From 9fb0eb407624d0a99edfe482c8d8c2ba49e6c063 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 22 Aug 2023 08:48:32 +0200 Subject: [PATCH] CC: kata-deploy: Set the snapshotter in the containerd runtime config MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a patch that should **NOT** be forward ported to main, as there we want to take a cleaner approach on configuring specific snapshotters for specific runtime handlers. However, for CC, for the v0.8.0 release of CC, this is good enough as it is, and it'll allow us to set one snapshotter for all the deployments done with the CoCo Operator. This is the Kata Containers counterpart of the work, and there's still work to be done on the Confidential Containers in order to make it work as expected, as: * Confidential Containers Operator has to expose to the users which snapshotter will be configured * Confidential Containers Opereator, specifically the pre-install hook, will have to take care of actually installing and configuring the snapshotter, so it can be used. Signed-off-by: Fabiano FidĂȘncio --- tools/packaging/kata-deploy/scripts/kata-deploy.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/packaging/kata-deploy/scripts/kata-deploy.sh b/tools/packaging/kata-deploy/scripts/kata-deploy.sh index f74b70014a..3473a3defd 100755 --- a/tools/packaging/kata-deploy/scripts/kata-deploy.sh +++ b/tools/packaging/kata-deploy/scripts/kata-deploy.sh @@ -309,6 +309,7 @@ function configure_containerd_runtime() { [$runtime_table] runtime_type = "${runtime_type}" cri_handler = "cc" + snapshotter = "${SNAPSHOTTER}" privileged_without_host_devices = true pod_annotations = ["io.katacontainers.*"] EOF @@ -414,6 +415,7 @@ function main() { echo "* DEFAULT_SHIM: ${DEFAULT_SHIM}" echo "* CREATE_RUNTIMECLASSES: ${CREATE_RUNTIMECLASSES}" echo "* CREATE_DEFAULT_RUNTIMECLASS: ${CREATE_DEFAULT_RUNTIMECLASS}" + echo "* SNAPSHOTTER: ${SNAPSHOTTER}" # script requires that user is root euid=$(id -u)