From 54adfd5be523b71653079b19d9a062bb7249ef54 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Fri, 8 Nov 2024 16:07:25 +0000 Subject: [PATCH 1/9] breakpad dockerfile --- ydb/deploy/docker/breakpad_init/Dockerfile | 25 +++++++++++++ .../docker/breakpad_init/breakpad_init.cc | 23 ++++++++++++ ydb/deploy/docker/breakpad_init/pkg.json | 37 +++++++++++++++++++ 3 files changed, 85 insertions(+) create mode 100644 ydb/deploy/docker/breakpad_init/Dockerfile create mode 100644 ydb/deploy/docker/breakpad_init/breakpad_init.cc create mode 100644 ydb/deploy/docker/breakpad_init/pkg.json diff --git a/ydb/deploy/docker/breakpad_init/Dockerfile b/ydb/deploy/docker/breakpad_init/Dockerfile new file mode 100644 index 000000000000..b2f11b66fb11 --- /dev/null +++ b/ydb/deploy/docker/breakpad_init/Dockerfile @@ -0,0 +1,25 @@ +# syntax=docker/dockerfile:1 +FROM cr.yandex/mirror/ubuntu:focal AS breakpad-base +RUN \ + apt-get -yqq update && \ + apt-get -yqq install git build-essential libz-dev python3 curl && \ + apt-get -yqq clean all && \ + rm -rf /var/lib/apt/lists/* +RUN git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git +ENV PATH="/depot_tools:${PATH}" + +ARG BREAKPAD_GIT_TAG="v2022.07.12" +FROM breakpad-base AS breakpad-build +COPY --link breakpad_init.cc /breakpad/breakpad_init.cc +RUN \ + cd breakpad && \ + fetch breakpad && \ + cd src && \ + git checkout -- . && git checkout tags/${BREAKPAD_GIT_TAG} && \ + ./configure && make && \ + g++ -std=c++11 -shared -Wall -o ../libbreakpad_init.so -fPIC ../breakpad_init.cc -Isrc/ -Lsrc/client/linux/ -lbreakpad_client -lpthread + +FROM scratch AS breakpad-release + +COPY --link --from=breakpad-build /breakpad/libbreakpad_init.so /usr/lib/libbreakpad_init.so +COPY --link --from=breakpad-build /breakpad/src/src/tools/linux/md2core/minidump-2-core /usr/bin/minidump-2-core \ No newline at end of file diff --git a/ydb/deploy/docker/breakpad_init/breakpad_init.cc b/ydb/deploy/docker/breakpad_init/breakpad_init.cc new file mode 100644 index 000000000000..101cd70600d2 --- /dev/null +++ b/ydb/deploy/docker/breakpad_init/breakpad_init.cc @@ -0,0 +1,23 @@ +// breakpad_init.cc: A shared library to initialize breakpad signal handler via LD_PRELOAD. + +#include "client/linux/handler/exception_handler.h" + +using google_breakpad::MinidumpDescriptor; +using google_breakpad::ExceptionHandler; + +// create signal handlers on shared library init +__attribute__((constructor)) +static void breakpad_init() { + + const char * path = ::getenv("BREAKPAD_MINIDUMPS_PATH"); + + static MinidumpDescriptor descriptor((path) ? path : "/tmp"); + static ExceptionHandler handler( + descriptor, // minidump descriptor + NULL, // callback filter + NULL, // callback function + NULL, // callback context + true, // do install handler + -1 // server descriptor + ); +} \ No newline at end of file diff --git a/ydb/deploy/docker/breakpad_init/pkg.json b/ydb/deploy/docker/breakpad_init/pkg.json new file mode 100644 index 000000000000..858639f41621 --- /dev/null +++ b/ydb/deploy/docker/breakpad_init/pkg.json @@ -0,0 +1,37 @@ +{ + "meta": { + "name": "breakpad_init", + "maintainer": "ydb ", + "description": "Package with breakpad init", + "version": "v2022.07.12.{revision}" + }, + "build": {}, + "params": { + "docker_build_network": "host", + "docker_registry": "cr.yandex", + "docker_repository": "crp2lrlsrs36odlvd8dv", + "docker_build_arg": { + "BREAKPAD_GIT_TAG": "v2022.07.12" + } + }, + "data": [ + { + "source": { + "type": "RELATIVE", + "path": "Dockerfile" + }, + "destination": { + "path": "/Dockerfile" + } + }, + { + "source": { + "type": "RELATIVE", + "path": "breakpad_init.cc" + }, + "destination": { + "path": "/breakpad_init.cc" + } + } + ] + } From 8be35f1be3e45b97d217d4220cd1a0456fe953b1 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Fri, 8 Nov 2024 16:07:39 +0000 Subject: [PATCH 2/9] release dockerfile --- ydb/deploy/docker/Dockerfile | 88 ++++++++++++++++++++++ ydb/deploy/docker/pkg.json | 142 +++++++++++++++++++++++++++++++++++ 2 files changed, 230 insertions(+) create mode 100644 ydb/deploy/docker/Dockerfile create mode 100644 ydb/deploy/docker/pkg.json diff --git a/ydb/deploy/docker/Dockerfile b/ydb/deploy/docker/Dockerfile new file mode 100644 index 000000000000..fa21aec501e6 --- /dev/null +++ b/ydb/deploy/docker/Dockerfile @@ -0,0 +1,88 @@ +# syntax=docker/dockerfile:1.4 +ARG BREAKPAD_IMAGE_TAG=v2022.07.12 +### +# Base image with required deb packages +### +FROM cr.yandex/mirror/ubuntu:focal AS base +RUN \ + apt-get -yqq update && \ + apt-get -yqq install libcap2-bin ca-certificates && \ + apt-get -yqq clean all && \ + rm -rf /var/lib/apt/lists/* && \ + groupadd -r ydb && \ + useradd --no-log-init -r -m -g ydb -G disk ydb + +FROM base AS base-debug +RUN \ + apt-get -yqq update && \ + apt-get -yqq install dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ + apt-get -yqq clean all && \ + rm -rf /var/lib/apt/lists/* + +FROM scratch AS license +# release information +COPY --chmod=0644 /AUTHORS /AUTHORS +COPY --chmod=0644 /LICENSE /LICENSE +COPY --chmod=0644 /README.md /README.md + +FROM scratch AS libs +# dynamic libraries +COPY --chmod=0644 /libiconv.so /lib/libiconv.so +COPY --chmod=0644 /liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --chmod=0644 /liblibaio-dynamic.so /lib/liblibaio-dynamic.so + +### +# Image with setcap'ed ydb binary +### +FROM base AS ydbd-setcap +COPY --chmod=0755 --chown=ydb /ydbd /ydbd +# workaround for decrease image size +RUN /sbin/setcap CAP_SYS_RAWIO=ep /ydbd + +### +# Release image +### +FROM base AS release +# release information +COPY --link --from=license /AUTHORS /AUTHORS +COPY --link --from=license /LICENSE /LICENSE +COPY --link --from=license /README.md /README.md +# dynamic libraries +COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so +COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so +# ydb binaries +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd + +WORKDIR /opt/ydb/bin +USER ydb + +### +# Breakpad image +### +FROM cr.yandex/crp2lrlsrs36odlvd8dv/breakpad_init:$BREAKPAD_IMAGE_TAG AS breakpad + +### +# Debug image with additional packages +### +FROM base-debug AS debug +# release information +COPY --link --from=license /AUTHORS /AUTHORS +COPY --link --from=license /LICENSE /LICENSE +COPY --link --from=license /README.md /README.md +# dynamic libraries +COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so +COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so +# ydb binaries +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd + +ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps/ +ENV BREAKPAD_MINIDUMPS_SCRIPT=/opt/ydb/bin/minidump_script.py +ENV LD_PRELOAD=libbreakpad_init.so +COPY --chmod=4644 --link --from=breakpad /usr/lib/libbreakpad_init.so /usr/lib/libbreakpad_init.so +COPY --chmod=0755 --link --from=breakpad /usr/bin/minidump-2-core /usr/bin/minidump-2-core +COPY --chmod=0755 --chown=ydb /minidump_script.py /opt/ydb/bin/minidump_script.py +COPY --chmod=0644 --chown=ydb /ydbd.debug /opt/ydb/bin/ydbd.debug diff --git a/ydb/deploy/docker/pkg.json b/ydb/deploy/docker/pkg.json new file mode 100644 index 000000000000..f0cd4c8ae378 --- /dev/null +++ b/ydb/deploy/docker/pkg.json @@ -0,0 +1,142 @@ +{ + "meta": { + "name": "ydb", + "maintainer": "ydb ", + "description": "Package with opensource YDB for Kubernetes with debug", + "version": "{branch}.