[1/2] package/docker-engine: rewrite dockerd init script

Message ID	20240729122011.1112914-1-fiona.klute@gmx.de
State	Superseded
Headers	show Return-Path: <buildroot-bounces@buildroot.org> Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=212.227.17.21; helo=mout.gmx.net; envelope-from=fiona.klute@gmx.de; receiver=<UNKNOWN> DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org B7B9C400F8 To: buildroot@buildroot.org Date: Mon, 29 Jul 2024 14:20:10 +0200 Message-ID: <20240729122011.1112914-1-fiona.klute@gmx.de> MIME-Version: 1.0 UI-OutboundReport: notjunk:1;M01:P0:+nBz3eYkW0k=;wALrpdRlhn7vyvQbMiIV6tjd9NJ xPW6N0bfWG4Kg+f1wEagvLf2Q9wPlTx1Y/Tc4ILwU9jS15LVAMqId9kVSJV11sHIwhf+ZJUi8 jOo0TqJgIGKtZVcy2qN7HFGv6EYPg7Ysl+bJtGSbokEqs7IEI4OwY4KuxPJ8cuWLIL271j0Gs 8E3DXq9NFEn52kQ+x1Nhr7HnjwpIwQ09ajRw09mVmVXZVyN5rGF/AJfU9/C4QJd4YfJLZfZOs a/zJuyFzAd8SrgZW6+X4/5ZkXOszfrPizbH1TjQuZ5fnn8WN6dweCx01NSOWDl8DUFjeh9zBs QEg5sJ+yVJUvC1cH+1oA+cFxIySN0cBcBt6SxzvR8FO7Wa0qdkNkAmDl4XhdPX5T2cf8D1t3Y FYqe+8kSPQDJQhcb5Bbo6FIR9cMt7//ngnHgHvhhNgTSKBiSsJQM1qd0YJwMerhRRMMaWREZV Yzh2CX0JKmjWVtHGPPv8FvsR/sG8n5N740e10PihgNRf3uS3+acn057Pu+EQaYBpP/tvyH3Ua nDyco3VUuWY2Y+5+c9WJiYho7aLmL3lGIayhhOxf5frOAtqD8qYkRjVxbSAvLfkYpXXdWcrq1 GwlYJlqq4Y+PCSyGAP2Q6+dHG9Rt7OcK1w9mJ+mKVEzhagqHj0FlXmZuVdBVwWIsSiIl4qX1U q6PFHr2TqI5P/5Rwa6tm+1iFCDm7+5T6fAa+rA0i32Ee4um9qQGvjsvKxeRzbS8NUPQEEnKQt hjisf/g5ihttl3EG4EV6FuavY8V5Wp/xAHQ/gZFvaKIVyf6gWPBOQOMrqrRhTOQXIRYNahH1e SUMe23BW5Gudl5H7/VOfK+nw== X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1722255627; x=1722860427; i=fiona.klute@gmx.de; bh=afK6RFiUZiXcyUhclATZBw4+l6Ik3+p7hbz60Izvjfw=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:Message-ID: MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=pAGjugaMWBRUET0uqMPH+xcjI4T24I3gEHxP3ut5JL9bMBHs4lakH+U36zFPZHos 6sNMc1S402MdpQ5SLcG+5O+php5zlou1ml9w8oqqPXV5EnufCrpAn59OvjJCb2uDB eJOiZdWWnpMZGWgGEzfVQjIY3YbCgu0EwGH4WHobC/qGRchcN/acWuqQghZs//j1p CYYoxsBWJMkp7FRSZ1o5I3GWK7KCIx1NuBHM6Pu82JjGFYUkLCeXYANucu76gbS6A 7UAH0kHBNDqYAxELokWr9JWBjkGVVfhqXQTXozQvLY46Qz9cl93oekLaA4fk4+Vm2 umUnIDy9Q4JmMNaK+w== X-Mailman-Original-Authentication-Results: smtp2.osuosl.org; dmarc=pass (p=quarantine dis=none) header.from=gmx.de X-Mailman-Original-Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=gmx.de header.i=fiona.klute@gmx.de header.a=rsa-sha256 header.s=s31663417 header.b=pAGjugaM Subject: [Buildroot] [PATCH 1/2] package/docker-engine: rewrite dockerd init script Precedence: list From: Fiona Klute via buildroot <buildroot@buildroot.org> Reply-To: Fiona Klute <fiona.klute@gmx.de> Cc: "Fiona Klute \(WIWA\)" <fiona.klute@gmx.de>, Christian Stewart <christian@aperture.us> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" <buildroot-bounces@buildroot.org>
Series	[1/2] package/docker-engine: rewrite dockerd init script \| expand [1/2] package/docker-engine: rewrite dockerd init script [RFC,2/2] package/docker-engine: add wrapper script for logging to syslog

