Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quadlet - Add support for .pod units #20762

Merged
merged 1 commit into from
Nov 28, 2023
Merged

Quadlet - Add support for .pod units #20762

merged 1 commit into from
Nov 28, 2023

Conversation

ygalblum
Copy link
Contributor

Add support for .pod unit files with only PodmanArgs, GlobalArgs, ContainersConfModule and PodName
Add support for linking .container units with .pod ones
Add e2e and system tests
Add to man page

Does this PR introduce a user-facing change?

Yes

Quadlet - Add support for .pod unit files

Resolves: #17687

@openshift-ci openshift-ci bot added release-note approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Nov 23, 2023
@ygalblum
Copy link
Contributor Author

@vrothberg PTAL.
This change required some additional mechanism in order to allow for the cyclic dependency between .pod and .container files. For this reason, I deliberately did not add support for any specific keys other than PodName to allow adding this feature more quickly and to allow for a simpler review.

@ygalblum
Copy link
Contributor Author

@edsantiago can you please take a look at the test I added. My main problem is with the sleep I added. The problem is that since the services are linked with "Want" and "Before", I need to wait for the container service to transition from Activating to Active. But, AFAIK there's no way to do a retry on the assert.

vrothberg
vrothberg reviewed Nov 24, 2023
View reviewed changes
Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for putting this together, @ygalblum ! Quite impressive how elegantly pods can be supported in Quadlet. Just some nits and a comment on the dependencies.

The units from generate systemd set dependencies between the units which I do not see here:

Wants=container-...
Before=container-...

and

BindsTo=pod-...
After=pod-...

docs/source/markdown/podman-systemd.unit.5.md Outdated Show resolved Hide resolved
docs/source/markdown/podman-systemd.unit.5.md Show resolved Hide resolved
docs/source/markdown/podman-systemd.unit.5.md Show resolved Hide resolved
test/e2e/quadlet/name.pod Show resolved Hide resolved
test/e2e/quadlet/podmanargs.pod Show resolved Hide resolved
test/system/252-quadlet.bats Outdated Show resolved Hide resolved
@ygalblum
Copy link
Contributor Author

@vrothberg Regarding your comment about the dependencies.

The unit for the .pod file is linked to the corresponding units of the .container files here:
https://github.com/containers/podman/pull/20762/files#diff-a6aef00ed2763cf69a94f6c50af8ab3fd48532d01b2f1bf527e5545e984a1021R1282

The unit for the .container file is linked to the corresponding unit of the .pod file here:
https://github.com/containers/podman/pull/20762/files#diff-a6aef00ed2763cf69a94f6c50af8ab3fd48532d01b2f1bf527e5545e984a1021R1811

For example,
test.pod

[Pod]
PodName=test

first.container

[Container]
Image=registry.fedoraproject.org/fedora:38
Exec=sh -c "sleep inf"
Pod=test.pod

second.container

[Container]
Image=registry.fedoraproject.org/fedora:38
Exec=sh -c "sleep inf"
Pod=test.pod

Produce the following:

---first.service---
[X-Container]
Image=registry.fedoraproject.org/fedora:38
Exec=sh -c "sleep inf"
Pod=test.pod

[Unit]
SourcePath=/tmp/quadlet/first.container
RequiresMountsFor=%t/containers
BindsTo=test-pod.service
After=test-pod.service

[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
KillMode=mixed
ExecStop=/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
ExecStopPost=-/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
Delegate=yes
Type=notify
NotifyAccess=all
SyslogIdentifier=%N
ExecStart=/usr/bin/podman run --name=systemd-%N --cidfile=%t/%N.cid --replace --rm --cgroups=split --sdnotify=conmon -d --pod-id-file %t/test-pod.pod-id registry.fedoraproject.org/fedora:38 sh -c "sleep inf"

---second.service---
[X-Container]
Image=registry.fedoraproject.org/fedora:38
Exec=sh -c "sleep inf"
Pod=test.pod

[Unit]
SourcePath=/tmp/quadlet/second.container
RequiresMountsFor=%t/containers
BindsTo=test-pod.service
After=test-pod.service

[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
KillMode=mixed
ExecStop=/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
ExecStopPost=-/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
Delegate=yes
Type=notify
NotifyAccess=all
SyslogIdentifier=%N
ExecStart=/usr/bin/podman run --name=systemd-%N --cidfile=%t/%N.cid --replace --rm --cgroups=split --sdnotify=conmon -d --pod-id-file %t/test-pod.pod-id registry.fedoraproject.org/fedora:38 sh -c "sleep inf"

---test-pod.service---
[X-Pod]
PodName=test

[Unit]
SourcePath=/tmp/quadlet/test.pod
RequiresMountsFor=%t/containers
Wants=first.service
Before=first.service
Wants=second.service
Before=second.service

[Service]
SyslogIdentifier=%N
ExecStart=/usr/bin/podman pod start --pod-id-file=%t/%N.pod-id
ExecStop=/usr/bin/podman pod stop --pod-id-file=%t/%N.pod-id --ignore --time=10
ExecStopPost=/usr/bin/podman pod rm --pod-id-file=%t/%N.pod-id --ignore --force
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile=%t/%N.pid --pod-id-file=%t/%N.pod-id --exit-policy=stop --replace --name=test
Environment=PODMAN_SYSTEMD_UNIT=%n
Type=forking
Restart=on-failure
PIDFile=%t/%N.pid

@vrothberg
Copy link
Member

@vrothberg Regarding your comment about the dependencies.