{revision}" + }, + "params": { + "docker_build_network": "host", + "docker_registry": "cr.yandex", + "docker_repository": "crp2lrlsrs36odlvd8dv", + "docker_target": "release" + }, + "build": { + "targets": [ + "ydb/apps/ydbd", + "ydb/apps/ydb", + "contrib/libs/libiconv/dynamic", + "contrib/libs/libidn/dynamic", + "contrib/libs/libaio/dynamic" + ], + "flags": [ + { + "name": "OPENSOURCE", + "value": "yes" + }, + { + "name": "HARDENING", + "value": "yes" + }, + { + "name": "SPLIT_DWARF_VALUE", + "value": "yes" + } + ], + "target-platforms": [ + "default-linux-x86_64" + ] + }, + "data": [ + { + "source": { + "type": "ARCADIA", + "path": "ydb/deploy/docker/Dockerfile" + }, + "destination": { + "path": "/Dockerfile" + } + }, + { + "source": { + "type": "ARCADIA", + "path": "AUTHORS" + }, + "destination": { + "path": "/AUTHORS" + } + }, + { + "source": { + "type": "ARCADIA", + "path": "LICENSE" + }, + "destination": { + "path": "/LICENSE" + } + }, + { + "source": { + "type": "ARCADIA", + "path": "README.md" + }, + "destination": { + "path": "/README.md" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libiconv/dynamic/libiconv.so" + }, + "destination": { + "path": "/libiconv.so" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libidn/dynamic/liblibidn-dynamic.so" + }, + "destination": { + "path": "/liblibidn-dynamic.so" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libaio/dynamic/liblibaio-dynamic.so" + }, + "destination": { + "path": "/liblibaio-dynamic.so" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "ydb/apps/ydbd/ydbd" + }, + "destination": { + "path": "/ydbd", + "attributes": { + "mode": { + "value": "a+x" + } + } + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "ydb/apps/ydbd/ydbd.debug" + }, + "destination": { + "path": "/ydbd.debug" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "ydb/apps/ydb/ydb" + }, + "destination": { + "path": "/ydb", + "attributes": { + "mode": { + "value": "a+x" + } + } + } + } + ] +} From 3be911424feb4807b5b4bb0602da42f91f19f036 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Fri, 8 Nov 2024 16:08:02 +0000 Subject: [PATCH 3/9] debug dockerfile --- ydb/deploy/docker/debug/minidump_script.py | 44 ++++++++++++++++++++++ ydb/deploy/docker/debug/pkg.json | 28 ++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 ydb/deploy/docker/debug/minidump_script.py create mode 100644 ydb/deploy/docker/debug/pkg.json diff --git a/ydb/deploy/docker/debug/minidump_script.py b/ydb/deploy/docker/debug/minidump_script.py new file mode 100644 index 000000000000..60b892d54ee8 --- /dev/null +++ b/ydb/deploy/docker/debug/minidump_script.py @@ -0,0 +1,44 @@ +#!/usr/bin/python3.8 + +import json +import subprocess +import argparse +import os + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + description="Minidump files processing" + ) + parser.add_argument("succeeded", action="store") + parser.add_argument("dmp_file", action="store") + args = parser.parse_args() + dmp_file = args.dmp_file + core_file = args.dmp_file[:-3] + "core" + json_file = args.dmp_file[:-3] + "json" + succeeded = args.succeeded + + if succeeded == "true": + elf_cmd = ["readelf", "-n", "/opt/ydb/bin/ydbd"] + svnrev_cmd = ["/opt/ydb/bin/ydbd", "--svnrevision"] + mndmp_cmd = ["/usr/bin/minidump-2-core", "-v", dmp_file, "-o", core_file] + gdb_cmd = [ + "/usr/bin/gdb", + "/opt/ydb/bin/ydbd", + core_file, + "-symbols=/opt/ydb/bin/ydbd.debug", + "-iex=set auto-load safe-path /", + "-ex=thread apply all bt", + "--batch", + "-q" + ] + + elf_resp = subprocess.check_output(elf_cmd).decode("utf-8") + svnrev_resp = subprocess.check_output(svnrev_cmd).decode("utf-8") + subprocess.run(mndmp_cmd) + gdb_resp = subprocess.check_output(gdb_cmd).decode("utf-8") + os.remove(dmp_file) + os.remove(core_file) + + ret = json.dumps({"binary": "/opt/ydb/bin/ydbd", "readelf": elf_resp, "svnrevision": svnrev_resp, "stacktrace": gdb_resp}) + with open(json_file,"w") as out: + out.write(ret) diff --git a/ydb/deploy/docker/debug/pkg.json b/ydb/deploy/docker/debug/pkg.json new file mode 100644 index 000000000000..0a7900d2e09e --- /dev/null +++ b/ydb/deploy/docker/debug/pkg.json @@ -0,0 +1,28 @@ +{ + "meta": { + "name": "ydb", + "maintainer": "ydb ", + "description": "Package with opensource YDB for Kubernetes with debug", + "version": "dbg-{branch}.{revision}" + }, + "params": { + "docker_build_network": "host", + "docker_registry": "cr.yandex", + "docker_repository": "crp2lrlsrs36odlvd8dv", + "docker_target": "debug" + }, + "include": [ + "ydb/deploy/docker/pkg.json" + ], + "data": [ + { + "source": { + "type": "RELATIVE", + "path": "minidump_script.py" + }, + "destination": { + "path": "/minidump_script.py" + } + } + ] +} From dc9c2e1c37fa7509fa215ed077305d65e280270c Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Fri, 8 Nov 2024 16:08:44 +0000 Subject: [PATCH 4/9] ydbd_slice uses new dockerfile --- ydb/tools/ydbd_slice/image/Dockerfile | 28 ------- ydb/tools/ydbd_slice/image/pkg.json | 112 -------------------------- ydb/tools/ydbd_slice/kube/docker.py | 2 +- 3 files changed, 1 insertion(+), 141 deletions(-) delete mode 100644 ydb/tools/ydbd_slice/image/Dockerfile delete mode 100644 ydb/tools/ydbd_slice/image/pkg.json diff --git a/ydb/tools/ydbd_slice/image/Dockerfile b/ydb/tools/ydbd_slice/image/Dockerfile deleted file mode 100644 index eb35b2e57a95..000000000000 --- a/ydb/tools/ydbd_slice/image/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -# syntax=docker/dockerfile:1 -FROM cr.yandex/mirror/ubuntu:focal as base - -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - apt-get -yqq update && \ - apt-get -yqq install libcap2-bin dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ - apt-get -yqq clean all && \ - rm -rf /var/lib/apt/lists/* && \ - groupadd -r ydb && \ - useradd --no-log-init -r -m -g ydb -G disk ydb - -FROM base as ydbd-setcap - -COPY --link ydbd /ydbd -RUN /sbin/setcap CAP_SYS_RAWIO=ep /ydbd - -FROM base - -ARG ARC_COMMIT_ID -LABEL arc_commit_id=$ARC_COMMIT_ID - -WORKDIR /opt/ydb/bin -COPY --chmod=0755 --chown=ydb:ydb --link ydb /opt/ydb/bin/ydb -COPY --chmod=0644 --link libiconv.so /lib/libiconv.so -COPY --chmod=0644 --link liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --chmod=0644 --link liblibaio-dynamic.so /lib/liblibaio-dynamic.so -COPY --chmod=0755 --chown=ydb:ydb --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd -USER ydb diff --git a/ydb/tools/ydbd_slice/image/pkg.json b/ydb/tools/ydbd_slice/image/pkg.json deleted file mode 100644 index e2fa60dc1534..000000000000 --- a/ydb/tools/ydbd_slice/image/pkg.