bug#55936: [PATCH] services: docker: Fix race condition.

[Oleg Pykhalov]

Fixes <https://issues.guix.gnu.org/38432>.

* gnu/packages/patches/containerd-create-pid-file.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add this.
* gnu/packages/docker.scm (containerd)[source]: Add this patch.
* gnu/services/docker.scm
(containerd-shepherd-service): Add #:pid-file and #:pid-file-timeout.
* gnu/services/docker.scm (docker-shepherd-service): Add --containerd flag.
---
 gnu/local.mk                                  |  3 +-
 gnu/packages/docker.scm                       |  6 ++--
 .../patches/containerd-create-pid-file.patch  | 31 +++++++++++++++++++
 gnu/services/docker.scm                       |  5 ++-
 4 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100644 gnu/packages/patches/containerd-create-pid-file.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 3a56ad371d..5cd235286c 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -17,7 +17,7 @@
 # Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
 # Copyright © 2017, 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
 # Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
-# Copyright © 2018, 2019, 2020, 2021 Oleg Pykhalov <go.wigust@gmail.com>
+# Copyright © 2018, 2019, 2020, 2021, 2022 Oleg Pykhalov <go.wigust@gmail.com>
 # Copyright © 2018 Stefan Stefanović <stefanx2ovic@gmail.com>
 # Copyright © 2018, 2020, 2021, 2022 Maxim Cournoyer 
<maxim.cournoyer@gmail.com>
 # Copyright © 2019, 2020, 2021, 2022 Guillaume Le Vaillant <glv@posteo.net>
@@ -965,6 +965,7 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/cmh-support-fplll.patch                 \
   %D%/packages/patches/coda-use-system-libs.patch              \
   %D%/packages/patches/collectd-5.11.0-noinstallvar.patch              \
+  %D%/packages/patches/containerd-create-pid-file.patch                \
   %D%/packages/patches/combinatorial-blas-awpm.patch           \
   %D%/packages/patches/combinatorial-blas-io-fix.patch         \
   %D%/packages/patches/cool-retro-term-wctype.patch            \
diff --git a/gnu/packages/docker.scm b/gnu/packages/docker.scm
index ae4ee419af..184280b38f 100644
--- a/gnu/packages/docker.scm
+++ b/gnu/packages/docker.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2020 Michael Rohleder <mike@rohleder.de>
 ;;; Copyright © 2020 Katherine Cox-Buday <cox.katherine.e@gmail.com>
 ;;; Copyright © 2020 Jesse Dowell <jessedowell@gmail.com>
-;;; Copyright © 2021 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2021, 2022 Oleg Pykhalov <go.wigust@gmail.com>
 ;;; Copyright © 2022 Pierre Langlois <pierre.langlois@gmx.com>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -184,7 +184,9 @@ (define-public containerd
              (commit (string-append "v" version))))
        (file-name (git-file-name name version))
        (sha256
-        (base32 "1vsl747i3wyy68j4lp4nprwxadbyga8qxlrk892afcd2990zp5mr"))))
+        (base32 "1vsl747i3wyy68j4lp4nprwxadbyga8qxlrk892afcd2990zp5mr"))
+       (patches
+        (search-patches "containerd-create-pid-file.patch"))))
     (build-system go-build-system)
     (arguments
      (let ((make-flags #~(list (string-append "VERSION=" #$version)
diff --git a/gnu/packages/patches/containerd-create-pid-file.patch 
b/gnu/packages/patches/containerd-create-pid-file.patch
new file mode 100644
index 0000000000..668ffcd9e9
--- /dev/null
+++ b/gnu/packages/patches/containerd-create-pid-file.patch
@@ -0,0 +1,31 @@
+Copyright © 2022 Oleg Pykhalov <go.wigust@gmail.com>
+
+Create a PID file after containerd is ready to serve requests.
+
+Fixes <https://issues.guix.gnu.org/38432>.
+
+--- a/cmd/containerd/command/notify_linux.go   1970-01-01 03:00:01.000000000 
+0300
++++ b/cmd/containerd/command/notify_linux.go   2022-07-02 04:42:35.553753495 
+0300
+@@ -22,15 +22,22 @@
+       sd "github.com/coreos/go-systemd/v22/daemon"
+ 
+       "github.com/containerd/containerd/log"
++
++      "os"
++      "strconv"
+ )
+ 
+ // notifyReady notifies systemd that the daemon is ready to serve requests
+ func notifyReady(ctx context.Context) error {
++      pidFile, _ := os.Create("/run/containerd/containerd.pid")
++      defer pidFile.Close()
++      pidFile.WriteString(strconv.FormatInt(int64(os.Getpid()), 10))
+       return sdNotify(ctx, sd.SdNotifyReady)
+ }
+ 
+ // notifyStopping notifies systemd that the daemon is about to be stopped
+ func notifyStopping(ctx context.Context) error {
++      os.Remove("/run/containerd/containerd.pid")
+       return sdNotify(ctx, sd.SdNotifyStopping)
+ }
+ 
diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 846ebe8334..741bab5a8c 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -98,6 +98,8 @@ (define (containerd-shepherd-service config)
                      ;; For finding containerd-shim binary.
                      #:environment-variables
                      (list (string-append "PATH=" #$containerd "/bin"))
+                     #:pid-file "/run/containerd/containerd.pid"
+                     #:pid-file-timeout 300
                      #:log-file "/var/log/containerd.log"))
            (stop #~(make-kill-destructor)))))
 
@@ -135,7 +137,8 @@ (define (docker-shepherd-service config)
                                   '("--userland-proxy=false"))
                            (if #$enable-iptables?
                                "--iptables"
-                               "--iptables=false"))
+                               "--iptables=false")
+                           "--containerd" "/run/containerd/containerd.sock")
                      #:environment-variables
                      (list #$@environment-variables)
                      #:pid-file "/var/run/docker.pid"
-- 
2.36.0