bipinprasad commented on a change in pull request #3366: URL: https://github.com/apache/storm/pull/3366#discussion_r548547123
########## File path: storm-server/src/main/java/org/apache/storm/container/oci/RuncLibContainerManager.java ########## @@ -0,0 +1,631 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.storm.container.oci; + +import static org.apache.storm.utils.ConfigUtils.FILE_SEPARATOR; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileReader; +import java.io.FileWriter; +import java.io.IOException; +import java.io.Reader; +import java.io.Writer; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; + +import org.apache.commons.lang.StringUtils; +import org.apache.storm.DaemonConfig; +import org.apache.storm.StormTimer; +import org.apache.storm.container.cgroup.CgroupUtils; +import org.apache.storm.container.cgroup.core.MemoryCore; +import org.apache.storm.container.oci.OciContainerExecutorConfig.OciLayer; +import org.apache.storm.container.oci.OciContainerExecutorConfig.OciRuntimeConfig; +import org.apache.storm.container.oci.OciContainerExecutorConfig.OciRuntimeConfig.OciLinuxConfig; +import org.apache.storm.container.oci.OciContainerExecutorConfig.OciRuntimeConfig.OciMount; +import org.apache.storm.container.oci.OciContainerExecutorConfig.OciRuntimeConfig.OciProcessConfig; +import org.apache.storm.daemon.supervisor.ClientSupervisorUtils; +import org.apache.storm.daemon.supervisor.ExitCodeCallback; +import org.apache.storm.utils.ConfigUtils; +import org.apache.storm.utils.ObjectReader; +import org.apache.storm.utils.ReflectionUtils; +import org.apache.storm.utils.ServerUtils; +import org.apache.storm.utils.Utils; + +import org.json.simple.JSONObject; +import org.json.simple.parser.JSONParser; +import org.json.simple.parser.ParseException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.yaml.snakeyaml.DumperOptions; +import org.yaml.snakeyaml.Yaml; + +public class RuncLibContainerManager extends OciContainerManager { + private static final Logger LOG = LoggerFactory.getLogger(RuncLibContainerManager.class); + + private OciImageTagToManifestPluginInterface imageTagToManifestPlugin; + private OciManifestToResourcesPluginInterface manifestToResourcesPlugin; + private OciResourcesLocalizerInterface ociResourcesLocalizer; + private ObjectMapper mapper; + private int layersToKeep; + private String seccomp; + + private static final String RESOLV_CONF = "/etc/resolv.conf"; + private static final String HOSTNAME = "/etc/hostname"; + private static final String HOSTS = "/etc/hosts"; + private static final String OCI_CONFIG_JSON = "oci-config.json"; + + private static final String SQUASHFS_MEDIA_TYPE = "application/vnd.squashfs"; + + //CPU CFS (Completely Fair Scheduler) period + private static final long CPU_CFS_PERIOD_US = 100000; + + private Map<String, Long> workerToContainerPid = new ConcurrentHashMap<>(); + private Map<String, ExitCodeCallback> workerToExitCallback = new ConcurrentHashMap<>(); + private Map<String, String> workerToUser = new ConcurrentHashMap<>(); + private StormTimer checkContainerAliveTimer; + + @Override + public void prepare(Map<String, Object> conf) throws IOException { + super.prepare(conf); + + imageTagToManifestPlugin = chooseImageTagToManifestPlugin(); + imageTagToManifestPlugin.init(conf); + + manifestToResourcesPlugin = chooseManifestToResourcesPlugin(); + manifestToResourcesPlugin.init(conf); + + ociResourcesLocalizer = chooseOciResourcesLocalizer(); + ociResourcesLocalizer.init(conf); + + layersToKeep = ObjectReader.getInt( + conf.get(DaemonConfig.STORM_OCI_LAYER_MOUNTS_TO_KEEP), + 100 + ); + + mapper = new ObjectMapper(); + + if (seccompJsonFile != null) { + seccomp = new String(Files.readAllBytes(Paths.get(seccompJsonFile))); + } + + if (checkContainerAliveTimer == null) { + checkContainerAliveTimer = + new StormTimer("CheckRuncContainerAlive", Utils.createDefaultUncaughtExceptionHandler()); + checkContainerAliveTimer + .scheduleRecurring(0, (Integer) conf.get(DaemonConfig.SUPERVISOR_MONITOR_FREQUENCY_SECS), () -> { + try { + checkContainersAlive(); + } catch (Exception e) { + //Ignore + LOG.debug("The CheckRuncContainerAlive thread has exception. Ignored", e); + } + }); + } + } + + private OciImageTagToManifestPluginInterface chooseImageTagToManifestPlugin() throws