Adding ecs config to flag name only or driver options and label comparison #1519
Conversation
agent/config/types.go
Outdated
| // provisioned volume, if true. If false, we perform deep comparison including driver options and labels. | ||
| // For comparing shared volume across 2 instances, this should be set to true as docker does not propagate | ||
| // driver options and labels through volume drivers. | ||
| SharedVolumeValidateNameOnly bool |
There was a problem hiding this comment.
What is the actual environment variable name?
There was a problem hiding this comment.
added ECS_SHARED_VOLUME_VALIDATE_NAME_ONLY
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
2 times, most recently
from
0150770
to
7e4c529
Compare
README.md
Outdated
| @@ -183,6 +183,7 @@ additional details on each available environment variable. | |||
| | `ECS_CGROUP_PATH` | `/sys/fs/cgroup` | The root cgroup path that is expected by the ECS agent. This is the path that accessible from the agent mount. | `/sys/fs/cgroup` | Not applicable | | |||
| | `ECS_ENABLE_CPU_UNBOUNDED_WINDOWS_WORKAROUND` | `true` | When `true`, ECS will allow CPU unbounded(CPU=`0`) tasks to run along with CPU bounded tasks in Windows. | Not applicable | `false` | | |||
| | `ECS_TASK_METADATA_RPS_LIMIT` | `100,150` | Comma separated integer values for steady state and burst throttle limits for task metadata endpoint | `40,60` | `40,60` | | |||
| | `ECS_SHARED_VOLUME_VALIDATE_NAME_ONLY` | `true` | When `true`, ECS will short circuit shared volume match after name. When `false`, both driver options and labels are compared. If a volume is shared across instances, this should be set to `true`. | `false` | `false`| | |||
There was a problem hiding this comment.
should we call it ECS_SHARED_VOLUME_MATCH_NAME_ONLY ? also, we should probably get this reviewed by someone in docs.
There was a problem hiding this comment.
I agree, *match_name_only is more descriptive of what this does. Changed.
There was a problem hiding this comment.
IMO small README changes like this shouldn't require doc reviewers.
agent/api/task/task.go
Outdated
| @@ -379,6 +379,11 @@ func (task *Task) addSharedVolumes(ctx context.Context, dockerClient dockerapi.D | |||
| } | |||
|
|
|||
| seelog.Infof("initialize volume: Task [%s]: volume [%s] already exists", task.Arn, volumeConfig.DockerVolumeName) | |||
| if cfg.SharedVolumeValidateNameOnly { | |||
| seelog.Infof("initialize volume: Task [%s]: SharedVolumeValidateNameOnly is set to true and volume with name [%s] is found", task.Arn, volumeConfig.DockerVolumeName) | |||
There was a problem hiding this comment.
nit: ECS_SHARED_VOLUME_VALIDATE_NAME_ONLY is set to true...
agent/api/task/task.go
Outdated
| @@ -226,7 +226,7 @@ func (task *Task) PostUnmarshalTask(cfg *config.Config, | |||
| if err != nil { | |||
| return apierrors.NewResourceInitError(task.Arn, err) | |||
| } | |||
| err = task.initializeDockerVolumes(dockerClient, ctx) | |||
| err = task.initializeDockerVolumes(cfg, dockerClient, ctx) | |||
There was a problem hiding this comment.
Should we just pass in the bool variable instead of cfg object itself?
agent/api/task/taskvolume_test.go
Outdated
| cfg := config.Config{} | ||
| cfg.SharedVolumeValidateNameOnly = true | ||
|
|
||
| ctrl := gomock.NewController(t) |
There was a problem hiding this comment.
i think you need to have 'defer ctrl.Finish()' after that so the EXPECTed call will be checked?
