From c3cb1cfde82a1509f78f1e1be39844aa842ceb36 Mon Sep 17 00:00:00 2001 From: Lantao Liu Date: Sat, 2 Sep 2017 04:20:42 +0000 Subject: [PATCH 1/3] Revert "Setting containerd shim cgroup same as pod cgroup" This reverts commit 59008c608e90fdc0b57c468489a792bc56fdaa5b. Signed-off-by: Lantao Liu --- pkg/opts/task.go | 22 ---------------------- pkg/server/container_start.go | 8 ++------ pkg/server/sandbox_run.go | 8 ++------ 3 files changed, 4 insertions(+), 34 deletions(-) delete mode 100644 pkg/opts/task.go diff --git a/pkg/opts/task.go b/pkg/opts/task.go deleted file mode 100644 index f2753b559..000000000 --- a/pkg/opts/task.go +++ /dev/null @@ -1,22 +0,0 @@ -package opts - -import ( - "context" - - "github.com/containerd/containerd" - "github.com/containerd/containerd/linux/runcopts" -) - -// WithContainerdShimCgroup returns function that sets the containerd -// shim cgroup path -func WithContainerdShimCgroup(path string) containerd.NewTaskOpts { - return func(_ context.Context, _ *containerd.Client, r *containerd.TaskInfo) error { - r.Options = &runcopts.CreateOptions{ - ShimCgroup: path, - } - return nil - } -} - -//TODO: Since Options is an interface different WithXXX will be needed to set different -// combinations of CreateOptions. diff --git a/pkg/server/container_start.go b/pkg/server/container_start.go index 983a2143e..0d500997e 100644 --- a/pkg/server/container_start.go +++ b/pkg/server/container_start.go @@ -27,7 +27,6 @@ import ( "golang.org/x/net/context" "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime" - criopts "github.com/kubernetes-incubator/cri-containerd/pkg/opts" cio "github.com/kubernetes-incubator/cri-containerd/pkg/server/io" containerstore "github.com/kubernetes-incubator/cri-containerd/pkg/store/container" ) @@ -143,11 +142,8 @@ func (c *criContainerdService) startContainer(ctx context.Context, } return cntr.IO, nil } - var taskOpts []containerd.NewTaskOpts - if cgroup := sandboxConfig.GetLinux().GetCgroupParent(); cgroup != "" { - taskOpts = append(taskOpts, criopts.WithContainerdShimCgroup(cgroup)) - } - task, err := container.NewTask(ctx, ioCreation, taskOpts...) + + task, err := container.NewTask(ctx, ioCreation) if err != nil { return fmt.Errorf("failed to create containerd task: %v", err) } diff --git a/pkg/server/sandbox_run.go b/pkg/server/sandbox_run.go index 2f1302135..3c6607cdd 100644 --- a/pkg/server/sandbox_run.go +++ b/pkg/server/sandbox_run.go @@ -31,7 +31,6 @@ import ( "golang.org/x/sys/unix" "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime" - criopts "github.com/kubernetes-incubator/cri-containerd/pkg/opts" sandboxstore "github.com/kubernetes-incubator/cri-containerd/pkg/store/sandbox" "github.com/kubernetes-incubator/cri-containerd/pkg/util" ) @@ -182,11 +181,7 @@ func (c *criContainerdService) RunPodSandbox(ctx context.Context, r *runtime.Run glog.V(5).Infof("Create sandbox container (id=%q, name=%q).", id, name) // We don't need stdio for sandbox container. - var taskOpts []containerd.NewTaskOpts - if cgroup := config.GetLinux().GetCgroupParent(); cgroup != "" { - taskOpts = append(taskOpts, criopts.WithContainerdShimCgroup(cgroup)) - } - task, err := container.NewTask(ctx, containerd.NullIO, taskOpts...) + task, err := container.NewTask(ctx, containerd.NullIO) if err != nil { return nil, fmt.Errorf("failed to create task for sandbox %q: %v", id, err) } @@ -258,6 +253,7 @@ func (c *criContainerdService) generateSandboxContainerSpec(id string, config *r // When cgroup parent is not set, containerd-shim will create container in a child cgroup // of the cgroup itself is in. // TODO(random-liu): [P2] Set default cgroup path if cgroup parent is not specified. + // Set namespace options. securityContext := config.GetLinux().GetSecurityContext() nsOptions := securityContext.GetNamespaceOptions() From 915f5b0aea6a076be80ba38e17cee4059d5fbf03 Mon Sep 17 00:00:00 2001 From: Jamie Zhuang Date: Sun, 3 Sep 2017 02:53:17 -0400 Subject: [PATCH 2/3] Make sandbox container image configurable Signed-off-by: Jamie Zhuang --- cmd/cri-containerd/cri_containerd.go | 1 + cmd/cri-containerd/options/options.go | 4 ++++ pkg/server/helpers.go | 2 -- pkg/server/service.go | 5 +++-- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/cmd/cri-containerd/cri_containerd.go