diff --git a/Dockerfile b/Dockerfile index f8aeceafe..a55175830 100644 --- a/Dockerfile +++ b/Dockerfile @@ -352,12 +352,14 @@ COPY --from=machined-build-amd64 /machined /rootfs/sbin/init # symlinks to avoid accidentally cleaning them up. COPY ./hack/cleanup.sh /toolchain/bin/cleanup.sh RUN cleanup.sh /rootfs -COPY --chmod=0644 hack/containerd.toml /rootfs/etc/cri/containerd.toml +COPY --chmod=0644 hack/containerd.toml /rootfs/etc/containerd/config.toml +COPY --chmod=0644 hack/cri-containerd.toml /rootfs/etc/cri/containerd.toml RUN touch /rootfs/etc/resolv.conf RUN touch /rootfs/etc/hosts RUN touch /rootfs/etc/os-release -RUN mkdir -pv /rootfs/{boot,usr/local/share,mnt,system} -RUN mkdir -pv /rootfs/{etc/kubernetes/manifests,etc/cni,usr/libexec/kubernetes} +RUN mkdir -pv /rootfs/{boot,usr/local/share,mnt,system,opt} +RUN mkdir -pv /rootfs/{etc/kubernetes/manifests,etc/cni/net.d,usr/libexec/kubernetes} +RUN mkdir -pv /rootfs/opt/{containerd/bin,containerd/lib} RUN ln -s /etc/ssl /rootfs/etc/pki RUN ln -s /etc/ssl /rootfs/usr/share/ca-certificates RUN ln -s /etc/ssl /rootfs/usr/local/share/ca-certificates @@ -394,12 +396,14 @@ COPY --from=machined-build-arm64 /machined /rootfs/sbin/init # symlinks to avoid accidentally cleaning them up. COPY ./hack/cleanup.sh /toolchain/bin/cleanup.sh RUN cleanup.sh /rootfs -COPY --chmod=0644 hack/containerd.toml /rootfs/etc/cri/containerd.toml +COPY --chmod=0644 hack/containerd.toml /rootfs/etc/containerd/containerd.toml +COPY --chmod=0644 hack/cri-containerd.toml /rootfs/etc/cri/containerd.toml RUN touch /rootfs/etc/resolv.conf RUN touch /rootfs/etc/hosts RUN touch /rootfs/etc/os-release -RUN mkdir -pv /rootfs/{boot,usr/local/share,mnt,system} -RUN mkdir -pv /rootfs/{etc/kubernetes/manifests,etc/cni,usr/libexec/kubernetes} +RUN mkdir -pv /rootfs/{boot,usr/local/share,mnt,system,opt} +RUN mkdir -pv /rootfs/{etc/kubernetes/manifests,etc/cni/net.d,usr/libexec/kubernetes} +RUN mkdir -pv /rootfs/opt/{containerd/bin,containerd/lib} RUN ln -s /etc/ssl /rootfs/etc/pki RUN ln -s /etc/ssl /rootfs/usr/share/ca-certificates RUN ln -s /etc/ssl /rootfs/usr/local/share/ca-certificates diff --git a/hack/containerd.toml b/hack/containerd.toml index 86596485f..f26fccba2 100644 --- a/hack/containerd.toml +++ b/hack/containerd.toml @@ -1,12 +1,10 @@ version = 2 -disabled_plugins = ["io.containerd.snapshotter.v1.aufs", "io.containerd.v1.zfs", "io.containerd.snapshotter.v1.zfs", "io.containerd.v1.devmapper", "io.containerd.snapshotter.v1.devmapper", "io.containerd.snapshotter.v1.btrfs"] - -imports = ["/var/cri/conf.d/*.toml"] +disabled_plugins = [ + "io.containerd.grpc.v1.cri", + "io.containerd.internal.v1.opt", +] [debug] level = "info" format = "json" - -[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - runtime_type = "io.containerd.runc.v2" diff --git a/hack/cri-containerd.toml b/hack/cri-containerd.toml new file mode 100644 index 000000000..e494c8ab8 --- /dev/null +++ b/hack/cri-containerd.toml @@ -0,0 +1,12 @@ +version = 2 + +disabled_plugins = [] + +imports = ["/var/cri/conf.d/*.toml"] + +[debug] +level = "info" +format = "json" + +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + runtime_type = "io.containerd.runc.v2" diff --git a/internal/app/machined/pkg/system/services/containerd.go b/internal/app/machined/pkg/system/services/containerd.go index f2b4bb5a0..a1c1bd9cf 100644 --- a/internal/app/machined/pkg/system/services/containerd.go +++ b/internal/app/machined/pkg/system/services/containerd.go @@ -58,9 +58,12 @@ func (c *Containerd) Runner(r runtime.Runtime) (runner.Runner, error) { ID: c.ID(r), ProcessArgs: []string{ "/bin/containerd", - "--address", constants.SystemContainerdAddress, - "--state", filepath.Join(constants.SystemRunPath, "containerd"), - "--root", filepath.Join(constants.SystemVarPath, "lib", "containerd"), + "--address", + constants.SystemContainerdAddress, + "--state", + filepath.Join(constants.SystemRunPath, "containerd"), + "--root", + filepath.Join(constants.SystemVarPath, "lib", "containerd"), }, }