From 850584d45b472c7d3e0c48682ee8e44253b548e6 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Mon, 23 Aug 2021 16:19:22 +0000 Subject: [PATCH] app-emulation/containerd: adjust config to prevent runtime_type from being unset The containerd config works in mysterious ways - sometimes it acts hierarchical with respect to the section headers, other times not. In this case, setting runc.options resets all the fields of the runc section, including 'runtime_type'. Having an unset runtime_type causes containerd to fail to spawn containers (but the daemon itself starts succesfully) returning the error: kubelet[13148]: E0823 11:57:17.030551 13148 remote_runtime.go:116] "RunPodSandbox from runtime service failed" err="rpc error: code = InvalidArgument desc = failed to create containerd container: create container failed validation: container.Runtime.Name must be set: invalid argument" Explicitly set the runtime_type in all containerd configs, and bump the config version to 2. Reported as https://github.com/kinvolk/Flatcar/issues/484 Signed-off-by: Jeremi Piotrowski --- ...tainerd-1.5.5.ebuild => containerd-1.5.5-r1.ebuild} | 0 .../containerd/files/config-cgroupfs.toml | 10 +++++++--- .../app-emulation/containerd/files/config.toml | 10 +++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) rename sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/{containerd-1.5.5.ebuild => containerd-1.5.5-r1.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.5.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.5-r1.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.5.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-1.5.5-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml index 436edaea13..e2b6806b14 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config-cgroupfs.toml @@ -1,3 +1,5 @@ +version = 2 + # persistent data location root = "/var/lib/containerd" # runtime state information @@ -16,7 +18,7 @@ uid = 0 # socket gid gid = 0 -[plugins.linux] +[plugins."containerd.runtime.v1.linux"] # shim binary name/path shim = "containerd-shim" # runtime binary name/path @@ -25,6 +27,8 @@ runtime = "runc" # live restore is not supported no_shim = false -# config version 1; version 2 uses full plugin paths -[plugins.cri.containerd.runtimes.runc.options] +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] +# setting runc.options unsets parent settings +runtime_type = "io.containerd.runc.v2" +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = false diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml index ebc9f2335f..b5459b93db 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml @@ -1,3 +1,5 @@ +version = 2 + # persistent data location root = "/var/lib/containerd" # runtime state information @@ -16,7 +18,7 @@ uid = 0 # socket gid gid = 0 -[plugins.linux] +[plugins."containerd.runtime.v1.linux"] # shim binary name/path shim = "containerd-shim" # runtime binary name/path @@ -25,6 +27,8 @@ runtime = "runc" # live restore is not supported no_shim = false -# config version 1; version 2 uses full plugin paths -[plugins.cri.containerd.runtimes.runc.options] +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] +# setting runc.options unsets parent settings +runtime_type = "io.containerd.runc.v2" +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true