tests: update remaining containerd callers for containerd 2.x

tests/functional/vfio-ap/run.sh:
- Source tests/common.bash so the schema helpers are available.
- configure_containerd_for_runtime_rs: write kata-qemu-runtime-rs
  configuration via a conf.d drop-in.  Schema >= 3 uses
  io.containerd.cri.v1.runtime; schema 2 uses io.containerd.grpc.v1.cri.
  The sandboxer field is emitted only for schema >= 3.

tests/integration/nerdctl/gha-run.sh:
- Fix "containerd config default" pipe: propagate PATH so the newly
  installed binary is found, suppress stdout, and call
  ensure_containerd_conf_d_rootful_api_sockets.

tests/integration/kubernetes/gha-run.sh:
- Fix jq filter for devmapper snapshotter (.version // 0 >= 3).
- Add ensure_containerd_conf_d_rootful_api_sockets after config setup.

tests/gha-run-k8s-common.sh:
- Remove the redundant "containerd config default | sed" override;
  overwrite_containerd_config (called via check_containerd_config_for_kata)
  now handles SystemdCgroup and all other containerd config setup.

Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
Assisted-by: Cursor <noreply@cursor.com>
This commit is contained in:
Fabiano Fidêncio
2026-06-07 22:11:45 +02:00
parent 1caacda174
commit 95b8e8bea9
4 changed files with 26 additions and 11 deletions

View File

@@ -11,6 +11,8 @@ set -o pipefail
set -o errtrace
script_path=$(dirname "$0")
# shellcheck source=/dev/null
source "${script_path}/../../common.bash"
registry_port="${REGISTRY_PORT:-5000}"
registry_name="local-registry"
container_engine="${container_engine:-docker}"
@@ -236,7 +238,7 @@ run_test() {
}
configure_containerd_for_runtime_rs() {
local config_file="/etc/containerd/config.toml"
local vfio_rs_drop="/etc/containerd/conf.d/52-kata-ci-vfio-ap-qemu-runtime-rs.toml"
sudo rm -f /usr/local/bin/containerd-shim-kata-qemu-runtime-rs-v2 \
"${runtime_config_base}/runtime-rs/configuration.toml"
@@ -253,15 +255,27 @@ configure_containerd_for_runtime_rs() {
sudo ln -sf "${runtime_config_base}/runtime-rs/configuration-qemu-runtime-rs.toml" \
"${runtime_config_base}/runtime-rs/configuration.toml"
if [[ ! -f "${config_file}" ]]; then
if [[ ! -f "/etc/containerd/config.toml" ]]; then
echo "/etc/containerd/config.toml not found" >&2
exit 1
fi
if ! grep -q "kata-qemu-runtime-rs" "${config_file}"; then
cat <<EOF | sudo tee -a "${config_file}"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata-qemu-runtime-rs]
runtime_type = "io.containerd.kata-qemu-runtime-rs.v2"
local schema
schema="$(_containerd_resolved_schema_version)"
if [[ "${schema}" -ge 3 ]]; then
# containerd v2.x (schema v3+): add the runtime via a conf.d drop-in.
sudo mkdir -p /etc/containerd/conf.d
cat <<EOF | sudo tee "${vfio_rs_drop}"
[plugins.'io.containerd.cri.v1.runtime'.containerd.runtimes.kata-qemu-runtime-rs]
runtime_type = 'io.containerd.kata-qemu-runtime-rs.v2'
sandboxer = 'podsandbox'
EOF
else
# containerd v1.x (schema v2): conf.d is not honoured the same way, so
# append the (new) runtime table directly to config.toml.
cat <<EOF | sudo tee -a /etc/containerd/config.toml
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata-qemu-runtime-rs]
runtime_type = "io.containerd.kata-qemu-runtime-rs.v2"
EOF
fi

View File

@@ -543,8 +543,6 @@ function deploy_vanilla_k8s() {
case "${container_engine}" in
containerd)
install_cri_containerd "${container_engine_version}"
sudo mkdir -p /etc/containerd
containerd config default | sed -e 's/SystemdCgroup = false/SystemdCgroup = true/' | sudo tee /etc/containerd/config.toml
;;
*) die "${container_engine} is not a container engine supported by this script" ;;
esac

View File

@@ -105,7 +105,7 @@ EOF
| .plugins["io.containerd.snapshotter.v1.devmapper"].base_image_size = "4096MB"
| .plugins["io.containerd.transfer.v1.local"].unpack_config =
[((.plugins["io.containerd.transfer.v1.local"].unpack_config[0] // {}) + {platform: $platform, snapshotter: "devmapper"})]
| if .version == 3 then
| if (.version // 0) >= 3 then
.plugins["io.containerd.cri.v1.images"].snapshotter = "devmapper"
else
.plugins["io.containerd.grpc.v1.cri"].containerd.snapshotter = "devmapper"
@@ -280,8 +280,10 @@ function run_tests() {
# enabled. Therefore, use containerd's default settings instead of distro's defaults. Note that
# the k8s test cluster nodes have their own containerd settings (created by kata-deploy),
# independent from the local settings being created here.
sudo containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
PATH="${PATH}:/usr/local/bin:/usr/local/sbin" containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
echo "containerd config has been set to default"
ensure_containerd_conf_d_rootful_api_sockets
require_containerd_config_schema_v3_plus
sudo systemctl restart containerd && sudo systemctl is-active containerd
# Allow genpolicy to access the containerd image pull APIs without sudo.

View File

@@ -53,7 +53,8 @@ function install_dependencies() {
# Create the default containerd configuration
sudo mkdir -p /etc/containerd
containerd config default > sudo tee /etc/containerd/config.toml
PATH="${PATH}:/usr/local/bin:/usr/local/sbin" containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
ensure_containerd_conf_d_rootful_api_sockets
sudo systemctl restart containerd
}