Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Containerd 1.0 client #34895

Merged
merged 3 commits into from Oct 23, 2017
Merged

Containerd 1.0 client #34895

merged 3 commits into from Oct 23, 2017

Conversation

mlaventure
Copy link
Contributor

- What I did

Replaced containerd v0.2.x with v1.0

- How I did it

Refactored libcontainerd

- How to verify it

CI must be green

- Description for the changelog

Move to containerd v1.0

- A picture of a cute animal (not mandatory but encouraged)

馃惣

--

What's not finished

  • Checkpoint backward compatibility (there seem to be no test in CI)
  • Some cleanup is needed. I've kept the code that is supposed to make it work on windows via containerd around for now, would probably be better to remove it and redo it later.

Closes #34662

libcontainerd.WithOOMScore(cli.Config.OOMScoreAdjust),
libcontainerd.WithPlugin("linux", &linux.Config{
Shim: fmt.Sprintf("%s", daemon.DefaultShimBinary),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe planned clean-up, but extra Sprintf


// DefaultRuntimeName is the default runtime to be used by
// containerd if none is specified
DefaultRuntimeName = "docker-runc"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How differs from DefaultRuntimeBinary?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the name used for the --runtime option map

@@ -56,6 +51,21 @@ func (daemon *Daemon) FillPlatformInfo(v *types.Info, sysInfo *sysinfo.SysInfo)
v.RuncCommit.ID = "N/A"
}

v.ContainerdCommit.Expected = dockerversion.ContainerdCommitID
if rv, err := exec.Command("docker-containerd", "--version").Output(); err == nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we let docker-containerd --version print JSON?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a request for https://github.com/containerd/containerd ;-)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@@ -1448,7 +1449,7 @@ func (s *DockerDaemonSuite) TestCleanupMountsAfterDaemonAndContainerKill(c *chec
c.Assert(strings.Contains(string(mountOut), id), check.Equals, true, comment)

// kill the container
icmd.RunCommand(ctrBinary, "--address", "unix:///var/run/docker/libcontainerd/docker-containerd.sock", "containers", "kill", id).Assert(c, icmd.Success)
icmd.RunCommand(ctrBinary, "--address", "/var/run/docker/containerd/docker-containerd.sock", "--namespace", "docker", "tasks", "kill", id).Assert(c, icmd.Success)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

namespace: docker -> moby? moby-core?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mlaventure maybe put "docker" in a variable so we can change it easily.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will do, will call the namespace moby too while at it.

defer func() {
if err != nil {
err = errors.Wrap(err, "Failed to connect to containerd. "+
"Please make sure containerd is installed in your PATH or that you have specified the correct address.")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

containerd -> value of binaryName?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If using an already running containerd, that value might be wrong

@@ -58,6 +59,9 @@ func Trap(cleanup func(), logger interface {
logger.Info("Forcing docker daemon shutdown without cleanup; 3 interrupts received")
}
case syscall.SIGQUIT:
logger.Info("Kill USR1 docker-containerd")
exec.Command("pkill", "-USR1", "docker-c").Run()
<-time.After(500 * time.Millisecond)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Leftover debug code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not really, in general we want both together

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like the wrong place to implement this logic. pkg/signal shouldn't really know about the binary names.

I think Trap() needs to be refactored to accept a function to call when it receives SIGQUIT.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, completely forgot it was inside pkg/trap. Will remove it for now.

@mlaventure
Copy link
Contributor Author

unable to remove filesystem for ce4f7a31758fb7bd47c91f6210a2e768c4dfe32876109e4df87d6d7f47622f6d: remove /var/lib/docker/containers/ce4f7a31758fb7bd47c91f6210a2e768c4dfe32876109e4df87d6d7f47622f6d/shm: device or resource busy

Those errors are fixed when upgrading the kernel pass 3.13, could we upgrade CI to something a bit more recent? The lts kernel in trusty is 4.4.0 now (cc @andrewhsu)

Copy link
Member

@cpuguy83 cpuguy83 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm ok that an upgrade breaks people who have live-restore on the previous version, while this has generally worked in the past it really should never be a guarantee.... people consuming moby will need to make sure to handle this properly.

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
@yongtang
Copy link
Member

It seems that there are enough LGTMs. Move it to status/4-merge. Let's see if all Jenkins builds pass.

@cpuguy83
Copy link
Member

ping @crosbymichael

@allencloud
Copy link
Contributor

I think there are several breaking back compatibility.
For example, containerd 2.3.x allows user to choose one runtime when running, such as runc, runv and so on.
But containerd 1.0.0 does not allow this.
Do we need to record this kind of thing is some documentation?

@mlaventure
Copy link
Contributor Author

mlaventure commented Oct 21, 2017

@allencloud changing the runtime binary is still supported by containerd 1.0

You will notice that I did not remove any test, and setting the runtime binary is part of them. I've replicated all of the previous features, there should be no regressions normally. If there is, it means we're lacking tests for it.

@cpuguy83 cpuguy83 merged commit 4025407 into moby:master Oct 23, 2017
@crosbymichael
Copy link
Contributor

LGTM

@thaJeztah
Copy link
Member

Wait; why did Janky show it passed?

16:31:46 Step 1 : FROM golang:1.8.4-alpine3.6 as builder
16:31:46 Error parsing reference: "golang:1.8.4-alpine3.6 as builder" is not a valid repository/tag
16:31:46 Set build name.
16:31:46 New build name is '#34895'
16:31:46 Variable with name 'BUILD_

@tophj-ibm
Copy link
Contributor

@thaJeztah from the jenkins-job config, not sure why this is the case:
docker build --build-arg DOCKER_GITCOMMIT=$GITCOMMIT -t docker-e2e-test:$GITCOMMIT -f Dockerfile.e2e . || true
https://jenkins.dockerproject.org/job/Docker-PRs/configure

@dnephin
Copy link
Member

dnephin commented Oct 24, 2017

The Dockerfile.e2e is an image that is used to test docker-ce/docker-ee in other builds. We'd like to test it here as an artifact of the `moby/moby build.

|| true was added because this image uses multi-stage builds, and not all jenkins node run a Docker version that supports multi-stage builds, which is the error you pasted.

@thaJeztah
Copy link
Member

thaJeztah commented Oct 24, 2017

Oh, possibly because those tests are only used in the internal e2e suite, yes. I got confused, was looking why the vendor check didn't fail on this PR (https://github.com/moby/moby/pull/35283/files#r146650223)

edit: see @dnephin's comment, our comments just crossed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment