Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

drivers/docker: add support for STOPSIGNAL #10441

Merged
merged 1 commit into from
May 5, 2021
Merged

drivers/docker: add support for STOPSIGNAL #10441

merged 1 commit into from
May 5, 2021

Conversation

isabeldepapel
Copy link
Contributor

Still need to figure out the tests but this is what I have so far

This fixes a bug where Nomad overrides a Dockerfile's STOPSIGNAL with
the default kill_signal (SIGTERM).

This adds a check for kill_signal. If it's not set, it calls
StopContainer instead of Signal, which uses STOPSIGNAL if it's
specified. If both kill_signal and STOPSIGNAL are set, Nomad tries to
stop the container with kill_signal first, before then calling
StopContainer.

Fixes #9989

@hashicorp-cla
Copy link

hashicorp-cla commented Apr 23, 2021
edited
Loading

CLA assistant check
All committers have signed the CLA.

@vercel vercel bot temporarily deployed to Preview – nomad April 23, 2021 22:36 Inactive
tgross
tgross reviewed Apr 28, 2021
View reviewed changes
Copy link
Member

@tgross tgross left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is looking good, @isabeldepapel.

It looks like there are some tests that exercise the stop behavior vs a real Docker already (example). So you can probably verify this works by querying for Docker API events in those tests, and then making assertions about those events.

drivers/docker/handle.go Outdated Show resolved Hide resolved
drivers/docker/handle.go
// Calling StopContainer lets docker handle the stop signal (specified
// in the Dockerfile or defaulting to SIGTERM). If kill_signal is specified,
// Signal is used to kill the container with the desired signal before
// calling StopContainer
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Good explanatory comment for summarizing the domain-specific knowledge you'd need to understand the code here.

notnoop
notnoop reviewed Apr 28, 2021
View reviewed changes
Copy link
Contributor

@notnoop notnoop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great. Thanks @isabeldepapel

Made a couple of comments - mostly how the existing code doesn't follow some golang convention. Noting them for educational value only.

drivers/docker/handle.go Outdated
// parseSignal interprets the signal name into an os.Signal. If no name is
// provided, the docker driver defaults to SIGTERM. If the OS is Windows and
// SIGINT is provided, the signal is converted to SIGTERM.
func (h *taskHandle) parseSignal(os, signal string) (os.Signal, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method is a simple "pure" function that doesn't depend on taskHandle/driver. You can make it a simple function and simply the tests by avoiding the dockerTest related boilerplate:

Suggested change
func (h *taskHandle) parseSignal(os, signal string) (os.Signal, error) {
func parseSignal(os, signal string) (os.Signal, error) {

drivers/docker/driver_test.go Outdated
Comment on lines 2921 to 2925
t.Run("default", func(t *testing.T) {
s, err := d.parseSignal(runtime.GOOS, "")
s, err := handle.parseSignal(runtime.GOOS, "")
require.NoError(t, err)
require.Equal(t, syscall.SIGTERM, s)
})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW - These can be better expressed as table driver tests, a common pattern Nomad uses elsewhere: https://jayson.dev/blog/2019/06/table-driven-golang-subtests/#time-for-the-subtests .

Such a refactor is outside the scope of the PR; though, wanted to note it for educational value. If you do want to take it on, no objection ;-).

drivers/docker/driver_test.go
@@ -2911,28 +2911,33 @@ func TestDockerDriver_memoryLimits(t *testing.T) {
func TestDockerDriver_parseSignal(t *testing.T) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noting that Golang has a convention about test files: If the tested function is in handle.go, the tests belong in handle_test.go. It's odd that handle_test.go. Seeing how the two files are intertwined, it's fine to leave the test here.

@vercel vercel bot temporarily deployed to Preview – nomad May 3, 2021 18:44 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad May 3, 2021 20:09 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad May 3, 2021 23:19 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad May 3, 2021 23:49 Inactive
@vercel vercel bot temporarily deployed to Preview – nomad May 4, 2021 00:07 Inactive
@isabeldepapel isabeldepapel marked this pull request as ready for review May 4, 2021 00:11
notnoop
notnoop reviewed May 4, 2021
View reviewed changes
Copy link
Contributor

@notnoop notnoop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great! I have few suggestions for the tests; but it's solid. I'll be happy to pair, specially with regards to the concurrency issue.

drivers/docker/driver_test.go Outdated Show resolved Hide resolved
drivers/docker/driver_test.go Outdated Show resolved Hide resolved
drivers/docker/driver_test.go Outdated Show resolved Hide resolved
drivers/docker/driver_test.go Outdated Show resolved Hide resolved
drivers/docker/driver_test.go
require.Equal(t, syscall.SIGHUP, s)
})
// This test asserts that Nomad isn't overriding the STOPSIGNAL in a Dockerfile
func TestDockerDriver_StopSignal(t *testing.T) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a great test. Captures all conditions :).

drivers/docker/driver_test.go Outdated Show resolved Hide resolved
@vercel vercel bot temporarily deployed to Preview – nomad May 4, 2021 23:12 Inactive
@isabeldepapel
Copy link
Contributor Author

Ready for another pass @notnoop

notnoop
notnoop approved these changes May 5, 2021
View reviewed changes
Copy link
Contributor

@notnoop notnoop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. A minor suggestion to the shell script - but merge away 🎉

drivers/docker/test-resources/docker/gen_stopsignal.sh Outdated
#!/bin/sh

# Create the tarball used in TestDockerDriver_StopSignal
echo "FROM busybox:1.29.3\nSTOPSIGNAL 19" > tmpfile && docker build -t busybox:1.29.3-stopsignal - < tmpfile && rm tmpfile
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suspect you can avoid needing the tmp file. Also it might a bit nicer to use here-doc style in this case to avoid new lines:

Suggested change
echo "FROM busybox:1.29.3\nSTOPSIGNAL 19" > tmpfile && docker build -t busybox:1.29.3-stopsignal - < tmpfile && rm tmpfile
cat <<'EOF' | docker build -t busybox:1.29.3-stopsignal -
FROM busybox:1.29.3
STOPSIGNAL 19
EOF

@isabeldepapel
drivers/docker: add support for STOPSIGNAL
379c095 
This fixes a bug where Nomad overrides a Dockerfile's STOPSIGNAL with
the default kill_signal (SIGTERM).

This adds a check for kill_signal. If it's not set, it calls
StopContainer instead of Signal, which uses STOPSIGNAL if it's
specified. If both kill_signal and STOPSIGNAL are set, Nomad tries to
stop the container with kill_signal first, before then calling
StopContainer.

Fixes #9989
@vercel vercel bot temporarily deployed to Preview – nomad May 5, 2021 17:28 Inactive
@isabeldepapel isabeldepapel merged commit 7d5a9ec into main May 5, 2021
@isabeldepapel isabeldepapel deleted the b-docker-stopsignal branch May 5, 2021 18:24
@tgross tgross added this to the 1.1.0 milestone May 17, 2021
tgross pushed a commit that referenced this pull request May 17, 2021
@isabeldepapel @tgross
Merge pull request #10441 from hashicorp/b-docker-stopsignal
0599064 
drivers/docker: add support for STOPSIGNAL
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 21, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tgross tgross tgross left review comments

@notnoop notnoop notnoop approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.1.0
Development

Successfully merging this pull request may close these issues.

Nomad doesn't respect Dockerfile's STOPSIGNAL directive
4 participants
@isabeldepapel @hashicorp-cla @notnoop @tgross