containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23118 from Luap99/machine-flake 

apple virtiofs: fix racy mount setup
This commit is contained in:
openshift-merge-bot[bot] 2024-06-27 15:41:55 +00:00 committed by GitHub
parent b91d0faf6e fdb736d282
commit d367d55d33
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 37 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cirrus.yml
View File

@ -796,7 +796,7 @@ podman_machine_mac_task:
clone_script: # artifacts from osx_alt_build_task clone_script: # artifacts from osx_alt_build_task
- mkdir -p $CIRRUS_WORKING_DIR - mkdir -p $CIRRUS_WORKING_DIR
- cd $CIRRUS_WORKING_DIR - cd $CIRRUS_WORKING_DIR
- $ARTCURL/OSX%20Cross/repo/repo.tbz - $ARTCURL/Build%20for%20MacOS%20amd64%2Barm64/repo/repo.tbz
- tar xjf repo.tbz - tar xjf repo.tbz
# This host is/was shared with potentially many other CI tasks. # This host is/was shared with potentially many other CI tasks.
# The previous task may have been canceled or aborted. # The previous task may have been canceled or aborted.

75
pkg/machine/apple/apple.go
View File

@ -72,18 +72,7 @@ func GenerateSystemDFilesForVirtiofsMounts(mounts []machine.VirtIoFs) ([]ignitio
unitFiles := make([]ignition.Unit, 0, len(mounts)) unitFiles := make([]ignition.Unit, 0, len(mounts))
for _, mnt := range mounts { for _, mnt := range mounts {
// Here we are looping the mounts and for each mount, we are adding two unit files // Create mount unit for each mount
// for virtiofs. One unit file is the mount itself and the second is to automount it
// on boot.
autoMountUnit := parser.NewUnitFile()
autoMountUnit.Add("Automount", "Where", "%s")
autoMountUnit.Add("Install", "WantedBy", "multi-user.target")
autoMountUnit.Add("Unit", "Description", "Mount virtiofs volume %s")
autoMountUnitFile, err := autoMountUnit.ToString()
if err != nil {
return nil, err
}
mountUnit := parser.NewUnitFile() mountUnit := parser.NewUnitFile()
mountUnit.Add("Mount", "What", "%s") mountUnit.Add("Mount", "What", "%s")
mountUnit.Add("Mount", "Where", "%s") mountUnit.Add("Mount", "Where", "%s")
@ -95,49 +84,57 @@ func GenerateSystemDFilesForVirtiofsMounts(mounts []machine.VirtIoFs) ([]ignitio
return nil, err return nil, err
} }
virtiofsAutomount := ignition.Unit{
Enabled: ignition.BoolToPtr(true),
Name: fmt.Sprintf("%s.automount", parser.PathEscape(mnt.Target)),
Contents: ignition.StrToPtr(fmt.Sprintf(autoMountUnitFile, mnt.Tag, mnt.Target)),
}
virtiofsMount := ignition.Unit{ virtiofsMount := ignition.Unit{
Enabled: ignition.BoolToPtr(true), Enabled: ignition.BoolToPtr(true),
Name: fmt.Sprintf("%s.mount", parser.PathEscape(mnt.Target)), Name: fmt.Sprintf("%s.mount", parser.PathEscape(mnt.Target)),
Contents: ignition.StrToPtr(fmt.Sprintf(mountUnitFile, mnt.Tag, mnt.Target)), Contents: ignition.StrToPtr(fmt.Sprintf(mountUnitFile, mnt.Tag, mnt.Target)),
} }
// This "unit" simulates something like systemctl enable virtiofs-mount-prepare@ unitFiles = append(unitFiles, virtiofsMount)
enablePrep := ignition.Unit{
Enabled: ignition.BoolToPtr(true),
Name: fmt.Sprintf("virtiofs-mount-prepare@%s.service", parser.PathEscape(mnt.Target)),
}
unitFiles = append(unitFiles, virtiofsAutomount, virtiofsMount, enablePrep)
} }
// mount prep is a way to workaround the FCOS limitation of creating directories // This is a way to workaround the FCOS limitation of creating directories
// at the rootfs / and then mounting to them. // at the rootfs / and then mounting to them.
mountPrep := parser.NewUnitFile() immutableRootOff := parser.NewUnitFile()
mountPrep.Add("Unit", "Description", "Allow virtios to mount to /") immutableRootOff.Add("Unit", "Description", "Allow systemd to create mount points on /")
mountPrep.Add("Unit", "DefaultDependencies", "no") immutableRootOff.Add("Unit", "DefaultDependencies", "no")
mountPrep.Add("Unit", "ConditionPathExists", "!%f")
mountPrep.Add("Service", "Type", "oneshot") immutableRootOff.Add("Service", "Type", "oneshot")
mountPrep.Add("Service", "ExecStartPre", "chattr -i /") immutableRootOff.Add("Service", "ExecStart", "chattr -i /")
mountPrep.Add("Service", "ExecStart", "mkdir -p '%f'")
mountPrep.Add("Service", "ExecStopPost", "chattr +i /")
mountPrep.Add("Install", "WantedBy", "remote-fs.target") immutableRootOff.Add("Install", "WantedBy", "remote-fs-pre.target")
mountPrepFile, err := mountPrep.ToString() immutableRootOffFile, err := immutableRootOff.ToString()
if err != nil { if err != nil {
return nil, err return nil, err
} }
virtioFSChattr := ignition.Unit{ immutableRootOffUnit := ignition.Unit{
Contents: ignition.StrToPtr(mountPrepFile), Contents: ignition.StrToPtr(immutableRootOffFile),
Name: "virtiofs-mount-prepare@.service", Name: "immutable-root-off.service",
Enabled: ignition.BoolToPtr(true),
} }
unitFiles = append(unitFiles, virtioFSChattr) unitFiles = append(unitFiles, immutableRootOffUnit)
immutableRootOn := parser.NewUnitFile()
immutableRootOn.Add("Unit", "Description", "Set / back to immutable after mounts are done")
immutableRootOn.Add("Unit", "DefaultDependencies", "no")
immutableRootOn.Add("Unit", "After", "remote-fs.target")
immutableRootOn.Add("Service", "Type", "oneshot")
immutableRootOn.Add("Service", "ExecStart", "chattr +i /")
immutableRootOn.Add("Install", "WantedBy", "remote-fs.target")
immutableRootOnFile, err := immutableRootOn.ToString()
if err != nil {
return nil, err
}
immutableRootOnUnit := ignition.Unit{
Contents: ignition.StrToPtr(immutableRootOnFile),
Name: "immutable-root-on.service",
Enabled: ignition.BoolToPtr(true),
}
unitFiles = append(unitFiles, immutableRootOnUnit)
return unitFiles, nil return unitFiles, nil
} }