crun delete: call systemd's reset-failed #1295
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
According to the OCI runtime spec [1], runtime's delete is supposed to remove all the container's artefacts. In case systemd cgroup driver is used, and the systemd unit has failed (e.g. oom-killed), systemd won't remove the unit (that is, unless the "CollectMode: inactive-or-failed" property is set). Leaving a leftover failed unit is a violation of runtime spec; in addition, a leftover unit result in inability to start a container with the same systemd unit name (such operation will fail with "unit already exists" error). Call reset-failed from systemd's cgroup manager destroy_cgroup call, so the failed unit will be removed (by systemd) after "crun delete". This change is similar to the one in runc (see [2]). A (slightly modified) test case from runc added by the above change was used to check that the bug is fixed. For bigger picture, see [3] (issue A) and [4]. To test manually, systemd >= 244 is needed. Create a container config that runs "sleep 10" and has the following systemd annotations: org.systemd.property.RuntimeMaxUSec: "uint64 2000000" org.systemd.property.TimeoutStopUSec: "uint64 1000000" Start a container using --systemd-cgroup option. The container will be killed by systemd in 2 seconds, thus its systemd unit status will be "failed". Once it has failed, the "systemctl status $UNIT_NAME" should have exit code of 3 (meaning "unit is not active"). Now, run "crun delete $CTID" and repeat "systemctl status $UNIT_NAME". It should result in exit code of 4 (meaning "no such unit"). [1] https://github.com/opencontainers/runtime-spec/blob/main/runtime.md#delete [2] opencontainers/runc#3888 [3] opencontainers/runc#3780 [4] cri-o/cri-o#7035 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
Oh, and here's how to use runc test to test crun:
$ git clone https://github.com/opencontainers/runc
$ cd runc
[kir@kir-rhat runc]$ git diff
diff --git a/tests/integration/delete.bats b/tests/integration/delete.bats
index adcca2c4..4363b976 100644
--- a/tests/integration/delete.bats
+++ b/tests/integration/delete.bats
@@ -175,8 +175,8 @@ EOF
set_cgroups_path
# shellcheck disable=SC2016
update_config ' .annotations += {
- "org.systemd.property.RuntimeMaxSec": "2",
- "org.systemd.property.TimeoutStopSec": "1"
+ "org.systemd.property.RuntimeMaxUSec": "uint64 2000000",
+ "org.systemd.property.TimeoutStopUSec": "uint64 1000000"
}
| .process.args |= ["/bin/sleep", "10"]'
$ sudo -s
# RUNC=/path/to/crun RUNC_USE_SYSTEMD=yes bats tests/integration/delete.batsYou will see an unrelated failure from a different test (which I'm going to fix). The main thing is, "runc delete removes failed systemd unit" should fail before and pass after the fix. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
According to the OCI runtime spec (https://github.com/opencontainers/runtime-spec/blob/main/runtime.md#delete), runtime's delete is supposed to remove all the container's artefacts.
In case systemd cgroup driver is used, and the systemd unit has failed (e.g. oom-killed), systemd won't remove the unit (that is, unless the "CollectMode: inactive-or-failed" property is set).
Leaving a leftover failed unit is a violation of runtime spec; in addition, a leftover unit result in inability to start a container with the same systemd unit name (such operation will fail with "unit already exists" error).
Call reset-failed from systemd's cgroup manager
destroy_cgroupcall, so the failed unit will be removed (by systemd) after "crun delete".This change is similar to the one in runc (see opencontainers/runc#3888). A (slightly modified) test case from runc added by the above change was used to check that the bug is fixed.
For bigger picture, see:
To test manually, systemd >= 244 is needed. Create a container config that runs
sleep 10and has the following systemd annotations:Start a container using --systemd-cgroup option.
The container will be killed by systemd in 2 seconds, thus its systemd unit status will be "failed". Once it has failed, the
systemctl status $UNIT_NAMEshould have exit code of 3 (meaning "unit is not active").Now, run
crun delete $CTIDand repeatsystemctl status $UNIT_NAME. It should result in exit code of 4 (meaning "no such unit").