as a default value) in the Debian image we ship on UNO Q when/if the default version of |
Add a postinst script to verify that Docker is configured with the required storage driver. Behavior: - If Docker is not installed or not running, skip validation and print a note. - If Docker is running, check if the storage driver is "overlay2". Print a warning if a non-supported driver is detected and continue with the installation. This approach is non-intrusive: - does not modify Docker configuration - does not attempt to start or restart Docker - avoids false failures when Docker is not yet running (e.g. fresh `docker.io` installation as `fioup` dependency). Signed-off-by: Mike Sul <mike.sul@foundries.io>
Add a pre-start check to ensure Docker is using the required "overlay2" storage driver before starting the fioup daemon. * Add dependency on docker.service * Introduce ExecStartPre validation using `docker info` * Prevent fioup from starting if Docker is misconfigured This ensures fioup only runs in a supported environment without modifying Docker configuration or lifecycle. Also add missing trailing newline to service file. Signed-off-by: Mike Sul <mike.sul@foundries.io>
Check if the docker graph driver is "overlay2" before running the commands that communicates with the docker engine. If the check detects the other than "overlay2" then driver the command fails. It helps to prevent `fioup` usage against misconfigured docker engine and avoid possible issues if `fioup` is used against other than "overlay2" storage drivers. Signed-off-by: Mike Sul <mike.sul@foundries.io>
We should probably discuss this a bit more; qcom-deb-images ambitions to track Debian closely, so if wants to use whatever Debian docker defaults are used if possible. Perhaps for QLI we need to diverge in some ways, but I don't think we integrate FIO in meta-qcom either. Then there are the Arduino images, which include the Arduino UX, IDE, demos, device onboarding logic etc.; if we want these to be FIO ready out of the box, it could make sense to make changes there. Perhaps also worth researching how to cope with the new storage driver if that's an option. |
mike-sul
force-pushed
the
feat/check-storage-driver
branch
from
1f5c4af to
9d6139a
Compare
I think this is primarily a product decision. @mike-scott FYI. Making Arduino's Debian “fio-ready out of the box” (for UNO Q) means choosing which storage model we standardize on. Today, that’s a trade-off between the proven overlay2 (stable, and well understood) and the newer containerd-based image store (less battle-tested, with higher storage overhead (2x)). Defaulting to the new storage bakend now may introduce unnecessary cost and risk for IoT/embedded users. At the same time, it’s likely we’ll need to adapt to it eventually (or build our own optimized solution). My suggestion:
This is already in progress. From our side, adapting The bigger concerns are with the storage driver itself:
So technically it’s feasible for us to support it, but the main risks are around efficiency and robustness in embedded scenarios. |
|
Do we consider qcom-deb-images to be tied to what we or Arduino ship for the UNO Q, or could it be possible for production UNO Q images to use overlay2 against the defaults where qcom-deb-images doesn't? |
Yeah exactly, they are not tied, and could differ if that's the vision; it's Arduino's decision to make though |
5 participants
Uh oh!
There was an error while loading. Please reload this page.