Merge pull request #8263 from AkihiroSuda/remove-aufs

Remove `aufs` snapshotter (deprecated since v1.5)

BUILDING.md

@@ -110,7 +110,7 @@ make generate
 > * `no_cri`: A build tag disables building Kubernetes [CRI](http://blog.kubernetes.io/2016/12/container-runtime-interface-cri-in-kubernetes.html) support into containerd.
 > See [here](https://github.com/containerd/cri-containerd#build-tags) for build tags of CRI plugin.
 > * snapshotters (alphabetical order)
->   * `no_aufs`: A build tag disables building the aufs snapshot driver.
+>   * `no_aufs`: A build tag disables building the aufs snapshot driver. (Ignored since containerd v2.0, as the aufs snapshot driver is no longer supported)
 >   * `no_btrfs`: A build tag disables building the Btrfs snapshot driver.
 >   * `no_devmapper`: A build tag disables building the device mapper snapshot driver.
 >   * `no_zfs`: A build tag disables building the ZFS snapshot driver.

RELEASES.md

@@ -374,7 +374,7 @@ The deprecated features are shown in the following table:
 | Runtime V1 API and implementation (`io.containerd.runtime.v1.linux`)             | containerd v1.4     | containerd v2.0            | Use `io.containerd.runc.v2`              |
 | Runc V1 implementation of Runtime V2 (`io.containerd.runc.v1`)                   | containerd v1.4     | containerd v2.0            | Use `io.containerd.runc.v2`              |
 | config.toml `version = 1`                                                        | containerd v1.5     | containerd v2.0            | Use config.toml `version = 2`            |
-| Built-in `aufs` snapshotter                                                      | containerd v1.5     | containerd v2.0            | Use `overlayfs` snapshotter              |
+| Built-in `aufs` snapshotter                                                      | containerd v1.5     | containerd v2.0 ✅         | Use `overlayfs` snapshotter              |
 | Container label `containerd.io/restart.logpath`                                  | containerd v1.5     | containerd v2.0            | Use `containerd.io/restart.loguri` label |
 | `cri-containerd-*.tar.gz` release bundles                                        | containerd v1.6     | containerd v2.0            | Use `containerd-*.tar.gz` bundles        |
 | Pulling Schema 1 images (`application/vnd.docker.distribution.manifest.v1+json`) | containerd v1.7     | containerd v2.0            | Use Schema 2 or OCI images               |

SCOPE.md

@@ -36,7 +36,7 @@ The table specifies whether the feature/component is in or out of scope.
 | Name | Description | In/Out | Reason |
 |------------------------------|--------------------------------------------------------------------------------------------------------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | execution | Provide an extensible execution layer for executing a container | in | Create,start, stop pause, resume exec, signal, delete |
-| cow filesystem | Built in functionality for overlay, aufs, and other copy on write filesystems for containers | in |  |
+| cow filesystem | Built in functionality for overlay and other copy on write filesystems for containers | in |  |
 | distribution | Having the ability to push and pull images as well as operations on images as a first class API object | in | containerd will fully support the management and retrieval of images |
 | metrics | container-level metrics, cgroup stats, and OOM events | in |
 | networking | creation and management of network interfaces | out | Networking will be handled and provided to containerd via higher level systems. |

Vagrantfile

@@ -187,7 +187,7 @@ EOF
         source /etc/profile.d/sh.local
         set -eux -o pipefail
         cd ${GOPATH}/src/github.com/containerd/containerd
-        make BUILDTAGS="seccomp selinux no_aufs no_btrfs no_devmapper no_zfs" binaries install
+        make BUILDTAGS="seccomp selinux no_btrfs no_devmapper no_zfs" binaries install
         type containerd
         containerd --version
         chcon -v -t container_runtime_exec_t /usr/local/bin/{containerd,containerd-shim*}
@@ -282,7 +282,7 @@ EOF
         cleanup
         cd ${GOPATH}/src/github.com/containerd/containerd
         # cri-integration.sh executes containerd from ./bin, not from $PATH .
-        make BUILDTAGS="seccomp selinux no_aufs no_btrfs no_devmapper no_zfs" binaries bin/cri-integration.test
+        make BUILDTAGS="seccomp selinux no_btrfs no_devmapper no_zfs" binaries bin/cri-integration.test
         chcon -v -t container_runtime_exec_t ./bin/{containerd,containerd-shim*}
         CONTAINERD_RUNTIME=io.containerd.runc.v2 ./script/test/cri-integration.sh
         cleanup

archive/tar_opts_linux.go

@@ -25,11 +25,6 @@ import (
 	"golang.org/x/sys/unix"
 )
 
