mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-07-01 22:50:54 +00:00
tests/common: fix install_cri_containerd for containerd 2.x
Three issues prevented containerd 2.x from working correctly after installation: 1. Socket uid/gid mismatch: "containerd config default" was run as the unprivileged user, which produced uid = <runner-uid> in the API socket stanza instead of uid = 0. Run it under sudo so the default output is owned by root. 2. Stale systemd unit: the CI runner ships a pre-installed containerd whose unit file is left in place after the binary is replaced by the test installer. The old unit causes "MigrateConfigTo: index out of range" panics when the new binary tries to load a schema v4 config. Always overwrite the unit file from the template so the running binary and the unit file stay in sync. 3. Schema guard removed: install_cri_containerd installs whatever version was requested (v1.7 or v2.3) and must not abort on a valid schema v2 binary. Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com> Assisted-by: Cursor <noreply@cursor.com>
This commit is contained in:
@@ -1042,13 +1042,19 @@ function install_cri_containerd() {
|
||||
rm -f "${tarball_name}"
|
||||
|
||||
sudo mkdir -p /etc/containerd
|
||||
containerd config default | sudo tee /etc/containerd/config.toml
|
||||
sudo containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
|
||||
ensure_containerd_conf_d_rootful_api_sockets
|
||||
|
||||
# Always write the service file pointing at the just-installed binary and
|
||||
# reload systemd so the correct binary is used on the next start.
|
||||
# The runner image may have a pre-installed containerd unit pointing at a
|
||||
# different (older) binary; leaving that in place causes systemd to start
|
||||
# the wrong binary with a config it cannot parse, leading to a panic in
|
||||
# MigrateConfigTo (index out of range because the old binary's migrations
|
||||
# slice is shorter than the config schema version requires).
|
||||
containerd_service="/etc/systemd/system/containerd.service"
|
||||
|
||||
if [[ ! -f "${containerd_service}" ]]; then
|
||||
sudo mkdir -p /etc/systemd/system
|
||||
sudo tee "${containerd_service}" <<EOF
|
||||
sudo mkdir -p /etc/systemd/system
|
||||
sudo tee "${containerd_service}" > /dev/null <<EOF
|
||||
[Unit]
|
||||
Description=containerd container runtime
|
||||
Documentation=https://containerd.io
|
||||
@@ -1076,7 +1082,7 @@ OOMScoreAdjust=-999
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
fi
|
||||
sudo systemctl daemon-reload
|
||||
}
|
||||
|
||||
# base_version: The version to be intalled in the ${major}.${minor} format
|
||||
|
||||
Reference in New Issue
Block a user