From 2c7a6d7bb1931f88d8d925c281f106f72c01b4c9 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 5 Jun 2022 18:17:43 +0900 Subject: [PATCH 1/4] daemon: remove support for deprecated io.containerd.runtime.v1.linux This has been deprecated in Docker 20.10.0 (f63f73a4a8f531813d6b46a2347cab4bfd210df7) Signed-off-by: Akihiro Suda --- daemon/config/config.go | 5 ----- daemon/daemon_unix.go | 7 ------- daemon/info.go | 4 ---- daemon/runtime_unix.go | 22 ---------------------- 4 files changed, 38 deletions(-) diff --git a/daemon/config/config.go b/daemon/config/config.go index 9c17efa389..f3c97a673b 100644 --- a/daemon/config/config.go +++ b/daemon/config/config.go @@ -51,10 +51,6 @@ const ( // DefaultPluginNamespace is the name of the default containerd namespace used for plugins. DefaultPluginNamespace = "plugins.moby" - // LinuxV1RuntimeName is the runtime used to specify the containerd v1 shim with the runc binary - // Note this is different than io.containerd.runc.v1 which would be the v1 shim using the v2 shim API. - // This is specifically for the v1 shim using the v1 shim API. - LinuxV1RuntimeName = "io.containerd.runtime.v1.linux" // LinuxV2RuntimeName is the runtime used to specify the containerd v2 runc shim LinuxV2RuntimeName = "io.containerd.runc.v2" @@ -67,7 +63,6 @@ const ( var builtinRuntimes = map[string]bool{ StockRuntimeName: true, - LinuxV1RuntimeName: true, LinuxV2RuntimeName: true, } diff --git a/daemon/daemon_unix.go b/daemon/daemon_unix.go index 7e1fc55347..bdba08b063 100644 --- a/daemon/daemon_unix.go +++ b/daemon/daemon_unix.go @@ -727,10 +727,6 @@ func verifyPlatformContainerSettings(daemon *Daemon, hostConfig *containertypes. } } - if hostConfig.Runtime == config.LinuxV1RuntimeName || (hostConfig.Runtime == "" && daemon.configStore.DefaultRuntime == config.LinuxV1RuntimeName) { - warnings = append(warnings, fmt.Sprintf("Configured runtime %q is deprecated and will be removed in the next release.", config.LinuxV1RuntimeName)) - } - return warnings, nil } @@ -770,9 +766,6 @@ func verifyDaemonSettings(conf *config.Config) error { if conf.GetRuntime(rtName) == nil { return fmt.Errorf("specified default runtime '%s' does not exist", rtName) } - if rtName == config.LinuxV1RuntimeName { - logrus.Warnf("Configured default runtime %q is deprecated and will be removed in the next release.", config.LinuxV1RuntimeName) - } } return nil } diff --git a/daemon/info.go b/daemon/info.go index 93a883cadb..83e59de55f 100644 --- a/daemon/info.go +++ b/daemon/info.go @@ -72,10 +72,6 @@ func (daemon *Daemon) SystemInfo() *types.Info { daemon.fillLicense(v) daemon.fillDefaultAddressPools(v) - if v.DefaultRuntime == config.LinuxV1RuntimeName { - v.Warnings = append(v.Warnings, fmt.Sprintf("Configured default runtime %q is deprecated and will be removed in the next release.", config.LinuxV1RuntimeName)) - } - return v } diff --git a/daemon/runtime_unix.go b/daemon/runtime_unix.go index 1478735b83..92f32c0729 100644 --- a/daemon/runtime_unix.go +++ b/daemon/runtime_unix.go @@ -10,8 +10,6 @@ import ( "path/filepath" "strings" - "github.com/containerd/cgroups" - "github.com/containerd/containerd/runtime/linux/runctypes" v2runcoptions "github.com/containerd/containerd/runtime/v2/runc/options" "github.com/docker/docker/api/types" "github.com/docker/docker/daemon/config" @@ -24,7 +22,6 @@ import ( const ( defaultRuntimeName = "runc" - linuxShimV1 = "io.containerd.runtime.v1.linux" linuxShimV2 = "io.containerd.runc.v2" ) @@ -35,7 +32,6 @@ func configureRuntimes(conf *config.Config) { if conf.Runtimes == nil { conf.Runtimes = make(map[string]types.Runtime) } - conf.Runtimes[config.LinuxV1RuntimeName] = types.Runtime{Path: defaultRuntimeName, Shim: defaultV1ShimConfig(conf, defaultRuntimeName)} conf.Runtimes[config.LinuxV2RuntimeName] = types.Runtime{Path: defaultRuntimeName, Shim: defaultV2ShimConfig(conf, defaultRuntimeName)} conf.Runtimes[config.StockRuntimeName] = conf.Runtimes[config.LinuxV2RuntimeName] } @@ -52,17 +48,6 @@ func defaultV2ShimConfig(conf *config.Config, runtimePath string) *types.ShimCon } } -func defaultV1ShimConfig(conf *config.Config, runtimePath string) *types.ShimConfig { - return &types.ShimConfig{ - Binary: linuxShimV1, - Opts: &runctypes.RuncOptions{ - Runtime: runtimePath, - RuntimeRoot: filepath.Join(conf.ExecRoot, "runtime-"+defaultRuntimeName), - SystemdCgroup: UsingSystemd(conf), - }, - } -} - func (daemon *Daemon) loadRuntimes() error { return daemon.initRuntimes(daemon.configStore.Runtimes) } @@ -147,12 +132,5 @@ func (daemon *Daemon) getRuntime(name string) (*types.Runtime, error) { rt.Shim = defaultV2ShimConfig(daemon.configStore, rt.Path) } - if rt.Shim.Binary == linuxShimV1 { - if cgroups.Mode() == cgroups.Unified { - return nil, errdefs.InvalidParameter(errors.Errorf("runtime %q is not supported while cgroups v2 (unified hierarchy) is being used", name)) - } - logrus.Warnf("Configured runtime %q is deprecated and will be removed in the next release", name) - } - return rt, nil } From 658a4b0feca1e8d8a885edd8511f55efeeea3950 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 5 Jun 2022 18:32:14 +0900 Subject: [PATCH 2/4] libcontainerd: remove support for runtime v1 API Signed-off-by: Akihiro Suda --- libcontainerd/remote/client.go | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/libcontainerd/remote/client.go b/libcontainerd/remote/client.go index d530fb6bc2..552d7d11f1 100644 --- a/libcontainerd/remote/client.go +++ b/libcontainerd/remote/client.go @@ -22,7 +22,6 @@ import ( containerderrors "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/events" "github.com/containerd/containerd/images" - "github.com/containerd/containerd/runtime/linux/runctypes" v2runcoptions "github.com/containerd/containerd/runtime/v2/runc/options" "github.com/containerd/typeurl" "github.com/docker/docker/errdefs" @@ -217,12 +216,6 @@ func (c *client) Start(ctx context.Context, id, checkpointDir string, withStdin opts.IoUid = uint32(uid) opts.IoGid = uint32(gid) info.Options = &opts - } else { - info.Options = &runctypes.CreateOptions{ - IoUid: uint32(uid), - IoGid: uint32(gid), - NoPivotRoot: os.Getenv("DOCKER_RAMDISK") != "", - } } return nil }) @@ -515,13 +508,10 @@ func (c *client) getCheckpointOptions(id string, exit bool) containerd.Checkpoin return func(r *containerd.CheckpointTaskInfo) error { if r.Options == nil { c.v2runcoptionsMu.Lock() - _, isV2 := c.v2runcoptions[id] + _, ok := c.v2runcoptions[id] c.v2runcoptionsMu.Unlock() - - if isV2 { + if ok { r.Options = &v2runcoptions.CheckpointOptions{Exit: exit} - } else { - r.Options = &runctypes.CheckpointOptions{Exit: exit} } return nil } @@ -529,8 +519,6 @@ func (c *client) getCheckpointOptions(id string, exit bool) containerd.Checkpoin switch opts := r.Options.(type) { case *v2runcoptions.CheckpointOptions: opts.Exit = exit - case *runctypes.CheckpointOptions: - opts.Exit = exit } return nil From 1fcd9f73d45d15aeaad237ff8bbe44e7f8b3ad33 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 5 Jun 2022 18:19:43 +0900 Subject: [PATCH 3/4] hack: stop installing containerd-shim (io.containerd.runtime.v1.linux) Signed-off-by: Akihiro Suda --- hack/dockerfile/install/containerd.installer | 1 - hack/make/binary-daemon | 2 +- hack/make/install-binary | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 16285d49f0..767bb059ab 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -36,7 +36,6 @@ install_containerd() ( make install -D bin/containerd "${PREFIX}/containerd" - install -D bin/containerd-shim "${PREFIX}/containerd-shim" install -D bin/containerd-shim-runc-v2 "${PREFIX}/containerd-shim-runc-v2" install -D bin/ctr "${PREFIX}/ctr" ) diff --git a/hack/make/binary-daemon b/hack/make/binary-daemon index fffceabc06..169e96bfd1 100644 --- a/hack/make/binary-daemon +++ b/hack/make/binary-daemon @@ -14,7 +14,7 @@ copy_binaries() { return fi echo "Copying nested executables into $dir" - for file in containerd containerd-shim containerd-shim-runc-v2 ctr runc docker-init rootlesskit rootlesskit-docker-proxy dockerd-rootless.sh dockerd-rootless-setuptool.sh; do + for file in containerd containerd-shim-runc-v2 ctr runc docker-init rootlesskit rootlesskit-docker-proxy dockerd-rootless.sh dockerd-rootless-setuptool.sh; do cp -f "$(command -v "$file")" "$dir/" if [ "$hash" = "hash" ]; then hash_files "$dir/$file" diff --git a/hack/make/install-binary b/hack/make/install-binary index d643c3251b..96e7cc0a39 100644 --- a/hack/make/install-binary +++ b/hack/make/install-binary @@ -11,7 +11,6 @@ source "${MAKEDIR}/.install" install_binary "${DEST}/runc" install_binary "${DEST}/containerd" install_binary "${DEST}/ctr" - install_binary "${DEST}/containerd-shim" install_binary "${DEST}/containerd-shim-runc-v2" install_binary "${DEST}/docker-proxy" install_binary "${DEST}/docker-init" From c3eefab550a4518febe622148be4836300e44c89 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 5 Jun 2022 18:21:50 +0900 Subject: [PATCH 4/4] hack: remove error_on_leaked_containerd_shims The function does not support containerd-shim-runc-v2 (io.containerd.runc.v2) Signed-off-by: Akihiro Suda --- hack/make/.integration-test-helpers | 16 ---------------- hack/make/test-integration | 1 - 2 files changed, 17 deletions(-) diff --git a/hack/make/.integration-test-helpers b/hack/make/.integration-test-helpers index adc9c0c0a7..cd17e6354d 100644 --- a/hack/make/.integration-test-helpers +++ b/hack/make/.integration-test-helpers @@ -161,22 +161,6 @@ test_env() { ) } -error_on_leaked_containerd_shims() { - if [ "$(go env GOOS)" = 'windows' ]; then - return - fi - - leftovers=$(ps -ax -o pid,cmd \ - | awk '$2 == "containerd-shim" && $4 ~ /.*\/bundles\/.*\/test-integration/ { print $1 }') - if [ -n "$leftovers" ]; then - ps aux - # shellcheck disable=SC2086 - kill -9 ${leftovers} 2> /dev/null - echo "!!!! WARNING you have left over shim(s), Cleanup your test !!!!" - exit 1 - fi -} - set_platform_timeout() { # Test timeout. if [ "${DOCKER_ENGINE_GOARCH}" = "arm64" ] || [ "${DOCKER_ENGINE_GOARCH}" = "arm" ]; then diff --git a/hack/make/test-integration b/hack/make/test-integration index 1545cc49ee..199131c209 100755 --- a/hack/make/test-integration +++ b/hack/make/test-integration @@ -20,7 +20,6 @@ fi # Always run cleanup, even if the subshell fails bundle .integration-daemon-stop cleanup_test_suite_binaries - error_on_leaked_containerd_shims echo exiting test-integration set -x