commit c88c82db8b1a7f8a07782c970e1d0dfb453f9f66
author Lorenz Brun <lorenz@nexantic.com> Fri May 08 14:35:04 2020 +0200
committer Lorenz Brun <lorenz@nexantic.com> Fri May 08 14:35:04 2020 +0200
tree 22072c4f18e4aaa855577ff0b42a86ef77a9c4cb
parent 60febd9db40970a31a2f49bdb969897a37c11cc6

Add containerd & gVisor support

This adds containerd, CNI, gVisor and all the necessary shims
and supporting infrastructure. It also enables all relevant features in
the Linux kernel. containerd is designed as a simple supervisor.Runnable.
It is not being started yet, this will happen in D497.

Split out from feature/kubelet.

Test Plan:
Has been tested in conjunction with the rest of D497, will be
covered by a K8s E2E test there.

X-Origin-Diff: phab/D509
GitOrigin-RevId: 92523516b7e361a30da330eb187787e6045bfd17

third_party/go/patches/gvisor-containerd-shim-build.patch

diff --git a/third_party/go/patches/gvisor-containerd-shim-build.patch b/third_party/go/patches/gvisor-containerd-shim-build.patch
new file mode 100644
index 0000000..e221fe8
--- /dev/null
+++ b/third_party/go/patches/gvisor-containerd-shim-build.patch
@@ -0,0 +1,145 @@
+Copyright 2020 The Monogon Project Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+
+From d92dc4195d4de5149e7e55890fa856837a35217e Mon Sep 17 00:00:00 2001
+From: Lorenz Brun <lorenz@brun.one>
+Date: Mon, 4 May 2020 15:33:40 +0200
+Subject: [PATCH] Reflect code patches in Bazel and build pure
+
+---
+ cmd/containerd-shim-runsc-v1/BUILD.bazel |  1 +
+ cmd/gvisor-containerd-shim/BUILD.bazel   |  4 ++--
+ pkg/v1/proc/BUILD.bazel                  |  3 ++-
+ pkg/v1/shim/BUILD.bazel                  |  5 +++--
+ pkg/v2/BUILD.bazel                       | 14 ++++++++------
+ 5 files changed, 16 insertions(+), 11 deletions(-)
+
+diff --git a/cmd/containerd-shim-runsc-v1/BUILD.bazel b/cmd/containerd-shim-runsc-v1/BUILD.bazel
+index 8fb6a86..d58f069 100644
+--- a/cmd/containerd-shim-runsc-v1/BUILD.bazel
++++ b/cmd/containerd-shim-runsc-v1/BUILD.bazel
+@@ -14,5 +14,6 @@ go_library(
+ go_binary(
+     name = "containerd-shim-runsc-v1",
+     embed = [":go_default_library"],
++    pure = "on",
+     visibility = ["//visibility:public"],
+ )
+diff --git a/cmd/gvisor-containerd-shim/BUILD.bazel b/cmd/gvisor-containerd-shim/BUILD.bazel
+index 8478746..f6a6fa2 100644
+--- a/cmd/gvisor-containerd-shim/BUILD.bazel
++++ b/cmd/gvisor-containerd-shim/BUILD.bazel
+@@ -14,9 +14,9 @@ go_library(
+         "@com_github_burntsushi_toml//:go_default_library",
+         "@com_github_containerd_containerd//events:go_default_library",
+         "@com_github_containerd_containerd//namespaces:go_default_library",
+-        "@com_github_containerd_containerd//runtime/v1/linux/proc:go_default_library",
+-        "@com_github_containerd_containerd//runtime/v1/shim:go_default_library",
++        "@com_github_containerd_containerd//pkg/process:go_default_library",
+         "@com_github_containerd_containerd//runtime/v1/shim/v1:go_default_library",
++        "@com_github_containerd_containerd//sys/reaper:go_default_library",
+         "@com_github_containerd_ttrpc//:go_default_library",
+         "@com_github_containerd_typeurl//:go_default_library",
+         "@com_github_gogo_protobuf//types:go_default_library",
+diff --git a/pkg/v1/proc/BUILD.bazel b/pkg/v1/proc/BUILD.bazel
+index 8ef457c..1bf9228 100644
+--- a/pkg/v1/proc/BUILD.bazel
++++ b/pkg/v1/proc/BUILD.bazel
+@@ -21,7 +21,8 @@ go_library(
+         "@com_github_containerd_containerd//errdefs:go_default_library",
+         "@com_github_containerd_containerd//log:go_default_library",
+         "@com_github_containerd_containerd//mount:go_default_library",
+-        "@com_github_containerd_containerd//runtime/proc:go_default_library",
++        "@com_github_containerd_containerd//pkg/process:go_default_library",
++        "@com_github_containerd_containerd//pkg/stdio:go_default_library",
+         "@com_github_containerd_fifo//:go_default_library",
+         "@com_github_containerd_go_runc//:go_default_library",
+         "@com_github_gogo_protobuf//types:go_default_library",
+diff --git a/pkg/v1/shim/BUILD.bazel b/pkg/v1/shim/BUILD.bazel
+index a5d83c4..2129cd8 100644
+--- a/pkg/v1/shim/BUILD.bazel
++++ b/pkg/v1/shim/BUILD.bazel
+@@ -20,11 +20,12 @@ go_library(
+         "@com_github_containerd_containerd//log:go_default_library",
+         "@com_github_containerd_containerd//mount:go_default_library",
+         "@com_github_containerd_containerd//namespaces:go_default_library",
++        "@com_github_containerd_containerd//pkg/process:go_default_library",
++        "@com_github_containerd_containerd//pkg/stdio:go_default_library",
