nerdctl
nerdctl copied to clipboard
containerd
Restart option "unless-stopped" and "on-failure" doesn't work for nerdctl compose
Description
nerdctl had a pull request (#6744) that added restart options: on-failure and unless-stopped. These two options don't work from within a docker-compose.yml file.
Note: tested on rootless containers, not sure about rootful.
I suggest adding it to the list of "unimplemented YAML fields" in the readme for nerdctl compose, just so people are aware of the bug.
Steps to reproduce the issue
Assuming nerdctl is already setup correctly:
Control Case
- Create a simple
docker-compose.ymlfile in some directory (the one I'm using is shown below) - Set the restart option to
nooralways - Run
nerdctl compose upfrom within the directory or runnerdctl compose -f ./docker-compose.yml up.
Everything should load smoothly; restart policies work as intended (both no and always)
Error Case
- Create a simple
docker-compose.ymlfile in some directory (the one I'm using is shown below) - Set the restart option to
unless-stopped,on-failure, oron-failure:3 - Run
nerdctl compose upfrom within the directory or runnerdctl compose -f ./docker-compose.yml up.
The warning should appear, and attempts to trigger the restart policy will fail (ie. the container will not reboot on failure)
Sample docker-compose.yml
The docker-compose.yml file I used:
version: "3.5"
services:
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
ports:
- 8096:8096
# LINE TO CHANGE
restart: "on-failure:5"
volumes:
- type: bind
source: /data/jellyfin
target: /data
- type: bind
source: /opt/docker/jellyfin/config
target: /config
- type: bind
source: /var/www/jellyfin/cache
target: /cache
This can essentially be simplified (I think):
version: "3.5"
services:
jellyfin:
image: jellyfin/jellyfin
container_name: jellyfin
ports:
- 8096:8096
# LINE TO CHANGE
restart: "on-failure:5"
Describe the results you received and expected
Expected
On nerdctl compose up: no warning message, and for restart policy to work
Received
On nerdctl compose up, nerdctl issues a warning, stating that the restart option is unimplemented:
WARN[0000] Ignoring: service jellyfin: restart="on-failure" (unimplemented)
This is true for both on-failure and unless-stopped.
Caveat: if on-failure with a max-retries option is defined, it states the option is unknown:
WARN[0000] Ignoring: service jellyfin: restart="on-failure:5" (unknown)
What version of nerdctl are you using?
v0.22.2:
$ nerdctl version
WARN[0000] unable to determine buildctl version: exec: "buildctl": executable file not found in $PATH
Client:
Version: v0.22.2
OS/Arch: linux/amd64
Git commit: 2899222cb0715f1e5ffe356d10c3439ee8ee3ba4
builctl:
Version:
Server:
containerd:
Version: 1.5.9-0ubuntu3
GitCommit:
runc:
Version: 1.1.0-0ubuntu1
Are you using a variant of nerdctl? (e.g., Rancher Desktop)
No response
Host information
$ nerdctl info
Client:
Namespace: default
Debug Mode: false
Server:
Server Version: 1.5.9-0ubuntu3
Storage Driver: overlayfs
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Log: fluentd journald json-file
Storage: native overlayfs
Security Options:
apparmor
seccomp
Profile: default
cgroupns
rootless
Kernel Version: 5.15.0-47-generic
Operating System: Ubuntu 22.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 13.58GiB
Name: XXXX
ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXX
WARNING: AppArmor profile "nerdctl-default" is not loaded.
Use 'sudo nerdctl apparmor load' if you prefer to use AppArmor with rootless mode.
This warning is negligible if you do not intend to use AppArmor.
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Regarding this issue I see two expected behaviors,
- adding it to the list of "unimplemented YAML fields" in the readme for nerdctl compose
- On nerdctl compose up: no warning message, and for restart policy to work
We should handle that expected behavior. @Zheaoli