diff --git a/BUILDING.md b/BUILDING.md index ac9a2716f..6ee12f79f 100644 --- a/BUILDING.md +++ b/BUILDING.md @@ -110,7 +110,7 @@ make generate > * `no_cri`: A build tag disables building Kubernetes [CRI](http://blog.kubernetes.io/2016/12/container-runtime-interface-cri-in-kubernetes.html) support into containerd. > See [here](https://github.com/containerd/cri-containerd#build-tags) for build tags of CRI plugin. > * snapshotters (alphabetical order) -> * `no_aufs`: A build tag disables building the aufs snapshot driver. +> * `no_aufs`: A build tag disables building the aufs snapshot driver. (Ignored since containerd v2.0, as the aufs snapshot driver is no longer supported) > * `no_btrfs`: A build tag disables building the Btrfs snapshot driver. > * `no_devmapper`: A build tag disables building the device mapper snapshot driver. > * `no_zfs`: A build tag disables building the ZFS snapshot driver. diff --git a/RELEASES.md b/RELEASES.md index 24e8e8939..bb8292b78 100644 --- a/RELEASES.md +++ b/RELEASES.md @@ -374,7 +374,7 @@ The deprecated features are shown in the following table: | Runtime V1 API and implementation (`io.containerd.runtime.v1.linux`) | containerd v1.4 | containerd v2.0 | Use `io.containerd.runc.v2` | | Runc V1 implementation of Runtime V2 (`io.containerd.runc.v1`) | containerd v1.4 | containerd v2.0 | Use `io.containerd.runc.v2` | | config.toml `version = 1` | containerd v1.5 | containerd v2.0 | Use config.toml `version = 2` | -| Built-in `aufs` snapshotter | containerd v1.5 | containerd v2.0 | Use `overlayfs` snapshotter | +| Built-in `aufs` snapshotter | containerd v1.5 | containerd v2.0 ✅ | Use `overlayfs` snapshotter | | Container label `containerd.io/restart.logpath` | containerd v1.5 | containerd v2.0 | Use `containerd.io/restart.loguri` label | | `cri-containerd-*.tar.gz` release bundles | containerd v1.6 | containerd v2.0 | Use `containerd-*.tar.gz` bundles | | Pulling Schema 1 images (`application/vnd.docker.distribution.manifest.v1+json`) | containerd v1.7 | containerd v2.0 | Use Schema 2 or OCI images | diff --git a/SCOPE.md b/SCOPE.md index 3eb1c55fc..7a1a893a1 100644 --- a/SCOPE.md +++ b/SCOPE.md @@ -36,7 +36,7 @@ The table specifies whether the feature/component is in or out of scope. | Name | Description | In/Out | Reason | |------------------------------|--------------------------------------------------------------------------------------------------------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | execution | Provide an extensible execution layer for executing a container | in | Create,start, stop pause, resume exec, signal, delete | -| cow filesystem | Built in functionality for overlay, aufs, and other copy on write filesystems for containers | in | | +| cow filesystem | Built in functionality for overlay and other copy on write filesystems for containers | in | | | distribution | Having the ability to push and pull images as well as operations on images as a first class API object | in | containerd will fully support the management and retrieval of images | | metrics | container-level metrics, cgroup stats, and OOM events | in | | networking | creation and management of network interfaces | out | Networking will be handled and provided to containerd via higher level systems. | diff --git a/Vagrantfile b/Vagrantfile index 10947b0cc..ceb8c4c05 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -187,7 +187,7 @@ EOF source /etc/profile.d/sh.local set -eux -o pipefail cd ${GOPATH}/src/github.com/containerd/containerd - make BUILDTAGS="seccomp selinux no_aufs no_btrfs no_devmapper no_zfs" binaries install + make BUILDTAGS="seccomp selinux no_btrfs no_devmapper no_zfs" binaries install type containerd containerd --version chcon -v -t container_runtime_exec_t /usr/local/bin/{containerd,containerd-shim*} @@ -282,7 +282,7 @@ EOF cleanup cd ${GOPATH}/src/github.com/containerd/containerd # cri-integration.sh executes containerd from ./bin, not from $PATH . - make BUILDTAGS="seccomp selinux no_aufs no_btrfs no_devmapper no_zfs" binaries bin/cri-integration.test + make BUILDTAGS="seccomp selinux no_btrfs no_devmapper no_zfs" binaries bin/cri-integration.test chcon -v -t container_runtime_exec_t ./bin/{containerd,containerd-shim*} CONTAINERD_RUNTIME=io.containerd.runc.v2 ./script/test/cri-integration.sh cleanup diff --git a/archive/tar_opts_linux.go b/archive/tar_opts_linux.go index f88d826e4..e400dd40e 100644 --- a/archive/tar_opts_linux.go +++ b/archive/tar_opts_linux.go @@ -25,11 +25,6 @@ import ( "golang.org/x/sys/unix" ) -// AufsConvertWhiteout converts whiteout files for aufs. -func AufsConvertWhiteout(_ *tar.Header, _ string) (bool, error) { - return true, nil -} - // OverlayConvertWhiteout converts whiteout files for overlay. func OverlayConvertWhiteout(hdr *tar.Header, path string) (bool, error) { base := filepath.Base(path) diff --git a/cmd/containerd/builtins/aufs_linux.go b/cmd/containerd/builtins/aufs_linux.go deleted file mode 100644 index f655215a3..000000000 --- a/cmd/containerd/builtins/aufs_linux.go +++ /dev/null @@ -1,21 +0,0 @@ -//go:build !no_aufs - -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package builtins - -import _ "github.com/containerd/aufs/plugin" diff --git a/diff/apply/apply_linux.go b/diff/apply/apply_linux.go index 55602db62..dcd269067 100644 --- a/diff/apply/apply_linux.go +++ b/diff/apply/apply_linux.go @@ -51,22 +51,6 @@ func apply(ctx context.Context, mounts []mount.Mount, r io.Reader) error { } _, err = archive.Apply(ctx, path, r, opts...) return err - case len(mounts) == 1 && mounts[0].Type == "aufs": - path, parents, err := getAufsPath(mounts[0].Options) - if err != nil { - if errdefs.IsInvalidArgument(err) { - break - } - return err - } - opts := []archive.ApplyOpt{ - archive.WithConvertWhiteout(archive.AufsConvertWhiteout), - } - if len(parents) > 0 { - opts = append(opts, archive.WithParents(parents)) - } - _, err = archive.Apply(ctx, path, r, opts...) - return err } return mount.WithTempMount(ctx, mounts, func(root string) error { _, err := archive.Apply(ctx, root, r) @@ -91,42 +75,3 @@ func getOverlayPath(options []string) (upper string, lower []string, err error) return } - -// getAufsPath handles options as given by the containerd aufs package only, -// formatted as "br:=rw[:=ro+wh]*" -func getAufsPath(options []string) (upper string, lower []string, err error) { - const ( - sep = ":" - brPrefix = "br:" - rwSuffix = "=rw" - roSuffix = "=ro+wh" - ) - for _, o := range options { - if strings.HasPrefix(o, brPrefix) { - o = strings.TrimPrefix(o, brPrefix) - } else { - continue - } - - for _, b := range strings.Split(o, sep) { - if strings.HasSuffix(b, rwSuffix) { - if upper != "" { - return "", nil, fmt.Errorf("multiple rw branch found: %w", errdefs.ErrInvalidArgument) - } - upper = strings.TrimSuffix(b, rwSuffix) - } else if strings.HasSuffix(b, roSuffix) { - if upper == "" { - return "", nil, fmt.Errorf("rw branch be first: %w", errdefs.ErrInvalidArgument) - } - lower = append(lower, strings.TrimSuffix(b, roSuffix)) - } else { - return "", nil, fmt.Errorf("unhandled aufs suffix: %w", errdefs.ErrInvalidArgument) - } - - } - } - if upper == "" { - return "", nil, fmt.Errorf("rw branch not found: %w", errdefs.ErrInvalidArgument) - } - return -} diff --git a/diff/apply/apply_linux_test.go b/diff/apply/apply_linux_test.go index 731ce0dea..cecc75fe4 100644 --- a/diff/apply/apply_linux_test.go +++ b/diff/apply/apply_linux_test.go @@ -39,41 +39,3 @@ func TestGetOverlayPath(t *testing.T) { t.Fatalf("An error is expected") } } - -func TestGetAufsPath(t *testing.T) { - for _, test := range []struct { - options []string - expectErr bool - }{ - { - options: []string{"random:option", "br:/test/rw=rw:/test/ro=ro+wh"}, - expectErr: false, - }, - { - options: []string{"random:option"}, - expectErr: true, - }, - { - options: []string{"br:/test/ro=ro+wh"}, - expectErr: true, - }, - } { - path, parents, err := getAufsPath(test.options) - if test.expectErr { - if err == nil { - t.Fatalf("An error is expected") - } - continue - } - if err != nil { - t.Fatalf("Get aufs path failed: %v", err) - } - if path != "/test/rw" { - t.Fatalf("Unexpected rw dir: %q", path) - } - if len(parents) != 1 || parents[0] != "/test/ro" { - t.Fatalf("Unexpected parents: %v", parents) - } - - } -} diff --git a/docs/snapshotters/README.md b/docs/snapshotters/README.md index 77bd422ae..c7fd35e7e 100644 --- a/docs/snapshotters/README.md +++ b/docs/snapshotters/README.md @@ -16,7 +16,7 @@ Filesystem-specific: - `devmapper`: ext4/xfs device mapper. See [`devmapper.md`](./devmapper.md). [Deprecated](https://github.com/containerd/containerd/blob/main/RELEASES.md#deprecated-features): -- `aufs`: AUFS. Deprecated since containerd 1.5. Planned to be removed in containerd 2.0. See also https://github.com/containerd/aufs . +- `aufs`: AUFS. Deprecated since containerd 1.5. Removed in containerd 2.0. See also https://github.com/containerd/aufs . ## Non-core snapshotter plugins diff --git a/go.mod b/go.mod index 57140ca7c..8ed0ba662 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,6 @@ require ( github.com/Microsoft/go-winio v0.6.0 github.com/Microsoft/hcsshim v0.10.0-rc.7 github.com/container-orchestrated-devices/container-device-interface v0.5.4 - github.com/containerd/aufs v1.0.0 github.com/containerd/btrfs/v2 v2.0.0 github.com/containerd/cgroups/v3 v3.0.1 github.com/containerd/console v1.0.3 diff --git a/go.sum b/go.sum index 1f98a55cd..3f7b3a096 100644 --- a/go.sum +++ b/go.sum @@ -181,7 +181,6 @@ github.com/container-orchestrated-devices/container-device-interface v0.5.4/go.m github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/aufs v1.0.0 h1:2oeJiwX5HstO7shSrPZjrohJZLzK36wvpdmzDRkL/LY= github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E= github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= diff --git a/integration/client/go.sum b/integration/client/go.sum index df9446f3c..565e3e776 100644 --- a/integration/client/go.sum +++ b/integration/client/go.sum @@ -638,7 +638,6 @@ github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= github.com/container-orchestrated-devices/container-device-interface v0.5.4/go.mod h1:DjE95rfPiiSmG7uVXtg0z6MnPm/Lx4wxKCIts0ZE0vg= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= github.com/containerd/btrfs/v2 v2.0.0/go.mod h1:swkD/7j9HApWpzl8OHfrHNxppPd9l44DFZdF94BUj9k= github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= diff --git a/snapshots/testsuite/testsuite.go b/snapshots/testsuite/testsuite.go index aa84c3945..cd2bfc913 100644 --- a/snapshots/testsuite/testsuite.go +++ b/snapshots/testsuite/testsuite.go @@ -885,9 +885,6 @@ func checkRootPermission(ctx context.Context, t *testing.T, snapshotter snapshot func check128LayersMount(name string) func(ctx context.Context, t *testing.T, snapshotter snapshots.Snapshotter, work string) { return func(ctx context.Context, t *testing.T, snapshotter snapshots.Snapshotter, work string) { - if name == "Aufs" { - t.Skip("aufs tests have issues with whiteouts here on some CI kernels") - } lowestApply := fstest.Apply( fstest.CreateFile("/bottom", []byte("way at the bottom\n"), 0777), fstest.CreateFile("/overwriteme", []byte("FIRST!