CI: change the containerd tarball name to containerd

Since from https://github.com/containerd/containerd/pull/9096 containerd removed cri-containerd-*.tar.gz release bundles, thus we'd better change the tarball name to "containerd". BTW, the containerd tarball containerd the follow files: bin/ bin/containerd-shim bin/ctr bin/containerd-shim-runc-v1 bin/containerd-stress bin/containerd bin/containerd-shim-runc-v2 thus we should untar containerd into /usr/local directory instead of "/" to keep align with the cri-containerd. In addition, there's no containerd.service file,runc binary and cni-plugin included, thus we should add a specific containerd.service file and install install the runc binary and cni-pluginspecifically. Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-04-27 11:31:05 +00:00 · 2024-12-17 12:05:46 +08:00 · 2024-12-17 12:05:46 +08:00 · b19db40343
commit b19db40343
parent 71b14d40f2
7 changed files with 113 additions and 2 deletions
--- a/tests/common.bash
+++ b/tests/common.bash
@ -619,6 +619,63 @@ function install_cni_plugins() {
 	sudo mkdir -p /opt/cni/bin
 	sudo tar -xvf "${tarball_name}" -C /opt/cni/bin
 	rm -f "${tarball_name}"
+
+	cni_config="/etc/cni/net.d/10-containerd-net.conflist"
+	if [ ! -f ${cni_config} ];then
+		sudo mkdir -p /etc/cni/net.d
+		sudo tee "${cni_config}" << EOF
+{
+  "cniVersion": "1.0.0",
+  "name": "containerd-net",
+  "plugins": [
+    {
+      "type": "bridge",
+      "bridge": "cni0",
+      "isGateway": true,
+      "ipMasq": true,
+      "promiscMode": true,
+      "ipam": {
+        "type": "host-local",
+        "ranges": [
+          [{
+            "subnet": "10.88.0.0/16"
+          }],
+          [{
+            "subnet": "2001:4860:4860::/64"
+          }]
+        ],
+        "routes": [
+          { "dst": "0.0.0.0/0" },
+          { "dst": "::/0" }
+        ]
+      }
+    },
+    {
+      "type": "portmap",
+      "capabilities": {"portMappings": true}
+    }
+  ]
+}
+EOF
+	fi
+}
+
+# version: The version to be installed
+function install_runc() {
+	base_version="${1}"
+	project="opencontainers/runc"
+	version=$(get_latest_patch_release_from_a_github_project "${project}" "${base_version}")
+
+	if [ -f /usr/local/sbin/runc ]; then
+		return
+	fi
+
+	binary_name="runc.$(${repo_root_dir}/tests/kata-arch.sh -g)"
+	download_github_project_tarball "${project}" "${version}" "${binary_name}"
+
+	sudo mkdir -p /usr/local/sbin
+	sudo mv $binary_name /usr/local/sbin/runc
+	sudo chmod +x /usr/local/sbin/runc
 }

 # base_version: The version to be intalled in the ${major}.${minor} format
@ -628,14 +685,53 @@ function install_cri_containerd() {
 	project="containerd/containerd"
 	version=$(get_latest_patch_release_from_a_github_project "${project}" "${base_version}")

-	tarball_name="cri-containerd-cni-${version//v}-linux-$(${repo_root_dir}/tests/kata-arch.sh -g).tar.gz"
+	tarball_name="containerd-${version//v}-linux-$(${repo_root_dir}/tests/kata-arch.sh -g).tar.gz"

 	download_github_project_tarball "${project}" "${version}" "${tarball_name}"
-	sudo tar -xvf "${tarball_name}" -C /
+	#add the "--keep-directory-symlink" option to make sure the untar wouldn't override the
+	#system rootfs's bin/sbin directory which would be a symbol link to /usr/bin or /usr/sbin.
+	if [ ! -f /usr/local ]; then
+		sudo mkdir -p /usr/local
+	fi
+	sudo tar --keep-directory-symlink -xvf "${tarball_name}" -C /usr/local/
 	rm -f "${tarball_name}"

