Skip to content

Commit

Permalink
fix: update containerd configuration and settings
Browse files Browse the repository at this point in the history
Provide `XDG_RUNTIME_DIR` environment variable, this specifically fixes
the `kubectl exec` action when `/tmp` is filled up.

Update containerd configuration to version 3 and fix it up.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
  • Loading branch information
smira committed Jul 31, 2024
1 parent 81bd20f commit 3f2058a
Show file tree
Hide file tree
Showing 11 changed files with 36 additions and 20 deletions.
4 changes: 3 additions & 1 deletion hack/containerd.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
version = 2
version = 3

disabled_plugins = [
"io.containerd.grpc.v1.cri",
"io.containerd.cri.v1.images",
"io.containerd.cri.v1.runtime",
"io.containerd.internal.v1.opt",
"io.containerd.internal.v1.tracing",
"io.containerd.nri.v1.nri",
Expand Down
2 changes: 1 addition & 1 deletion hack/cri-containerd.toml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
version = 2
version = 3

disabled_plugins = [
"io.containerd.nri.v1.nri",
Expand Down
7 changes: 3 additions & 4 deletions hack/cri-plugin.part
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
version = 2
version = 3

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
discard_unpacked_layers = true
[plugins."io.containerd.cri.v1.images"]
discard_unpacked_layers = true
7 changes: 6 additions & 1 deletion internal/app/machined/pkg/system/services/containerd.go
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,12 @@ func (c *Containerd) Runner(r runtime.Runtime) (runner.Runner, error) {
debug,
args,
runner.WithLoggingManager(r.Logging()),
runner.WithEnv(environment.Get(r.Config())),
runner.WithEnv(append(
environment.Get(r.Config()),
// append a default value for XDG_RUNTIME_DIR for the services running on the host
// see https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
"XDG_RUNTIME_DIR=/run",
)),
runner.WithOOMScoreAdj(-999),
runner.WithCgroupPath(constants.CgroupSystemRuntime),
runner.WithDroppedCapabilities(constants.DefaultDroppedCapabilities),
Expand Down
7 changes: 6 additions & 1 deletion internal/app/machined/pkg/system/services/cri.go
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,12 @@ func (c *CRI) Runner(r runtime.Runtime) (runner.Runner, error) {
r.Config().Debug(),
args,
runner.WithLoggingManager(r.Logging()),
runner.WithEnv(environment.Get(r.Config())),
runner.WithEnv(append(
environment.Get(r.Config()),
// append a default value for XDG_RUNTIME_DIR for the services running on the host
// see https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
"XDG_RUNTIME_DIR=/run",
)),
runner.WithOOMScoreAdj(-500),
runner.WithCgroupPath(constants.CgroupPodRuntime),
runner.WithDroppedCapabilities(constants.DefaultDroppedCapabilities),
Expand Down
5 changes: 5 additions & 0 deletions internal/app/machined/pkg/system/services/udevd.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,11 @@ func (c *Udevd) Runner(r runtime.Runtime) (runner.Runner, error) {
runner.WithLoggingManager(r.Logging()),
runner.WithCgroupPath(constants.CgroupUdevd),
runner.WithDroppedCapabilities(constants.UdevdDroppedCapabilities),
runner.WithEnv([]string{
// append a default value for XDG_RUNTIME_DIR for the services running on the host
// see https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
"XDG_RUNTIME_DIR=/run",
}),
),
restart.WithType(restart.Forever),
), nil
Expand Down
2 changes: 1 addition & 1 deletion internal/pkg/containers/cri/containerd/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ type CRIConfig struct {

// PluginsConfig represents the CRI plugins config.
type PluginsConfig struct {
CRI CRIConfig `toml:"io.containerd.grpc.v1.cri"`
CRI CRIConfig `toml:"io.containerd.cri.v1.images"`
}

// Config represnts the containerd config.
Expand Down
10 changes: 5 additions & 5 deletions internal/pkg/containers/cri/containerd/testdata/cri.toml
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
[plugins]
[plugins.'io.containerd.grpc.v1.cri']
[plugins.'io.containerd.grpc.v1.cri'.registry]
[plugins.'io.containerd.cri.v1.images']
[plugins.'io.containerd.cri.v1.images'.registry]
config_path = '/etc/cri/conf.d/hosts'

[plugins.'io.containerd.grpc.v1.cri'.registry.configs]
[plugins.'io.containerd.grpc.v1.cri'.registry.configs.'some.host:123']
[plugins.'io.containerd.grpc.v1.cri'.registry.configs.'some.host:123'.auth]
[plugins.'io.containerd.cri.v1.images'.registry.configs]
[plugins.'io.containerd.cri.v1.images'.registry.configs.'some.host:123']
[plugins.'io.containerd.cri.v1.images'.registry.configs.'some.host:123'.auth]
username = 'root'
password = 'secret'
auth = 'auth'
Expand Down
4 changes: 2 additions & 2 deletions website/content/v1.8/talos-guides/configuration/containerd.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ machine:
files:
- content: |
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.k8s.io/pause:3.8"
[plugins."io.containerd.cri.v1.images".pinned_images]
sandbox = "registry.k8s.io/pause:3.8"
path: /etc/cri/conf.d/20-customization.part
op: create
```
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -117,8 +117,8 @@ Create a patch yaml `nvidia-default-runtimeclass.yaml` to update the machine con
value:
- content: |
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".containerd]
[plugins."io.containerd.cri.v1.runtime"]
[plugins."io.containerd.cri.v1.runtime".containerd]
default_runtime_name = "nvidia"
path: /etc/cri/conf.d/20-customization.part
op: create
Expand Down
4 changes: 2 additions & 2 deletions website/content/v1.8/talos-guides/configuration/nvidia-gpu.md
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,8 @@ Create a patch yaml `nvidia-default-runtimeclass.yaml` to update the machine con
value:
- content: |
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".containerd]
[plugins."plugins."io.containerd.cri.v1.runtime"]
[plugins."io.containerd.cri.v1.runtime".containerd]
default_runtime_name = "nvidia"
path: /etc/cri/conf.d/20-customization.part
op: create
Expand Down

0 comments on commit 3f2058a

Please sign in to comment.