This repository has been archived by the owner on May 30, 2023. It is now read-only.
app-emulation/(docker*|containerd): Revert to Go 1.13 #774
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pothos
force-pushed
the
kai/use-go-1.13-for-docker
branch
from
cd05fb7 to
2a8304c
Compare
When Docker/containerd binaries are compiled with Go 1.15 the containers generate many signal 23 (SIGURG) events which flood monitoring systems: kubernetes/kops#10388 The SIGURG signal does not kill the process but is generated by Go runtime scheduling: https://go.googlesource.com/proposal/+/master/design/24543-non-cooperative-preemption.md) Because the Go runtime does not know if the process expects external SIGURG signals, the signal is not filtered out but reported to the process: golang/go#37942 The process has to filter this signal out itself before forwarding it to, e.g,. children processes or logs. This change was introduced with the Go 1.15 update (actually Go 1.14 but Flatcar skipped that for Stable), however, while containerd has some workarounds in place, e.g., in containerd/containerd#4532 but there are still areas where the signal is not handled correctly. Until this is the case, downgrade to use the Go 1.13 compiler for Docker/containerd binaries. See flatcar/Flatcar#315
pothos
force-pushed
the
kai/use-go-1.13-for-docker
branch
from
2a8304c to
9c17edd
Compare
krnowak
approved these changes
Jan 17, 2021
pothos
added a commit
that referenced
this pull request
Jan 18, 2021
app-emulation/(docker*|containerd): Revert to Go 1.13
pothos
added a commit
that referenced
this pull request
Jan 18, 2021
app-emulation/(docker*|containerd): Revert to Go 1.13
pothos
added a commit
that referenced
this pull request
Jan 18, 2021
app-emulation/(docker*|containerd): Revert to Go 1.13
pothos
added a commit
that referenced
this pull request
Feb 1, 2021
app-emulation/(docker*|containerd): Revert to Go 1.13
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When Docker/containerd binaries are compiled with Go 1.15 the
containers generate many signal 23 (SIGURG) events which flood
monitoring systems:
kubernetes/kops#10388
The SIGURG signal does not kill the process but is generated by Go
runtime scheduling:
https://go.googlesource.com/proposal/+/master/design/24543-non-cooperative-preemption.md)
Because the Go runtime does not know if the process expects external
SIGURG signals, the signal is not filtered out but reported to the
process: golang/go#37942
The process has to filter this signal out itself before forwarding it
to, e.g,. children processes or logs.
This change was introduced with the Go 1.15 update (actually Go 1.14
but Flatcar skipped that for Stable), however, while containerd has
some workarounds in place, e.g., in
containerd/containerd#4532 but there are still
areas where the signal is not handled correctly.
Until this is the case, downgrade to use the Go 1.13 compiler for
Docker/containerd binaries.
See flatcar/Flatcar#315
Note: Should be picked for all channels
How to use
Testing done
Manually built the image and ran
docker eventsin one shell,docker run --rm -it alpinein the other with hittingCtrl-Cor Enter a few times. With Go 1.13 there are no SIGURG events as expected.Jenkins