Skip to content

Commit

Permalink
sysext: add containerd recipe
Browse files Browse the repository at this point in the history 
this build containerd + runc sysext

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
  • Loading branch information
@tormath1
tormath1 committed Nov 8, 2024
1 parent 8cc25e0 commit dc704fe
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 0 deletions.
74 changes: 74 additions & 0 deletions create_containerd_sysext.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
#!/usr/bin/env bash
set -euo pipefail

export ARCH="${ARCH-amd64}"
SCRIPTFOLDER="$(dirname "$(readlink -f "$0")")"

if [ $# -lt 2 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "Usage: $0 VERSION SYSEXTNAME"
echo "The script will download the containerd release tar ball (e.g., for 1.7.23) and create a sysext squashfs image with the name SYSEXTNAME.raw in the current folder."
echo "A temporary directory named SYSEXTNAME in the current folder will be created and deleted again."
echo "All files in the sysext image will be owned by root."
echo "To use arm64 pass 'ARCH=arm64' as environment variable (current value is '${ARCH}')."
"${SCRIPTFOLDER}"/bake.sh --help
exit 1
fi

VERSION="$1"
SYSEXTNAME="$2"

# Download containerd
rm -f containerd-static-*
curl --remote-name -fsSL "https://github.com/containerd/containerd/releases/download/v${VERSION}/containerd-static-${VERSION}-linux-${ARCH}.tar.gz{,.sha256sum}"
sha256sum --check "containerd-static-${VERSION}-linux-${ARCH}.tar.gz.sha256sum"

# Create the sysext folder
rm -rf "${SYSEXTNAME}"
mkdir -p "${SYSEXTNAME}"
tar --force-local -xf "containerd-static-${VERSION}-linux-${ARCH}.tar.gz" -C "${SYSEXTNAME}"
rm containerd-static-*

# Install containerd binaries and runc
mkdir -p "${SYSEXTNAME}"/usr/bin
mv "${SYSEXTNAME}"/bin/* "${SYSEXTNAME}"/usr/bin/
rmdir "${SYSEXTNAME}"/bin
runc_version=$(curl -fsSL "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v${VERSION}/script/setup/runc-version")
echo "Downloading associated runc version: ${runc_version}"
curl -o "${SYSEXTNAME}/usr/bin/runc" -fsSL "https://github.com/opencontainers/runc/releases/download/${runc_version}/runc.${ARCH}"
chmod a+x "${SYSEXTNAME}/usr/bin/runc"

# Install systemd configuration
mkdir -p "${SYSEXTNAME}/usr/lib/systemd/system"
cat > "${SYSEXTNAME}/usr/lib/systemd/system/containerd.service" <<-'EOF'
[Unit]
Description=containerd container runtime
After=network.target
[Service]
Delegate=yes
Environment=CONTAINERD_CONFIG=/usr/share/containerd/config.toml
ExecStart=/usr/bin/containerd --config ${CONTAINERD_CONFIG}
KillMode=process
Restart=always
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
[Install]
WantedBy=multi-user.target
EOF
mkdir -p "${SYSEXTNAME}/usr/lib/systemd/system/multi-user.target.d"
{ echo "[Unit]"; echo "Upholds=containerd.service"; } > "${SYSEXTNAME}/usr/lib/systemd/system/multi-user.target.d/10-containerd-service.conf"
mkdir -p "${SYSEXTNAME}/usr/share/containerd"
cat > "${SYSEXTNAME}/usr/share/containerd/config.toml" <<-'EOF'
version = 3
# set containerd's OOM score
oom_score = -999
[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
# setting runc.options unsets parent settings
runtime_type = "io.containerd.runc.v2"
[plugins.'io.containerd.cri.v1.runtime'.containerd.runtimes.runc.options]
SystemdCgroup = true
EOF
sed 's/SystemdCgroup = true/SystemdCgroup = false/g' "${SYSEXTNAME}/usr/share/containerd/config.toml" > "${SYSEXTNAME}/usr/share/containerd/config-cgroupfs.toml"

RELOAD=1 "${SCRIPTFOLDER}"/bake.sh "${SYSEXTNAME}"
rm -rf "${SYSEXTNAME}"
2 changes: 2 additions & 0 deletions release_build_versions.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,5 @@ rke2-v1.31.1+rke2r1
nvidia_runtime-v1.16.2

ollama-0.3.9

containerd-2.0.0

0 comments on commit dc704fe

Please # to comment.