Yeah, the CLA still isn't signed but I though I'd open a PR so nobody else re-does work I've already done. It also opens the door for testing.

Sweet! I'll test this out.

I've just pushed a version where terminal=false logging actually works. It's all a little bit dodgy at the moment, but now (for the first time) we actually have full logging to a file. :D

@cyphar Fails tests. I will try manual testing next.

1..10
not ok 1 ctr remove
# (in test file ./ctr.bats, line 35)
#   `[ "$status" -eq 0 ]' failed
# time="2016-10-19T10:54:45-07:00" level=info msg="Starting reaper" 
# E1019 10:54:45.599650    7480 ocicni.go:136] error updating cni config: No networks found in /etc/cni/net.d
# time="2016-10-19T10:54:45-07:00" level=debug msg="sandboxes: map[]" 
# time="2016-10-19T10:54:45-07:00" level=debug msg="containers: &{map[] {{0 0} 0 0 0 0}}" 
# time="2016-10-19T10:54:45-07:00" level=info msg="Signal received: child exited" 
# time="2016-10-19T10:54:45-07:00" level=info msg="Signal received: child exited" 
# time="2016-10-19T10:54:45-07:00" level=debug msg="setting sandbox infra container's log_path" ctr.logfile=d35e7bc3a1bd8111f6c904dd72a5c65c6ffbde65ab170f08118391b2a7d8c46d log_path="/var/log/ocid/pods/5322d4b3450a79798e1a34f9c676fc2005bac828d09fbf7ba382
1b5cac6fc075/d35e7bc3a1bd8111f6c904dd72a5c65c6ffbde65ab170f08118391b2a7d8c46d.log" sbox.logdir="/var/log/ocid/pods/5322d4b3450a79798e1a34f9c676fc2005bac828d09fbf7ba3821b5cac6fc075" 
# time="2016-10-19T10:54:45-07:00" level=debug msg="copying infra rootfs binary: /root/gosrc/src/github.com/kubernetes-incubator/cri-o/pause/pause -> /tmp/tmp.3Qj9yykBiS/ocid/graph/vfs/pause/rootfs/pause" 
# time="2016-10-19T10:54:45-07:00" level=debug msg="running conmon: /root/gosrc/src/github.com/kubernetes-incubator/cri-o/conmon/conmon" args=[-c default-podsandbox1-0-infra -r /usr/local/sbin/runc -l /var/log/ocid/pods/5322d4b3450a79798e1a34f9c676fc2005
bac828d09fbf7ba3821b5cac6fc075/d35e7bc3a1bd8111f6c904dd72a5c65c6ffbde65ab170f08118391b2a7d8c46d.log] 
# [conmon:i]: container PID: 7612
# [conmon:e] Failed to add stdin to epoll Operation not permitted

pod create/ctr create/ctr start work fine. However I don't see any logs in the container.log file :/
Also ctr stop hangs..

@mrunalp How did you run it? You need to give an absolute path to the log directory in your configs -- otherwise odd things happen to the cwd that I haven't figured out yet. For example, the test data is currently broken (though I think I included a fix) because it sets the log_directory to ".".

@cyphar I'll try with setting the log_directory. Thanks!

@mrunalp Note: if you set log_directory: "" then my code will automatically put all of the logs inside /var/log/ocid/pod/<pod id>/<ctr id>.log. The kubelet will always tell us a log path, but I thought this might be useful just for our own testing.

@cyphar I set pod log_directory to /var/log/podsandbox1 and container log_path to container.log The files do get created but I don't see any logs in /var/log/podsandbox1/container.log.

@mrunalp Just to make sure, you did this right (I actually made this mistake a few times):

% sbox_id=$(sudo ./ocic pod create --config test/testdata/sandbox_config.json --name sandbox1)
% ctr_id=$(sudo ./ocic ctr create --config test/testdata/container_config.json --pod $sbox_id)
% sudo ./ocic ctr start --id $ctr_id # I forgot to do this a few times.

After making the changes you mentioned. It works for me:

% sudo cat /var/log/ocid/podsandbox1/container.log
bin
boot
data
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var

@cyphar I have been testing container_redis.json. I'll try with the other config and check whether redis is writing to stdout or stderr.

@cyphar I just got around to testing this again. Your example with ls works fine but redis-server doesn't work with or without tty.

@mrunalp I've got a branch with the --console-socket implementation, and found some bugs in the runC --console-socket stuff (nothing major). Currently this branch works with conmon if you run it by itself, but for some reason it doesn't work under ocid.

Okay, just retested this. redis works without tty but no logs with tty.

Ping @cyphar any update?

@mrunalp thanks, wasn't aware of that

What's the status of this?

The same as above. There is a console rewrite PR in runC pending to be merged (opencontainers/runc#1018) -- when you apply that patch to runC this PR works properly. Otherwise there are issues with tty: false containers and I don't really want to debug old code that is going to be replaced soon.

opencontainers/runc#1018 has been merged. I will rebase this soon.

@cyphar any update on this one 👼

@runcom Sorry, umoci got in the way. I will work on this today / tomorrow. Promise. If not, I give you permission to spam me on twitter. 😸

Hmmm. I need to figure out where all of my logDir code changes need to be moved to now.

@sameo Can you retest with etcd?

okay, retested with latest and looks good 👍 :) will wait for tests to go green and @sameo retest.

@mrunalp re-testing...

@mrunalp @cyphar Works with etcd and an nginx deployment.

LGTM (we can merge once tests are green)

works for me as well

EUGH. I made a typo in the lint command. The actual tests pass though. I'll push a fix.

(Travis isn't giving a single fu*k about our tests apparently)

I think it's because Travis limits the number of jobs for each organisation not repo, so there's some other job being run on behalf of @kubernetes-incubator that is blocking us. FFS.

Oh goddammit. go vet changed their output format between Go releases. Why are lint tests breaking things...

🎉 The tests are green! 🦎 💚

Merging.

@cyphar Yay 🎉

🎉

Does this help our k8s test matrix?