app-emulation/containerd: add config file for use during migration

The SystemdCgroup=true setting is incompatible with kubelet
cgroupDriver: cgroupfs. So to prevent kube clusters from failing, we
will be freezing a nodes config.toml during an update. For that purpose,
we install a second configuration file that can then be selected using a
systemd drop-in unit.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>

sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild

@@ -64,4 +64,5 @@ src_install() {
 	systemd_newunit "${FILESDIR}/${PN}-1.0.0.service" "${PN}.service"
 	insinto /usr/share/containerd
 	doins "${FILESDIR}/config.toml"
+	doins "${FILESDIR}/config-cgroupfs.toml"
 }

sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml

@@ -0,0 +1,30 @@
+# persistent data location
+root = "/var/lib/containerd"
+# runtime state information
+state = "/run/containerd"
+# set containerd as a subreaper on linux when it is not running as PID 1
+subreaper = true
+# set containerd's OOM score
+oom_score = -999
+disabled_plugins = []
+
+# grpc configuration
+[grpc]
+address = "/run/containerd/containerd.sock"
+# socket uid
+uid = 0
+# socket gid
+gid = 0
+
+[plugins.linux]
+# shim binary name/path
+shim = "containerd-shim"
+# runtime binary name/path
+runtime = "runc"
+# do not use a shim when starting containers, saves on memory but
+# live restore is not supported
+no_shim = false
+
+# config version 1; version 2 uses full plugin paths
+[plugins.cri.containerd.runtimes.runc.options]
+SystemdCgroup = false

sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml

@@ -24,3 +24,7 @@ runtime = "runc"
 # do not use a shim when starting containers, saves on memory but
 # live restore is not supported
 no_shim = false
+
+# config version 1; version 2 uses full plugin paths
+[plugins.cri.containerd.runtimes.runc.options]
+SystemdCgroup = true