Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / f430fbfe35b70283090b6174cf5a920163c0148c / . / third_party / go / patches / gvisor-containerd-compat.patch
blob: 5e7f61e496497571a619b0ba69c6ec58106708e3 [file] [log] [blame]
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]1diff --git a/pkg/shim/service.go b/pkg/shim/service.go
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]2--- a/pkg/shim/service.go (revision fbd632393665c6628221150b74ae50294d9a3695)
3+++ b/pkg/shim/service.go (date 1694133552618)
4@@ -32,6 +32,7 @@
5 cgroupsv2 "github.com/containerd/cgroups/v2"
6 "github.com/containerd/console"
7 "github.com/containerd/containerd/api/events"
8+ taskAPI "github.com/containerd/containerd/api/runtime/task/v2"
9 "github.com/containerd/containerd/api/types/task"
10 "github.com/containerd/containerd/errdefs"
11 "github.com/containerd/containerd/log"
12@@ -39,18 +40,20 @@
13 "github.com/containerd/containerd/namespaces"
14 "github.com/containerd/containerd/pkg/process"
15 "github.com/containerd/containerd/pkg/stdio"
16+ "github.com/containerd/containerd/protobuf"
17 "github.com/containerd/containerd/runtime"
18 "github.com/containerd/containerd/runtime/linux/runctypes"
19 "github.com/containerd/containerd/runtime/v2/shim"
20- taskAPI "github.com/containerd/containerd/runtime/v2/task"
21 "github.com/containerd/containerd/sys/reaper"
22- "github.com/containerd/typeurl"
23- "github.com/gogo/protobuf/types"
24- specs "github.com/opencontainers/runtime-spec/specs-go"
25+ "github.com/containerd/typeurl/v2"
26+ "github.com/opencontainers/runtime-spec/specs-go"
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]27 "github.com/sirupsen/logrus"
28 "golang.org/x/sys/unix"
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]29+ "google.golang.org/protobuf/types/known/emptypb"
30+ "google.golang.org/protobuf/types/known/timestamppb"
31+
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]32 "gvisor.dev/gvisor/pkg/cleanup"
33- "gvisor.dev/gvisor/pkg/shim/runtimeoptions/v14"
34+ v14 "gvisor.dev/gvisor/pkg/shim/runtimeoptions/v14"
Lorenz Brun65702192023-08-31 16:27:38 +0200[diff] [blame]35
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]36 "gvisor.dev/gvisor/pkg/shim/proc"
37 "gvisor.dev/gvisor/pkg/shim/runsc"
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]38@@ -60,7 +63,7 @@
39 )
40
41 var (
42- empty = &types.Empty{}
43+ empty = &emptypb.Empty{}
44 bufPool = sync.Pool{
45 New: func() any {
46 buffer := make([]byte, 32<<10)
47@@ -189,7 +192,7 @@
Lorenz Brun65702192023-08-31 16:27:38 +0200[diff] [blame]48
49 var _ shim.Shim = (*service)(nil)
50
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]51-func (s *service) newCommand(ctx context.Context, containerdBinary, containerdAddress string) (*exec.Cmd, error) {
52+func (s *service) newCommand(ctx context.Context, id, containerdBinary, containerdAddress string) (*exec.Cmd, error) {
53 ns, err := namespaces.NamespaceRequired(ctx)
54 if err != nil {
55 return nil, err
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]56@@ -204,6 +207,7 @@
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]57 }
58 args := []string{
59 "-namespace", ns,
60+ "-id", id,
61 "-address", containerdAddress,
62 "-publish-binary", containerdBinary,
63 }
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]64@@ -219,14 +223,14 @@
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]65 return cmd, nil
66 }
Lorenz Brun65702192023-08-31 16:27:38 +0200[diff] [blame]67
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]68-func (s *service) StartShim(ctx context.Context, id, containerdBinary, containerdAddress, containerdTTRPCAddress string) (string, error) {
69- log.L.Debugf("StartShim, id: %s, binary: %q, address: %q", id, containerdBinary, containerdAddress)
70+func (s *service) StartShim(ctx context.Context, opts shim.StartOpts) (string, error) {
