podman: allow usage of gVisor as OCI runtime #1570
Conversation
|
/cc @rhatdan |
|
I think that having a package-internal variable with |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
libpod/oci.go
Outdated
| @@ -453,7 +453,7 @@ func (r *OCIRuntime) updateContainerStatus(ctr *Container) error { | |||
| cmd := exec.Command(r.path, "state", ctr.ID()) | |||
| cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) | |||
|
|
|||
| out, err := cmd.CombinedOutput() | |||
| out, err := cmd.Output() | |||
|
/lgtm cancel |
|
NACK as is - we need to retain the error message from the runtime. In the runc case, checking STDERR for "container does not exist" allows us to fix bad bugs where Podman's state says a container is running but it actually doesn't exist in the runtime. |
|
@vrothberg The bot actually doesn't support more than one LGTM, so mostly we're throwing old-fashioned LGTMs on and then doing a /lgtm when we have 2 or more and are good to merge |
Thanks, @mheon, I will keep that in mind :) |
|
LGTM, assuming happy tests. |
I've pushed a new version where I use two different pipes instead of their combined output. |
utils/utils.go
Outdated
| @@ -29,11 +29,12 @@ func ExecCmd(name string, args ...string) (string, error) { | |||
| } | |||
|
|
|||
| // ExecCmdWithStdStreams execute a command with the specified standard streams. | |||
| func ExecCmdWithStdStreams(stdin io.Reader, stdout, stderr io.Writer, name string, args ...string) error { | |||
| func ExecCmdWithStdStreams(env []string, stdin io.Reader, stdout, stderr io.Writer, name string, args ...string) error { | |||
There was a problem hiding this comment.
@baude - Didn't you make this change in another of your PRs? Might want to hash this out to try and avoid breaking each other
|
@giuseppe Thanks for the changes looks fine now! |
giuseppe
force-pushed
the
fix-gvisor
branch
2 times, most recently
from
f791437 to
e09a86b
Compare
|
☔ The latest upstream changes (presumably #1528) made this pull request unmergeable. Please resolve the merge conflicts. |
Fix an issue when using gVisor that couldn't start the container since the XDG_RUNTIME_DIR env variable used for the "create" and "start" commands is different. Set the environment variable for each command so that the OCI runtime gets always the same value. Signed-off-by: Giuseppe Scrivano <[email protected]>
read the OCI status from stdout, not the combined stdout+stderr stream. Signed-off-by: Giuseppe Scrivano <[email protected]>
|
/retest |
|
did you test gvisor with rootless? |
I did a quick test but it seems to fail even with a simple test case |
|
tests are finally passing |
|
LGTM |
|
I'd love to see a blog next week posted to podman.io talking about this and showing an asciinema demo... |
|
/lgtm |
💯 percent agreed with @TomSweeneyRedHat! That's a really nice showcase and will attract attention. |
github-actions
bot
added
the
locked - please file new issue/PR
fix a couple of issues that prevented the usage of gVisor as runtime
$RUNTIME stateoutput from stdout not stdout+stderr