There was a problem hiding this comment.
added these on a separate commit
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
2 times, most recently
from
3f5aad7
to
562752f
Compare
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
2 times, most recently
from
8b77755
to
8b60428
Compare
README.md
Outdated
| @@ -183,6 +183,7 @@ additional details on each available environment variable. | |||
| | `ECS_CGROUP_PATH` | `/sys/fs/cgroup` | The root cgroup path that is expected by the ECS agent. This is the path that accessible from the agent mount. | `/sys/fs/cgroup` | Not applicable | | |||
| | `ECS_ENABLE_CPU_UNBOUNDED_WINDOWS_WORKAROUND` | `true` | When `true`, ECS will allow CPU unbounded(CPU=`0`) tasks to run along with CPU bounded tasks in Windows. | Not applicable | `false` | | |||
| | `ECS_TASK_METADATA_RPS_LIMIT` | `100,150` | Comma separated integer values for steady state and burst throttle limits for task metadata endpoint | `40,60` | `40,60` | | |||
| | `ECS_SHARED_VOLUME_MATCH_ALL` | `true` | When `true`, ECS Agent will compare driver options and labels to make sure volumes are identical. When `false`, Agent will short circuit shared volume comparison if the names match. This is the defualt Docker behavior. If a volume is shared across instances, this should be set to `false`. | `false` | `false`| | |||
There was a problem hiding this comment.
nit: default.
When 'true', ECS Agent will compare driver options and labels along with name to..
agent/api/task/task.go
Outdated
| @@ -379,6 +379,11 @@ func (task *Task) addSharedVolumes(ctx context.Context, dockerClient dockerapi.D | |||
| } | |||
|
|
|||
| seelog.Infof("initialize volume: Task [%s]: volume [%s] already exists", task.Arn, volumeConfig.DockerVolumeName) | |||
| if !SharedVolumeMatchAll { | |||
| seelog.Infof("initialize volume: Task [%s]: ECS_SHARED_MATCH_VALIDATE_NAME_ONLY is set to true and volume with name [%s] is found", task.Arn, volumeConfig.DockerVolumeName) | |||
There was a problem hiding this comment.
Should be ECS_SHARED_VOLUME_MATCH_ALL is set to false
agent/api/task/taskvolume_test.go
Outdated
| @@ -163,15 +165,17 @@ func TestInitializeSharedProvisionedVolume(t *testing.T) { | |||
|
|
|||
| // Expect the volume already exists on the instance | |||
| dockerClient.EXPECT().InspectVolume(gomock.Any(), gomock.Any(), gomock.Any()).Return(dockerapi.VolumeResponse{}) | |||
| err := testTask.initializeDockerVolumes(dockerClient, nil) | |||
| err := testTask.initializeDockerVolumes(SharedVolumeMatchAll, dockerClient, nil) | |||
There was a problem hiding this comment.
nit : can just pass in true instead of new variable
There was a problem hiding this comment.
I prefer this way since it provides more semantics to the test; true/false value on its own does not show what it is for.
README.md
Outdated
| @@ -183,6 +183,7 @@ additional details on each available environment variable. | |||
| | `ECS_CGROUP_PATH` | `/sys/fs/cgroup` | The root cgroup path that is expected by the ECS agent. This is the path that accessible from the agent mount. | `/sys/fs/cgroup` | Not applicable | | |||
| | `ECS_ENABLE_CPU_UNBOUNDED_WINDOWS_WORKAROUND` | `true` | When `true`, ECS will allow CPU unbounded(CPU=`0`) tasks to run along with CPU bounded tasks in Windows. | Not applicable | `false` | | |||
| | `ECS_TASK_METADATA_RPS_LIMIT` | `100,150` | Comma separated integer values for steady state and burst throttle limits for task metadata endpoint | `40,60` | `40,60` | | |||
| | `ECS_SHARED_VOLUME_MATCH_ALL` | `true` | When `true`, ECS Agent will compare driver options and labels to make sure volumes are identical. When `false`, Agent will short circuit shared volume comparison if the names match. This is the defualt Docker behavior. If a volume is shared across instances, this should be set to `false`. | `false` | `false`| | |||
There was a problem hiding this comment.
How about ECS_SHARED_VOLUME_MATCH_FULL_CONFIG or ECS_SHARED_VOLUME_MATCH_ALL_CONFIG?