The unit for the .pod file is linked to the corresponding units of the .container files here: https://github.com/containers/podman/pull/20762/files#diff-a6aef00ed2763cf69a94f6c50af8ab3fd48532d01b2f1bf527e5545e984a1021R1282

The unit for the .container file is linked to the corresponding unit of the .pod file here: https://github.com/containers/podman/pull/20762/files#diff-a6aef00ed2763cf69a94f6c50af8ab3fd48532d01b2f1bf527e5545e984a1021R1811

Thanks a lot, @ygalblum!

I should have paid more attention to the docs. I left another comment on that subject. The rest LGTM. Great work!

edsantiago
edsantiago suggested changes Nov 27, 2023
View reviewed changes
test/system/helpers.bash Show resolved Hide resolved
test/system/helpers.bash Outdated Show resolved Hide resolved
test/system/helpers.bash Outdated Show resolved Hide resolved
vrothberg
vrothberg reviewed Nov 28, 2023
View reviewed changes
Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Just spotted two missing dots.
@rhatdan @edsantiago PTAL

docs/source/markdown/podman-systemd.unit.5.md Outdated Show resolved Hide resolved
docs/source/markdown/podman-systemd.unit.5.md Outdated Show resolved Hide resolved
@packit-as-a-service Packit-as-a-Service
Copy link

Cockpit tests failed for commit 48a348a9d0fe849356f510f4b3b8c0ae84e6de62. @martinpitt, @jelly, @mvollmer please check.

edsantiago
edsantiago reviewed Nov 28, 2023
View reviewed changes
Copy link
Member

@edsantiago edsantiago left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, with one documentation request and one test-log-cleanup request. And could you please squash your commits? Thank you!

docs/source/markdown/podman-systemd.unit.5.md Outdated
@@ -72,7 +70,8 @@ Quadlet requires the use of cgroup v2, use `podman info --format {{.Host.Cgroups
### Service Type

By default, the `Type` field of the `Service` section of the Quadlet file does not need to be set.
Quadlet will set it to `notify` for `.container` and `.kube` files and to `oneshot` for `.volume`, `.network` and `.image` files.
Quadlet will set it to `notify` for `.container` and `.kube` files,
`forking` for `.pod` and `oneshot` for `.volume`, `.network` and `.image` files.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This takes a few retries for my brain to parse. I think 'files' and a comma would help:

... for .pod files, and ...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

test/system/252-quadlet.bats

# Container should not exist
run_podman 1 container exists ${container_name}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add run_podman rmi $(pause_image) to avoid nasty red warnings.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@ygalblum
Quadlet - Add support for .pod units
6b2f481 
Add support for .pod unit files with only PodmanArgs, GlobalArgs, ContainersConfModule and PodName
Add support for linking .container units with .pod ones
Add e2e and system tests
Add to man page

Signed-off-by: Ygal Blum <[email protected]>
@ygalblum
Copy link
Contributor Author

@edsantiago all done. Thanks

vrothberg
vrothberg approved these changes Nov 28, 2023
View reviewed changes
Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/hold

@openshift-ci openshift-ci bot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm Indicates that a PR is ready to be merged. labels Nov 28, 2023
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 28, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: edsantiago, vrothberg, ygalblum

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [edsantiago,vrothberg,ygalblum]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@edsantiago
Copy link
Member

/hold cancel

Thanks @ygalblum

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 28, 2023
@openshift-merge-bot openshift-merge-bot bot merged commit 545daed into containers:main Nov 28, 2023
93 checks passed
@ygalblum ygalblum deleted the quadlet-pod branch November 28, 2023 15:12
@Luap99 Luap99 mentioned this pull request Nov 30, 2023
Closed
@drewlsvern drewlsvern mentioned this pull request Nov 30, 2023
Closed
@gdmn
Copy link

gdmn commented Jan 8, 2024

Should it be merged into 4.8 branch? I have 4.8.3 on Archlinux and pod support seems not to be present: quadlet-generator[50966]: converting "miniflux-db.container": unsupported key 'Pod' in group 'Container' in /home/..../.config/containers/systemd/miniflux-db.container

@ygalblum
Copy link
Contributor Author

ygalblum commented Jan 8, 2024

@gdmn Sorry, but the support for .pod files missed the cutoff date for V4.8 and new features are not merged into patch releases. It will be part of the next version

@jeancf jeancf mentioned this pull request Jan 26, 2024
Closed
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Apr 8, 2024
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@edsantiago edsantiago edsantiago approved these changes

@vrothberg vrothberg vrothberg approved these changes

Assignees

@vrothberg vrothberg

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ygalblum @vrothberg @edsantiago @gdmn