diff --git a/tests/common.bash b/tests/common.bash
index ca8b59bbff..727901a2cf 100644
--- a/tests/common.bash
+++ b/tests/common.bash
@@ -619,6 +619,63 @@ function install_cni_plugins() {
sudo mkdir -p /opt/cni/bin
sudo tar -xvf "${tarball_name}" -C /opt/cni/bin
rm -f "${tarball_name}"
+
+ cni_config="/etc/cni/net.d/10-containerd-net.conflist"
+ if [ ! -f ${cni_config} ];then
+ sudo mkdir -p /etc/cni/net.d
+ sudo tee "${cni_config}" << EOF
+{
+ "cniVersion": "1.0.0",
+ "name": "containerd-net",
+ "plugins": [
+ {
+ "type": "bridge",
+ "bridge": "cni0",
+ "isGateway": true,
+ "ipMasq": true,
+ "promiscMode": true,
+ "ipam": {
+ "type": "host-local",
+ "ranges": [
+ [{
+ "subnet": "10.88.0.0/16"
+ }],
+ [{
+ "subnet": "2001:4860:4860::/64"
+ }]
+ ],
+ "routes": [
+ { "dst": "0.0.0.0/0" },
+ { "dst": "::/0" }
+ ]
+ }
+ },
+ {
+ "type": "portmap",
+ "capabilities": {"portMappings": true}
+ }
+ ]
+}
+EOF
+ fi
+}
+
+# version: The version to be installed
+function install_runc() {
+ base_version="${1}"
+ project="opencontainers/runc"
+ version=$(get_latest_patch_release_from_a_github_project "${project}" "${base_version}")
+
+ if [ -f /usr/local/sbin/runc ]; then
+ return
+ fi
+
+ binary_name="runc.$(${repo_root_dir}/tests/kata-arch.sh -g)"
+ download_github_project_tarball "${project}" "${version}" "${binary_name}"
+
+ sudo mkdir -p /usr/local/sbin
+ sudo mv $binary_name /usr/local/sbin/runc
+ sudo chmod +x /usr/local/sbin/runc
}
# base_version: The version to be intalled in the ${major}.${minor} format
@@ -628,14 +685,53 @@ function install_cri_containerd() {
project="containerd/containerd"
version=$(get_latest_patch_release_from_a_github_project "${project}" "${base_version}")
- tarball_name="cri-containerd-cni-${version//v}-linux-$(${repo_root_dir}/tests/kata-arch.sh -g).tar.gz"
+ tarball_name="containerd-${version//v}-linux-$(${repo_root_dir}/tests/kata-arch.sh -g).tar.gz"
download_github_project_tarball "${project}" "${version}" "${tarball_name}"
- sudo tar -xvf "${tarball_name}" -C /
+ #add the "--keep-directory-symlink" option to make sure the untar wouldn't override the
+ #system rootfs's bin/sbin directory which would be a symbol link to /usr/bin or /usr/sbin.
+ if [ ! -f /usr/local ]; then
+ sudo mkdir -p /usr/local
+ fi
+ sudo tar --keep-directory-symlink -xvf "${tarball_name}" -C /usr/local/
rm -f "${tarball_name}"
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
+
+ containerd_service="/etc/systemd/system/containerd.service"
+
+ if [ ! -f ${containerd_service} ]; then
+ sudo mkdir -p /etc/systemd/system
+ sudo tee ${containerd_service} <<EOF
+[Unit]
+Description=containerd container runtime
+Documentation=https://containerd.io
+After=network.target local-fs.target
+
+[Service]
+ExecStartPre=-/sbin/modprobe overlay
+ExecStart=/usr/local/bin/containerd
+
+Type=notify
+Delegate=yes
+KillMode=process
+Restart=always
+RestartSec=5
+# Having non-zero Limit*s causes performance problems due to accounting overhead
+# in the kernel. We recommend using cgroups to do container-local accounting.
+LimitNPROC=infinity
+LimitCORE=infinity
+LimitNOFILE=infinity
+# Comment TasksMax if your systemd version does not supports it.
+# Only systemd 226 and above support this version.
