From d28a512d29ac8a4e654ec4623ffab9348abcc96e Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Thu, 13 Feb 2025 09:08:35 +0000 Subject: [PATCH] agent: Wait for network before init_image_service Based on the guidance from @Xynnn007 in #10851 > The new version of image-rs will do attestation once ClientBuilder.build().await() is called, while the old version will do so lazily the first image pull request comes. Looks like it's called in rpc::start() in kata-agent, when I'm afraid the network hasn't been initialized yet. > I am not sure if the guest network is prepared after the DNS is configured (in create_sandbox), if so we can move (the init_image_service) right after that. Signed-off-by: stevenhorsman --- src/agent/src/rpc.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 9d7a343a0d..cbf4b5eefd 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -1294,6 +1294,9 @@ impl agent_ttrpc::AgentService for AgentService { } } + #[cfg(feature = "guest-pull")] + image::init_image_service().await.map_ttrpc_err(same)?; + Ok(Empty::new()) } @@ -1748,9 +1751,6 @@ pub async fn start( let health_service = Box::new(HealthService {}) as Box; let hservice = health_ttrpc::create_health(Arc::new(health_service)); - #[cfg(feature = "guest-pull")] - image::init_image_service().await?; - let server = TtrpcServer::new() .bind(server_address)? .register_service(aservice)