From 883860da4e936a29163a990c9c0632a0bb6e550d Mon Sep 17 00:00:00 2001 From: Mihnea Saracin Date: Tue, 29 Jun 2021 20:04:44 +0000 Subject: [PATCH] Revert "Update containerd to 1.4.6" This reverts commit 4c682e9c434db74f616a039d6ab4415f36fedc03. Change-Id: I18950de2f06e42c45b19f0f8d5cca058216c68f6 --- centos_tarball-dl.lst | 6 +-- kubernetes/containerd/centos/build_srpm.data | 6 +-- kubernetes/containerd/centos/containerd.spec | 20 ++++----- ...1-customize-containerd-for-StarlingX.patch | 44 ++++++++++--------- ...-archive-skip-chmod-IsNotExist-error.patch | 33 ++++++++++++++ 5 files changed, 72 insertions(+), 37 deletions(-) create mode 100644 kubernetes/containerd/centos/files/0002-archive-skip-chmod-IsNotExist-error.patch diff --git a/centos_tarball-dl.lst b/centos_tarball-dl.lst index 8b905891b..ff97a3bfc 100644 --- a/centos_tarball-dl.lst +++ b/centos_tarball-dl.lst @@ -6,8 +6,8 @@ ceph-object-corpus-e32bf8ca3dc6151ebe7f205ba187815bc18e1cef.tar.gz#ceph-object-c chartmuseum-0.12.0.tar.gz#chartmuseum#https://github.com/helm/chartmuseum/archive/v0.12.0.tar.gz#https## !chartmuseum-v0.12.0-amd64#chartmuseum-bin#https://s3.amazonaws.com/chartmuseum/release/v0.12.0/bin/linux/amd64/chartmuseum#https## civetweb-ff2881e2cd5869a71ca91083bad5d12cccd22136.tar.gz#civetweb#https://api.github.com/repos/ceph/civetweb/tarball/ff2881e2cd5869a71ca91083bad5d12cccd22136#https## -containerd-1.4.6.tar.gz#containerd#https://github.com/containerd/containerd/archive/refs/tags/v1.4.6.tar.gz#https## -crictl-v1.21.0-linux-amd64.tar.gz#crictl#https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.21.0/crictl-v1.21.0-linux-amd64.tar.gz#https## +containerd-v1.3.3.tar.gz#containerd#https://github.com/containerd/containerd/archive/v1.3.3.tar.gz#https## +crictl-v1.18.0-linux-amd64.tar.gz#crictl#https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.18.0/crictl-v1.18.0-linux-amd64.tar.gz#https## docker-distribution-v2.7.1.tar.gz#docker-distribution-2.7.1#https://github.com/docker/distribution/archive/v2.7.1.tar.gz#http## # docker-libtrust-fa567046d9b14f6aa788882a950d69651d230b21.tar.gz#docker-libtrust#https://github.com/docker/libtrust/archive/fa567046d9b14f6aa788882a950d69651d230b21.tar.gz#http## dpdk-18.11.tar.xz#dpdk-18.11#http://fast.dpdk.org/rel/dpdk-18.11.tar.xz#http## @@ -60,7 +60,7 @@ rapidjson-f54b0e47a08782a6131cc3d60f94d038fa6e0a51.tar.gz#rapidjson#https://api. Redfishtool-1.1.0.tar.gz#Redfishtool-1.1.0#https://github.com/DMTF/Redfishtool/archive/1.1.0.tar.gz#http## requests-toolbelt-0.9.1.tar.gz#requests-toolbelt-0.9.1#https://github.com/requests/toolbelt/archive/0.9.1.tar.gz#http## rocksdb-f4a857da0b720691effc524469f6db895ad00d8e.tar.gz#rocksdb#https://api.github.com/repos/ceph/rocksdb/tarball/f4a857da0b720691effc524469f6db895ad00d8e#https## -runc-1.0.0-rc95.tar.gz#runc#https://github.com/opencontainers/runc/archive/v1.0.0-rc95.tar.gz#https## +runc-1.0.0-rc10.tar.gz#runc#https://github.com/opencontainers/runc/archive/v1.0.0-rc10.tar.gz#https## !rt-setup-2.1-2.el8.src.rpm#rt-setup#https://git.centos.org/rpms/rt-setup#http_script#201aeb6d3d06c556cee369b9833539ecb67ce943#post-dl-script/rt-setup.sh # Sirupsen-logrus-55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#Sirupsen-logrus#github.com/Sirupsen/logrus/archive/55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#http## spdk-f474ce6930f0a44360e1cc4ecd606d2348481c4c.tar.gz#spdk#https://api.github.com/repos/ceph/spdk/tarball/f474ce6930f0a44360e1cc4ecd606d2348481c4c#https## diff --git a/kubernetes/containerd/centos/build_srpm.data b/kubernetes/containerd/centos/build_srpm.data index 743828cbc..7412ab2d3 100644 --- a/kubernetes/containerd/centos/build_srpm.data +++ b/kubernetes/containerd/centos/build_srpm.data @@ -1,6 +1,6 @@ -COPY_LIST="${STX_BASE}/downloads/containerd-1.4.6.tar.gz - ${STX_BASE}/downloads/runc-1.0.0-rc95.tar.gz - ${STX_BASE}/downloads/crictl-v1.21.0-linux-amd64.tar.gz +COPY_LIST="${STX_BASE}/downloads/containerd-v1.3.3.tar.gz + ${STX_BASE}/downloads/runc-1.0.0-rc10.tar.gz + ${STX_BASE}/downloads/crictl-v1.18.0-linux-amd64.tar.gz ${FILES_BASE}/*" TIS_PATCH_VER=PKG_GITREVCOUNT diff --git a/kubernetes/containerd/centos/containerd.spec b/kubernetes/containerd/centos/containerd.spec index 941968fed..62e7cd825 100644 --- a/kubernetes/containerd/centos/containerd.spec +++ b/kubernetes/containerd/centos/containerd.spec @@ -3,16 +3,17 @@ # Copyright (C) 2019 Intel Corporation # Name: containerd -Version: 1.4.6 +Version: 1.3.3 Release: %{tis_patch_ver}%{?_tis_dist} Summary: Open and reliable container runtime Group: Kubernetes License: ASL 2.0 -Source0: containerd-%{version}.tar.gz -Source1: runc-1.0.0-rc95.tar.gz -Source2: crictl-v1.21.0-linux-amd64.tar.gz +Source0: containerd-v%{version}.tar.gz +Source1: runc-1.0.0-rc10.tar.gz +Source2: crictl-v1.18.0-linux-amd64.tar.gz Source3: crictl.yaml -Patch1: 0001-customize-containerd-for-StarlingX.patch +Patch5: 0001-customize-containerd-for-StarlingX.patch +Patch6: 0002-archive-skip-chmod-IsNotExist-error.patch URL: https://www.starlingx.io Vendor: StarlingX Packager: StarlingX @@ -52,21 +53,20 @@ low-level storage and network attachments, etc. %prep %setup -q -c -n src -a 1 %setup -q -c -T -D -n src -a 2 -%patch1 -p1 +%patch5 -p1 +%patch6 -p1 %build # build containerd -rm -rf %{CONTAINERD_DIR} mkdir -p %{CONTAINERD_DIR} -cp -a %{_builddir}/src/containerd-%{version}/* %{CONTAINERD_DIR}/ +mv %{_builddir}/src/containerd/* %{CONTAINERD_DIR}/ pushd %{CONTAINERD_DIR} make popd # build runc -rm -rf %{RUNC_DIR} mkdir -p %{RUNC_DIR} -cp -a %{_builddir}/src/runc-1.0.0-rc95/* %{RUNC_DIR}/ +mv %{_builddir}/src/runc/* %{RUNC_DIR}/ pushd %{RUNC_DIR} make popd diff --git a/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch b/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch index 33a06ca5f..67239c248 100644 --- a/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch +++ b/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch @@ -1,53 +1,55 @@ -From a8466190118c114d5ddeec381bbafa8441d7e638 Mon Sep 17 00:00:00 2001 -From: Chris Friesen -Date: Thu, 17 Jun 2021 10:27:09 -0400 +From 311301438b0366004e238cbcc2ca07d38d8a9369 Mon Sep 17 00:00:00 2001 +From: Shuicheng Lin +Date: Wed, 25 Sep 2019 20:02:34 +0800 Subject: [PATCH] customize containerd for StarlingX -1. disable btrfs to avoid needing to pull in the devel package +1. disable btrfs to pass build. 2. docker registry in StarlingX 3.0 branch doesn't support POST method for token and will return 400. Switch to GET method to get token if StatusCode is 400. 3. hardcode version info due to miss git info in tarball. + +Signed-off-by: Shuicheng Lin --- - containerd-1.4.6/Makefile | 3 ++- - containerd-1.4.6/remotes/docker/authorizer.go | 3 ++- + containerd/Makefile | 3 ++- + containerd/remotes/docker/authorizer.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) -diff --git a/containerd-1.4.6/Makefile b/containerd-1.4.6/Makefile -index c0fecb9..44dd5ad 100644 ---- a/containerd-1.4.6/Makefile -+++ b/containerd-1.4.6/Makefile +diff --git a/containerd/Makefile b/containerd/Makefile +index 37012e8..7ab6a22 100644 +--- a/containerd/Makefile ++++ b/containerd/Makefile @@ -20,7 +20,7 @@ ROOTDIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST)))) DESTDIR ?