github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-29 00:37:24 +00:00
Code Issues Projects Releases Wiki Activity

runtime: support different cri container type check

Browse Source 
To support handle image-guest-pull block volume from different CRIs, including cri-o and containerd.

Signed-off-by: ChengyuZhu6 <chengyu.zhu@intel.com>
This commit is contained in:
ChengyuZhu6 2023-11-27 13:48:00 +08:00 committed by Fabiano Fidêncio
parent 874d83b510
commit ba242b0198
No known key found for this signature in database
GPG Key ID: EE926C2BDACC177B
2 changed files with 64 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/agent/src/image.rs
View File

@ -26,6 +26,11 @@ const KATA_IMAGE_WORK_DIR: &str = "/run/kata-containers/image/";
const CONFIG_JSON: &str = "config.json"; const CONFIG_JSON: &str = "config.json";
const KATA_PAUSE_BUNDLE: &str = "/pause_bundle"; const KATA_PAUSE_BUNDLE: &str = "/pause_bundle";
const K8S_CONTAINER_TYPE_KEYS: [&str; 2] = [
"io.kubernetes.cri.container-type",
"io.kubernetes.cri-o.ContainerType",
];
#[rustfmt::skip] #[rustfmt::skip]
lazy_static! { lazy_static! {
pub static ref IMAGE_SERVICE: Mutex<Option<ImageService>> = Mutex::new(None); pub static ref IMAGE_SERVICE: Mutex<Option<ImageService>> = Mutex::new(None);
@ -130,6 +135,25 @@ impl ImageService {
info!(sl(), "image metadata: {image_metadata:?}"); info!(sl(), "image metadata: {image_metadata:?}");
Self::set_proxy_env_vars(); Self::set_proxy_env_vars();
//Check whether the image is for sandbox or for container.
let mut is_sandbox = false;
for key in K8S_CONTAINER_TYPE_KEYS.iter() {
if let Some(value) = image_metadata.get(key as &str) {
if value == "sandbox" {
is_sandbox = true;
break;
}
}
}
if is_sandbox {
let mount_path = Self::unpack_pause_image(cid, "pause")?;
self.add_image(String::from(image), String::from(cid)).await;
return Ok(mount_path);
}
// Image layers will store at KATA_IMAGE_WORK_DIR, generated bundles
// with rootfs and config.json will store under CONTAINER_BASE/cid/images.
let bundle_base_dir = scoped_join(CONTAINER_BASE, cid)?; let bundle_base_dir = scoped_join(CONTAINER_BASE, cid)?;
fs::create_dir_all(&bundle_base_dir)?; fs::create_dir_all(&bundle_base_dir)?;
let bundle_path = scoped_join(&bundle_base_dir, "images")?; let bundle_path = scoped_join(&bundle_base_dir, "images")?;

55
src/runtime/virtcontainers/kata_agent.go
View File

@ -36,6 +36,8 @@ import (
"context" "context"
ctrAnnotations "github.com/containerd/containerd/pkg/cri/annotations"
podmanAnnotations "github.com/containers/podman/v4/pkg/annotations"
"github.com/opencontainers/runtime-spec/specs-go" "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/selinux/go-selinux" "github.com/opencontainers/selinux/go-selinux"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -1580,25 +1582,48 @@ func handleBlockVolume(c *Container, device api.Device) (*grpc.Storage, error) {
return vol, nil return vol, nil
} }
// getContainerTypeforCRI get container type from different CRI annotations
func getContainerTypeforCRI(c *Container) (string, string) {
// CRIContainerTypeKeyList lists all the CRI keys that could define
// the container type from annotations in the config.json.
CRIContainerTypeKeyList := []string{ctrAnnotations.ContainerType, podmanAnnotations.ContainerType}
containerType := c.config.Annotations[vcAnnotations.ContainerTypeKey]
for _, key := range CRIContainerTypeKeyList {
_, ok := c.config.CustomSpec.Annotations[key]
if ok {
return containerType, key
}
}
return "", ""
}
func handleImageGuestPullBlockVolume(c *Container, virtualVolumeInfo *types.KataVirtualVolume, vol *grpc.Storage) (*grpc.Storage, error) { func handleImageGuestPullBlockVolume(c *Container, virtualVolumeInfo *types.KataVirtualVolume, vol *grpc.Storage) (*grpc.Storage, error) {
container_annotations := c.GetAnnotations() container_annotations := c.GetAnnotations()
container_type := container_annotations["io.kubernetes.cri.container-type"] containerType, criContainerType := getContainerTypeforCRI(c)
if virtualVolumeInfo.Source == "" {
var image_ref string
if container_type == "sandbox" {
image_ref = "pause"
} else {
image_ref = container_annotations["io.kubernetes.cri.image-name"]
if image_ref == "" {
return nil, fmt.Errorf("Failed to get image name from annotations")
}
}
virtualVolumeInfo.Source = image_ref
//merge virtualVolumeInfo.ImagePull.Metadata and container_annotations var image_ref string
for k, v := range container_annotations { if containerType == string(PodSandbox) {
virtualVolumeInfo.ImagePull.Metadata[k] = v image_ref = "pause"
} else {
switch criContainerType {
case ctrAnnotations.ContainerType:
image_ref = container_annotations["io.kubernetes.cri.image-name"]
case podmanAnnotations.ContainerType:
image_ref = container_annotations["io.kubernetes.cri-o.ImageName"]
default:
image_ref = ""
} }
if image_ref == "" {
return nil, fmt.Errorf("Failed to get image name from annotations")
}
}
virtualVolumeInfo.Source = image_ref
//merge virtualVolumeInfo.ImagePull.Metadata and container_annotations
for k, v := range container_annotations {
virtualVolumeInfo.ImagePull.Metadata[k] = v
} }
no, err := json.Marshal(virtualVolumeInfo.ImagePull) no, err := json.Marshal(virtualVolumeInfo.ImagePull)