Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add containerd/fuse-overlayfs-snapshotter #7084

Merged
merged 2 commits into from Oct 16, 2022
Merged

feat: add containerd/fuse-overlayfs-snapshotter #7084

merged 2 commits into from Oct 16, 2022

Conversation

takumin
Copy link
Contributor

@takumin takumin commented Oct 15, 2022

containerd/fuse-overlayfs-snapshotter: fuse-overlayfs plugin for rootless containerd

$ aqua g -i containerd/fuse-overlayfs-snapshotter

@takumin
feat: add containerd/fuse-overlayfs-snapshotter
6c208f3 
[containerd/fuse-overlayfs-snapshotter](https://github.com/containerd/fuse-overlayfs-snapshotter): fuse-overlayfs plugin for rootless containerd

```console
$ aqua g -i containerd/fuse-overlayfs-snapshotter
```
@suzuki-shunsuke suzuki-shunsuke added the enhancement New feature or request label Oct 15, 2022
@suzuki-shunsuke suzuki-shunsuke added this to the v3.75.0 milestone Oct 15, 2022
@suzuki-shunsuke
Copy link
Member

Thanks!

suzuki-shunsuke
suzuki-shunsuke reviewed Oct 15, 2022
View reviewed changes
Copy link
Member

@suzuki-shunsuke suzuki-shunsuke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry but I'm not familiar with this tool, so could you tell us how to confirm aqua can support this tool?
Does this tool work by installing the binary containerd-fuse-overlayfs-grpc in PATH?

@takumin

This comment was marked as outdated.

Sign in to view
@takumin
Copy link
Contributor Author

takumin commented Oct 15, 2022
edited

@suzuki-shunsuke
I've been working on it for a bit, but I get an error with the nerdctl command...

https://github.com/containerd/fuse-overlayfs-snapshotter#hard-way

step1: aqua install

$ cat << '__EOF__' > ~/.aqua.yaml
---
# aqua - Declarative CLI Version Manager
# https://aquaproj.github.io/
packages:
- name: containerd/nerdctl@v0.23.0
- name: containerd/containerd@v1.6.8
- name: containerd/fuse-overlayfs-snapshotter@v1.0.4
- name: containers/fuse-overlayfs@v1.9
- name: rootless-containers/rootlesskit@v1.0.1
- name: rootless-containers/slirp4netns@v1.2.0
__EOF__
$ aqua install --all

step2: containerd config

$ mkdir -p ~/.config/containerd
$ cat << __EOF__ > ~/.config/containerd/config.toml
version = 2
root = "$(echo $HOME)/.local/share/containerd"
state = "$(echo $XDG_RUNTIME_DIR)/containerd-rootless"

[grpc]
  address = "$(echo $XDG_RUNTIME_DIR)/containerd-rootless/containerd.sock"

[proxy_plugins]
  [proxy_plugins."fuse-overlayfs"]
    type = "snapshot"
    address = "$(echo $XDG_RUNTIME_DIR)/containerd-rootless/fuse-overlayfs.sock"
__EOF__

step3: running rootlesskit

$ rootlesskit \
  --net=slirp4netns --disable-host-loopback \
  --copy-up=/etc --copy-up=/run \
  --state-dir=$XDG_RUNTIME_DIR/containerd-rootless \
  sh -c "rm -rf /run/containerd ; sleep infinity"

step4: running containerd-fuse-overlayfs-grpc

$ nsenter -U --preserve-credentials -m -n -t $(cat $XDG_RUNTIME_DIR/containerd-rootless/child_pid) \
  sh -c "cd $(pwd) ; containerd-fuse-overlayfs-grpc $XDG_RUNTIME_DIR/containerd-rootless/fuse-overlayfs.sock $HOME/.local/share/containerd"

step5: running containerd

$ nsenter -U --preserve-credentials -m -n -t $(cat $XDG_RUNTIME_DIR/containerd-rootless/child_pid) \
  sh -c "cd $(pwd) ; containerd -c $HOME/.config/containerd/config.toml"

step6: running nerdctl

$ export CONTAINERD_SNAPSHOTTER=fuse-overlayfs
$ nerdctl -H $XDG_RUNTIME_DIR/containerd-rootless/containerd.sock run alpine
docker.io/library/alpine:latest:                                                  resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:1304f174557314a7ed9eddb4eab12fed12cb0cd9809e4c28f29af86979a3c870: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:9c6f0724472873bb50a2ae67a9e7adcb57673a183cea8b06eb778dca859181b5:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:213ec9aee27d8be045c6a92b7eac22c9a64b44558193775a1a7f626352392b49:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 5.4 s                                                                    total:  2.7 Mi (508.1 KiB/s)                                
FATA[0005] failed to create shim task: failed to mount rootfs component &{fuse3.fuse-overlayfs overlay [workdir=/home/takumi/.local/share/containerd/snapshots/3/work upperdir=/home/takumi/.local/share/containerd/snapshots/3/fs lowerdir=/home/takumi/.local/share/containerd/snapshots/1/fs]}: mount helper [mount.fuse3 [overlay /run/user/1000/containerd-rootless/io.containerd.runtime.v2.task/default/12a36a3820cce6ca4bb52c892fb9d951926ad4a7ac72e69f78113bd8eeb05c02/rootfs -o workdir=/home/takumi/.local/share/containerd/snapshots/3/work -o upperdir=/home/takumi/.local/share/containerd/snapshots/3/fs -o lowerdir=/home/takumi/.local/share/containerd/snapshots/1/fs -t fuse-overlayfs]] failed: "time=\"2022-10-15T18:10:11+09:00\" level=fatal msg=\"aqua failed\" aqua_version=1.20.2 env=linux/amd64 error=\"command is not found\" exe_name=fuse-overlayfs program=aqua\n": exit status 1: unknown

@takumin
Copy link
Contributor Author

takumin commented Oct 15, 2022

@suzuki-shunsuke
The nerdctl command fails, but the containerd-fuse-overlayfs-grpc command runs without problems, so I think it is OK to merge.

@suzuki-shunsuke suzuki-shunsuke removed this from the v3.75.0 milestone Oct 15, 2022
@suzuki-shunsuke suzuki-shunsuke merged commit b81a9ed into aquaproj:main Oct 16, 2022
@suzuki-shunsuke suzuki-shunsuke added this to the v3.76.0 milestone Oct 16, 2022
@suzuki-shunsuke
Copy link
Member

Released. https://github.com/aquaproj/aqua-registry/releases/tag/v3.76.0

@takumin takumin deleted the feat/containerd/fuse-overlayfs-snapshotter branch November 16, 2023 05:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@suzuki-shunsuke suzuki-shunsuke Awaiting requested review from suzuki-shunsuke

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v3.76.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@takumin @suzuki-shunsuke