gcs: Support routing container stdio to sidecar

[ashishsachdeva]

The PR aims to add support for redirecting container stdout and stderr statements to a another container(logging container) via named pipes.
This is controlled by set of annotations being passed in the spec.
When the annotation is set, the named pipe is created in the UVM. The workload container will start to redirect stdout and stderr statements to this named pipe and logging container will use the pipe file descriptor passed to it to read data coming through pipe.

[kevpar]

Hey Ashish,

I think this is a reasonable way to approach this for a prototype, but does not achieve the level of integration with the existing codebase that we are looking for to merge.

I don't have time to dig into the design here personally right now, but I think the following things would be good to look into:

• We have existing infrastructure for relaying/handling IO from containers. How can we make this new "pipe to sidecar" approach fit in naturally into that? Can we generalize the current code into different implementations of a "IO handler" interface, so the new approach can just be plugged in as a new implementation?
• I think we should consider using simple pipes (such as those returned by pipe syscall or os.Pipe) rather than a FIFO. This would likely mean we need to track the other end of the pipe through some structure, but avoids the need to interact iwht FIFOs and the filesystem.
• We should support two separate pipes going to the sidecar container, for stdout and stderr, so it can differentiate the output streams.
• I don't think using annotations alone to control this behavior is a good fit. Our internal CRI has support for some fields that control logging, and we should look at enhancing those to express using a sidecar container for logs. This will require some thought into how that information is passed down through CRI -> shim -> GCS. Potentially we would still use annotations at some point in here, but it's generally preferable to avoid that, since they are just untyped strings.
• The shim code today likely assumes it has stdio pipes from the GCS. We will need to understand what changes are needed there to make sure it handles this case properly.

[kevpar]

Hi Ashish,

Please review the comments I left on the PR. We will get another reviewer to take a look, and then merge this once everything looks good. I want to note we are merging this to enable initial testing with this feature, and that we will need to revisit the design of the feature in the future.

A few other things to address:

• Please rebase into a single commit, with a good title and descriptive commit message.
• Sign your commit with git commit -s.
• Sign the CLA (see the bot's comment) when you get a chance.

[ashishsachdeva]

@microsoft-github-policy-service agree company="Microsoft"

@microsoft-github-policy-service agree company="Microsoft"

[kevpar]

LGTM

[katiewasnothere]

lgtm