71+ log.L.Debugf("StartShim, id: %s, binary: %q, address: %q", opts.ID, opts.ContainerdBinary, opts.Address)
Lorenz Brun65702192023-08-31 16:27:38 +0200[diff] [blame]72
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]73- cmd, err := s.newCommand(ctx, containerdBinary, containerdAddress)
74+ cmd, err := s.newCommand(ctx, opts.ID, opts.ContainerdBinary, opts.Address)
75 if err != nil {
76 return "", err
77 }
78- address, err := shim.SocketAddress(ctx, containerdAddress, id)
79+ address, err := shim.SocketAddress(ctx, opts.Address, opts.ID)
80 if err != nil {
81 return "", err
82 }
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]83@@ -280,8 +284,8 @@
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]84 if err := shim.WriteAddress(shimAddressPath, address); err != nil {
85 return "", err
86 }
87- if err := shim.SetScore(cmd.Process.Pid); err != nil {
88- return "", fmt.Errorf("failed to set OOM Score on shim: %w", err)
89+ if err := shim.AdjustOOMScore(cmd.Process.Pid); err != nil {
90+ return "", fmt.Errorf("failed to adjust OOM score for shim: %w", err)
91 }
92 cu.Release()
93 return address, nil
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]94@@ -315,7 +319,7 @@
95 log.L.Infof("failed to cleanup rootfs mount: %v", err)
96 }
97 return &taskAPI.DeleteResponse{
98- ExitedAt: time.Now(),
99+ ExitedAt: timestamppb.New(time.Now()),
100 ExitStatus: 128 + uint32(unix.SIGKILL),
101 }, nil
102 }
103@@ -578,18 +582,18 @@
104 }
105 return &taskAPI.DeleteResponse{
106 ExitStatus: uint32(p.ExitStatus()),
107- ExitedAt: p.ExitedAt(),
108+ ExitedAt: timestamppb.New(p.ExitedAt()),
109 Pid: uint32(p.Pid()),
110 }, nil
111 }
112
113 // Exec spawns an additional process inside the container.
114-func (s *service) Exec(ctx context.Context, r *taskAPI.ExecProcessRequest) (*types.Empty, error) {
115+func (s *service) Exec(ctx context.Context, r *taskAPI.ExecProcessRequest) (*emptypb.Empty, error) {
116 resp, err := s.exec(ctx, r)
117 return resp, errdefs.ToGRPC(err)
118 }
119
120-func (s *service) exec(ctx context.Context, r *taskAPI.ExecProcessRequest) (*types.Empty, error) {
121+func (s *service) exec(ctx context.Context, r *taskAPI.ExecProcessRequest) (*emptypb.Empty, error) {
122 log.L.Debugf("Exec, id: %s, execID: %s", r.ID, r.ExecID)
123
124 s.mu.Lock()
125@@ -619,12 +623,12 @@
126 }
127
128 // ResizePty resizes the terminal of a process.
129-func (s *service) ResizePty(ctx context.Context, r *taskAPI.ResizePtyRequest) (*types.Empty, error) {
130+func (s *service) ResizePty(ctx context.Context, r *taskAPI.ResizePtyRequest) (*emptypb.Empty, error) {
131 resp, err := s.resizePty(ctx, r)
132 return resp, errdefs.ToGRPC(err)
133 }
134
135-func (s *service) resizePty(ctx context.Context, r *taskAPI.ResizePtyRequest) (*types.Empty, error) {
136+func (s *service) resizePty(ctx context.Context, r *taskAPI.ResizePtyRequest) (*emptypb.Empty, error) {
137 log.L.Debugf("ResizePty, id: %s, execID: %s, dimension: %dx%d", r.ID, r.ExecID, r.Height, r.Width)
138
139 p, err := s.getProcess(r.ExecID)
140@@ -660,14 +664,14 @@
141 log.L.Debugf("State failed: %v", err)
142 return nil, err
143 }
144- status := task.StatusUnknown
145+ status := task.Status_UNKNOWN
146 switch st {
147 case "created":
148- status = task.StatusCreated
149+ status = task.Status_CREATED
150 case "running":
151- status = task.StatusRunning
152+ status = task.Status_RUNNING
153 case "stopped":
154- status = task.StatusStopped
155+ status = task.Status_STOPPED
156 }
157 sio := p.Stdio()
158 res := &taskAPI.StateResponse{
159@@ -680,19 +684,19 @@
160 Stderr: sio.Stderr,
161 Terminal: sio.Terminal,
162 ExitStatus: uint32(p.ExitStatus()),
163- ExitedAt: p.ExitedAt(),
164+ ExitedAt: timestamppb.New(p.ExitedAt()),
165 }
166 log.L.Debugf("State succeeded, response: %+v", res)
167 return res, nil
168 }
169
170 // Pause the container.
