Move storage options to driver specific entries #432
Conversation
|
Fixes: #423 |
rhatdan
force-pushed
the
storageopts
branch
from
55a7a7a to
a713ac4
Compare
pkg/config/config.go
Outdated
| // MountOpt specifies extra mount options used when mounting | ||
| MountOpt string `toml:"mountopt"` | ||
| // Name of the ZFS File system | ||
| Name string `toml:"name"` |
There was a problem hiding this comment.
should this be fsname or is it wrong in the manpage?
storage.conf
Outdated
| # ignore_chown_errors can be set to allow a non privileged user running with | ||
| # a single UID within a user namespace to run containers. The user can pull | ||
| # and use any image even those with multiple uids. Note multiple UIDs will be | ||
| # squasheddown to the default uid in the container. These images will have no |
There was a problem hiding this comment.
s/squashed down/squasheddown/
rhatdan
force-pushed
the
storageopts
branch
from
a713ac4 to
66c60ae
Compare
|
Helps fix containers/buildah#1859 |
|
Oh this again 😖 I also thought I fixed this... |
|
...oh right yes, There's another (more through) fix in #408 which uses the libpod VM cache-images. Those have all these *&!J_$#ing background package-update services disabled. That PR is blocked on a testing-bug, though I'll try rebasing/re-testing again to try and shove it forward... |
|
...nope still failing. The best short-term fix here is to bump up the "short" timeout value: diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index fbd3ba15c..a8a5b8138 100755
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -62,7 +62,7 @@ export DEBIAN_FRONTEND=noninteractive
# Short-cut for frequently used base command
export SUDOAPTGET='sudo -E apt-get -q --yes'
# Short list of packages or quick-running command
-SHORT_APTGET="timeout_attempt_delay_command 24s 5 30s $SUDOAPTGET"
+SHORT_APTGET="timeout_attempt_delay_command 120s 5 60s $SUDOAPTGET"
# Long list / long-running command
LONG_APTGET="timeout_attempt_delay_command 300s 5 60s $SUDOAPTGET"
Though TBH it may need to be even longer. What's likely happening, is this (stooooopid) systemd service is running at boot, and trying to upgrade all the packages on the system. Then, if there's any kind of networking slowdown or the repo. is busy, it can hold that lock for quite a while. Before you ask, I already researched the safety of killing the damn thing...general sentiment was it's not, and could end up corrupting the database 😢 Outright disabling the dagumnit services in the image is the ideal fix (PR #408) but is blocked by unit-test breakage I have not been able to figure out (issue #419). |
|
OMG it's worse 😭 after poking the hornet's nest, there's also packaging crap Ubuntu does ON BOOT which has to be turned off separately. Will the madness never end! (base-image fix for this is tricky, since that requires booting the image - not done by design for base images). I'm working on a fix for this that will hit the libpod cache images, and come here via #408 (eventually). |
|
Meaning: For this PR, the best we can do in short-order is the timeout suggestion above. |
rhatdan
force-pushed
the
storageopts
branch
from
66c60ae to
3a0b468
Compare
There was a problem hiding this comment.
We really need tests for this new behavior and the commit/PR should document in greater detail what changes, how users can migrate to /use the new behavior and if we remain backward compatible.
Do we remain backwards compatible? Some users may depend on the previous behavior.
store.go
Outdated
| @@ -3394,6 +3350,83 @@ func ReloadConfigurationFile(configFile string, storeOptions *StoreOptions) { | |||
| if os.Getenv("STORAGE_DRIVER") != "" { | |||
| storeOptions.GraphDriverName = os.Getenv("STORAGE_DRIVER") | |||
| } | |||
| switch storeOptions.GraphDriverName { | |||
There was a problem hiding this comment.
Please create driver-specific functions for extracting the storage options. This will hopefully make the code easier to read, document and maintain. Currently, the switch table is too big for my eyes to easily follow what's going on.
There was a problem hiding this comment.
