Merge pull request #639 from Random-Liu/remove-standalone-mode

Remove standalone mode

pkg/config/config.go

@@ -0,0 +1,127 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package config
+
+import "github.com/containerd/containerd"
+
+// ContainerdConfig contains toml config related to containerd
+type ContainerdConfig struct {
+	// Snapshotter is the snapshotter used by containerd.
+	Snapshotter string `toml:"snapshotter" json:"snapshotter,omitempty"`
+	// Runtime is the runtime to use in containerd. We may support
+	// other runtimes in the future.
+	Runtime string `toml:"runtime" json:"runtime,omitempty"`
+	// RuntimeEngine is the name of the runtime engine used by containerd.
+	// Containerd default should be "runc"
+	// We may support other runtime engines in the future.
+	RuntimeEngine string `toml:"runtime_engine" json:"runtimeEngine,omitempty"`
+	// RuntimeRoot is the directory used by containerd for runtime state.
+	// Containerd default should be "/run/containerd/runc"
+	RuntimeRoot string `toml:"runtime_root" json:"runtimeRoot,omitempty"`
+}
+
+// CniConfig contains toml config related to cni
+type CniConfig struct {
+	// NetworkPluginBinDir is the directory in which the binaries for the plugin is kept.
+	NetworkPluginBinDir string `toml:"bin_dir" json:"binDir,omitempty"`
+	// NetworkPluginConfDir is the directory in which the admin places a CNI conf.
+	NetworkPluginConfDir string `toml:"conf_dir" json:"confDir,omitempty"`
+}
+
+// Mirror contains the config related to the registry mirror
+type Mirror struct {
+	// Endpoints are endpoints for a namespace. CRI plugin will try the endpoints
+	// one by one until a working one is found.
+	Endpoints []string `toml:"endpoint" json:"endpoint,omitempty"`
+	// TODO (Abhi) We might need to add auth per namespace. Looks like
+	// image auth information is passed by kube itself.
+}
+
+// Registry is registry settings configured
+type Registry struct {
+	// Mirrors are namespace to mirror mapping for all namespaces.
+	Mirrors map[string]Mirror `toml:"mirrors" json:"mirrors,omitempty"`
+}
+
+// PluginConfig contains toml config related to CRI plugin,
+// it is a subset of Config.
+type PluginConfig struct {
+	// ContainerdConfig contains config related to containerd
+	ContainerdConfig `toml:"containerd" json:"containerd,omitempty"`
+	// CniConfig contains config related to cni
+	CniConfig `toml:"cni" json:"cni,omitempty"`
+	// Registry contains config related to the registry
+	Registry `toml:"registry" json:"registry,omitempty"`
+	// StreamServerAddress is the ip address streaming server is listening on.
+	StreamServerAddress string `toml:"stream_server_address" json:"streamServerAddress,omitempty"`
+	// StreamServerPort is the port streaming server is listening on.
+	StreamServerPort string `toml:"stream_server_port" json:"streamServerPort,omitempty"`
+	// EnableSelinux indicates to enable the selinux support.
+	EnableSelinux bool `toml:"enable_selinux" json:"enableSelinux,omitempty"`
+	// SandboxImage is the image used by sandbox container.
+	SandboxImage string `toml:"sandbox_image" json:"sandboxImage,omitempty"`
+	// StatsCollectPeriod is the period (in seconds) of snapshots stats collection.
+	StatsCollectPeriod int `toml:"stats_collect_period" json:"statsCollectPeriod,omitempty"`
+	// SystemdCgroup enables systemd cgroup support.
+	SystemdCgroup bool `toml:"systemd_cgroup" json:"systemdCgroup,omitempty"`
+	// EnableIPv6DAD enables IPv6 DAD.
+	// TODO(random-liu): Use optimistic_dad when it's GA.
+	EnableIPv6DAD bool `toml:"enable_ipv6_dad" json:"enableIPv6DAD,omitempty"`
+}
+
+// Config contains all configurations for cri server.
+type Config struct {
+	// PluginConfig is the config for CRI plugin.
+	PluginConfig
+	// ContainerdRootDir is the root directory path for containerd.
+	ContainerdRootDir string `json:"containerdRootDir,omitempty"`
+	// ContainerdEndpoint is the containerd endpoint path.
+	ContainerdEndpoint string `json:"containerdEndpoint,omitempty"`
+	// RootDir is the root directory path for managing cri-containerd files
+	// (metadata checkpoint etc.)
+	RootDir string `json:"rootDir,omitempty"`
+}
+
+// DefaultConfig returns default configurations of cri plugin.
+func DefaultConfig() PluginConfig {
+	return PluginConfig{
+		CniConfig: CniConfig{
+			NetworkPluginBinDir:  "/opt/cni/bin",
+			NetworkPluginConfDir: "/etc/cni/net.d",
+		},
+		ContainerdConfig: ContainerdConfig{
+			Snapshotter:   containerd.DefaultSnapshotter,
+			Runtime:       "io.containerd.runtime.v1.linux",
+			RuntimeEngine: "",
+			RuntimeRoot:   "",
+		},
+		StreamServerAddress: "",
+		StreamServerPort:    "10010",
+		EnableSelinux:       false,
+		SandboxImage:        "gcr.io/google_containers/pause:3.0",
+		StatsCollectPeriod:  10,
+		SystemdCgroup:       false,
+		EnableIPv6DAD:       false,
+		Registry: Registry{
+			Mirrors: map[string]Mirror{
+				"docker.io": {
+					Endpoints: []string{"https://registry-1.docker.io"},
+				},
+			},
+		},
+	}
+}

