stage1-fly: duplicate mounts are handled poorly #3663

euank · 2017-04-27T03:08:54Z

See coreos/bugs#1892, this is the issue to track the rkt fix for that.

Environment

rkt Version: 1.25.0
appc Version: 0.8.10
Go Version: go1.7.5
Go OS/Arch: linux/amd64
Features: -TPM +SDJOURNAL
--
Linux 4.9.24-coreos x86_64
--
NAME="Container Linux by CoreOS"
ID=coreos
VERSION=1353.6.0
VERSION_ID=1353.6.0
BUILD_ID=2017-04-25-0215
PRETTY_NAME="Container Linux by CoreOS 1353.6.0 (Ladybug)"
ANSI_COLOR="38;5;75"
HOME_URL="https://coreos.com/"
BUG_REPORT_URL="https://issues.coreos.com"
--
systemd 233
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT -GNUTLS -ACL +XZ -LZ4 +SECCOMP +BLKID -ELFUTILS +KMOD -IDN default-hierarchy=legacy

What did you do?

# identical
$ echo -n "1. "; sudo rkt run --stage1-name=coreos.com/rkt/stage1-fly:1.25.0 --insecure-options=image,ondisk \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   docker://busybox --exec=/bin/sh -- -c 'exit 0' && echo success

# different target only
echo -n "2. "; sudo rkt run --stage1-name=coreos.com/rkt/stage1-fly:1.25.0 --insecure-options=image,ondisk \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp/ \
   docker://busybox --exec=/bin/sh -- -c 'exit 0' && echo success

# different name only
echo -n "3. "; sudo rkt run --stage1-name=coreos.com/rkt/stage1-fly:1.25.0 --insecure-options=image,ondisk \
   --volume y,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   docker://busybox --exec=/bin/sh -- -c 'exit 0' && echo success


# same source only
echo -n "4. "; sudo rkt run --stage1-name=coreos.com/rkt/stage1-fly:1.25.0 --insecure-options=image,ondisk \
   --volume x,kind=host,source=/tmp \
   --mount volume=x,target=/tmp \
   --volume y,kind=host,source=/tmp \
   --mount volume=y,target=/tmp/ \
   docker://busybox --exec=/bin/sh -- -c 'exit 0' && echo success

What did you expect to see?

All successful runs! Note that all of these work fine under stage1-coreos.

What did you see instead?

success
run: can't evaluate mounts: duplicate mount given: "x"
run: can't evaluate mounts: missing mount for volume "y"
success

The text was updated successfully, but these errors were encountered:

euank · 2017-04-27T04:07:07Z

The easiest fix will probably be to copy or call as much mount-flag-parsing-and-merging code from stage1-coreos as possible for fly.

lucab · 2017-04-27T16:26:55Z

I started having a look at it and it looks like:

stage0 is deduplicating based on non-cleaned paths
appc, stage0 and stage1 are not checking for duplicate volume names
stage1-fly catches it because it has a lot of custom mount logic

However I fear this s one case of garbage-in-garbage-out, so I'd like to check if the proper behavior would be as follow:

duplicate volume name, not allowed by pod spec -> error
sub-cases:

(assuming same volume names) same as 1
(assuming different volume names) deduplication of cleaned mount target -> ok, only first mount kept

same as 2b
same as 2b

euank added area/usability component/fly component/stage0 kind/bug labels Apr 27, 2017

lucab mentioned this issue Apr 28, 2017

stage1: improve duplicate mount-volume detection #3666

Merged

lucab closed this as completed in #3666 May 8, 2017

lucab mentioned this issue May 10, 2017

Kublet-wrapper won't start after upgrade to 1353.2.0 with /var/logs already mounted coreos/bugs#1892

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

stage1-fly: duplicate mounts are handled poorly #3663

stage1-fly: duplicate mounts are handled poorly #3663

stage1-fly: duplicate mounts are handled poorly #3663

stage1-fly: duplicate mounts are handled poorly #3663

Comments