Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove hard-coded list of valid cgroupfs mountpoints to bind mount #9508

Merged
merged 1 commit into from
Nov 4, 2020
Merged

Remove hard-coded list of valid cgroupfs mountpoints to bind mount #9508

merged 1 commit into from
Nov 4, 2020

Conversation

tstromberg
Copy link
Contributor

@tstromberg tstromberg commented Oct 21, 2020
edited
Loading

Likely fixes #9304

The TL;DR is that I had previously created an overly strict list of expected mountpaths. As we found more and more corner cases, the regexp got more convoluted. With this GitHub Actions environment, an additional new possibility was found, so this PR generalizes the regexp.

Tested using:

docker build -t kicbase:experiment deploy/kicbase; minikube delete; minikube start --base-image=kicbase:experiment --driver=docker

Docker Desktop

+ cgroup_mounts='/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:138 master:18 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/cpu rw,nosuid,nodev,noexec,relatime shared:139 master:19 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/cpuacct rw,nosuid,nodev,noexec,relatime shared:140 master:20 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:141 master:21 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:142 master:22 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:143 master:23 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:144 master:24 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/net_cls rw,nosuid,nodev,noexec,relatime shared:145 master:25 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:146 master:26 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/net_prio rw,nosuid,nodev,noexec,relatime shared:147 master:27 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime shared:148 master:28 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime shared:149 master:29 - cgroup
/docker/b92002beeaf5d283c2bbbba725d66982f145ba98d08fe33a84936d5255c4404d /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:151 master:31 - cgroup cgroup'

Cloud Shell

+ cgroup_mounts='/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e
0c041b0884d0ba46a3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:279 master:9 - cgroup c
group
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime shared:283 master:14 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:288 master:15 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:292 master:16 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:296 master:17 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:298 master:19 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:299 master:20 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:300 master:21 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime shared:301 master:22 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime shared:302 master:23 - cgroup cgroup
/kubepods/besteffort/pod3d6beaa3004913efb68ce073d73494b0/accdf94879f0a494f317e9a0517f23cdd18b35ff9439efd0175f17bbc56877c4/docker/9e0c041b0884d0ba46a
3114480e03b7df4ff3cd56e1b9f80305f0744a1855f1d /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime shared:303 master:24 - cgroup cgroup'

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Oct 21, 2020
@k8s-ci-robot k8s-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 21, 2020
@tstromberg
Copy link
Contributor Author

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Oct 21, 2020
@minikube-pr-bot
Copy link

kvm2 Driver
Times for minikube: 61.9s 58.4s 58.9s
Average time for minikube: 59.8s

Times for Minikube (PR 9508): 61.7s 60.6s 60.2s
Average time for Minikube (PR 9508): 60.8s

Averages Time Per Log

+--------------------------------+----------+--------------------+
|              LOG               | MINIKUBE | MINIKUBE (PR 9508) |
+--------------------------------+----------+--------------------+
| * minikube v1.14.0 on Debian   | 0.1s     | 0.0s               |
|                           9.11 |          |                    |
| * Using the kvm2 driver based  | 0.0s     | 0.0s               |
| on user configuration          |          |                    |
| * Starting control plane node  | 0.0s     | 0.0s               |
| minikube in cluster minikube   |          |                    |
| * Creating kvm2 VM (CPUs=2,    | 33.5s    | 34.9s              |
| Memory=3700MB, Disk=20000MB)   |          |                    |
| ...                            |          |                    |
| * Preparing Kubernetes v1.19.2 | 23.6s    | 23.4s              |
| on Docker 19.03.12 ...         |          |                    |
| * Verifying Kubernetes         | 1.8s     | 1.6s               |
| components...                  |          |                    |
| * Enabled addons:              | 0.9s     | 0.8s               |
| default-storageclass,          |          |                    |
| storage-provisioner            |          |                    |
|                                | 0.0s     | 0.0s               |
| * Want kubectl v1.19.2? Try    |          |                    |
| 'minikube kubectl -- get pods  |          |                    |
| -A'                            |          |                    |
| * Done! kubectl is now         |          |                    |
| configured to use "minikube"   |          |                    |
| by default                     |          |                    |
+--------------------------------+----------+--------------------+

docker Driver
Times for minikube: 28.1s 28.8s 31.3s
Average time for minikube: 29.4s

Times for Minikube (PR 9508): 27.6s 28.7s 28.2s
Average time for Minikube (PR 9508): 28.2s

Averages Time Per Log

+--------------------------------+----------+--------------------+
|              LOG               | MINIKUBE | MINIKUBE (PR 9508) |
+--------------------------------+----------+--------------------+
| * minikube v1.14.0 on Debian   | 0.2s     | 0.2s               |
|                           9.11 |          |                    |
| * Using the docker driver      | 0.1s     | 0.1s               |
| based on user configuration    |          |                    |
| * Starting control plane node  | 0.1s     | 0.1s               |
| minikube in cluster minikube   |          |                    |
| * Creating docker container    | 9.0s     | 8.9s               |
| (CPUs=2, Memory=3700MB) ...    |          |                    |
| * Preparing Kubernetes v1.19.2 | 19.0s    | 17.9s              |
| on Docker 19.03.8 ...          |          |                    |
| * Verifying Kubernetes         | 1.0s     | 1.0s               |
| components...                  |          |                    |
| * Enabled addons:              | 0.1s     | 0.1s               |
| storage-provisioner,           |          |                    |
| default-storageclass           |          |                    |
|                                | 0.0s     | 0.0s               |
| * Want kubectl v1.19.2? Try    |          |                    |
| 'minikube kubectl -- get pods  |          |                    |
| -A'                            |          |                    |
| * Done! kubectl is now         |          |                    |
| configured to use "minikube"   |          |                    |
| by default                     |          |                    |
+--------------------------------+----------+--------------------+

@medyagh
Copy link
Member

medyagh commented Oct 21, 2020
edited
Loading

/ok-to-test

thanks for this pr, btw fyi, ok to test wouldn't work on this PR, since it is a different image.

priyawadhwa
priyawadhwa approved these changes Oct 28, 2020
View reviewed changes
Copy link

@priyawadhwa priyawadhwa left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM -- we'll need to do another kic base image release.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: priyawadhwa, tstromberg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [priyawadhwa,tstromberg]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tstromberg tstromberg merged commit 0c9d612 into kubernetes:master Nov 4, 2020
@fmotrifork fmotrifork mentioned this pull request Nov 16, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@priyawadhwa priyawadhwa priyawadhwa approved these changes

@medyagh medyagh Awaiting requested review from medyagh

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
5 participants
@tstromberg @minikube-pr-bot @medyagh @k8s-ci-robot @priyawadhwa