-// AufsConvertWhiteout converts whiteout files for aufs.
-func AufsConvertWhiteout(_ *tar.Header, _ string) (bool, error) {
-	return true, nil
-}
-
 // OverlayConvertWhiteout converts whiteout files for overlay.
 func OverlayConvertWhiteout(hdr *tar.Header, path string) (bool, error) {
 	base := filepath.Base(path)

cmd/containerd/builtins/aufs_linux.go

@@ -1,21 +0,0 @@
-//go:build !no_aufs
-
-/*
-   Copyright The containerd Authors.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package builtins
-
-import _ "github.com/containerd/aufs/plugin"

diff/apply/apply_linux.go

@@ -51,22 +51,6 @@ func apply(ctx context.Context, mounts []mount.Mount, r io.Reader) error {
 		}
 		_, err = archive.Apply(ctx, path, r, opts...)
 		return err
-	case len(mounts) == 1 && mounts[0].Type == "aufs":
-		path, parents, err := getAufsPath(mounts[0].Options)
-		if err != nil {
-			if errdefs.IsInvalidArgument(err) {
-				break
-			}
-			return err
-		}
-		opts := []archive.ApplyOpt{
-			archive.WithConvertWhiteout(archive.AufsConvertWhiteout),
-		}
-		if len(parents) > 0 {
-			opts = append(opts, archive.WithParents(parents))
-		}
-		_, err = archive.Apply(ctx, path, r, opts...)
-		return err
 	}
 	return mount.WithTempMount(ctx, mounts, func(root string) error {
 		_, err := archive.Apply(ctx, root, r)
@@ -91,42 +75,3 @@ func getOverlayPath(options []string) (upper string, lower []string, err error)
 
 	return
 }
-
-// getAufsPath handles options as given by the containerd aufs package only,
-// formatted as "br:<upper>=rw[:<lower>=ro+wh]*"
-func getAufsPath(options []string) (upper string, lower []string, err error) {
-	const (
-		sep      = ":"
-		brPrefix = "br:"
-		rwSuffix = "=rw"
-		roSuffix = "=ro+wh"
-	)
-	for _, o := range options {
-		if strings.HasPrefix(o, brPrefix) {
-			o = strings.TrimPrefix(o, brPrefix)
-		} else {
-			continue
-		}
-
-		for _, b := range strings.Split(o, sep) {
-			if strings.HasSuffix(b, rwSuffix) {
-				if upper != "" {
-					return "", nil, fmt.Errorf("multiple rw branch found: %w", errdefs.ErrInvalidArgument)
-				}
-				upper = strings.TrimSuffix(b, rwSuffix)
-			} else if strings.HasSuffix(b, roSuffix) {
-				if upper == "" {
-					return "", nil, fmt.Errorf("rw branch be first: %w", errdefs.ErrInvalidArgument)
-				}
-				lower = append(lower, strings.TrimSuffix(b, roSuffix))
-			} else {
-				return "", nil, fmt.Errorf("unhandled aufs suffix: %w", errdefs.ErrInvalidArgument)
-			}
-
-		}
-	}
-	if upper == "" {
-		return "", nil, fmt.Errorf("rw branch not found: %w", errdefs.ErrInvalidArgument)
-	}
-	return
-}

diff/apply/apply_linux_test.go

@@ -39,41 +39,3 @@ func TestGetOverlayPath(t *testing.T) {
 		t.Fatalf("An error is expected")
 	}
 }
-
-func TestGetAufsPath(t *testing.T) {
-	for _, test := range []struct {
-		options   []string
-		expectErr bool
-	}{
-		{
-			options:   []string{"random:option", "br:/test/rw=rw:/test/ro=ro+wh"},
-			expectErr: false,
-		},
-		{
-			options:   []string{"random:option"},
-			expectErr: true,
-		},
-		{
-			options:   []string{"br:/test/ro=ro+wh"},
-			expectErr: true,
-		},
-	} {
-		path, parents, err := getAufsPath(test.options)
-		if test.expectErr {
-			if err == nil {
-				t.Fatalf("An error is expected")
-			}
-			continue
-		}
-		if err != nil {
-			t.Fatalf("Get aufs path failed: %v", err)
-		}
-		if path != "/test/rw" {
-			t.Fatalf("Unexpected rw dir: %q", path)
-		}
-		if len(parents) != 1 || parents[0] != "/test/ro" {
-			t.Fatalf("Unexpected parents: %v", parents)
-		}
-
-	}
-}

