hack/env: Remove tmp volume #16686
hack/env: Remove tmp volume #16686
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: detiber Assign the PR to them by writing The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
openshift-ci-robot
added
the
size/M
|
/assign @smarterclayton @jim-minter |
hack/lib/build/environment.sh
Outdated
| @@ -9,7 +9,7 @@ | |||
| function os::build::environment::create() { | |||
| set -o errexit | |||
| local release_image="${OS_BUILD_ENV_IMAGE}" | |||
| local additional_context="${OS_BUILD_ENV_DOCKER_ARGS:-}" | |||
| local additional_context="${OS_BUILD_ENV_DOCKER_ARGS:-} --tmpfs /tmp:exec" | |||
There was a problem hiding this comment.
what default limits do /tmpfs have?
There was a problem hiding this comment.
@smarterclayton this tells me it is rw, noexec, nosuid, size=65536k
There was a problem hiding this comment.
Inspecting a container run without specifying any mount options:
docker run --rm --tmpfs /tmp -it centos:7 mount | grep /tmp
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noexec,relatime,context="system_u:object_r:container_file_t:s0:c280,c857")
|
Great :) |
|
@jim-minter like this? |
|
@detiber ideal. |
|
yey, this might actually fix a tons of etcd flakes :) |
|
On IRC @smarterclayton requested that hack/env respect $TMPDIR. It should use mktemp to create a dedicated directory under $TMPDIR (and clean up after) and bind mount that to /tmp in the container. |
detiber
changed the title
openshift-ci-robot
added
the
do-not-merge/work-in-progress
detiber
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
@jim-minter @stevekuznetsov @smarterclayton ptal, This now respects $TMPDIR if set, otherwise mounts in a subdirectory of both /tmp and /var/tmp. I also added a $BASEVARTMP var to hack/lib/util/environment.sh so that scripts can distinguish between fast/volatile temp space and slower/persistent temp space, with both getting overridden by $TMPDIR if set to conform as closely to both POSIX and FHS standards as possible. |
hack/env
Outdated
| @@ -31,12 +31,12 @@ | |||
| # | |||
|
|
|||
| # NOTE: only committed code is built. | |||
| source "$(dirname "${BASH_SOURCE}")/lib/init.sh" | |||
| OS_TMP_ENV_SET=y source "$(dirname "${BASH_SOURCE}")/lib/init.sh" | |||
There was a problem hiding this comment.
This is to prevent os::util::environment::setup_tmpdir_vars from being called, otherwise we are making a quite a few unnecessary temporary directories that are not used by hack/env.
There was a problem hiding this comment.
Are they not? The output from os::log::* for instance will go to _output/scripts/env/logs/script.log
There was a problem hiding this comment.
I've removed it with the latest push.
hack/lib/build/environment.sh
Outdated
| local tmpdir_template="openshift-env-XXXXXXXXXX" | ||
| if [[ -n "${TMPDIR:-}" ]]; then | ||
| # If TMPDIR is specified, respect it | ||
| local container_tmpdir=$(mktemp -d --tmpdir ${tmpdir_template}) |
There was a problem hiding this comment.
don't mix scoping statements (local) with expressions that evaluate, like subshells
hack/lib/build/environment.sh
Outdated
| # get the value of TMPDIR from the container | ||
| local container_tmpdir=$(docker inspect -f '{{range $index, $value := .Config.Env}}{{if eq (index (split $value "=") 0) "TMPDIR"}}{{index (split $value "=") 1}}{{end}}{{end}}' "${container}") | ||
| os::log::debug "Removing container tmp directory: ${container_tmpdir}" | ||
| rm -rf "${container_tmpdir}" || os::log::warning "Failed to remove tmpdir: ${container_tmpdir}" |
There was a problem hiding this comment.
if ! rm -rf; then
os::log::warning ...
fi
hack/lib/build/environment.sh
Outdated
| os::log::debug "Removing container tmp directories: ${container_tmpdirs[@]}" | ||
| for tmpdir in "${container_tmpdirs[@]}"; do | ||
| for tmpdir_prefix in /tmp /var/tmp; do | ||
| if [[ "${tmpdir}" == ${tmpdir_prefix}/* ]]; then |
|
/retest |
- Use host TMPDIR or pass in /tmp and /var/tmp from host instead of using a volume for /tmp - Add BASEVARTMPDIR variable and update tito to use it
|
/retest |
1 similar comment
|
/retest |
|
@smarterclayton @stevekuznetsov I believe all issues and comments have been addressed. |
|
@detiber: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@stevekuznetsov @smarterclayton anything else needed to get this in the queue? |
|
This LGTM -- @smarterclayton any last comments? |
|
@detiber PR needs rebase |
openshift-merge-robot
added
the
needs-rebase
|
@detiber can you please rebase? |
|
Superseded by #18242 /close |
hack/env: Remove tmp volume
Resolves: #15573
Removes the use of a volume for /tmp introduced here: #15770
Resolves: #16273