Comments (17)
CodeJuan
commented on April 30, 2024
5
create container
- start pouchd with argument
--enable-lxcfs - pouchd run lxcfs process
- create container with parameter
lxcfs - bind
/var/lib/lxcand/proc
+---------------------+
| | +------------+
| | 2 run | |
| +--------+ lxcfs +-------------------------+
| 1 | | | |
|pouchd --enable+lxcfs| +------------+ +-----+-------------------+
| | | |
| | +------------>/var/lib/lxc/lxcfs |
| | | | |
+-+-------------------+ | +------>/var/lib/lxc/lxcfs/proc |
| | | | |
| | | +-------------------------+
| | |
| | |
| | |
| | |
| +---------------------------+ | |
| 3 | | | |
| create | Container | | |
| --lxcfs=True | | | |
+---------------> | | | 4 bind
| | | |
| | | |
| | | |
| +----------------------+ | |
| | /var/lib/lxc+--------------+ |
| | | |
| | /proc/meminfo | |
| | /proc/cpuinfo+-------------------+
| | ... |
| | ... |
| | |
+----+----------------------+
remount
- when lxcfs stopped(or crashed) and restarted
- run the remount script to remount /proc in container
+---------------------+ 1
| | lxcfs +------------+
| |restart | |
| <--------+ lxcfs +-------------------------+
| | | | |
|pouchd --enable+lxcfs| +------------+ +-----+-------------------+
| | | |
| | +------------>/var/lib/lxc/lxcfs |
| | | | |
+-+-------------------+ | +------>/var/lib/lxc/lxcfs/proc |
| | | | |
| | | +-------------------------+
| | |
| | |
| | |
| | |
| +---------------------------+ | |
| | | | |
| 2 | Container | | |
| remount | | | |
+---------------> | | |
| | | |
| | | |
| | | |
| +----------------------+ | |
| | /var/lib/lxc+--------------+ |
| | | |
| | /proc/meminfo | |
| | /proc/cpuinfo+-------------------+
| | ... |
| | ... |
| | |
+----+----------------------+
from pouch.
CodeJuan
commented on April 30, 2024
4
I found a non-intrusive method to integrate lxcfs with Pouch.
- Bind the path of lxcfs and the /proc to container
-v /var/lib/lxc/:/var/lib/lxc/:shared
-v /var/lib/lxc/lxcfs/proc/uptime:/proc/uptime
-v /var/lib/lxc/lxcfs/proc/swaps:/proc/swaps
-v /var/lib/lxc/lxcfs/proc/stat:/proc/stat
-v /var/lib/lxc/lxcfs/proc/diskstats:/proc/diskstats
-v /var/lib/lxc/lxcfs/proc/meminfo:/proc/meminfo
-v /var/lib/lxc/lxcfs/proc/cpuinfo:/proc/cpuinfo- If the lifecycle of lxcfs is managed by systemd, just add a
remount scriptto lxcfs.service.ExecStartPost
# /etc/systemd/system/multi-user.target.wants/lxcfs.service
[Unit]
Description=FUSE filesystem for LXC
ConditionVirtualization=!container
Before=lxc.service
Documentation=man:lxcfs(1)
[Service]
ExecStart=/usr/bin/lxcfs /var/lib/lxc/lxcfs/
KillMode=process
Restart= always
ExecStopPost=-/bin/fusermount -u /var/lib/lxc/lxcfs
Delegate=yes
# add remount script
ExecStartPost=/usr/local/bin/container_remount_lxcfs.sh
[Install]
WantedBy=multi-user.target- When lxcfs restarted, systemd would run the
remount scriptto remount /proc in container
from pouch.
g0194776
commented on April 30, 2024
2
@senthilnathann @Billyxxu
We've solved the problem. You have to use 2 layers folder path to mount lxcfs directory into your container.
for example:
OLD: /usr/local/var/lib/lxcfs
NEW: /usr/local/var/lib/lxc/lxcfs
and...please mount path /usr/local/var/lib/lxc into your container. After lxcfs crashed and restarted, You can use bash command to remount it again.
from pouch.
allencloud
commented on April 30, 2024
1
Yeah, thanks for your design. In your architecture, I found that you enabled this flag in pouchd. If that, I am afraid all containers will be influenced by lxcfs.
I am wondering if we could add the functionality that enable every single container by pouch create --enable-lxcfs or something like other?
@CodeJuan
from pouch.
CodeJuan
commented on April 30, 2024
1
@allencloud Great idea. Please have a look at the updated diagram.
from pouch.
