containerd: support custom shim path

Like CRI, we should support custom shim paths. We can just add this as a new config field "path" under the runtime object. While "name" can be either the name of a custom shim (from which a path is derived), or a path itself, if configured as a path, no options can be provided - this is because to derive the type for the options struct, we need the name to be a member of a well-known set (currently runc and hcs). With this patch, it's now possible to configure a runtime with a custom shim at a non-default path, and include it's options (which was previously not possible to do in buildkit). Signed-off-by: Justin Chadwell <me@jedevc.com>
moby · Nov 7, 2023 · 148e1ea · 148e1ea
1 parent 116d015
commit 148e1ea
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 0 deletions.
diff --git a/cmd/buildkitd/config/config.go b/cmd/buildkitd/config/config.go
@@ -131,6 +131,7 @@ type ContainerdConfig struct {
 
 type ContainerdRuntime struct {
 	Name    string                 `toml:"name"`
+	Path    string                 `toml:"path"`
 	Options map[string]interface{} `toml:"options"`
 }
 

diff --git a/cmd/buildkitd/config/load_test.go b/cmd/buildkitd/config/load_test.go
@@ -44,6 +44,7 @@ platforms=["linux/amd64"]
 address="containerd.sock"
 [worker.containerd.runtime]
 name="exotic"
+path="/usr/bin/exotic"
 options.foo="bar"
 [[worker.containerd.gcpolicy]]
 all=true
@@ -107,6 +108,7 @@ searchDomains=["example.com"]
 	require.Equal(t, 0, len(cfg.Workers.OCI.GCPolicy))
 	require.Equal(t, "non-default", cfg.Workers.Containerd.Namespace)
 	require.Equal(t, "exotic", cfg.Workers.Containerd.Runtime.Name)
+	require.Equal(t, "/usr/bin/exotic", cfg.Workers.Containerd.Runtime.Path)
 	require.Equal(t, "bar", cfg.Workers.Containerd.Runtime.Options["foo"])
 	require.Equal(t, 3, len(cfg.Workers.Containerd.GCPolicy))
 

diff --git a/cmd/buildkitd/main_containerd_worker.go b/cmd/buildkitd/main_containerd_worker.go
@@ -322,6 +322,7 @@ func containerdWorkerInitializer(c *cli.Context, common workerInitializerOpt) ([
 
 		runtime = &containerd.RuntimeInfo{
 			Name:    cfg.Runtime.Name,
+			Path:    cfg.Runtime.Path,
 			Options: opts,
 		}
 	}

diff --git a/docs/buildkitd.toml.md b/docs/buildkitd.toml.md
@@ -109,6 +109,7 @@ insecure-entitlements = [ "network.host", "security.insecure" ]
   # configure the containerd runtime
   [worker.containerd.runtime]
     name = "io.containerd.runc.v2"
+    path = "/path/to/containerd/runc/shim"
     options = { BinaryName = "runc" }
 
   [[worker.containerd.gcpolicy]]

diff --git a/executor/containerdexecutor/executor.go b/executor/containerdexecutor/executor.go
@@ -56,6 +56,7 @@ type OnCreateRuntimer interface {
 
 type RuntimeInfo struct {
 	Name    string
+	Path    string
 	Options any
 }
 
@@ -179,6 +180,9 @@ func (w *containerdExecutor) Run(ctx context.Context, id string, root executor.M
 	if err != nil {
 		return nil, err
 	}
+	if w.runtime != nil && w.runtime.Path != "" {
+		taskOpts = append(taskOpts, containerd.WithRuntimePath(w.runtime.Path))
+	}
 	task, err := container.NewTask(ctx, cio.NewCreator(cioOpts...), taskOpts...)
 	if err != nil {
 		return nil, err