b/cmd/cri-containerd/cri_containerd.go index 9509c8c6e..6f44aa5f7 100644 --- a/cmd/cri-containerd/cri_containerd.go +++ b/cmd/cri-containerd/cri_containerd.go @@ -54,6 +54,7 @@ func main() { o.StreamServerAddress, o.StreamServerPort, o.CgroupPath, + o.SandboxImage, ) if err != nil { glog.Exitf("Failed to create CRI containerd service %+v: %v", o, err) diff --git a/cmd/cri-containerd/options/options.go b/cmd/cri-containerd/options/options.go index 40d3fe2ba..3a0074963 100644 --- a/cmd/cri-containerd/options/options.go +++ b/cmd/cri-containerd/options/options.go @@ -48,6 +48,8 @@ type CRIContainerdOptions struct { CgroupPath string // EnableSelinux indicates to enable the selinux support EnableSelinux bool + // SandboxImage is the image used by sandbox container. + SandboxImage string } // NewCRIContainerdOptions returns a reference to CRIContainerdOptions @@ -78,6 +80,8 @@ func (c *CRIContainerdOptions) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&c.CgroupPath, "cgroup-path", "", "The cgroup that cri-containerd is part of. By default cri-containerd is not placed in a cgroup") fs.BoolVar(&c.EnableSelinux, "selinux-enabled", false, "Enable selinux support.") + fs.StringVar(&c.SandboxImage, "sandbox-image", + "gcr.io/google_containers/pause:3.0", "The image used by sandbox container.") } // InitFlags must be called after adding all cli options flags are defined and diff --git a/pkg/server/helpers.go b/pkg/server/helpers.go index fe72dafe1..ebeba75fc 100644 --- a/pkg/server/helpers.go +++ b/pkg/server/helpers.go @@ -57,8 +57,6 @@ const ( ) const ( - // defaultSandboxImage is the image used by sandbox container. - defaultSandboxImage = "gcr.io/google_containers/pause:3.0" // defaultSandboxOOMAdj is default omm adj for sandbox container. (kubernetes#47938). defaultSandboxOOMAdj = -998 // defaultSandboxCPUshares is default cpu shares for sandbox container. diff --git a/pkg/server/service.go b/pkg/server/service.go index 5599791e8..fca4e1070 100644 --- a/pkg/server/service.go +++ b/pkg/server/service.go @@ -111,7 +111,8 @@ func NewCRIContainerdService( networkPluginConfDir, streamAddress, streamPort string, - cgroupPath string) (CRIContainerdService, error) { + cgroupPath string, + sandboxImage string) (CRIContainerdService, error) { // TODO(random-liu): [P2] Recover from runtime state and checkpoint. client, err := containerd.New(containerdEndpoint, containerd.WithDefaultNamespace(k8sContainerdNamespace)) @@ -129,7 +130,7 @@ func NewCRIContainerdService( serverAddress: serverAddress, os: osinterface.RealOS{}, rootDir: rootDir, - sandboxImage: defaultSandboxImage, + sandboxImage: sandboxImage, snapshotter: containerdSnapshotter, sandboxStore: sandboxstore.NewStore(), containerStore: containerstore.NewStore(), From 180e2e67afbd4517854109227b8d701ab9838273 Mon Sep 17 00:00:00 2001 From: Yanqiang Miao Date: Sun, 3 Sep 2017 21:42:49 +0800 Subject: [PATCH 3/3] Update cri-o/ocicni fixes #180 Signed-off-by: Yanqiang Miao --- vendor.conf | 2 +- vendor/github.com/cri-o/ocicni/ocicni.go | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/vendor.conf b/vendor.conf index df25187a8..31db6d084 100644 --- a/vendor.conf +++ b/vendor.conf @@ -7,7 +7,7 @@ github.com/containerd/cgroups 7a5fdd8330119dc70d850260db8f3594d89d6943 github.com/coreos/go-systemd d2196463941895ee908e13531a23a39feb9e1243 github.com/containernetworking/cni v0.6.0 github.com/containernetworking/plugins v0.6.0 -github.com/cri-o/ocicni 0f90d35d89e9ab7e972a9edeb36b0aaffa250335 +github.com/cri-o/ocicni 4c2bf6d5198c307f76312f8fc7ef654cfd41d303 github.com/davecgh/go-spew v1.1.0 github.com/docker/distribution b38e5838b7b2f2ad48e06ec4b500011976080621 github.com/docker/docker cc4da8112814cdbb00dbf23370f9ed764383de1f diff --git a/vendor/github.com/cri-o/ocicni/ocicni.go b/vendor/github.com/cri-o/ocicni/ocicni.go index 3729a51f0..3b8b62c6a 100644 --- a/vendor/github.com/cri-o/ocicni/ocicni.go +++ b/vendor/github.com/cri-o/ocicni/ocicni.go @@ -55,9 +55,8 @@ func (plugin *cniNetworkPlugin) monitorNetDir() { } if err = plugin.syncNetworkConfig(); err == nil { - logrus.Debugf("CNI asynchronous setting succeeded") - close(plugin.monitorNetDirChan) - return + logrus.Infof("CNI asynchronous setting succeeded") + continue } logrus.Errorf("CNI setting failed, continue monitoring: %v", err)