1315956 – The automatic docker volume provisioning cannot be prevented

Bug 1315956 - The automatic docker volume provisioning cannot be prevented

Summary: The automatic docker volume provisioning cannot be prevented

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OKD
Classification:	Red Hat
Component:	Storage
Sub Component:
Version:	3.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Matthew Heon
QA Contact:	Jianwei Hou
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-03-09 06:40 UTC by Wenqi He
Modified:	2016-05-12 17:10 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-05-12 17:10:54 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Wenqi He 2016-03-09 06:40:53 UTC

Description of problem:
To create a new Mongodb app which has the VOLUME directive but the pod spec does not include any corresponding volume, Docker will provision volume directories automatically within /var/lib/docker/volumes.  

Version-Release number of selected component (if applicable):
openshift v1.1.3-536-gda71953
kubernetes v1.2.0-alpha.7-703-gbc4550d
etcd 2.2.5

How reproducible:
Always

Steps to Reproduce:
1.Has the environment properly configured in AWS(devenv-rhel7_3655)
2.Create a project 
oc new-project projectname
3.Create a new Mongodb app with the template http://pastebin.test.redhat.com/355069 which has no "volumeMounts"
oc new-app --file=(template in pastebin)
4. Check the mongodb pod status
oc get pods
5. Check the directory /var/lib/docker/volumes/ to verify whether Docker provision volume directories automatically
ls /var/lib/docker/volumes/


Actual results:
The mongodb pod running well and there is a new directory under /var/lib/docker/volumes/ which is created for Mongodb automatically by docker

Expected results:
The mongodb pod should fail to start with the preventing of create directory under /var/lib/docker/volumes/ 

Additional info:

Comment 1 Matthew Heon 2016-03-16 17:11:16 UTC

I'm almost certain this is the result of the immutable bit not being set on the /var/lib/docker/volumes directory. I requested that Ops modify the deployment scripts for Online nodes to include the appropriate chattr command to accomplish this. I can think of several reasons why the command would be failing:

- The command never made it into the deployment scripts. Entirely possible I contacted the wrong person when I requested it be added.

- The command is placed incorrectly in the deployment script. The /var/lib/docker/volumes directory must exist in order for the command to work - therefore, it has to be run after Docker is started for the first time, or the directory needs to be manually created prior to running it

- The deployment scripts for release and QE differ, and the changes aren't in the QE scripts. I'm not at all familiar with the way that Online AWS deployments happen, so I can't rule this out.

I'm contacting Ops to look into getting this fixed.

Comment 2 Wenqi He 2016-03-18 07:46:41 UTC

This issue is fixed on below version:
kubernetes v1.2.0-alpha.7-703-gbc4550d
Docker 1.8.2-el7, build a01dc02/1.8.2
kernel 3.10.0-327.10.1.el7.x86_64
https://console.dev-preview-int.openshift.com/console/

But still repro on origin(devenv-rhel7_3734):
openshift v1.1.4-16-gb5da002
kubernetes v1.2.0-origin-41-g91d3e75
etcd 2.2.5

Comment 3 Abhishek Gupta 2016-03-21 07:11:11 UTC

The configuration to set the immutable bit on the /var/lib/docker/volumes directory is only applied to the dev-preview-int custer. You should not expect it to be applied on a regular origin devenv.

Marking this bug ON_QA based on comment above that this issue is now resolved in Dev Preview INT.

Comment 4 Wenqi He 2016-03-23 02:17:43 UTC

This issue is fixed on dev-preview-int, change the status to verified.

Note You need to log in before you can comment on or make changes to this bug.