This is tough to do, since the driver has not been created yet. It would be nice if the known options were stored in the drivers themselves though.
store.go
Outdated
| if config.Storage.Options.Thinpool.XfsNoSpaceMaxRetries != "" { | ||
| storeOptions.GraphDriverOptions = append(storeOptions.GraphDriverOptions, fmt.Sprintf("dm.xfs_nospace_max_retries=%s", config.Storage.Options.Thinpool.XfsNoSpaceMaxRetries)) | ||
| } | ||
| case "overlay": |
There was a problem hiding this comment.
Empty new line missing before the new case.
docs/containers-storage.conf.5.md
Outdated
|
|
||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". | ||
|
|
||
| ### STORAGE OPTIONS FOR BTRFS TABLE |
There was a problem hiding this comment.
BTRFS is already mentioned above. Let's remove this entry here.
docs/containers-storage.conf.5.md
Outdated
| The `storage.options.aufs` table supports the following options: | ||
|
|
||
| **mountopt**="" | ||
|
|
| @@ -155,6 +154,10 @@ Specifies the min free space percent in a thin pool required for new device crea | |||
|
|
|||
| Specifies extra mkfs arguments to be used when creating the base device. | |||
|
|
|||
| **mountopt**="" | |||
|
|
|||
| **mountopt**="" | ||
|
|
||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". | ||
|
|
||
| **use_deferred_deletion**="" | ||
|
|
| mount_program = "/usr/bin/fuse-overlayfs" | ||
|
|
||
| **mountopt**="" | ||
|
|
| File System name for the zfs driver | ||
|
|
||
| **mountopt**="" | ||
|
|
docs/containers-storage.conf.5.md
Outdated
| The `storage.options.overlay` table supports the following options: | ||
|
|
||
| **ignore_chown_errors** = "true|False" | ||
| ignore_chown_errors can be set to allow a non privileged user running with a single UID within a user namespace to run containers. The user can pull and use any image even those with multiple uids. Note multiple UIDs will be squashed down to the default uid in the container. These images will have no separation between the users in the container. Only supported for the overlay and vfs drivers. |
There was a problem hiding this comment.
The last sentence suggests that we also need a doc entry and checks for vfs.
rhatdan
force-pushed
the
storageopts
branch
3 times, most recently
from
66444c7 to
1833eef
Compare
|
@rhatdan, do we remain backwards compatible with this PR? I didn't test it yet. |
|
Yes, and I added tests to make sure. |
|
Although I did find a couple of more backwards compatibility issues. Should be fixed now. |
docs/containers-storage.conf.5.md
Outdated
| Default Copy On Write (COW) container storage driver | ||
| Valid drivers are "overlay", "vfs", "devmapper", "aufs", "btrfs", and "zfs" | ||
| Some drivers (for example, "zfs", "btrfs", and "aufs") may not work if your kernel lacks support for the filesystem | ||
| Default Copy On Write (COW) container storage driver. Valid drivers are "overlay", "vfs", "devmapper", "aufs", "btrfs", and "zfs". Some drivers (for example, "zfs", "btrfs", and "aufs") may not work if your kernel lacks support for the filesystem |
There was a problem hiding this comment.
There are a lot of missed periods. Fixed.
docs/containers-storage.conf.5.md
Outdated
| container to UID 1668442479 outside. UID 1 will be mapped to 1668442480. | ||
| UID 2 will be mapped to 1668442481, etc, for the next 65533 UIDs in | ||
| Succession. | ||
| These mappings tell the container engines to map UID 0 inside of the container to UID 1668442479 outside. UID 1 will be mapped to 1668442480. UID 2 will be mapped to 1668442481, etc, for the next 65533 UIDs in Succession. |
There was a problem hiding this comment.
s/succession/Succession/
docs/containers-storage.conf.5.md
Outdated
|
|
||
| **use_deferred_deletion**="" | ||
| **size**="" | ||
| Maximum size of a container image. This flag can be used to set quota on the size of container images. |
There was a problem hiding this comment.