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "meta": { - "name": "ydb", - "maintainer": "ydb ", - "description": "Package with opensource YDB for Kubernetes", - "version": "{sandbox_task_id}.{branch}" - }, - "build": { - "flags": [ - { - "name": "OPENSOURCE", - "value": "yes" - }, - { - "name": "HARDENING", - "value": "yes" - } - ], - "targets": [ - "ydb/apps/ydbd", - "ydb/apps/ydb", - "contrib/libs/libiconv/dynamic", - "contrib/libs/libidn/dynamic", - "contrib/libs/libaio/dynamic" - ], - - "target-platforms": [ - "default-linux-x86_64" - ] - }, - "data": [ - { - "source": { - "type": "RELATIVE", - "path": "Dockerfile" - }, - "destination": { - "path": "/Dockerfile" - } - }, - { - "source": { - "type": "BUILD_OUTPUT", - "path": "contrib/libs/libiconv/dynamic/libiconv.so" - }, - "destination": { - "path": "/libiconv.so", - "attributes": { - "mode": { - "value": "+x" - } - } - } - }, - { - "source": { - "type": "BUILD_OUTPUT", - "path": "contrib/libs/libidn/dynamic/liblibidn-dynamic.so" - }, - "destination": { - "path": "/liblibidn-dynamic.so", - "attributes": { - "mode": { - "value": "+x" - } - } - } - }, - { - "source": { - "type": "BUILD_OUTPUT", - "path": "contrib/libs/libaio/dynamic/liblibaio-dynamic.so" - }, - "destination": { - "path": "/liblibaio-dynamic.so", - "attributes": { - "mode": { - "value": "+x" - } - } - } - }, - { - "source": { - "type": "BUILD_OUTPUT", - "path": "ydb/apps/ydbd/ydbd" - }, - "destination": { - "path": "/ydbd", - "attributes": { - "mode": { - "value": "+x" - } - } - } - }, - { - "source": { - "type": "BUILD_OUTPUT", - "path": "ydb/apps/ydb/ydb" - }, - "destination": { - "path": "/ydb", - "attributes": { - "mode": { - "value": "+x" - } - } - } - } - ] -} diff --git a/ydb/tools/ydbd_slice/kube/docker.py b/ydb/tools/ydbd_slice/kube/docker.py index 5ed15f2f6d85..1c3530a2d237 100644 --- a/ydb/tools/ydbd_slice/kube/docker.py +++ b/ydb/tools/ydbd_slice/kube/docker.py @@ -8,7 +8,7 @@ logger = logging.getLogger(__name__) -DOCKER_IMAGE_YDBD_PACKAGE_SPEC = 'ydb/tools/ydbd_slice/image/pkg.json' +DOCKER_IMAGE_YDBD_PACKAGE_SPEC = 'ydb/deploy/docker/debug/pkg.json' DOCKER_IMAGE_REGISTRY = 'cr.yandex' DOCKER_IMAGE_REPOSITORY = 'crpbo4q9lbgkn85vr1rm' DOCKER_IMAGE_NAME = 'ydb' From 811632369a9499c89ab6ae58d42be0c1ac049607 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Fri, 8 Nov 2024 16:09:14 +0000 Subject: [PATCH 5/9] add coredumps volume for ydbd_slice kube templates --- .../ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml | 6 +++++- ydb/tools/ydbd_slice/kube/templates/common/database.yaml | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml index 6fba4fd4bbd1..dd6477458bee 100644 --- a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml @@ -100,4 +100,8 @@ spec: grpc_config: port: 2135 - + volumes: + name: coredumps + hostPath: + path": /coredumps + type": Directory diff --git a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml index 1cd15bbbfacb..c139c4b5cffd 100644 --- a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml @@ -18,4 +18,8 @@ spec: unitKind: ssd # please double check this field with disk kind on your selected nodes storageClusterRef: name: {{ storage_name }} - + volumes: + name: coredumps + hostPath: + path": /coredumps + type": Directory From 7e5b6ca8c2717279e86eafc56663b479be0e62ec Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Mon, 11 Nov 2024 11:36:42 +0000 Subject: [PATCH 6/9] fixes --- ydb/deploy/docker/Dockerfile | 32 +++++++++++------ ydb/deploy/docker/breakpad_init/Dockerfile | 5 +-- .../docker/breakpad_init/breakpad_init.cc | 34 +++++++++++++++---- ydb/deploy/docker/debug/minidump_script.py | 1 - ydb/deploy/docker/pkg.json | 5 +++ .../templates/8-node-block-4-2/storage.yaml | 6 ++-- .../kube/templates/common/database.yaml | 6 ++-- 7 files changed, 62 insertions(+), 27 deletions(-) diff --git a/ydb/deploy/docker/Dockerfile b/ydb/deploy/docker/Dockerfile index fa21aec501e6..a8a5a49957ec 100644 --- a/ydb/deploy/docker/Dockerfile +++ b/ydb/deploy/docker/Dockerfile @@ -15,7 +15,7 @@ RUN \ FROM base AS base-debug RUN \ apt-get -yqq update && \ - apt-get -yqq install dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ + apt-get -yqq install binutils dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ apt-get -yqq clean all && \ rm -rf /var/lib/apt/lists/* @@ -31,13 +31,17 @@ COPY --chmod=0644 /libiconv.so /lib/libiconv.so COPY --chmod=0644 /liblibidn-dynamic.so /lib/liblibidn-dynamic.so COPY --chmod=0644 /liblibaio-dynamic.so /lib/liblibaio-dynamic.so +FROM base AS ydb-binary +# dynamic libraries +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb + ### # Image with setcap'ed ydb binary ### FROM base AS ydbd-setcap -COPY --chmod=0755 --chown=ydb /ydbd /ydbd +COPY --chmod=0755 --chown=ydb /ydbd /opt/ydb/bin/ydbd # workaround for decrease image size -RUN /sbin/setcap CAP_SYS_RAWIO=ep /ydbd +RUN /sbin/setcap CAP_SYS_RAWIO=ep /opt/ydb/bin/ydbd ### # Release image @@ -52,8 +56,8 @@ COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so # ydb binaries -COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb -COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd +COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd WORKDIR /opt/ydb/bin USER ydb @@ -75,14 +79,20 @@ COPY --link --from=license /README.md /README.md COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so -# ydb binaries -COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb -COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd - -ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps/ -ENV BREAKPAD_MINIDUMPS_SCRIPT=/opt/ydb/bin/minidump_script.py +# breakpad section ENV LD_PRELOAD=libbreakpad_init.so +ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps +ENV BREAKPAD_MINIDUMPS_SCRIPT=/opt/ydb/bin/minidump_script.py COPY --chmod=4644 --link --from=breakpad /usr/lib/libbreakpad_init.so /usr/lib/libbreakpad_init.so +COPY --chmod=0755 --link --from=breakpad /usr/bin/minidump_stackwalk /usr/bin/minidump_stackwalk COPY --chmod=0755 --link --from=breakpad /usr/bin/minidump-2-core /usr/bin/minidump-2-core +# minidump script COPY --chmod=0755 --chown=ydb /minidump_script.py /opt/ydb/bin/minidump_script.py +# ydb binaries +COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd +# ydbd debug symbols COPY --chmod=0644 --chown=ydb /ydbd.debug /opt/ydb/bin/ydbd.debug + +WORKDIR /opt/ydb/bin +USER ydb diff --git a/ydb/deploy/docker/breakpad_init/Dockerfile b/ydb/deploy/docker/breakpad_init/Dockerfile index b2f11b66fb11..8641e983526d 100644 --- a/ydb/deploy/docker/breakpad_init/Dockerfile +++ b/ydb/deploy/docker/breakpad_init/Dockerfile @@ -1,4 +1,4 @@ -# syntax=docker/dockerfile:1 +# syntax=docker/dockerfile:1.4 FROM cr.yandex/mirror/ubuntu:focal AS breakpad-base RUN \ apt-get -yqq update && \ @@ -22,4 +22,5 @@ RUN \ FROM