diff options
| author | Robb Manes <robbmanes@protonmail.com> | 2021-03-16 12:42:02 -0400 |
|---|---|---|
| committer | Robb Manes <robbmanes@protonmail.com> | 2021-03-26 08:53:26 -0400 |
| commit | 748826fc88fcdba373dfcb0986bc3c08b8b858fe (patch) | |
| tree | 06aaecf92bbe6f0af5be514287b1371fc02ddebd /pkg/systemd/generate/containers.go | |
| parent | 604459b404ed190f51e8b368c619323317078232 (diff) | |
| download | podman-748826fc88fcdba373dfcb0986bc3c08b8b858fe.tar.gz podman-748826fc88fcdba373dfcb0986bc3c08b8b858fe.tar.bz2 podman-748826fc88fcdba373dfcb0986bc3c08b8b858fe.zip | |
Add RequiresMountsFor= to systemd generate
It is rare but possible that storage locations for the graphroot and the
runroot are not mounted at boot time, and therefore might race when
doing container operations. An example we've seen in the wild is that a
slow tmpfs mount for the runroot would suddenly mount over /run, causing
the container to lose all currently-running data, requiring a system
refresh to get it back.
This patch adds RequiresMountsFor= to the systemd.unit header to ensure
the paths for both the graphroot and runroot are mounted prior to
starting any generated unit files.
Signed-off-by: Robb Manes <rmanes@redhat.com>
Diffstat (limited to 'pkg/systemd/generate/containers.go')
| -rw-r--r-- | pkg/systemd/generate/containers.go | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index 9343a5067..bc13a6116 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -71,6 +71,12 @@ type containerInfo struct { // If not nil, the container is part of the pod. We can use the // podInfo to extract the relevant data. Pod *podInfo + // Location of the GraphRoot for the container. Required for ensuring the + // volume has finished mounting when coming online at boot. + GraphRoot string + // Location of the RunRoot for the container. Required for ensuring the tmpfs + // or volume exists and is mounted when coming online at boot. + RunRoot string } const containerTemplate = headerTemplate + ` @@ -132,6 +138,21 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste nameOrID, serviceName := containerServiceName(ctr, options) + store := ctr.Runtime().GetStore() + if store == nil { + return nil, errors.Errorf("could not determine storage store for container") + } + + graphRoot := store.GraphRoot() + if graphRoot == "" { + return nil, errors.Errorf("could not lookup container's graphroot: got empty string") + } + + runRoot := store.RunRoot() + if runRoot == "" { + return nil, errors.Errorf("could not lookup container's runroot: got empty string") + } + info := containerInfo{ ServiceName: serviceName, ContainerNameOrID: nameOrID, @@ -140,6 +161,8 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste StopTimeout: timeout, GenerateTimestamp: true, CreateCommand: createCommand, + GraphRoot: graphRoot, + RunRoot: runRoot, } return &info, nil |