From c8f57b71a4255938efa23fec37c59181c1c657e4 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 5 Jun 2020 10:44:16 -0400 Subject: Fix handling of systemd. Systemd enablement has to happen on the server side, since we need check if the image is running systemd. Also need to make sure user setting the StopSignal is not overriden on the server side. But if not set and using systemd, we set it correctly. Signed-off-by: Daniel J Walsh --- cmd/podman/common/create.go | 2 +- cmd/podman/common/create_opts.go | 2 +- cmd/podman/common/specgen.go | 34 +++++----------------------- pkg/specgen/container_validate.go | 2 +- pkg/specgen/generate/container_create.go | 38 +++++++++++++++++++++++++++++++- test/e2e/systemd_test.go | 8 ------- 6 files changed, 46 insertions(+), 40 deletions(-) diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index 4d4dea0d2..86cd51643 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -424,7 +424,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet { "Sysctl options", ) createFlags.StringVar( - &cf.SystemdD, + &cf.Systemd, "systemd", "true", `Run container in systemd mode ("true"|"false"|"always")`, ) diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index 8b38e3b47..4cba5daf7 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -85,7 +85,7 @@ type ContainerCLIOpts struct { SubUIDName string SubGIDName string Sysctl []string - SystemdD string + Systemd string TmpFS []string TTY bool UIDMap []string diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index 1fabff378..26003b40f 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -3,7 +3,6 @@ package common import ( "fmt" "os" - "path/filepath" "strconv" "strings" "time" @@ -285,16 +284,13 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.NetNS = c.Net.Network } - // STOP SIGNAL - signalString := "TERM" if sig := c.StopSignal; len(sig) > 0 { - signalString = sig - } - stopSignal, err := util.ParseSignal(signalString) - if err != nil { - return err + stopSignal, err := util.ParseSignal(sig) + if err != nil { + return err + } + s.StopSignal = &stopSignal } - s.StopSignal = &stopSignal // ENVIRONMENT VARIABLES // @@ -439,25 +435,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string s.ImageVolumeMode = "anonymous" } - systemd := c.SystemdD == "always" - if !systemd && command != nil { - x, err := strconv.ParseBool(c.SystemdD) - if err != nil { - return errors.Wrapf(err, "cannot parse bool %s", c.SystemdD) - } - if x && (command[0] == "/usr/sbin/init" || command[0] == "/sbin/init" || (filepath.Base(command[0]) == "systemd")) { - systemd = true - } - } - if systemd { - if s.StopSignal == nil { - stopSignal, err = util.ParseSignal("RTMIN+3") - if err != nil { - return errors.Wrapf(err, "error parsing systemd signal") - } - s.StopSignal = &stopSignal - } - } + s.Systemd = c.Systemd if s.ResourceLimits == nil { s.ResourceLimits = &specs.LinuxResources{} } diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go index 75da38c0e..2c5891f9a 100644 --- a/pkg/specgen/container_validate.go +++ b/pkg/specgen/container_validate.go @@ -38,7 +38,7 @@ func (s *SpecGenerator) Validate() error { } // systemd values must be true, false, or always if len(s.ContainerBasicConfig.Systemd) > 0 && !util.StringInSlice(strings.ToLower(s.ContainerBasicConfig.Systemd), SystemDValues) { - return errors.Wrapf(ErrInvalidSpecConfig, "SystemD values must be one of %s", strings.Join(SystemDValues, ",")) + return errors.Wrapf(ErrInvalidSpecConfig, "--systemd values must be one of %q", strings.Join(SystemDValues, ", ")) } // diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index de398d1e3..74ae848af 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -3,12 +3,14 @@ package generate import ( "context" "os" + "path/filepath" "github.com/containers/common/pkg/config" "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/libpod/image" "github.com/containers/libpod/pkg/specgen" + "github.com/containers/libpod/pkg/util" "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -128,7 +130,41 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. if s.Stdin { options = append(options, libpod.WithStdin()) } - if len(s.Systemd) > 0 { + + useSystemd := false + switch s.Systemd { + case "always": + useSystemd = true + case "false": + break + case "", "true": + command := s.Command + if len(command) == 0 { + command, err = img.Cmd(ctx) + if err != nil { + return nil, err + } + } + + if len(command) > 0 { + if command[0] == "/usr/sbin/init" || command[0] == "/sbin/init" || (filepath.Base(command[0]) == "systemd") { + useSystemd = true + } + } + default: + return nil, errors.Wrapf(err, "invalid value %q systemd option requires 'true, false, always'", s.Systemd) + } + if useSystemd { + // is StopSignal was not set by the user then set it to systemd + // expected StopSigal + if s.StopSignal == nil { + stopSignal, err := util.ParseSignal("RTMIN+3") + if err != nil { + return nil, errors.Wrapf(err, "error parsing systemd signal") + } + s.StopSignal = &stopSignal + } + options = append(options, libpod.WithSystemd()) } if len(s.Name) > 0 { diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go index 1275670eb..a35e5113a 100644 --- a/test/e2e/systemd_test.go +++ b/test/e2e/systemd_test.go @@ -8,7 +8,6 @@ import ( "strings" "time" - "github.com/containers/libpod/pkg/cgroups" . "github.com/containers/libpod/test/utils" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -82,13 +81,6 @@ WantedBy=multi-user.target }) It("podman run container with systemd PID1", func() { - cgroupsv2, err := cgroups.IsCgroup2UnifiedMode() - Expect(err).To(BeNil()) - if cgroupsv2 { - // TODO: Find a way to enable this for v2 - Skip("systemd test does not work in cgroups V2 mode yet") - } - systemdImage := "fedora" pull := podmanTest.Podman([]string{"pull", systemdImage}) pull.WaitWithDefaultTimeout() -- cgit v1.2.3-54-g00ecf