Message ID

20240729122011.1112914-1-fiona.klute@gmx.de

State

Superseded

Headers

Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=212.227.17.21;
 helo=mout.gmx.net; envelope-from=fiona.klute@gmx.de; receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org B7B9C400F8
To: buildroot@buildroot.org
Date: Mon, 29 Jul 2024 14:20:10 +0200
Message-ID: <20240729122011.1112914-1-fiona.klute@gmx.de>
MIME-Version: 1.0
UI-OutboundReport: notjunk:1;M01:P0:+nBz3eYkW0k=;wALrpdRlhn7vyvQbMiIV6tjd9NJ
 xPW6N0bfWG4Kg+f1wEagvLf2Q9wPlTx1Y/Tc4ILwU9jS15LVAMqId9kVSJV11sHIwhf+ZJUi8
 jOo0TqJgIGKtZVcy2qN7HFGv6EYPg7Ysl+bJtGSbokEqs7IEI4OwY4KuxPJ8cuWLIL271j0Gs
 8E3DXq9NFEn52kQ+x1Nhr7HnjwpIwQ09ajRw09mVmVXZVyN5rGF/AJfU9/C4QJd4YfJLZfZOs
 a/zJuyFzAd8SrgZW6+X4/5ZkXOszfrPizbH1TjQuZ5fnn8WN6dweCx01NSOWDl8DUFjeh9zBs
 QEg5sJ+yVJUvC1cH+1oA+cFxIySN0cBcBt6SxzvR8FO7Wa0qdkNkAmDl4XhdPX5T2cf8D1t3Y
 FYqe+8kSPQDJQhcb5Bbo6FIR9cMt7//ngnHgHvhhNgTSKBiSsJQM1qd0YJwMerhRRMMaWREZV
 Yzh2CX0JKmjWVtHGPPv8FvsR/sG8n5N740e10PihgNRf3uS3+acn057Pu+EQaYBpP/tvyH3Ua
 nDyco3VUuWY2Y+5+c9WJiYho7aLmL3lGIayhhOxf5frOAtqD8qYkRjVxbSAvLfkYpXXdWcrq1
 GwlYJlqq4Y+PCSyGAP2Q6+dHG9Rt7OcK1w9mJ+mKVEzhagqHj0FlXmZuVdBVwWIsSiIl4qX1U
 q6PFHr2TqI5P/5Rwa6tm+1iFCDm7+5T6fAa+rA0i32Ee4um9qQGvjsvKxeRzbS8NUPQEEnKQt
 hjisf/g5ihttl3EG4EV6FuavY8V5Wp/xAHQ/gZFvaKIVyf6gWPBOQOMrqrRhTOQXIRYNahH1e
 SUMe23BW5Gudl5H7/VOfK+nw==
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dmarc=pass (p=quarantine dis=none)
 header.from=gmx.de
X-Mailman-Original-Authentication-Results: smtp2.osuosl.org;
 dkim=pass (2048-bit key,
 unprotected) header.d=gmx.de header.i=fiona.klute@gmx.de header.a=rsa-sha256
 header.s=s31663417 header.b=pAGjugaM
Subject: [Buildroot] [PATCH 1/2] package/docker-engine: rewrite dockerd init
 script
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
From: Fiona Klute via buildroot <buildroot@buildroot.org>
Reply-To: Fiona Klute <fiona.klute@gmx.de>
Cc: "Fiona Klute \(WIWA\)" <fiona.klute@gmx.de>,
 Christian Stewart <christian@aperture.us>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

Series

[1/2] package/docker-engine: rewrite dockerd init script | expand

Commit Message

Fiona Klute July 29, 2024, 12:20 p.m. UTC

From: "Fiona Klute (WIWA)" <fiona.klute@gmx.de>

This brings the dockerd init script in line with the standard
Buildroot init script pattern.

