azuredisk-csi-driver
azuredisk-csi-driver copied to clipboard
kubernetes-sigs
feat: Disable DiagTrack service on Windows image
What type of PR is this? /kind feature
What this PR does / why we need it: feat: Disable DiagTrack service on Windows image
Which issue(s) this PR fixes:
Fixes #1101
Requirements:
- [ ] uses conventional commit messages
- [ ] includes documentation
- [ ] adds unit tests
- [ ] tested upgrade from previous version
Special notes for your reviewer:
C:\>sc.exe query diagtrack
SERVICE_NAME: diagtrack
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
=> ERROR [stage-1 3/4] RUN sc.exe stop diagtrack 0.1s
------
> [stage-1 3/4] RUN sc.exe stop diagtrack:
------
Windows.Dockerfile:11
--------------------
9 | # service in the driver and there's no reason for it to have any CPU usage.
10 | #COPY --from=core /Windows/System32/netapi32.dll /Windows/System32/diagtrack.dll
11 | >>> RUN sc.exe stop diagtrack
12 |
13 | USER ContainerAdministrator
--------------------
error: failed to solve: process "cmd /S /C sc.exe stop diagtrack" did not complete successfully: unable to find user ContainerUser: invalid argument
Makefile:175: recipe for target 'container-windows' failed
------
> [stage-1 4/4] RUN sc.exe stop diagtrack:
------
Windows.Dockerfile:18
--------------------
16 | ARG PLUGIN_NAME=azurediskplugin
17 | COPY ./_output/${ARCH}/${PLUGIN_NAME}.exe /azurediskplugin.exe
18 | >>> RUN sc.exe stop diagtrack
19 | ENTRYPOINT ["/azurediskplugin.exe"]
20 |
--------------------
error: failed to solve: process "cmd /S /C sc.exe stop diagtrack" did not complete successfully: unable to find user ContainerAdministrator: invalid argument
Makefile:175: recipe for target 'container-windows' failed
make[1]: *** [container-windows] Error 1
Release note:
feat: Disable DiagTrack service on Windows image
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: andyzhangx
The full list of commands accepted by this bot can be found here.
The pull request process is described here
- ~~OWNERS~~ [andyzhangx]
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@mainred do you know how to disable one service on Windows image build? this PR does not work. And I think that's a common request for all Windows based driver image to disable one specific service.
@andyzhangx https://github.com/kubernetes/kubernetes/pull/95950 hope this is useful for reference?
@andyzhangx kubernetes/kubernetes#95950 hope this is useful for reference?
@mainred I tried this won't work, do you have interest to fix it?
I uses this command USER ContainerAdministrator RUN sc delete DiagTrack
Get Outlook for iOShttps://aka.ms/o0ukef
From: Qingchuan Hao @.> Sent: Friday, January 7, 2022 3:16:03 PM To: kubernetes-sigs/azuredisk-csi-driver @.> Cc: Zhiwei Liu @.>; Manual @.> Subject: Re: [kubernetes-sigs/azuredisk-csi-driver] feat: Disable DiagTrack service on Windows image (PR #1102)
@andyzhangxhttps://github.com/andyzhangx kubernetes/kubernetes#95950https://github.com/kubernetes/kubernetes/pull/95950 hope this is useful for reference?
— Reply to this email directly, view it on GitHubhttps://github.com/kubernetes-sigs/azuredisk-csi-driver/pull/1102#issuecomment-1007191230, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFH3LQKEZ3RDOSEYS2QOPGDUU2HLHANCNFSM5JGTGRCQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>
I uses this command USER ContainerAdministrator RUN sc delete DiagTrack Get Outlook for iOShttps://aka.ms/o0ukef … ________________________________ From: Qingchuan Hao @.> Sent: Friday, January 7, 2022 3:16:03 PM To: kubernetes-sigs/azuredisk-csi-driver @.> Cc: Zhiwei Liu @.>; Manual @.> Subject: Re: [kubernetes-sigs/azuredisk-csi-driver] feat: Disable DiagTrack service on Windows image (PR #1102) @andyzhangxhttps://github.com/andyzhangx kubernetes/kubernetes#95950<kubernetes/kubernetes#95950> hope this is useful for reference? — Reply to this email directly, view it on GitHub<#1102 (comment)>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFH3LQKEZ3RDOSEYS2QOPGDUU2HLHANCNFSM5JGTGRCQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>
@zhiweiv thanks, let me try with that. Original dll replacement way is too tricky
The dll replace doesn’t work in my test too. I am wondering how it work in pause image build.