docs/snapshotters/README.md

@@ -16,7 +16,7 @@ Filesystem-specific:
 - `devmapper`: ext4/xfs device mapper. See [`devmapper.md`](./devmapper.md).
 
 [Deprecated](https://github.com/containerd/containerd/blob/main/RELEASES.md#deprecated-features):
-- `aufs`: AUFS. Deprecated since containerd 1.5. Planned to be removed in containerd 2.0. See also https://github.com/containerd/aufs .
+- `aufs`: AUFS. Deprecated since containerd 1.5. Removed in containerd 2.0. See also https://github.com/containerd/aufs .
 
 ## Non-core snapshotter plugins
 

go.mod

@@ -8,7 +8,6 @@ require (
 	github.com/Microsoft/go-winio v0.6.0
 	github.com/Microsoft/hcsshim v0.10.0-rc.7
 	github.com/container-orchestrated-devices/container-device-interface v0.5.4
-	github.com/containerd/aufs v1.0.0
 	github.com/containerd/btrfs/v2 v2.0.0
 	github.com/containerd/cgroups/v3 v3.0.1
 	github.com/containerd/console v1.0.3

go.sum

@@ -181,7 +181,6 @@ github.com/container-orchestrated-devices/container-device-interface v0.5.4/go.m
 github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
 github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU=
 github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
-github.com/containerd/aufs v1.0.0 h1:2oeJiwX5HstO7shSrPZjrohJZLzK36wvpdmzDRkL/LY=
 github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
 github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E=
 github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss=

integration/client/go.sum

@@ -638,7 +638,6 @@ github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h
 github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
 github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
 github.com/container-orchestrated-devices/container-device-interface v0.5.4/go.mod h1:DjE95rfPiiSmG7uVXtg0z6MnPm/Lx4wxKCIts0ZE0vg=
-github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
 github.com/containerd/btrfs/v2 v2.0.0/go.mod h1:swkD/7j9HApWpzl8OHfrHNxppPd9l44DFZdF94BUj9k=
 github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo=
 github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU=

snapshots/testsuite/testsuite.go

@@ -885,9 +885,6 @@ func checkRootPermission(ctx context.Context, t *testing.T, snapshotter snapshot
 
 func check128LayersMount(name string) func(ctx context.Context, t *testing.T, snapshotter snapshots.Snapshotter, work string) {
 	return func(ctx context.Context, t *testing.T, snapshotter snapshots.Snapshotter, work string) {
-		if name == "Aufs" {
-			t.Skip("aufs tests have issues with whiteouts here on some CI kernels")
-		}
 		lowestApply := fstest.Apply(
 			fstest.CreateFile("/bottom", []byte("way at the bottom\n"), 0777),
 			fstest.CreateFile("/overwriteme", []byte("FIRST!\n"), 0777),

test/build.sh

@@ -32,7 +32,7 @@ cd "${ROOT}"
 make clean
 
 # Build CRI+CNI release
-make BUILDTAGS="seccomp no_aufs no_btrfs no_devmapper no_zfs" cri-cni-release
+make BUILDTAGS="seccomp no_btrfs no_devmapper no_zfs" cri-cni-release
 