Reload using SIGHUP is also supported now, note that the Docker
documentation cautions that not all parameters can be changed at
runtime (without a full restart).

Signed-off-by: Fiona Klute (WIWA) <fiona.klute@gmx.de>
---
Please note that while the second patch in this series is an RFC, this
is not and in my opinion can be merged with or without the syslog fix.

 .checkpackageignore              |   1 -
 package/docker-engine/S60dockerd | 103 ++++++++++++++++++++++---------
 2 files changed, 74 insertions(+), 30 deletions(-)

--
2.45.2

Comments

Thomas Petazzoni July 29, 2024, 8:50 p.m. UTC | #1

Hello Fiona,

Thanks for working on this. One question below.

On Mon, 29 Jul 2024 14:20:10 +0200
Fiona Klute via buildroot <buildroot@buildroot.org> wrote:

> +start() {
> +	printf 'Starting %s: ' "$DAEMON"
> +	# shellcheck disable=SC2086 # we need word splitting for DOCKERD_ARGS
> +	start-stop-daemon --start --background --pidfile "$PIDFILE" \
> +		--exec "/usr/bin/$DAEMON" \
> +		-- --pidfile "$PIDFILE" $DOCKERD_ARGS
> +	# We have to use --background because dockerd doesn't
> +	# daemonize on its own. Unfortunately that means
> +	# start-stop-daemon cannot check the return status, so at
> +	# least check the process is actually running.

How is this different than the other init scripts for which we use
--background?

package/at/S99at
package/busybox/S01syslogd (which was recently reworked)
package/busybox/S41ifplugd (same)
package/busybox/S50crond (same)

While would need the while loop waiting for the daemon to actually be
started in the docker-engine init script and not the other services?

Thanks!

Thomas

Fiona Klute July 30, 2024, 3:33 p.m. UTC | #2

Hi Thomas!

Am 29.07.24 um 22:50 schrieb Thomas Petazzoni:
> Hello Fiona,
>
> Thanks for working on this. One question below.
>
> On Mon, 29 Jul 2024 14:20:10 +0200
> Fiona Klute via buildroot <buildroot@buildroot.org> wrote:
>
>> +start() {
>> +	printf 'Starting %s: ' "$DAEMON"
>> +	# shellcheck disable=SC2086 # we need word splitting for DOCKERD_ARGS
>> +	start-stop-daemon --start --background --pidfile "$PIDFILE" \
>> +		--exec "/usr/bin/$DAEMON" \
>> +		-- --pidfile "$PIDFILE" $DOCKERD_ARGS
>> +	# We have to use --background because dockerd doesn't
>> +	# daemonize on its own. Unfortunately that means
>> +	# start-stop-daemon cannot check the return status, so at
>> +	# least check the process is actually running.
>
> How is this different than the other init scripts for which we use
> --background?
>
> package/at/S99at
> package/busybox/S01syslogd (which was recently reworked)
> package/busybox/S41ifplugd (same)
> package/busybox/S50crond (same)
>
> While would need the while loop waiting for the daemon to actually be
> started in the docker-engine init script and not the other services?

There isn't a fundamental difference, I might have over-engineered a bit
while thinking about experiments with the Docker config and how it'd be
annoying if I change the config and restart, see "OK", and then the
service isn't running. Effectively the loop only confirms that the
service reaches the point where it writes its PID file (that's something
those other services don't do, note the absence of --make-pidfile), but
it might still crash after.

It should be fine to drop the loop and accept the same limitation as in
those other scripts (if the binary can be executed and then crashes,
output still says "OK").

I can respin, I'm just hoping to get an opinion on the second patch
first (the log capture one), so I know whether to modify or drop that in v2.

