New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() #39100
Conversation
ad61cb8
to
c8ab9a0
Compare
@@ -126,8 +127,8 @@ func verifyPlatformContainerResources(resources *containertypes.Resources, isHyp | |||
return warnings, fmt.Errorf("range of CPUs is from 0.01 to %d.00, as there are only %d CPUs available", sysinfo.NumCPU(), sysinfo.NumCPU()) | |||
} | |||
|
|||
osv := system.GetOSVersion() | |||
if resources.NanoCPUs > 0 && isHyperv && osv.Build < 16175 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This version was somewhere between "RS2" and "RS3", so I picked < RS3
@@ -431,11 +432,7 @@ func initBridgeDriver(controller libnetwork.NetworkController, config *config.Co | |||
if config.BridgeConfig.FixedCIDR != "" { | |||
subnetPrefix = config.BridgeConfig.FixedCIDR | |||
} else { | |||
// TP5 doesn't support properly detecting subnet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removing this as TP5 is really obsolete
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any idea why the original code scoped the use of defaultNetworkSpace
to < 14360 only?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Things were still in development on the Windows side, so I think 14360 was a build where new features became available; that's been a long time back, so I'd have to check git history if there's any info about that
@@ -294,8 +294,10 @@ func (d *Driver) Remove(id string) error { | |||
// not required. | |||
computeSystems, err = hcsshim.GetContainers(hcsshim.ComputeSystemQuery{}) | |||
if err != nil { | |||
if (osv.Build < 15139) && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
15139 is somewhere between RS2 and RS3; from the context, it looks like the loop must be skipped on RS3 and up; I change it to an early return to make it slightly more readable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm, no I think you've changed the logic incorrectly here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh; why didn't I see this comment; I'll have to check
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, I think my logic is correct, but @lowenna @kolyshkin please double check;
(Simplified code, and replaced 15139
with RS3
for brevity)
Old situation
if err != nil {
if (ver < RS3) && ((err ==InvalidState) || (err == AccessIsDenied)) {
// retry
}
return err
}
ver | error | ver < RS3 ? | err == InvalidState or AccessIsDenied ? |
action |
---|---|---|---|---|
RS1 | nil | - | - | break |
RS1 | any | ✅ | ❌ | return err |
RS1 | InvalidState |
✅ | ✅ | retry |
RS1 | AccessIsDenied |
✅ | ✅ | retry |
RS3 | nil | - | - | break |
RS3 | any | ❌ | - (not evaluated) | return err |
RS3 | InvalidState |
❌ | - (not evaluated) | return err |
RS3 | AccessIsDenied |
❌ | - (not evaluated) | return err |
New situation:
if err != nil {
if ver >= RS3 {
// no retry, return error
}
if (err == InvalidState) || (err == AccessIsDenied) {
// retry
}
return err
}
ver | error | ver >= RS3 ? | err == InvalidState or AccessIsDenied ? |
action |
---|---|---|---|---|
RS1 | nil | - | - | break |
RS1 | any | ❌ | ❌ | return err |
RS1 | InvalidState |
❌ | ✅ | retry |
RS1 | AccessIsDenied |
❌ | ✅ | retry |
RS3 | nil | - | - | break |
RS3 | any | ✅ | - (not evaluated) | return err |
RS3 | InvalidState |
✅ | - (not evaluated) | return err |
RS3 | AccessIsDenied |
✅ | - (not evaluated) | return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new logic looks correct to me.
By the way, I found an obsoleted TODO comment just above this. I think the part of it needs to be removed, this one:
For RS3, we can remove the retries. Also
v, err := kernel.GetKernelVersion() | ||
assert.NilError(c, err) | ||
build, _ := strconv.Atoi(strings.Split(strings.SplitN(v.String(), " ", 3)[2][1:], ".")[0]) | ||
if build == 16299 { | ||
buildNumber, _ := strconv.Atoi(strings.Split(strings.SplitN(v.String(), " ", 3)[2][1:], ".")[0]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
renaming these as they overlap with the build
package
@@ -4549,7 +4550,7 @@ func (s *DockerSuite) TestRunAddDeviceCgroupRule(c *check.C) { | |||
|
|||
// Verifies that running as local system is operating correctly on Windows | |||
func (s *DockerSuite) TestWindowsRunAsSystem(c *check.C) { | |||
testRequires(c, DaemonIsWindowsAtLeastBuild(15000)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is somewhere between RS1 and RS2, so I took RS3
@jhowardmsft PTAL |
This comment has been minimized.
