Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove docker binary from weaveexec container #3110

Merged
merged 2 commits into from Sep 13, 2017
Merged

Remove docker binary from weaveexec container #3110

merged 2 commits into from Sep 13, 2017

Conversation

dtshepherd
Copy link
Collaborator

Fixes #2957

Creating weaveutil commands to remove docker binary dependency in weaveexec.

This is still a WIP... Need to port the docker run, docker create, docker ps, parts of docker inspect (although probably want high-level weaveutil commands for check_running, etc).

@bboreham

@dtshepherd dtshepherd mentioned this pull request Sep 4, 2017
Closed
@dtshepherd dtshepherd force-pushed the issues/2957-rm-docker-binary-from-weaveexec branch from 4269a75 to 06a264d Compare September 4, 2017 06:31
@bboreham
Copy link
Contributor

bboreham commented Sep 4, 2017

Thanks for this, @dtshepherd. It does seem a little more complicated than we need - e.g. we never call kill with a signal so we don't need a table to decode them. Or the timeout parameter.

@dtshepherd
Copy link
Collaborator Author

Ok I'll remove the extra options. I'm working on some of the docker inspect replacements now, which aren't using docker inspect directly.

Any idea how to get the CircleCI tests to pass? It complains about a missing secret key.

@bboreham
Copy link
Contributor

bboreham commented Sep 4, 2017

The secret key is only accessible to PRs in the repo, to avoid people submitting PRs which steal the key and/or steal the resources it controls.

I can push your branch to the repo and the tests will run.

@dtshepherd dtshepherd force-pushed the issues/2957-rm-docker-binary-from-weaveexec branch 3 times, most recently from 8787f50 to 6bb8afd Compare September 5, 2017 04:40
@dtshepherd
Copy link
Collaborator Author

Finished replacing docker inspect in weave script (check_runnning, check_not_running, ask_version, rewrite_etc_hosts, with_container_fqdn).

Still need to implement commands to create weavedb and weavevolumes containers. Also, need to implement docker ps, which really just loads volume containers to delete, so maybe create a higher level command for that action. Probably should generalize some of the work done for weaveutil ask-version to launch weave container too.

@dtshepherd
Copy link
Collaborator Author

@bboreham Just committed the removal of the remaining docker ... commands except for the single complicated WEAVE_CONTAINER=$(docker run ...). The launch's docker run takes many options (some from user-defined WEAVE_DOCKER_ARGS) and we'll need to at least implement -d, -v, -e, --name, --restart, --privileged, --net=host, --pid=host, --volumes-from.

Thoughts on the implementation? Probably need to implement a near direct pass-through of the docker run with the limited options...

@dtshepherd
Copy link
Collaborator Author

OK, I tried a first cut at the run-container command. I'm not super happy with it because it doesn't use a true argument parser, but the smoke tests seem to work (although, I've noticed some fragility with some of the tests (e.g. 840_weave_kube_3_test.sh) even on master with none of my changes.

@bboreham Can you please kick off a CI build and test?

bboreham
bboreham reviewed Sep 7, 2017
View reviewed changes
Copy link
Contributor

@bboreham bboreham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did an initial pass over the code; most of it looks great but I had some questions and comments.

prog/weaveutil/container.go Outdated
return fmt.Errorf("unable to connect to docker: %s", err)
}

container, err := c.InspectContainer(containerID)

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

prog/weaveutil/container.go
return nil
}

func listContainers(args []string) error {

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

prog/weaveutil/version.go Outdated
docker "github.com/fsouza/go-dockerclient"
)

func askVersion(args []string) error {

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

weave
protect_against_docker_hang
docker create -v /weavedb --name=$DB_CONTAINER_NAME \
--label=weavevolumes $WEAVEDB_IMAGE >/dev/null
if ! util_op container-state $DB_CONTAINER_NAME > /dev/null 2>&1 ; then