pkg/server/service.go

@@ -19,10 +19,7 @@ package server
 import (
 	"fmt"
 	"io"
-	"net"
-	"os"
 	"path/filepath"
-	"syscall"
 	"time"
 
 	"github.com/containerd/containerd"
@@ -37,9 +34,9 @@ import (
 	runtime "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/server/streaming"
 
-	"github.com/containerd/cri-containerd/cmd/cri-containerd/options"
 	api "github.com/containerd/cri-containerd/pkg/api/v1"
 	"github.com/containerd/cri-containerd/pkg/atomic"
+	criconfig "github.com/containerd/cri-containerd/pkg/config"
 	osinterface "github.com/containerd/cri-containerd/pkg/os"
 	"github.com/containerd/cri-containerd/pkg/registrar"
 	containerstore "github.com/containerd/cri-containerd/pkg/store/container"
@@ -48,12 +45,8 @@ import (
 	snapshotstore "github.com/containerd/cri-containerd/pkg/store/snapshot"
 )
 
-const (
-	// k8sContainerdNamespace is the namespace we use to connect containerd.
-	k8sContainerdNamespace = "k8s.io"
-	// unixProtocol is the network protocol of unix socket.
-	unixProtocol = "unix"
-)
+// k8sContainerdNamespace is the namespace we use to connect containerd.
+const k8sContainerdNamespace = "k8s.io"
 
 // grpcServices are all the grpc services provided by cri containerd.
 type grpcServices interface {
@@ -64,7 +57,7 @@ type grpcServices interface {
 
 // CRIContainerdService is the interface implement CRI remote service server.
 type CRIContainerdService interface {
-	Run(bool) error
+	Run() error
 	// io.Closer is used by containerd to gracefully stop cri service.
 	io.Closer
 	plugin.Service
@@ -74,15 +67,13 @@ type CRIContainerdService interface {
 // criContainerdService implements CRIContainerdService.
 type criContainerdService struct {
 	// config contains all configurations.
-	config options.Config
+	config criconfig.Config
 	// imageFSPath is the path to image filesystem.
 	imageFSPath string
 	// apparmorEnabled indicates whether apparmor is enabled.
 	apparmorEnabled bool
 	// seccompEnabled indicates whether seccomp is enabled.
 	seccompEnabled bool
-	// server is the grpc server.
-	server *grpc.Server
 	// os is an interface for all required os operations.
 	os osinterface.OS
 	// sandboxStore stores all resources associated with sandboxes.
@@ -113,7 +104,7 @@ type criContainerdService struct {
 }
 
 // NewCRIContainerdService returns a new instance of CRIContainerdService
-func NewCRIContainerdService(config options.Config) (CRIContainerdService, error) {
+func NewCRIContainerdService(config criconfig.Config) (CRIContainerdService, error) {
 	var err error
 	c := &criContainerdService{
 		config:             config,
@@ -153,12 +144,6 @@ func NewCRIContainerdService(config options.Config) (CRIContainerdService, error
 
 	c.eventMonitor = newEventMonitor(c.containerStore, c.sandboxStore)
 