 	sudo mkdir -p /etc/containerd
 	containerd config default | sudo tee /etc/containerd/config.toml
+
+	containerd_service="/etc/systemd/system/containerd.service"
+
+	if [ ! -f ${containerd_service} ]; then
+		sudo mkdir -p /etc/systemd/system
+		sudo tee ${containerd_service}  <<EOF
+[Unit]
+Description=containerd container runtime
+Documentation=https://containerd.io
+After=network.target local-fs.target
+
+[Service]
+ExecStartPre=-/sbin/modprobe overlay
+ExecStart=/usr/local/bin/containerd
+
+Type=notify
+Delegate=yes
+KillMode=process
+Restart=always
+RestartSec=5
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNPROC=infinity
+LimitCORE=infinity
+LimitNOFILE=infinity
+# Comment TasksMax if your systemd version does not supports it.
+# Only systemd 226 and above support this version.
+TasksMax=infinity
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
+EOF
+	fi 
 }

 # base_version: The version to be intalled in the ${major}.${minor} format
--- a/tests/functional/kata-monitor/gha-run.sh
+++ b/tests/functional/kata-monitor/gha-run.sh
@ -42,6 +42,8 @@ function install_dependencies() {
 	case "${CONTAINER_ENGINE}" in
 		containerd)
 			github_deps[1]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+			github_deps[2]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+			github_deps[3]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
 			;;
 		crio)
 			github_deps[1]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
--- a/tests/integration/cri-containerd/gha-run.sh
+++ b/tests/integration/cri-containerd/gha-run.sh
@ -48,6 +48,8 @@ function install_dependencies() {
 	declare -a github_deps
 	github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
 	github_deps[1]="cri_tools:$(get_from_kata_deps ".externals.critools.latest")"
+	github_deps[2]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+	github_deps[3]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"

 	for github_dep in "${github_deps[@]}"; do
 		IFS=":" read -r -a dep <<< "${github_dep}"
--- a/tests/integration/nydus/gha-run.sh
+++ b/tests/integration/nydus/gha-run.sh
@ -39,6 +39,8 @@ function install_dependencies() {
 	github_deps[1]="cri_tools:$(get_from_kata_deps ".externals.critools.latest")"
 	github_deps[2]="nydus:$(get_from_kata_deps ".externals.nydus.version")"
 	github_deps[3]="nydus_snapshotter:$(get_from_kata_deps ".externals.nydus-snapshotter.version")"
+	github_deps[4]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+	github_deps[5]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"

 	for github_dep in "${github_deps[@]}"; do
 		IFS=":" read -r -a dep <<< "${github_dep}"
--- a/tests/integration/runk/gha-run.sh
+++ b/tests/integration/runk/gha-run.sh
@ -34,6 +34,8 @@ function install_dependencies() {
 	#   - cri-container-cni release tarball already includes CNI plugins
 	declare -a github_deps
 	github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+	github_deps[1]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+	github_deps[2]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"

 	for github_dep in "${github_deps[@]}"; do
 		IFS=":" read -r -a dep <<< "${github_dep}"
--- a/tests/integration/stdio/gha-run.sh
+++ b/tests/integration/stdio/gha-run.sh
@ -34,6 +34,8 @@ function install_dependencies() {
 	#   - cri-container-cni release tarball already includes CNI plugins
 	declare -a github_deps
 	github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+	github_deps[1]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+	github_deps[2]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"

 	for github_dep in "${github_deps[@]}"; do
 		IFS=":" read -r -a dep <<< "${github_dep}"
--- a/versions.yaml
+++ b/versions.yaml
@ -271,6 +271,11 @@ externals:
    # create a "latest" entry and use that for the GitHub actions tests.
    latest: "v1.29"

+  runc:
+    description: "CLI tool for spawning and running containers"
+    url: "https://github.com/opencontainers/runc"
+    latest: "v1.2"
+
  cryptsetup:
    description: "A utility used to setup disk encryption, integrity protection"
    url: "https://gitlab.com/cryptsetup/cryptsetup"