Thanks to visit codestin.com
Credit goes to github.com

Skip to content

runtimeVM: Allow the admin to specify the path of the runtime configuration file #5035

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-robot merged 2 commits into from
Jul 7, 2021
Merged

runtimeVM: Allow the admin to specify the path of the runtime configuration file #5035

openshift-merge-robot merged 2 commits into from
Jul 7, 2021

Conversation

@fidencio
Copy link
Contributor

@fidencio fidencio commented Jun 25, 2021

What type of PR is this?

/kind feature

What this PR does / why we need it:

This PR adds the possibility for the admin to specify the path of the runtime configuration file, when using the VM runtime type.

This will help to simplify how kata-deploy currently sets different configuration files for kata-containers*, and also give us the ability to easily provide any special configuration to a customer or so.

Which issue(s) this PR fixes:

Fixes #4591

Special notes for your reviewer:

Here you can see what's the current behaviour, without this patch:

[fidencio@crio ~]$ kubectl get pods
No resources found in default namespace.

[fidencio@crio ~]$ cat /etc/crio/crio.conf.d/99-runtimes
[crio.runtime.runtimes.kata]
runtime_path = "/usr/local/bin/containerd-shim-kata-v2"
runtime_root = "/run/vc"
runtime_type = "vm"
privileged_without_host_devices = true

[fidencio@crio ~]$ kubectl apply -f ~/simple.yaml
pod/simple created

[fidencio@crio ~]$ kubectl describe pod simple
Name:         simple
Namespace:    default
...
Events:
  Type     Reason                  Age   From               Message
  ----     ------                  ----  ----               -------
  Normal   Scheduled               8s    default-scheduler  Successfully assigned default/simple to crio
  Warning  FailedCreatePodSandBox  8s    kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = CreateContainer failed: Cannot find usable config file (config file "/etc/kata-containers/configuration.toml" unresolvable: file /etc/kata-containers/configuration.toml does not exist, config file "/usr/share/defaults/kata-containers/configuration.toml" unresolvable: file /usr/share/defaults/kata-containers/configuration.toml does not exist): not found

And the changes with this patch applied:

[fidencio@crio ~]$ kubectl get pods
No resources found in default namespace.

[fidencio@crio ~]$ cat /etc/crio/crio.conf.d/99-runtimes
[crio.runtime.runtimes.kata]
runtime_path = "/usr/local/bin/containerd-shim-kata-v2"
runtime_root = "/run/vc"
runtime_type = "vm"
privileged_without_host_devices = true
runtime_config_path = "/tmp/config.toml"

[fidencio@crio ~]$ kubectl apply -f ~/simple.yaml
pod/simple created

[fidencio@crio ~]$ kubectl describe pod
Name:         simple
Namespace:    default
...
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  7s    default-scheduler  Successfully assigned default/simple to crio
  Normal  Pulling    6s    kubelet            Pulling image "quay.io/prometheus/busybox:latest"
  Normal  Pulled     4s    kubelet            Successfully pulled image "quay.io/prometheus/busybox:latest" in 1.990972055s
  Normal  Created    3s    kubelet            Created container basic
  Normal  Started    3s    kubelet            Started container basic

[fidencio@crio ~]$ kubectl get pods
NAME     READY   STATUS    RESTARTS   AGE
simple   1/1     Running   0          10s

Does this PR introduce a user-facing change?

The runtime_config_path option, which allows to specify the path of the runtime configuration file, is now supported by CRI-O.  This is specific to the VM runtime type.

@fidencio fidencio requested review from mrunalp and runcom as code owners June 25, 2021 16:39
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 25, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: fidencio

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. kind/feature Categorizes issue or PR as related to a new feature. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Jun 25, 2021
@fidencio
Copy link
Contributor Author

fidencio commented Jun 25, 2021

/cc @littlejawa and @fgiudici for giving it a try, as it's very much kata-containers specific.

@fidencio fidencio force-pushed the wip/add-runtime-config-path-option branch 3 times, most recently from 5971aed to 1dbd286 Compare June 25, 2021 19:46
@fidencio
Copy link
Contributor Author

fidencio commented Jun 25, 2021

/hold till I get the unit tests running as planned

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 25, 2021
@fidencio fidencio force-pushed the wip/add-runtime-config-path-option branch from 1dbd286 to 4cf7305 Compare June 25, 2021 20:52
@fidencio
Copy link
Contributor Author

fidencio commented Jun 25, 2021

/unhold

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 25, 2021
@codecov
Copy link

codecov bot commented Jun 25, 2021
edited
Loading

Codecov Report

Merging #5035 (3dd73d3) into master (c8b82d6) will increase coverage by 0.00%.
The diff coverage is 34.28%.

❗ Current head 3dd73d3 differs from pull request most recent head 52810ee. Consider uploading reports for the commit 52810ee to get more accurate results

@@           Coverage Diff           @@
##           master    #5035   +/-   ##
=======================================
  Coverage   41.67%   41.67%           
=======================================
  Files         108      108           
  Lines       10169    10195   +26     
=======================================
+ Hits         4238     4249   +11     
- Misses       5482     5496   +14     
- Partials      449      450    +1

@fidencio
Copy link
Contributor Author

fidencio commented Jun 25, 2021

/retest

@littlejawa
Copy link
Contributor

littlejawa commented Jul 1, 2021

LGTM

@fidencio fidencio force-pushed the wip/add-runtime-config-path-option branch from 4cf7305 to 6b48e65 Compare July 2, 2021 10:46
@fidencio
Copy link
Contributor Author

fidencio commented Jul 2, 2021

I will need to rebase mine after #5054 gets merged and while reviewing @littlejawa's work I've noticed that I missed adding the runtime config path option to the helpers.bash.