171-func (s *service) Pause(ctx context.Context, r *taskAPI.PauseRequest) (*types.Empty, error) {
172+func (s *service) Pause(ctx context.Context, r *taskAPI.PauseRequest) (*emptypb.Empty, error) {
173 resp, err := s.pause(ctx, r)
174 return resp, errdefs.ToGRPC(err)
175 }
176
177-func (s *service) pause(ctx context.Context, r *taskAPI.PauseRequest) (*types.Empty, error) {
178+func (s *service) pause(ctx context.Context, r *taskAPI.PauseRequest) (*emptypb.Empty, error) {
179 log.L.Debugf("Pause, id: %s", r.ID)
180 if s.task == nil {
181 log.L.Debugf("Pause error, id: %s: container not created", r.ID)
182@@ -706,12 +710,12 @@
183 }
184
185 // Resume the container.
186-func (s *service) Resume(ctx context.Context, r *taskAPI.ResumeRequest) (*types.Empty, error) {
187+func (s *service) Resume(ctx context.Context, r *taskAPI.ResumeRequest) (*emptypb.Empty, error) {
188 resp, err := s.resume(ctx, r)
189 return resp, errdefs.ToGRPC(err)
190 }
191
192-func (s *service) resume(ctx context.Context, r *taskAPI.ResumeRequest) (*types.Empty, error) {
193+func (s *service) resume(ctx context.Context, r *taskAPI.ResumeRequest) (*emptypb.Empty, error) {
194 log.L.Debugf("Resume, id: %s", r.ID)
195 if s.task == nil {
196 log.L.Debugf("Resume error, id: %s: container not created", r.ID)
197@@ -725,12 +729,12 @@
198 }
199
200 // Kill a process with the provided signal.
201-func (s *service) Kill(ctx context.Context, r *taskAPI.KillRequest) (*types.Empty, error) {
202+func (s *service) Kill(ctx context.Context, r *taskAPI.KillRequest) (*emptypb.Empty, error) {
203 resp, err := s.kill(ctx, r)
204 return resp, errdefs.ToGRPC(err)
205 }
206
207-func (s *service) kill(ctx context.Context, r *taskAPI.KillRequest) (*types.Empty, error) {
208+func (s *service) kill(ctx context.Context, r *taskAPI.KillRequest) (*emptypb.Empty, error) {
209 log.L.Debugf("Kill, id: %s, execID: %s, signal: %d, all: %t", r.ID, r.ExecID, r.Signal, r.All)
210
211 p, err := s.getProcess(r.ExecID)
212@@ -772,7 +776,7 @@
213 if err != nil {
214 return nil, fmt.Errorf("failed to marshal process %d info: %w", pid, err)
215 }
216- pInfo.Info = a
217+ pInfo.Info = protobuf.FromAny(a)
218 break
219 }
220 }
221@@ -784,12 +788,12 @@
222 }
223
224 // CloseIO closes the I/O context of a process.
