From 8727d0fc6236166d3f334a5a0eba8946aead1a8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Mon, 11 Jan 2021 12:09:41 +0100 Subject: [PATCH 1/2] app-emulation/containerd: Switch to default socket location The upstream socket is under /run/containerd/containerd.sock which many tools like crictl will use by default and diverging causes users to always have to configure a non-default location. Switch to the upstream default while still keeping a symlink so that users are not forced to update their configurations they had to do for the non-default location. This also keeps Docker using the old socket location as an assertion that the symlink works. The state directory is also switch to the default location. --- .../coreos-overlay/app-emulation/containerd/files/config.toml | 4 ++-- .../app-emulation/containerd/files/containerd-1.0.0.service | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml index 8f024ae3c7..9cdd3846f8 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml @@ -1,7 +1,7 @@ # persistent data location root = "/var/lib/containerd" # runtime state information -state = "/run/docker/libcontainerd/containerd" +state = "/run/containerd" # set containerd as a subreaper on linux when it is not running as PID 1 subreaper = true # set containerd's OOM score @@ -10,7 +10,7 @@ disabled_plugins = [] # grpc configuration [grpc] -address = "/run/docker/libcontainerd/docker-containerd.sock" +address = "/run/containerd/containerd.sock" # socket uid uid = 0 # socket gid diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service index 4c8a529e34..670a9b81c6 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service @@ -6,6 +6,8 @@ After=network.target [Service] Delegate=yes Environment=CONTAINERD_CONFIG=/usr/share/containerd/config.toml +ExecStartPre=mkdir -p /run/docker/libcontainerd +ExecStartPre=ln -fs /run/containerd/containerd.sock /run/docker/libcontainerd/docker-containerd.sock ExecStart=/usr/bin/containerd --config ${TORCX_UNPACKDIR}${TORCX_IMAGEDIR}${CONTAINERD_CONFIG} KillMode=process Restart=always From 0b91fe4603787d22f28b4c9f58ae38d2a6915670 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Mon, 11 Jan 2021 12:41:23 +0100 Subject: [PATCH 2/2] app-emulation/containerd: Add upstream service file settings The service file was missing some options from https://github.com/containerd/containerd/blob/master/containerd.service --- .../app-emulation/containerd/files/containerd-1.0.0.service | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service index 670a9b81c6..d5508823e4 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/containerd-1.0.0.service @@ -8,9 +8,12 @@ Delegate=yes Environment=CONTAINERD_CONFIG=/usr/share/containerd/config.toml ExecStartPre=mkdir -p /run/docker/libcontainerd ExecStartPre=ln -fs /run/containerd/containerd.sock /run/docker/libcontainerd/docker-containerd.sock +ExecStartPre=-/sbin/modprobe overlay ExecStart=/usr/bin/containerd --config ${TORCX_UNPACKDIR}${TORCX_IMAGEDIR}${CONTAINERD_CONFIG} KillMode=process +Type=notify Restart=always +RestartSec=5 # (lack of) limits from the upstream docker service unit LimitNOFILE=1048576