search

opencontainers / runc

CLI tool for spawning and running containers according to the OCI specification
https://www.opencontainers.org/
Apache License 2.0
11.59k stars 2.06k forks source link

Need a way to pass down the "debug" state of runc to the hooks. #1628

Open rhatdan opened 6 years ago

rhatdan commented 6 years ago

Currently if I run runc in --debug mode, I want to pass this flag down the the hooks.

One way to do this would be to modify the HooksState to include a debug indicator, but this involves changing the runtime spec. I think we could also change this on the stage commands, but adding a field, or environment variable.

Thoughts?

rhatdan commented 6 years ago

Currently we have people complaining about the noice level of oci-umount. We would like to log at only the info level, by default, but we want people to be able to debug output if the --debug flag is set in the container runtime.

rhatdan commented 6 years ago

@mrunalp @rhvgoyal WDYT

rhatdan commented 6 years ago

@crosbymichael Thoughts?

mrunalp commented 6 years ago

:+1:

rhvgoyal commented 6 years ago

Yes to the need of being able to pass debug flag to hooks so that more verbose logging can be enabled from hooks.

cyphar commented 6 years ago

What if you added an annotation to the config.json that the hook can then read -- avoiding the need to modify the spec? Or maybe we should get runtimes to pass some sort of annotation-style JSON that the hook can then parse (so for example runc would set org.opencontainers.log_level or something)?

rhatdan commented 6 years ago

I agree changing the SPEC Would be problematic, I just believe this should be something between runc and the hooks. since if the user just runs runc --debug, I would expect the entire process to respect the debug flag. That way if Docker or CRI-O or some other container runtime launches runc in the future with a --debug flag, the entire stack runs in debug mode.

cyphar commented 6 years ago

The only way of making sure all runtimes obey said rules would be to make a spec change. I think we should come up with a way of passing annotation-style data to a hook, and then we can add spec wording on what informations runtimes should pass.

I don't have a problem with runc exposing this information, I just don't want OCI hooks to be tied to whatever runc ends up doing -- if this is something that the current spec cannot do effectively then we should extend the spec accordingly.

Aisuko commented 4 years ago

Well, we still need some way to debug runC