Dependencies may be switching to use the new `%w` formatting
option to wrap errors; switching to use `errors.Is()` makes
sure that we are still able to unwrap the error and detect the
underlying cause.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The issue beblow happens several times beforing the root
cause found:
1. A `fdisk -l` process has being hung up for a long time;
2. A image layer snapshot device is visiable to dmsetup, which
should *not* happen because it should be deactivated after
`Commit()`;
The backtrace of `fdisk` is always the same over time:
```bash
[<ffffffff810bbc6a>] io_schedule+0x2a/0x80
[<ffffffff81295a3f>] do_blockdev_direct_IO+0x1e9f/0x2f10
[<ffffffff81296aea>] __blockdev_direct_IO+0x3a/0x40
[<ffffffff81290e43>] blkdev_direct_IO+0x43/0x50
[<ffffffff811b8a14>] generic_file_read_iter+0x374/0x960
[<ffffffff81291ad5>] blkdev_read_iter+0x35/0x40
[<ffffffff8125229b>] new_sync_read+0xfb/0x240
[<ffffffff81252406>] __vfs_read+0x26/0x40
[<ffffffff81252b96>] vfs_read+0x96/0x130
[<ffffffff812540e5>] SyS_read+0x55/0xc0
[<ffffffff81003c04>] do_syscall_64+0x74/0x180
```
The root cause is, in Commit(), there's a race window between
`SuspendDevice()` and `DeactivateDevice()`, which may cause the
IOs of a process or command like `fdisk` on the "suspended" device
hang up forever. It has twofold:
1. The IOs suspends on the devices;
2. The device is in `Suspended` state, because it's deactivated with
`deferred` flag and without `force` flag;
So they cannot make progress.
One reproducer is:
1. enlarge the race window by putting sleep seconds there;
2. run `while true; do sudo fdisk -l; sleep 0.5; done` on one terminal;
3. and pull image on another terminal;
Fixes it by:
1. Resume the devices again after flushing IO by suspend;
2. Remove device without `deferred` flag;
Fix: #4234
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
omit sudo when EUID eqto 0
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
omit sudo when EUID eqto 0
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
omit sudo when EUID eqto 0
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
use gosu to omit sudo in GA
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
use gosu to omit sudo in GA
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
set working-dir for <<Setup gosu>> step
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
fix job permissions
Signed-off-by: fahedouch <fahed.dorgaa@gmail.com>
Given that we're only interested in detecting if userns is
enabled, and no further details about the mapping, we can
revert this function to go back to its original implementation
in github.com/lxc/lxd/shared/util.go
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
After e115b52ce2 was merged, this
function was no longer in use, so we should be able to remove it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It was only used in sys/reaper, and after moving it, that package
no longer depends on the `sys` package.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0
- Add flag to disable quotes in TextFormatter
- Revert "fix race conditions on entry"
- fixes Deadlock during Entry.Infof after upgrade to v1.5.0
- fixes Deadlock when using WithField inside of hook
- fixes Overly-aggressive mutex locks
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Should destroy the pod network if fails to setup or return invalid
net interface, especially multiple CNI configurations.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
full diff: https://github.com/sirupsen/logrus/compare/v1.4.1...v1.5.0
- Ability to DisableHTMLEscape when using the JSON formatter
- Support/fixes for go 1.14
- Many many bugfixes
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 61b7af7564...dc7afe8fbe
This commit includes moving up to the latest critools(1.18.0).
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
Currently, CRI plugin passes each layer digest to remote snapshotters
sequentially, which leads to sequential snapshots preparation. But it costs
extra time especially for remote snapshotters which need to connect to the
remote backend store (e.g. registries) for checking the snapshot existence on
each preparation.
This commit solves this problem by introducing new label
`containerd.io/snapshot/cri.chain` for passing all layer digests in an image to
snapshotters and by allowing them to prepare these snapshots in parallel, which
leads to speed up the preparation.
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
We should never return a nil context because of the way this function is
typically used... e.g.
```
ctx, done, err := containerd.WithLease(ctx)
```
If there is an error `ctx` will be nil and any error handling may cause
an NPE if it tries to use `ctx`.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Currently hardcoded to 2 seconds; in GitHub actions we see random
cancellation of our integration suite right at 2 seconds even
though containerd is within milliseconds of being ready.
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
