public_git
/
actions-runner-controller
mirror of https://github.com/actions-runner-controller/actions-runner-controller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

runner: Expose dind runner dockerd logs via stdout/stderr (#2082) 

* runner: Expose dind runner dockerd logs via stdout/stderr

We've been letting supervisord to run dockerd within the dind runner container presuming it would avoid producing zombie processes. However we used dumb-init to wrap supervisord to wrap dockerd. In this picture supervisord might be unnecessary and dumb-init is actually a correct pid 0 for containers.

Rmoving supervisord removes this unnecessary complexity, while saving a little memory, and more importantly logs from dockerd is exposed via stdout/stderr of the container for easy access from kubectl-logs, fluentd, and so on.
This commit is contained in:
Yusuke Kuoka 2022-12-12 08:39:35 +09:00 committed by GitHub
parent 418f719bdf
commit acbce4b70a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 4 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile
View File

@ -41,7 +41,6 @@ RUN apt-get update -y \
python3-pip \ python3-pip \
rsync \ rsync \
shellcheck \ shellcheck \
supervisor \
software-properties-common \ software-properties-common \
sudo \ sudo \
telnet \ telnet \

1
runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile
View File

@ -27,7 +27,6 @@ RUN apt-get update -y \
iproute2 \ iproute2 \
iptables \ iptables \
jq \ jq \
supervisor \
sudo \ sudo \
uidmap \ uidmap \
unzip \ unzip \

2
runner/actions-runner-dind.ubuntu-20.04.dockerfile
View File

@ -39,7 +39,6 @@ RUN apt-get update -y \
python3-pip \ python3-pip \
rsync \ rsync \
shellcheck \ shellcheck \
supervisor \
software-properties-common \ software-properties-common \
sudo \ sudo \
telnet \ telnet \
@ -113,7 +112,6 @@ RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
# We place the scripts in `/usr/bin` so that users who extend this image can # We place the scripts in `/usr/bin` so that users who extend this image can
# override them with scripts of the same name placed in `/usr/local/bin`. # override them with scripts of the same name placed in `/usr/local/bin`.
COPY entrypoint-dind.sh startup.sh logger.sh wait.sh graceful-stop.sh update-status /usr/bin/ COPY entrypoint-dind.sh startup.sh logger.sh wait.sh graceful-stop.sh update-status /usr/bin/
COPY supervisor/ /etc/supervisor/conf.d/
RUN chmod +x /usr/bin/entrypoint-dind.sh /usr/bin/startup.sh RUN chmod +x /usr/bin/entrypoint-dind.sh /usr/bin/startup.sh
# Copy the docker shim which propagates the docker MTU to underlying networks # Copy the docker shim which propagates the docker MTU to underlying networks

2
runner/actions-runner-dind.ubuntu-22.04.dockerfile
View File

@ -23,7 +23,6 @@ RUN apt-get update -y \
git-lfs \ git-lfs \
iptables \ iptables \
jq \ jq \
supervisor \
software-properties-common \ software-properties-common \
sudo \ sudo \
unzip \ unzip \
@ -89,7 +88,6 @@ RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
# We place the scripts in `/usr/bin` so that users who extend this image can # We place the scripts in `/usr/bin` so that users who extend this image can
# override them with scripts of the same name placed in `/usr/local/bin`. # override them with scripts of the same name placed in `/usr/local/bin`.
COPY entrypoint-dind.sh startup.sh logger.sh wait.sh graceful-stop.sh update-status /usr/bin/ COPY entrypoint-dind.sh startup.sh logger.sh wait.sh graceful-stop.sh update-status /usr/bin/
COPY supervisor/ /etc/supervisor/conf.d/
RUN chmod +x /usr/bin/entrypoint-dind.sh /usr/bin/startup.sh RUN chmod +x /usr/bin/entrypoint-dind.sh /usr/bin/startup.sh
# Copy the docker shim which propagates the docker MTU to underlying networks # Copy the docker shim which propagates the docker MTU to underlying networks

10
runner/entrypoint-dind.sh
View File

@ -13,7 +13,7 @@ fi
if [ -n "${MTU}" ]; then if [ -n "${MTU}" ]; then
jq ".\"mtu\" = ${MTU}" /etc/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /etc/docker/daemon.json jq ".\"mtu\" = ${MTU}" /etc/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /etc/docker/daemon.json
# See https://docs.docker.com/engine/security/rootless/ # See https://docs.docker.com/engine/security/rootless/
echo "environment=DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=${MTU}" >> /etc/supervisor/conf.d/dockerd.conf export DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=${MTU}
fi fi
if [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_BASE}" ] && [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_SIZE}" ]; then if [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_BASE}" ] && [ -n "${DOCKER_DEFAULT_ADDRESS_POOL_SIZE}" ]; then
@ -37,12 +37,12 @@ dump() {
printf -- '---\n' 1>&2 printf -- '---\n' 1>&2
} }
for config in /etc/docker/daemon.json /etc/supervisor/conf.d/dockerd.conf; do for config in /etc/docker/daemon.json; do
dump "$config" 'Using {path} with the following content:' dump "$config" 'Using {path} with the following content:'
done done
log.debug 'Starting supervisor daemon' log.debug 'Starting Docker daemon'
sudo /usr/bin/supervisord -n >> /dev/null 2>&1 & sudo /usr/bin/dockerd &
log.debug 'Waiting for processes to be running...' log.debug 'Waiting for processes to be running...'
processes=(dockerd) processes=(dockerd)
@ -50,8 +50,6 @@ processes=(dockerd)
for process in "${processes[@]}"; do for process in "${processes[@]}"; do
if ! wait_for_process "$process"; then if ! wait_for_process "$process"; then
log.error "$process is not running after max time" log.error "$process is not running after max time"
dump /var/log/dockerd.err.log 'Dumping {path} to aid investigation'
dump /var/log/supervisor/supervisord.log 'Dumping {path} to aid investigation'
exit 1 exit 1
else else
log.debug "$process is running" log.debug "$process is running"

6
runner/supervisor/dockerd.conf
View File

@ -1,6 +0,0 @@
[program:dockerd]
command=/usr/bin/dockerd
autostart=true
autorestart=true
stderr_logfile=/var/log/dockerd.err.log
stdout_logfile=/var/log/dockerd.out.log