footloose icon indicating copy to clipboard operation
footloose copied to clipboard
verified publisher icon weaveworks

Fixed cgroups issue and added "user" in machine spec

Open brightzheng100 opened this issue 3 years ago • 0 comments

Two changes were made in this PR:

  • Fixed (or worked around) an issue in cgroups v2 enabled Docker, say in v20.10+, and maybe containerd;
  • Added (optional) "user" in machine spec.

Actually, there are some stories behind this PR. I recently changed my Macbook Pro from Intel to M1 chip and replaced Docker Desktop with Rancher Desktop. When I was trying to run footloose again, it failed in footloose ssh command so I dug into the code and found 2 issues:

1. The systemd was broken so the sshd was not up and running.

This worried me as there might be a couple of possibilities:

  • We need to build very specific Docker images for Docker on Mac with M1 chip;
  • The systemd has issues running on Mac with M1 chip.

So I reached out with this issue reported: https://github.com/weaveworks/footloose/issues/274 But it turns out that it's because of cgroups compatibility related issue: My Docker is on v20.10.16 and cgroups should be on v2 already. Somebody had mentioned it here: https://github.com/systemd/systemd/issues/19245 The fix, or workaround, is very simple: remove the read-only /sys/fs/cgroup mount in the startup command which is hardcoded in cluster.go and it then works.

For those who want to continue the backward compatibility, they may need to define it explicitly in the machines[].spec.volumes. We may need to document it if there is a need.

2. The footloose ssh needs to specify the user explicitly.

The current code's logic is to get the "current user" of OS where footloose commands are run, which may not make sense in most of the cases. For example, in my Mac the default user is my name while the container might be using root. So specifying footloose ssh root@node might not be the best UX.

I raised it here: https://github.com/weaveworks/footloose/issues/276

What this PR provides is to extend a new (but optional) element, namely user, to specify the machine's user, if there is a need, and it defaults to the commonly used user root if nothing is set. So it has backward compatibility while offering more flexibility.

brightzheng100 avatar Jun 16 '22 08:06 brightzheng100