@haircommander haircommander mentioned this pull request Jul 2, 2021
Merged
@openshift-ci openshift-ci bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 4, 2021
@fidencio fidencio force-pushed the wip/add-runtime-config-path-option branch from 6b48e65 to 6cb6e2f Compare July 6, 2021 19:52
@openshift-ci openshift-ci bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 6, 2021
@fidencio
Copy link
Contributor Author

fidencio commented Jul 6, 2021

@haircommander, this one is rebased/
@fgiudici, please, take a look at this one, as it'll be needed soon. :-)

haircommander
haircommander reviewed Jul 6, 2021
View reviewed changes
haircommander
haircommander reviewed Jul 6, 2021
View reviewed changes
fidencio added 2 commits July 7, 2021 08:03
@fidencio
config,runtime: Add runtime_config_path option
6f29648 
`runtime_config_path` is a "VM" runtime type specific entry, which
allows the admin to set an arbitrary configuration file to be used to
spawn a container runtime.

This will help to simplify how kata-deploy currently sets different
configuration files for kata-containers*, and also give us the ability
to easily provide any special configuration to a customer or so.

*: In case you're interested, it's currently done by a shell script
wrapping the call to the containerd-shim-v2, setting the configuration
file via an environment variable.  Definitely not the best case scenario.

Signed-off-by: Fabiano Fidêncio <[email protected]>
@fidencio
runtimeVM: Pass the ConfigPath to the CreateTask request
52810ee 
Now that admins have a way to specify a runtime_config_path for a
runtime, let's honor this information as pass it down to the
containerd-shim-v2 binary as part of the CreateTask request.

Here you can see what's the current behaviour, without this patch:
```
[fidencio@crio ~]$ kubectl get pods
No resources found in default namespace.

[fidencio@crio ~]$ cat /etc/crio/crio.conf.d/99-runtimes
[crio.runtime.runtimes.kata]
runtime_path = "/usr/local/bin/containerd-shim-kata-v2"
runtime_root = "/run/vc"
runtime_type = "vm"
privileged_without_host_devices = true

[fidencio@crio ~]$ kubectl apply -f ~/simple.yaml
pod/simple created

[fidencio@crio ~]$ kubectl describe pod simple
Name:         simple
Namespace:    default
...
Events:
  Type     Reason                  Age   From               Message
  ----     ------                  ----  ----               -------
  Normal   Scheduled               8s    default-scheduler  Successfully assigned default/simple to crio
  Warning  FailedCreatePodSandBox  8s    kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = CreateContainer failed: Cannot find usable config file (config file "/etc/kata-containers/configuration.toml" unresolvable: file /etc/kata-containers/configuration.toml does not exist, config file "/usr/share/defaults/kata-containers/configuration.toml" unresolvable: file /usr/share/defaults/kata-containers/configuration.toml does not exist): not found
```

And the changes with this patch applied:
```
[fidencio@crio ~]$ kubectl get pods
No resources found in default namespace.

[fidencio@crio ~]$ cat /etc/crio/crio.conf.d/99-runtimes
[crio.runtime.runtimes.kata]
runtime_path = "/usr/local/bin/containerd-shim-kata-v2"
runtime_root = "/run/vc"
runtime_type = "vm"
privileged_without_host_devices = true
runtime_config_path = "/tmp/config.toml"

[fidencio@crio ~]$ kubectl apply -f ~/simple.yaml
pod/simple created

[fidencio@crio ~]$ kubectl describe pod
Name:         simple
Namespace:    default
...
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  7s    default-scheduler  Successfully assigned default/simple to crio
  Normal  Pulling    6s    kubelet            Pulling image "quay.io/prometheus/busybox:latest"
  Normal  Pulled     4s    kubelet            Successfully pulled image "quay.io/prometheus/busybox:latest" in 1.990972055s
  Normal  Created    3s    kubelet            Created container basic
  Normal  Started    3s    kubelet            Started container basic

[fidencio@crio ~]$ kubectl get pods
NAME     READY   STATUS    RESTARTS   AGE
simple   1/1     Running   0          10s
```

Fixes: cri-o#4591

Signed-off-by: Fabiano Fidêncio <[email protected]>
@fidencio fidencio force-pushed the wip/add-runtime-config-path-option branch from 6cb6e2f to 52810ee Compare July 7, 2021 06:04
@fgiudici
Copy link
Contributor

fgiudici commented Jul 7, 2021

Nice feature for kata deployments Fabiano!
LGTM

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 7, 2021
edited
Loading

@fidencio: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/openshift-jenkins/e2e_crun_cgroupv2 52810ee link /test e2e_cgroupv2

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@fidencio
Copy link
Contributor Author

fidencio commented Jul 7, 2021

/retest

@haircommander
Copy link
Member

haircommander commented Jul 7, 2021

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 7, 2021
@openshift-merge-robot openshift-merge-robot merged commit 3e5a1e4 into cri-o:master Jul 7, 2021
@littlejawa littlejawa mentioned this pull request Jan 26, 2023
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@haircommander haircommander haircommander left review comments

@mrunalp mrunalp Awaiting requested review from mrunalp

@runcom runcom Awaiting requested review from runcom

Assignees

@haircommander haircommander

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

runtimeVM: Support "ConfigPath" as part of the runtime configuration

5 participants

@fidencio @littlejawa @fgiudici @haircommander @openshift-merge-robot