Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / c88c82db8b1a7f8a07782c970e1d0dfb453f9f66^! / . / core / internal / containerd / main.go
commitc88c82db8b1a7f8a07782c970e1d0dfb453f9f66[log] [tgz]
authorLorenz Brun <lorenz@nexantic.com>Fri May 08 14:35:04 2020 +0200
committerLorenz Brun <lorenz@nexantic.com>Fri May 08 14:35:04 2020 +0200
tree22072c4f18e4aaa855577ff0b42a86ef77a9c4cb
parent60febd9db40970a31a2f49bdb969897a37c11cc6 [diff] [blame]
Add containerd & gVisor support

This adds containerd, CNI, gVisor and all the necessary shims
and supporting infrastructure. It also enables all relevant features in
the Linux kernel. containerd is designed as a simple supervisor.Runnable.
It is not being started yet, this will happen in D497.

Split out from feature/kubelet.

Test Plan:
Has been tested in conjunction with the rest of D497, will be
covered by a K8s E2E test there.

X-Origin-Diff: phab/D509
GitOrigin-RevId: 92523516b7e361a30da330eb187787e6045bfd17

diff --git a/core/internal/containerd/main.go b/core/internal/containerd/main.go
new file mode 100644
index 0000000..f4952e4
--- /dev/null
+++ b/core/internal/containerd/main.go

@@ -0,0 +1,48 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package containerd
+
+import (
+	"context"
+	"os"
+	"os/exec"
+
+	"git.monogon.dev/source/nexantic.git/core/pkg/logbuffer"
+
+	"golang.org/x/sys/unix"
+)
+
+// Implements supervisor.Runnable for later integration
+
+func RunContainerd(ctx context.Context) error {
+	containerdLog := logbuffer.New(1000, 16384)
+	cmd := exec.CommandContext(ctx, "/containerd/bin/containerd", "--config", "/containerd/conf/config.toml")
+	cmd.Stdout = containerdLog
+	cmd.Stderr = containerdLog
+	cmd.Env = []string{"PATH=/containerd/bin", "TMPDIR=/containerd/run/tmp"}
+
+	if err := unix.Mount("tmpfs", "/containerd/run", "tmpfs", 0, ""); err != nil {
+		panic(err)
+	}
+	if err := os.MkdirAll("/containerd/run/tmp", 0755); err != nil {
+		panic(err)
+	}
+
+	// TODO(lorenz): Healthcheck against cri.Status() RPC
+
+	return cmd.Run()
+}