Best regards,
Fiona

Thomas Petazzoni July 30, 2024, 3:50 p.m. UTC | #3

Hello Fiona,

On Tue, 30 Jul 2024 17:33:07 +0200
Fiona Klute <fiona.klute@gmx.de> wrote:

> > While would need the while loop waiting for the daemon to actually be
> > started in the docker-engine init script and not the other services?  
> 
> There isn't a fundamental difference, I might have over-engineered a bit
> while thinking about experiments with the Docker config and how it'd be
> annoying if I change the config and restart, see "OK", and then the
> service isn't running. Effectively the loop only confirms that the
> service reaches the point where it writes its PID file (that's something
> those other services don't do, note the absence of --make-pidfile), but
> it might still crash after.
> 
> It should be fine to drop the loop and accept the same limitation as in
> those other scripts (if the binary can be executed and then crashes,
> output still says "OK").

To me, the whole goal of the effort you have started (and which is
super nice!) is to have consistency among the init scripts, so I would
really prefer that a given situation is handled in exactly the same way
in all init scripts.

BTW, in another e-mail, I had suggested to improve a bit our
documentation to describe the different situations, and how we intend
to handle each situation in our init script.

> I can respin, I'm just hoping to get an opinion on the second patch
> first (the log capture one), so I know whether to modify or drop that in v2.

I don't have a super super strong opinion PATCH 2/2. Wrapper scripts
always tend to make things a bit more "obscure". My initial thought
was: but if all what's missing is --no-close support in Busybox, why
don't we implement it? On the other hand, your wrapper script allows
the logging to go into syslog (which is configurable), while with
--no-close, it simply gets redirected to a file, and that's it (which I
suppose we can say is less configurable than having logs going through
syslog).

Thomas

Fiona Klute July 31, 2024, 5:51 p.m. UTC | #4

Am 30.07.24 um 17:50 schrieb Thomas Petazzoni:
> Hello Fiona,
>
> On Tue, 30 Jul 2024 17:33:07 +0200
> Fiona Klute <fiona.klute@gmx.de> wrote:
>
>>> While would need the while loop waiting for the daemon to actually be
>>> started in the docker-engine init script and not the other services?
>>
>> There isn't a fundamental difference, I might have over-engineered a bit
>> while thinking about experiments with the Docker config and how it'd be
>> annoying if I change the config and restart, see "OK", and then the
>> service isn't running. Effectively the loop only confirms that the
>> service reaches the point where it writes its PID file (that's something
>> those other services don't do, note the absence of --make-pidfile), but
>> it might still crash after.
>>
>> It should be fine to drop the loop and accept the same limitation as in
>> those other scripts (if the binary can be executed and then crashes,
>> output still says "OK").
>
> To me, the whole goal of the effort you have started (and which is
> super nice!) is to have consistency among the init scripts, so I would
> really prefer that a given situation is handled in exactly the same way
> in all init scripts.

Makes sense, I'll respin in that way. :-)

> BTW, in another e-mail, I had suggested to improve a bit our
> documentation to describe the different situations, and how we intend
> to handle each situation in our init script.

I saw that, and agree it makes sense. I'll have to see if/when I can fit
a documentation update in.

>> I can respin, I'm just hoping to get an opinion on the second patch
>> first (the log capture one), so I know whether to modify or drop that in v2.
>
> I don't have a super super strong opinion PATCH 2/2. Wrapper scripts
> always tend to make things a bit more "obscure". My initial thought
> was: but if all what's missing is --no-close support in Busybox, why
> don't we implement it? On the other hand, your wrapper script allows
> the logging to go into syslog (which is configurable), while with
> --no-close, it simply gets redirected to a file, and that's it (which I
> suppose we can say is less configurable than having logs going through
> syslog).

Yes, exactly, and the log_proxy that Alpine uses has some extra handling
to avoid losing some lines during (outside) log rotation. I'd very much
prefer keeping the redirection to syslog. The proper fix in my eyes
would be syslog support in the Docker engine itself (which ironically
already exists for containers).

