diff --git a/cmd/buildkitd/config/config.go b/cmd/buildkitd/config/config.go index f33b132f2105..c50460e86a70 100644 --- a/cmd/buildkitd/config/config.go +++ b/cmd/buildkitd/config/config.go @@ -112,6 +112,7 @@ type ContainerdConfig struct { Labels map[string]string `toml:"labels"` Platforms []string `toml:"platforms"` Namespace string `toml:"namespace"` + Runtime string `toml:"runtime"` GCConfig NetworkConfig Snapshotter string `toml:"snapshotter"` diff --git a/cmd/buildkitd/config/load_test.go b/cmd/buildkitd/config/load_test.go index 7cbc6671fb7e..358829b83452 100644 --- a/cmd/buildkitd/config/load_test.go +++ b/cmd/buildkitd/config/load_test.go @@ -40,6 +40,7 @@ foo="bar" [worker.containerd] namespace="non-default" +runtime="exotic" platforms=["linux/amd64"] address="containerd.sock" [[worker.containerd.gcpolicy]] @@ -103,6 +104,7 @@ searchDomains=["example.com"] require.Equal(t, 0, len(cfg.Workers.OCI.GCPolicy)) require.Equal(t, "non-default", cfg.Workers.Containerd.Namespace) + require.Equal(t, "exotic", cfg.Workers.Containerd.Runtime) require.Equal(t, 3, len(cfg.Workers.Containerd.GCPolicy)) require.Nil(t, cfg.Workers.Containerd.GC) diff --git a/cmd/buildkitd/main_containerd_worker.go b/cmd/buildkitd/main_containerd_worker.go index 706f5754d05d..4b74d2911244 100644 --- a/cmd/buildkitd/main_containerd_worker.go +++ b/cmd/buildkitd/main_containerd_worker.go @@ -6,11 +6,13 @@ package main import ( "context" "os" + "runtime" "strconv" "strings" "time" ctd "github.com/containerd/containerd" + "github.com/containerd/containerd/defaults" "github.com/containerd/containerd/pkg/userns" "github.com/moby/buildkit/cmd/buildkitd/config" "github.com/moby/buildkit/util/bklog" @@ -46,6 +48,14 @@ func init() { defaultConf.Workers.Containerd.Namespace = defaultContainerdNamespace } + if defaultConf.Workers.Containerd.Runtime == "" { + if runtime.GOOS == "freebsd" { + defaultConf.Workers.Containerd.Runtime = "wtf.sbk.runj.v1" + } else { + defaultConf.Workers.Containerd.Runtime = defaults.DefaultRuntime + } + } + flags := []cli.Flag{ cli.StringFlag{ Name: "containerd-worker", @@ -74,6 +84,12 @@ func init() { Value: defaultConf.Workers.Containerd.Namespace, Hidden: true, }, + cli.StringFlag{ + Name: "containerd-worker-runtime", + Usage: "override containerd runtime", + Value: defaultConf.Workers.Containerd.Runtime, + Hidden: true, + }, cli.StringFlag{ Name: "containerd-worker-net", Usage: "worker network type (auto, cni or host)", @@ -202,6 +218,10 @@ func applyContainerdFlags(c *cli.Context, cfg *config.Config) error { cfg.Workers.Containerd.Namespace = c.GlobalString("containerd-worker-namespace") } + if c.GlobalIsSet("containerd-worker-runtime") || cfg.Workers.Containerd.Runtime == "" { + cfg.Workers.Containerd.Runtime = c.GlobalString("containerd-worker-runtime") + } + if c.GlobalIsSet("containerd-worker-gc") { v := c.GlobalBool("containerd-worker-gc") cfg.Workers.Containerd.GC = &v @@ -275,7 +295,7 @@ func containerdWorkerInitializer(c *cli.Context, common workerInitializerOpt) ([ if cfg.Snapshotter != "" { snapshotter = cfg.Snapshotter } - opt, err := containerd.NewWorkerOpt(common.config.Root, cfg.Address, snapshotter, cfg.Namespace, cfg.Rootless, cfg.Labels, dns, nc, common.config.Workers.Containerd.ApparmorProfile, common.config.Workers.Containerd.SELinux, parallelismSem, common.traceSocket, ctd.WithTimeout(60*time.Second)) + opt, err := containerd.NewWorkerOpt(common.config.Root, cfg.Address, snapshotter, cfg.Namespace, cfg.Rootless, cfg.Labels, dns, nc, common.config.Workers.Containerd.ApparmorProfile, common.config.Workers.Containerd.SELinux, parallelismSem, common.traceSocket, ctd.WithTimeout(60*time.Second), ctd.WithDefaultRuntime(cfg.Runtime)) if err != nil { return nil, err } diff --git a/docs/buildkitd.toml.md b/docs/buildkitd.toml.md index df77b4866e0a..87bb08e5ee03 100644 --- a/docs/buildkitd.toml.md +++ b/docs/buildkitd.toml.md @@ -93,6 +93,7 @@ insecure-entitlements = [ "network.host", "security.insecure" ] enabled = true platforms = [ "linux/amd64", "linux/arm64" ] namespace = "buildkit" + runtime = "io.containerd.runc.v2" gc = true # gckeepstorage sets storage limit for default gc profile, in MB. gckeepstorage = 9000 diff --git a/worker/containerd/containerd.go b/worker/containerd/containerd.go index fe419febe208..28e934282d3d 100644 --- a/worker/containerd/containerd.go +++ b/worker/containerd/containerd.go @@ -4,7 +4,6 @@ import ( "context" "os" "path/filepath" - "runtime" "strconv" "strings" @@ -30,9 +29,6 @@ import ( // NewWorkerOpt creates a WorkerOpt. func NewWorkerOpt(root string, address, snapshotterName, ns string, rootless bool, labels map[string]string, dns *oci.DNSConfig, nopt netproviders.Opt, apparmorProfile string, selinux bool, parallelismSem *semaphore.Weighted, traceSocket string, opts ...containerd.ClientOpt) (base.WorkerOpt, error) { opts = append(opts, containerd.WithDefaultNamespace(ns)) - if runtime.GOOS == "freebsd" { - opts = append(opts, containerd.WithDefaultRuntime("wtf.sbk.runj.v1")) - } client, err := containerd.New(address, opts...) if err != nil {