integration: use systemd when $DOCKER_SYSTEMD is set by AkihiroSuda · Pull Request #40493 · moby/moby

AkihiroSuda · 2020-02-10T17:59:36Z

- What I did
Added systemd in the integration testing image.
This will help testing rootless and systemd stuff.

- How I did it
Added a variant of hack/dind script:hack/dind-systemd.

This script executes the arguments as a systemd service in foreground with tty connected, and then call systemctl exit $EXIT_STATUS to shutdown the systemd process with the expected exit code.

- How to verify it

DOCKER_SYSTEMD=1 make test-integration

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)
🐧

hack/dind

thaJeztah · 2020-02-10T18:13:43Z

This script is more widely used than just in our CI; wondering if we should have a separate script just for CI if this is needed

AkihiroSuda · 2020-02-10T18:18:16Z

Testing should be possible on a laptop as well?

thaJeztah · 2020-02-10T18:51:19Z

Right, but it's also used in the docker images on Docker Hub for example; https://github.com/docker-library/docker/blob/7db7eccb7b7507b1a6ba3ef81c6f37b16149cc55/Dockerfile-dind.template#L33-L38

Also not sure

if we always want systemd to be used?
if instead of cat-ing the unit file, we should just add a unit file to this repo, and COPY it into the container

AkihiroSuda · 2020-02-10T21:13:08Z

Updated not to use systemd when systemd is not installed, but I think docker images on Docker Hub should fork the code.

if we always want systemd to be used?

I think we can use systemd always.

Also, even for rootful with cgroupfs driver, systemd might be useful for simplifying .integration-daemon-{start,stop} stuff.

if instead of cat-ing the unit file, we should just add a unit file to this repo, and COPY it into the container

No, the file needs to be autogenerated (for command args, workdir, and env vars)

AkihiroSuda · 2020-02-10T21:51:10Z

Interestingly, this PR seems to have digged up some broken tests that hadn't been executed in CI.

[2020-02-10T21:34:56.998Z] --- FAIL: TestCgroupDriverSystemdMemoryLimit (1.76s)

[2020-02-10T21:34:56.998Z]     cgroupdriver_systemd_test.go:54: assertion failed: 67108864 (s.HostConfig.Memory int64) != 67108864 (mem int)

[2020-02-10T21:34:56.998Z] FAIL

[2020-02-10T21:34:56.998Z] 

[2020-02-10T21:34:56.998Z] === Failed

[2020-02-10T21:34:56.998Z] === FAIL: arm64.integration.system TestCgroupDriverSystemdMemoryLimit (1.76s)

[2020-02-10T21:34:56.998Z] === PAUSE TestCgroupDriverSystemdMemoryLimit

[2020-02-10T21:34:56.998Z] === CONT  TestCgroupDriverSystemdMemoryLimit

[2020-02-10T21:34:56.998Z]     cgroupdriver_systemd_test.go:54: assertion failed: 67108864 (s.HostConfig.Memory int64) != 67108864 (mem int)

AkihiroSuda · 2020-02-14T03:00:16Z

@tianon PTAL?

tianon · 2020-02-15T00:10:56Z

I agree with the intent here (automated testing of more things via systemd, especially things that can't effectively be tested right now), but anything that runs systemd in a container, even more especially one that's typically run with --privileged, makes me very wary. I've seen way too many systems accidentally tanked thanks to systemd inside the container having some service someone forgot to disable that then tries to initialize already-initialized host devices (as an example), and causing the expected havoc.

thaJeztah · 2020-02-15T00:12:52Z

could we add a variant just used for our CI, and keep the standard dind script as-is?

tianon · 2020-02-15T00:16:50Z

I like that idea, as long as the logistics work for actually using it 😅

AkihiroSuda · 2020-02-18T09:12:07Z

Updated to split the script. PTAL.

AkihiroSuda · 2020-02-24T09:57:07Z

@tianon PTAL?

Dockerfile

hack/dind

The test was failing: --- FAIL: TestCgroupDriverSystemdMemoryLimit (1.76s) cgroupdriver_systemd_test.go:54: assertion failed: 67108864 (s.HostConfig.Memory int64) != 67108864 (mem int) Signed-off-by: Akihiro Suda <[email protected]>

cpuguy83

LGTM

Dockerfile

Fix moby#40492 Signed-off-by: Akihiro Suda <[email protected]>

thaJeztah

LGTM, thanks!

AkihiroSuda requested a review from tianon as a code owner February 10, 2020 17:59

AkihiroSuda commented Feb 10, 2020

View reviewed changes

hack/dind Outdated Show resolved Hide resolved

AkihiroSuda force-pushed the dockerfile-systemd branch from 30b580c to 4f93a64 Compare February 10, 2020 18:09

AkihiroSuda force-pushed the dockerfile-systemd branch 2 times, most recently from cf6d7d1 to eb85eca Compare February 10, 2020 21:07

AkihiroSuda force-pushed the dockerfile-systemd branch from eb85eca to 0019802 Compare February 10, 2020 21:14

AkihiroSuda added area/testing area/systemd labels Feb 10, 2020

AkihiroSuda mentioned this pull request Feb 10, 2020

cgroup2 check list #40360

Closed

8 tasks

AkihiroSuda force-pushed the dockerfile-systemd branch from 9705844 to 2d5b0c4 Compare February 11, 2020 09:51

This comment has been minimized.

Sign in to view

AkihiroSuda mentioned this pull request Feb 11, 2020

fix goimports #40501

Merged

AkihiroSuda force-pushed the dockerfile-systemd branch from 83064d8 to b6bc28b Compare February 11, 2020 14:58

AkihiroSuda force-pushed the dockerfile-systemd branch from b6bc28b to bb0775f Compare February 18, 2020 09:09

AkihiroSuda changed the title ~~hack/dind: enable systemd~~ integration: use systemd when $DOCKER_SYSTEMD is set Feb 18, 2020

AkihiroSuda force-pushed the dockerfile-systemd branch from bb0775f to f1f1240 Compare February 18, 2020 09:10

AkihiroSuda force-pushed the dockerfile-systemd branch from f1f1240 to 2d976c1 Compare February 19, 2020 16:26

thaJeztah added the status/2-code-review label Feb 24, 2020

thaJeztah reviewed Feb 24, 2020

View reviewed changes

Dockerfile Outdated Show resolved Hide resolved

thaJeztah reviewed Feb 24, 2020

View reviewed changes

hack/dind Outdated Show resolved Hide resolved

TestCgroupDriverSystemdMemoryLimit: fix failure

3fbc41f

The test was failing: --- FAIL: TestCgroupDriverSystemdMemoryLimit (1.76s) cgroupdriver_systemd_test.go:54: assertion failed: 67108864 (s.HostConfig.Memory int64) != 67108864 (mem int) Signed-off-by: Akihiro Suda <[email protected]>

AkihiroSuda force-pushed the dockerfile-systemd branch from 2d976c1 to d925440 Compare March 3, 2020 02:53

cpuguy83 approved these changes Mar 3, 2020

View reviewed changes

thaJeztah reviewed Mar 3, 2020

View reviewed changes

Dockerfile Outdated Show resolved Hide resolved

integration: use systemd when $DOCKER_SYSTEMD is set

a329226

Fix moby#40492 Signed-off-by: Akihiro Suda <[email protected]>

AkihiroSuda force-pushed the dockerfile-systemd branch from d925440 to a329226 Compare March 3, 2020 18:05

thaJeztah approved these changes Mar 3, 2020

View reviewed changes

thaJeztah merged commit e2b7793 into moby:master Mar 3, 2020

thaJeztah added this to the 20.03.0 milestone Apr 2, 2020

thaJeztah mentioned this pull request Aug 2, 2022

Rewrite journald LogReader and unit test it #43219

Merged

Conversation

AkihiroSuda commented Feb 10, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

thaJeztah commented Feb 10, 2020

Uh oh!

AkihiroSuda commented Feb 10, 2020

Uh oh!

thaJeztah commented Feb 10, 2020

Uh oh!

AkihiroSuda commented Feb 10, 2020

Uh oh!

AkihiroSuda commented Feb 10, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

This comment has been minimized.

AkihiroSuda commented Feb 14, 2020

Uh oh!

tianon commented Feb 15, 2020

Uh oh!

thaJeztah commented Feb 15, 2020

Uh oh!

tianon commented Feb 15, 2020

Uh oh!

AkihiroSuda commented Feb 18, 2020

Uh oh!

AkihiroSuda commented Feb 24, 2020

Uh oh!

Uh oh!

Uh oh!

cpuguy83 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

thaJeztah left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

AkihiroSuda commented Feb 10, 2020 •

edited

Loading

AkihiroSuda commented Feb 10, 2020 •

edited

Loading