225-func (s *service) CloseIO(ctx context.Context, r *taskAPI.CloseIORequest) (*types.Empty, error) {
226+func (s *service) CloseIO(ctx context.Context, r *taskAPI.CloseIORequest) (*emptypb.Empty, error) {
227 resp, err := s.closeIO(ctx, r)
228 return resp, errdefs.ToGRPC(err)
229 }
230
231-func (s *service) closeIO(ctx context.Context, r *taskAPI.CloseIORequest) (*types.Empty, error) {
232+func (s *service) closeIO(ctx context.Context, r *taskAPI.CloseIORequest) (*emptypb.Empty, error) {
233 log.L.Debugf("CloseIO, id: %s, execID: %s, stdin: %t", r.ID, r.ExecID, r.Stdin)
234
235 p, err := s.getProcess(r.ExecID)
236@@ -805,7 +809,7 @@
237 }
238
239 // Checkpoint checkpoints the container.
240-func (s *service) Checkpoint(ctx context.Context, r *taskAPI.CheckpointTaskRequest) (*types.Empty, error) {
241+func (s *service) Checkpoint(ctx context.Context, r *taskAPI.CheckpointTaskRequest) (*emptypb.Empty, error) {
242 log.L.Debugf("Checkpoint, id: %s", r.ID)
243 return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
244 }
245@@ -829,12 +833,12 @@
246 }, nil
247 }
248
249-func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*types.Empty, error) {
250+func (s *service) Shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*emptypb.Empty, error) {
251 resp, err := s.shutdown(ctx, r)
252 return resp, errdefs.ToGRPC(err)
253 }
254
255-func (s *service) shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*types.Empty, error) {
256+func (s *service) shutdown(ctx context.Context, r *taskAPI.ShutdownRequest) (*emptypb.Empty, error) {
257 log.L.Debugf("Shutdown, id: %s", r.ID)
258 s.cancel()
259 if s.shimAddress != "" {
260@@ -921,12 +925,12 @@
261 }
262 log.L.Debugf("Stats success, id: %s: %+v", r.ID, data)
263 return &taskAPI.StatsResponse{
264- Stats: data,
265+ Stats: protobuf.FromAny(data),
266 }, nil
267 }
268
269 // Update updates a running container.
270-func (s *service) Update(ctx context.Context, r *taskAPI.UpdateTaskRequest) (*types.Empty, error) {
271+func (s *service) Update(ctx context.Context, r *taskAPI.UpdateTaskRequest) (*emptypb.Empty, error) {
272 return empty, errdefs.ToGRPC(errdefs.ErrNotImplemented)
273 }
274
275@@ -948,7 +952,7 @@
276
277 res := &taskAPI.WaitResponse{
278 ExitStatus: uint32(p.ExitStatus()),
279- ExitedAt: p.ExitedAt(),
280+ ExitedAt: timestamppb.New(p.ExitedAt()),
281 }
282 log.L.Debugf("Wait succeeded, response: %+v", res)
283 return res, nil
284@@ -976,7 +980,7 @@
285 ID: p.ID(),
286 Pid: uint32(p.Pid()),
287 ExitStatus: uint32(e.Status),
288- ExitedAt: p.ExitedAt(),
289+ ExitedAt: timestamppb.New(p.ExitedAt()),
290 }
291 return
292 }
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]293diff --git a/pkg/shim/service_linux.go b/pkg/shim/service_linux.go
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]294--- a/pkg/shim/service_linux.go (revision fbd632393665c6628221150b74ae50294d9a3695)
295+++ b/pkg/shim/service_linux.go (date 1694133606275)
296@@ -33,7 +33,7 @@
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]297 epoller *console.Epoller
298 }
Lorenz Brun65702192023-08-31 16:27:38 +0200[diff] [blame]299
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]300-func (p *linuxPlatform) CopyConsole(ctx context.Context, console console.Console, stdin, stdout, stderr string, wg *sync.WaitGroup) (console.Console, error) {
301+func (p *linuxPlatform) CopyConsole(ctx context.Context, console console.Console, id, stdin, stdout, stderr string, wg *sync.WaitGroup) (console.Console, error) {
302 if p.epoller == nil {
303 return nil, fmt.Errorf("uninitialized epoller")
304 }
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]305diff --git a/pkg/shim/proc/types.go b/pkg/shim/proc/types.go
306--- a/pkg/shim/proc/types.go (revision fbd632393665c6628221150b74ae50294d9a3695)
307+++ b/pkg/shim/proc/types.go (date 1694133223472)
308@@ -18,8 +18,8 @@
309 import (
310 "time"
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]311
Lorenz Brun6211e4d2023-11-14 19:09:40 +0100[diff] [blame]312- runc "github.com/containerd/go-runc"
313- "github.com/gogo/protobuf/types"
314+ "github.com/containerd/go-runc"
315+ "google.golang.org/protobuf/types/known/anypb"
316 )
317
318 // Mount holds filesystem mount configuration.
319@@ -49,7 +49,7 @@
320 Stdin string
321 Stdout string
322 Stderr string
323- Spec *types.Any
324+ Spec *anypb.Any
325 }
326
327 // Exit is the type of exit events.
328diff --git a/pkg/shim/proc/exec.go b/pkg/shim/proc/exec.go
329--- a/pkg/shim/proc/exec.go (revision fbd632393665c6628221150b74ae50294d9a3695)
330+++ b/pkg/shim/proc/exec.go (date 1694133514225)
331@@ -29,9 +29,10 @@
332 "github.com/containerd/containerd/log"
333 "github.com/containerd/containerd/pkg/stdio"
334 "github.com/containerd/fifo"
335- runc "github.com/containerd/go-runc"
336- specs "github.com/opencontainers/runtime-spec/specs-go"
337+ "github.com/containerd/go-runc"
338+ "github.com/opencontainers/runtime-spec/specs-go"
339 "golang.org/x/sys/unix"
340+
341 "gvisor.dev/gvisor/pkg/cleanup"
342
343 "gvisor.dev/gvisor/pkg/shim/runsc"
344@@ -238,7 +239,7 @@
345 if err != nil {
346 return fmt.Errorf("failed to retrieve console master: %w", err)
347 }
348- if e.console, err = e.parent.Platform.CopyConsole(ctx, console, e.stdio.Stdin, e.stdio.Stdout, e.stdio.Stderr, &e.wg); err != nil {
349+ if e.console, err = e.parent.Platform.CopyConsole(ctx, console, e.id, e.stdio.Stdin, e.stdio.Stdout, e.stdio.Stderr, &e.wg); err != nil {
350 return fmt.Errorf("failed to start console copy: %w", err)
351 }
352 } else if !e.stdio.IsNull() {
353diff --git a/pkg/shim/proc/init.go b/pkg/shim/proc/init.go
354--- a/pkg/shim/proc/init.go (revision fbd632393665c6628221150b74ae50294d9a3695)
355+++ b/pkg/shim/proc/init.go (date 1694133514234)
356@@ -34,9 +34,10 @@
357 "github.com/containerd/containerd/pkg/stdio"
358
359 "github.com/containerd/fifo"
360- runc "github.com/containerd/go-runc"
361- specs "github.com/opencontainers/runtime-spec/specs-go"
362+ "github.com/containerd/go-runc"
363+ "github.com/opencontainers/runtime-spec/specs-go"
364 "golang.org/x/sys/unix"
365+
366 "gvisor.dev/gvisor/pkg/shim/runsc"
367 "gvisor.dev/gvisor/pkg/shim/utils"
368 )
369@@ -155,7 +156,7 @@
370 if err != nil {
371 return fmt.Errorf("failed to retrieve console master: %w", err)
372 }
373- console, err = p.Platform.CopyConsole(ctx, console, r.Stdin, r.Stdout, r.Stderr, &p.wg)
374+ console, err = p.Platform.CopyConsole(ctx, console, r.ID, r.Stdin, r.Stdout, r.Stderr, &p.wg)
375 if err != nil {
376 return fmt.Errorf("failed to start console copy: %w", err)
377 }