docker: Fix userdata bind mount path inside the container

For docker provider we use systemd container which mounts /run as a tmpfs volume. This mounting of /run happens after docker has bind mounted the userdata file inside the container and consequently the userdata file is no longer accessible. This commit changes the path of the userdata file to not use `/run` for the docker provider. Signed-off-by: Pradipta Banerjee <[email protected]>
wainersm · Dec 26, 2024 · d507f08 · d507f08
1 parent 919bdda
commit d507f08
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 12 deletions.
diff --git a/src/cloud-api-adaptor/pkg/paths/paths.go b/src/cloud-api-adaptor/pkg/paths/paths.go
@@ -1,11 +1,12 @@
 package paths
 
 const (
-	AACfgPath        = "/run/peerpod/aa.toml"
-	AuthFilePath     = "/run/peerpod/auth.json"
-	CDHCfgPath       = "/run/peerpod/cdh.toml"
-	InitDataPath     = "/run/peerpod/initdata"
-	AgentCfgPath     = "/run/peerpod/agent-config.toml"
-	ForwarderCfgPath = "/run/peerpod/daemon.json"
-	UserDataPath     = "/run/media/cidata/user-data"
+	AACfgPath          = "/run/peerpod/aa.toml"
+	AuthFilePath       = "/run/peerpod/auth.json"
+	CDHCfgPath         = "/run/peerpod/cdh.toml"
+	InitDataPath       = "/run/peerpod/initdata"
+	AgentCfgPath       = "/run/peerpod/agent-config.toml"
+	ForwarderCfgPath   = "/run/peerpod/daemon.json"
+	UserDataPath       = "/run/media/cidata/user-data"
+	DockerUserDataPath = "/media/cidata/user-data"
 )
diff --git a/src/cloud-api-adaptor/pkg/userdata/heuristics.go b/src/cloud-api-adaptor/pkg/userdata/heuristics.go
@@ -29,9 +29,16 @@ func isGCPVM(ctx context.Context) bool {
 }
 
 func hasUserDataFile() bool {
-	_, err := os.Stat(UserDataPath)
-	if err != nil && os.IsNotExist(err) {
-		return false
+	paths := []string{
+		UserDataPath,
+		DockerUserDataPath,
+	}
+
+	for _, path := range paths {
+		if _, err := os.Stat(path); err == nil {
+			return true // Found at least one existing file
+		}
 	}
-	return true
+	return false // Neither file exists
+
 }
diff --git a/src/cloud-api-adaptor/pkg/userdata/provision.go b/src/cloud-api-adaptor/pkg/userdata/provision.go
@@ -109,6 +109,11 @@ type FileUserDataProvider struct{ DefaultRetry }
 
 func (a FileUserDataProvider) GetUserData(ctx context.Context) ([]byte, error) {
 	path := UserDataPath
+
+	if _, err := os.Stat(UserDataPath); os.IsNotExist(err) {
+		path = DockerUserDataPath
+	}
+
 	logger.Printf("provider: File, userDataPath: %s\n", path)
 	userData, err := os.ReadFile(path)
 	if err != nil {

diff --git a/src/cloud-providers/docker/provider.go b/src/cloud-providers/docker/provider.go
@@ -77,7 +77,8 @@ func (p *dockerProvider) CreateInstance(ctx context.Context, podName, sandboxID
 	// /run/peerpods/daemon.json at runtime
 	volumeBinding := []string{
 		// note: we are not importing that path from the CAA package to avoid circular dependencies
-		fmt.Sprintf("%s:%s", instanceUserdataFile, "/run/media/cidata/user-data"),
+		// Docker volume bind mounts is not working for tpmfs mounts inside the container
+		fmt.Sprintf("%s:%s", instanceUserdataFile, "/media/cidata/user-data"),
 	}
 
 	// Add host bind mount for /run/kata-containers and /run/image to avoid