+TasksMax=infinity
+OOMScoreAdjust=-999
+
+[Install]
+WantedBy=multi-user.target
+EOF
+ fi
}
# base_version: The version to be intalled in the ${major}.${minor} format
diff --git a/tests/functional/kata-monitor/gha-run.sh b/tests/functional/kata-monitor/gha-run.sh
index 9c6a0bd8f6..22fffb8907 100755
--- a/tests/functional/kata-monitor/gha-run.sh
+++ b/tests/functional/kata-monitor/gha-run.sh
@@ -42,6 +42,8 @@ function install_dependencies() {
case "${CONTAINER_ENGINE}" in
containerd)
github_deps[1]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+ github_deps[2]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+ github_deps[3]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
;;
crio)
github_deps[1]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
diff --git a/tests/integration/cri-containerd/gha-run.sh b/tests/integration/cri-containerd/gha-run.sh
index 9033b0e4f3..caeb410392 100755
--- a/tests/integration/cri-containerd/gha-run.sh
+++ b/tests/integration/cri-containerd/gha-run.sh
@@ -48,6 +48,8 @@ function install_dependencies() {
declare -a github_deps
github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
github_deps[1]="cri_tools:$(get_from_kata_deps ".externals.critools.latest")"
+ github_deps[2]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+ github_deps[3]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
for github_dep in "${github_deps[@]}"; do
IFS=":" read -r -a dep <<< "${github_dep}"
diff --git a/tests/integration/nydus/gha-run.sh b/tests/integration/nydus/gha-run.sh
index 8e8c000cc5..1f26dc8b68 100755
--- a/tests/integration/nydus/gha-run.sh
+++ b/tests/integration/nydus/gha-run.sh
@@ -39,6 +39,8 @@ function install_dependencies() {
github_deps[1]="cri_tools:$(get_from_kata_deps ".externals.critools.latest")"
github_deps[2]="nydus:$(get_from_kata_deps ".externals.nydus.version")"
github_deps[3]="nydus_snapshotter:$(get_from_kata_deps ".externals.nydus-snapshotter.version")"
+ github_deps[4]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+ github_deps[5]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
for github_dep in "${github_deps[@]}"; do
IFS=":" read -r -a dep <<< "${github_dep}"
diff --git a/tests/integration/runk/gha-run.sh b/tests/integration/runk/gha-run.sh
index 82bbb75c9b..54f9780873 100755
--- a/tests/integration/runk/gha-run.sh
+++ b/tests/integration/runk/gha-run.sh
@@ -34,6 +34,8 @@ function install_dependencies() {
# - cri-container-cni release tarball already includes CNI plugins
declare -a github_deps
github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+ github_deps[1]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+ github_deps[2]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
for github_dep in "${github_deps[@]}"; do
IFS=":" read -r -a dep <<< "${github_dep}"
diff --git a/tests/integration/stdio/gha-run.sh b/tests/integration/stdio/gha-run.sh
index 4138b696bd..f8b84c975a 100755
--- a/tests/integration/stdio/gha-run.sh
+++ b/tests/integration/stdio/gha-run.sh
@@ -34,6 +34,8 @@ function install_dependencies() {
# - cri-container-cni release tarball already includes CNI plugins
declare -a github_deps
github_deps[0]="cri_containerd:$(get_from_kata_deps ".externals.containerd.${CONTAINERD_VERSION}")"
+ github_deps[1]="runc:$(get_from_kata_deps ".externals.runc.latest")"
+ github_deps[2]="cni_plugins:$(get_from_kata_deps ".externals.cni-plugins.version")"
for github_dep in "${github_deps[@]}"; do
IFS=":" read -r -a dep <<< "${github_dep}"
diff --git a/versions.yaml b/versions.yaml
index 591cff0a20..91c63ca37e 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -271,6 +271,11 @@ externals:
# create a "latest" entry and use that for the GitHub actions tests.
latest: "v1.29"
+ runc:
+ description: "CLI tool for spawning and running containers"
+ url: "https://github.com/opencontainers/runc"
+ latest: "v1.2"
+
cryptsetup:
description: "A utility used to setup disk encryption, integrity protection"
url: "https://gitlab.com/cryptsetup/cryptsetup"