Skip to content

config: change prestart hook spec to match reality#1169

Merged
cyphar merged 1 commit intoopencontainers:mainfrom
corhere:align-prestart-with-reality
Jan 24, 2023
Merged

config: change prestart hook spec to match reality#1169
cyphar merged 1 commit intoopencontainers:mainfrom
corhere:align-prestart-with-reality

Conversation

@corhere
Copy link
Contributor

@corhere corhere commented Nov 2, 2022
edited
Loading

runC originally implemented prestart hooks contrary to the spec. And it still implements them the same way today, as it would break a lot of projects which have come to rely on the existing behaviour. Any OCI runtime implementations which want to be compatible with projects that have come to rely on the existing runC behaviour must also implement them contrary to the spec. Furthermore, the Lifecycle section of the spec requires the existing runC behaviour for the prestart hook, directly contradicting the section of the spec which defines the prestart hook in config.md!

runtime-spec/runtime.md

Lines 52 to 77 in 494a5a6

## <a name="runtimeLifecycle" />Lifecycle
The lifecycle describes the timeline of events that happen from when a container is created to when it ceases to exist.
1. OCI compliant runtime's [`create`](runtime.md#create) command is invoked with a reference to the location of the bundle and a unique identifier.
2. The container's runtime environment MUST be created according to the configuration in [`config.json`](config.md).
If the runtime is unable to create the environment specified in the [`config.json`](config.md), it MUST [generate an error](#errors).
While the resources requested in the [`config.json`](config.md) MUST be created, the user-specified program (from [`process`](config.md#process)) MUST NOT be run at this time.
Any updates to [`config.json`](config.md) after this step MUST NOT affect the container.
3. The [`prestart` hooks](config.md#prestart) MUST be invoked by the runtime.
If any `prestart` hook fails, the runtime MUST [generate an error](#errors), stop the container, and continue the lifecycle at step 12.
4. The [`createRuntime` hooks](config.md#createRuntime-hooks) MUST be invoked by the runtime.
If any `createRuntime` hook fails, the runtime MUST [generate an error](#errors), stop the container, and continue the lifecycle at step 12.
5. The [`createContainer` hooks](config.md#createContainer-hooks) MUST be invoked by the runtime.
If any `createContainer` hook fails, the runtime MUST [generate an error](#errors), stop the container, and continue the lifecycle at step 12.
6. Runtime's [`start`](runtime.md#start) command is invoked with the unique identifier of the container.
7. The [`startContainer` hooks](config.md#startContainer-hooks) MUST be invoked by the runtime.
If any `startContainer` hook fails, the runtime MUST [generate an error](#errors), stop the container, and continue the lifecycle at step 12.
8. The runtime MUST run the user-specified program, as specified by [`process`](config.md#process).
9. The [`poststart` hooks](config.md#poststart) MUST be invoked by the runtime.
If any `poststart` hook fails, the runtime MUST [log a warning](#warnings), but the remaining hooks and lifecycle continue as if the hook had succeeded.
10. The container process exits.
This MAY happen due to erroring out, exiting, crashing or the runtime's [`kill`](runtime.md#kill) operation being invoked.
11. Runtime's [`delete`](runtime.md#delete) command is invoked with the unique identifier of the container.
12. The container MUST be destroyed by undoing the steps performed during create phase (step 2).
13. The [`poststop` hooks](config.md#poststop) MUST be invoked by the runtime.
If any `poststop` hook fails, the runtime MUST [log a warning](#warnings), but the remaining hooks and lifecycle continue as if the hook had succeeded.

runtime-spec/config.md

Line 445 in 494a5a6

The `prestart` hooks MUST be called after the [`start`](runtime.md#start) operation is called but [before the user-specified program command is executed](runtime.md#lifecycle).

Given that existing implementations cannot be changed, the spec contradicts existing implementations, and the spec contradicts itself, amending the spec to align with the existing runC behaviour is the only viable way to resolve the contradiction.

@corhere
config: change prestart hook spec to match reality
f225699 
runC originally implemented prestart hooks contrary to the spec. And it
still implements them the same way today, as it would break a lot of
projects which have come to rely on the existing behaviour. Any OCI
runtime implementations which want to be compatible with projects that
have come to rely on the existing runC behaviour must also implement
them contrary to the spec. Furthermore, the Lifecycle section of the
spec requires the existing runC behaviour for the prestart hook,
_directly contradicting the section of the spec which defines the
prestart hook in config.md!_ Given that existing implementations cannot
be changed, the spec contradicts existing implementations, and the spec
contradicts _itself_, amending the spec to align with the existing runC
behaviour is the only viable way to resolve the contradiction.

