Mounting a directory inside a read only container requires that to be
created in advance, but `runc` worked around that if the rootfs was not
originally read only.
You cannot even bind mount a file that does not exist into a
read only container.
The containerd test is given a disk, as running on an overlay does
not work; however it is also disabled as one of the parts of the test
is failing, needs investigation.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
The newest tests actually run containerd and therefore have some additional
requirements:
- containerd + shim + runc binaries are needed. We bind these in from the host.
The test code should, by design, be from matching containerd source, assuming
we remember to update test/pkg/container/Dockerfile when we bump
CONTAINERD_COMMIT. 5217b9973b added a reminder
to do so.
- the tests need networking (to pull images). So add dhcp to onboot and bind
/etc/resolv.conf into the test container.
- running containers requires a writeable cgroup mount.
- containerd wants /etc/localtime, so install the UTC one (as we do in
pkg/containerd).
The test image already has `net: host` and `capabilities: all`.
Signed-off-by: Ian Campbell <ijc@docker.com>
The logrus import path has changed, so adjust. Also there is a minor API change
to the containerd.IOCreation() function spec, it now takes a string id which we
can ignore.
Signed-off-by: Ian Campbell <ijc@docker.com>
