drop changing the folder of unix sockets to read-only from virt-launcher

Previously, the solution for the disappearing unix sockets for VNC (due to QEMU bug) was to have virt-launcher track when the unix socket for VNC connection was created and then make its parent folder read-only. In 944e019, we changed virt-handler to make the parent folder of the unix socket for VNC read-only when a new connection request comes and we find that the unix socket exists. This resolves a race in which a VNC connection is established before virt-launcher manages to change the parent folder of the unix socket read-only. Here we remove the former solution as the latter renders it redundant. As for the upgrade flow, virt-handler is the first to be upgraded (before virt-controller and virt-api) and so when new VMI is launched then for sure virt-handler will handle making that folder to read-only. Signed-off-by: Arik Hadas <[email protected]>
j-griffith · Aug 12, 2019 · 6797b1c · 6797b1c
1 parent c19c1b8
commit 6797b1c
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 27 deletions.
diff --git a/cmd/virt-launcher/virt-launcher.go b/cmd/virt-launcher/virt-launcher.go
@@ -292,26 +292,6 @@ func waitForFinalNotify(deleteNotificationSent chan watch.Event,
 	}
 }
 
-// writeProtectPrivateDir waits until the kubevirt private vnc socket exists and than mark its folder as read only
-// this is a workaround preventing QEMU from deleting its sockets prematurely as described in a bug https://bugs.launchpad.net/qemu/+bug/1795100
-// once the QEMU 4.0 is released the need for this workaround goes away
-// Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1683964
-func writeProtectPrivateDir(uid string) {
-	vncAppeared := false
-	// waits maximum of 20s for vnc file to appear
-	for i := 0; i < 20; i++ {
-		if _, err := os.Stat(filepath.Join("/var/run/kubevirt-private", uid, "virt-vnc")); os.IsNotExist(err) {
-			time.Sleep(1 * time.Second)
-			continue
-		}
-		vncAppeared = true
-		break
-	}
-	if vncAppeared {
-		os.Chmod(filepath.Join("/var/run/kubevirt-private", uid), 0444)
-	}
-}
-
 func cleanupContainerDiskDirectory(ephemeralDiskDir string) {
 	// Cleanup the content of ephemeralDiskDir, to make sure that all containerDisk containers terminate
 	err := RemoveContents(ephemeralDiskDir)
@@ -452,12 +432,6 @@ func main() {
 			*gracePeriodSeconds,
 			shutdownCallback)
 
-		// waits until virt-vnc socket is ready and than mark its parent folder as read only
-		// workaround preventing QEMU from deleting socket prematurely
-		// the code need to be executed after the QEMU reports VM is running, so the wait
-		// for socket creation is the shortest possible
-		go writeProtectPrivateDir(*uid)
-
 		// This is a wait loop that monitors the qemu pid. When the pid
 		// exits, the wait loop breaks.
 		mon.RunForever(*qemuTimeout, signalStopChan)

diff --git a/pkg/virt-handler/rest/console.go b/pkg/virt-handler/rest/console.go
@@ -146,7 +146,9 @@ func (t *ConsoleHandler) getUnixSocketPath(vmi *v1.VirtualMachineInstance, socke
 	if _, err = os.Stat(socketPath); os.IsNotExist(err) {
 		return "", err
 	}
-	// See https://github.com/kubevirt/kubevirt/pull/2171
+	// This is a workaround preventing QEMU from deleting its sockets prematurely as described in a bug https://bugs.launchpad.net/qemu/+bug/1795100
+	// once the QEMU 4.0 is released the need for this workaround goes away
+	// Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1683964
 	if err = os.Chmod(socketDir, 0444); err != nil {
 		return "", err
 	}