From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7115329314959130624 X-Received: by 2002:a05:6000:1a89:b0:21b:83aa:ebd5 with SMTP id f9-20020a0560001a8900b0021b83aaebd5mr13178010wry.476.1656675486760; Fri, 01 Jul 2022 04:38:06 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6000:178b:b0:21d:350e:23a6 with SMTP id e11-20020a056000178b00b0021d350e23a6ls8491884wrg.2.gmail; Fri, 01 Jul 2022 04:38:05 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vRRKQJxueMfsLmUSQijdoIc/QWThIK3YmoLz/En9NHI8Gb07MTzw4DUSlVgmdeFjV88Cq6 X-Received: by 2002:a05:6000:15c3:b0:21b:abc6:744a with SMTP id y3-20020a05600015c300b0021babc6744amr12893479wry.478.1656675485830; Fri, 01 Jul 2022 04:38:05 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1656675485; cv=pass; d=google.com; s=arc-20160816; b=A44bXewAxHM632Q2XgTMFeoi6HNBM5D/Y8CQXmGkHp5iAq/K0bA5ksAjX1VJrupjsm LHx06GVhrKdIkgCObr5+UTA9uUteW76BA76tcUUqtE9e69TnnEN+OMbrXvFmHHYf9Mvt Q3Dcd9ESs8SlqCDWSCoN95yvzdrAye7q/Kwzw9xGcrsXaY6GrxqsVCq9wiXcjHrD/SBP 8K+7SjOtZbKQDp5EGa9Q3XduJhYHUYsN0srqDHlfOKa2hS1eOcjo1efshO/4Ffp+t9i6 KSfcxjiCer+IOUekUqW+fl5b1AP+8FcoZ31jiOGfGWMyG49UqYJW6KHczL0C6nf0Rsgu s8Sg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:subject:cc:to:from:date:dkim-signature; bh=pUEPPrsDnuU7lUxLnPx8d1ffni0kD25Y97fsPrhT6OE=; b=IWdMOjeDnDpAtKD5Pa3lez56HcB+/Nejz8s+1whOscmO4qu8Jc4hSRpAT6qa9/zmEu 4JKpyL36SRa9Pz3uMwKRYA1a6AYJH5GJd1AAPsCKPKajkFI7SbYHBXkVqvb83UqNbV6+ NTB8Y+sEbwJIGcYoYXpIg6wWhvaOqpHYjr+2FSlRej78MpwsR5emY4S+232dQBOEKly7 6iR5rFZXFCaJBDosDnS0s4SgYQ231OIhcxP2rAP2NSn/dpGjnj3QLj/qVWaXlAY80pdZ fGKUk1vjl4fYsXjy0Bkdotdvu9p2caAyZz47PeSi2HtoBZkRGN4hHC9LSHc18L/ftODo u4Ng== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=eHRbHPsQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.14.80 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140080.outbound.protection.outlook.com. [40.107.14.80]) by gmr-mx.google.com with ESMTPS id r68-20020a1c2b47000000b003a19123bf95si18005wmr.2.2022.07.01.04.38.05 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Jul 2022 04:38:05 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 40.107.14.80 as permitted sender) client-ip=40.107.14.80; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=eHRbHPsQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.14.80 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ntrkTCcEP3AZ8f/n1OkbVIQoOjwJ7CpOrPRlKybJ9nUaR6Mk+w68OXWLYNjR+vOEfobqU7fkNw8uqqQfuEVTo44Wzrcegpa4KY+sToB4Wuym22wbYZsCmeaoq6QZvk98bU/X9Rlk59bB2xvOfqvlsH6dehlCU+Akf5JNhpKsmPRCP83xQ12HEtjpjOV4FC/uDi0Ua/5anOhIjnFrkzmx1BNpwmOoZC34XNUs+HQNq1NHgcAVSaWD0OqUhUBTCqIpmsOxD94JFk953y8wsMutgEab5z86A3q2NIO/ic91AW0l6UMAM8P+LOuisJL97k8eJnwrBzMnvh/7jciXCbE54Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pUEPPrsDnuU7lUxLnPx8d1ffni0kD25Y97fsPrhT6OE=; b=ZpDa57ZJ8J/w6CPBUSkzfdZFL6AQ80YpdRGRmT6HN2EcYeXDdiqd6FQx7jyDMH0RGEp1WhremePo0/uLIrTL9kTaI+cBXEFU4my0K3KY/ghifSHJBHp4nn6nVPCVoslNsjpBSRRmdbmD+BYDrNeK/KQjnckk5iGZCiXkEkwBd1i8N2k9RHftTFrdcS9hEp+uaF9vFO0vAC1lZyVJstXhc3PCW4/u8hEgNWSKU+OqZ72qR7U6jNgpJPElncPZMqG/rrN3SsN1vI13oOu+Ipf7uTB8qkykcFYJJT5L8WjO3D1LUIQ5NJGtj77Rrr4kPK/Kdw1Ho4IyTPGA6XJcgxYJ2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pUEPPrsDnuU7lUxLnPx8d1ffni0kD25Y97fsPrhT6OE=; b=eHRbHPsQ3TRqcsTNW35BmOhlBnrmyL/VTv+nBEfbdKr/MAcpddVse+OBmtAKW1uUE24OyVxYYK76jJ8QSPSaZ3V+J/o9bjiLS0aw1FzDOR2O2+UgD0zaW2+XPL6jcgyaAil6HVm9dMj/BPoWDIQyKFvWDymcmnVZSu3cYloVgWScn+OPsMwGxjeTpbmzffo0NYAQDPV911H92YaJ/4dBzfoJ7shoUQ1RDCPfirzkahKhOKW/36iP7GYn3Hht0hRTSY5EnQ8HJCELSdgXc1aQltYKumJVOXUU9Q6XIBybwiITzhXTDLPQZbPWZQYXvJool+EiBrPjkEqVQzJUmAV2Sg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) by DB4PR10MB6240.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:380::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5395.15; Fri, 1 Jul 2022 11:38:04 +0000 Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::b925:3d3d:8f5f:c4d9]) by PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::b925:3d3d:8f5f:c4d9%9]) with mapi id 15.20.5395.015; Fri, 1 Jul 2022 11:38:04 +0000 Date: Fri, 1 Jul 2022 13:38:01 +0200 From: Henning Schild To: "Moessbauer, Felix" Cc: "jan.kiszka@siemens.com" , "Bezdeka, Florian" , "ubely@ilbers.de" , "isar-users@googlegroups.com" , "Schmidt, Adriaan" Subject: Re: ISAR schroot mountpoints when running in container Message-ID: <20220701133801.46a76c25@md1za8fc.ad001.siemens.net> In-Reply-To: References: <2595591.lGaqSPkdTl@home> <34a96a67d430b37f36892cf2c5cc9b5922655562.camel@siemens.com> <88c61c25-40d7-3b02-3b9d-40cf459c7edb@siemens.com> X-Mailer: Claws Mail 4.1.0 (GTK 3.24.34; x86_64-pc-linux-gnu) Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-ClientProxiedBy: AM6P193CA0142.EURP193.PROD.OUTLOOK.COM (2603:10a6:209:85::47) To PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) Return-Path: henning.schild@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: af0d1451-02e7-4a9d-170f-08da5b562906 X-MS-TrafficTypeDiagnostic: DB4PR10MB6240:EE_ X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KD7vIOqxx70FylcMpfuxEUHL/J+tflgjRZ53s6bszpE4gQvsuhvlJ6cq21jd0RkQkTY4icaFpgdQ6Vf8gRpn9HBkONDpNAJ/hBRx+Cro78BvXreXmn/LrqO6pAC3xy4qxxOD3pMHYoPTMbUWBgRf7M0psWsap4lCK+baizos6fqdFk3Z9DxvI7cH6YTT890cmgt3UJEt9ufuH9bgvzW3RjvyuGGBNFNA9W8p8rqi+c26M4J8wXeieqzH1tEMsA7cCX1kZpWDcU77a2hMluHcZpgT/Sy3IHTo4lMGTiPa7hZ9EhY+n9MhFIFWuTZOPey0XHr7FM6fvkEcBwF5L1ulyISR6wVAYnvvuoOuiwmsTZZ8ETdFyQ9oeIODpO/9MKpqXSKfWhG3y0jRYqmH7VwXnACmi+yTP791/g7HC4JTvKZoggbEG3miRLSLROM91c0TWhvUhDuVehfT53Z6FfoTbOcMovFSwDeLt3OClzSP4WLYQlSciTJLuIa2asTWim6c36yHzJCPxbhcpPZh0glYPFOYHrKL9cd/FhlZse+CD8lVFbolE0qW70w+8AfvZgqohxaZ7CDrL2zvGN7I68iDdtD+SWJQ+8yRZ/EyUDBFPr0m3ZactvqZ736FcqGJBGuFtpr4gA9BUjAUocA354CWERuSyKmdl4GCaoiht2Ly1FC592MmIGoys1O7G/IpD4sBNodcPKi75VhvZRy81XyTiemzXpmPoL32mp17VP2oDxggxmmMGKODj0YJ3nh3boeuY5UUqkQH53mjhHBsRaG19w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230016)(4636009)(136003)(39860400002)(366004)(396003)(346002)(376002)(9686003)(186003)(2906002)(6512007)(478600001)(6506007)(8936002)(44832011)(5660300002)(83380400001)(6862004)(53546011)(6486002)(41300700001)(26005)(1076003)(6666004)(86362001)(38100700002)(66476007)(6636002)(82960400001)(316002)(66946007)(4326008)(66556008)(54906003)(8676002)(107886003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?n9fTkGVkTqtKR0ZA9kfi1xoG/gNddjH6cymqDSHWSL/M5jgdde/OEVLMYWJ6?