crun icon indicating copy to clipboard operation
crun copied to clipboard

Published 20 hours ago verified publisher icon containers

wasmtime: error opening input --systemd-cgroup

Open dave-tucker opened this issue 2 years ago • 3 comments

On Fedora Kinoite 36 (KDE spin of Silverblue) Following the docs: https://github.com/containers/crun/blob/main/docs/wasm-wasi-example.md With crun compiled from source...

crun version

/usr/local/bin/crun --version
crun version 1.5
commit: 54ebb8ca8bf7e6ddae2eb919f5b82d1d96863dea
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +WASM:wasmtime +YAJL

podman config

podman info | grep crun
    name: /usr/local/bin/crun
    path: /usr/local/bin/crun
      crun version 1.5

error message

$ podman run --rm mywasm-image:latest
error opening input --systemd-cgroup: failed to find a pre-opened file descriptor through which "--systemd-cgroup" could be opened

dave-tucker avatar Jul 28 '22 16:07 dave-tucker

Hi @dave-tucker , Thanks for creating the issue.

Could you please share podman info as well. Does it works fine for your if you run a regular container e.g podman run -it --rm alpine echo hello ?

The output works fine for me but I see some extra args getting passed to wasmtime that definitely is an issue. I'll open a PR for this.

Hello world from wasm !!!!!

This is a sample output from wasm modules !!!!!

## Args passed to wasmtime instance
["/usr/bin/crun", "--systemd-cgroup", "--log-format=json", "--log", "/run/user/1000/containers/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata/oci-log", "create", "--bundle", "/home/arajan/.local/share/containers/storage/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata", "--pid-file", "/run/user/1000/containers/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata/pidfile", "e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb"]

Have you tried wasmedge or wasmer ? Does it also throws similar issue ?

flouthoc avatar Jul 29 '22 00:07 flouthoc

I defiantly see an issue with args being propagated to wasmtime invocation but there are few question above could you please answer those. I'll try to submit a patch for this.

flouthoc avatar Jul 29 '22 00:07 flouthoc

Hi @dave-tucker , Thanks for creating the issue.

Could you please share podman info as well.

$ podman info
host:
  arch: amd64
  buildahVersion: 1.26.1
  cgroupControllers:
  - cpu
  - io
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.0-2.fc36.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.0, commit: '
  cpuUtilization:
    idlePercent: 94.68
    systemPercent: 1.52
    userPercent: 3.8
  cpus: 8
  distribution:
    distribution: fedora
    variant: kinoite
    version: "36"
  eventLogger: journald
  hostname: work-laptop
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.18.13-200.fc36.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 1354039296
  memTotal: 16639377408
  networkBackend: netavark
  ociRuntime:
    name: /usr/local/bin/crun
    package: Unknown
    path: /usr/local/bin/crun
    version: |-
      crun version 1.5
      commit: 54ebb8ca8bf7e6ddae2eb919f5b82d1d96863dea
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +WASM:wasmtime +YAJL
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
    version: |-
      slirp4netns version 1.2.0-beta.0
      commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 8065642496
  swapTotal: 8589930496
  uptime: 19h 39m 17.23s (Approximately 0.79 days)
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /var/home/dave/.config/containers/storage.conf
  containerStore:
    number: 16
    paused: 0
    running: 0
    stopped: 16
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/dave/.local/share/containers/storage
  graphRootAllocated: 254339448832
  graphRootUsed: 89645715456
  graphStatus:
    Backing Filesystem: btrfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 21
  runRoot: /run/user/1000/containers
  volumePath: /home/dave/.local/share/containers/storage/volumes
version:
  APIVersion: 4.1.1
  Built: 1658516759
  BuiltTime: Fri Jul 22 20:05:59 2022
  GitCommit: ""
  GoVersion: go1.18.4
  Os: linux
  OsArch: linux/amd64
  Version: 4.1.1

Does it works fine for your if you run a regular container e.g podman run -it --rm alpine echo hello ?

Yes it does.

The output works fine for me but I see some extra args getting passed to wasmtime that definitely is an issue. I'll open a PR for this.

Hello world from wasm !!!!!

This is a sample output from wasm modules !!!!!

## Args passed to wasmtime instance
["/usr/bin/crun", "--systemd-cgroup", "--log-format=json", "--log", "/run/user/1000/containers/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata/oci-log", "create", "--bundle", "/home/arajan/.local/share/containers/storage/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata", "--pid-file", "/run/user/1000/containers/overlay-containers/e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb/userdata/pidfile", "e8c858a06231c7104df0c8b1ffa4c43651adbd4590b4d3c0a9b936a1f2e712bb"]

Have you tried wasmedge or wasmer ? Does it also throws similar issue ?

I haven't tried wasmedge or wasmer yet... BUT I changed my program to a simple println and it works fine :thinking:

However, with this program I can reproduce the issue: https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-tutorial.md#from-rust

dave-tucker avatar Jul 29 '22 10:07 dave-tucker

PR: https://github.com/containers/crun/pull/985 closes the issue and tryout example to verify given here: https://github.com/containers/crun/pull/985#issuecomment-1211613868

flouthoc avatar Aug 11 '22 07:08 flouthoc