+         "@com_github_containerd_containerd//runtime:go_default_library",
+         "@com_github_containerd_containerd//runtime/linux/runctypes:go_default_library",
+-        "@com_github_containerd_containerd//runtime/proc:go_default_library",
+-        "@com_github_containerd_containerd//runtime/v1/shim:go_default_library",
+         "@com_github_containerd_containerd//runtime/v1/shim/v1:go_default_library",
++        "@com_github_containerd_containerd//sys/reaper:go_default_library",
+         "@com_github_containerd_fifo//:go_default_library",
+         "@com_github_containerd_typeurl//:go_default_library",
+         "@com_github_gogo_protobuf//types:go_default_library",
+diff --git a/pkg/v2/BUILD.bazel b/pkg/v2/BUILD.bazel
+index a7a6abb..d61b785 100644
+--- a/pkg/v2/BUILD.bazel
++++ b/pkg/v2/BUILD.bazel
+@@ -16,20 +16,21 @@ go_library(
+             "//pkg/v1/utils:go_default_library",
+             "//pkg/v2/options:go_default_library",
+             "@com_github_burntsushi_toml//:go_default_library",
+-            "@com_github_containerd_cgroups//:go_default_library",
++            "@com_github_containerd_cgroups//stats/v1:go_default_library",
+             "@com_github_containerd_console//:go_default_library",
+             "@com_github_containerd_containerd//api/events:go_default_library",
+             "@com_github_containerd_containerd//api/types/task:go_default_library",
+             "@com_github_containerd_containerd//errdefs:go_default_library",
+-            "@com_github_containerd_containerd//events:go_default_library",
+             "@com_github_containerd_containerd//log:go_default_library",
+             "@com_github_containerd_containerd//mount:go_default_library",
+             "@com_github_containerd_containerd//namespaces:go_default_library",
++            "@com_github_containerd_containerd//pkg/process:go_default_library",
++            "@com_github_containerd_containerd//pkg/stdio:go_default_library",
+             "@com_github_containerd_containerd//runtime:go_default_library",
+             "@com_github_containerd_containerd//runtime/linux/runctypes:go_default_library",
+-            "@com_github_containerd_containerd//runtime/proc:go_default_library",
+             "@com_github_containerd_containerd//runtime/v2/shim:go_default_library",
+             "@com_github_containerd_containerd//runtime/v2/task:go_default_library",
++            "@com_github_containerd_containerd//sys/reaper:go_default_library",
+             "@com_github_containerd_cri//pkg/api/runtimeoptions/v1:go_default_library",
+             "@com_github_containerd_fifo//:go_default_library",
+             "@com_github_containerd_typeurl//:go_default_library",
+@@ -44,20 +45,21 @@ go_library(
+             "//pkg/v1/utils:go_default_library",
+             "//pkg/v2/options:go_default_library",
+             "@com_github_burntsushi_toml//:go_default_library",
+-            "@com_github_containerd_cgroups//:go_default_library",
++            "@com_github_containerd_cgroups//stats/v1:go_default_library",
+             "@com_github_containerd_console//:go_default_library",
+             "@com_github_containerd_containerd//api/events:go_default_library",
+             "@com_github_containerd_containerd//api/types/task:go_default_library",
+             "@com_github_containerd_containerd//errdefs:go_default_library",
+-            "@com_github_containerd_containerd//events:go_default_library",
+             "@com_github_containerd_containerd//log:go_default_library",
+             "@com_github_containerd_containerd//mount:go_default_library",
+             "@com_github_containerd_containerd//namespaces:go_default_library",
++            "@com_github_containerd_containerd//pkg/process:go_default_library",
++            "@com_github_containerd_containerd//pkg/stdio:go_default_library",
+             "@com_github_containerd_containerd//runtime:go_default_library",
+             "@com_github_containerd_containerd//runtime/linux/runctypes:go_default_library",
+-            "@com_github_containerd_containerd//runtime/proc:go_default_library",
+             "@com_github_containerd_containerd//runtime/v2/shim:go_default_library",
+             "@com_github_containerd_containerd//runtime/v2/task:go_default_library",
++            "@com_github_containerd_containerd//sys/reaper:go_default_library",
+             "@com_github_containerd_cri//pkg/api/runtimeoptions/v1:go_default_library",
+             "@com_github_containerd_fifo//:go_default_library",
+             "@com_github_containerd_typeurl//:go_default_library",
+-- 
+2.25.1
+