packages/iSulad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade from upstream

Browse Source 
Signed-off-by: leizhongkai <leizhongkai@huawei.com>
This commit is contained in:
leizhongkai 2023-12-28 20:56:55 +08:00 committed by haozi007
parent c36bc934aa
commit ccf61671ce
8 changed files with 415 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
0065-fix-stopp-removes-cont-error-remove-inspect-error-lo.patch Normal file
View File

@ -0,0 +1,76 @@
From 3d8c6127161acbe35bf03fe495ac43e2b9242cbf Mon Sep 17 00:00:00 2001
From: jikai <jikai11@huawei.com>
Date: Tue, 19 Dec 2023 18:31:30 +0800
Subject: [PATCH 65/71] fix stopp removes cont error & remove inspect error log
Signed-off-by: jikai <jikai11@huawei.com>
---
.../cri_pod_sandbox_manager_service.cc | 36 ++++++++-----------
.../container_cb/execution_information.c | 2 +-
2 files changed, 15 insertions(+), 23 deletions(-)
diff --git a/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc b/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
index bc40cb06..4d1d19eb 100644
--- a/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
+++ b/src/daemon/entry/cri/v1alpha/cri_pod_sandbox_manager_service.cc
@@ -703,30 +703,22 @@ auto PodSandboxManagerService::GetRealSandboxIDToStop(const std::string &podSand
std::map<std::string, std::string> &stdAnnos, Errors &error)
-> int
{
- Errors statusErr;
+ auto status = PodSandboxStatus(podSandboxID, error);
+ if (error.NotEmpty()) {
+ return -1;
+ }
- auto status = PodSandboxStatus(podSandboxID, statusErr);
- if (statusErr.Empty()) {
- if (status->linux().namespaces().has_options()) {
- hostNetwork = (status->linux().namespaces().options().network() == runtime::v1alpha2::NamespaceMode::NODE);
- }
- // if metadata is invalid, don't return -1 and continue stopping pod
- if (status->has_metadata()) {
- name = status->metadata().name();
- ns = status->metadata().namespace_();
- }
- realSandboxID = status->id();
- CRIHelpers::ProtobufAnnoMapToStd(status->annotations(), stdAnnos);
- } else {
- if (CRIHelpers::IsContainerNotFoundError(statusErr.GetMessage())) {
- WARN("Both sandbox container and checkpoint for id %s could not be found. "
- "Proceed without further sandbox information.",
- podSandboxID.c_str());
- } else {
- error.Errorf("failed to get sandbox status: %s", statusErr.GetCMessage());
- return -1;
- }
+ if (status->linux().namespaces().has_options()) {
+ hostNetwork = (status->linux().namespaces().options().network() == runtime::v1alpha2::NamespaceMode::NODE);
}
+ // if metadata is invalid, don't return -1 and continue stopping pod
+ if (status->has_metadata()) {
+ name = status->metadata().name();
+ ns = status->metadata().namespace_();
+ }
+ realSandboxID = status->id();
+ CRIHelpers::ProtobufAnnoMapToStd(status->annotations(), stdAnnos);
+
if (realSandboxID.empty()) {
realSandboxID = podSandboxID;
}
diff --git a/src/daemon/executor/container_cb/execution_information.c b/src/daemon/executor/container_cb/execution_information.c
index 420f08df..03fce848 100644
--- a/src/daemon/executor/container_cb/execution_information.c
+++ b/src/daemon/executor/container_cb/execution_information.c
@@ -914,7 +914,7 @@ static int inspect_container_helper(const char *id, int timeout, char **containe
inspect = inspect_container(id, timeout, true);
if (inspect == NULL) {
- ERROR("Failed to inspect container:%s", id);
+ DEBUG("Failed to inspect container:%s", id);
ret = -1;
goto out;
}
--
2.25.1

41
0066-2313-use-lxc-5.X-in-CI-testcase.patch Normal file
View File

@ -0,0 +1,41 @@
From 1c28f9259463433a7aac10733be09f8d47ec17a5 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Thu, 21 Dec 2023 12:36:52 +0000
Subject: [PATCH 66/71] !2313 use lxc 5.X in CI testcase * use lxc 5.X in CI
testcase
---
CI/install_depends.sh | 16 +++++-----------
1 file changed, 5 insertions(+), 11 deletions(-)
diff --git a/CI/install_depends.sh b/CI/install_depends.sh
index 5a4d71fa..ebeb79db 100755
--- a/CI/install_depends.sh
+++ b/CI/install_depends.sh
@@ -105,18 +105,12 @@ cd ~
git clone https://gitee.com/src-openeuler/lxc.git
git config --global --add safe.directory ~/lxc/lxc-5.0.2
cd lxc
-git checkout origin/openEuler-22.03-LTS-SP1
-tar xf lxc-4.0.3.tar.gz
-cd lxc-4.0.3
-mv ../*.patch .
-for var in $(ls 0*.patch | sort -n)
-do
- patch -p1 < ${var}
-done
+./apply-patches
+cd lxc-5.0.2
+mkdir -p build
sed -i 's/fd == STDIN_FILENO || fd == STDOUT_FILENO || fd == STDERR_FILENO/fd == 0 || fd == 1 || fd == 2 || fd >= 1000/g' ./src/lxc/start.c
-./autogen.sh
-./configure --prefix=${builddir} enable_werror=no
-make -j $(nproc)
+meson setup -Disulad=true -Dprefix=${builddir} build
+meson compile -C build
make install
ldconfig
--
2.25.1

