From: Peter Amstutz Date: Wed, 2 Jul 2014 14:54:48 +0000 (-0400) Subject: Use separate $HOME for commands run outside the docker X-Git-Tag: 1.1.0~2481^2~6 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/945bebae56ec2fb5faef965cbf55fc8309e8df11?ds=sidebyside Use separate $HOME for commands run outside the docker container (e.g. arv-mount) and commands inside the docker container because of the user id mapping problem. Converted docker command line to use long form for readability. --- diff --git a/sdk/cli/bin/crunch-job b/sdk/cli/bin/crunch-job index b0d779bf3c..dd1ba8fbd9 100755 --- a/sdk/cli/bin/crunch-job +++ b/sdk/cli/bin/crunch-job @@ -622,7 +622,7 @@ for (my $todo_ptr = 0; $todo_ptr <= $#jobstep_todo; $todo_ptr ++) $ENV{"TASK_SLOT_NODE"} = $slot[$childslot]->{node}->{name}; $ENV{"TASK_SLOT_NUMBER"} = $slot[$childslot]->{cpu}; $ENV{"TASK_WORK"} = $ENV{"JOB_WORK"}."/$id.$$"; - $ENV{"HOME"} = $ENV{"TASK_WORK"}; + $ENV{"HOME"} = $ENV{"TASK_WORK"}.".home"; $ENV{"TASK_KEEPMOUNT"} = $ENV{"TASK_WORK"}.".keep"; $ENV{"TASK_TMPDIR"} = $ENV{"TASK_WORK"}; # deprecated $ENV{"CRUNCH_NODE_SLOTS"} = $slot[$childslot]->{node}->{ncpus}; @@ -639,7 +639,7 @@ for (my $todo_ptr = 0; $todo_ptr <= $#jobstep_todo; $todo_ptr ++) my $build_script_to_send = ""; my $command = "if [ -e $ENV{TASK_WORK} ]; then rm -rf $ENV{TASK_WORK}; fi; " - ."mkdir -p $ENV{JOB_WORK} $ENV{CRUNCH_TMP} $ENV{TASK_WORK} $ENV{TASK_KEEPMOUNT} " + ."mkdir -p $ENV{JOB_WORK} $ENV{CRUNCH_TMP} $ENV{TASK_WORK} $ENV{TASK_KEEPMOUNT} ${HOME}" ."&& chmod og+wrx $ENV{TASK_WORK}" ."&& cd $ENV{CRUNCH_TMP} "; if ($build_script) @@ -652,41 +652,41 @@ for (my $todo_ptr = 0; $todo_ptr <= $#jobstep_todo; $todo_ptr ++) if ($docker_hash) { $command .= "crunchstat -cgroup-root=/sys/fs/cgroup -cgroup-parent=docker -cgroup-cid=$ENV{TASK_WORK}/docker.cid -poll=10000 "; - $command .= "$docker_bin run -i -a stdin -a stdout -a stderr --cidfile=$ENV{TASK_WORK}/docker.cid "; + $command .= "$docker_bin run --attach=stdout --attach=stderr --user=crunch --cidfile=$ENV{TASK_WORK}/docker.cid "; # Dynamically configure the container to use the host system as its # DNS server. Get the host's global addresses from the ip command, # and turn them into docker --dns options using gawk. $command .= q{$(ip -o address show scope global | gawk 'match($4, /^([0-9\.:]+)\//, x){print "--dns", x[1]}') }; - $command .= "-v \Q$ENV{TASK_WORK}:/tmp/crunch-job:rw\E "; - $command .= "-v \Q$ENV{CRUNCH_SRC}:/tmp/crunch-src:ro\E "; - $command .= "-v \Q$ENV{TASK_KEEPMOUNT}:/mnt:ro\E "; - $command .= "-e \QHOME=/tmp/crunch-job\E "; + $command .= "--volume=\Q$ENV{TASK_WORK}:/tmp/crunch-job:rw\E "; + $command .= "--volume=\Q$ENV{CRUNCH_SRC}:/tmp/crunch-src:ro\E "; + $command .= "--volume=\Q$ENV{TASK_KEEPMOUNT}:/keep:ro\E "; + $command .= "--env=\QHOME=/home/crunch\E "; while (my ($env_key, $env_val) = each %ENV) { if ($env_key =~ /^(ARVADOS|JOB|TASK)_/) { if ($env_key eq "TASK_WORK") { - $command .= "-e \QTASK_WORK=/tmp/crunch-job\E "; + $command .= "--env=\QTASK_WORK=/tmp/crunch-job\E "; } elsif ($env_key eq "TASK_KEEPMOUNT") { - $command .= "-e \QTASK_KEEPMOUNT=/mnt\E "; + $command .= "--env=\QTASK_KEEPMOUNT=/keep\E "; } elsif ($env_key eq "CRUNCH_SRC") { - $command .= "-e \QCRUNCH_SRC=/tmp/crunch-src\E "; + $command .= "--env=\QCRUNCH_SRC=/tmp/crunch-src\E "; } else { - $command .= "-e \Q$env_key=$env_val\E "; + $command .= "--env=\Q$env_key=$env_val\E "; } } } $command .= "\Q$docker_hash\E "; - $command .= "stdbuf -o0 -e0 "; + $command .= "stdbuf --output=0 --error=0 "; $command .= "/tmp/crunch-src/crunch_scripts/" . $Job->{"script"}; } else { # Non-docker run $command .= "crunchstat -cgroup-root=/sys/fs/cgroup -poll=10000 "; - $command .= "stdbuf -o0 -e0 "; + $command .= "stdbuf --output=0 --error=0 "; $command .= "$ENV{CRUNCH_SRC}/crunch_scripts/" . $Job->{"script"}; }