Matthew Parkinson
Matthew Parkinson
We notice `sysbox-mgr` is mentioned in the `ExecStart` line within the following two files. `/lib/systemd/system/sysbox.service` `/lib/systemd/system/sysbox-mgr.service` The first with `--version`, and the second with `--log /var/log/sysbox-mgr.log`. We have been configuring...
Regarding the symlink: > * using a symlink works successfully in Sysbox-CE 0.3.0 (ie. the above issues are not observed) This looks to be a regression in the latest version....
Thanks, this has helped.
Workaround. sudo sed -i --follow-symlinks '/^ExecStart/ s/$/ --allow-trusted-xattr=false/' /lib/systemd/system/sysbox-mgr.service
Thanks, the performance speed up when setting `--allow-trusted-xattr=false` in the following scenario is greater than two orders of magnitude (> 30 mins vs ~5 secs). `docker run quay.io/singularity/singularity:v3.10.5 pull docker://tensorflow/tensorflow:latest`
Details from a recent Sysbox update. - https://github.com/nestybox/sysbox/blob/master/docs/user-guide/configuration.md#speeding-up-sysbox-by-disallowing-trusted-overlay-xattributes--v062-or-earlier- > Starting with Sysbox v0.6.3, Sysbox starts with --allow-trusted-xattr=false by default. This improves performance (sometimes significantly) because Sysbox need not trap *xattr()...
The `sysbox-docker-cp` tool details this same issue for hosts where `shiftfs` is not present and `kernel < 5.19`. https://github.com/nestybox/sysbox/blob/779889f7fa617d876bff435e15478615a69a8d32/tests/scr/sysbox-docker-cp#L26-L44
Also note this works as expected in `sysbox=0.5.2 EE (Thu May 19 23:15:03 UTC 2022)`.
Hi Cesar (@ctalledo), thanks for the feedback. I've posted the output below from running `findmnt` within the sysbox enabled container. ``` findmnt -n -o FSTYPE,SOURCE / xfs /dev/mapper/docker-8:1-774241-a7a17afa028283f51bbcc2783cefa3b9d3ca5a12aac91c0d19c4024a430f2ce6[/rootfs] ``` Passing...
Thanks for the analysis Cesar (@ctalledo). In the meantime we've adjusted our `docker cp` statements as follows. --- ``` docker cp config.txt ${CONTAINER}:/config/config.txt ``` becomes ``` docker exec -i ${CONTAINER}...