Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
settings.network: add new proxy settings #1204
settings.network: add new proxy settings #1204
Changes from all commits
d72e22a
e60b2fb
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just realized that if docker is now depending on settings, we need to restart it on changes, i.e. make a
docker
service in the model.I guess the service has to be defined separately in the aws-dev and aws-ecs-1 defaults-overrides, since we probably shouldn't have it in the defaults..?
It should probably be restarted before ecs, in the ecs model, though, and we don't have dependencies between services. Maybe in the ecs model, docker is just a restart-command in the ecs service, rather than being its own?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's maybe a race while you're configuring/restarting, but it shouldn't really matter? The ECS agent should tolerate Docker going down and coming back up already. There's also a dependency listed in the unit itself, though I know that our model isn't reading that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ugh, this also applies to containerd, host-containerd, and kubelet, I believe. We haven't dynamically affected the configuration of {host-,}containerd before. kubelet we technically could, and it seems like it wouldn't have worked without a reboot, but they're mostly dynamic settings generated at boot that you wouldn't change. (Maybe labels/taints are the worst offender?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@samuelkarp would containerd be similarly safe to restart? No lost containers, logs, etc.?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bcressey found that restarting host-containerd kills SSH sessions, implying that the admin container is stopped. Not sure if it's a necessary kill, or if our setup is wrong.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Containerd when used either directly through its API or with Docker does no networking and wouldn't need to be restarted.
Containerd when used with Kubernetes (through cri-containerd) does networking to pull images, and would need to be restarted.
By default, containerd will not stop containers when it exits, but systemd might be killing them.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.