CodeJuan
commented on April 30, 2024
According to the issue from lxcfs Anyone think about the problem of restart the lxcfs.service, when lxcfs stopped(or crashed) and restarted, it would be unmounted in the process and caused an exception in containerTransport endpoint is not connected. So we should monitor the lxcfs mount/umount event, and exec remount command in container.
from pouch.
CodeJuan
commented on April 30, 2024
pseudocode of container_remount_lxcfs.sh
LXCFS="/var/lib/lxc/lxcfs"
containers=$(pouch ps | awk '{print $2}' | grep -v Name)
for container in $containers;do
echo "remount $container"
PID=$(pouch inspect $container | grep Pid | awk '{print $2}' | awk -F ',' '{print $1}' )
for file in meminfo cpuinfo stat uptime swaps diskstats;do
nsenter --target $PID --mount -- mount -B "$LXCFS/proc/$file" "/proc/$file"
done
donefrom pouch.
allencloud
commented on April 30, 2024
Set this in 0.1 milestone. And we are supposed to finish before Jan 10. @CodeJuan 😄
from pouch.
senthilnathann
commented on April 30, 2024
Hi ,
Not able to remount the proc files inside the containers ,
whil executing below command ,
nsenter --target 8799 --mount -- mount -B /usr/local/var/lib/lxcfs/proc/meminfo /proc/meminfo
mount: mount /usr/local/var/lib/lxcfs/proc/meminfo on /proc/meminfo failed: Transport endpoint is not connected
Pls check and help
from pouch.
fanhaozzu
commented on April 30, 2024
@senthilnathann me too,@CodeJuan help?
from pouch.
fanhaozzu
commented on April 30, 2024
from pouch.
senthilnathann
commented on April 30, 2024
@CodeJuan Pls help on this
from pouch.
xigang
commented on April 30, 2024
@senthilnathann @fanhaozzu Please use this script:)
https://github.com/xigang/lxcfs-admission-webhook/blob/dev/script/container_remount_lxcfs.sh
from pouch.
Billyxxu
commented on April 30, 2024
@senthilnathann @fanhaozzu Please use this script:)
https://github.com/xigang/lxcfs-admission-webhook/blob/dev/script/container_remount_lxcfs.sh
Hi, I used your script, but still couldn't solve the problem.Pls help
from pouch.
Billyxxu
commented on April 30, 2024
@senthilnathann @Billyxxu
We've solved the problem. You have to use 2 layers folder path to mount lxcfs directory into your container.for example:
OLD: /usr/local/var/lib/lxcfs
NEW: /usr/local/var/lib/lxc/lxcfs
and...please mount path
/usr/local/var/lib/lxcinto your container. After lxcfs crashed and restarted, You can use bash command to remount it again.
Thks for your help, I have solved the problem in the container according to your method. But is there a good solution in Kubernetes? I see that pouchcontainer handles this problem in the source code, but I use docker, and I have to change the source code as well?
from pouch.
g0194776
commented on April 30, 2024
@Billyxxu
You can use admission hook to mount those of paths automatically, Here is my copy.
from pouch.
Billyxxu
commented on April 30, 2024
@Billyxxu
You can use admission hook to mount those of paths automatically, Here is my copy.
good idea. thks
from pouch.
Related Issues (20)
- Weekly Digest (28 June, 2020 - 5 July, 2020)
- [question]Is Pouch suitable for CDN application?
- Weekly Digest (5 July, 2020 - 12 July, 2020)
- Weekly Digest (12 July, 2020 - 19 July, 2020)
- Weekly Digest (19 July, 2020 - 26 July, 2020)
- Weekly Digest (26 July, 2020 - 2 August, 2020)
- Weekly Digest (2 August, 2020 - 9 August, 2020)
- Adding arm64 job in Travis-ci HOT 1
- no support go 1.15.6 HOT 1
- How to Install pouch on ubuntu18.04 HOT 1
- pouch save failed: an error will be reported every time you download to 14G HOT 3
- Kubernetes 1.22 dose not work with pouch HOT 2
- 不维护了吗 没动静了 HOT 2
- pouch 富容器无法启动 最新的版本 HOT 1
- 不起作用 dumb-init 进程看不到 HOT 1
- Why don't you have thye go.mod file like other Go projects?
- Is there rpm for 1.3.1 version?
- Can I install on MacOS and how to do it?
- kmutex lock is not exclusive.
- [Feature] Will pouch support something like docker-compose ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pouch.