Debug: Provide a way to enable a debug console to the VM #122
Conversation
mcastelino
force-pushed
the
topic/debug
branch
from
5b64e33
to
c026a21
Compare
Provide an additional unit file to enable a debug console. Also provide an additional agent service file variant that can be used to launch the VM in debug mode. The console can be attached using socat console.sock - Fixes clearcontainers#123 Signed-off-by: Manohar Castelino <[email protected]>
mcastelino
force-pushed
the
topic/debug
branch
from
c026a21
to
5bfc36d
Compare
|
Hi @mcastelino - this looke very useful! Could you add a section to the |
There was a problem hiding this comment.
Excellent. Have had looking into something like this in the back of my mind for a little while - should be v.useful!
Agree with @jodh-intel - we need to add some info to the docs about how you invoke this from the host side, and that magic about socat.
|
Ah, seeing we also have clearcontainers/runtime#658, which has some docs, maybe just a small doc note in the agent pointing over to the relevant runtime docs is all that would be required. |
| StandardOutput=tty | ||
| PrivateDevices=yes | ||
| Type=simple | ||
| ExecStart=/usr/bin/bash |
There was a problem hiding this comment.
I wonder if this should be /bin/sh for portability?
There was a problem hiding this comment.
@jodh-intel yes. I would prefer the most minimal shell that clear linux provides as a package.
@jcvenegas what are our options? I would rather not have a separate debug image just for this. Or if we end up with a separate image, we should always package and distribute it with the non debug image, so that the user has the confidence that they are using the exact same version of all the image components and be able to flip to the debug image by just modifying the toml config file.
There was a problem hiding this comment.
@mcastelino @jodh-intel today there is not busybox in CL, will need to request a new shell .
|
@mcastelino - should this be marked |
|
@mcastelino - what are the permissions on |
|
I agree with @grahamwhaley - we probably don't want to have to maintain 2 sets of docs for the same thing (although I wonder if we want the real info in the agent repo and have the runtime ref it's |
|
@mcastelino in the docs could you add a warning to not run the proxy in debug mode, in this case both the proxy and socat will try to read the console.socket. |
|
@jcvenegas @grahamwhaley @jodh-intel I was thinking of just extending the kernel debug document and make it a general advanced debug document. That way we do not end up with multiple debug documents. What do you think. |
|
I'd like one 'advanced debugging' document for devs, and not have to spread the info around split down by either different components/repos or other sub-divisions - I'd like one place I can go read and later find all the 'deep dive hard info' for devs - so, +1 from me. |
@jodh-intel as Wants is a less strict requirement. Even if the image does not have the packaging changes |
|
lgtm |
|
LGTM
|
|
@mcastelino we need you to add some docs before we can merge this. |
|
@sboeuf this cannot be merged unless we merge clearcontainers/osbuilder#37 which is caught up in a lot of discussion. I will write up some more documentation and also extend the built in toml doc I strongly prefer an unified image right now purely from a user's point of view. A deployer can always deploy a stripped down image. . Debugging an image that is different from the one that failed can be fraught with issues from my experience. |
|
@mcastelino ok thanks for the heads up ! And BTW I agree we should not have two different images, this will bring a looooot of confusion. |
Provide an additional unit file to enable a debug console.
Also provide an additional agent service file variant that
can be used to launch the VM in debug mode.
The console can be attached using
socat STATE_DIR_CONTAINER/console.sock -
Signed-off-by: Manohar Castelino [email protected]