Skip to content

Errors will happen when upgrading the libraries #2488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
KateGo520 opened this issue Jun 20, 2020 · 4 comments
Closed

Errors will happen when upgrading the libraries #2488

KateGo520 opened this issue Jun 20, 2020 · 4 comments
Labels
kind/enhancement scope/ECS Agent

Comments

@KateGo520
Copy link

KateGo520 commented Jun 20, 2020
edited
Loading

(The purpose of this report is to alert aws/amazon-ecs-agent to the possible problems when aws/amazon-ecs-agent try to upgrade the following dependencies)

An error will happen when upgrading libraries containerd/cgroups, prometheus/client_golang :

For example----

github.com/containerd/cgroups

-Latest Version: Master branch,latest commit 80c669f (Latest commit 80c669f 10 days ago)
-Where did you use it:
https://github.com/aws/amazon-ecs-agent/search?q=containerd%2Fcgroups&unscoped_q=containerd%2Fcgroups
-Detail:

github.com/containerd/cgroups/go.mod

module github.com/containerd/cgroups
go 1.13
require (
	github.com/coreos/go-systemd/v22 v22.0.0
	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
	github.com/godbus/dbus/v5 v5.0.3
	…
)

github.com/containerd/cgroups/systemd.go

package cgroups
import (
	systemdDbus "github.com/coreos/go-systemd/v22/dbus"
	"github.com/godbus/dbus/v5"
	…
)

This problem was introduced since _containerd/cgroups commit 06e7180 on 21 Dec 2019 _ . If you try to upgrade containerd/cgroups to commit 06e7180 on 21 Dec 2019 and above, you will get an error--- no package exists at "github.com/coreos/go-systemd/v22" and "github.com/godbus/dbus/v5"

Similar issues can also happen when upgrading libraries prometheus/client_golang .

I investigated the libraries' (containerd/cgroups, prometheus/client_golang) release information and found the root cause of this issue is that----

  1. These dependencies all added Go modules in the recent versions.

  2. They all comply with the specification of "Releasing Modules for v2 or higher" available in the Modules documentation. Quoting the specification:

A package that has migrated to Go Modules must include the major version in the import path to reference any v2+ modules. For example, Repo github.com/my/module migrated to Modules on version v3.x.y. Then this repo should declare its module path with MAJOR version suffix "/v3" (e.g., module github.com/my/module/v3), and its downstream project should use "github.com/my/module/v3/mypkg" to import this repo’s package.

  1. This "github.com/my/module/v3/mypkg" is not the physical path. So earlier versions of Go (including those that don't have minimal module awareness) plus all tooling (like dep, glide, govendor, etc) don't have minimal module awareness as of now and therefore don't handle import paths correctly See golang/dep#1962, golang/dep#2139.

Note: creating a new branch is not required. If instead you have been previously releasing on master and would prefer to tag v3.0.0 on master, that is a viable option. (However, be aware that introducing an incompatible API change in master can cause issues for non-modules users who issue a go get -u given the go tool is not aware of semver prior to Go 1.11 or when module mode is not enabled in Go 1.11+).
Pre-existing dependency management solutions such as dep currently can have problems consuming a v2+ module created in this way. See for example dep#1962.
https://github.com/golang/go/wiki/Modules#releasing-modules-v2-or-higher

Solution

1. Migrate to Go Modules.

Go Modules is the general trend of ecosystem, if you want a better upgrade package experience, migrating to Go Modules is a good choice.

Migrate to modules will be accompanied by the introduction of virtual paths(It was discussed above).

This "github.com/my/module/v3/mypkg" is not the physical path. So Go versions older than 1.9.7 and 1.10.3 plus all third-party dependency management tools (like dep, glide, govendor, etc) don't have minimal module awareness as of now and therefore don't handle import paths correctly.

Then the downstream projects might be negatively affected in their building if they are module-unaware (Go versions older than 1.9.7 and 1.10.3; Or use third-party dependency management tools, such as: Dep, glide, govendor…).

2. Maintaining v2+ libraries that use Go Modules in Vendor directories.

If aws/amazon-ecs-agent want to keep using the dependency manage tools (like dep, glide, govendor, etc), and still want to upgrade the dependencies, can choose this fix strategy.
Manually download the dependencies into the vendor directory and do compatibility dispose(materialize the virtual path or delete the virtual part of the path). Avoid fetching the dependencies by virtual import paths. This may add some maintenance overhead compared to using modules.

There are 3 module users downstream, such as aws/amazon-ecs-shim-loggers-for-containerd, awslabs/amazon-ecs-local-container-endpoints, mackerelio/mackerel-container-agent…)
https://github.com/search?q=aws%2Famazon-ecs-agent+filename%3Ago.mod

As the import paths have different meanings between the projects adopting module repos and the non-module repos, materialize the virtual path is a better way to solve the issue, while ensuring compatibility with downstream module users. A textbook example provided by repo github.com/moby/moby is here:
https://github.com/moby/moby/blob/master/VENDORING.md
https://github.com/moby/moby/blob/master/vendor.conf
In the vendor directory, github.com/moby/moby adds the /vN subdirectory in the corresponding dependencies.
This will help more downstream module users to work well with your package.

3. Request upstream to do compatibility processing.

The containerd/cgroups have 156 module-unaware users in github, such as: demonoid81/cri, stefanberger/imgcrypt, OSH-2020/containerd-rvisor…
https://github.com/search?q=containerd%2Fcgroups+filename%3Avendor.conf+filename%3Avendor.json+filename%3Aglide.toml+filename%3AGodep.toml+filename%3AGodep.json&type=Code

Summary

You can make a choice when you meet this DM issues by balancing your own development schedules/mode against the affects on the downstream projects.

For this issue, Solution 1 can maximize your benefits and with minimal impacts to your downstream projects the ecosystem.

References

Do you plan to upgrade the libraries in near future?
Hope this issue report can help you ^_^
Thank you very much for your attention.

Best regards,
Kate
@KateGo520
Copy link
Author

@sparrc @mssrivas Could you help me review this issue? Thx :p

@petderek
Copy link
Contributor

Thanks for bringing this to our attention. We're aware of this and I've opened #2490 to ensure we're tracking this publicly.

Is there something you're trying to do with agent that's being blocked by our migration?

@KateGo520
Copy link
Author

@petderek Thank very much for your reply. This report is a warm prompt for you to prevent or combat this issue. Just let you know the problem if you upgrade this dependency in near future.

I feel happy to see that this report can help you :p
Thanks again.
Kate

@yhlee-aws
Copy link
Contributor

We are working on this, and tracking via #2490. I am going to resolve this as duplicate, please feel free to add any concerns/questions on the tracking issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement scope/ECS Agent
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@petderek @sharanyad @yhlee-aws @KateGo520