scratch AS breakpad-release COPY --link --from=breakpad-build /breakpad/libbreakpad_init.so /usr/lib/libbreakpad_init.so -COPY --link --from=breakpad-build /breakpad/src/src/tools/linux/md2core/minidump-2-core /usr/bin/minidump-2-core \ No newline at end of file +COPY --link --from=breakpad-build /breakpad/src/src/tools/linux/md2core/minidump-2-core /usr/bin/minidump-2-core +COPY --link --from=breakpad-build /breakpad/src/src/processor/minidump_stackwalk /usr/bin/minidump_stackwalk diff --git a/ydb/deploy/docker/breakpad_init/breakpad_init.cc b/ydb/deploy/docker/breakpad_init/breakpad_init.cc index 101cd70600d2..b4a9f940caf7 100644 --- a/ydb/deploy/docker/breakpad_init/breakpad_init.cc +++ b/ydb/deploy/docker/breakpad_init/breakpad_init.cc @@ -1,10 +1,30 @@ // breakpad_init.cc: A shared library to initialize breakpad signal handler via LD_PRELOAD. +#include +#include +#include #include "client/linux/handler/exception_handler.h" using google_breakpad::MinidumpDescriptor; using google_breakpad::ExceptionHandler; +// callback function, called after minidump was created +static bool dumpCallback(const MinidumpDescriptor& descriptor, void* context, bool succeeded) { + char *script = getenv("BREAKPAD_MINIDUMPS_SCRIPT"); + if (script != NULL) { + pid_t pid=fork(); + if (pid == 0) { + char* dumpSucceded = succeeded ? (char *)"true" : (char *)"false"; + char* descriptorPath = succeeded ? (char *)descriptor.path() : (char *)"\0"; + char* cmd[] = {script, dumpSucceded, descriptorPath, NULL}; + execve(cmd[0], &cmd[0], NULL); + } else { + waitpid(pid, 0, 0); + } + } + return succeeded; +} + // create signal handlers on shared library init __attribute__((constructor)) static void breakpad_init() { @@ -13,11 +33,11 @@ static void breakpad_init() { static MinidumpDescriptor descriptor((path) ? path : "/tmp"); static ExceptionHandler handler( - descriptor, // minidump descriptor - NULL, // callback filter - NULL, // callback function - NULL, // callback context - true, // do install handler - -1 // server descriptor + descriptor, // minidump descriptor + NULL, // callback filter + dumpCallback, // callback function + NULL, // callback context + true, // do install handler + -1 // server descriptor ); -} \ No newline at end of file +} diff --git a/ydb/deploy/docker/debug/minidump_script.py b/ydb/deploy/docker/debug/minidump_script.py index 60b892d54ee8..94f6635a5316 100644 --- a/ydb/deploy/docker/debug/minidump_script.py +++ b/ydb/deploy/docker/debug/minidump_script.py @@ -25,7 +25,6 @@ "/usr/bin/gdb", "/opt/ydb/bin/ydbd", core_file, - "-symbols=/opt/ydb/bin/ydbd.debug", "-iex=set auto-load safe-path /", "-ex=thread apply all bt", "--batch", diff --git a/ydb/deploy/docker/pkg.json b/ydb/deploy/docker/pkg.json index f0cd4c8ae378..f37cf0cdcb99 100644 --- a/ydb/deploy/docker/pkg.json +++ b/ydb/deploy/docker/pkg.json @@ -12,6 +12,7 @@ "docker_target": "release" }, "build": { + "build_type": "release", "targets": [ "ydb/apps/ydbd", "ydb/apps/ydb", @@ -28,6 +29,10 @@ "name": "HARDENING", "value": "yes" }, + { + "name": "CFLAGS", + "value": "-fno-omit-frame-pointer" + }, { "name": "SPLIT_DWARF_VALUE", "value": "yes" diff --git a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml index dd6477458bee..fd29fa065bc4 100644 --- a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml @@ -101,7 +101,7 @@ spec: grpc_config: port: 2135 volumes: - name: coredumps + - name: coredumps hostPath: - path": /coredumps - type": Directory + path: /coredumps + type: Directory diff --git a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml index c139c4b5cffd..e618561b1998 100644 --- a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml @@ -19,7 +19,7 @@ spec: storageClusterRef: name: {{ storage_name }} volumes: - name: coredumps + - name: coredumps hostPath: - path": /coredumps - type": Directory + path: /coredumps + type: Directory From 28f3166c1cacf486be2a861c082e4563d82208a9 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Mon, 11 Nov 2024 11:36:42 +0000 Subject: [PATCH 7/9] fixes --- .../{docker => }/breakpad_init/Dockerfile | 19 ++-- ydb/deploy/breakpad_init/breakpad_init.cc | 43 +++++++ .../{docker => }/breakpad_init/pkg.json | 3 +- ydb/deploy/docker/Dockerfile | 107 ++++++++++++------ ydb/deploy/docker/README.md | 56 +++++++++ .../{debug => breakpad}/minidump_script.py | 1 - ydb/deploy/docker/breakpad/pkg.json | 28 +++++ .../docker/breakpad_init/breakpad_init.cc | 23 ---- ydb/deploy/docker/debug/pkg.json | 16 +-- ydb/deploy/docker/pkg.json | 5 + .../templates/8-node-block-4-2/storage.yaml | 6 +- .../kube/templates/common/database.yaml | 6 +- 12 files changed, 223 insertions(+), 90 deletions(-) rename ydb/deploy/{docker => }/breakpad_init/Dockerfile (58%) create mode 100644 ydb/deploy/breakpad_init/breakpad_init.cc rename ydb/deploy/{docker => }/breakpad_init/pkg.json (89%) create mode 100644 ydb/deploy/docker/README.md rename ydb/deploy/docker/{debug => breakpad}/minidump_script.py (96%) create mode 100644 ydb/deploy/docker/breakpad/pkg.json delete mode 100644 ydb/deploy/docker/breakpad_init/breakpad_init.cc diff --git a/ydb/deploy/docker/breakpad_init/Dockerfile b/ydb/deploy/breakpad_init/Dockerfile similarity index 58% rename from ydb/deploy/docker/breakpad_init/Dockerfile rename to ydb/deploy/breakpad_init/Dockerfile index b2f11b66fb11..b0e636a885ec 100644 --- a/ydb/deploy/docker/breakpad_init/Dockerfile +++ b/ydb/deploy/breakpad_init/Dockerfile @@ -1,16 +1,17 @@ -# syntax=docker/dockerfile:1 -FROM cr.yandex/mirror/ubuntu:focal AS breakpad-base +# syntax=docker/dockerfile:1.4 +ARG BASE_IMAGE="cr.yandex/mirror/ubuntu" +ARG BASE_IMAGE_TAG="focal" +ARG BREAKPAD_GIT_TAG="v2022.07.12" +FROM ${BASE_IMAGE}:${BASE_IMAGE_TAG} AS breakpad-base RUN \ apt-get -yqq update && \ - apt-get -yqq install git build-essential libz-dev python3 curl && \ - apt-get -yqq clean all && \ - rm -rf /var/lib/apt/lists/* + apt-get -yqq install --no-install-recommends git build-essential libz-dev python3 curl && \ + apt-get clean all && rm -rf /var/lib/apt/lists/* RUN git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git ENV PATH="/depot_tools:${PATH}" -ARG BREAKPAD_GIT_TAG="v2022.07.12" FROM breakpad-base AS breakpad-build -COPY --link breakpad_init.cc /breakpad/breakpad_init.cc +COPY /breakpad_init.cc /breakpad/breakpad_init.cc RUN \ cd breakpad && \ fetch breakpad && \ @@ -20,6 +21,6 @@ RUN \ g++ -std=c++11 -shared -Wall -o ../libbreakpad_init.so -fPIC ../breakpad_init.cc -Isrc/ -Lsrc/client/linux/ -lbreakpad_client -lpthread FROM scratch AS breakpad-release - COPY --link --from=breakpad-build /breakpad/libbreakpad_init.so /usr/lib/libbreakpad_init.so -COPY --link --from=breakpad-build /breakpad/src/src/tools/linux/md2core/minidump-2-core /usr/bin/minidump-2-core \ No newline at end of file +COPY --link --from=breakpad-build /breakpad/src/src/tools/linux/md2core/minidump-2-core /usr/bin/minidump-2-core +COPY --link --from=breakpad-build /breakpad/src/src/processor/minidump_stackwalk /usr/bin/minidump_stackwalk diff --git a/ydb/deploy/breakpad_init/breakpad_init.cc b/ydb/deploy/breakpad_init/breakpad_init.cc new file mode 100644 index 000000000000..b4a9f940caf7 --- /dev/null +++ b/ydb/deploy/breakpad_init/breakpad_init.cc @@ -0,0 +1,43 @@ +// breakpad_init.cc: A shared library to initialize breakpad signal handler via LD_PRELOAD. + +#include +#include +#include +#include "client/linux/handler/exception_handler.h" + +using google_breakpad::MinidumpDescriptor; +using google_breakpad::ExceptionHandler; + +// callback function, called after minidump was created +static bool dumpCallback(const MinidumpDescriptor& descriptor, void* context, bool succeeded) { + char *script = getenv("BREAKPAD_MINIDUMPS_SCRIPT"); + if (script != NULL) { + pid_t pid=fork(); + if (pid == 0) { + char* dumpSucceded = succeeded ? (char *)"true" : (char *)"false"; + char* descriptorPath = succeeded ? (char *)descriptor.path() : (char *)"\0"; + char* cmd[] = {script, dumpSucceded, descriptorPath, NULL}; + execve(cmd[0], &cmd[0], NULL); + } else { + waitpid(pid, 0, 0); + } + } + return succeeded; +} + +// create signal handlers on shared library init +__attribute__((constructor)) +static void breakpad_init() { + + const char * path = ::getenv("BREAKPAD_MINIDUMPS_PATH"); + + static MinidumpDescriptor descriptor((path) ? path : "/tmp"); + static ExceptionHandler handler( + descriptor, // minidump descriptor + NULL, // callback filter + dumpCallback, // callback function + NULL, // callback context + true, // do install handler + -1 // server descriptor + ); +} diff --git a/ydb/deploy/docker/breakpad_init/pkg.json b/ydb/deploy/breakpad_init/pkg.json similarity index 89% rename from ydb/deploy/docker/breakpad_init/pkg.json rename to ydb/deploy/breakpad_init/pkg.json index 858639f41621..6655421b1edb 100644 --- a/ydb/deploy/docker/breakpad_init/pkg.json +++ b/ydb/deploy/breakpad_init/pkg.json @@ -2,7 +2,7 @@ "meta": { "name": "breakpad_init", "maintainer": "ydb ", - "description": "Package with breakpad init", + "description": "Package with breakpad_init", "version": "v2022.07.12.{revision}" }, "build": {}, @@ -10,6 +10,7 @@ "docker_build_network": "host", "docker_registry": "cr.yandex", "docker_repository": "crp2lrlsrs36odlvd8dv", + "docker_target": "breakpad-release", "docker_build_arg": { "BREAKPAD_GIT_TAG": "v2022.07.12" } diff --git a/ydb/deploy/docker/Dockerfile b/ydb/deploy/docker/Dockerfile index fa21aec501e6..c720abffa5f1 100644 --- a/ydb/deploy/docker/Dockerfile +++ b/ydb/deploy/docker/Dockerfile @@ -1,23 +1,45 @@ # syntax=docker/dockerfile:1.4 -ARG BREAKPAD_IMAGE_TAG=v2022.07.12 +ARG BASE_IMAGE="cr.yandex/mirror/ubuntu" +ARG BASE_IMAGE_TAG="focal" +ARG BREAKPAD_IMAGE="cr.yandex/crp2lrlsrs36odlvd8dv/breakpad_init" +ARG BREAKPAD_IMAGE_TAG="v2022.07.12" + ### # Base image with required deb packages ### -FROM cr.yandex/mirror/ubuntu:focal AS base +FROM ${BASE_IMAGE}:${BASE_IMAGE_TAG} AS base +RUN groupadd -r ydb && useradd --no-log-init -r -m -g ydb -G disk ydb && \ + apt-get -yqq update && \ + apt-get -yqq install --no-install-recommends libcap2-bin ca-certificates && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + +### +# Base image with google brekpad assets +### +FROM ${BREAKPAD_IMAGE}:${BREAKPAD_IMAGE_TAG} AS breakpad_init +FROM base AS base-breakpad RUN \ apt-get -yqq update && \ - apt-get -yqq install libcap2-bin ca-certificates && \ - apt-get -yqq clean all && \ - rm -rf /var/lib/apt/lists/* && \ - groupadd -r ydb && \ - useradd --no-log-init -r -m -g ydb -G disk ydb + apt-get -yqq install --no-install-recommends binutils gdb strace linux-tools-generic \ + apt-get clean && rm -rf /var/lib/apt/lists/* +ENV LD_PRELOAD=libbreakpad_init.so +ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps +ENV BREAKPAD_MINIDUMPS_SCRIPT=/opt/ydb/bin/minidump_script.py +# breakpad binaries +COPY --chmod=4644 --from=breakpad_init /usr/lib/libbreakpad_init.so /usr/lib/libbreakpad_init.so +COPY --chmod=0755 --from=breakpad_init /usr/bin/minidump_stackwalk /usr/bin/minidump_stackwalk +COPY --chmod=0755 --from=breakpad_init /usr/bin/minidump-2-core /usr/bin/minidump-2-core +# minidump callback script +COPY --chmod=0755 --chown=ydb /minidump_script.py /opt/ydb/bin/minidump_script.py -FROM base AS base-debug +### +# Base image with debug packages +### +FROM base-breakpad AS base-debug RUN \ apt-get -yqq update && \ - apt-get -yqq install dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ - apt-get -yqq clean all && \ - rm -rf /var/lib/apt/lists/* + apt-get -yqq --no-install-recommends dnsutils telnet netcat-openbsd iputils-ping curl && \ + apt-get clean all && rm -rf /var/lib/apt/lists/* FROM scratch AS license # release information @@ -25,19 +47,19 @@ COPY --chmod=0644 /AUTHORS /AUTHORS COPY --chmod=0644 /LICENSE /LICENSE COPY --chmod=0644 /README.md /README.md -FROM scratch AS libs +FROM scratch AS dynamic-libs # dynamic libraries COPY --chmod=0644 /libiconv.so /lib/libiconv.so COPY --chmod=0644 /liblibidn-dynamic.so /lib/liblibidn-dynamic.so COPY --chmod=0644 /liblibaio-dynamic.so /lib/liblibaio-dynamic.so -### -# Image with setcap'ed ydb binary -### +FROM base AS ydb-binary +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb + FROM base AS ydbd-setcap -COPY --chmod=0755 --chown=ydb /ydbd /ydbd +COPY --chmod=0755 --chown=ydb /ydbd /opt/ydb/bin/ydbd # workaround for decrease image size -RUN /sbin/setcap CAP_SYS_RAWIO=ep /ydbd +RUN /sbin/setcap CAP_SYS_RAWIO=ep /opt/ydb/bin/ydbd ### # Release image @@ -48,23 +70,37 @@ COPY --link --from=license /AUTHORS /AUTHORS COPY --link --from=license /LICENSE /LICENSE COPY --link --from=license /README.md /README.md # dynamic libraries -COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so -COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so +COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so +COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so # ydb binaries -COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb -COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd +COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd WORKDIR /opt/ydb/bin USER ydb ### -# Breakpad image +# Breakpad Image ### -FROM cr.yandex/crp2lrlsrs36odlvd8dv/breakpad_init:$BREAKPAD_IMAGE_TAG AS breakpad +FROM base-breakpad AS breakpad +# release information +COPY --link --from=license /AUTHORS /AUTHORS +COPY --link --from=license /LICENSE /LICENSE +COPY --link --from=license /README.md /README.md +# dynamic libraries +COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so +COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so +# ydb binaries +COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd + +WORKDIR /opt/ydb/bin +USER ydb ### -# Debug image with additional packages +# Debug Image ### FROM base-debug AS debug # release information @@ -72,17 +108,14 @@ COPY --link --from=license /AUTHORS /AUTHORS COPY --link --from=license /LICENSE /LICENSE COPY --link --from=license /README.md /README.md # dynamic libraries -COPY --link --from=libs /lib/libiconv.so /lib/libiconv.so -COPY --link --from=libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --link --from=libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so +COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so +COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so # ydb binaries -COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb -COPY --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd - -ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps/ -ENV BREAKPAD_MINIDUMPS_SCRIPT=/opt/ydb/bin/minidump_script.py -ENV LD_PRELOAD=libbreakpad_init.so -COPY --chmod=4644 --link --from=breakpad /usr/lib/libbreakpad_init.so /usr/lib/libbreakpad_init.so -COPY --chmod=0755 --link --from=breakpad /usr/bin/minidump-2-core /usr/bin/minidump-2-core -COPY --chmod=0755 --chown=ydb /minidump_script.py /opt/ydb/bin/minidump_script.py +COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd +# debug symbols COPY --chmod=0644 --chown=ydb /ydbd.debug /opt/ydb/bin/ydbd.debug + +WORKDIR /opt/ydb/bin +USER ydb diff --git a/ydb/deploy/docker/README.md b/ydb/deploy/docker/README.md new file mode 100644 index 000000000000..0d5f39544ab1 --- /dev/null +++ b/ydb/deploy/docker/README.md @@ -0,0 +1,56 @@ +# Docker image + +## Base image + +Base layer is official `ubuntu:20.04` docker image with packages: +- libcap2-bin (for setcap to binaries) +- ca-certificates (for working with CA bundle) + +## Image Types + +### Release + +```bash +ya package --docker ydb/deploy/docker/pkg.json +``` + +Image with minimal requirements to launch ydbd in container. + +The image includes: +- dynamic cpp libraries (libiconv, libidn, libaio) +- ydb cli binary +- ydbd server strip'ed binary + + +### Breakpad + +```bash +ya package --docker ydb/deploy/docker/breakpad/pkg.json +``` + +Image with google breakpad assets to collect minidump instead of coredump. + +Extend release image with: +- additional packages to collect and manage minidump format +- dynamic library `libbreakpad_init.so` from breakpad_init image (ydb/deploy/breakpad_init) +- environment variable `LD_PRELOAD` to load library on process start +- binaries `minidump_stackwalk` and `minidump-2-core` to collect stacktrace and convert to coredump format +- python script `minidump_script.py` as dumpCallback handler for google breakpad +- environment variables `BREAKPAD_MINIDUMPS_PATH` and `BREAKPAD_MINIDUMPS_SCRIPT` to setup breakpad + +### Debug + +```bash +ya package --docker ydb/deploy/docker/debug/pkg.json +``` + +Image with google breakpad assets to collect minidump instead of coredump. + +Extend breakpad image with: +- additional packages with debug utils (dnsutils, telnet, netcat-openbsd, iputils-ping, curl) +- debug symbols for ydbd binary + +## Additional Info + +All types of images also included LICENSE and AUTHORS files from root of repository + diff --git a/ydb/deploy/docker/debug/minidump_script.py b/ydb/deploy/docker/breakpad/minidump_script.py similarity index 96% rename from ydb/deploy/docker/debug/minidump_script.py rename to ydb/deploy/docker/breakpad/minidump_script.py index 60b892d54ee8..94f6635a5316 100644 --- a/ydb/deploy/docker/debug/minidump_script.py +++ b/ydb/deploy/docker/breakpad/minidump_script.py @@ -25,7 +25,6 @@ "/usr/bin/gdb", "/opt/ydb/bin/ydbd", core_file, - "-symbols=/opt/ydb/bin/ydbd.debug", "-iex=set auto-load safe-path /", "-ex=thread apply all bt", "--batch", diff --git a/ydb/deploy/docker/breakpad/pkg.json b/ydb/deploy/docker/breakpad/pkg.json new file mode 100644 index 000000000000..281ac38323f8 --- /dev/null +++ b/ydb/deploy/docker/breakpad/pkg.json @@ -0,0 +1,28 @@ +{ + "meta": { + "name": "ydb", + "maintainer": "ydb ", + "description": "Package with opensource YDB for Kubernetes with google breakpad support", + "version": "breakpad-{branch}.{revision}" + }, + "params": { + "docker_build_network": "host", + "docker_registry": "cr.yandex", + "docker_repository": "crp2lrlsrs36odlvd8dv", + "docker_target": "breakpad" + }, + "include": [ + "ydb/deploy/docker/pkg.json" + ], + "data": [ + { + "source": { + "type": "ARCADIA", + "path": "ydb/deploy/docker/breakpad/minidump_script.py" + }, + "destination": { + "path": "/minidump_script.py" + } + } + ] +} diff --git a/ydb/deploy/docker/breakpad_init/breakpad_init.cc b/ydb/deploy/docker/breakpad_init/breakpad_init.cc deleted file mode 100644 index 101cd70600d2..000000000000 --- a/ydb/deploy/docker/breakpad_init/breakpad_init.cc +++ /dev/null @@ -1,23 +0,0 @@ -// breakpad_init.cc: A shared library to initialize breakpad signal handler via LD_PRELOAD. - -#include "client/linux/handler/exception_handler.h" - -using google_breakpad::MinidumpDescriptor; -using google_breakpad::ExceptionHandler; - -// create signal handlers on shared library init -__attribute__((constructor)) -static void breakpad_init() { - - const char * path = ::getenv("BREAKPAD_MINIDUMPS_PATH"); - - static MinidumpDescriptor descriptor((path) ? path : "/tmp"); - static ExceptionHandler handler( - descriptor, // minidump descriptor - NULL, // callback filter - NULL, // callback function - NULL, // callback context - true, // do install handler - -1 // server descriptor - ); -} \ No newline at end of file diff --git a/ydb/deploy/docker/debug/pkg.json b/ydb/deploy/docker/debug/pkg.json index 0a7900d2e09e..1bca08aed663 100644 --- a/ydb/deploy/docker/debug/pkg.json +++ b/ydb/deploy/docker/debug/pkg.json @@ -2,7 +2,7 @@ "meta": { "name": "ydb", "maintainer": "ydb ", - "description": "Package with opensource YDB for Kubernetes with debug", + "description": "Package with opensource YDB for Kubernetes with debug symbols", "version": "dbg-{branch}.{revision}" }, "params": { @@ -12,17 +12,7 @@ "docker_target": "debug" }, "include": [ - "ydb/deploy/docker/pkg.json" + "ydb/deploy/docker/minidump/pkg.json" ], - "data": [ - { - "source": { - "type": "RELATIVE", - "path": "minidump_script.py" - }, - "destination": { - "path": "/minidump_script.py" - } - } - ] + "data": [] } diff --git a/ydb/deploy/docker/pkg.json b/ydb/deploy/docker/pkg.json index f0cd4c8ae378..f37cf0cdcb99 100644 --- a/ydb/deploy/docker/pkg.json +++ b/ydb/deploy/docker/pkg.json @@ -12,6 +12,7 @@ "docker_target": "release" }, "build": { + "build_type": "release", "targets": [ "ydb/apps/ydbd", "ydb/apps/ydb", @@ -28,6 +29,10 @@ "name": "HARDENING", "value": "yes" }, + { + "name": "CFLAGS", + "value": "-fno-omit-frame-pointer" + }, { "name": "SPLIT_DWARF_VALUE", "value": "yes" diff --git a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml index dd6477458bee..fd29fa065bc4 100644 --- a/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/8-node-block-4-2/storage.yaml @@ -101,7 +101,7 @@ spec: grpc_config: port: 2135 volumes: - name: coredumps + - name: coredumps hostPath: - path": /coredumps - type": Directory + path: /coredumps + type: Directory diff --git a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml index c139c4b5cffd..e618561b1998 100644 --- a/ydb/tools/ydbd_slice/kube/templates/common/database.yaml +++ b/ydb/tools/ydbd_slice/kube/templates/common/database.yaml @@ -19,7 +19,7 @@ spec: storageClusterRef: name: {{ storage_name }} volumes: - name: coredumps + - name: coredumps hostPath: - path": /coredumps - type": Directory + path: /coredumps + type: Directory From 0787cae6859bee91558605894469d7cde783dfad Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Thu, 14 Nov 2024 15:56:53 +0000 Subject: [PATCH 8/9] revert changes --- ydb/deploy/docker/Dockerfile | 82 +++++-------------- ydb/deploy/docker/README.md | 45 ++++++----- ydb/deploy/docker/debug/pkg.json | 4 +- ydb/tools/ydbd_slice/image/Dockerfile | 28 +++++++ ydb/tools/ydbd_slice/image/pkg.json | 112 ++++++++++++++++++++++++++ 5 files changed, 186 insertions(+), 85 deletions(-) create mode 100644 ydb/tools/ydbd_slice/image/Dockerfile create mode 100644 ydb/tools/ydbd_slice/image/pkg.json diff --git a/ydb/deploy/docker/Dockerfile b/ydb/deploy/docker/Dockerfile index c720abffa5f1..b82dd45be8d0 100644 --- a/ydb/deploy/docker/Dockerfile +++ b/ydb/deploy/docker/Dockerfile @@ -1,8 +1,8 @@ # syntax=docker/dockerfile:1.4 ARG BASE_IMAGE="cr.yandex/mirror/ubuntu" ARG BASE_IMAGE_TAG="focal" -ARG BREAKPAD_IMAGE="cr.yandex/crp2lrlsrs36odlvd8dv/breakpad_init" -ARG BREAKPAD_IMAGE_TAG="v2022.07.12" +ARG BREAKPAD_INIT_IMAGE="cr.yandex/crp2lrlsrs36odlvd8dv/breakpad_init" +ARG BREAKPAD_INIT_IMAGE_TAG="v2022.07.12" ### # Base image with required deb packages @@ -12,15 +12,23 @@ RUN groupadd -r ydb && useradd --no-log-init -r -m -g ydb -G disk ydb && \ apt-get -yqq update && \ apt-get -yqq install --no-install-recommends libcap2-bin ca-certificates && \ apt-get clean && rm -rf /var/lib/apt/lists/* +# release information +COPY --chmod=0644 /AUTHORS /AUTHORS +COPY --chmod=0644 /LICENSE /LICENSE +COPY --chmod=0644 /README.md /README.md +# dynamic libraries +COPY --chmod=0644 /libiconv.so /lib/libiconv.so +COPY --chmod=0644 /liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --chmod=0644 /liblibaio-dynamic.so /lib/liblibaio-dynamic.so ### # Base image with google brekpad assets ### -FROM ${BREAKPAD_IMAGE}:${BREAKPAD_IMAGE_TAG} AS breakpad_init +FROM ${BREAKPAD_INIT_IMAGE}:${BREAKPAD_INIT_IMAGE_TAG} AS breakpad_init FROM base AS base-breakpad RUN \ apt-get -yqq update && \ - apt-get -yqq install --no-install-recommends binutils gdb strace linux-tools-generic \ + apt-get -yqq install --no-install-recommends binutils gdb strace linux-tools-generic && \ apt-get clean && rm -rf /var/lib/apt/lists/* ENV LD_PRELOAD=libbreakpad_init.so ENV BREAKPAD_MINIDUMPS_PATH=/opt/ydb/volumes/coredumps @@ -32,30 +40,6 @@ COPY --chmod=0755 --from=breakpad_init /usr/bin/minidump-2-core /usr/bin/minidum # minidump callback script COPY --chmod=0755 --chown=ydb /minidump_script.py /opt/ydb/bin/minidump_script.py -### -# Base image with debug packages -### -FROM base-breakpad AS base-debug -RUN \ - apt-get -yqq update && \ - apt-get -yqq --no-install-recommends dnsutils telnet netcat-openbsd iputils-ping curl && \ - apt-get clean all && rm -rf /var/lib/apt/lists/* - -FROM scratch AS license -# release information -COPY --chmod=0644 /AUTHORS /AUTHORS -COPY --chmod=0644 /LICENSE /LICENSE -COPY --chmod=0644 /README.md /README.md - -FROM scratch AS dynamic-libs -# dynamic libraries -COPY --chmod=0644 /libiconv.so /lib/libiconv.so -COPY --chmod=0644 /liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --chmod=0644 /liblibaio-dynamic.so /lib/liblibaio-dynamic.so - -FROM base AS ydb-binary -COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb - FROM base AS ydbd-setcap COPY --chmod=0755 --chown=ydb /ydbd /opt/ydb/bin/ydbd # workaround for decrease image size @@ -65,18 +49,9 @@ RUN /sbin/setcap CAP_SYS_RAWIO=ep /opt/ydb/bin/ydbd # Release image ### FROM base AS release -# release information -COPY --link --from=license /AUTHORS /AUTHORS -COPY --link --from=license /LICENSE /LICENSE -COPY --link --from=license /README.md /README.md -# dynamic libraries -COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so -COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so # ydb binaries -COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd - WORKDIR /opt/ydb/bin USER ydb @@ -84,38 +59,21 @@ USER ydb # Breakpad Image ### FROM base-breakpad AS breakpad -# release information -COPY --link --from=license /AUTHORS /AUTHORS -COPY --link --from=license /LICENSE /LICENSE -COPY --link --from=license /README.md /README.md -# dynamic libraries -COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so -COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so # ydb binaries -COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb +COPY --chmod=0755 --chown=ydb /ydb /opt/ydb/bin/ydb COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd - WORKDIR /opt/ydb/bin USER ydb ### # Debug Image ### -FROM base-debug AS debug -# release information -COPY --link --from=license /AUTHORS /AUTHORS -COPY --link --from=license /LICENSE /LICENSE -COPY --link --from=license /README.md /README.md -# dynamic libraries -COPY --link --from=dynamic-libs /lib/libiconv.so /lib/libiconv.so -COPY --link --from=dynamic-libs /lib/liblibidn-dynamic.so /lib/liblibidn-dynamic.so -COPY --link --from=dynamic-libs /lib/liblibaio-dynamic.so /lib/liblibaio-dynamic.so -# ydb binaries -COPY --link --from=ydb-binary /opt/ydb/bin/ydb /opt/ydb/bin/ydb -COPY --link --from=ydbd-setcap /opt/ydb/bin/ydbd /opt/ydb/bin/ydbd +FROM breakpad AS debug +USER root +RUN \ + apt-get -yqq update && \ + apt-get -yqq install --no-install-recommends dnsutils telnet netcat-openbsd iputils-ping curl && \ + apt-get clean && rm -rf /var/lib/apt/lists/* # debug symbols COPY --chmod=0644 --chown=ydb /ydbd.debug /opt/ydb/bin/ydbd.debug - -WORKDIR /opt/ydb/bin USER ydb diff --git a/ydb/deploy/docker/README.md b/ydb/deploy/docker/README.md index a783aa81b0c3..44ca55946209 100644 --- a/ydb/deploy/docker/README.md +++ b/ydb/deploy/docker/README.md @@ -2,55 +2,58 @@ ## Base image -Base layer is official `ubuntu:focal` docker image with packages: +Base image is official `ubuntu:focal` with installed packages: - libcap2-bin (for setcap to binaries) - ca-certificates (for working with CA bundle) +Also base image included `LICENSE`, `AUTHORS` and `README.md` files from root of repository +and dynamic cpp libraries `libiconv`, `liblibidn` and `libaio`. + +### Base breakpad image + +Extend base image with: +- additional packages to collect and manage minidump format (binutils, gdb, strace, linux-tools-generic) +- dynamic library `libbreakpad_init.so` from breakpad_init image (ydb/deploy/breakpad_init) +- environment variable `LD_PRELOAD` for loading breakpad library on process start +- environment variables `BREAKPAD_MINIDUMPS_PATH` and `BREAKPAD_MINIDUMPS_SCRIPT` to setup breakpad +- binaries `minidump_stackwalk` and `minidump-2-core` to collect stacktrace and convert in coredump format +- python script `minidump_script.py` as dumpCallback handler for breakpad + ## Image Types ### Release +Image with minimal requirements to launch ydbd in container + ```bash ya package --docker ydb/deploy/docker/pkg.json ``` -Image with minimal requirements to launch ydbd in container. - -The image includes: -- dynamic cpp libraries (libiconv, libidn, libaio) +Used base image and included: - ydb cli binary - ydbd server strip'ed binary - ### Breakpad +Image with google breakpad assets to collect minidump + ```bash ya package --docker ydb/deploy/docker/breakpad/pkg.json ``` -Image with google breakpad assets to collect minidump instead of coredump. +Used base image and included: -Extend release image with: -- additional packages to collect and manage minidump format -- dynamic library `libbreakpad_init.so` from breakpad_init image (ydb/deploy/breakpad_init) -- environment variable `LD_PRELOAD` to load library on process start -- binaries `minidump_stackwalk` and `minidump-2-core` to collect stacktrace and convert to coredump format -- python script `minidump_script.py` as dumpCallback handler for google breakpad -- environment variables `BREAKPAD_MINIDUMPS_PATH` and `BREAKPAD_MINIDUMPS_SCRIPT` to setup breakpad +- ydb cli binary +- ydbd server strip'ed binary ### Debug +Image with debug symbols and utils for dev purposes + ```bash ya package --docker ydb/deploy/docker/debug/pkg.json ``` -Image with google breakpad assets to collect minidump instead of coredump. - Extend breakpad image with: - additional packages with debug utils (dnsutils, telnet, netcat-openbsd, iputils-ping, curl) - debug symbols for ydbd binary - -## Additional Info - -All types of images also included LICENSE and AUTHORS files from root of repository - diff --git a/ydb/deploy/docker/debug/pkg.json b/ydb/deploy/docker/debug/pkg.json index 1bca08aed663..d3c63cd7c206 100644 --- a/ydb/deploy/docker/debug/pkg.json +++ b/ydb/deploy/docker/debug/pkg.json @@ -3,7 +3,7 @@ "name": "ydb", "maintainer": "ydb ", "description": "Package with opensource YDB for Kubernetes with debug symbols", - "version": "dbg-{branch}.{revision}" + "version": "debug-{branch}.{revision}" }, "params": { "docker_build_network": "host", @@ -12,7 +12,7 @@ "docker_target": "debug" }, "include": [ - "ydb/deploy/docker/minidump/pkg.json" + "ydb/deploy/docker/breakpad/pkg.json" ], "data": [] } diff --git a/ydb/tools/ydbd_slice/image/Dockerfile b/ydb/tools/ydbd_slice/image/Dockerfile new file mode 100644 index 000000000000..eb35b2e57a95 --- /dev/null +++ b/ydb/tools/ydbd_slice/image/Dockerfile @@ -0,0 +1,28 @@ +# syntax=docker/dockerfile:1 +FROM cr.yandex/mirror/ubuntu:focal as base + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + apt-get -yqq update && \ + apt-get -yqq install libcap2-bin dnsutils telnet netcat-openbsd iputils-ping gdb atop strace curl linux-tools-generic && \ + apt-get -yqq clean all && \ + rm -rf /var/lib/apt/lists/* && \ + groupadd -r ydb && \ + useradd --no-log-init -r -m -g ydb -G disk ydb + +FROM base as ydbd-setcap + +COPY --link ydbd /ydbd +RUN /sbin/setcap CAP_SYS_RAWIO=ep /ydbd + +FROM base + +ARG ARC_COMMIT_ID +LABEL arc_commit_id=$ARC_COMMIT_ID + +WORKDIR /opt/ydb/bin +COPY --chmod=0755 --chown=ydb:ydb --link ydb /opt/ydb/bin/ydb +COPY --chmod=0644 --link libiconv.so /lib/libiconv.so +COPY --chmod=0644 --link liblibidn-dynamic.so /lib/liblibidn-dynamic.so +COPY --chmod=0644 --link liblibaio-dynamic.so /lib/liblibaio-dynamic.so +COPY --chmod=0755 --chown=ydb:ydb --link --from=ydbd-setcap /ydbd /opt/ydb/bin/ydbd +USER ydb diff --git a/ydb/tools/ydbd_slice/image/pkg.json b/ydb/tools/ydbd_slice/image/pkg.json new file mode 100644 index 000000000000..e2fa60dc1534 --- /dev/null +++ b/ydb/tools/ydbd_slice/image/pkg.json @@ -0,0 +1,112 @@ +{ + "meta": { + "name": "ydb", + "maintainer": "ydb ", + "description": "Package with opensource YDB for Kubernetes", + "version": "{sandbox_task_id}.{branch}" + }, + "build": { + "flags": [ + { + "name": "OPENSOURCE", + "value": "yes" + }, + { + "name": "HARDENING", + "value": "yes" + } + ], + "targets": [ + "ydb/apps/ydbd", + "ydb/apps/ydb", + "contrib/libs/libiconv/dynamic", + "contrib/libs/libidn/dynamic", + "contrib/libs/libaio/dynamic" + ], + + "target-platforms": [ + "default-linux-x86_64" + ] + }, + "data": [ + { + "source": { + "type": "RELATIVE", + "path": "Dockerfile" + }, + "destination": { + "path": "/Dockerfile" + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libiconv/dynamic/libiconv.so" + }, + "destination": { + "path": "/libiconv.so", + "attributes": { + "mode": { + "value": "+x" + } + } + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libidn/dynamic/liblibidn-dynamic.so" + }, + "destination": { + "path": "/liblibidn-dynamic.so", + "attributes": { + "mode": { + "value": "+x" + } + } + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "contrib/libs/libaio/dynamic/liblibaio-dynamic.so" + }, + "destination": { + "path": "/liblibaio-dynamic.so", + "attributes": { + "mode": { + "value": "+x" + } + } + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "ydb/apps/ydbd/ydbd" + }, + "destination": { + "path": "/ydbd", + "attributes": { + "mode": { + "value": "+x" + } + } + } + }, + { + "source": { + "type": "BUILD_OUTPUT", + "path": "ydb/apps/ydb/ydb" + }, + "destination": { + "path": "/ydb", + "attributes": { + "mode": { + "value": "+x" + } + } + } + } + ] +} From 5f900f5a8be20e1187620a0bffc0af18cb55a277 Mon Sep 17 00:00:00 2001 From: Aleksei Kobzev Date: Thu, 14 Nov 2024 19:16:28 +0000 Subject: [PATCH 9/9] release package folder --- ydb/deploy/docker/README.md | 2 +- ydb/deploy/docker/breakpad/pkg.json | 2 +- ydb/deploy/docker/{ => release}/pkg.json | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename ydb/deploy/docker/{ => release}/pkg.json (100%) diff --git a/ydb/deploy/docker/README.md b/ydb/deploy/docker/README.md index 44ca55946209..40da407e0bca 100644 --- a/ydb/deploy/docker/README.md +++ b/ydb/deploy/docker/README.md @@ -26,7 +26,7 @@ Extend base image with: Image with minimal requirements to launch ydbd in container ```bash -ya package --docker ydb/deploy/docker/pkg.json +ya package --docker ydb/deploy/docker/release/pkg.json ``` Used base image and included: diff --git a/ydb/deploy/docker/breakpad/pkg.json b/ydb/deploy/docker/breakpad/pkg.json index 281ac38323f8..ad8cbda6cacc 100644 --- a/ydb/deploy/docker/breakpad/pkg.json +++ b/ydb/deploy/docker/breakpad/pkg.json @@ -12,7 +12,7 @@ "docker_target": "breakpad" }, "include": [ - "ydb/deploy/docker/pkg.json" + "ydb/deploy/docker/release/pkg.json" ], "data": [ { diff --git a/ydb/deploy/docker/pkg.json b/ydb/deploy/docker/release/pkg.json similarity index 100% rename from ydb/deploy/docker/pkg.json rename to ydb/deploy/docker/release/pkg.json