Run containerd as a supervised process on Windows #6464
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
twz123
force-pushed
the
supervise-containerd
branch
from
e003009 to
248ed8e
Compare
Otherwise, the process might not terminate gracefully. Moreover, this is in fact something worth checking. Also fix some log statements around this. Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
Don't try to reattach to the parent console after sending the Ctrl+Break event. The only reason this was done was the assumption that it would be required for capturing stderr in k0s. Turns out that this is not true. Since k0s installs pipes as the child process's stdout/stderr, they remain valid even after detaching from the console. Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
Sending a direct Ctrl+Break event might fail if k0s itself is not attached to a console. This is usually the case when running as a service. Fall back to the termination helper in this case. Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
This simplifies the component code quite a bit, and removes the PowerShell dependency. This way, containerd on Windows is no different than on Linux, modulo the following: - There are no signals on Windows, so the SIGHUP trick that tells containerd to reload its configuration won't work. In this case, fall back to a full stop/start cycle. - There's a bug in containerd 1.x on Windows that prevents it from properly responding to Ctrl+C and Ctrl+Break events. Apply the 2.x one-liner patch to the 1.x codebase so the Supervisor can stop it. - On Windows, containerd requires the special SeAssignPrimaryTokenPrivilege, which allows processes to logon any user without knowing the password. This privilege is not granted to administrator accounts, it is only granted to the built-in SYSTEM and LOCAL SERVICE accounts. Since containerd will inherit k0s's privileges, it can only function properly if k0s itself has this privilege. Therefore, k0s must be run as a service. Consequently, running a k0s worker in a terminal with a standard administrator account will result in containerd throwing permission errors when running containers. This is an acceptable trade-off IMO, as any real setup will involve using Windows services anyway. For quick manual testing, dealing with the container errors is acceptable. Signed-off-by: Tom Wieczorek <twieczorek@mirantis.com>
twz123
force-pushed
the
supervise-containerd
branch
from
248ed8e to
8cef60d
Compare
twz123
force-pushed
the
supervise-containerd
branch
from
8cef60d to
2f9e4a3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This simplifies the component code quite a bit, and removes the PowerShell dependency. This way, containerd on Windows is no different than on Linux, modulo the following:
There are no signals on Windows, so the
SIGHUPtrick that tells containerd to reload its configuration won't work. In this case, fall back to a full stop/start cycle.There's a bug in containerd 1.x on Windows that prevents it from properly responding to Ctrl+C and Ctrl+Break events. Apply the 2.x one-liner patch to the 1.x codebase so the Supervisor can stop it.
On Windows, containerd requires the special
SeAssignPrimaryTokenPrivilege, which allows processes to logon any user without knowing the password. This privilege is not granted to administrator accounts, it is only granted to the built-in SYSTEM and LOCAL SERVICE accounts. Since containerd will inherit k0s's privileges, it can only function properly if k0s itself has this privilege. Therefore, k0s must be run as a service. Consequently, running a k0s worker in a terminal with a standard administrator account will result in containerd throwing permission errors when running containers. This is an acceptable trade-off IMO, as any real setup will involve using Windows services anyway. For quick manual testing, dealing with the container errors is acceptable.Type of change
How Has This Been Tested?
Checklist