fix(bootstrap): add no-progress timeout to image build#1109
Open
laitingsheng wants to merge 3 commits intoNVIDIA:mainfrom
Open
fix(bootstrap): add no-progress timeout to image build#1109laitingsheng wants to merge 3 commits intoNVIDIA:mainfrom
laitingsheng wants to merge 3 commits intoNVIDIA:mainfrom
Conversation
bollard's build_image() stream relays Docker build progress, but stream.next() blocks indefinitely when the underlying builder deadlocks (commonly seen on macOS Colima with the default 2 vCPU / 2 GiB allocation). The build hangs with no error, no timeout, and openshell sandbox create waits forever for output that never arrives. Wrap each stream.next() in tokio::time::timeout (default 30 min, override via OPENSHELL_BUILD_NO_PROGRESS_TIMEOUT_SECS). On expiry, abort with a diagnostic that points at the likely root cause (under-provisioned runtime) and the docker info NCPU/MemTotal fields the user should check, plus the env var to relax the threshold for legitimate quiet builds. Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
…Dockerfile build flow Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
OPENSHELL_BUILD_NO_PROGRESS_TIMEOUT_SECS=0 previously parsed cleanly into Duration::from_secs(0), making every build fail immediately with "produced no output for 0s". Filter zero alongside non-numeric values so it falls back to the default. Signed-off-by: Tinson Lai <tinsonl@nvidia.com>
laitingsheng
force-pushed
the
fix/build-no-progress-timeout
branch
from
35864cf to
a19bda8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Wrap bollard's
build_image()stream poll intokio::time::timeoutso a deadlocked Docker builder no longer hangsopenshell sandbox create --from <Dockerfile>indefinitely. On macOS Colima with the default 2 vCPU / 2 GiB allocation, BuildKit reliably deadlocks partway through a multi-step build and the stream stops emitting events; without a timeout the caller waits forever for output that never arrives. The default threshold is 30 minutes, overridable viaOPENSHELL_BUILD_NO_PROGRESS_TIMEOUT_SECS.Related Issue
Refs NVIDIA/NemoClaw#2514 (sub-issue C: BuildKit deadlock has no timeout,
openshell sandbox createwaits forever).Changes
crates/openshell-bootstrap/src/build.rs:DEFAULT_BUILD_NO_PROGRESS_TIMEOUT_SECS = 1800constant with a docstring covering the rationale (deadlock detection vs. headroom for legitimately quietRUNsteps, override env var for both directions).while let Some(result) = stream.next().awaitloop with aloop { match timeout(...).await { ... } }form. OnErr(Elapsed)the function returns amietteerror that names the threshold, points atdocker infoNCPU/MemTotal as the likely root cause, and tells the user how to relax the threshold if a legitimate build step is just quiet.connect_local_for_large_transfers()pattern indocker.rs:36-42forOPENSHELL_DOCKER_TIMEOUT_SECS).OPENSHELL_BUILD_NO_PROGRESS_TIMEOUT_SECS=0) so they fall back to the default instead of failing every build at 0s.architecture/sandbox-custom-containers.md: documents the new env var alongside the existing Dockerfile build-flow description.Testing
mise run pre-commitpassesChecklist