search

google / gvisor

Application Kernel for Containers
https://gvisor.dev
Apache License 2.0
15.85k stars 1.3k forks source link

Huge amount of log lines in Cloud Run Logs when using `dig` command #6123

Closed AndreiIgna closed 3 years ago

AndreiIgna commented 3 years ago

Continuing from here https://github.com/google/gvisor/issues/1643

Description

Some projects deployed to Google Cloud Run generate huge amount of log lines like:

120392207-742ec200-c330-11eb-8c89-1232b1b86fad

This makes it really difficult to check other logs (requests, warnings, etc) and there's no easy way to hide these. Sometimes there are hundreds continuous lines that start with "Container Sandbox: Unsupported syscall setsockopt..."

After doing some checking & debugging, I noticed that these logs appear specifically when executing dig command for DNS queries. The project from where the screenshot is taken uses this library @layered/dns-records

I've tried changing configs for dig, Docker or NodeJS, but those log lines are always shown.

Steps to reproduce

Deploy code that runs dig command.

Environment

Docker image is built & deployed by Google Cloud Build, from this config:

FROM node:14-alpine

# Install dig command
RUN apk update && apk add bind-tools

...
nlacasse commented 3 years ago

Those unimplemented syscall errors are for setsockopt(*, SOL_SOCKET, SO_OOBINLINE (10)). Netstack behaves as if SO_OOBINLINE is always set. We should probably just disable the log here. PR coming.