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

prog/weaveutil/container.go Outdated
fmt.Print(container.State.StateString())
} else {
image := args[1]
match1, _ := regexp.MatchString(image, container.Image)

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

dtshepherd
dtshepherd commented Sep 8, 2017
View reviewed changes
prog/weaveutil/image.go Outdated
docker "github.com/fsouza/go-dockerclient"
)

func pullImage(args []string) error {

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

@dtshepherd dtshepherd force-pushed the issues/2957-rm-docker-binary-from-weaveexec branch from ad7b122 to 9fcdce5 Compare September 10, 2017 19:01
@dtshepherd
Copy link
Collaborator Author

dtshepherd commented Sep 10, 2017
edited

@bboreham I think this is ready for a 2nd pass review. I just rebased with upstream master as well, since there was some conflicts with weave script.

I need to squash the commits down as well. Do you want a single commit or a few logically separated commits?

bboreham
bboreham suggested changes Sep 12, 2017
View reviewed changes
prog/weaveutil/container.go Outdated
fmt.Print(container.State.StateString())
} else {
image := args[1]
match1, _ := regexp.MatchString(image, container.Image)

This comment was marked as abuse.

Sign in to view

prog/weaveutil/container.go
return nil
}

func listContainers(args []string) error {

This comment was marked as abuse.

Sign in to view

prog/weaveutil/container.go Outdated

func listContainers(args []string) error {
if len(args) < 1 {
cmdUsage("list-containers", "[<label>]")

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

weave
echo "DOCKER_HOST=$ORIG_DOCKER_HOST"
# Handle special case $1 commands that run locally at the client end
case "$1" in
help|--help)

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

weave Outdated
# Note VOLUMES_CONTAINER which is for weavewait should change when you upgrade Weave
VOLUMES_CONTAINER_NAME=weavevolumes-$IMAGE_VERSION
VOLUMES_CONTAINER_NAME=$VOLUMES_LABEL-$IMAGE_VERSION

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

weave
protect_against_docker_hang
docker create -v /weavedb --name=$DB_CONTAINER_NAME \
--label=weavevolumes $WEAVEDB_IMAGE >/dev/null
if ! util_op container-state $DB_CONTAINER_NAME > /dev/null 2>&1 ; then

This comment was marked as abuse.

Sign in to view

weave
docker create -v /weavedb --name=$DB_CONTAINER_NAME \
--label=weavevolumes $WEAVEDB_IMAGE >/dev/null
if ! util_op container-state $DB_CONTAINER_NAME > /dev/null 2>&1 ; then
protect_against_docker_hang

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

@bboreham
Copy link
Contributor

This is great; I can see some potential further refactorings which would bring the code weight down, but happy to merge what you have and leave them for the future.

Regarding squashing commits, one would be fine, but if you see a few logically separate ones then that is fine too.

@dtshepherd dtshepherd force-pushed the issues/2957-rm-docker-binary-from-weaveexec branch from 36c2351 to f63c9fa Compare September 13, 2017 02:13
@dtshepherd
Copy link
Collaborator Author

@bboreham I think I responded to your review comments (some of the comments weren't on lines that needed to change so github didn't dismiss). I squashed to two commits (all of my changes + commit stolen from #2952 for try_bridge_create).

I think some of the code weight could be reduced if we merged some of prog/weaveutil/container.go with common/docker/client.go. Right now, the two are completely independent and I didn't want to change that in this branch. That refactor seemed like an effort that may cover the entire repository, not just weaveutil.

Hopefully this next review pass looks good for merging. I know this is a risky change, so I understand if its delayed for release to master. I'd like to build upon this PR to fix #3102.

@dtshepherd dtshepherd changed the title WIP: Remove docker binary from weaveexec container Remove docker binary from weaveexec container Sep 13, 2017
@bboreham bboreham added this to the 2.1 milestone Sep 13, 2017
bboreham
bboreham approved these changes Sep 13, 2017
View reviewed changes
Copy link
Contributor

@bboreham bboreham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One small change in the Makefile please; then I will merge.

