search

containers / virtcontainers

A Go package for building hardware virtualized container runtimes
Apache License 2.0
139 stars 43 forks source link

QMP socket truncation leads to non-unique ctrl v monitor sockets #552

Closed egernst closed 6 years ago

egernst commented 6 years ago

See the following QEMU output when using latest CC-runtime, taking particular note of the -qmp sockets:

root      14277  14233 25 14:54 ?        00:00:18 /usr/bin/qemu-cc-system-x86_64
 -name pod-a68565dd6d0da2f3093ffd5ef85f0f7478bfc0f480bf500a4a59fe8ea28df207
 -uuid 223ed1dc-e81d-4ebb-b4b7-7b7e584e6329
 -machine pc,accel=kvm,kernel_irqchip,nvdimm
 -cpu host
 -qmp unix:/run/virtcontainers/pods/a68565dd6d0da2f3093ffd5ef85f0f7478bfc0f480bf500a4a59fe8ea28df207/223ed1dc-e81d-4eb,server,nowait
 -qmp unix:/run/virtcontainers/pods/a68565dd6d0da2f3093ffd5ef85f0f7478bfc0f480bf500a4a59fe8ea28df207/223ed1dc-e81d-4eb,server,nowait
 -m 2048M,slots=2,maxmem=97635M

https://github.com/containers/virtcontainers/blob/master/qemu.go#L610 will do truncation, trying to avoid a 107 character limit on socket path length. In carrying this out, the name is truncated, totally eliminating the monitor.sock or ctrl.sock which should've been appended. As a result only a single socket created on the host, and it is used for both QMP interfaces into QEMU. Ie: 

/var/run/virtcontainers/pods/a68565dd6d0da2f3093ffd5ef85f0f7478bfc0f480bf500a4a59fe8ea28df207/223ed1dc-e81d-4eb: socket

Need truncate the qemu ID before truncating socket name.