When call sandbox controller to create sandbox, we change the param from
sandbox id to total sandbox object to git all information to controller,
so that sandbox controller do not rely on the sandbox store anymore,
this is more decouple for the sandbox controller plugin inside
containerd, and it is neccesary for remote sandbox controller plugins as
it is not able to get sandbox from the sandbox store anymore.
Signed-off-by: Abel Feng <fshb1988@gmail.com>
make containerd extensible to support more sandbox controllers
registered into containerd by config.
we change the default sandbox controller plugin's name from "local" to "shim".
to make sure we can get the controller by the plugin name it registered into
containerd.
Signed-off-by: Abel Feng <fshb1988@gmail.com>
Remove containerd specific parts of the plugin package to prepare its
move out of the main repository. Separate the plugin registration
singleton into a separate package.
Separating out the plugin package and registration makes it easier to
implement external plugins without creating a dependency loop.
Signed-off-by: Derek McGowan <derek@mcg.dev>
The plugins packages defines the plugins used by containerd.
Move all the types and properties to this package.
Signed-off-by: Derek McGowan <derek@mcg.dev>
When a shim process is unexpectedly killed in a way that was not initiated through containerd - containerd reports the pod as not ready but the containers as running. This results in kubelet repeatedly sending container kill requests that fail since containerd cannot connect to the shim.
Changes:
- In the container exit handler, treat `err: Unavailable` as if the container has already exited out
- When attempting to get a connection to the shim, if the controller isn't available assume that the shim has been killed (needs to be done since we have a separate exit handler that cleans up the reference to the shim controller - before kubelet has the chance to call StopPodSandbox)
Signed-off-by: Aditya Ramani <a_ramani@apple.com>
As a follow up change to adding a SandboxMetrics rpc to the core
sandbox service, the controller needed a corresponding rpc for CRI
and others to eventually implement.
This leaves the CRI (non-shim mode) controller unimplemented just to
have a change with the API addition to start.
Signed-off-by: Danny Canter <danny@dcantah.dev>
CreatedAt was being used as the ExitedAt timestamp, and Info from the
response wasn't being set on the response.
Signed-off-by: Danny Canter <danny@dcantah.dev>
Made a change a bit ago to cleanup the shim on CreateSandbox failures and
noted that we should probably do the same on Start as well as nothing gets
cleaned up otherwise, and nothing states that a sandbox server/shim should
exit itself if Create/Start fail. Ideally this could be hooked up to
some subsystem in containerd that'd do it for us, but for now to allow
developing prototyping sandbox shims this makes things much friendlier.
Signed-off-by: Danny Canter <danny@dcantah.dev>
Currently if create fails the shim will just be kind of stuck in limbo.
This calls shutdown to allow the shim to exit, and then invokes shim
delete.
Signed-off-by: Danny Canter <danny@dcantah.dev>
CreateSandbox states "failed to start sandbox". This is quite confusing
when you're perusing logs and trying to pinpoint how far a shim got in
its execution.
Signed-off-by: Danny Canter <danny@dcantah.dev>