= =?us-ascii?Q?655EMXnH9fscXM34lwKoDmctb2tGsWA5rfJxEx6xVD3ToF0pCGI2CARUwOfo?= =?us-ascii?Q?XT1uJcPUiPFMiUsYvKoTz0A3xqXybqXAXVgTWb8ra9lTv1jj7UEuN9mKZnSq?= =?us-ascii?Q?pNcJYOB3zwHelnO7+nLA8XGeYKPXPwBlQE26gp8F+mzElOL/xDpWSHaooXdC?= =?us-ascii?Q?fEQ2mQamNnuxtOahBe6NSIecMT3AZdJ9HHoVHeJLyZAMMFlUVSbEsGJAxOmj?= =?us-ascii?Q?iJUMXlFdoH3wC4fsck+Fwr8UZcZqhBQRiEqPC2GTG12R7/oYacNVI2rdBPGq?= =?us-ascii?Q?48vyK3FLWIHAlNAoLp4hjwlLRaP2g84GigQx50+MEJa2olZLUDLyRJB1jXdp?= =?us-ascii?Q?mlHrvsykRBJjnQdKFcS6pJrw0k9roJQgxAS8/ogrlJoPNVR4ueUKAFDsEGq6?= =?us-ascii?Q?MpGE1p61BkME9EpLFkKxLZcsQ+f2/w/25HXrTAj3vfDs2W0ZTb8Gjr9Hk35q?= =?us-ascii?Q?NuUML77o6iZRPVamxByXz9j9Tl9Jq1bCu2zr7eZp5kXnyKMxJigIM9i7Mdt6?= =?us-ascii?Q?HVeIyj0291aCBZg9DbpAnSPhH6ifPVGyS1ZmaoRi/AxLSDF5TGD0u61DJyFc?= =?us-ascii?Q?p/DX/f0AL7taDGlshYKxUlzvUoQ06KwIpkYXDLtSUYbEUNGGdnBLlIcd+HIC?= =?us-ascii?Q?hyIoUutqdO43hLeAq+fC15sRH8yVwryedZ3AgHTGB/QAj3mH1VRamNT+80wq?= =?us-ascii?Q?XJHAYItD+ks2uwnGejew9XwiWtKq4QnD17gywqJFPT1BtiOWG3fF5sFVaI8M?= =?us-ascii?Q?QJyJLA3pSjJSrYXxa+Rx8lW7L6ejCywZcG4Ia+vFe5pAO0+xx3Gl57TXMDzr?= =?us-ascii?Q?mZYSiuU2yr/9zpYOjWRiW2OPZ/3efAmjT11EHrwFAfQ5GZ+wg3M/s6qlJKYS?= =?us-ascii?Q?TCtSmCIjrxS9fOUUN1iNw1GD394n5AfibrJDAdrf9iQNzeopISX02bOTfZA/?= =?us-ascii?Q?zjv3J7DBdccYLycIJBvdVeV3UaPG0yshZGCndh1biGcSOkwOzjx1bYzR1sYx?= =?us-ascii?Q?DsNBSAKBUz/u13XGammzEEwyvOlJ/FTmdESMkxvSxff/wm++OYbuQv75MRkp?= =?us-ascii?Q?YO/rPspP9uVnxwHEpe5Ki2ALOKmy2URfUn8ThnEWNh3cDaQrJ0dNouSWgX/L?= =?us-ascii?Q?OQBY2ImqxWrhB7PE0HR6farbEKxr/ZjrYbQ0+EQMhucSFPbKZfp2BHChb8xu?= =?us-ascii?Q?uJPktdD8zUf+AP3AZEVOwgIjEXjZ62XhBSXiOG01CoqF8fzol0RQimcvf2AD?= =?us-ascii?Q?TQVJ7HXyjfeDsv4qDNDzxBPLb9U7xMa7PZitM4HbbsMThN6nn2xYtFTMdSK1?= =?us-ascii?Q?OVKN6jiFY7eTv5QahU0C7ANliZGgWx6/aD/8sIu6emE8e7uXkqGpxtrrnxKD?= =?us-ascii?Q?AfJiFGGKh2DcTslgamkT38I+AxDpTqoZuz45HzvgIJ6utppcYIPlo+Fm2Msj?= =?us-ascii?Q?F+skxAij8pLNF1CUqDslvvSbfnUyr7GPva/4Cx7REkKKUhdZMXthmW/sehRb?= =?us-ascii?Q?RCzKy8YtK6AQOEXI/bWJ84uY/itYNmCJGdL5ROkvxwZZrlCHP/+NYsBiwUq0?= =?us-ascii?Q?sg=3D=3D?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: af0d1451-02e7-4a9d-170f-08da5b562906 X-MS-Exchange-CrossTenant-AuthSource: PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jul 2022 11:38:04.1020 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Vo+KNPE7MYKqPTr88Uzjr0JPnwroy+Cu2+q/es+7EKa3hYFGQS6nRbayGUf7piQYr08KeTiDw6OUu8B4sCZeUEfqdRWZXloEFFc8NaHIZDM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR10MB6240 X-TUID: oMTsjJ19rq93 Am Fri, 1 Jul 2022 11:30:39 +0000 schrieb "Moessbauer, Felix" : > > -----Original Message----- > > From: Kiszka, Jan (T CED) > > Sent: Friday, July 1, 2022 12:44 PM > > To: Bezdeka, Florian (T CED SES-DE) ; > > ubely@ilbers.de; isar-users@googlegroups.com; Moessbauer, Felix (T > > CED SES- DE) > > Subject: Re: ISAR schroot mountpoints when running in container > > > > On 01.07.22 12:30, Bezdeka, Florian wrote: > > > On Fri, 2022-07-01 at 13:23 +0300, Uladzimir Bely wrote: > > >> In the email from Friday, 1 July 2022 12:11:42 +03 user > > >> Moessbauer, Felix > > >> wrote: > > >>> Hi, > > >>> > > >>> as we now have sbuild in ISAR next, first users stumble upon > > >>> issues when running