zos icon indicating copy to clipboard operation
zos copied to clipboard
verified publisher icon threefoldtech

Docker grid incompatibilities

Open OmarElawady opened this issue 4 years ago • 1 comments

For people converting docker images to an flist, Here's a non-comprehensive list of differences that will make a zmachine not working when deployed using the generated flist. docker image inspect <image_name> should give sufficient information.

  • WorkingDir The working directory of the container/zmachine entrypoint. Currently all zmachines are started with / as their CWD.
  • Env List of default values for a set of environment variables when they are not provided by the user. They are handles by zos, but the PATH variable needs special handling (not for long).
  • User What is the user the entrypoint process should start with.
  • /etc/hosts The file gets populated when a docker container gets started but it doesn't for zmachines

These values are present in /.startup.toml of the generated flist. So the initramfs could be prepared to handle the values in them or they can be parsed in zos and passed to inirarmfs.

To workaround this issue, the entrypoint of the docker image can be wrapped in another shell script to perform the expected docker operations:

Example .startup.toml of redis (can also be found by inspecting the image):

[startup]

[startup.entry]
name = "core.system"

[startup.entry.args]
name = "docker-entrypoint.sh"
args = ["redis-server"]
dir = "/data"

[startup.entry.args.env]
REDIS_DOWNLOAD_URL = "http://download.redis.io/releases/redis-6.2.6.tar.gz"
REDIS_DOWNLOAD_SHA = "5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab"
REDIS_VERSION = "6.2.6"
GOSU_VERSION = "1.12"
PATH = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

A new Dockerfile to generate a zmachine-compatible flist:

FROM redis
COPY wrap.sh /
RUN chmod +x /wrap.sh
ENTRYPOINT ["/wrap.sh"]

The wrap.sh file:

#!/bin/sh
echo "127.0.0.1 localhost" >> /etc/hosts # append others as needed
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # until https://github.com/threefoldtech/cloud-container/pull/6 is merged because the one in /etc/environment currently overrides the default path
cd /data
su - root # This is redundant here of course but it should "su - username" if the User is somebody other than the root
exec docker-entrypoint.sh "$@"

And the entrypoint when deploying a zmachine should be /wrap.sh redis-server. The redis-server is the args in .startup.toml.

OmarElawady avatar Nov 22 '21 11:11 OmarElawady

May be we can automate some of the steps in the clout-container image. Setting up /etc/hosts should be handled zos cloud-container. Also setting up default PATH (are you sure that's not the case already). Unfortunately changing working directory and user can only be done after switch_root so has to be handled with a script that is on the rootfs of the VM.

Hence:

  • We also inject the wrapper script in vm rootfs (how about .zosrc becomes the default entrypoint that sets everything up (including env, entrypoint and user and working directory) then exec the actual entrypoint?
  • Or simply document the limitations.

I am not sure if PID 1 can be anything other than root, need to be tested.

muhamadazmy avatar Nov 23 '21 13:11 muhamadazmy