Signed-off-by: Cory Snider <[email protected]>
@AkihiroSuda
Copy link
Member

AkihiroSuda commented Nov 2, 2022

Alternative to #1167 for resolving the conflict within the spec

Do you want which of #1167 and #1169 to be merged?

@corhere
Copy link
Contributor Author

corhere commented Nov 3, 2022

Do you want which of #1167 and #1169 to be merged?

I just want clarity on when in the container lifecycle hooks are expected to be executed. I have no strong preference on how.

@h-vetinari
Copy link
Contributor

h-vetinari commented Dec 19, 2022
edited
Loading

Do you want which of #1167 and #1169 to be merged?

I just want clarity on when in the container lifecycle hooks are expected to be executed. I have no strong preference on how.

I think this PR is clearly preferable to #1167, as it codifies existing behaviour (which was the hole point of the hooks saga), rather than break them through the spec (and have implementations not follow because it'd break their consumers).

AkihiroSuda
AkihiroSuda reviewed Dec 24, 2022
View reviewed changes
config.md

The definition of `createRuntime` hooks is currently underspecified and hooks authors, should only expect from the runtime that the mount namespace have been created and the mount operations performed. Other operations such as cgroups and SELinux/AppArmor labels might not have been performed by the runtime.

Note: `runc` originally implemented `prestart` hooks contrary to the spec, namely as part of the `create` operation (instead of during the `start` operation). This incorrect implementation actually corresponds to `createRuntime` hooks. For runtimes that implement the deprecated `prestart` hooks as `createRuntime` hooks, `createRuntime` hooks MUST be called after the `prestart` hooks.
Copy link
Member

@AkihiroSuda AkihiroSuda Dec 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can add a note that runc was contrary to the spec v1.0 but now conforms to this spec v1.1.

@AkihiroSuda AkihiroSuda mentioned this pull request Dec 24, 2022
Closed
@AkihiroSuda
Copy link
Member

AkihiroSuda commented Jan 4, 2023

code-review/pullapprove Pending

The PR is not mergable due to the pending pullapprove but the pullapprove link doesn't work.
Can we just remove it?
cc @caniszczyk

@AkihiroSuda
Copy link
Member

AkihiroSuda commented Jan 5, 2023

cc @opencontainers/runc-maintainers to confirm that we are fine to amend the spec to match the reality of runc

@AkihiroSuda AkihiroSuda mentioned this pull request Jan 11, 2023
Closed
@AkihiroSuda
Copy link
Member

AkihiroSuda commented Jan 19, 2023

@opencontainers/runc-maintainers @opencontainers/runtime-spec-maintainers Ready to merge this?

giuseppe
giuseppe approved these changes Jan 20, 2023
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

cyphar
cyphar approved these changes Jan 24, 2023
View reviewed changes
Copy link
Member

@cyphar cyphar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@cyphar cyphar closed this in 5cfc4c3 Jan 24, 2023
@cyphar cyphar merged commit 5cfc4c3 into opencontainers:main Jan 24, 2023
@AkihiroSuda AkihiroSuda mentioned this pull request Jan 24, 2023
Merged
@rumpl rumpl mentioned this pull request Jan 31, 2023
Merged
@AkihiroSuda AkihiroSuda added this to the v1.1.0 milestone Feb 1, 2023
@corhere corhere deleted the align-prestart-with-reality branch June 3, 2023 20:04
@AkihiroSuda AkihiroSuda mentioned this pull request Jun 26, 2023
Merged
12 tasks
@cyphar cyphar mentioned this pull request Jul 19, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@giuseppe giuseppe giuseppe approved these changes

@tianon tianon tianon approved these changes

@cyphar cyphar cyphar approved these changes

@hqhq hqhq hqhq approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@crosbymichael crosbymichael Awaiting requested review from crosbymichael crosbymichael is a code owner

@dqminh dqminh Awaiting requested review from dqminh dqminh is a code owner

@kolyshkin kolyshkin Awaiting requested review from kolyshkin kolyshkin is a code owner

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@thaJeztah thaJeztah Awaiting requested review from thaJeztah thaJeztah is a code owner

@vbatts vbatts Awaiting requested review from vbatts

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v1.1.0

Development

Successfully merging this pull request may close these issues.

7 participants

@corhere @AkihiroSuda @h-vetinari @giuseppe @tianon @cyphar @hqhq