Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace Docker with Sandbox.jl #91

Merged
merged 12 commits into from
Apr 21, 2021
Merged

Replace Docker with Sandbox.jl #91

merged 12 commits into from
Apr 21, 2021

Conversation

maleadt
Copy link
Member

@maleadt maleadt commented Apr 16, 2021

@maleadt maleadt requested a review from staticfloat April 16, 2021 14:07
maleadt
maleadt commented Apr 16, 2021
View reviewed changes
src/run.jl

cmd = `docker run --rm`
# XXX: even when preferred_executor() returns UnprivilegedUserNamespacesExecutor,
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was with the lock around the global executor cache from JuliaContainerization/Sandbox.jl#15

maleadt
maleadt commented Apr 16, 2021
View reviewed changes
src/run.jl
close(output.in)

# pass the script over standard input to avoid exceeding max command line size,
# and keep the process listing somewhat clean
println(input, script)
close(input)

function stop()
if process_running(proc)
# FIXME: if we only kill proc, we sometimes only end up killing the sandbox.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This happens even with SIGINT, which sandbox.c probably should handle (i.e. forward to its child).

@maleadt
Copy link
Member Author

maleadt commented Apr 16, 2021
edited
Loading

In summary, 69 packages now succeed, while 414 have started to fail.

Will need some additional work before we can deploy this to Nanosoldier. I checked a couple, and most are PyCall not working due to JuliaContainerization/Sandbox.jl#16, and curl verification errors (probably because I compared backports-1.6 against 1.6.0).

maleadt added 2 commits April 16, 2021 16:59
@maleadt
Don't put the actual Configuration object in the output dataframe.
ed49368 
This makes it possible to import the data without requiring PkgEval.
@maleadt
Bump packages.
14a2e4b
@DilumAluthge
Copy link
Member

Now that JuliaContainerization/Sandbox.jl#16 is closed, is it worth doing another run to see how much the failures go down?

@DilumAluthge
Copy link
Member

Also, I'm assuming that this PR fixes #84?

@maleadt
Copy link
Member Author

maleadt commented Apr 19, 2021

Some remaining failures:

  • NeidArchive: Conda installation is huge, sometimes exceeding the 1GB tmpfs:
CondaError: Failed to write to /root/.julia/conda/3/pkgs/pint-0.17-pyhd8ed1ab_0.tar.bz2
  errno: 28
[Errno 28] No space left on device
  • Earth2014: Conda breaks on bare environment
[ Info: Installing miniconda ...
ERROR: LoadError: KeyError: key "PATH" not found
  • StateSpaceReconstruction: Conda's MKL doesn't work
INTEL MKL ERROR: /root/.julia/conda/3/lib/python3.8/site-packages/mkl/../../../libmkl_core.so: invalid ELF header.
Intel MKL FATAL ERROR: Cannot load libmkl_core.so.
  • PCRE2, POMDPSolve, KaTeX, ...: artifact installation extracts with invalid uid/gid
tar: .: Cannot change ownership to uid 2000, gid 2000: Invalid argument
tar: Exiting with failure status due to previous errors
  • InverseDistanceWeighting: tests run Pkg.update or Pkg.add, which breaks now that the registry is read-only

@maleadt
Copy link
Member Author

maleadt commented Apr 19, 2021

With JuliaContainerization/Sandbox.jl#28, we get:

In summary, 74 packages now succeed, while 153 have started to fail.

Some interesting ones:

SuiteSparse
InitError(mod=:Base, error=Base.IOError(msg="homedir(): no such file or directory (ENOENT)", code=-2))

CachedCalls
ERROR: LoadError: LoadError: ArgumentError: User 1000 not found.
Stacktrace:
 [1] FilePathsBase.User(uid::UInt64)
   @ FilePathsBase ~/.julia/packages/FilePathsBase/YFK4h/src/libc.jl:84

PyTSP
checking host system type... Invalid configuration `x86_64-pc-linux-gnuoldld': machine `x86_64-pc' not recognized

Finally, a lot of packages expect a working build system, including build_essentials (make, gcc, configre, m4, patch), gfortran. I guess we should include those in the PkgEval rootfs, for the purpose of good package coverage, even though I'd like to really advocate Artifacts here...

@maleadt
Copy link
Member Author

maleadt commented Apr 20, 2021

With the expanded rootfs, and a proper home folder and user: In summary, 79 packages now succeed, while 91 have started to fail. No failures stand out at this point, so when the Sandbox stuff lands I'll be looking into getting this deployed.

@maleadt maleadt force-pushed the tb/sandbox branch 4 times, most recently from 9b0c1fe to 7b28d20 Compare April 21, 2021 06:29
@maleadt
Revert "Use systemd-run for resource management."
828e3ff 
This reverts commit d40e757.
Memory limits don't work on cgroup2, libuv/libuv#2323, and the CPU
quota seems to incur a serious overhead. Since we can just use
taskset, let's leave out the systemd-approach for now.
@maleadt maleadt merged commit b5fda09 into master Apr 21, 2021
@maleadt maleadt deleted the tb/sandbox branch April 21, 2021 10:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@staticfloat staticfloat Awaiting requested review from staticfloat

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@maleadt @DilumAluthge