Best regards,
Fiona

diff --git a/.checkpackageignore b/.checkpackageignore
index 4fb65d231a..a9711f484f 100644
--- a/.checkpackageignore
+++ b/.checkpackageignore
@@ -460,7 +460,6 @@  package/dmalloc/0004-Makefile-use-the-configure-detected-or-user-supplied.patch
 package/dmalloc/0005-configure-use-LD-instead-of-hard-coding-ld.patch lib_patch.Upstream
 package/dmraid/0001-fix-compilation-under-musl.patch lib_patch.Upstream
 package/dmraid/S20dmraid lib_sysv.Variables
-package/docker-engine/S60dockerd Shellcheck lib_sysv.Indent lib_sysv.Variables
 package/docopt-cpp/0001-only-build-one-target-use-BUILD_SHARED_LIBS-where-appropriate.patch lib_patch.Upstream
 package/domoticz/S99domoticz Shellcheck
 package/dovecot/0001-auth-Fix-handling-passdbs-with-identical-driver-args.patch lib_patch.Upstream
diff --git a/package/docker-engine/S60dockerd b/package/docker-engine/S60dockerd
index def8bea149..6850092eb2 100644
--- a/package/docker-engine/S60dockerd
+++ b/package/docker-engine/S60dockerd
@@ -1,38 +1,83 @@ 
 #!/bin/sh

-NAME=dockerd
-DAEMON=/usr/bin/$NAME
-PIDFILE=/var/run/$NAME.pid
-DAEMON_ARGS=""
-
-[ -r /etc/default/$NAME ] && . /etc/default/$NAME $1
-
-do_start() {
-        echo -n "Starting $NAME: "
-        start-stop-daemon --start --quiet --background --make-pidfile \
-		--pidfile $PIDFILE --exec $DAEMON -- $DAEMON_ARGS \
-                && echo "OK" || echo "FAIL"
+DAEMON="dockerd"
+PIDFILE="/var/run/$DAEMON.pid"
+# expect dockerd to write its PID file within this number of seconds
+# after start
+STARTUP_TIMEOUT="5"
+
+DOCKERD_ARGS=""
+
+# shellcheck source=/dev/null
+[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
+
+dockerd_running() {
+	start-stop-daemon --stop --test --quiet --pidfile "$PIDFILE" \
+		--exec "/usr/bin/$DAEMON"
+	return $?
+}
+
+start() {
+	printf 'Starting %s: ' "$DAEMON"
+	# shellcheck disable=SC2086 # we need word splitting for DOCKERD_ARGS
+	start-stop-daemon --start --background --pidfile "$PIDFILE" \
+		--exec "/usr/bin/$DAEMON" \
+		-- --pidfile "$PIDFILE" $DOCKERD_ARGS
+	# We have to use --background because dockerd doesn't
+	# daemonize on its own. Unfortunately that means
+	# start-stop-daemon cannot check the return status, so at
+	# least check the process is actually running.
+	timeout="$(($(date +%s) + STARTUP_TIMEOUT))"
+	while [ "$(date +%s)" -lt "$timeout" ]; do
+		if dockerd_running; then
+			echo "OK"
+			return 0
+		fi
+		sleep 0.1
+	done
+	echo "FAIL"
+	return 1
+}
+
+stop() {
+	printf 'Stopping %s: ' "$DAEMON"
+	start-stop-daemon --stop --pidfile "$PIDFILE" --exec "/usr/bin/$DAEMON"
+	status=$?
+	if [ "$status" -eq 0 ]; then
+		echo "OK"
+	else
+		echo "FAIL"
+		return "$status"
+	fi
+	while dockerd_running; do
+		sleep 0.1
+	done
+	rm -f "$PIDFILE"
+	return "$status"
+}
+
+restart() {
+	stop
+	start
 }

-do_stop() {
-        echo -n "Stopping $NAME: "
-        start-stop-daemon --stop --quiet --pidfile $PIDFILE \
-                && echo "OK" || echo "FAIL"
+reload() {
+	printf "Reloading %s config: " "$DAEMON"
+	start-stop-daemon --stop --signal HUP -q --pidfile "$PIDFILE" \
+		--exec "/usr/bin/$DAEMON"
+	status=$?
+	if [ "$status" -eq 0 ]; then
+		echo "OK"
+	else
+		echo "FAIL"
+	fi
+	return "$status"
 }

 case "$1" in
-        start)
-                do_start
-                ;;
-        stop)
-                do_stop
-                ;;
-        restart)
-                do_stop
-                sleep 1
-                do_start
-                ;;
+	start|stop|restart|reload)
+		"$1";;
 	*)
-                echo "Usage: $0 {start|stop|restart}"
-                exit 1
+		echo "Usage: $0 {start|stop|restart|reload}"
+		exit 1
 esac

[1/2] package/docker-engine: rewrite dockerd init script

Commit Message

Comments

Patch