diff --git a/VERSION-vendor b/VERSION-vendor index 3f3f526974ce2709c50bd606c4fac2ee303868c1..69802c166bf9f7f59e590a76c72f1d0bf4cecaee 100644 --- a/VERSION-vendor +++ b/VERSION-vendor @@ -1 +1 @@ -18.09.0.316 +18.09.0.317 diff --git a/docker.spec b/docker.spec index d1126e819a99f2eaa0b4247f3a92c2490fc5fcd6..12b8dc23a5db765c296a023934bc0a44defdce2c 100644 --- a/docker.spec +++ b/docker.spec @@ -1,6 +1,6 @@ Name: docker-engine Version: 18.09.0 -Release: 316 +Release: 317 Epoch: 2 Summary: The open-source application container engine Group: Tools/Docker @@ -213,6 +213,12 @@ fi %endif %changelog +* Fri Feb 17 2023 chenjiankun - 18.09.0-317 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:set freezer.state to Thawed to increase freeze chances + * Thu Dec 01 2022 zhongjiawei - 18.09.0-316 - Type:bugfix - CVE:NA diff --git a/git-commit b/git-commit index a56ab65bbaf1c0fc99aa89ed7e556e499d1661ac..d020bc287607f0cc509f0a700d2208b6b08524c1 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -9b9af2f4670efbadf39b4fce731a677ad70ebb07 +287e8bd417a2969ddef3ae612763cfed8f22d5e5 diff --git a/patch/0236-docker-set-freezer.state-to-Thawed-to-increase-freez.patch b/patch/0236-docker-set-freezer.state-to-Thawed-to-increase-freez.patch new file mode 100644 index 0000000000000000000000000000000000000000..738361a08327edc4fcda5aee093f180c8e4c94eb --- /dev/null +++ b/patch/0236-docker-set-freezer.state-to-Thawed-to-increase-freez.patch @@ -0,0 +1,54 @@ +From a1e170db821863c8a8062f599fab64d6c1d95210 Mon Sep 17 00:00:00 2001 +From: chenjiankun +Date: Fri, 13 Jan 2023 17:13:22 +0800 +Subject: [PATCH] docker: set freezer.state to Thawed to increase freeze + chances + +docker pause/unpause with parallel docker exec can lead to freezing +state, set freezer.state to Thawed to increase freeze chances +--- + components/engine/daemon/freezer/freezer.go | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/components/engine/daemon/freezer/freezer.go b/components/engine/daemon/freezer/freezer.go +index 6df176f2f..fde134887 100644 +--- a/components/engine/daemon/freezer/freezer.go ++++ b/components/engine/daemon/freezer/freezer.go +@@ -186,6 +186,7 @@ func (f *freezer) updateCgroup(state string) error { + timeout := time.After(30 * time.Second) + ticker := time.NewTicker(1 * time.Millisecond) + defer ticker.Stop() ++ count := 0 + for { + select { + case <-timeout: +@@ -194,6 +195,26 @@ func (f *freezer) updateCgroup(state string) error { + } + return fmt.Errorf("update freezer cgroup timeout for 30s") + case <-ticker.C: ++ // As per older kernel docs (freezer-subsystem.txt before ++ // kernel commit ef9fe980c6fcc1821), if FREEZING is seen, ++ // userspace should either retry or thaw. While current ++ // kernel cgroup v1 docs no longer mention a need to retry, ++ // the kernel (tested on v5.4, Ubuntu 20.04) can't reliably ++ // freeze a cgroup while new processes keep appearing in it ++ // (either via fork/clone or by writing new PIDs to ++ // cgroup.procs). ++ // ++ // The numbers below are chosen to have a decent chance to ++ // succeed even in the worst case scenario (docker pause/unpause ++ // with parallel docker exec). ++ // ++ // Adding any amount of sleep in between retries did not ++ // increase the chances of successful freeze. ++ if count++; count % 50 == 0 && state == string(configs.Frozen) { ++ writeFile(f.path, "freezer.state", string(configs.Thawed)) ++ time.Sleep(10 * time.Millisecond) ++ } ++ + // In case this loop does not exit because it doesn't get the expected + // state, let's write again this state, hoping it's going to be properly + // set this time. Otherwise, this loop could run infinitely, waiting for +-- +2.23.0 + diff --git a/series.conf b/series.conf index 7a0b8841025c170d2cf7f393b9054b43a9e3e018..57055ce6cb99c05fb872f4a1db22d4cc0ff71dfb 100644 --- a/series.conf +++ b/series.conf @@ -233,4 +233,5 @@ patch/0232-docker-ensure-layer-digest-folder-removed-if-ls.driv.patch patch/0233-docker-cleanup-netns-file-when-close-docker-daemon.patch patch/0234-docker-Read-connection-marking-information-from-CT-f.patch patch/0235-docker-do-not-stop-health-check-before-sending-signa.patch +patch/0236-docker-set-freezer.state-to-Thawed-to-increase-freez.patch #end