From 56e10bb5579f90cd701cc1df7749d4f4755690b8 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Tue, 10 Aug 2021 08:31:01 +0000 Subject: [PATCH] app-emulation/containerd: add config file for use during migration The SystemdCgroup=true setting is incompatible with kubelet cgroupDriver: cgroupfs. So to prevent kube clusters from failing, we will be freezing a nodes config.toml during an update. For that purpose, we install a second configuration file that can then be selected using a systemd drop-in unit. Signed-off-by: Jeremi Piotrowski --- ....5.4.ebuild => containerd-1.5.4-r1.ebuild} | 0 .../containerd/containerd-9999.ebuild | 1 + .../containerd/files/config-cgroupfs.toml | 30 +++++++++++++++++++ .../containerd/files/config.toml | 4 +++ 4 files changed, 35 insertions(+) rename sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/{containerd-1.5.4.ebuild => containerd-1.5.4-r1.ebuild} (100%) create mode 100644 sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.4.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.4-r1.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.4.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.4-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild index 2c7f0e80a6..704ca02b97 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild @@ -64,4 +64,5 @@ src_install() { systemd_newunit "${FILESDIR}/${PN}-1.0.0.service" "${PN}.service" insinto /usr/share/containerd doins "${FILESDIR}/config.toml" + doins "${FILESDIR}/config-cgroupfs.toml" } diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml new file mode 100644 index 0000000000..436edaea13 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml @@ -0,0 +1,30 @@ +# persistent data location +root = "/var/lib/containerd" +# runtime state information +state = "/run/containerd" +# set containerd as a subreaper on linux when it is not running as PID 1 +subreaper = true +# set containerd's OOM score +oom_score = -999 +disabled_plugins = [] + +# grpc configuration +[grpc] +address = "/run/containerd/containerd.sock" +# socket uid +uid = 0 +# socket gid +gid = 0 + +[plugins.linux] +# shim binary name/path +shim = "containerd-shim" +# runtime binary name/path +runtime = "runc" +# do not use a shim when starting containers, saves on memory but +# live restore is not supported +no_shim = false + +# config version 1; version 2 uses full plugin paths +[plugins.cri.containerd.runtimes.runc.options] +SystemdCgroup = false diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml index 9cdd3846f8..ebc9f2335f 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml @@ -24,3 +24,7 @@ runtime = "runc" # do not use a shim when starting containers, saves on memory but # live restore is not supported no_shim = false + +# config version 1; version 2 uses full plugin paths +[plugins.cri.containerd.runtimes.runc.options] +SystemdCgroup = true