Skip to content

Commit 63f89eb

Browse files
crosbymichaelcrosbymichael
committed
Update server with nri injection points
This allows development with container to be done for NRI without the need for custom builds. This is an experimental feature and is not enabled unless a user has a global `/etc/nri/conf.json` config setup with plugins on the system. No NRI code will be executed if this config file does not exist. Signed-off-by: Michael Crosby <[email protected]>
1 parent b777982 commit 63f89eb

7 files changed

Lines changed: 91 additions & 5 deletions

File tree

pkg/server/container_start.go

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ import (
2424
containerdio "github.com/containerd/containerd/cio"
2525
"github.com/containerd/containerd/errdefs"
2626
"github.com/containerd/containerd/log"
27+
"github.com/containerd/nri"
28+
v1 "github.com/containerd/nri/types/v1"
2729
"github.com/pkg/errors"
2830
"github.com/sirupsen/logrus"
2931
"golang.org/x/net/context"
@@ -107,7 +109,7 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
107109
deferCtx, deferCancel := ctrdutil.DeferContext()
108110
defer deferCancel()
109111
// It's possible that task is deleted by event monitor.
110-
if _, err := task.Delete(deferCtx, containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
112+
if _, err := task.Delete(deferCtx, WithNRISandboxDelete(sandboxID), containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
111113
log.G(ctx).WithError(err).Errorf("Failed to delete containerd task %q", id)
112114
}
113115
}
@@ -118,6 +120,18 @@ func (c *criService) StartContainer(ctx context.Context, r *runtime.StartContain
118120
if err != nil {
119121
return nil, errors.Wrap(err, "failed to wait for containerd task")
120122
}
123+
nric, err := nri.New()
124+
if err != nil {
125+
log.G(ctx).WithError(err).Error("unable to create nri client")
126+
}
127+
if nric != nil {
128+
nriSB := &nri.Sandbox{
129+
ID: sandboxID,
130+
}
131+
if _, err := nric.InvokeWithSandbox(ctx, task, v1.Create, nriSB); err != nil {
132+
return nil, errors.Wrap(err, "nri invoke")
133+
}
134+
}
121135

122136
// Start containerd task.
123137
if err := task.Start(ctx); err != nil {

pkg/server/events.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -317,7 +317,7 @@ func handleContainerExit(ctx context.Context, e *eventtypes.TaskExit, cntr conta
317317
}
318318
} else {
319319
// TODO(random-liu): [P1] This may block the loop, we may want to spawn a worker
320-
if _, err = task.Delete(ctx, containerd.WithProcessKill); err != nil {
320+
if _, err = task.Delete(ctx, WithNRISandboxDelete(cntr.SandboxID), containerd.WithProcessKill); err != nil {
321321
if !errdefs.IsNotFound(err) {
322322
return errors.Wrap(err, "failed to stop container")
323323
}
@@ -359,7 +359,7 @@ func handleSandboxExit(ctx context.Context, e *eventtypes.TaskExit, sb sandboxst
359359
}
360360
} else {
361361
// TODO(random-liu): [P1] This may block the loop, we may want to spawn a worker
362-
if _, err = task.Delete(ctx, containerd.WithProcessKill); err != nil {
362+
if _, err = task.Delete(ctx, WithNRISandboxDelete(sb.ID), containerd.WithProcessKill); err != nil {
363363
if !errdefs.IsNotFound(err) {
364364
return errors.Wrap(err, "failed to stop sandbox")
365365
}