the kas docker image in the gitlab-ci. This > > >>> requires additional mountpoints, as the schroot itself uses > > >>> overlayfs and stacking two overlayfs is not possible. By that, > > >>> you have to mount the overlay from the host. > > >>> > > >>> The kas-container script already has support for that, but it > > >>> lacks documentation on how to configure this manually. In > > >>> short: The following mountpoint has to be added (as RW): > > >>> /var/lib/schroot/union/overlay > > >>> > > >>> As this is neither an ISAR issue, nor a KAS issue per-se, I send > > >>> this to both lists. > > >>> > > >> > > >> Hello. > > >> > > >> Yes, this overlayfs-over-overlayfs issue can be solved by > > >> something like > > >> > > >> `volumes = ["/path/to/overlay:/var/lib/schroot/union/overlay"]` > > >> > > >> placed to `/etc/gitlab-runner/config.toml`, as mentioned in > > >> 'sbuild' series cover-letter > > > > > > Oh no. That's going to kill a lot of gitlab-ci setups. Even kas- > > > container based environments (often used as local development > > > environment) will need adjustments. Uncool. > > > > > > Anyway, I will try to look into the kas-container script. Let's > > > hope there is a simple solution for adding one more mount. > > > > > > > When designing that, we should also have an eye on the optimization > > of mapping build/tmp/ onto a tmpfs mount inside the container. > > Wait a minute: We are mixing things up here. > > 1. kas-container (script) already provides this mountpoint when > enabling isar mode. By that, local deployments are not affected 2. > When running the kas container image directly (via docker, podman or > gitlab-ci), the mount point is missing. There is not much we can do > about, except to document it for the user. 3. Schroot ID collisions: > When running two kas containers in parallel, that also use the same > mountpoints on the host, we likely get name collisions (as PIDs are > no longer unique). This scenario is common for gitlab-ci. 4. Using > tmpfs: With Schroot, we could easily put just the schroot onto a > tmpfs. This has the further advantage, that the upper-dir of the > overlayfs can be a tmpfs which itself can be mounted inside the > container. By that, no bind-mount from the host is required. But this > might only work for machines with a lot of memory. What if the runner had btrfs? I guess that would be a good suggestion which would lead to no overlay at the base, not needing a volume mount in the config. Henning > Required changes: > > In ISAR, we have to make the name of the Schroot folder more unique. > But as BB requires recipes to be deterministic (per-build), we have > to inject the ID from the outside. This could happen either via > local.conf or via an env-var. This env-var has to be provided by KAS, > with an fallback in ISAR to use the PID of the bitbake process if not > provided. > > A probably better strategy would be to get a per-bitbake invocation > constant UUID directly from Bitbake. Don't know if that already > exists in BB. Putting Adriaan in CC. > > Felix > > > > > Jan > > > > -- > > Siemens AG, Technology > > Competence Center Embedded Linux >