Makefile Outdated
@@ -406,7 +397,6 @@ integration-tests: all testrunner
# PLAYBOOK="<filename>" \
# RUNNER_ARGS="<...>" \
# TESTS="<...>" \ # Can be set to only run one or a few tests instead of the full test suite.
# DOCKER_VERSION=<...> \

This comment was marked as abuse.

Sign in to view

Makefile
@@ -307,10 +302,6 @@ $(NETWORKTESTER_UPTODATE): test/images/network-tester/Dockerfile $(NETWORKTESTER
$(WEAVE_EXPORT): $(IMAGES_UPTODATE) $(WEAVEDB_UPTODATE)
$(SUDO) DOCKER_HOST=$(DOCKER_HOST) docker save $(addsuffix :latest,$(IMAGES)) | gzip > $@

$(DOCKER_DISTRIB):
curl -o $(DOCKER_DISTRIB) $(DOCKER_DISTRIB_URL)
cd $(shell dirname $@) && sha256sum -c $(shell pwd)/build/shasums/docker-tgz-$(WEAVEEXEC_DOCKER_ARCH).sha256sum

This comment was marked as abuse.

Sign in to view

This comment was marked as abuse.

Sign in to view

weave
docker create -v /weavedb --name=$DB_CONTAINER_NAME \
--label=weavevolumes $WEAVEDB_IMAGE >/dev/null
if ! util_op container-state $DB_CONTAINER_NAME > /dev/null 2>&1 ; then
protect_against_docker_hang

This comment was marked as abuse.

Sign in to view

@dtshepherd
Remove docker binary from weaveexec container
8bf08c3 
Fixes weaveworks#2957

- replace `docker stop` with `weaveuitl stop-container`
- replace `docker kill` with `weaveutil kill-container`
- replace `docker rm` with `weaveutil remove-container`
- replace `docker run` with minimal `weaveutil container-run`
- replace `docker inspect -f {{.ID}}` with `weaveutil container-id`
- replace data-only container `docker create` with `weaveutil create-volume-container`
- remove `docker inspect` dependencies from `weave` script
  `rewrite_etc_hosts` and `with_container_fqdn`
- rework `weave` script `check_running` and `check_not_running` to use `weaveutil`
- rework `weave version` to use `weaver` /report API or `weaver --version` if not running
- rework `weave setup`'s `docker pull` to run locally rather than in `weaveexec` container
@dtshepherd
Simplify mac generation on attach|expose|hide
38ca0f9 
`weaveexec` no longer mounting '/' so we can't access the weavedb file
to get persistent peer ID.  If `weaver` was running, we couldn't have
read the file anyway because BoltDB does not support concurrent access
from two processes.

Consequence is that if someone really does need the bridge creation on
'weave expose' the peer ID may change if created pre-1.9.0.  We'll just
live with that (per @bboreham).
@dtshepherd dtshepherd force-pushed the issues/2957-rm-docker-binary-from-weaveexec branch from f63c9fa to 38ca0f9 Compare September 13, 2017 12:04
@dtshepherd
Copy link
Collaborator Author

Fixed the Makefile and removed those shasum files, good catch. We'll see what the CI looks like after these changes...

@bboreham bboreham merged commit 3c9c968 into weaveworks:master Sep 13, 2017
@bboreham bboreham mentioned this pull request Sep 13, 2017
Closed
@bboreham
Copy link
Contributor

Nice! Image size comes down by ~34MB

@dtshepherd
Copy link
Collaborator Author

I didn't even check that! Yeah that's a good win.

@bboreham bboreham mentioned this pull request Sep 26, 2017
Closed
@bboreham bboreham mentioned this pull request Oct 5, 2017
Open
@berlic berlic mentioned this pull request Nov 22, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bboreham bboreham bboreham approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dtshepherd @bboreham