fix:fix exec log grow to burst

Author: ningmingxiao

crates/runc-shim/src/runc.rs

@@ -15,6 +15,7 @@
 */
 
 use std::{
+    collections::HashMap,
     convert::TryFrom,
     os::{
         fd::{IntoRawFd, OwnedFd},
@@ -455,12 +456,19 @@ impl ProcessLifecycle<ExecProcess> for RuncExecLifecycle {
     async fn start(&self, p: &mut ExecProcess) -> containerd_shim::Result<()> {
         let bundle = self.bundle.to_string();
         let pid_path = Path::new(&bundle).join(format!("{}.pid", &p.id));
+        let log_path = Path::new(&bundle).join(format!("{}-exec.log", &p.id));
+
         let mut exec_opts = runc::options::ExecOpts {
             io: None,
+            global_args: HashMap::from([(
+                "--log".to_string(),
+                log_path.to_string_lossy().into_owned(),
+            )]),
             pid_file: Some(pid_path.to_owned()),
             console_socket: None,
             detach: true,
         };
+
         let (socket, pio) = if p.stdio.terminal {
             let s = ConsoleSocket::new().await?;
             exec_opts.console_socket = Some(s.path.to_owned());
@@ -475,6 +483,7 @@ impl ProcessLifecycle<ExecProcess> for RuncExecLifecycle {
             .runtime
             .exec(&self.container_id, &self.spec, Some(&exec_opts))
             .await;
+        let _ = tokio::fs::remove_file(log_path).await;
         if let Err(e) = exec_result {
             if let Some(s) = socket {
                 s.clean().await;

crates/runc/src/asynchronous/runc.rs

@@ -14,7 +14,7 @@
    limitations under the License.
 */
 
-use std::{fmt::Debug, path::Path, process::ExitStatus};
+use std::{collections::HashMap, fmt::Debug, path::Path, process::ExitStatus};
 
 use async_trait::async_trait;
 use log::debug;
@@ -138,11 +138,13 @@ impl Runc {
     pub async fn exec(&self, id: &str, spec: &Process, opts: Option<&ExecOpts>) -> Result<()> {
         let f = write_value_to_temp_file(spec).await?;
         let mut args = vec!["exec".to_string(), "--process".to_string(), f.clone()];
+        let mut global_args: HashMap<String, String> = HashMap::new();
         if let Some(opts) = opts {
+            global_args = opts.global_args.clone();
             args.append(&mut tc!(opts.args(), &f));
         }
         args.push(id.to_string());
-        let mut cmd = self.command(&args)?;
+        let mut cmd = self.command_with_global_args(&global_args, &args)?;
         match opts {
             Some(ExecOpts { io: Some(io), .. }) => {
                 tc!(

crates/runc/src/lib.rs

@@ -38,6 +38,7 @@
 //! A crate for consuming the runc binary in your Rust applications, similar to
 //! [go-runc](https://github.com/containerd/go-runc) for Go.
 use std::{
+    collections::HashMap,
     fmt::{self, Debug, Display},
     path::PathBuf,
     process::{ExitStatus, Stdio},
@@ -107,13 +108,49 @@ pub type Command = tokio::process::Command;
 #[derive(Debug, Clone)]
 pub struct Runc {
     command: PathBuf,
-    args: Vec<String>,
+    client_global_args: HashMap<String, String>,
     spawner: Arc<dyn Spawner + Send + Sync>,
 }
 
 impl Runc {
     fn command(&self, args: &[String]) -> Result<Command> {
-        let args = [&self.args, args].concat();
+        let local_args = &self.client_global_args;
+        let mut args_global = Vec::<String>::new();
+        for (key, value) in local_args {
+            args_global.push(key.to_string());
+            args_global.push(value.to_string());
+        }
+        let args = [args_global, args.to_vec()].concat();
+        let mut cmd = Command::new(&self.command);
+
+        // Default to piped stdio, and they may be override by command options.
+        cmd.stdin(Stdio::null())
+            .stdout(Stdio::piped())
+            .stderr(Stdio::piped());
+
+        // NOTIFY_SOCKET introduces a special behavior in runc but should only be set if invoked from systemd
+        cmd.args(&args).env_remove("NOTIFY_SOCKET");
+
+        Ok(cmd)
+    }
+
+    #[allow(dead_code)]
+    fn command_with_global_args(
+        &self,
+        custom_global_args: &HashMap<String, String>,
+        args: &[String],
+    ) -> Result<Command> {
+        let mut global_args_vec: Vec<String> = Vec::new();
+        for (client_key, client_value) in &self.client_global_args {
+            if let Some(value) = custom_global_args.get(client_key) {
+                global_args_vec.push(client_key.to_string());
+                global_args_vec.push(value.to_string());
+            } else {
+                global_args_vec.push(client_key.to_string());
+                global_args_vec.push(client_value.to_string());
+            }
+        }
+        let args = [global_args_vec, args.to_vec()].concat();
         let mut cmd = Command::new(&self.command);
 
         // Default to piped stdio, and they may be override by command options.

crates/runc/src/options.rs

@@ -34,6 +34,7 @@
  */
 
 use std::{
+    collections::HashMap,
     path::{Path, PathBuf},
     sync::Arc,
     time::Duration,
@@ -203,64 +204,60 @@ impl GlobalOpts {
         self.args()
     }
 