= /usr/local # Used to populate variables in version package. -VERSION=$(shell git describe --match 'v[0-9]*' --dirty='.m' --always) -+VERSION=v1.4.6 ++VERSION=v1.3.3 REVISION=$(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi) PACKAGE=github.com/containerd/containerd - SHIM_CGO_ENABLED ?= 0 -@@ -78,6 +78,7 @@ endif - # Build tags apparmor and selinux are needed by CRI plugin. - GO_BUILDTAGS ?= apparmor selinux + +@@ -95,6 +95,7 @@ endif + # Build tags seccomp and apparmor are needed by CRI plugin. + GO_BUILDTAGS ?= seccomp apparmor GO_BUILDTAGS += ${DEBUG_TAGS} +GO_BUILDTAGS += no_btrfs GO_TAGS=$(if $(GO_BUILDTAGS),-tags "$(GO_BUILDTAGS)",) GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)' SHIM_GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static" $(EXTRA_LDFLAGS)' -diff --git a/containerd-1.4.6/remotes/docker/authorizer.go b/containerd-1.4.6/remotes/docker/authorizer.go -index 001423a..2db8d60 100644 ---- a/containerd-1.4.6/remotes/docker/authorizer.go -+++ b/containerd-1.4.6/remotes/docker/authorizer.go +diff --git a/containerd/remotes/docker/authorizer.go b/containerd/remotes/docker/authorizer.go +index 9652d3a..72a6f3a 100644 +--- a/containerd/remotes/docker/authorizer.go ++++ b/containerd/remotes/docker/authorizer.go @@ -366,7 +366,8 @@ func (ah *authHandler) fetchTokenWithOAuth(ctx context.Context, to tokenOptions) // Registries without support for POST may return 404 for POST /v2/token. // As of September 2017, GCR is known to return 404. // As of February 2018, JFrog Artifactory is known to return 401. - if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 { -+ // Registry in StarlingX 3.0 returns 400 for POST /v2/token. Should check if still applicable. ++ // Current Registry in StarlingX returns 400 for POST /v2/token. + if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 || resp.StatusCode == 400 { return ah.fetchToken(ctx, to) } else if resp.StatusCode < 200 || resp.StatusCode >= 400 { b, _ := ioutil.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB -- -2.29.2 +2.16.6 diff --git a/kubernetes/containerd/centos/files/0002-archive-skip-chmod-IsNotExist-error.patch b/kubernetes/containerd/centos/files/0002-archive-skip-chmod-IsNotExist-error.patch new file mode 100644 index 000000000..6925c0ea6 --- /dev/null +++ b/kubernetes/containerd/centos/files/0002-archive-skip-chmod-IsNotExist-error.patch @@ -0,0 +1,33 @@ +From e2269f2ae0a8bb996b13d98ed6ffbdad7cdafd0f Mon Sep 17 00:00:00 2001 +From: Mikko Ylinen +Date: Mon, 23 Mar 2020 20:52:14 +0200 +Subject: [PATCH] archive: skip chmod IsNotExist error + +handleLChmod() does not properly check that files behind the handlinks exist +before calling os.Chmod(). We've seen base images where this results in +"no such file or directory" error from os.Chmod() when unpacking the image. + +To keep the existing logic but fix the problem, this commit simply skips +IsNotExist error. + +Signed-off-by: Mikko Ylinen +--- + containerd/archive/tar_unix.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/containerd/archive/tar_unix.go b/containerd/archive/tar_unix.go +index d081351..2134083 100644 +--- a/containerd/archive/tar_unix.go ++++ b/containerd/archive/tar_unix.go +@@ -125,7 +125,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error { + func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error { + if hdr.Typeflag == tar.TypeLink { + if fi, err := os.Lstat(hdr.Linkname); err == nil && (fi.Mode()&os.ModeSymlink == 0) { +- if err := os.Chmod(path, hdrInfo.Mode()); err != nil { ++ if err := os.Chmod(path, hdrInfo.Mode()); err != nil && !os.IsNotExist(err) { + return err + } + } +-- +1.8.3.1 +