\n"), 0777), diff --git a/test/build.sh b/test/build.sh index 8e782ecd3..5667f8e6c 100755 --- a/test/build.sh +++ b/test/build.sh @@ -32,7 +32,7 @@ cd "${ROOT}" make clean # Build CRI+CNI release -make BUILDTAGS="seccomp no_aufs no_btrfs no_devmapper no_zfs" cri-cni-release +make BUILDTAGS="seccomp no_btrfs no_devmapper no_zfs" cri-cni-release BUILDDIR=$(mktemp -d) cleanup() { diff --git a/vendor/github.com/containerd/aufs/.golangci.yml b/vendor/github.com/containerd/aufs/.golangci.yml deleted file mode 100644 index 4cef1ca7a..000000000 --- a/vendor/github.com/containerd/aufs/.golangci.yml +++ /dev/null @@ -1,22 +0,0 @@ -linters: - enable: - - structcheck - - varcheck - - staticcheck - - unconvert - - gofmt - - goimports - - golint - - ineffassign - - vet - - unused - - misspell - disable: - - errcheck - -issues: - include: - - EXC0002 - -run: - timeout: 2m diff --git a/vendor/github.com/containerd/aufs/LICENSE b/vendor/github.com/containerd/aufs/LICENSE deleted file mode 100644 index 261eeb9e9..000000000 --- a/vendor/github.com/containerd/aufs/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/containerd/aufs/README.md b/vendor/github.com/containerd/aufs/README.md deleted file mode 100644 index ffcdf6769..000000000 --- a/vendor/github.com/containerd/aufs/README.md +++ /dev/null @@ -1,34 +0,0 @@ -# aufs snapshotter - -[![PkgGoDev](https://pkg.go.dev/badge/github.com/containerd/aufs)](https://pkg.go.dev/github.com/containerd/aufs) -[![Build Status](https://github.com/containerd/aufs/workflows/CI/badge.svg)](https://github.com/containerd/aufs/actions?query=workflow%3ACI) -[![codecov](https://codecov.io/gh/containerd/aufs/branch/master/graph/badge.svg)](https://codecov.io/gh/containerd/aufs) -[![Go Report Card](https://goreportcard.com/badge/github.com/containerd/aufs)](https://goreportcard.com/report/github.com/containerd/aufs) - - -AUFS implementation of the snapshot interface for containerd. - -## Compile - -To compile containerd with aufs support add the import into the `cmd/containerd/builtins_linux.go` file. - -```go -package main - -import ( - _ "github.com/containerd/aufs" - _ "github.com/containerd/containerd/linux" - _ "github.com/containerd/containerd/metrics/cgroups" - _ "github.com/containerd/containerd/snapshot/overlay" -) -``` - -## Project details - -aufs is a containerd sub-project, licensed under the [Apache 2.0 license](./LICENSE). -As a containerd sub-project, you will find the: - * [Project governance](https://github.com/containerd/project/blob/master/GOVERNANCE.md), - * [Maintainers](https://github.com/containerd/project/blob/master/MAINTAINERS), - * and [Contributing guidelines](https://github.com/containerd/project/blob/master/CONTRIBUTING.md) - -information in our [`containerd/project`](https://github.com/containerd/project) repository. diff --git a/vendor/github.com/containerd/aufs/aufs.go b/vendor/github.com/containerd/aufs/aufs.go deleted file mode 100644 index 897418290..000000000 --- a/vendor/github.com/containerd/aufs/aufs.go +++ /dev/null @@ -1,438 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package aufs - -import ( - "bufio" - "context" - "fmt" - "io/ioutil" - "os" - "os/exec" - "path/filepath" - "strings" - "sync" - "syscall" - - "golang.org/x/sys/unix" - - "github.com/containerd/containerd/log" - "github.com/containerd/containerd/mount" - "github.com/containerd/containerd/snapshots" - "github.com/containerd/containerd/snapshots/storage" - "github.com/containerd/continuity/fs" - "github.com/pkg/errors" -) - -var ( - dirperm sync.Once - dirpermEnabled bool -) - -type snapshotter struct { - root string - ms *storage.MetaStore -} - -// New creates a new snapshotter using aufs -func New(root string) (snapshots.Snapshotter, error) { - if err := supported(); err != nil { - return nil, err - } - if err := os.MkdirAll(root, 0700); err != nil { - return nil, err - } - ms, err := storage.NewMetaStore(filepath.Join(root, "metadata.db")) - if err != nil { - return nil, err - } - if err := os.Mkdir(filepath.Join(root, "snapshots"), 0700); err != nil && !os.IsExist(err) { - return nil, err - } - return &snapshotter{ - root: root, - ms: ms, - }, nil -} - -func (o *snapshotter) Stat(ctx context.Context, key string) (snapshots.Info, error) { - ctx, t, err := o.ms.TransactionContext(ctx, false) - if err != nil { - return snapshots.Info{}, err - } - defer t.Rollback() - _, info, _, err := storage.GetInfo(ctx, key) - if err != nil { - return snapshots.Info{}, err - } - return info, nil -} - -func (o *snapshotter) Update(ctx context.Context, info snapshots.Info, fieldpaths ...string) (snapshots.Info, error) { - ctx, t, err := o.ms.TransactionContext(ctx, true) - if err != nil { - return snapshots.Info{}, err - } - info, err = storage.UpdateInfo(ctx, info, fieldpaths...) - if err != nil { - t.Rollback() - return snapshots.Info{}, err - } - if err := t.Commit(); err != nil { - return snapshots.Info{}, err - } - return info, nil -} - -// Usage returns the resources taken by the snapshot identified by key. -// -// For active snapshots, this will scan the usage of directory and may take some time. -// -// For committed snapshots, the value is returned from the metadata database. -func (o *snapshotter) Usage(ctx context.Context, key string) (snapshots.Usage, error) { - ctx, t, err := o.ms.TransactionContext(ctx, false) - if err != nil { - return snapshots.Usage{}, err - } - id, info, usage, err := storage.GetInfo(ctx, key) - if err != nil { - return snapshots.Usage{}, err - } - - upperPath := o.upperPath(id) - t.Rollback() // transaction no longer needed at this point. - - if info.Kind == snapshots.KindActive { - du, err := fs.DiskUsage(ctx, upperPath) - if err != nil { - // TODO(stevvooe): Consider not reporting an error in this case. - return snapshots.Usage{}, err - } - - usage = snapshots.Usage(du) - } - - return usage, nil -} - -func (o *snapshotter) Prepare(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { - return o.createSnapshot(ctx, snapshots.KindActive, key, parent, opts) -} - -func (o *snapshotter) View(ctx context.Context, key, parent string, opts ...snapshots.Opt) ([]mount.Mount, error) { - return o.createSnapshot(ctx, snapshots.KindView, key, parent, opts) -} - -// Mounts returns the mounts for the transaction identified by key. Can be -// called on an read-write or readonly transaction. -// -// This can be used to recover mounts after calling View or Prepare. -func (o *snapshotter) Mounts(ctx context.Context, key string) ([]mount.Mount, error) { - ctx, t, err := o.ms.TransactionContext(ctx, false) - if err != nil { - return nil, err - } - s, err := storage.GetSnapshot(ctx, key) - t.Rollback() - if err != nil { - return nil, errors.Wrap(err, "failed to get active mount") - } - return o.mounts(s), nil -} - -func (o *snapshotter) Commit(ctx context.Context, name, key string, opts ...snapshots.Opt) error { - ctx, t, err := o.ms.TransactionContext(ctx, true) - if err != nil { - return err - } - - defer func() { - if err != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - } - }() - - // grab the existing id - id, _, _, err := storage.GetInfo(ctx, key) - if err != nil { - return err - } - - usage, err := fs.DiskUsage(ctx, o.upperPath(id)) - if err != nil { - return err - } - - if _, err = storage.CommitActive(ctx, key, name, snapshots.Usage(usage), opts...); err != nil { - return errors.Wrap(err, "failed to commit snapshot") - } - return t.Commit() -} - -// Remove abandons the transaction identified by key. All resources -// associated with the key will be removed. -func (o *snapshotter) Remove(ctx context.Context, key string) (err error) { - ctx, t, err := o.ms.TransactionContext(ctx, true) - if err != nil { - return err - } - defer func() { - if err != nil && t != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - } - }() - - id, _, err := storage.Remove(ctx, key) - if err != nil { - return errors.Wrap(err, "failed to remove") - } - - path := filepath.Join(o.root, "snapshots", id) - renamed := filepath.Join(o.root, "snapshots", "rm-"+id) - if err := os.Rename(path, renamed); err != nil { - return errors.Wrap(err, "failed to rename") - } - - err = t.Commit() - t = nil - if err != nil { - if err1 := os.Rename(renamed, path); err1 != nil { - // May cause inconsistent data on disk - log.G(ctx).WithError(err1).WithField("path", renamed).Errorf("Failed to rename after failed commit") - } - return errors.Wrap(err, "failed to commit") - } - if err := os.RemoveAll(renamed); err != nil { - // Must be cleaned up, any "rm-*" could be removed if no active transactions - log.G(ctx).WithError(err).WithField("path", renamed).Warnf("Failed to remove root filesystem") - } - - return nil -} - -// Walk the committed snapshots. -func (o *snapshotter) Walk(ctx context.Context, fn snapshots.WalkFunc, filters ...string) error { - ctx, t, err := o.ms.TransactionContext(ctx, false) - if err != nil { - return err - } - defer t.Rollback() - return storage.WalkInfo(ctx, fn, filters...) -} - -func (o *snapshotter) createSnapshot(ctx context.Context, kind snapshots.Kind, key, parent string, opts []snapshots.Opt) ([]mount.Mount, error) { - var ( - path string - snapshotDir = filepath.Join(o.root, "snapshots") - ) - - td, err := ioutil.TempDir(snapshotDir, "new-") - if err != nil { - return nil, errors.Wrap(err, "failed to create temp dir") - } - defer func() { - if err != nil { - if td != "" { - if err1 := os.RemoveAll(td); err1 != nil { - err = errors.Wrapf(err, "remove failed: %v", err1) - } - } - if path != "" { - if err1 := os.RemoveAll(path); err1 != nil { - err = errors.Wrapf(err, "failed to remove path: %v", err1) - } - } - } - }() - - fs := filepath.Join(td, "fs") - if err = os.MkdirAll(fs, 0755); err != nil { - return nil, err - } - - ctx, t, err := o.ms.TransactionContext(ctx, true) - if err != nil { - return nil, err - } - - s, err := storage.CreateSnapshot(ctx, kind, key, parent, opts...) - if err != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - return nil, errors.Wrap(err, "failed to create active") - } - - if len(s.ParentIDs) > 0 { - st, err := os.Stat(filepath.Join(o.upperPath(s.ParentIDs[0]))) - if err != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - return nil, errors.Wrap(err, "failed to stat parent") - } - - stat := st.Sys().(*syscall.Stat_t) - - if err := os.Lchown(fs, int(stat.Uid), int(stat.Gid)); err != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - return nil, errors.Wrap(err, "failed to chown") - } - } - - path = filepath.Join(snapshotDir, s.ID) - if err = os.Rename(td, path); err != nil { - if rerr := t.Rollback(); rerr != nil { - log.G(ctx).WithError(rerr).Warn("Failure rolling back transaction") - } - return nil, errors.Wrap(err, "failed to rename") - } - td = "" - - if err = t.Commit(); err != nil { - return nil, errors.Wrap(err, "commit failed") - } - - return o.mounts(s), nil -} - -func (o *snapshotter) mounts(s storage.Snapshot) []mount.Mount { - if len(s.ParentIDs) == 0 { - // if we only have one layer/no parents then just return a bind mount - roFlag := "rw" - if s.Kind == snapshots.KindView { - roFlag = "ro" - } - - return []mount.Mount{ - { - Source: o.upperPath(s.ID), - Type: "bind", - Options: []string{ - roFlag, - "rbind", - }, - }, - } - } - - aufsOptions := []string{ - "br", - } - - if s.Kind == snapshots.KindActive { - aufsOptions = append(aufsOptions, - fmt.Sprintf("%s=rw", o.upperPath(s.ID)), - ) - } else if len(s.ParentIDs) == 1 { - return []mount.Mount{ - { - Source: o.upperPath(s.ParentIDs[0]), - Type: "bind", - Options: []string{ - "ro", - "rbind", - }, - }, - } - } - - for i := range s.ParentIDs { - aufsOptions = append(aufsOptions, fmt.Sprintf("%s=ro+wh", o.upperPath(s.ParentIDs[i]))) - } - options := []string{ - "dio", - "xino=/dev/shm/aufs.xino", - } - if useDirperm() { - options = append(options, "dirperm1") - } - - options = append(options, strings.Join(aufsOptions, ":")) - return []mount.Mount{ - { - Type: "aufs", - Source: "none", - Options: options, - }, - } - -} - -func (o *snapshotter) upperPath(id string) string { - return filepath.Join(o.root, "snapshots", id, "fs") -} - -func supported() error { - // modprobe the aufs module before checking - var probeError string - cmd := exec.Command("modprobe", "aufs") - out, err := cmd.CombinedOutput() - if err != nil { - probeError = fmt.Sprintf(" (modprobe aufs failed: %v %q)", err, out) - } - - f, err := os.Open("/proc/filesystems") - if err != nil { - return err - } - defer f.Close() - - s := bufio.NewScanner(f) - for s.Scan() { - if strings.Contains(s.Text(), "aufs") { - return nil - } - } - return errors.Errorf("aufs is not supported" + probeError) -} - -// useDirperm checks dirperm1 mount option can be used with the current -// version of aufs. -func useDirperm() bool { - dirperm.Do(func() { - base, err := ioutil.TempDir("", "docker-aufs-base") - if err != nil { - return - } - defer os.RemoveAll(base) - - union, err := ioutil.TempDir("", "docker-aufs-union") - if err != nil { - return - } - defer os.RemoveAll(union) - - opts := fmt.Sprintf("br:%s,dirperm1,xino=/dev/shm/aufs.xino", base) - if err := unix.Mount("none", union, "aufs", 0, opts); err != nil { - return - } - dirpermEnabled = true - unix.Unmount(union, 0) - }) - return dirpermEnabled -} - -func (o *snapshotter) Close() error { - return o.ms.Close() -} diff --git a/vendor/github.com/containerd/aufs/plugin/plugin.go b/vendor/github.com/containerd/aufs/plugin/plugin.go deleted file mode 100644 index 5ef194a7e..000000000 --- a/vendor/github.com/containerd/aufs/plugin/plugin.go +++ /dev/null @@ -1,60 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package plugin - -import ( - "github.com/containerd/aufs" - "github.com/containerd/containerd/platforms" - "github.com/containerd/containerd/plugin" - "github.com/pkg/errors" -) - -// Config represents configuration for the zfs plugin -type Config struct { - // Root directory for the plugin - RootPath string `toml:"root_path"` -} - -func init() { - plugin.Register(&plugin.Registration{ - Type: plugin.SnapshotPlugin, - ID: "aufs", - Config: &Config{}, - InitFn: func(ic *plugin.InitContext) (interface{}, error) { - ic.Meta.Platforms = append(ic.Meta.Platforms, platforms.DefaultSpec()) - - // get config - config, ok := ic.Config.(*Config) - if !ok { - return nil, errors.New("invalid aufs configuration") - } - - // use default ic.Root as root path if config doesn't have a valid root path - root := ic.Root - if len(config.RootPath) != 0 { - root = config.RootPath - } - ic.Meta.Exports["root"] = root - - snapshotter, err := aufs.New(root) - if err != nil { - return nil, errors.Wrap(plugin.ErrSkipPlugin, err.Error()) - } - return snapshotter, nil - }, - }) -} diff --git a/vendor/modules.txt b/vendor/modules.txt index bd70bb0b8..dd4e6faca 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -81,10 +81,6 @@ github.com/cilium/ebpf/link github.com/container-orchestrated-devices/container-device-interface/internal/multierror github.com/container-orchestrated-devices/container-device-interface/pkg/cdi github.com/container-orchestrated-devices/container-device-interface/specs-go -# github.com/containerd/aufs v1.0.0 -## explicit; go 1.13 -github.com/containerd/aufs -github.com/containerd/aufs/plugin # github.com/containerd/btrfs/v2 v2.0.0 ## explicit; go 1.19 github.com/containerd/btrfs/v2