This comment has been minimized.
0fe8ddd
to
36c24fc
Compare
Codecov Report
@@ Coverage Diff @@
## master #39100 +/- ##
=========================================
Coverage ? 37.31%
=========================================
Files ? 609
Lines ? 45264
Branches ? 0
=========================================
Hits ? 16892
Misses ? 26083
Partials ? 2289 |
This comment has been minimized.
This comment has been minimized.
9d54db1
to
f450bf0
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
6e28b33
to
6367b83
Compare
a3bdd4f
to
ac9fc61
Compare
Adds osversion.Build() utility Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
ac9fc61
to
86b3703
Compare
rebased to include #40117 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
MinorVersion uint8 | ||
Build uint16 | ||
} | ||
type OSVersion osversion.OSVersion |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could possibly be a type alias
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah, hm. good point, forgot about that as an option
I'll do a quick touch-up follow-up
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One small nit that shouldn't block this PR
@@ -8,6 +8,8 @@ import ( | |||
"testing" | |||
"time" | |||
|
|||
"github.com/Microsoft/hcsshim/osversion" | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
arf. think my IDE had goimports disabled; let me check my config
full diff: microsoft/hcsshim@672e52e...2226e08 - microsoft/hcsshim#569 Enhancement: add osversion.Build() utility - relates to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: moby/moby@b6684a4...a09e6e3 relevant changes: - moby/moby#39995 Update containerd binary to v1.2.10 - moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884) - moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276) - moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596) - moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix" - reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix, in favor of documenting when to set the `osusergo` build tag. The `osusergo` build-flag must be used when compiling a static binary with `cgo` enabled, and linking against `glibc`. - moby/moby#39983 builder: remove legacy build's session handling This feature was used by docker build --stream and it was kept experimental. Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit. - Related: docker#2105 build: remove --stream (was experimental) - moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty, golang/gddo, gorilla/mux - moby/moby#39713 bump containerd and dependencies to v1.3.0 - moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver - moby/moby#40070 Use ocischema package instead of custom handler - relates to moby/moby#39727 Docker 19.03 doesn't support OCI image - relates to docker/hub-feedback#1871 - relates to distribution/distribution#3024 - moby/moby#39231 Add support for sending down service Running and Desired task counts - moby/moby#39822 daemon: Use short libnetwork ID in exec-root - moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - updates/requires Microsoft/hscshim@2226e083fc390003ae5aa8325c3c92789afa0e7a Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: moby/moby@b6684a4...a09e6e3 relevant changes: - moby/moby#39995 Update containerd binary to v1.2.10 - moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884) - moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276) - moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596) - moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix" - reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix, in favor of documenting when to set the `osusergo` build tag. The `osusergo` build-flag must be used when compiling a static binary with `cgo` enabled, and linking against `glibc`. - moby/moby#39983 builder: remove legacy build's session handling This feature was used by docker build --stream and it was kept experimental. Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit. - Related: docker#2105 build: remove --stream (was experimental) - moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty, golang/gddo, gorilla/mux - moby/moby#39713 bump containerd and dependencies to v1.3.0 - moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver - moby/moby#40070 Use ocischema package instead of custom handler - relates to moby/moby#39727 Docker 19.03 doesn't support OCI image - relates to docker/hub-feedback#1871 - relates to distribution/distribution#3024 - moby/moby#39231 Add support for sending down service Running and Desired task counts - moby/moby#39822 daemon: Use short libnetwork ID in exec-root - moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - updates/requires Microsoft/hscshim@2226e083fc390003ae5aa8325c3c92789afa0e7a Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: microsoft/hcsshim@672e52e...2226e08 - microsoft/hcsshim#569 Enhancement: add osversion.Build() utility - relates to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 5e4c7eba448246e90f88c0d319a45a62b2e62c33 Component: cli