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
4 times, most recently
from
99eacc0
to
ed97470
Compare
| @@ -64,6 +64,7 @@ func TestConfigDefault(t *testing.T) { | |||
| "Default TaskMetadataSteadyStateRate is set incorrectly") | |||
| assert.Equal(t, DefaultTaskMetadataBurstRate, cfg.TaskMetadataBurstRate, | |||
| "Default TaskMetadataBurstRate is set incorrectly") | |||
| assert.False(t, cfg.SharedVolumeMatchFullConfig, "Default SharedVolumeMatchFullConfig set incorrectly") | |||
There was a problem hiding this comment.
Can you also modify the TestEnvironmentConfig in config_test.go to cover this?
There was a problem hiding this comment.
I started adding that last night and will finish that up.
There was a problem hiding this comment.
Created a PR to this branch to be accepted and it'll be added to this PR.
README.md
Outdated
| @@ -183,6 +183,7 @@ additional details on each available environment variable. | |||
| | `ECS_CGROUP_PATH` | `/sys/fs/cgroup` | The root cgroup path that is expected by the ECS agent. This is the path that accessible from the agent mount. | `/sys/fs/cgroup` | Not applicable | | |||
| | `ECS_ENABLE_CPU_UNBOUNDED_WINDOWS_WORKAROUND` | `true` | When `true`, ECS will allow CPU unbounded(CPU=`0`) tasks to run along with CPU bounded tasks in Windows. | Not applicable | `false` | | |||
| | `ECS_TASK_METADATA_RPS_LIMIT` | `100,150` | Comma separated integer values for steady state and burst throttle limits for task metadata endpoint | `40,60` | `40,60` | | |||
| | `ECS_SHARED_VOLUME_MATCH_FULL_CONFIG` | `true` | When `true`, ECS Agent will compare name, driver options, and labels to make sure volumes are identical. When `false`, Agent will short circuit shared volume comparison if the names match. This is the defualt Docker behavior. If a volume is shared across instances, this should be set to `false`. | `false` | `false`| | |||
|
To follow how the other names are, though it's long, but should |
agent/config/config.go
Outdated
|
|
||
| // DefaultSharedVolumeMatchFullConfig is set to false, only requiring shared volumes to match | ||
| // on names | ||
| DefaultSharedVolumeMatchFullConfig = false |
There was a problem hiding this comment.
Figured I would comment here as well. Suggestion: remove DefaultSharedVolumeMatchFullConfig in all places as the default is already set later in this file and doesn't need to be repeated in config_windows.go and config_unix.go as they are already defaulting to false. The tests can stay.
|
"match" is the verb and I don't think it detracts anything by not having "enable" in the name. |
|
Shorter env var names are preferable and since |
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
2 times, most recently
from
223730b
to
10471bf
Compare
agent/api/task/task.go
Outdated
| @@ -285,7 +285,7 @@ func (task *Task) volumeName(name string) string { | |||
|
|
|||
| // initializeDockerVolumes checks the volume resource in the task to determine if the agent | |||
| // should create the volume before creating the container | |||
| func (task *Task) initializeDockerVolumes(dockerClient dockerapi.DockerClient, ctx context.Context) error { | |||
| func (task *Task) initializeDockerVolumes(SharedVolumeMatchFullConfig bool, dockerClient dockerapi.DockerClient, ctx context.Context) error { | |||
There was a problem hiding this comment.
nit: this can just be sharedVolumeMatchFullConfig (not a public var)
yhlee-aws
force-pushed
the
shared_volume_validation_with_config
branch
from
7361dd2
to
8829aa4
Compare
Summary
Making shared volume comparison configurable
Implementation details
SharedVolumeMatchAll boolean flag is added to ecs config. Default is false.
When false, it shortcircuits shared volume comparison after name matches. This is default Docker behavior.
When true, it compares driver options and labels.
Testing
make release)go build -out amazon-ecs-agent.exe ./agent)make test) passgo test -timeout=25s ./agent/...) passmake run-integ-tests) pass.\scripts\run-integ-tests.ps1) passmake run-functional-tests) pass.\scripts\run-functional-tests.ps1) passNew tests cover the changes: yes
Description for the changelog
Licensing
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.