| *** auk has joined #kata-general | 01:50 | |
| kata-irc-bot | <bergwolf> I don’t have crio environment at hand. but can you try v1.18.3? kata is constantly being tested with v1.18.3 with CI. | 02:56 |
|---|---|---|
| *** auk has quit IRC | 04:37 | |
| zer0def | already have tried with 1.19 once I noticed tickets that related to 1.18.3 and 1.18.4, turns out that procfs isn't properly mounted in the rootfs mount passed through to the VM, might have something to do with running K8S nodes within LXD containers | 05:07 |
| *** theodosiaNa has quit IRC | 06:30 | |
| *** theodosiaNa has joined #kata-general | 06:37 | |
| *** sgarzare has joined #kata-general | 07:47 | |
| *** sameo has joined #kata-general | 09:37 | |
| *** sameo has quit IRC | 10:55 | |
| *** sameo has joined #kata-general | 11:18 | |
| zer0def | out of curiosity - does Kata expect a proper FHS in infra container's image? the VM gets rootfs mounted RO, so after an initial failure to mount /proc, it attempts to create it, fails and falls over leaving the above message | 12:18 |
| zer0def | since my current configuration uses `pause_image = "docker.io/rancher/pause:3.1-amd64"`, which only provides the /pause binary, I'm not sure where the behavior I'm experiencing breaks away from intended operation | 12:22 |
| *** sameo has quit IRC | 13:05 | |
| *** devimc has joined #kata-general | 13:10 | |
| *** sameo has joined #kata-general | 13:18 | |
| kata-irc-bot | <b.oosterhof> Thanks to all who voted! https://youtu.be/PnsP1zhpNxE | 13:21 |
| *** fuentess has joined #kata-general | 14:01 | |
| zer0def | pretty sure https://github.com/cri-o/cri-o/blob/master/server/sandbox_run_linux.go#L423 is causing my headaches with cri-o | 14:16 |
| *** devimc has quit IRC | 15:15 | |
| zer0def | or not, so I'm open to providing whatever logs might help | 15:55 |
| *** devimc has joined #kata-general | 16:39 | |
| zer0def | alright, rebuilt crio to not set root as readonly and a pausing image that has FHS, that's *with* running virtiofs patched kernels and quem, so at this point I'm clueless - any feedback would be welcome | 16:46 |
| zer0def | related agent log: http://ix.io/2Dzx | 16:57 |
| *** pvdp665564 has quit IRC | 17:08 | |
| devimc | zer0def, 'rebuilt crio to not set root as readonly' ? | 17:30 |
| devimc | what do you mean? | 17:31 |
| devimc | container rootfs or VM rootfs ? | 17:31 |
| zer0def | changed the boolean to false here, but to no avail: https://github.com/cri-o/cri-o/blob/master/server/sandbox_run_linux.go#L423 | 17:31 |
| zer0def | and by rootfs, I guess I'm referring to container's rootfs | 17:32 |
| zer0def | though, in my particular circumstance, I find it strange that the VM wouldn't be able to mount it's own /proc, in spite of running inside of an LXD system container | 17:33 |
| zer0def | I'm bind-mounting binaries, libraries and images into those system containers, for clarity | 17:34 |
| devimc | zer0def, so, kata is running in a LXD container? | 17:34 |
| zer0def | perhaps I should specifically link to the piece of shell that more clearly describes what's being bound over | 17:35 |
| zer0def | these two links ought to provide enough context on what I'm doing: https://github.com/zer0def/aquarium/blob/master/aquarium.sh#L60 https://github.com/zer0def/aquarium/blob/master/aquarium.sh#L331 | 17:37 |
| zer0def | but yes, essentially that's K8S-on-LXD with Kata, also made sure qemu genuinely launches by itself | 17:37 |
| devimc | zer0def, ptal https://github.com/kata-containers/runtime/issues/3021 -not sure if this is the same error | 17:41 |
| zer0def | it looks like the same thing, only mapped to kata2 and I did notice an `MS_PRIVATE` rebind in the strace log | 17:44 |
| devimc | zer0def, s/MS_PRIVATE/MS_SHARED/g ? | 17:46 |
| devimc | os MS_SLAVE ? | 17:46 |
| devimc | *or | 17:46 |
| zer0def | pretty sure it was a rebind to MS_PRIVATE | 17:46 |
| devimc | cool | 17:47 |
| zer0def | http://ix.io/2DzR | 17:48 |
| zer0def | let me follow through the steps the reporter went through and report back | 17:49 |
| zer0def | yep, a quick `mkdir -p /run/kata-containers/shared/sandboxes && mount --bind --make-rshared /run/kata-containers/shared/sandboxes /run/kata-containers/shared/sandboxes` fixes the situation, thanks for bringing up that particular issue, devimc | 18:55 |
| *** sgarzare has quit IRC | 19:01 | |
| devimc | zer0def, that's great! :) | 19:30 |
| kata-irc-bot | <eric.ernst> devimc: ack? https://github.com/kata-containers/runtime/pull/3048 | 19:31 |
| devimc | done :) | 19:34 |
| *** pvdp665564 has joined #kata-general | 20:32 | |
| *** fuentess has quit IRC | 21:14 | |
| *** fuentess has joined #kata-general | 21:32 | |
| *** devimc has quit IRC | 21:52 | |
| kata-irc-bot | <s257117> Hello, I'm a student from polytechnic of Turin, computer engineering. I hope I am in the right place to ask questions. I'm actually trying to benchmark I/O (with fio) of different container runtimes but i can't understand why I'm obtaining better results with kata (65.5K IOPS) instead of runc (14.7K IOPS), can someone explain me why? | 22:32 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!