ci: revert #4020#4446
Merged
cyphar merged 1 commit intoopencontainers:mainfrom Oct 21, 2024
Merged
Conversation
kolyshkin
reviewed
Oct 15, 2024
Contributor
kolyshkin
left a comment
kolyshkin
left a comment
There was a problem hiding this comment.
Can you please refer to commits (rather than PRs) in commit messages? It is way easier to follow this way.
lifubang
force-pushed
the
revert-4020
branch
4 times, most recently
from
fca2de8 to
d756525
Compare
Member
Author
Contributor
|
Need to fix EL9 CI first (see #4455). |
Member
Author
When I re-run the failure CI, it is suddenly green now! |
lifubang
force-pushed
the
revert-4020
branch
2 times, most recently
from
8132024 to
1560b9a
Compare
kolyshkin
force-pushed
the
revert-4020
branch
from
1560b9a to
4706091
Compare
Contributor
@lifubang please ^^^ |
kolyshkin
previously requested changes
Oct 21, 2024
Contributor
kolyshkin
left a comment
kolyshkin
left a comment
There was a problem hiding this comment.
Needs commit IDs not PRs in commit message
This reverts commit 65a1074. We needed [1] because when we removed the bindfd logic in [2] we had not yet moved the binary cloning logic to Go and thus it was necessary to increase the memory limit in CI because the clone was happening after joining the cgroup. However, [3] finally moved that code to Go and thus the cloning is now done outside of the container's cgroup and thus is no longer accounted as part of the container's memory usage at any point. Now we can properly support running a simple container with lower memory usage as we did before. [1]: commit 65a1074 ("increase memory.max in cgroups.bats") [2]: commit b999376 ("nsenter: cloned_binary: remove bindfd logic entirely") [3]: commit 0e9a335 ("nsexec: migrate memfd /proc/self/exe logic to Go code") Signed-off-by: lfbzhm <lifubang@acmcoder.com> [cyphar: fixed commit messages] Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
cyphar
approved these changes
Oct 21, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
we need (#4020) because of (#3931), at that time, we removed the bindfd logic, and the
memfd logic will use more memory than before, but we have not yet moved binary clone from
runc init to runc parent process, so we need to increase memory limit in CI.
As we have moved the runc binary clone logic from runc init to runc parent process in
(#3987), so the memory usage of binary clone will not be included in container's memory
cgroup accounting. Now we can support run a simple container with lower memory usage the
same as before.
Signed-off-by: lifubang lifubang@acmcoder.com