New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
shimv2: support attachable binary I/O #10020
base: main
Are you sure you want to change the base?
Conversation
76fc465
to
8659051
Compare
c84d44b
to
c3ab348
Compare
@@ -107,6 +110,16 @@ func createIO(ctx context.Context, id string, ioUID, ioGID int, stdio stdio.Stdi | |||
pio.io, err = runc.NewPipeIO(ioUID, ioGID, withConditionalIO(stdio)) | |||
case "binary": | |||
pio.io, err = NewBinaryIO(ctx, id, u) | |||
case "attachablebinary": |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs godoc and test
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
test added.
I am not really sure where to add godoc cc @AkihiroSuda
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
godoc added
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we can merge attachablebinary
with existing one, binary
, by using reserve param key like _attach=true
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I intended to merge them but I think it will introduce a non-negligible complexity and more responsibilities to NewBinaryIO()
func so I prefer to make a seperate function
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we can merge attachablebinary with existing one, binary, by using reserve param key like _attach=true.
That was my thinking too. "attachablebinary" is extended case of "binary", I like the idea of introducing attach
flag. The code is indeed complex and needs some refactoring.
2627516
to
7fcea19
Compare
a3da5f4
to
b913e4c
Compare
75509a2
to
8837e4f
Compare
@@ -107,6 +110,16 @@ func createIO(ctx context.Context, id string, ioUID, ioGID int, stdio stdio.Stdi | |||
pio.io, err = runc.NewPipeIO(ioUID, ioGID, withConditionalIO(stdio)) | |||
case "binary": | |||
pio.io, err = NewBinaryIO(ctx, id, u) | |||
case "attachablebinary": |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe we can merge attachablebinary
with existing one, binary
, by using reserve param key like _attach=true
.
return f, fmt.Errorf("failed to open stdout fifo: %w", retErr) | ||
} | ||
defer func() { | ||
if retErr != nil && f.Stdout != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we don't need to check f.Stdout != nil here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yep, I also cleared some useless defer funcs
@@ -243,6 +256,16 @@ func (c *countingWriteCloser) Close() error { | |||
return c.WriteCloser.Close() | |||
} | |||
|
|||
type PipesReader struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it required to be exported type?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nope, fixed
if err == nil { | ||
return | ||
} | ||
result := []error{err} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please use named var defined in return parameters.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it is better now ?
90883dc
to
cd48cde
Compare
Signed-off-by: fahed dorgaa <fahed.dorgaa@gmail.com>
cd48cde
to
5f19f04
Compare
/retest |
@@ -307,6 +329,180 @@ func NewBinaryIO(ctx context.Context, id string, uri *url.URL) (_ runc.IO, err e | |||
}, nil | |||
} | |||
|
|||
// NewAttachableBinary runs a custom binary process and opens attachable fifos for pluggable shim logging | |||
func NewAttachableBinary(ctx context.Context, id string, uri *url.URL) (_ *cio.FIFOSet, err error) { | |||
binaryFifos, err := cio.NewFIFOSetInDir(defaults.DefaultFIFODir, id, true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why terminal=true
here?
err = errors.Join(result...) | ||
}() | ||
|
||
pipesAttachableFifosPipes, err := openAttachableFifos(ctx, attachableFifos) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will it be problematic if there are no consumers of these FIFOs? Pipe has limited capacity and when it's full the writing side may block or fail.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
by default fifo would block when it's full, but with O_NONBLOCK flag coming data will be lost and new data will be queued to the writer(fifo), so attaching tails logs and this is the intended behavior
Really not a fan of these runc specific options that really have nothing really to do with runc. It would also be extremely helpful to include an explanation of what this does and how its expected to be used in code and the commit. |
nerdctl
uses binary I/O to support detached mode, but this is not sufficient because it does not allow reattachment. This PR introduces a new I/Oattachablebinary
that allows detaching and reattaching of I/O managed by thecontainerd-shim