-    fn output(&self) -> Result<(PathBuf, Vec<String>), Error> {
+    fn output(&self) -> Result<(PathBuf, HashMap<String, String>), Error> {
         let path = self
             .command
             .clone()
             .unwrap_or_else(|| PathBuf::from("runc"));
 
         let command = utils::binary_path(path).ok_or(Error::NotFound)?;
-
-        let mut args = Vec::new();
+        let mut global_args_map = HashMap::<String, String>::new();
 
         // --root path : Set the root directory to store containers' state.
         if let Some(root) = &self.root {
-            args.push(ROOT.into());
-            args.push(utils::abs_string(root)?);
+            global_args_map.insert(ROOT.into(), utils::abs_string(root)?);
         }
 
         // --debug : Enable debug logging.
         if self.debug {
-            args.push(DEBUG.into());
+            global_args_map.insert(DEBUG.into(), String::new());
         }
 
         // --log path : Set the log destination to path. The default is to log to stderr.
         if let Some(log_path) = &self.log {
-            args.push(LOG.into());
-            args.push(utils::abs_string(log_path)?);
+            global_args_map.insert(LOG.into(), utils::abs_string(log_path)?);
         }
 
         // --log-format text|json : Set the log format (default is text).
-        args.push(LOG_FORMAT.into());
-        args.push(self.log_format.to_string());
+        global_args_map.insert(LOG_FORMAT.into(), self.log_format.to_string());
 
         // --systemd-cgroup : Enable systemd cgroup support.
         if self.systemd_cgroup {
-            args.push(SYSTEMD_CGROUP.into());
+            global_args_map.insert(SYSTEMD_CGROUP.into(), String::new());
         }
 
         // --rootless true|false|auto : Enable or disable rootless mode.
         if let Some(mode) = self.rootless {
-            let arg = format!("{}={}", ROOTLESS, mode);
-            args.push(arg);
+            global_args_map.insert(ROOTLESS.to_string(), mode.to_string());
         }
-        Ok((command, args))
+        Ok((command, global_args_map))
     }
 }
 
 impl Args for GlobalOpts {
     type Output = Result<Runc, Error>;
 
     fn args(&self) -> Self::Output {
-        let (command, args) = self.output()?;
+        let (command, client_global_args) = self.output()?;
         let executor = if let Some(exec) = self.executor.clone() {
             exec
         } else {
             Arc::new(DefaultExecutor {})
         };
+
         Ok(Runc {
             command,
-            args,
+            client_global_args,
             spawner: executor,
         })
     }
@@ -353,6 +350,7 @@ impl CreateOpts {
 #[derive(Clone, Default)]
 pub struct ExecOpts {
     pub io: Option<Arc<dyn Io>>,
+    pub global_args: HashMap<String, String>,
     /// Path to where a pid file should be created.
     pub pid_file: Option<PathBuf>,
     /// Path to where a console socket should be created.
@@ -591,19 +589,30 @@ mod tests {
         assert_eq!(KillOpts::new().all(true).args(), vec!["--all".to_string()],);
     }
 
+    #[allow(dead_code)]
+    fn map_to_vec(map: HashMap<String, String>) -> Vec<String> {
+        let mut args = Vec::with_capacity(map.len() * 2);
+        for (key, value) in map {
+            args.push(key);
+            args.push(value);
+        }
+        args
+    }
     #[cfg(target_os = "linux")]
     #[test]
     fn global_opts_test() {
         let cfg = GlobalOpts::default().command("true");
         let runc = cfg.build().unwrap();
-        let args = &runc.args;
+        let args_map = &runc.client_global_args;
+
+        let args = map_to_vec(args_map.clone());
         assert_eq!(args.len(), 2);
         assert!(args.contains(&LOG_FORMAT.to_string()));
         assert!(args.contains(&TEXT.to_string()));
 
         let cfg = GlobalOpts::default().command("/bin/true");
         let runc = cfg.build().unwrap();
-        assert_eq!(runc.args.len(), 2);
+        assert_eq!(map_to_vec(runc.client_global_args).len(), 2);
 
         let cfg = GlobalOpts::default()
             .command("true")
@@ -614,16 +623,17 @@ mod tests {
             .systemd_cgroup(true)
             .rootless(true);
         let runc = cfg.build().unwrap();
-        let args = &runc.args;
+        let args = map_to_vec(runc.client_global_args);
         assert!(args.contains(&ROOT.to_string()));
         assert!(args.contains(&DEBUG.to_string()));
         assert!(args.contains(&"/tmp".to_string()));
         assert!(args.contains(&LOG.to_string()));
         assert!(args.contains(&"/tmp/runc.log".to_string()));
         assert!(args.contains(&LOG_FORMAT.to_string()));
         assert!(args.contains(&JSON.to_string()));
-        assert!(args.contains(&"--rootless=true".to_string()));
+
+        assert!(args.contains(&"--rootless".to_string()));
         assert!(args.contains(&SYSTEMD_CGROUP.to_string()));
-        assert_eq!(args.len(), 9);
+        assert_eq!(args.len(), 12);
     }
 }