[Bug 1046469] docker privileged mode with cmd /sbin/ init - agetty & high cpu

2016-06-08 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Fedora Admin XMLRPC Client  changed:

   What|Removed |Added

   Assignee|l...@redhat.com |dwa...@redhat.com



--- Comment #15 from Fedora Admin XMLRPC Client 
 ---
This package has changed ownership in the Fedora Package Database.  Reassigning
to the new owner of this component.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/golang@lists.fedoraproject.org

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2016-03-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Mike McCune  changed:

   What|Removed |Added

 Status|MODIFIED|POST



--- Comment #14 from Mike McCune  ---
This bug was accidentally moved from POST to MODIFIED via an error in
automation, please see mmcc...@redhat.com with any questions

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/golang@lists.fedoraproject.org

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2016-03-28 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Sat6QE Jenkins  changed:

   What|Removed |Added

 Status|POST|MODIFIED



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/golang@lists.fedoraproject.org

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-10-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469



--- Comment #11 from Joe Mario  ---
Here's one workaround for this.  Sharing what I've learned.

Adding the following to the docker file 

   rm -f /lib/systemd/system/systemd*udev* ; \
   rm -f /lib/systemd/system/getty.target;

causes both the runnaway agetty and the spike in systemd-udevd processes to go
away.  I understand there is no need for udev or getty in containers.


I did also try:
   RUN systemctl disable getty.target
   RUN systemctl disable systemd-udevd.service

and although the Dockerfile built fine, all the getty and udev services were
still running as they were previously.  So those two "systemctl disable" appear
to be no-ops.  Perhaps they get run before /sbin/init (systemd) is invoked.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Jeremy Eder  changed:

   What|Removed |Added

  Comment #7 is|1   |0
private||
  Comment #6 is|1   |0
private||



--- Comment #8 from Jeremy Eder  ---
No

...
read(0, "", 1)  = 0
read(0, "", 1)  = 0
read(0, "", 1)  = 0
read(0, "", 1)  = 0
...

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Daniel Walsh  changed:

   What|Removed |Added

 CC||adima...@gmail.com,
   ||admil...@redhat.com,
   ||ichav...@redhat.com,
   ||jca...@redhat.com,
   ||jchal...@redhat.com,
   ||mimi...@redhat.com
  Component|docker-io   |docker
Version|20  |22



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Daniel Walsh  changed:

   What|Removed |Added

 CC||systemd-ma...@redhat.com



--- Comment #4 from Daniel Walsh  ---
Not sure this can be fixed.  systemd would have to figure out it is running in
a container and then do something different.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469



--- Comment #5 from Daniel Walsh  ---
Potentially being caused by multiple udevs running?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469



--- Comment #9 from Joe Mario  ---
Here's a little more info, but likely doesn't help.  (It didn't help me).
But I share it anyways.

The agetty process continuously loops through calls from main (agetty.c:372) to
get_logname().

(gdb) bac
#0  get_logname (cp=, tp=0x7fff062f3520, op=0x7fff062f3870)
at term-utils/agetty.c:1553
#1  main (argc=, argv=) at
term-utils/agetty.c:372

The line read at line 1533 is:
Breakpoint 1, get_logname (cp=, tp=0x7fff062f3520,
op=0x7fff062f3870) at term-utils/agetty.c:1533
1533if (read(STDIN_FILENO, , 1) < 1) {

After it completes, errno is not set, and the value stored into the variable
"c" is:
(gdb) p c
$15 = 3 '\003'

After a bunch of checks, it gets down to the switch stmt at line 1574:
1573/* Do erase, kill and end-of-line processing. */
1574switch (key) {

Unfortunately the value of "key" is optimized away.

It falls through to the "default:" case at line 1604, and then executes line
1605:
1602case CTL('D'):
1603exit(EXIT_SUCCESS);
1604default:
1605if (!isascii(ascval) || !isprint(ascval))
1606break;

On the call to isprint(), we get to the read() of 1 byte from __fd=0:
(gdb) bac
#0  0x00401fd0 in read@plt ()
#1  0x00403752 in read (__nbytes=1, __buf=0x7fff062f3510, __fd=0) at
/usr/include/bits/unistd.h:44
#2  get_logname (cp=, tp=0x7fff062f3520, op=0x7fff062f3870)
at term-utils/agetty.c:1533
#3  main (argc=, argv=) at
term-utils/agetty.c:372

Unfortunately, even though I'm stepping by instruction, in the optimized
binary, I can't stop between the isprint() and the upper level read() at line
1533 (where we started above).

Joe

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-30 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469



--- Comment #10 from Joe Mario  ---
One more note, wrt to the earlier comment about multiple udevs running:

During the moment that the two privileged containers are started, the number of
systemd-udevd processes jumps from 2 to 146.  After about 5 seconds that number
drops to 4.

If the same two container invocations are done again, but this time without
--privileged, then only 15 systemd-udevd processes are created (again for about
4-5 seconds).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty & high cpu

2015-09-29 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

Joe Mario  changed:

   What|Removed |Added

 Status|CLOSED  |POST
 CC||jma...@redhat.com
 Resolution|CURRENTRELEASE  |---
   Keywords||Reopened



--- Comment #3 from Joe Mario  ---
> Closing as fixed in current release.  Reopen if it still happens.

Re-opening.  It's still happening with a RHEL7.2 host, a RHEL7.2 container and
a docker-1.8.2-2.el7.  The Dockerfile contains systemd, if that matters.

Steps to reproduce:
1) Create two containers using:
   docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged test
/sbin/init
   docker run -d -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged test
/sbin/init

2) Start two containers:
   docker exec -it  bash
   docker exec -it  bash

3) Run top on the bare metal host.  You should see an agetty process burning up
one cpu:

  PID   USER  PR  NIVIRT  RES  SHR  S  %CPU %MEM  TIME+COMMAND
73529   root  20   0  110004  680  660  R  99.7  0.0  10:53.98  agetty 

Note, this problem does not occur if, when creating the containers, I replace
the "--privileged" flag with "--security-opt label:disable --cap-add SYS_ADMIN"

Joe

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang

[Bug 1046469] docker privileged mode with cmd /sbin/init - agetty high cpu

2015-02-18 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1046469

te...@doramail.com changed:

   What|Removed |Added

 CC||te...@doramail.com



--- Comment #2 from te...@doramail.com ---
Still see it in RHEL7.

To reproduce, you need to start two Fedora based container in privileged mode.
If you start only one in privileged mode, there will be no problem.

Dockerfile

FROM centos:centos7
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
CMD [/usr/sbin/init]


Script

docker build -t test .
docker run -d --privileged test
docker run -d --privileged test

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
golang mailing list
golang@lists.fedoraproject.org
https://lists.fedoraproject.org/mailman/listinfo/golang