[release/1.7] cri: implement RuntimeConfig rpc #11346
Conversation
|
Hi @marquiz. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/assign @mikebrow |
marquiz
force-pushed
the
backport-cgroup-driver
branch
2 times, most recently
from
f06d9b1 to
347d02c
Compare
Contains RuntimeConfig rpc for communicating the cgroup driver to the CRI client. Signed-off-by: Markus Lehtonen <[email protected]>
The rpc only reports one field, i.e. the cgroup driver, to kubelet. Containerd determines the effective cgroup driver by looking at all runtime handlers, starting from the default runtime handler (the rest in alphabetical order), and returning the cgroup driver setting of the first runtime handler that supports one. If no runtime handler supports cgroup driver (i.e. has a config option for it) containerd falls back to auto-detection, returning systemd if systemd is running and cgroupfs otherwise. This patch implements the CRI server side of Kubernetes KEP-4033: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/4033-group-driver-detection-over-cri Signed-off-by: Markus Lehtonen <[email protected]> (cherry picked from commit ed47d6b)
runc considers libcontainer to be "unstable" (not for external use), so we try not to use it. Commit ed47d6b brought back the dependency on other parts of libcontainer, but looks to be only depending on a single utility, which in itself was borrowed from github.com/coreos/go-systemd to not introduce CGO code in the same package. This patch copies the version from github.com/coreos/go-systemd (adding proper attribution, although the function is pretty trivial). runc is in process of moving the libcontainer/user package to an external module, which means we can remove the dependency on libcontainer entirely in the near future. There is one more use of `libcontainer` in our vendor tree; it looks like CDI is depending on one utility (devices.DeviceFromPath); https://github.com/containerd/containerd/blob/a943033a8b6d8dd94a171c6e9528ef413b5b22f3/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/container-edits_unix.go#L38 We should remove the dependency on that utility, and add a CI check to prevent bringing it back. Signed-off-by: Sebastiaan van Stijn <[email protected]> (cherry picked from commit 7d0ab4f) Signed-off-by: Markus Lehtonen <[email protected]>
Add github.com/containerd/log to go.mod Signed-off-by: Derek McGowan <[email protected]> (cherry picked from commit 508aa3a) Signed-off-by: Markus Lehtonen <[email protected]>
Signed-off-by: Markus Lehtonen <[email protected]>
Stop using the deprecated "runtime/v2/runc/options" package, makes linter happy. Signed-off-by: Markus Lehtonen <[email protected]>
marquiz
force-pushed
the
backport-cgroup-driver
branch
from
347d02c to
c82fd82
Compare
|
Worked for me |
How does this backport relate to the graduation of the KEP? |
The GA graduation criteria in the KEP (in it's current form) states that the |
|
Thanks, this should be backported to v1.6 too? |
If you ask me, yes :) I can do that if you think it would be appropriate EDIT: I took a quick look and there's a big hurdle. v1.6 depends on cri-api v0.25 and also supports cri-api v1alpha2 which is not present in cri-api v0.28 (in which version the rpc is introduced. |
|
FYI #11294 changed 1.7 from active to LTS 3months faster than I expected.. Will need to do an exception to the rule to get this important change in. |
This PR backports #8722 to v1.7. It implements the CRI runtime part of Kubernetes KEP-4033 Discover cgroup driver from CRI. The motivation for the backport is to expedite graduation of the Kubernetes KEP to GA.
It consists of multiple commits:
Cherry-picks relevant parts from remove uses of github.com/runc/libcontainer/cgroups #9045 (7d0ab4f)
Cherry-picks relevant parts from Use github.com/containerd/log #9086 (508aa3a)
Adapts the mainline PR to work with v1.7 config
Ditch usage of deprecated package, makes linter happy