27
0067-2329-modify-mount-dev-directory-for-lxc-5.X.patch Normal file
View File

@ -0,0 +1,27 @@
From 4a3ec85d707db28f10d4cd5654abf227dfc515cc Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Mon, 25 Dec 2023 09:34:28 +0000
Subject: [PATCH 67/71] !2329 modify mount /dev directory for lxc 5.X * modify
mount /dev directory for lxc 5.X
---
CI/test_cases/container_cases/bind_special_dir.sh | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/CI/test_cases/container_cases/bind_special_dir.sh b/CI/test_cases/container_cases/bind_special_dir.sh
index d030bb08..545d5099 100755
--- a/CI/test_cases/container_cases/bind_special_dir.sh
+++ b/CI/test_cases/container_cases/bind_special_dir.sh
@@ -42,7 +42,8 @@ function test_bind_special_dir()
if [ $runtime == "runc" ]; then
c_id=`isula run -itd -v -itd --runtime=$runtime -v /sys/fs:/sys/fs:rw -v /proc:/proc -v /dev/pts:/dev/pts:rw busybox sh`
else
- c_id=`isula run --runtime=$runtime -itd -v -itd -v /sys/fs:/sys/fs:rw -v /proc:/proc -v /dev:/dev:ro -v /dev/pts:/dev/pts:rw busybox sh`
+ # lxc 5.X cannot support mount /dev directory
+ c_id=`isula run --runtime=$runtime -itd -v -itd -v /sys/fs:/sys/fs:rw -v /proc:/proc busybox sh`
fi
[[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to run container with image: ${image}" && ((ret++))
--
2.25.1

139
0068-add-cri-1.29-api-change-docs.patch Normal file
View File

File diff suppressed because one or more lines are too long

57
0069-add-exec-workdir-support-for-oci-runtime.patch Normal file
View File

@ -0,0 +1,57 @@
From 921ee84f80adda64fb0a7125f9f709bff416945c Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Tue, 26 Dec 2023 10:17:19 +0800
Subject: [PATCH 69/71] add exec workdir support for oci runtime
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
src/cmd/isula/stream/exec.h | 2 +-
src/cmd/isulad-shim/process.c | 4 ++++
src/daemon/modules/runtime/isula/isula_rt_ops.c | 3 +++
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/cmd/isula/stream/exec.h b/src/cmd/isula/stream/exec.h
index 83a4af06..8d8e4347 100644
--- a/src/cmd/isula/stream/exec.h
+++ b/src/cmd/isula/stream/exec.h
@@ -48,7 +48,7 @@ extern "C" {
"Username or UID (format: <name|uid>[:<group|gid>])", \
NULL }, \
{ CMD_OPT_TYPE_STRING_DUP, false, "workdir", 0, &(cmdargs).custom_conf.workdir, \
- "Working directory inside the container, supported only when runtime is lcr", NULL }
+ "Working directory inside the container", NULL }
extern const char g_cmd_exec_desc[];
extern const char g_cmd_exec_usage[];
diff --git a/src/cmd/isulad-shim/process.c b/src/cmd/isulad-shim/process.c
index 97524f1a..06726a40 100644
--- a/src/cmd/isulad-shim/process.c
+++ b/src/cmd/isulad-shim/process.c
@@ -1274,6 +1274,10 @@ static void get_runtime_cmd(process_t *p, const char *log_path, const char *pid_
#endif
params[i++] = "--process";
params[i++] = process_desc;
+ if (p->state->cwd != NULL) {
+ params[i++] = "--cwd";
+ params[i++] = p->state->cwd;
+ }
} else {
params[i++] = "create";
params[i++] = "--bundle";
diff --git a/src/daemon/modules/runtime/isula/isula_rt_ops.c b/src/daemon/modules/runtime/isula/isula_rt_ops.c
index fbb779f7..c754fc54 100644
--- a/src/daemon/modules/runtime/isula/isula_rt_ops.c
+++ b/src/daemon/modules/runtime/isula/isula_rt_ops.c
@@ -1345,6 +1345,9 @@ static int preparation_exec(const char *id, const char *runtime, const char *wor
p.runtime_args = (char **)runtime_args;
p.runtime_args_len = runtime_args_len;
copy_process(&p, process);
+ if (params->workdir != NULL) {
+ p.cwd = (char *)params->workdir;
+ }
ret = create_process_json_file(workdir, &p);
if (ret != 0) {
--
2.25.1