full diff: moby/moby@b6684a4...a09e6e3 relevant changes: - moby/moby#39995 Update containerd binary to v1.2.10 - moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884) - moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276) - moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596) - moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix" - reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix, in favor of documenting when to set the `osusergo` build tag. The `osusergo` build-flag must be used when compiling a static binary with `cgo` enabled, and linking against `glibc`. - moby/moby#39983 builder: remove legacy build's session handling This feature was used by docker build --stream and it was kept experimental. Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit. - Related: #2105 build: remove --stream (was experimental) - moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty, golang/gddo, gorilla/mux - moby/moby#39713 bump containerd and dependencies to v1.3.0 - moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver - moby/moby#40070 Use ocischema package instead of custom handler - relates to moby/moby#39727 Docker 19.03 doesn't support OCI image - relates to docker/hub-feedback#1871 - relates to distribution/distribution#3024 - moby/moby#39231 Add support for sending down service Running and Desired task counts - moby/moby#39822 daemon: Use short libnetwork ID in exec-root - moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - updates/requires Microsoft/hscshim@2226e083fc390003ae5aa8325c3c92789afa0e7a Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 7f6cd64335dc631efaa8204c01f92aa40939073a Component: cli
full diff: moby/moby@a09e6e3...a9507c6 Includes: - moby/moby#40077 Update "auto-generate" comments to improve detection by linters - moby/moby#40143 registry: add a critical section to protect authTransport.modReq - moby/moby#40212 Move DefaultCapabilities() to caps package - moby/moby#40021 Use newer x/sys/windows SecurityAttributes struct (carry 40017) - carries moby/moby#40017 Use newer x/sys/windows SecurityAttributes struct - moby/moby#40135 pkg/system: make OSVersion an alias for hcsshim OSVersion - follow-up to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - moby/moby#40250 Bump hcsshim to b3f49c06ffaeef24d09c6c08ec8ec8425a0303e2 - moby/moby#40243 Use certs.d from XDG_CONFIG_HOME when in rootless mode - fixes moby/moby#40236 Docker rootless dies when unable to read /etc/docker/certs.d - moby/moby#40283 Fix possible runtime panic in Lgetxattr - moby/moby#40178 builder/remotecontext: small refactor - moby/moby#40179 builder/remotecontext: allow ssh:// for remote context URLs - fixes docker#2164 Docker build cannot resolve git context with html escapes - moby/moby#40302 client.ImagePush(): default to ":latest" instead of "all tags" - relates to docker#2214 [proposal] change "docker push" behavior to default to ":latest" instead of "all tags" - relates to docker#2220 implement docker push `-a`/ `--all-tags` - moby/moby#40263 Normalize comment formatting - moby/moby#40238 Allow client consumers like traefik to compile on illumos - moby/moby#40108 bump google.golang.org/grpc v1.23.1 - moby/moby#40312 update vendor golang.org/x/sys to 6d18c012aee9febd81bbf9806760c8c4480e870d - moby/moby#40247 pkg/system: deprecate constants in favor of golang.org/x/sys/windows - moby/moby#40246 pkg/system: minor cleanups and remove use of deprecated system.GetOSVersion() - moby/moby#40122 Update buildkit to containerd leases - vendor: update buildkit to leases support (4f4e03067523b2fc5ca2f17514a5e75ad63e02fb) - vendor: update containerd to acdcf13d5eaf0dfe0eaeabe7194a82535549bc2b - vendor: update runc to d736ef14f0288d6993a1845745d6756cfc9ddd5a (v1.0.0-rc9) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: moby/moby@a09e6e3...a9507c6 Includes: - moby/moby#40077 Update "auto-generate" comments to improve detection by linters - moby/moby#40143 registry: add a critical section to protect authTransport.modReq - moby/moby#40212 Move DefaultCapabilities() to caps package - moby/moby#40021 Use newer x/sys/windows SecurityAttributes struct (carry 40017) - carries moby/moby#40017 Use newer x/sys/windows SecurityAttributes struct - moby/moby#40135 pkg/system: make OSVersion an alias for hcsshim OSVersion - follow-up to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - moby/moby#40250 Bump hcsshim to b3f49c06ffaeef24d09c6c08ec8ec8425a0303e2 - moby/moby#40243 Use certs.d from XDG_CONFIG_HOME when in rootless mode - fixes moby/moby#40236 Docker rootless dies when unable to read /etc/docker/certs.d - moby/moby#40283 Fix possible runtime panic in Lgetxattr - moby/moby#40178 builder/remotecontext: small refactor - moby/moby#40179 builder/remotecontext: allow ssh:// for remote context URLs - fixes docker/cli#2164 Docker build cannot resolve git context with html escapes - moby/moby#40302 client.ImagePush(): default to ":latest" instead of "all tags" - relates to docker/cli#2214 [proposal] change "docker push" behavior to default to ":latest" instead of "all tags" - relates to docker/cli#2220 implement docker push `-a`/ `--all-tags` - moby/moby#40263 Normalize comment formatting - moby/moby#40238 Allow client consumers like traefik to compile on illumos - moby/moby#40108 bump google.golang.org/grpc v1.23.1 - moby/moby#40312 update vendor golang.org/x/sys to 6d18c012aee9febd81bbf9806760c8c4480e870d - moby/moby#40247 pkg/system: deprecate constants in favor of golang.org/x/sys/windows - moby/moby#40246 pkg/system: minor cleanups and remove use of deprecated system.GetOSVersion() - moby/moby#40122 Update buildkit to containerd leases - vendor: update buildkit to leases support (4f4e03067523b2fc5ca2f17514a5e75ad63e02fb) - vendor: update containerd to acdcf13d5eaf0dfe0eaeabe7194a82535549bc2b - vendor: update runc to d736ef14f0288d6993a1845745d6756cfc9ddd5a (v1.0.0-rc9) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 627a4cf7ccd0b7e92c6798c73de4dd4efc43175c Component: cli
full diff: moby/moby@a09e6e3...a9507c6 Includes: - moby/moby#40077 Update "auto-generate" comments to improve detection by linters - moby/moby#40143 registry: add a critical section to protect authTransport.modReq - moby/moby#40212 Move DefaultCapabilities() to caps package - moby/moby#40021 Use newer x/sys/windows SecurityAttributes struct (carry 40017) - carries moby/moby#40017 Use newer x/sys/windows SecurityAttributes struct - moby/moby#40135 pkg/system: make OSVersion an alias for hcsshim OSVersion - follow-up to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion() - moby/moby#40250 Bump hcsshim to b3f49c06ffaeef24d09c6c08ec8ec8425a0303e2 - moby/moby#40243 Use certs.d from XDG_CONFIG_HOME when in rootless mode - fixes moby/moby#40236 Docker rootless dies when unable to read /etc/docker/certs.d - moby/moby#40283 Fix possible runtime panic in Lgetxattr - moby/moby#40178 builder/remotecontext: small refactor - moby/moby#40179 builder/remotecontext: allow ssh:// for remote context URLs - fixes docker#2164 Docker build cannot resolve git context with html escapes - moby/moby#40302 client.ImagePush(): default to ":latest" instead of "all tags" - relates to docker#2214 [proposal] change "docker push" behavior to default to ":latest" instead of "all tags" - relates to docker#2220 implement docker push `-a`/ `--all-tags` - moby/moby#40263 Normalize comment formatting - moby/moby#40238 Allow client consumers like traefik to compile on illumos - moby/moby#40108 bump google.golang.org/grpc v1.23.1 - moby/moby#40312 update vendor golang.org/x/sys to 6d18c012aee9febd81bbf9806760c8c4480e870d - moby/moby#40247 pkg/system: deprecate constants in favor of golang.org/x/sys/windows - moby/moby#40246 pkg/system: minor cleanups and remove use of deprecated system.GetOSVersion() - moby/moby#40122 Update buildkit to containerd leases - vendor: update buildkit to leases support (4f4e03067523b2fc5ca2f17514a5e75ad63e02fb) - vendor: update containerd to acdcf13d5eaf0dfe0eaeabe7194a82535549bc2b - vendor: update runc to d736ef14f0288d6993a1845745d6756cfc9ddd5a (v1.0.0-rc9) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Use hcsshim as the source of truth. Also bumps hcsshim;
microsoft/go-winio@c599b53...84b4ab4