What size? Gb, Mb, Kb, Bytes? Can you specify 120M for 120MB say?
|
|
||
| **mkfsarg**="" | ||
| Specifies extra mkfs arguments to be used when creating the base device. |
There was a problem hiding this comment.
list of accepted values or pointer to a man page with them?
There was a problem hiding this comment.
I will pass on this one, This is an old section, and I think this differs depending on the underlying file system.
docs/containers-storage.conf.5.md
Outdated
|
|
||
| Specifies extra mkfs arguments to be used when creating the base device. | ||
| **mountopt**="" | ||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". |
There was a problem hiding this comment.
ditto list of accepted values.
There was a problem hiding this comment.
Pointed them off to mount man page.
docs/containers-storage.conf.5.md
Outdated
|
|
||
| ### STORAGE OPTIONS FOR THINPOOL TABLE | ||
| **mountopt**="" | ||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". |
docs/containers-storage.conf.5.md
Outdated
|
|
||
| **autoextend_threshold**="" | ||
| **size**="" | ||
| Maximum size of a container image. This flag can be used to set quota on the size of container images. |
|
|
||
| **fs**="xfs" | ||
|
|
||
| Specifies the filesystem type to use for the base device. (default: xfs) | ||
| Specifies the filesystem type to use for the base device. (default: xfs) |
|
|
||
| **size**="" | ||
| Maximum size of a container image. This flag can be used to set quota on the size of container images. | ||
|
|
docs/containers-storage.conf.5.md
Outdated
| mount_program = "/usr/bin/fuse-overlayfs" | ||
|
|
||
| **mountopt**="" | ||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". |
docs/containers-storage.conf.5.md
Outdated
| Specifies the maximum number of retries XFS should attempt to complete IO when ENOSPC (no space) error is returned by underlying storage device. (default: 0, which means to try continuously.) | ||
| The `storage.options.overlay` table supports the following options: | ||
|
|
||
| **ignore_chown_errors** = "true|False" |
There was a problem hiding this comment.
What's the default? Did you mean to upper case "False" here?
docs/containers-storage.conf.5.md
Outdated
| File System name for the zfs driver | ||
|
|
||
| **mountopt**="" | ||
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". |
docs/containers-storage.conf.5.md
Outdated
| Comma separated list of default options to be used to mount container images. Suggested value "nodev". | ||
|
|
||
| **size**="" | ||
| Maximum size of a container image. This flag can be used to set quota on the size of container images. |
docs/containers-storage.conf.5.md
Outdated
|
|
||
| ## SELINUX LABELING | ||
|
|
||
| When running on an SELinux system, if you move the containers storage graphroot directory, you must make sure the labeling is correct. | ||
|
|
||
| Tell SELinux about the new containers storage by setting up an equivalence record. | ||
| This tells SELinux to label content under the new path, as if it was stored | ||
| Tell SELinux about the new containers storage by setting up an equivalence record. This tells SELinux to label content under the new path, as if it was stored |
There was a problem hiding this comment.
There already is on the next line.
rhatdan
force-pushed
the
storageopts
branch
3 times, most recently
from
907b0d4 to
fc23a24
Compare
|
Ok I have updated and fixed all found issues. Added more info in man pages. I think this is ready to merge. |
|
LGTM, would like a head nod from others. |
Storage options are really driver specific and it is when distributions set defaults, they should not effect the user if he changes the default driver. By moving the storage options to be driver specific, we can make sure all drivers only document and support their options. With this patch we will continue to support the global mountopt but the driver specific version will override the global mountopt. Signed-off-by: Daniel J Walsh <[email protected]>
|
@nalind @giuseppe @vrothberg PTAL |
|
Testing it now locally |
Storage options are really driver specific and it is when distributions set defaults, they
should not effect the user if he changes the default driver. By moving the storage options
to be driver specific, we can make sure all drivers only document and support their options.
Signed-off-by: Daniel J Walsh [email protected]