Support Lifecycle Hooks #20
Comments
|
On Thu, Jun 25, 2015 at 11:06:52AM -0700, Alexander Morozov wrote:
Hmm, do we even have checkpoint/restore lifecycle actions 1? Maybe |
|
It would definitely be useful to have pre/post checkpoint/restore. |
|
@wking @LK4D4 @boucher Lets concentrate on what we know we must do: prestart and poststop before defining hooks for other stuff first. @vishh What is a prestop hook used for in your mind? We had a debate on pre-stop and just held off on defining one in appc: appc/spec#188 (comment) |
|
I agree that prestart and poststop are what we call agree on as useful and can start with adding those. |
|
Should also we define what arguments are passed to these hooks as well? On Linux, we will have to pass the pid of the container process. |
|
@mrunalp I thought we will pass whole state to all hooks. |
|
@LK4D4 We could do that but wouldn't the state be implementation specific? |
|
@mrunalp But it still will be a string, right? |
|
Yes, that is one way to make it work; let the hooks interpret whatever is passed down. If we do decide to pass the whole state then it might be better to send it over a pipe rather than as an argument. |
|
Totally agree on pipe(maybe stdin). Dunno how it will work in windows, probably the same. |
|
I think we also should draw out a timeline of the container life cycle i.e namespace created -> pre-start -> user process launched -> process stopped -> post-stop -> cleanup One reason is that I imagine there will be more hooks, since from a Mesos perspective we have more stages that requires more hooks for us to integrate, and it gets a bit more confusing as you need to read the description to figure out what each hook meant. |
|
Also can we name pre-start to something like pre-start-user-process and post-stop to post-stop-user-process to be more precise? |
|
On Wed, Aug 26, 2015 at 11:04:32PM -0700, Timothy Chen wrote:
+1 |
|
On Wed, Aug 26, 2015 at 11:05:12PM -0700, Timothy Chen wrote:
With an explicit timeline (or graph, since it doesn't have to be |
|
We are essentially talking about an explicit container state machine. Once we have the state machine, it might be easier to give names and to add hooks. |
|
@tnachen Yes, it makes sense to add such a timeline. I will make a PR for what we have right now in relation to the hooks. I think we probably don't want to rename these till there are concrete proposals for other pre/post hooks. |
|
Sounds good, I'll be creating more proposals as we're investigating how we can integrate Mesos with the runtime spec. |
|
On Thu, Aug 27, 2015 at 10:09:38AM -0700, Mrunal Patel wrote:
I didn't see a PR like that, and I wanted the timeline so I could link |
|
Should we define a |
|
On Mon, Sep 07, 2015 at 04:09:52AM -0700, 梁辰晔 (Liang Chenye) wrote:
The hook entries are arrays, so I think we should just execute them in For a similar problem (explicitly linking mount order to the listed |
|
Yes, similar. |
|
We have basic hooks in now. This issue is largely a "tracker" for future hooks, like needed for CRIU. |
|
On Fri, Sep 25, 2015 at 04:00:59PM -0700, Mrunal Patel wrote:
Ah, good :). Can you point me to the right day? $ grep -ir post-start irclogs/2015/freenode/#opencontainers.* isn't turning up anything… |
|
On Fri, Sep 25, 2015 at 04:10:32PM -0700, Jojy George Varghese wrote:
The problem with pre-stop is that the stop is not necessarily being |
|
One more use case that we see while working with hooks is having pre/post mount hooks. These could be run before and after the new mount namespace is setup. WDYT? |
|
On Fri, Dec 04, 2015 at 04:22:27PM -0800, Mrunal Patel wrote:
Is there a distinction between post-mount and pre-start? #231 doesn't Pre-mount may be more useful, but if it's going to be a thing I think |
Extend [1,2,3] to avoid:
hook 1: spawn ---------------> reaped
hook 2: spawn ----------------> reaped
hook 3: spawn -----> reaped
and explicitly require:
hook 1: spawn --> reaped
hook 2: spawn --> reaped
hook 3: spawn --> reaped
Folks who do want parallel execution are free to use a parallelizing
wrapper:
hook 1: spawn ---------------------------> reaped
child 1 -----> reaped
child 2 ---------> reaped
child 3 ---> reaped
Although that cuts both ways (with parallel hooks, folks could always
use a single hook with a serializing wrapper). Still, I'd guess most
current implementations are already taking the serialized approach, so
it makes bundle-author life easier if we are explicit about that.