-	// To avoid race condition between `Run` and `Stop`, still create grpc server
-	// although we may not use it. It's just a small in-memory data structure.
-	// TODO(random-liu): Get rid of the grpc server when completely switch
-	// to plugin mode.
-	c.server = grpc.NewServer()
-
 	return c, nil
 }
 
@@ -172,11 +157,8 @@ func (c *criContainerdService) Register(s *grpc.Server) error {
 	return nil
 }
 
-// Run starts the cri-containerd service. startGRPC specifies
-// whether to start grpc server in this function.
-// TODO(random-liu): Remove `startRPC=true` case when we no longer support cri-containerd
-// standalone mode.
-func (c *criContainerdService) Run(startGRPC bool) error {
+// Run starts the cri-containerd service.
+func (c *criContainerdService) Run() error {
 	logrus.Info("Start cri-containerd service")
 
 	// Connect containerd service here, to get rid of the containerd dependency
@@ -226,35 +208,10 @@ func (c *criContainerdService) Run(startGRPC bool) error {
 	// Set the server as initialized. GRPC services could start serving traffic.
 	c.initialized.Set()
 
-	grpcServerCloseCh := make(chan struct{})
-	if startGRPC {
-		// Create the grpc server and register runtime and image services.
-		c.Register(c.server) // nolint: errcheck
-		// Start grpc server.
-		// Unlink to cleanup the previous socket file.
-		logrus.Info("Start grpc server")
-		err := syscall.Unlink(c.config.SocketPath)
-		if err != nil && !os.IsNotExist(err) {
-			return fmt.Errorf("failed to unlink socket file %q: %v", c.config.SocketPath, err)
-		}
-		l, err := net.Listen(unixProtocol, c.config.SocketPath)
-		if err != nil {
-			return fmt.Errorf("failed to listen on %q: %v", c.config.SocketPath, err)
-		}
-		go func() {
-			if err := c.server.Serve(l); err != nil {
-				logrus.WithError(err).Error("Failed to serve grpc request")
-			}
-			close(grpcServerCloseCh)
-		}()
-	}
-	// Keep grpcServerCloseCh open if grpc server is not started.
-
 	// Stop the whole cri-containerd service if any of the critical service exits.
 	select {
 	case <-eventMonitorCloseCh:
 	case <-streamServerCloseCh:
-	case <-grpcServerCloseCh:
 	}
 	if err := c.Close(); err != nil {
 		return fmt.Errorf("failed to stop cri service: %v", err)
@@ -277,11 +234,6 @@ func (c *criContainerdService) Run(startGRPC bool) error {
 	case <-time.After(streamServerStopTimeout):
 		logrus.Errorf("Stream server is not stopped in %q", streamServerStopTimeout)
 	}
-	if startGRPC {
-		// Only wait for grpc server close channel when grpc server is started.
-		<-grpcServerCloseCh
-		logrus.Info("GRPC server stopped")
-	}
 	return nil
 }
 
@@ -293,7 +245,6 @@ func (c *criContainerdService) Close() error {
 	if err := c.streamServer.Stop(); err != nil {
 		return fmt.Errorf("failed to stop stream server: %v", err)
 	}
-	c.server.Stop()
 	return nil
 }
 

pkg/server/service_test.go

@@ -17,7 +17,7 @@ limitations under the License.
 package server
 
 import (
-	"github.com/containerd/cri-containerd/cmd/cri-containerd/options"
+	criconfig "github.com/containerd/cri-containerd/pkg/config"
 	ostesting "github.com/containerd/cri-containerd/pkg/os/testing"
 	"github.com/containerd/cri-containerd/pkg/registrar"
 	servertesting "github.com/containerd/cri-containerd/pkg/server/testing"
@@ -39,9 +39,9 @@ const (
 // newTestCRIContainerdService creates a fake criContainerdService for test.
 func newTestCRIContainerdService() *criContainerdService {
 	return &criContainerdService{
-		config: options.Config{
+		config: criconfig.Config{
 			RootDir: testRootDir,
-			PluginConfig: options.PluginConfig{
+			PluginConfig: criconfig.PluginConfig{
 				SandboxImage: testSandboxImage,
 			},
 		},