Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

podman-compose incorrectly solving service dependencies #462

Closed
diodakus opened this issue Mar 28, 2022 · 5 comments
Closed

podman-compose incorrectly solving service dependencies #462

diodakus opened this issue Mar 28, 2022 · 5 comments
Labels
bug Something isn't working

Comments

@diodakus
Copy link

diodakus commented Mar 28, 2022

Describe the bug
At the beginning I would thank you for developing podman-compose.

podman-compose does not correctly resolve extended services dependency from extends tag.
I have in example docker-compose.yml file below dependencies (see Reproduce steps):
ci-dev-bash2 (depends from) <- ci-dev-bash <- bash
and in the same file:
other-bash (depends from) <- bash.
I've added to every compose service unique mount to /tmp and check what podman command generated by podman-compose. I checked what mounts were added to every service from file.

To Reproduce
Steps to reproduce the behavior:

  1. create docker-compose.yml file according below content:
version: '3.5'
services:
  bash:
    cap_add:
      - NET_ADMIN
      - SYSLOG
    command: [/bin/bash]
    domainname: ${HOSTNAME}
    environment:
      - USER_HOME=${HOME}
      - USER_NAME=${USER}
    hostname: myhostname
    image: ubuntu:latest
    network_mode: host
    security_opt:
      - seccomp:unconfined
    volumes:
      - /tmp/service_bash:/tmp/service_bash:rw

  ci-dev-bash:
    extends:
      service: bash
    volumes:
      - /tmp/service_ci-dev-bash:/tmp/service_ci-dev-bash:rw

  ci-dev-bash2:
    extends:
      service: ci-dev-bash
    volumes:
      - /tmp/service_ci-dev-bash2:/tmp/service_ci-dev-bash2:rw

  other-bash:
    extends:
      service: bash
    volumes:
      - /tmp/service_other-bash:/tmp/service_other-bash:rw
  1. run command: podman-compose run --rm --no-deps other-bash bash

Expected behavior

podman run --name=slawek_other-bash_tmp13814 \
  --rm -i --pod=pod_slawek --security-opt seccomp=unconfined \
  --label io.podman.compose.config-hash=23e6f025107a42496abbad6d2b740fd8fd42bc4e18eadafa64614c3b879411da --label io.podman.compose.project=slawek --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=slawek --label com.docker.compose.project.working_dir=/home/slawek --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=other-bash \
  --cap-add NET_ADMIN --cap-add SYSLOG -e USER_HOME=/home/slawek -e USER_NAME=slawek \
  **-v /tmp/service_bash:/tmp/service_bash:rw -v /tmp/service_other-bash:/tmp/service_other-bash:rw** \
  --network host --hostname myhostname --tty ubuntu:latest bash

I expected for podman-compose service "other-bash" to have mounts only from "bash" and "other-bash" (result of correct solving services dependency):

  • _/tmp/service_bash:/tmp/service_bash_ (bash)
  • _/tmp/service_other-bash:/tmp/service_other-bash_ (other-bash)

Actual behavior

podman run \
  --name=slawek_other-bash_tmp13814 --rm -i --pod=pod_slawek --security-opt seccomp=unconfined \
  --label io.podman.compose.config-hash=23e6f025107a42496abbad6d2b740fd8fd42bc4e18eadafa64614c3b879411da --label io.podman.compose.project=slawek --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=slawek --label com.docker.compose.project.working_dir=/home/slawek --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=other-bash \
  --cap-add NET_ADMIN --cap-add SYSLOG -e USER_HOME=/home/slawek -e USER_NAME=slawek \
  -v /tmp/service_bash:/tmp/service_bash:rw **-v /tmp/service_ci-dev-bash:/tmp/service_ci-dev-bash:rw** -v /tmp/service_other-bash:/tmp/service_other-bash:rw **-v /tmp/service_ci-dev-bash2:/tmp/service_ci-dev-bash2:rw** \
  --network host --hostname myhostname --tty ubuntu:latest bash

podman-compose added to service "other-bash" incorrectly mounts from services what are not in dependency chain:

  • _/tmp/service_ci-dev-bash:/tmp/service_ci-dev-bash_ (**incorrect** - from **ci-dev-bash**)
  • _/tmp/service_ci-dev-bash2:/tmp/service_ci-dev-bash2_ (**incorrect** - from **ci-dev-bash2**).

& correct content from dependency:

  • _/tmp/service_bash:/tmp/service_bash_ (**bash**)
  • _/tmp/service_other-bash:/tmp/service_other-bash_ (**other-bash**)

It looks that podman-compose read all services information from docker-compose.yml and during run service with dependency adding information from all services inside docker-compose.yml even that what is not in dependency chain.

Output

$ podman-compose version # Version from 25.03.2022
podman-compose version: 1.0.4
['podman', '--version', '']
using podman version: 3.4.2
podman-composer version 1.0.4
podman --version 
podman version 3.4.2
exit code: 0

$ podman-compose up
I do not use "up" parameter. Only "run".