pkg/server/opts.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
/*
2+
Copyright The containerd Authors.
3+
4+
Licensed under the Apache License, Version 2.0 (the "License");
5+
you may not use this file except in compliance with the License.
6+
You may obtain a copy of the License at
7+
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
10+
Unless required by applicable law or agreed to in writing, software
11+
distributed under the License is distributed on an "AS IS" BASIS,
12+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
See the License for the specific language governing permissions and
14+
limitations under the License.
15+
*/
16+
17+
package server
18+
19+
import (
20+
"context"
21+
22+
"github.com/containerd/containerd"
23+
"github.com/containerd/containerd/log"
24+
"github.com/containerd/nri"
25+
v1 "github.com/containerd/nri/types/v1"
26+
)
27+
28+
// WithNRISandboxDelete calls delete for a sandbox'd task
29+
func WithNRISandboxDelete(sandboxID string) containerd.ProcessDeleteOpts {
30+
return func(ctx context.Context, p containerd.Process) error {
31+
task, ok := p.(containerd.Task)
32+
if !ok {
33+
return nil
34+
}
35+
nric, err := nri.New()
36+
if err != nil {
37+
log.G(ctx).WithError(err).Error("unable to create nri client")
38+
return nil
39+
}
40+
if nric == nil {
41+
return nil
42+
}
43+
sb := &nri.Sandbox{
44+
ID: sandboxID,
45+
}
46+
if _, err := nric.InvokeWithSandbox(ctx, task, v1.Delete, sb); err != nil {
47+
log.G(ctx).WithError(err).Errorf("Failed to delete nri for %q", task.ID())
48+
}
49+
return nil
50+
}
51+
}

pkg/server/sandbox_run.go

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,8 @@ import (
2727
"github.com/containerd/containerd/errdefs"
2828
"github.com/containerd/containerd/log"
2929
cni "github.com/containerd/go-cni"
30+
"github.com/containerd/nri"
31+
v1 "github.com/containerd/nri/types/v1"
3032
"github.com/containerd/typeurl"
3133
"github.com/davecgh/go-spew/spew"
3234
"github.com/pkg/errors"
@@ -269,7 +271,7 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
269271
deferCtx, deferCancel := ctrdutil.DeferContext()
270272
defer deferCancel()
271273
// Cleanup the sandbox container if an error is returned.
272-
if _, err := task.Delete(deferCtx, containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
274+
if _, err := task.Delete(deferCtx, WithNRISandboxDelete(id), containerd.WithProcessKill); err != nil && !errdefs.IsNotFound(err) {
273275
log.G(ctx).WithError(err).Errorf("Failed to delete sandbox container %q", id)
274276
}
275277
}
@@ -281,6 +283,20 @@ func (c *criService) RunPodSandbox(ctx context.Context, r *runtime.RunPodSandbox
281283
return nil, errors.Wrap(err, "failed to wait for sandbox container task")
282284
}
283285

286+
nric, err := nri.New()
287+
if err != nil {
288+
return nil, errors.Wrap(err, "unable to create nri client")
289+
}
290+
if nric != nil {
291+
nriSB := &nri.Sandbox{
292+
ID: id,
293+
Labels: config.Labels,
294+
}
295+
if _, err := nric.InvokeWithSandbox(ctx, task, v1.Create, nriSB); err != nil {
296+
return nil, errors.Wrap(err, "nri invoke")
297+
}
298+
}
299+
284300
if err := task.Start(ctx); err != nil {
285301
return nil, errors.Wrapf(err, "failed to start sandbox container task %q", id)
286302
}

vendor.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ github.com/containerd/containerd v1.4.0
1414
github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165
1515
github.com/containerd/fifo f15a3290365b9d2627d189e619ab4008e0069caf
1616
github.com/containerd/go-runc 7016d3ce2328dd2cb1192b2076ebd565c4e8df0c
17-
github.com/containerd/nri 0072507af16308562084abb520fab15440d0b309
17+
github.com/containerd/nri 0afc7f031eaf9c7d9c1a381b7ab5462e89c998fc
1818
github.com/containerd/ttrpc v1.0.1
1919
github.com/containerd/typeurl v1.0.1
2020
github.com/coreos/go-systemd/v22 v22.1.0

vendor/github.com/containerd/nri/client.go

Lines changed: 3 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/containerd/nri/types/v1/types.go

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)