IllegalArgumentException { + String pluginName = ObjectReader.getString( + conf.get(DaemonConfig.STORM_OCI_IMAGE_TAG_TO_MANIFEST_PLUGIN) + ); + LOG.info("imageTag-to-manifest Plugin is: {}", pluginName); + return ReflectionUtils.newInstance(pluginName); + } + + private OciManifestToResourcesPluginInterface chooseManifestToResourcesPlugin() throws IllegalArgumentException { + String pluginName = ObjectReader.getString( + conf.get(DaemonConfig.STORM_OCI_MANIFEST_TO_RESOURCES_PLUGIN) + ); + LOG.info("manifest to resource Plugin is: {}", pluginName); + return ReflectionUtils.newInstance(pluginName); + } + + private OciResourcesLocalizerInterface chooseOciResourcesLocalizer() + throws IllegalArgumentException { + String pluginName = ObjectReader.getString( + conf.get(DaemonConfig.STORM_OCI_RESOURCES_LOCALIZER) + ); + LOG.info("oci resource localizer is: {}", pluginName); + return ReflectionUtils.newInstance(pluginName); + } + + //the container process ID in the process namespace of the host. + private String containerPidFile(String workerId) { + return ConfigUtils.workerArtifactsSymlink(conf, workerId) + FILE_SEPARATOR + "container-" + workerId + ".pid"; + } + + @Override + public void launchWorkerProcess(String user, String topologyId, Map<String, Object> topoConf, + int port, String workerId, + List<String> command, Map<String, String> env, String logPrefix, + ExitCodeCallback processExitCallback, File targetDir) throws IOException { + + String imageName = getImageName(topoConf); + if (imageName == null) { + LOG.error("Image name for {} is not configured properly; will not continue to launch the worker", topologyId); + return; + } + + //set container ID to port + worker ID + String containerId = getContainerId(workerId, port); + + //get manifest + ImageManifest manifest = imageTagToManifestPlugin.getManifestFromImageTag(imageName); + LOG.debug("workerId {}: Got manifest: {}", workerId, manifest.toString()); + + //get layers metadata + OciResource configResource = manifestToResourcesPlugin.getConfigResource(manifest); + LOG.info("workerId {}: Got config metadata: {}", workerId, configResource.toString()); + + saveRuncYaml(topologyId, port, containerId, imageName, configResource); + + List<OciResource> layersResource = manifestToResourcesPlugin.getLayerResources(manifest); + LOG.info("workerId {}: Got layers metadata: {}", workerId, layersResource.toString()); + + //localize resource + String configLocalPath = ociResourcesLocalizer.localize(configResource); + + List<String> ociEnv = new ArrayList<>(); + List<String> args = new ArrayList<>(); + + ArrayList<OciLayer> layers = new ArrayList<>(); + + File file = new File(configLocalPath); + //extract env + List<String> imageEnv = extractImageEnv(file); + if (imageEnv != null && !imageEnv.isEmpty()) { + ociEnv.addAll(imageEnv); + } + for (Map.Entry<String, String> entry : env.entrySet()) { + ociEnv.add(entry.getKey() + "=" + entry.getValue()); + } + LOG.debug("workerId {}: ociEnv: {}", workerId, ociEnv); + + //extract entrypoint + List<String> entrypoint = extractImageEntrypoint(file); + if (entrypoint != null && !entrypoint.isEmpty()) { + args.addAll(entrypoint); + } + LOG.debug("workerId {}: args: {}", workerId, args); + + //localize layers + List<String> layersLocalPath = ociResourcesLocalizer.localize((layersResource)); + //compose layers + for (String layerLocalPath : layersLocalPath) { + OciLayer layer = new OciLayer(SQUASHFS_MEDIA_TYPE, layerLocalPath); + layers.add(layer); + } + LOG.debug("workerId {}: layers: {}", workerId, layers); + ArrayList<OciMount> mounts = new ArrayList<>(); + setContainerMounts(mounts, topologyId, workerId, port); + LOG.debug("workerId {}: mounts: {}", workerId, mounts); + + //calculate the cpusQuotas based on CPU_CFS_PERIOD and assigned CPU + Long cpusQuotas = null; + if (workerToCpu.containsKey(workerId)) { + cpusQuotas = workerToCpu.get(workerId) * CPU_CFS_PERIOD_US / 100; + } + + Long memoryInBytes = null; + if (workerToMemoryMb.containsKey(workerId)) { + memoryInBytes = workerToMemoryMb.get(workerId) * 1024 * 1024L; Review comment: Could this multiplication on the right side cause an overflow - int * int * long when the first two integers are being multiplied. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