 BUILDDIR=$(mktemp -d)
 cleanup() {

vendor/github.com/containerd/aufs/.golangci.yml

@@ -1,22 +0,0 @@
-linters:
-  enable:
-    - structcheck
-    - varcheck
-    - staticcheck
-    - unconvert
-    - gofmt
-    - goimports
-    - golint
-    - ineffassign
-    - vet
-    - unused
-    - misspell
-  disable:
-    - errcheck
-
-issues:
-  include:
-    - EXC0002
-
-run:
-  timeout: 2m

vendor/github.com/containerd/aufs/LICENSE

@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

vendor/github.com/containerd/aufs/README.md

@@ -1,34 +0,0 @@
-# aufs snapshotter
-
-[![PkgGoDev](https://pkg.go.dev/badge/github.com/containerd/aufs)](https://pkg.go.dev/github.com/containerd/aufs)
-[![Build Status](https://github.com/containerd/aufs/workflows/CI/badge.svg)](https://github.com/containerd/aufs/actions?query=workflow%3ACI)
-[![codecov](https://codecov.io/gh/containerd/aufs/branch/master/graph/badge.svg)](https://codecov.io/gh/containerd/aufs)
-[![Go Report Card](https://goreportcard.com/badge/github.com/containerd/aufs)](https://goreportcard.com/report/github.com/containerd/aufs)
-
-
-AUFS implementation of the snapshot interface for containerd.
-
-## Compile
-
-To compile containerd with aufs support add the import into the `cmd/containerd/builtins_linux.go` file.
-
-```go
-package main
-
-import (
-	_ "github.com/containerd/aufs"
-	_ "github.com/containerd/containerd/linux"
-	_ "github.com/containerd/containerd/metrics/cgroups"
-	_ "github.com/containerd/containerd/snapshot/overlay"
-)
-```
-
-## Project details
-
-aufs is a containerd sub-project, licensed under the [Apache 2.0 license](./LICENSE).
-As a containerd sub-project, you will find the:
- * [Project governance](https://github.com/containerd/project/blob/master/GOVERNANCE.md),
- * [Maintainers](https://github.com/containerd/project/blob/master/MAINTAINERS),
- * and [Contributing guidelines](https://github.com/containerd/project/blob/master/CONTRIBUTING.md)
-
-information in our [`containerd/project`](https://github.com/containerd/project) repository.

vendor/github.com/containerd/aufs/aufs.go

@@ -1,438 +0,0 @@
-/*
-   Copyright The containerd Authors.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package aufs
-
-import (
-	"bufio"
-	"context"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"sync"
-	"syscall"
-
-	"golang.org/x/sys/unix"
-
-	"github.com/containerd/containerd/log"
-	"github.com/containerd/containerd/mount"
-	"github.com/containerd/containerd/snapshots"
-	"github.com/containerd/containerd/snapshots/storage"
-	"github.com/containerd/continuity/fs"
-	"github.com/pkg/errors"
-)
-
-var (
-	dirperm        sync.Once
-	dirpermEnabled bool
-)
-
-type snapshotter struct {
-	root string
-	ms   *storage.MetaStore
-}
-
-// New creates a new snapshotter using aufs
-func New(root string) (snapshots.Snapshotter, error) {
-	if err := supported(); err != nil {
-		return nil, err
-	}
-	if err := os.MkdirAll(root, 0700); err != nil {
-		return nil, err
-	}
-	ms, err := storage.NewMetaStore(filepath.Join(root, "metadata.db"))
-	if err != nil {
-		return nil, err
-	}
-	if err := os.Mkdir(filepath.Join(root, "snapshots"), 0700); err != nil && !os.IsExist(err) {
-		return nil, err
-	}
-	return &snapshotter{
-		root: root,
-		ms:   ms,
-	}, nil
-}
-
-func (o *snapshotter) Stat(ctx context.Context, key string) (snapshots.Info, error) {
-	ctx, t, err := o.ms.TransactionContext(ctx, false)
-	if err != nil {
-		return snapshots.Info{}, err
-	}
-	defer t.Rollback()
-	_, info, _, err := storage.GetInfo(ctx, key)
-	if err != nil {
-		return snapshots.Info{}, err
-	}
-	return info, nil
-}
-
-func (o *snapshotter) Update(ctx context.Context, info snapshots.Info, fieldpaths ...string) (snapshots.Info, error) {
-	ctx, t, err := o.ms.TransactionContext(ctx, true)
-	if err != nil {
-		return snapshots.Info{}, err
-	}
-	info, err = storage.UpdateInfo(ctx, info, fieldpaths...)
-	if err != nil {
-		t.Rollback()
-		return snapshots.Info{}, err
-	}
-	if err := t.Commit(); err != nil {
-		return snapshots.Info{}, err
-	}
-	return info, nil
-}
-
-// Usage returns the resources taken by the snapshot identified by key.
-//
-// For active snapshots, this will scan the usage of directory and may take some time.
-//
-// For committed snapshots, the value is returned from the metadata database.
-func (o *snapshotter) Usage(ctx context.Context, key string) (snapshots.Usage, error) {
-	ctx, t, err := o.ms.TransactionContext(ctx, false)
-	if err != nil {
-		return snapshots.Usage{}, err
-	}
-	id, info, usage, err := storage.GetInfo(ctx, key)
-	if err != nil {
-		return snapshots.Usage{}, err
-	}
-
-	upperPath := o.upperPath(id)
-	t.Rollback() // transaction no longer needed at this point.
-
-	if info.Kind == snapshots.KindActive {
-		du, err := fs.DiskUsage(ctx, upperPath)
-		if err != nil {
-			// TODO(stevvooe): Consider not reporting an error in this case.
-			return snapshots.Usage{}, err
-		}
-
-		usage = snapshots.Usage(du)
-	}
-
-	return usage, nil
-}
-
-func (o *snapshotter) Prepare(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) {
-	return o.createSnapshot(ctx, snapshots.KindActive, key, parent, opts)
-}
-
-func (o *snapshotter) View(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) {
-	return o.createSnapshot(ctx, snapshots.KindView, key, parent, opts)
-}
-
-// Mounts returns the mounts for the transaction identified by key. Can be
-// called on an read-write or readonly transaction.
-//
-// This can be used to recover mounts after calling View or Prepare.
-func (o *snapshotter) Mounts(ctx context.Context, key string) ([]mount.Mount, error) {
-	ctx, t, err := o.ms.TransactionContext(ctx, false)
-	if err != nil {
-		return nil, err
-	}
-	s, err := storage.GetSnapshot(ctx, key)
-	t.Rollback()
-	if err != nil {
-		return nil, errors.Wrap(err, "failed to get active mount")
-	}
-	return o.mounts(s), nil
-}
-
-func (o *snapshotter) Commit(ctx context.Context, name, key string, opts ...snapshots.Opt) error {
-	ctx, t, err := o.ms.TransactionContext(ctx, true)
-	if err != nil {
-		return err
-	}
-
-	defer func() {
-		if err != nil {
-			if rerr := t.Rollback(); rerr != nil {
-				log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-			}
-		}
-	}()
-
-	// grab the existing id
-	id, _, _, err := storage.GetInfo(ctx, key)
-	if err != nil {
-		return err
-	}
-
-	usage, err := fs.DiskUsage(ctx, o.upperPath(id))
-	if err != nil {
-		return err
-	}
-
-	if _, err = storage.CommitActive(ctx, key, name, snapshots.Usage(usage), opts...); err != nil {
-		return errors.Wrap(err, "failed to commit snapshot")
-	}
-	return t.Commit()
-}
-
-// Remove abandons the transaction identified by key. All resources
-// associated with the key will be removed.
-func (o *snapshotter) Remove(ctx context.Context, key string) (err error) {
-	ctx, t, err := o.ms.TransactionContext(ctx, true)
-	if err != nil {
-		return err
-	}
-	defer func() {
-		if err != nil && t != nil {
-			if rerr := t.Rollback(); rerr != nil {
-				log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-			}
-		}
-	}()
-
-	id, _, err := storage.Remove(ctx, key)
-	if err != nil {
-		return errors.Wrap(err, "failed to remove")
-	}
-
-	path := filepath.Join(o.root, "snapshots", id)
-	renamed := filepath.Join(o.root, "snapshots", "rm-"+id)
-	if err := os.Rename(path, renamed); err != nil {
-		return errors.Wrap(err, "failed to rename")
-	}
-
-	err = t.Commit()
-	t = nil
-	if err != nil {
-		if err1 := os.Rename(renamed, path); err1 != nil {
-			// May cause inconsistent data on disk
-			log.G(ctx).WithError(err1).WithField("path", renamed).Errorf("Failed to rename after failed commit")
-		}
-		return errors.Wrap(err, "failed to commit")
-	}
-	if err := os.RemoveAll(renamed); err != nil {
-		// Must be cleaned up, any "rm-*" could be removed if no active transactions
-		log.G(ctx).WithError(err).WithField("path", renamed).Warnf("Failed to remove root filesystem")
-	}
-
-	return nil
-}
-
-// Walk the committed snapshots.
-func (o *snapshotter) Walk(ctx context.Context, fn snapshots.WalkFunc, filters ...string) error {
-	ctx, t, err := o.ms.TransactionContext(ctx, false)
-	if err != nil {
-		return err
-	}
-	defer t.Rollback()
-	return storage.WalkInfo(ctx, fn, filters...)
-}
-
-func (o *snapshotter) createSnapshot(ctx context.Context, kind snapshots.Kind, key, parent string, opts []snapshots.Opt) ([]mount.Mount, error) {
-	var (
-		path        string
-		snapshotDir = filepath.Join(o.root, "snapshots")
-	)
-
-	td, err := ioutil.TempDir(snapshotDir, "new-")
-	if err != nil {
-		return nil, errors.Wrap(err, "failed to create temp dir")
-	}
-	defer func() {
-		if err != nil {
-			if td != "" {
-				if err1 := os.RemoveAll(td); err1 != nil {
-					err = errors.Wrapf(err, "remove failed: %v", err1)
-				}
-			}
-			if path != "" {
-				if err1 := os.RemoveAll(path); err1 != nil {
-					err = errors.Wrapf(err, "failed to remove path: %v", err1)
-				}
-			}
-		}
-	}()
-
-	fs := filepath.Join(td, "fs")
-	if err = os.MkdirAll(fs, 0755); err != nil {
-		return nil, err
-	}
-
-	ctx, t, err := o.ms.TransactionContext(ctx, true)
-	if err != nil {
-		return nil, err
-	}
-
-	s, err := storage.CreateSnapshot(ctx, kind, key, parent, opts...)
-	if err != nil {
-		if rerr := t.Rollback(); rerr != nil {
-			log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-		}
-		return nil, errors.Wrap(err, "failed to create active")
-	}
-
-	if len(s.ParentIDs) > 0 {
-		st, err := os.Stat(filepath.Join(o.upperPath(s.ParentIDs[0])))
-		if err != nil {
-			if rerr := t.Rollback(); rerr != nil {
-				log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-			}
-			return nil, errors.Wrap(err, "failed to stat parent")
-		}
-
-		stat := st.Sys().(*syscall.Stat_t)
-
-		if err := os.Lchown(fs, int(stat.Uid), int(stat.Gid)); err != nil {
-			if rerr := t.Rollback(); rerr != nil {
-				log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-			}
-			return nil, errors.Wrap(err, "failed to chown")
-		}
-	}
-
-	path = filepath.Join(snapshotDir, s.ID)
-	if err = os.Rename(td, path); err != nil {
-		if rerr := t.Rollback(); rerr != nil {
-			log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction")
-		}
-		return nil, errors.Wrap(err, "failed to rename")
-	}
-	td = ""
-
-	if err = t.Commit(); err != nil {
-		return nil, errors.Wrap(err, "commit failed")
-	}
-
-	return o.mounts(s), nil
-}
-
-func (o *snapshotter) mounts(s storage.Snapshot) []mount.Mount {
-	if len(s.ParentIDs) == 0 {
-		// if we only have one layer/no parents then just return a bind mount
-		roFlag := "rw"
-		if s.Kind == snapshots.KindView {
-			roFlag = "ro"
-		}
-
-		return []mount.Mount{
-			{
-				Source: o.upperPath(s.ID),
-				Type:   "bind",
-				Options: []string{
-					roFlag,
-					"rbind",
-				},
-			},
-		}
-	}
-
-	aufsOptions := []string{
-		"br",
-	}
-
-	if s.Kind == snapshots.KindActive {
-		aufsOptions = append(aufsOptions,
-			fmt.Sprintf("%s=rw", o.upperPath(s.ID)),
-		)
-	} else if len(s.ParentIDs) == 1 {
-		return []mount.Mount{
-			{
-				Source: o.upperPath(s.ParentIDs[0]),
-				Type:   "bind",
-				Options: []string{
-					"ro",
-					"rbind",
-				},
-			},
-		}
-	}
-
-	for i := range s.ParentIDs {
-		aufsOptions = append(aufsOptions, fmt.Sprintf("%s=ro+wh", o.upperPath(s.ParentIDs[i])))
-	}
-	options := []string{
-		"dio",
-		"xino=/dev/shm/aufs.xino",
-	}
-	if useDirperm() {
-		options = append(options, "dirperm1")
-	}
-
-	options = append(options, strings.Join(aufsOptions, ":"))
-	return []mount.Mount{
-		{
-			Type:    "aufs",
-			Source:  "none",
-			Options: options,
-		},
-	}
-
-}
-
-func (o *snapshotter) upperPath(id string) string {
-	return filepath.Join(o.root, "snapshots", id, "fs")
-}
-
-func supported() error {
-	// modprobe the aufs module before checking
-	var probeError string
-	cmd := exec.Command("modprobe", "aufs")
-	out, err := cmd.CombinedOutput()
-	if err != nil {
-		probeError = fmt.Sprintf(" (modprobe aufs failed: %v %q)", err, out)
-	}
-
-	f, err := os.Open("/proc/filesystems")
-	if err != nil {
-		return err
-	}
-	defer f.Close()
-
-	s := bufio.NewScanner(f)
-	for s.Scan() {
-		if strings.Contains(s.Text(), "aufs") {
-			return nil
-		}
-	}
-	return errors.Errorf("aufs is not supported" + probeError)
-}
-
-// useDirperm checks dirperm1 mount option can be used with the current
-// version of aufs.
-func useDirperm() bool {
-	dirperm.Do(func() {
-		base, err := ioutil.TempDir("", "docker-aufs-base")
-		if err != nil {
-			return
-		}
-		defer os.RemoveAll(base)
-
-		union, err := ioutil.TempDir("", "docker-aufs-union")
-		if err != nil {
-			return
-		}
-		defer os.RemoveAll(union)
-
-		opts := fmt.Sprintf("br:%s,dirperm1,xino=/dev/shm/aufs.xino", base)
-		if err := unix.Mount("none", union, "aufs", 0, opts); err != nil {
-			return
-		}
-		dirpermEnabled = true
-		unix.Unmount(union, 0)
-	})
-	return dirpermEnabled
-}
-
-func (o *snapshotter) Close() error {
-	return o.ms.Close()
-}

vendor/github.com/containerd/aufs/plugin/plugin.go

@@ -1,60 +0,0 @@
-/*
-   Copyright The containerd Authors.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package plugin
-
-import (
-	"github.com/containerd/aufs"
-	"github.com/containerd/containerd/platforms"
-	"github.com/containerd/containerd/plugin"
-	"github.com/pkg/errors"
-)
-
-// Config represents configuration for the zfs plugin
-type Config struct {
-	// Root directory for the plugin
-	RootPath string `toml:"root_path"`
-}
-
-func init() {
-	plugin.Register(&plugin.Registration{
-		Type:   plugin.SnapshotPlugin,
-		ID:     "aufs",
-		Config: &Config{},
-		InitFn: func(ic *plugin.InitContext) (interface{}, error) {
-			ic.Meta.Platforms = append(ic.Meta.Platforms, platforms.DefaultSpec())
-
-			// get config
-			config, ok := ic.Config.(*Config)
-			if !ok {
-				return nil, errors.New("invalid aufs configuration")
-			}
-
-			// use default ic.Root as root path if config doesn't have a valid root path
-			root := ic.Root
-			if len(config.RootPath) != 0 {
-				root = config.RootPath
-			}
-			ic.Meta.Exports["root"] = root
-
-			snapshotter, err := aufs.New(root)
-			if err != nil {
-				return nil, errors.Wrap(plugin.ErrSkipPlugin, err.Error())
-			}
-			return snapshotter, nil
-		},
-	})
-}

vendor/modules.txt

@@ -81,10 +81,6 @@ github.com/cilium/ebpf/link
 github.com/container-orchestrated-devices/container-device-interface/internal/multierror
 github.com/container-orchestrated-devices/container-device-interface/pkg/cdi
 github.com/container-orchestrated-devices/container-device-interface/specs-go
-# github.com/containerd/aufs v1.0.0
-## explicit; go 1.13
-github.com/containerd/aufs
-github.com/containerd/aufs/plugin
 # github.com/containerd/btrfs/v2 v2.0.0
 ## explicit; go 1.19
 github.com/containerd/btrfs/v2