Closed niteeshkd closed 7 months ago
When I add the argument CARGO_TARGET_DIR
in docker-compose.yml
to reuse the compiled dependencies as follows, it is working fine.
$ git diff
diff --git a/docker-compose.yml b/docker-compose.yml
index 8e14c38..ba75201 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -3,6 +3,8 @@ services:
kbs:
build:
context: .
+ args:
+ - CARGO_TARGET_DIR=/tmp
dockerfile: ./kbs/docker/Dockerfile.coco-as-grpc
#image: ghcr.io/confidential-containers/key-broker-service:latest
command: [
@@ -23,6 +25,8 @@ services:
as:
build:
context: .
+ args:
+ - CARGO_TARGET_DIR=/tmp
dockerfile: ./attestation-service/Dockerfile.as-grpc
#image: ghcr.io/confidential-containers/attestation-service:latest
ports:
@@ -46,6 +50,8 @@ services:
#image: ghcr.io/confidential-containers/reference-value-provider-service:latest
build:
context: .
+ args:
+ - CARGO_TARGET_DIR=/tmp
dockerfile: ./attestation-service/rvps/Dockerfile
restart: always # keep the server running
ports:
It seems use of CARGO_TARGET_DIR could save some time in runningdocker compose up -d
. On Ubuntu 20.04, i noticed ~25 sec saving of time.
Without using CARGO_TARGET_DIR:
$ time docker compose up -d
...
real 4m41.491s
user 0m3.891s
sys 0m2.740s
After killing the trustee containers, removing their images and then starting the trustee containers with CARG_TARGET_DIR:
$ time docker compose up -d
...
real 4m16.658s
user 0m3.764s
sys 0m2.430s
Hi @niteeshkd , I am not sure if it is cause by the OS number limit of opened files.
Could you try ulimit -S
and ulimit -H
to check the limited number of opened file handlers on Ubuntu 22.04 and try to make it bigger by ulimit -n <a-bigger-number>
Hi @Xynnn007 , increasing the number of file handlers for the user on the host does not help. It shows the same error. I tested it by increasing number of file handlers from default (i.e. 1024) to 4096, 524288, 1048576 (i.e. default maximum).
$ ulimit -S
unlimited
$ ulimit -H
unlimited
$ ulimit -n
1024
$ ulimit -Sn
1024
$ ulimit -Hn
1048576
$ ulimit -n 4096
$ ulimit -n
4096
$ docker compose up -d
...
23.99 Caused by:
23.99 Too many open files (os error 24)
27.29 error: failed to compile `attestation-service v0.1.0 (/usr/src/attestation-service/attestation-service/attestation-service)`, intermediate artifacts can be found at `/usr/src/attestation-service/target`.
27.29 To reuse those artifacts with a future compilation, set the environment variable `CARGO_TARGET_DIR` to that path.
------
failed to solve: process "/bin/sh -c cargo install --path attestation-service/attestation-service --bin grpc-as --features grpc-bin --locked" did not complete successfully: exit code: 101
$ ulimit -n 524288
$ ulimit -n
524288
$ docker compose up -d
...
22.35 Caused by:
22.35 Too many open files (os error 24)
25.57 error: failed to compile `attestation-service v0.1.0 (/usr/src/attestation-service/attestation-service/attestation-service)`, intermediate artifacts can be found at `/usr/src/attestation-service/target`.
25.57 To reuse those artifacts with a future compilation, set the environment variable `CARGO_TARGET_DIR` to that path.
------
failed to solve: process "/bin/sh -c cargo install --path attestation-service/attestation-service --bin grpc-as --features grpc-bin --locked" did not complete successfully: exit code: 101
$ ulimit -n 1048576
$ ulimit -n
1048576
$ docker compose up -d
...
21.14 Caused by:
21.14 Too many open files (os error 24)
24.06 error: failed to compile `attestation-service v0.1.0 (/usr/src/attestation-service/attestation-service/attestation-service)`, intermediate artifacts can be found at `/usr/src/attestation-service/target`.
24.06 To reuse those artifacts with a future compilation, set the environment variable `CARGO_TARGET_DIR` to that path.
------
failed to solve: process "/bin/sh -c cargo install --path attestation-service/attestation-service --bin grpc-as --features grpc-bin --locked" did not complete successfully: exit code: 101
I tried specifying the number of open file handlers in the docker compose file. It does not seem helping either.
$ git diff
diff --git a/docker-compose.yml b/docker-compose.yml
index 8e14c38..c573d2a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,6 +11,8 @@ services:
"/etc/kbs-config.toml",
]
restart: always # keep the server running
+ ulimits:
+ nofile: 524288
ports:
- "8080:8080"
volumes:
@@ -28,6 +30,8 @@ services:
ports:
- "50004:50004"
restart: always
+ ulimits:
+ nofile: 524288
volumes:
- ./kbs/data/attestation-service:/opt/confidential-containers/attestation-service:rw
- ./kbs/config/as-config.json:/etc/as-config.json:rw
@@ -48,6 +52,8 @@ services:
context: .
dockerfile: ./attestation-service/rvps/Dockerfile
restart: always # keep the server running
+ ulimits:
+ nofile: 524288
ports:
- "50003:50003"
volumes:
$ docker compose up -d
...
23.96 Caused by:
23.96 Too many open files (os error 24)
27.30 error: failed to compile `attestation-service v0.1.0 (/usr/src/attestation-service/attestation-service/attestation-service)`, intermediate artifacts can be found at `/usr/src/attestation-service/target`.
27.30 To reuse those artifacts with a future compilation, set the environment variable `CARGO_TARGET_DIR` to that path.
------
failed to solve: process "/bin/sh -c cargo install --path attestation-service/attestation-service --bin grpc-as --features grpc-bin --locked" did not complete successfully: exit code: 101
@fitzthum
Hi @niteeshkd
I test it again in a new VM on alibaba cloud with 8 vCPU & 16 GB RAM. Ubuntu 22.04.
Only installed the newest docker following https://docs.docker.com/engine/install/ubuntu/ and rust
Then clone trustee repo and run docker compose up -d
And the building process succeeded.
I am afraid that something wrong with your environment. Try to remove image rust:latest
which AS' dockerfile
uses and let it download the real latest.
Another way is to run the commands of Dockerfile.as-grpc
inside a new docker container to check if it works step by step to locate the error.
Another way is to run the commands of
Dockerfile.as-grpc
inside a new docker container to check if it works step by step to locate the error.
I have tested this way. It works this way.
@niteeshkd Oh, well. That seems more like an execution environment issue than the specific build code in the repo
@niteeshkd can we close this?
@niteeshkd can we close this?
I think we can close it for now.
When I run
docker compose up -d
to start trustee containers onUbuntu 22.04
, it fails while building attestation service container with the following messages. But, i don't notice this problem onUbuntu 20.04
.