[1]: opencontainers#20 (comment)
[2]: opencontainers#156
[3]: opencontainers#157
Signed-off-by: W. Trevor King <wking@tremily.us>
|
I really need post-mount. I want a hook that is going to mount additional mount points to /sys. Currently if I use prestart, /sys gets mounted over my mount points. |
|
On Sun, Jan 17, 2016 at 06:07:08AM -0800, Daniel J Walsh wrote:
I think “more hooks” is the wrong solution. If you've provided /sys, And I'd have expected pre-start to be run after the mount setup anyway But regardless of how this should be handled now, separate create/exec |
|
If the start hooks happened after the mount then that would also fix my problem. I am trying to get additional kernel file systems mounted onto /sys. /sys/fs/cgroup to be exact. I don't want to take over the mounting of /sys or any other kernel file systems except for the cgroup hierarchy. Currently /sys gets mounted after I mount /sys/fs/cgroup, so that my mounts disappear. |
|
@vishh suggested that I shift some discussion of hooks and a separate |
I don't get how running hooks between pid ns creation and user process startup is a necessity for either of these use cases. Can you elaborate more? |
|
On Fri, Mar 18, 2016 at 10:40:10AM -0700, Vish Kannan wrote:
You can't add the container process to a cgroup until you have a PID, More generally, if the ‘start’ call kicks off the process tree that |
|
Why does one add a cgroup with a hook when the Spec already provides On Fri, Mar 18, 2016 at 10:50 AM, W. Trevor King notifications@github.com
|
|
On Fri, Mar 18, 2016 at 11:33:51AM -0700, Vish Kannan wrote:
Maybe you want to use an alternative cgroup manager that's built on But is motivating the cgroups use case really that important? I find |
|
I'd prefer not considering such scenarios unless it cannot be solved On Fri, Mar 18, 2016 at 11:45 AM, W. Trevor King notifications@github.com
|
|
On Fri, Mar 18, 2016 at 12:11:12PM -0700, Vish Kannan wrote:
Ok, so we just need to get to the bottom of a particular use-case. If a v2 cgroup at cgroupsPath exists, add the container process to Or are runtimes supposed to be hard-coded to always use v1 or v2 |
|
Why not run a custom runtime or move the process after it gets spawned? On Fri, Mar 18, 2016 at 12:33 PM, W. Trevor King notifications@github.com
|
|
On Fri, Mar 18, 2016 at 12:35:19PM -0700, Vish Kannan wrote:
Because that's a moderately large change when all you want is: $ echo $PID >/sys/fs/cgroup/a/b/c/tasks And “you could fork the runtime and add support for that” is an
I am suggesting we move the process after it's spawned (because you |
|
I think this is closable. The current spec position is to split create/start (#384) and keep hooks (closing #483), so callers have two ways to handle any hook-like things they need to do. Skimming the tail of this discussion, I don't see anything that isn't currently supported. And if there are unsupported use-cases, I think a more productive approach would be to open per-case issues with “the current hooks or create/start split don't support …”, and we can hash out whether additional hooks are needed. For example, see #644, where pre-/post-mount hooks were proposed, discussed, and rejected. |
|
Agreed |
Capturing requirements for Lifecycle hooks discussed during the summit.
Lifecycle hooks was agreed to be a useful feature and support for a few basic hooks is expected to be in place. Specifically, PreStart, PreStop and PostStop hooks will be introduced to start with. Supporting hooks might require separating the lifetime of namespaces from that of the processes in the container.
Hooks will be binaries that will be exec'ed. The Spec and current State of the container will be provided as arguments to the hook (via fds?). Are the exec hooks executed synchronously?
This issue is meant to define the Spec for Hooks and discuss the hooks that are necessary to begin with.
The text was updated successfully, but these errors were encountered: