From e96d2a5d90f56289a29675bf55d65644a7f08c57 Mon Sep 17 00:00:00 2001 From: Mike Brown Date: Mon, 12 Apr 2021 10:10:38 -0500 Subject: [PATCH] Revert "remove two very old no longer used runtime options" Signed-off-by: Mike Brown --- docs/cri/config.md | 10 +++++ pkg/cri/config/config.go | 23 +++++++++++ pkg/cri/config/config_test.go | 72 +++++++++++++++++++++++++++++++++++ 3 files changed, 105 insertions(+) diff --git a/docs/cri/config.md b/docs/cri/config.md index 908a913e7..f3fd900b8 100644 --- a/docs/cri/config.md +++ b/docs/cri/config.md @@ -124,6 +124,16 @@ version = 2 # default_runtime_name is the default runtime name to use. default_runtime_name = "runc" + # 'plugins."io.containerd.grpc.v1.cri".containerd.default_runtime' is the runtime to use in containerd. + # DEPRECATED: use `default_runtime_name` and `plugins."io.containerd.grpc.v1.cri".runtimes` instead. + # Remove in containerd 1.4. + [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime] + + # 'plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime' is a runtime to run untrusted workloads on it. + # DEPRECATED: use `untrusted` runtime in `plugins."io.containerd.grpc.v1.cri".runtimes` instead. + # Remove in containerd 1.4. + [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime] + # 'plugins."io.containerd.grpc.v1.cri".containerd.runtimes' is a map from CRI RuntimeHandler strings, which specify types # of runtime configurations, to the matching configurations. # In this example, 'runc' is the RuntimeHandler string to match. diff --git a/pkg/cri/config/config.go b/pkg/cri/config/config.go index b05026db6..395ebb8b5 100644 --- a/pkg/cri/config/config.go +++ b/pkg/cri/config/config.go @@ -64,6 +64,13 @@ type ContainerdConfig struct { Snapshotter string `toml:"snapshotter" json:"snapshotter"` // DefaultRuntimeName is the default runtime name to use from the runtimes table. DefaultRuntimeName string `toml:"default_runtime_name" json:"defaultRuntimeName"` + // DefaultRuntime is the default runtime to use in containerd. + // This runtime is used when no runtime handler (or the empty string) is provided. + // DEPRECATED: use DefaultRuntimeName instead. Remove in containerd 1.4. + DefaultRuntime Runtime `toml:"default_runtime" json:"defaultRuntime"` + // UntrustedWorkloadRuntime is a runtime to run untrusted workloads on it. + // DEPRECATED: use `untrusted` runtime in Runtimes instead. Remove in containerd 1.4. + UntrustedWorkloadRuntime Runtime `toml:"untrusted_workload_runtime" json:"untrustedWorkloadRuntime"` // Runtimes is a map from CRI RuntimeHandler strings, which specify types of runtime // configurations, to the matching configurations. Runtimes map[string]Runtime `toml:"runtimes" json:"runtimes"` @@ -300,6 +307,22 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error { c.ContainerdConfig.Runtimes = make(map[string]Runtime) } + // Validation for deprecated untrusted_workload_runtime. + if c.ContainerdConfig.UntrustedWorkloadRuntime.Type != "" { + log.G(ctx).Warning("`untrusted_workload_runtime` is deprecated, please use `untrusted` runtime in `runtimes` instead") + if _, ok := c.ContainerdConfig.Runtimes[RuntimeUntrusted]; ok { + return errors.Errorf("conflicting definitions: configuration includes both `untrusted_workload_runtime` and `runtimes[%q]`", RuntimeUntrusted) + } + c.ContainerdConfig.Runtimes[RuntimeUntrusted] = c.ContainerdConfig.UntrustedWorkloadRuntime + } + + // Validation for deprecated default_runtime field. + if c.ContainerdConfig.DefaultRuntime.Type != "" { + log.G(ctx).Warning("`default_runtime` is deprecated, please use `default_runtime_name` to reference the default configuration you have defined in `runtimes`") + c.ContainerdConfig.DefaultRuntimeName = RuntimeDefault + c.ContainerdConfig.Runtimes[RuntimeDefault] = c.ContainerdConfig.DefaultRuntime + } + // Validation for default_runtime_name if c.ContainerdConfig.DefaultRuntimeName == "" { return errors.New("`default_runtime_name` is empty") diff --git a/pkg/cri/config/config_test.go b/pkg/cri/config/config_test.go index 12bee966f..16cb8e949 100644 --- a/pkg/cri/config/config_test.go +++ b/pkg/cri/config/config_test.go @@ -31,6 +31,78 @@ func TestValidateConfig(t *testing.T) { expectedErr string expected *PluginConfig }{ + "deprecated untrusted_workload_runtime": { + config: &PluginConfig{ + ContainerdConfig: ContainerdConfig{ + DefaultRuntimeName: RuntimeDefault, + UntrustedWorkloadRuntime: Runtime{ + Type: "untrusted", + }, + Runtimes: map[string]Runtime{ + RuntimeDefault: { + Type: "default", + }, + }, + }, + }, + expected: &PluginConfig{ + ContainerdConfig: ContainerdConfig{ + DefaultRuntimeName: RuntimeDefault, + UntrustedWorkloadRuntime: Runtime{ + Type: "untrusted", + }, + Runtimes: map[string]Runtime{ + RuntimeUntrusted: { + Type: "untrusted", + }, + RuntimeDefault: { + Type: "default", + }, + }, + }, + }, + }, + "both untrusted_workload_runtime and runtime[untrusted]": { + config: &PluginConfig{ + ContainerdConfig: ContainerdConfig{ + DefaultRuntimeName: RuntimeDefault, + UntrustedWorkloadRuntime: Runtime{ + Type: "untrusted-1", + }, + Runtimes: map[string]Runtime{ + RuntimeUntrusted: { + Type: "untrusted-2", + }, + RuntimeDefault: { + Type: "default", + }, + }, + }, + }, + expectedErr: fmt.Sprintf("conflicting definitions: configuration includes both `untrusted_workload_runtime` and `runtimes[%q]`", RuntimeUntrusted), + }, + "deprecated default_runtime": { + config: &PluginConfig{ + ContainerdConfig: ContainerdConfig{ + DefaultRuntime: Runtime{ + Type: "default", + }, + }, + }, + expected: &PluginConfig{ + ContainerdConfig: ContainerdConfig{ + DefaultRuntime: Runtime{ + Type: "default", + }, + DefaultRuntimeName: RuntimeDefault, + Runtimes: map[string]Runtime{ + RuntimeDefault: { + Type: "default", + }, + }, + }, + }, + }, "no default_runtime_name": { config: &PluginConfig{}, expectedErr: "`default_runtime_name` is empty",