Closed Vogtinator closed 2 years ago
I don't think we intend on reverting that patch, as the logic behind its inclusion seems solid. Do you have a suggested alternative?
I would suggest that podman still tries to autodect the mount program even with the --root
cli flag present, as the current behavior completely breaks user expectations: You don't apply any special settings to podman and just by using --root
it breaks, if your kernel is old enough.
I don't think we intend on reverting that patch, as the logic behind its inclusion seems solid.
Agreed, it's mainly that mount_program
is a a special case. Are there other storage options for which podman has an internal default?
Do you have a suggested alternative?
I see several options:
mount_program
autodetection to the overlay storage driver. If it's called in rootless mode and mount_program
isn't set, it could set a default itself. That would also fix #13458.mount_program
if --root
was given.mount_program
detection after argument parsing@giuseppe WDYT?
1 and 3 seem to me like a good compromise. Anyone would like to open a PR to implement it?
Interested in opening a PR, @Vogtinator ?
EDIT: Turns out I've had a brain fart and missed that storageOpts.GraphDriverOptions
is initialized as nil
and not as []string{}
, so we actually get into the branch in which kills our config https://github.com/containers/podman/blob/ae7997ab50c7dcfbf7f0a3ec19c9ce1126095f8e/libpod/options.go#L78-L86
I have been digging a bit into this and it turns out that our first hunch that https://github.com/containers/podman/blob/f33b64d8b7d7b2bd22560cfacc90e25d1f9e16b4/pkg/domain/infra/runtime_libpod.go#L129-L133
as the culprit is wrong. I actually believe that line 132 does absolutely nothing, because storageOpts
is set just a few lines above to an empty struct and GraphDriverOptions
is not touched at all before: https://github.com/containers/podman/blob/ae7997ab50c7dcfbf7f0a3ec19c9ce1126095f8e/pkg/domain/infra/runtime_libpod.go#L103
What is actually important is line 130 storageSet = true
as this results in this branch being taken: https://github.com/containers/podman/blob/ae7997ab50c7dcfbf7f0a3ec19c9ce1126095f8e/pkg/domain/infra/runtime_libpod.go#L176-L178
This in turn later calls https://github.com/containers/podman/blob/ae7997ab50c7dcfbf7f0a3ec19c9ce1126095f8e/libpod/options.go#L78-L86 where the else
branch is taken and thereby our config is killed.
I have not yet figured out a way how to properly address this as the mount program appears to be only used actively by MountWithOptions
: https://github.com/containers/podman/blob/ae7997ab50c7dcfbf7f0a3ec19c9ce1126095f8e/vendor/github.com/containers/buildah/pkg/overlay/overlay.go#L154
With some pointers from @Vogtinator I've tried this simple patch:
diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go
index 739828b35..c4d703924 100644
--- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go
+++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go
@@ -330,6 +330,12 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error)
return nil, err
}
+ if opts.mountProgram == "" {
+ if path, err := exec.LookPath("fuse-overlayfs"); err == nil {
+ opts.mountProgram = path
+ }
+ }
+
var usingMetacopy bool
var supportsDType bool
var supportsVolatile *bool
which is essentially option 1 from https://github.com/containers/podman/issues/13459#issuecomment-1062925677.
This fixes the problem that we were observing previously, but it has a pretty big catch: podman --root /something info
still does not mention the mount_program
although it is now set internally in the graph driver. This could be confusing for end users, although it should do no harm, as it will only try to autodetect if no mount program was found.
What are your thoughts on this? I have the feeling that mount_program
will need special treatment in one way or the other.
wouldn't that detect the mountProgram also when native overlay is available?
@giuseppe I am unfortunately not at all familiar how the native overlay works. Could you point me maybe to some docs how it works in detail, especially how it behaves differently to overlay with FUSE?
@giuseppe I am unfortunately not at all familiar how the native overlay works.
Instead of using FUSE with fuse-overlayfs
it uses the kernel's native overlay
filesystem by mounting that in a namespace.
https://github.com/containers/podman/blob/68ce83fe919f2d37762b8b746a73495f45e550f3/vendor/github.com/containers/storage/types/options.go#L229 checks whether that works, only if it doesn't it searches for fuse-overlayfs
.
wouldn't that detect the mountProgram also when native overlay is available?
It indeed does, which is not the desired outcome, right?
right, otherwise we will end up using fuse-overlayfs even if native overlay is supported by the kernel
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When using the
--root
option, it does no longer autodetectfuse-overlayfs
asoverlay.mount_program
. It has to be specified explicitly on the commandline to make podman start again.Both this and https://github.com/containers/podman/issues/13458 are about
mount_program
not getting autodetected properly with certain setups. In fact, I hit #13458 while debugging this one.Steps to reproduce the issue:
Describe the results you received:
Describe the results you expected:
It should continue autodetecting
fuse-overlayfs
.Additional information you deem important (e.g. issue happens only occasionally):
The man page explains that if the
--root
option is given, options from/etc/containers/storage.conf
are ignored:overlay.mount_program
is not specified in that file, it is internally set by https://github.com/containers/podman/blob/f33b64d8b7d7b2bd22560cfacc90e25d1f9e16b4/vendor/github.com/containers/storage/types/options.go#L217-L228.It is then thrown out again by https://github.com/containers/podman/blob/f33b64d8b7d7b2bd22560cfacc90e25d1f9e16b4/pkg/domain/infra/runtime_libpod.go#L132
Reverting 55f00bac02fcde7fbe960a9a80131dbc72630b5b fixes this issue.
BTW: That commit was incorrectly documented in the release notes. They say:
https://github.com/containers/podman/blob/f33b64d8b7d7b2bd22560cfacc90e25d1f9e16b4/RELEASE_NOTES.md?plain=1#L432
Maybe that should've been
s/not/now/
?Output of
podman version
:Output of
podman info --debug
:Package info (e.g. output of
rpm -q podman
orapt list podman
):Bulid from git.
Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)
Yes
Additional environment details (AWS, VirtualBox, physical, etc.):