diff --git a/pkg/cri/annotations/annotations.go b/pkg/cri/annotations/annotations.go index 97f83095e..c8d7ae582 100644 --- a/pkg/cri/annotations/annotations.go +++ b/pkg/cri/annotations/annotations.go @@ -58,6 +58,11 @@ const ( // SandboxNamespace is the name of the namespace of the sandbox (pod) SandboxNamespace = "io.kubernetes.cri.sandbox-namespace" + // SandboxUID is the uid of the sandbox (pod) passed to CRI via RunPodSanbox, + // this field is useful for linking the uid created by the CRI client (e.g. kubelet) + // to the internal Sandbox.ID created by the containerd sandbox service + SandboxUID = "io.kubernetes.cri.sandbox-uid" + // SandboxName is the name of the sandbox (pod) SandboxName = "io.kubernetes.cri.sandbox-name" diff --git a/pkg/cri/sbserver/container_create_linux.go b/pkg/cri/sbserver/container_create_linux.go index da2a1f56f..558eaf962 100644 --- a/pkg/cri/sbserver/container_create_linux.go +++ b/pkg/cri/sbserver/container_create_linux.go @@ -318,6 +318,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/sbserver/container_create_linux_test.go b/pkg/cri/sbserver/container_create_linux_test.go index 88eb28738..985a167b4 100644 --- a/pkg/cri/sbserver/container_create_linux_test.go +++ b/pkg/cri/sbserver/container_create_linux_test.go @@ -181,6 +181,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/sbserver/container_create_windows.go b/pkg/cri/sbserver/container_create_windows.go index 8607b109b..ce7c36806 100644 --- a/pkg/cri/sbserver/container_create_windows.go +++ b/pkg/cri/sbserver/container_create_windows.go @@ -130,6 +130,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/sbserver/container_create_windows_test.go b/pkg/cri/sbserver/container_create_windows_test.go index 2a1e7d954..46fafe128 100644 --- a/pkg/cri/sbserver/container_create_windows_test.go +++ b/pkg/cri/sbserver/container_create_windows_test.go @@ -130,6 +130,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go b/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go index 06116d73f..0845bb12a 100644 --- a/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go +++ b/pkg/cri/sbserver/podsandbox/sandbox_run_linux.go @@ -180,6 +180,7 @@ func (c *Controller) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), ) diff --git a/pkg/cri/sbserver/podsandbox/sandbox_run_linux_test.go b/pkg/cri/sbserver/podsandbox/sandbox_run_linux_test.go index 37f9fcdf4..27996a1a3 100644 --- a/pkg/cri/sbserver/podsandbox/sandbox_run_linux_test.go +++ b/pkg/cri/sbserver/podsandbox/sandbox_run_linux_test.go @@ -78,6 +78,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name") diff --git a/pkg/cri/sbserver/podsandbox/sandbox_run_windows.go b/pkg/cri/sbserver/podsandbox/sandbox_run_windows.go index 877807fab..0dce2c0b3 100644 --- a/pkg/cri/sbserver/podsandbox/sandbox_run_windows.go +++ b/pkg/cri/sbserver/podsandbox/sandbox_run_windows.go @@ -84,6 +84,7 @@ func (c *Controller) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), customopts.WithAnnotation(annotations.WindowsHostProcess, strconv.FormatBool(config.GetWindows().GetSecurityContext().GetHostProcess())), diff --git a/pkg/cri/sbserver/podsandbox/sandbox_run_windows_test.go b/pkg/cri/sbserver/podsandbox/sandbox_run_windows_test.go index 958de454f..7b1779df4 100644 --- a/pkg/cri/sbserver/podsandbox/sandbox_run_windows_test.go +++ b/pkg/cri/sbserver/podsandbox/sandbox_run_windows_test.go @@ -80,6 +80,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name") diff --git a/pkg/cri/server/container_create_linux.go b/pkg/cri/server/container_create_linux.go index ae030e63e..a74bf5d9a 100644 --- a/pkg/cri/server/container_create_linux.go +++ b/pkg/cri/server/container_create_linux.go @@ -318,6 +318,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/server/container_create_linux_test.go b/pkg/cri/server/container_create_linux_test.go index e4d7d0931..8ba7cabb0 100644 --- a/pkg/cri/server/container_create_linux_test.go +++ b/pkg/cri/server/container_create_linux_test.go @@ -181,6 +181,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/server/container_create_windows.go b/pkg/cri/server/container_create_windows.go index a795664c5..bd7ed0fa5 100644 --- a/pkg/cri/server/container_create_windows.go +++ b/pkg/cri/server/container_create_windows.go @@ -130,6 +130,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/server/container_create_windows_test.go b/pkg/cri/server/container_create_windows_test.go index 476d14b7f..684d45bf5 100644 --- a/pkg/cri/server/container_create_windows_test.go +++ b/pkg/cri/server/container_create_windows_test.go @@ -130,6 +130,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/server/sandbox_run_linux.go b/pkg/cri/server/sandbox_run_linux.go index 30d3db0ce..21bbb1baf 100644 --- a/pkg/cri/server/sandbox_run_linux.go +++ b/pkg/cri/server/sandbox_run_linux.go @@ -180,6 +180,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), ) diff --git a/pkg/cri/server/sandbox_run_linux_test.go b/pkg/cri/server/sandbox_run_linux_test.go index 181232473..378136136 100644 --- a/pkg/cri/server/sandbox_run_linux_test.go +++ b/pkg/cri/server/sandbox_run_linux_test.go @@ -78,6 +78,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name") diff --git a/pkg/cri/server/sandbox_run_windows.go b/pkg/cri/server/sandbox_run_windows.go index 2204f7f19..017007f66 100644 --- a/pkg/cri/server/sandbox_run_windows.go +++ b/pkg/cri/server/sandbox_run_windows.go @@ -84,6 +84,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), customopts.WithAnnotation(annotations.WindowsHostProcess, strconv.FormatBool(config.GetWindows().GetSecurityContext().GetHostProcess())), diff --git a/pkg/cri/server/sandbox_run_windows_test.go b/pkg/cri/server/sandbox_run_windows_test.go index 475beefe3..358f2eacb 100644 --- a/pkg/cri/server/sandbox_run_windows_test.go +++ b/pkg/cri/server/sandbox_run_windows_test.go @@ -80,6 +80,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name")