From e8eaeba20c2012283dd59ad0799cfcf117312548 Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Mon, 12 Nov 2018 23:39:54 -0800 Subject: [PATCH] Attempt to fix docker-lib.sh script See gh-15158 --- ci/images/docker-lib.sh | 65 ++++++++++++++++++++++++++++------------- ci/images/setup.sh | 2 +- 2 files changed, 45 insertions(+), 22 deletions(-) diff --git a/ci/images/docker-lib.sh b/ci/images/docker-lib.sh index f4c6838dcff..0148b18f592 100644 --- a/ci/images/docker-lib.sh +++ b/ci/images/docker-lib.sh @@ -1,5 +1,9 @@ # Based on: https://github.com/concourse/docker-image-resource/blob/master/assets/common.sh +LOG_FILE=${LOG_FILE:-/tmp/docker.log} +SKIP_PRIVILEGED=${SKIP_PRIVILEGED:-false} +STARTUP_TIMEOUT=${STARTUP_TIMEOUT:-120} + sanitize_cgroups() { mkdir -p /sys/fs/cgroup mountpoint -q /sys/fs/cgroup || \ @@ -13,7 +17,7 @@ sanitize_cgroups() { continue fi - grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")" + grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")" || true if [ -z "$grouping" ]; then # subsystem not mounted anywhere; mount it on its own grouping="$sys" @@ -38,44 +42,63 @@ sanitize_cgroups() { ln -s "$mountpoint" "/sys/fs/cgroup/$sys" fi done + + if ! test -e /sys/fs/cgroup/systemd ; then + mkdir /sys/fs/cgroup/systemd + mount -t cgroup -o none,name=systemd none /sys/fs/cgroup/systemd + fi } start_docker() { mkdir -p /var/log mkdir -p /var/run - sanitize_cgroups + if [ "$SKIP_PRIVILEGED" = "false" ]; then + sanitize_cgroups - # check for /proc/sys being mounted readonly, as systemd does - if grep '/proc/sys\s\+\w\+\s\+ro,' /proc/mounts >/dev/null; then - mount -o remount,rw /proc/sys + # check for /proc/sys being mounted readonly, as systemd does + if grep '/proc/sys\s\+\w\+\s\+ro,' /proc/mounts >/dev/null; then + mount -o remount,rw /proc/sys + fi fi - local server_args="" + local mtu=$(cat /sys/class/net/$(ip route get 8.8.8.8|awk '{ print $5 }')/mtu) + local server_args="--mtu ${mtu}" + local registry="" - for registry in $1; do + server_args="${server_args}" + + for registry in $3; do server_args="${server_args} --insecure-registry ${registry}" done - if [ -n "$2" ]; then - server_args="${server_args} --registry-mirror=$2" + if [ -n "$4" ]; then + server_args="${server_args} --registry-mirror $4" fi - if [ -n "$3" ]; then - server_args="${server_args} -g=$3" - fi + try_start() { + dockerd --data-root /scratch/docker ${server_args} >$LOG_FILE 2>&1 & + echo $! > /tmp/docker.pid - dockerd --data-root /scratch/docker ${server_args} >/tmp/docker.log 2>&1 & - echo $! > /tmp/docker.pid + sleep 1 + echo waiting for docker to come up... + until docker info >/dev/null 2>&1; do + sleep 1 + if ! kill -0 "$(cat /tmp/docker.pid)" 2>/dev/null; then + return 1 + fi + done + } + + export server_args LOG_FILE + declare -fx try_start trap stop_docker EXIT - sleep 1 - - until docker info >/dev/null 2>&1; do - echo waiting for docker to come up... - sleep 1 - done + if ! timeout ${STARTUP_TIMEOUT} bash -ce 'while true; do try_start && break; done'; then + echo Docker failed to start within ${STARTUP_TIMEOUT} seconds. + return 1 + fi } stop_docker() { @@ -85,5 +108,5 @@ stop_docker() { fi kill -TERM $pid - wait $pid } + diff --git a/ci/images/setup.sh b/ci/images/setup.sh index a32d391c057..92ed12c51d0 100755 --- a/ci/images/setup.sh +++ b/ci/images/setup.sh @@ -6,7 +6,7 @@ set -ex ########################################################### apt-get update -apt-get install --no-install-recommends -y ca-certificates net-tools libxml2-utils git curl libudev1 libxml2-utils iptables jq +apt-get install --no-install-recommends -y ca-certificates net-tools libxml2-utils git curl libudev1 libxml2-utils iptables iproute2 jq rm -rf /var/lib/apt/lists/* curl https://raw.githubusercontent.com/spring-io/concourse-java-scripts/v0.0.2/concourse-java.sh > /opt/concourse-java.sh