script/setup/config-containerd: Use slow_chown

slow_chown is safe to add on all kernels, and when running in old kernels (as some CI distros on purpose are), we want the expensive fallback. Vagrant setup and others use this script to config containerd. This fixes userns tests with runc 1.2.0-rc.2 when running with old kernels. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2024-07-04 18:04:12 +02:00 · 2024-07-04 18:04:12 +02:00 · e1adfaeb92
commit e1adfaeb92
parent 89a2cac377
1 changed files with 9 additions and 0 deletions
--- a/script/setup/config-containerd
+++ b/script/setup/config-containerd
@ -30,6 +30,15 @@ mkdir -p /etc/containerd

 cat << EOF | sudo tee /etc/containerd/config.toml
 version = 2
+
+[plugins."io.containerd.snapshotter.v1.overlayfs"]
+# slow_chown is needed to avoid an error with kernel < 5.19:
+# > "snapshotter \"overlayfs\" doesn't support idmap mounts on this host,
+# > configure \`slow_chown\` to allow a slower and expensive fallback"
+# https://github.com/containerd/containerd/pull/9920#issuecomment-1978901454
+# This is safely ignored for kernel >= 5.19.
+slow_chown = true
+
 [plugins]
  [plugins."io.containerd.grpc.v1.cri"]
    enable_selinux = ${enable_selinux}