Get Outlook for iOShttps://aka.ms/o0ukef
From: Andy Zhang @.> Sent: Friday, January 7, 2022 3:28:26 PM To: kubernetes-sigs/azuredisk-csi-driver @.> Cc: Zhiwei Liu @.>; Mention @.> Subject: Re: [kubernetes-sigs/azuredisk-csi-driver] feat: Disable DiagTrack service on Windows image (PR #1102)
I uses this command USER ContainerAdministrator RUN sc delete DiagTrack Get Outlook for iOShttps://aka.ms/o0ukef … ________________________________ From: Qingchuan Hao @.> Sent: Friday, January 7, 2022 3:16:03 PM To: kubernetes-sigs/azuredisk-csi-driver @.> Cc: Zhiwei Liu @.>; Manual @.> Subject: Re: [kubernetes-sigs/azuredisk-csi-driver] feat: Disable DiagTrack service on Windows image (PR #1102https://github.com/kubernetes-sigs/azuredisk-csi-driver/pull/1102) @andyzhangxhttps://github.com/andyzhangxhttps://github.com/andyzhangx kubernetes/kubernetes#95950https://github.com/kubernetes/kubernetes/pull/95950<kubernetes/kubernetes#95950https://github.com/kubernetes/kubernetes/pull/95950> hope this is useful for reference? — Reply to this email directly, view it on GitHub<#1102 (comment)https://github.com/kubernetes-sigs/azuredisk-csi-driver/pull/1102#issuecomment-1007191230>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFH3LQKEZ3RDOSEYS2QOPGDUU2HLHANCNFSM5JGTGRCQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>
@zhiweivhttps://github.com/zhiweiv thanks, let me try with that. Original dll replacement way is too tricky
— Reply to this email directly, view it on GitHubhttps://github.com/kubernetes-sigs/azuredisk-csi-driver/pull/1102#issuecomment-1007197044, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AFH3LQNJXWDGUEBYFDDXRQTUU2IZVANCNFSM5JGTGRCQ. You are receiving this because you were mentioned.Message ID: @.***>
@zhiweiv it failed with
#8 [stage-1 3/4] RUN sc delete DiagTrack
#8 ERROR: process "cmd /S /C sc delete DiagTrack" did not complete successfully: unable to find user ContainerAdministrator: invalid argument
any idea how to fix this issue?
#8 [stage-1 3/4] RUN sc delete DiagTrack
#8 ERROR: process "cmd /S /C sc delete DiagTrack" did not complete successfully: unable to find user ContainerUser: invalid argument
The Windows image was built in Linux with docker buildx, it can't execute RUN in dockerfile, that is why pause image uses dll replace, see https://github.com/kubernetes/kubernetes/issues/95840#issuecomment-715538461, https://github.com/kubernetes/kubernetes/pull/95950#issuecomment-721509690.
I think you have to try the dll replace way, my command only work in Windows build.
/test pull-azuredisk-csi-driver-e2e-capz-windows-2022 (triggering job to get containerd logs)
@andyzhangx Seems there is a solution now, https://github.com/kubernetes/kubernetes/issues/109161 https://github.com/kubernetes/kubernetes/pull/110379 https://github.com/microsoft/windows-pause-image-base/pull/5 https://github.com/microsoft/windows-pause-image-base
@andyzhangx Seems there is a solution now, kubernetes/kubernetes#109161 kubernetes/kubernetes#110379 microsoft/windows-pause-image-base#5 https://github.com/microsoft/windows-pause-image-base
@zhiweiv it failed with following error now:
#9 [stage-1 3/4] RUN sc.exe delete diagtrack -f
#9 ERROR: process "cmd /S /C sc.exe delete diagtrack -f" did not complete successfully: unable to find user ContainerAdministrator: invalid argument
Hmm, the solution is use mcr.microsoft.com/oss/kubernetes/windows-pause-image-base:v0.2 as base image instead of vanilla nanoserver image, the new image has done necessary changes.
https://github.com/kubernetes/kubernetes/issues/109161#issuecomment-1144938243
Hmm, the solution is use mcr.microsoft.com/oss/kubernetes/windows-pause-image-base:v0.2 as base image instead of vanilla nanoserver image, the new image has done necessary changes.
It should be fine to use this image as a base for these windows images. If there is anything else that can generically be applied to the windows-pause-image-base image that would help out feel free to open an issue in that repo.
mcr.microsoft.com/oss/kubernetes/windows-pause-image-base:v0.2
@marosset so we should use base image mcr.microsoft.com/oss/kubernetes/windows-pause-image-base:v0.2 for this driver?
@andyzhangx: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:
| Test name | Commit | Details | Required | Rerun command |
|---|---|---|---|---|
| pull-kubernetes-e2e-capz-azure-disk-windows | affb1dec6480101a04f0557112fb205bd85c642c | link | false | /test pull-kubernetes-e2e-capz-azure-disk-windows |
| pull-azuredisk-csi-driver-e2e-windows | 1758a7c78d7ceef4f2262c2c9f49a6698c026ebf | link | true | /test pull-azuredisk-csi-driver-e2e-windows |
| pull-azuredisk-csi-driver-e2e-capz-windows | 1758a7c78d7ceef4f2262c2c9f49a6698c026ebf | link | true | /test pull-azuredisk-csi-driver-e2e-capz-windows |
| pull-azuredisk-csi-driver-e2e-capz-windows-2022 | 7711d05fa5f5b83c3f7565cfcb790ff6589efc95 | link | true | /test pull-azuredisk-csi-driver-e2e-capz-windows-2022 |
| pull-azuredisk-csi-driver-e2e-migration-windows | 0dd1a29aebf6bfcae92e3716e308db348e23efa4 | link | true | /test pull-azuredisk-csi-driver-e2e-migration-windows |
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
- After 90d of inactivity,
lifecycle/staleis applied - After 30d of inactivity since
lifecycle/stalewas applied,lifecycle/rottenis applied - After 30d of inactivity since
lifecycle/rottenwas applied, the issue is closed
You can:
- Mark this issue or PR as fresh with
/remove-lifecycle stale - Mark this issue or PR as rotten with
/lifecycle rotten - Close this issue or PR with
/close - Offer to help out with Issue Triage
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
- After 90d of inactivity,
lifecycle/staleis applied - After 30d of inactivity since
lifecycle/stalewas applied,lifecycle/rottenis applied - After 30d of inactivity since
lifecycle/rottenwas applied, the issue is closed
You can:
- Mark this issue or PR as fresh with
/remove-lifecycle rotten - Close this issue or PR with
/close - Offer to help out with Issue Triage
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten