Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rootless: support stargz #123

Merged
merged 4 commits into from
Mar 22, 2021
Merged

rootless: support stargz #123

merged 4 commits into from
Mar 22, 2021

Conversation

AkihiroSuda
Copy link
Member

See ./docs/rootless.md for the usage.

Stargz Snapshotter <= 0.4.1 only works on Ubuntu and Debian kernel.
Future versions will work on any distro with kernel >= 4.18.

@AkihiroSuda
Copy link
Member Author

cc @ktock

This was referenced Mar 19, 2021
Merged
Closed
@ktock
Copy link
Member

ktock commented Mar 19, 2021
edited
Loading

@AkihiroSuda Tried this rootless mode on ubuntu 20.10 and it works even with mainline linux 5.11.

setup procedure 

sudo apt-get install -y make jq gcc slirp4netns uidmap dbus-user-session rootlesskit

# Install deps (go, containerd, runc, cni, stargz snapshotter)

cd ~

wget https://golang.org/dl/go1.16.2.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.16.2.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version

wget https://github.com/containerd/containerd/releases/download/v1.5.0-beta.4/containerd-1.5.0-beta.4-linux-amd64.tar.gz
tar zxvf containerd-1.5.0-beta.4-linux-amd64.tar.gz
sudo install ./bin/* /usr/local/bin

wget https://github.com/opencontainers/runc/releases/download/v1.0.0-rc93/runc.amd64
sudo install ./runc.amd64 /usr/local/bin/runc

sudo mkdir -p /opt/cni/bin
curl -Ls https://github.com/containernetworking/plugins/releases/download/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz | sudo tar xzv -C /opt/cni/bin

mkdir -p ~/go/src/github.com/containerd/
cd ~/go/src/github.com/containerd/

git clone https://github.com/containerd/stargz-snapshotter
cd stargz-snapshotter
make -j4
sudo make install

# Install nerdctl and run rootless containerd

cd ../
git clone https://github.com/AkihiroSuda/nerdctl
cd nerdctl
git checkout c13ce2e5c1719b931a9154b76748edf114e75f16
sed -i 's/--port-driver=builtin/--port-driver=slirp4netns/g' ./extras/rootless/containerd-rootless-setuptool.sh
make
sudo make install

containerd-rootless-setuptool.sh install
sleep 3
containerd-rootless-setuptool.sh install-stargz
cat <<EOF > ~/.config/containerd/config.toml
[proxy_plugins]
  [proxy_plugins."stargz"]
      type = "snapshot"
      address = "/run/user/$(id -u | tr -d '\n')/containerd-stargz-grpc/containerd-stargz-grpc.sock"
EOF
sleep 3
systemctl --user restart containerd.service
export CONTAINERD_SNAPSHOTTER=stargz
sleep 3
nerdctl run -it --rm ghcr.io/stargz-containers/python:3.9-esgz sh -ec "apt-get update && apt-get install -y sl"

P.S.
Though I haven't looked it deeper, sed -i 's/--port-driver=builtin/--port-driver=slirp4netns/g' ./extras/rootless/containerd-rootless-setuptool.sh was needed for my setup with Ubuntu 20.10 (Linux ktock 5.8.0-45-generic #51-Ubuntu SMP Fri Feb 19 13:24:51 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux).

Otherwise I got

[INFO] Checking RootlessKit functionality
[rootlesskit:parent] error: dial unix /tmp/rootlesskit928318489/.bp.sock: connect: no such file or directory
[ERROR] RootlessKit failed, see the error messages and https://rootlesscontaine.rs/getting-started/common/ .

@AkihiroSuda
Copy link
Member Author

AkihiroSuda commented Mar 19, 2021
edited
Loading

.bp.sock: connect: no such file or directory

This is a known flakiness, could you retry several times

rootless-containers/rootlesskit#242

@AkihiroSuda AkihiroSuda mentioned this pull request Mar 20, 2021
Merged
ktock
ktock approved these changes Mar 22, 2021
View reviewed changes
Copy link
Member

@ktock ktock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.bp.sock: connect: no such file or directory

#126 solves it.

@ktock
Copy link
Member

ktock commented Mar 22, 2021

FYI: Released stargz snapshotter v0.5.0 with rootless support: https://github.com/containerd/stargz-snapshotter/releases/tag/v0.5.0

@AkihiroSuda
rootless: support stargz
9b4afa7 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
@AkihiroSuda
rootless: add guide for restarting containerd after modifying config
a3ff365 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
@AkihiroSuda
update stargz-snapshotter to v0.5.0
09b124c 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
@AkihiroSuda
Copy link
Member Author

Updated for v0.5.0. Still LGTY?

@AkihiroSuda
CI: update containerd to 1.5.0-beta.4
10780ec 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
@AkihiroSuda AkihiroSuda merged commit 0bc8508 into containerd:master Mar 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ktock ktock ktock approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AkihiroSuda @ktock