summary refs log tree commit diff
diff options
context:
space:
mode:
authorOleg Pykhalov <go.wigust@gmail.com>2022-07-02 13:41:06 +0300
committerMaxim Cournoyer <maxim.cournoyer@gmail.com>2022-07-13 21:36:41 -0400
commitb33e1a183f6756514e6b6a3b84054a232dbddad4 (patch)
tree61fbe608e29d1fae7491a268906327e2fdd4dac0
parent5f8adea86cac1e0b126b181a4d3cc67c0503f43b (diff)
downloadguix-b33e1a183f6756514e6b6a3b84054a232dbddad4.tar.gz
services: docker: Fix race condition.
Fixes <https://issues.guix.gnu.org/38432>.

* gnu/packages/patches/containerd-create-pid-file.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add this.
* gnu/packages/docker.scm (containerd)[source]: Add this patch.
* gnu/services/docker.scm
(containerd-shepherd-service): Add #:pid-file and #:pid-file-timeout.
* gnu/services/docker.scm (docker-shepherd-service): Add --containerd flag.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
-rw-r--r--gnu/local.mk3
-rw-r--r--gnu/packages/docker.scm6
-rw-r--r--gnu/packages/patches/containerd-create-pid-file.patch31
-rw-r--r--gnu/services/docker.scm5
4 files changed, 41 insertions, 4 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 9f8a2eeb82..07e3497d10 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -17,7 +17,7 @@
 # Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
 # Copyright © 2017, 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
 # Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
-# Copyright © 2018, 2019, 2020, 2021 Oleg Pykhalov <go.wigust@gmail.com>
+# Copyright © 2018, 2019, 2020, 2021, 2022 Oleg Pykhalov <go.wigust@gmail.com>
 # Copyright © 2018 Stefan Stefanović <stefanx2ovic@gmail.com>
 # Copyright © 2018, 2020, 2021, 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 # Copyright © 2019, 2020, 2021, 2022 Guillaume Le Vaillant <glv@posteo.net>
@@ -967,6 +967,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/cmh-support-fplll.patch      		\
   %D%/packages/patches/coda-use-system-libs.patch		\
   %D%/packages/patches/collectd-5.11.0-noinstallvar.patch		\
+  %D%/packages/patches/containerd-create-pid-file.patch		\
   %D%/packages/patches/combinatorial-blas-awpm.patch		\
   %D%/packages/patches/combinatorial-blas-io-fix.patch		\
   %D%/packages/patches/cool-retro-term-wctype.patch		\
diff --git a/gnu/packages/docker.scm b/gnu/packages/docker.scm
index ae4ee419af..184280b38f 100644
--- a/gnu/packages/docker.scm
+++ b/gnu/packages/docker.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de>
 ;;; Copyright © 2020 Katherine Cox-Buday <cox.katherine.e@gmail.com>
 ;;; Copyright © 2020 Jesse Dowell <jessedowell@gmail.com>
-;;; Copyright © 2021 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2021, 2022 Oleg Pykhalov <go.wigust@gmail.com>
 ;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -184,7 +184,9 @@ Python without keeping their credentials in a Docker configuration file.")
              (commit (string-append "v" version))))
        (file-name (git-file-name name version))
        (sha256
-        (base32 "1vsl747i3wyy68j4lp4nprwxadbyga8qxlrk892afcd2990zp5mr"))))
+        (base32 "1vsl747i3wyy68j4lp4nprwxadbyga8qxlrk892afcd2990zp5mr"))
+       (patches
+        (search-patches "containerd-create-pid-file.patch"))))
     (build-system go-build-system)
     (arguments
      (let ((make-flags #~(list (string-append "VERSION=" #$version)
diff --git a/gnu/packages/patches/containerd-create-pid-file.patch b/gnu/packages/patches/containerd-create-pid-file.patch
new file mode 100644
index 0000000000..668ffcd9e9
--- /dev/null
+++ b/gnu/packages/patches/containerd-create-pid-file.patch
@@ -0,0 +1,31 @@
+Copyright © 2022 Oleg Pykhalov <go.wigust@gmail.com>
+
+Create a PID file after containerd is ready to serve requests.
+
+Fixes <https://issues.guix.gnu.org/38432>.
+
+--- a/cmd/containerd/command/notify_linux.go	1970-01-01 03:00:01.000000000 +0300
++++ b/cmd/containerd/command/notify_linux.go	2022-07-02 04:42:35.553753495 +0300
+@@ -22,15 +22,22 @@
+ 	sd "github.com/coreos/go-systemd/v22/daemon"
+ 
+ 	"github.com/containerd/containerd/log"
++
++	"os"
++	"strconv"
+ )
+ 
+ // notifyReady notifies systemd that the daemon is ready to serve requests
+ func notifyReady(ctx context.Context) error {
++	pidFile, _ := os.Create("/run/containerd/containerd.pid")
++	defer pidFile.Close()
++	pidFile.WriteString(strconv.FormatInt(int64(os.Getpid()), 10))
+ 	return sdNotify(ctx, sd.SdNotifyReady)
+ }
+ 
+ // notifyStopping notifies systemd that the daemon is about to be stopped
+ func notifyStopping(ctx context.Context) error {
++	os.Remove("/run/containerd/containerd.pid")
+ 	return sdNotify(ctx, sd.SdNotifyStopping)
+ }
+ 
diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 846ebe8334..741bab5a8c 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -98,6 +98,8 @@ loop-back communications.")
                      ;; For finding containerd-shim binary.
                      #:environment-variables
                      (list (string-append "PATH=" #$containerd "/bin"))
+                     #:pid-file "/run/containerd/containerd.pid"
+                     #:pid-file-timeout 300
                      #:log-file "/var/log/containerd.log"))
            (stop #~(make-kill-destructor)))))
 
@@ -135,7 +137,8 @@ loop-back communications.")
                                   '("--userland-proxy=false"))
                            (if #$enable-iptables?
                                "--iptables"
-                               "--iptables=false"))
+                               "--iptables=false")
+                           "--containerd" "/run/containerd/containerd.sock")
                      #:environment-variables
                      (list #$@environment-variables)
                      #:pid-file "/var/run/docker.pid"