Inhibit issues with concurrent execs

[hickeng]

This PR contains two sets of changes:

1. long term code using updated extraconfig recursion tags
2. short term code addressing a serialization issue with the "started" field and palliative locking

[skip unit]
[specific ci=1-38-Docker-Exec,6-15-Syslog]
[parallel jobs=4]

Towards #7410

Investigating CI failures:

• 1-02-Docker-Pull - Running docker pull victest/registry-busybox:latest
  • Infra: parallelism: Create Unique Bridge Network needs to handle name collision #8061
• 1-09-Docker-Attach
  • Attach with short input
  • Attach with short output with tty
• 1-17-Docker-Network-Connect - Connect container to multiple networks concurrently
  • same issue as for docker attach - concurrent access error not being correctly identified.
• 1-38-Docker-Exec
  • Concurrent Simple Exec Detached
    • test error - mismatch between process name and later reference
  • Exec During Poweroff Of A Container Performing A Long Running Task - case mismatch
  • Exec During Poweroff Of A Container Performing A Short Running Task - case mismatch
• Test 6-15 - Verify remote syslog
  • merged Fix current encoding errors in syslog test #8095

[zjs]

Would there be any benefit to logging err or including it in the new error being constructed here? (E.g., to allow us to use log data to validate the presumption described in the comment above if something doesn't seem to be working quite as expected.)

[zjs]

Should we file a ticket to track this TODO?

[hickeng]

Will remove the TODO - with the benefit of time I can recall that the non-persistent keys will never be written from the API side while the VM is powered on. This would only become necessary if we were to change that AND had a reason to update this field from the API side (I cannot think of one).

[zjs]

Is there code that should be updated to call this now that it exists? (If so, that should probably be handled in a separate PR.)

[hickeng]

There is, for example lib/portlayer/storage/vsphere/toolbox_common.go. Opened #8099 for it.

[zjs]

In the other similar methods, we also check for the *types.____Fault here. Is there a reason we don't check for types.InvalidStateFault in this case? (If so, that would be good to document in a comment here so that future readers don't assume it's a mistake.)

[hickeng]

iirc types.InvalidStateFault does not implement GetMethodFault() method so it won't compile. I confess I've not dug into why this one is not the same as the others. @dougm ?

[zjs]

This whole method seems to be basically repeated many times. Would there be value in defining a helper that takes the four "variable" pieces (two interfaces, two strings) as arguments? (If so, that should probably be handled in a separate PR.)

[hickeng]

The entire thing should be in govmomi. I think it would end up being either significantly rewritten to use reflection (viable but much harder to read) or would take four types as the pointers are separate types in this case.

I'd prefer just to move it all to govmomi and make it @dougm's problem ;) Opened #8099 for follow up.

[hickeng]

1-09-Docker-Attach

Attach with short input
VCH: VCH-19517-3070
Bridge: VCH-19517-705
Container: vigilant_yonath-6c2994112e23
Command:

docker -H dhcp-wdc-pod2-haas01-76.eng.vmware.com:2376 --tls start -ai 6c2994112e231402e60f218368f19b120b5b5f73721e5d44a04ba46322c9807a < /tmp/tmp.0k7B3JBWly/fifo

Stderr: Unrecognized input header: 83

Personna:

op=351.18 - container create
op=351.19 - container inspect

op=351.20 - container attach
op=351.21 - container start
==> Event Monitor received eventID(339.76) for container(6c2994112e23) - Started
op=351.20 - container attach - end
op=351.21 - container start - end

op=351.22 - exit code (from event monitor)
==> die event for container(6c2994112e23) with exitCode[0]

op=351.23 - container inspect

op=351.24 - container attach
op=351.25 - container start
==> Event Monitor received eventID(339.92) for container(6c2994112e23) - Started
op=351.24 - container attach - end
op=351.26 - exit code (from event monitor)
==> die event for container(6c2994112e23) with exitCode[0]
op=351.25 - container start - end

op=351.27 - container inspect

op=351.28 - container attach
==> Cannot complete operation due to concurrent modification by another operation
op=351.28 - container attach - end
op=351.29 - container start
==> Event Monitor received eventID(339.107) for container(6c2994112e23) - Started
---> We got `Started` instead of `Powered On` because the attach failed, meaning we don't enter into RunBlocking state.

Questions:

• why didn't the attach retry?
  • IsConcurrentAccessError method was not working correctly
• what was the conflicting operations that caused the concurrent access?
  • The network unbind triggered by the power off event for the prior iteration - this is a perfectly acceptable occurrence so why isn't the retry handling it - will answer in question above.