27
0070-add-testcases-for-exec-workdir.patch Normal file
View File

@ -0,0 +1,27 @@
From cf7effbfaf81d1982d81bbc6ca1c5eafbc07d07b Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Tue, 26 Dec 2023 10:24:52 +0800
Subject: [PATCH 70/71] add testcases for exec --workdir
Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
CI/test_cases/container_cases/runc_exec.sh | 3 +++
1 file changed, 3 insertions(+)
diff --git a/CI/test_cases/container_cases/runc_exec.sh b/CI/test_cases/container_cases/runc_exec.sh
index f963724e..aa7020ee 100755
--- a/CI/test_cases/container_cases/runc_exec.sh
+++ b/CI/test_cases/container_cases/runc_exec.sh
@@ -53,6 +53,9 @@ function exec_runc_test()
isula exec -tid $container_name /bin/sh -c 'exit 2'
[[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - exit code should be 0" && ((ret++))
+ isula exec -ti --workdir /tmp $container_name pwd | grep "/tmp"
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - workdir is not /workdir failed" && ((ret++))
+
ls /var/run/isulad/runc/${ID}/exec/
ls /var/run/isulad/runc/${ID}/exec/ | wc -l | grep 0
[[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - residual dir after success exec" && ((ret++))
--
2.25.1

34
0071-iSulad-restart-isuald-when-upgrade-active-isulad.patch Normal file
View File

@ -0,0 +1,34 @@
From cffeca42fa88c749f122b904ecc2e634d4911576 Mon Sep 17 00:00:00 2001
From: yangjiaqi <yangjiaqi16@huawei.com>
Date: Thu, 28 Dec 2023 15:56:47 +0800
Subject: [PATCH 71/71] iSulad: restart isuald when upgrade active isulad
Signed-off-by: yangjiaqi <yangjiaqi16@huawei.com>
---
iSulad.spec | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/iSulad.spec b/iSulad.spec
index 0efbf043..71b61c8b 100644
--- a/iSulad.spec
+++ b/iSulad.spec
@@ -196,6 +196,16 @@ if [ -e %{_unitdir}/lcrd.service.rpmsave ]; then
mv %{_unitdir}/lcrd.service.rpmsave %{_unitdir}/isulad.service
sed -i 's/lcrd/isulad/g' %{_unitdir}/isulad.service
fi
+# During the isulad upgrade process, the isulad service may still be running, but the service may be unavailable
+# due to configuration updates and other reasons.
+# it may fail if the X package is upgraded synchronously with isulad and depends on the isulad command,
+# For example syscontianer-tools and lxcfs-tools.
+# Therefore, after upgrading isulad, if the original status of isulad is running,
+# we need to restart isulad to ensure that the service is available during the upgrade process.
+systemctl status isulad | grep 'Active:' | grep 'running'
+if [ $? -eq 0 ]; then
+ systemctl restart isulad
+fi
%else
/sbin/service isulad status | grep 'Active:' | grep 'running'
if [ $? -eq 0 ]; then
--
2.25.1

15
iSulad.spec
View File

@ -1,5 +1,5 @@
%global _version 2.1.4
%global _release 3
%global _release 4
%global is_systemd 1
%global enable_criv1 1
%global enable_shimv2 1
@ -79,6 +79,13 @@ Patch0061: 0061-2320-improve-CI-test.patch
Patch0062: 0062-verify-name-and-digest-consistency.patch
Patch0063: 0063-code-improve-for-oci_rmi.patch
Patch0064: 0064-bugfix-for-resort_image_names.patch
Patch0065: 0065-fix-stopp-removes-cont-error-remove-inspect-error-lo.patch
Patch0066: 0066-2313-use-lxc-5.X-in-CI-testcase.patch
Patch0067: 0067-2329-modify-mount-dev-directory-for-lxc-5.X.patch
Patch0068: 0068-add-cri-1.29-api-change-docs.patch
Patch0069: 0069-add-exec-workdir-support-for-oci-runtime.patch
Patch0070: 0070-add-testcases-for-exec-workdir.patch
Patch0071: 0071-iSulad-restart-isuald-when-upgrade-active-isulad.patch
%ifarch x86_64 aarch64
Provides: libhttpclient.so()(64bit)
@ -330,6 +337,12 @@ fi
%endif
%changelog
* Thu Dec 28 2023 leizhongkai <leizhongkai@huawei.com> - 2.1.4-4
- Type: bugfix
- ID: NA
- SUG: NA
- DESC: upgrade from upstream
* Wed Dec 20 2023 zhongtao <zhongtao17@huawei.com> - 2.1.4-3
- Type: bugfix
- ID: NA