Environment:

  • OS: Rocky Linux release 8.5 (Green Obsidian)
  • podman version: 3.4.2
  • podman compose version: (git hex) ebb3dfe

Additional context

Similar problem is visible for run below command:
podman-compose run --rm --no-deps bash bash

Podman does not depends from anything but mount from other services is added - but shouldn't:

podman run \
  --name=slawek_bash_tmp46399 --rm -i --pod=pod_slawek --security-opt seccomp=unconfined \
  --label io.podman.compose.config-hash=23e6f025107a42496abbad6d2b740fd8fd42bc4e18eadafa64614c3b879411da --label io.podman.compose.project=slawek --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=slawek --label com.docker.compose.project.working_dir=/home/slawek --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=bash \
  --cap-add NET_ADMIN --cap-add SYSLOG -e USER_HOME=/home/slawek -e USER_NAME=slawek \
  -v /tmp/service_bash:/tmp/service_bash:rw **-v /tmp/service_ci-dev-bash:/tmp/service_ci-dev-bash:rw -v /tmp/service_other-bash:/tmp/service_other-bash:rw -v /tmp/service_ci-dev-bash2:/tmp/service_ci-dev-bash2:rw** \
  --network host --hostname myhostname --tty ubuntu:latest bash
@diodakus diodakus added the bug Something isn't working label Mar 28, 2022
@muayyad-alsadi
Copy link
Collaborator

extends does not imply depends_on
if you want dependency please pass depends_on

https://github.com/compose-spec/compose-spec/blob/master/spec.md#extends

currently --no-deps is not respected and there is an open issue for that

#398

@muayyad-alsadi
Copy link
Collaborator

I was able to reproduce the bug using this minimal yaml (busybox no ubuntu please)

version: '3.5'
services:
  sh:
    command: [/bin/sh]
    image: busybox
    volumes:
      - /tmp/service_sh:/tmp/service_sh:rw

  ci-dev-sh:
    extends:
      service: sh
    volumes:
      - /tmp/service_ci-dev-sh:/tmp/service_ci-dev-sh:rw

  ci-dev-sh2:
    extends:
      service: ci-dev-sh
    volumes:
      - /tmp/service_ci-dev-sh2:/tmp/service_ci-dev-sh2:rw

  other-sh:
    extends:
      service: sh
    volumes:
      - /tmp/service_other-sh:/tmp/service_other-sh:rw
$ podman-compose run --rm --no-deps other-sh sh

podman run --name=extvol2_other-sh_tmp17413 --rm -i --pod=pod_extvol2 \
  --label io.podman.compose.config-hash=8046c9387919915040c14f6ec8fba1058b3ba36d6880deafbb67234245f55384 --label io.podman.compose.project=extvol2 --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=extvol2 --label com.docker.compose.project.working_dir=/home/alsadi/proj/podman-compose/tests/extvol2 --label com.docker.compose.project.config_files=docker-compose.yaml --label com.docker.compose.container-number=1 --label com.docker.compose.service=other-sh \
  -v /tmp/service_sh:/tmp/service_sh:rw -v /tmp/service_ci-dev-sh:/tmp/service_ci-dev-sh:rw -v /tmp/service_other-sh:/tmp/service_other-sh:rw -v /tmp/service_ci-dev-sh2:/tmp/service_ci-dev-sh2:rw \
  --net extvol2_default --network-alias other-sh --tty busybox sh

the expected is only two -v not 4

@muayyad-alsadi
Copy link
Collaborator

please test latest devel

muayyad-alsadi added a commit that referenced this issue Mar 28, 2022
@diodakus
Copy link
Author

Hello @muayyad-alsadi
I confirm that now only expected mounts are added to podman run for fc34703 version:

  1. podman-compose run --rm --no-deps sh sh - only one mount as expected:

podman run --name=slawek_sh_tmp34128 --rm -i --pod=pod_slawek --label io.podman.compose.config-hash=8046c9387919915040c14f6ec8fba1058b3ba36d6880deafbb67234245f55384 --label io.podman.compose.project=slawek --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=slawek --label com.docker.compose.project.working_dir=/home/slawek --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=sh -v /tmp/service_sh:/tmp/service_sh:rw --net slawek_default --network-alias sh --tty busybox sh
and
2. podman-compose run --rm other-sh sh - 2 mounts as expected:
podman run --name=slawek_other-sh_tmp64294 --rm -i --pod=pod_slawek --label io.podman.compose.config-hash=8046c9387919915040c14f6ec8fba1058b3ba36d6880deafbb67234245f55384 --label io.podman.compose.project=slawek --label io.podman.compose.version=1.0.4 --label com.docker.compose.project=slawek --label com.docker.compose.project.working_dir=/home/slawek --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=other-sh -v /tmp/service_sh:/tmp/service_sh:rw -v /tmp/service_other-sh:/tmp/service_other-sh:rw --net slawek_default --network-alias other-sh --tty busybox sh

Thank you for quick fix.

@muayyad-alsadi
Copy link
Collaborator

welcome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants