From 298c333a7687e286024b6434674db0f94cdc5f3a Mon Sep 17 00:00:00 2001 From: Kaustubh Dhokte Date: Fri, 11 Feb 2022 23:08:35 -0500 Subject: [PATCH] CentOS: upversion containerd and runc To align with kubernetes 1.21.8, Upgrade containerd from version 1.4.6 to 1.4.11 Upgrade runc from version 1.0.0-rc95 to 1.0.2 We continue to use no_btrfs build flag for containerd as we do not use btrfs Test Plan: Built an iso (CentOS) and installed on AIO-DX lab PASS: Run basic docker, ctr, crictl and runc commands to create, list containers, images PASS: Create new pods and PVCs and delete them PASS: Lock-unlock and reboot hosts. Check all pods are up back Story: 2009845 Task: 44456 Signed-off-by: Kaustubh Dhokte Change-Id: I8e5ce0fd316e2e7f059c8abe5050732192f502a1 --- centos_tarball-dl.lst | 4 ++-- kubernetes/containerd/centos/build_srpm.data | 4 ++-- kubernetes/containerd/centos/containerd.spec | 9 ++++----- ...1-customize-containerd-for-StarlingX.patch | 20 ++++++++++--------- 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/centos_tarball-dl.lst b/centos_tarball-dl.lst index 4f9de2a3c..c5fd3ea20 100644 --- a/centos_tarball-dl.lst +++ b/centos_tarball-dl.lst @@ -8,7 +8,7 @@ ceph-object-corpus-e32bf8ca3dc6151ebe7f205ba187815bc18e1cef.tar.gz#ceph-object-c chartmuseum-0.12.0.tar.gz#chartmuseum#https://github.com/helm/chartmuseum/archive/v0.12.0.tar.gz#https## !chartmuseum-v0.12.0-amd64#chartmuseum-bin#https://s3.amazonaws.com/chartmuseum/release/v0.12.0/bin/linux/amd64/chartmuseum#https## civetweb-bb99e93da00c3fe8c6b6a98520fb17cf64710ce7.tar.gz#civetweb#https://api.github.com/repos/ceph/civetweb/tarball/bb99e93da00c3fe8c6b6a98520fb17cf64710ce7#https## -containerd-1.4.6.tar.gz#containerd#https://github.com/containerd/containerd/archive/refs/tags/v1.4.6.tar.gz#https## +containerd-v1.4.11.tar.gz#containerd#https://github.com/containerd/containerd/archive/v1.4.11.tar.gz#https## crictl-v1.21.0-linux-amd64.tar.gz#crictl#https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.21.0/crictl-v1.21.0-linux-amd64.tar.gz#https## dmclock-4496dbc6515db96e08660ac38883329c5009f3e9.tar.gz#dmclock#https://api.github.com/repos/ceph/dmclock/tarball/4496dbc6515db96e08660ac38883329c5009f3e9#https## docker-distribution-v2.7.1.tar.gz#docker-distribution-2.7.1#https://github.com/docker/distribution/archive/v2.7.1.tar.gz#http## @@ -75,7 +75,7 @@ rapidjson-f54b0e47a08782a6131cc3d60f94d038fa6e0a51.tar.gz#rapidjson#https://api. Redfishtool-1.1.0.tar.gz#Redfishtool-1.1.0#https://github.com/DMTF/Redfishtool/archive/1.1.0.tar.gz#http## requests-toolbelt-0.9.1.tar.gz#requests-toolbelt-0.9.1#https://github.com/requests/toolbelt/archive/0.9.1.tar.gz#http## rocksdb-4c736f177851cbf9fb7a6790282306ffac5065f8.tar.gz#rocksdb#https://api.github.com/repos/ceph/rocksdb/tarball/4c736f177851cbf9fb7a6790282306ffac5065f8#https## -runc-1.0.0-rc95.tar.gz#runc#https://github.com/opencontainers/runc/archive/v1.0.0-rc95.tar.gz#https## +runc-1.0.2.tar.gz#runc#https://github.com/opencontainers/runc/archive/refs/tags/v1.0.2.tar.gz#https## !rt-setup-2.1-2.el8.src.rpm#rt-setup#https://git.centos.org/rpms/rt-setup#http_script#201aeb6d3d06c556cee369b9833539ecb67ce943#post-dl-script/rt-setup.sh # Sirupsen-logrus-55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#Sirupsen-logrus#github.com/Sirupsen/logrus/archive/55eb11d21d2a31a3cc93838241d04800f52e823d.tar.gz#http## seastar-0cf6aa6b28d69210b271489c0778f226cde0f459.tar.gz#seastar#https://api.github.com/repos/ceph/seastar/tarball/0cf6aa6b28d69210b271489c0778f226cde0f459#https## diff --git a/kubernetes/containerd/centos/build_srpm.data b/kubernetes/containerd/centos/build_srpm.data index 743828cbc..cbe50d08e 100644 --- a/kubernetes/containerd/centos/build_srpm.data +++ b/kubernetes/containerd/centos/build_srpm.data @@ -1,5 +1,5 @@ -COPY_LIST="${STX_BASE}/downloads/containerd-1.4.6.tar.gz - ${STX_BASE}/downloads/runc-1.0.0-rc95.tar.gz +COPY_LIST="${STX_BASE}/downloads/containerd-v1.4.11.tar.gz + ${STX_BASE}/downloads/runc-1.0.2.tar.gz ${STX_BASE}/downloads/crictl-v1.21.0-linux-amd64.tar.gz ${FILES_BASE}/*" diff --git a/kubernetes/containerd/centos/containerd.spec b/kubernetes/containerd/centos/containerd.spec index 906a93f27..10939542b 100644 --- a/kubernetes/containerd/centos/containerd.spec +++ b/kubernetes/containerd/centos/containerd.spec @@ -3,13 +3,13 @@ # Copyright (C) 2019 Intel Corporation # Name: containerd -Version: 1.4.6 +Version: 1.4.11 Release: %{tis_patch_ver}%{?_tis_dist} Summary: Open and reliable container runtime Group: Kubernetes License: ASL 2.0 -Source0: containerd-%{version}.tar.gz -Source1: runc-1.0.0-rc95.tar.gz +Source0: containerd-v%{version}.tar.gz +Source1: runc-1.0.2.tar.gz Source2: crictl-v1.21.0-linux-amd64.tar.gz Source3: crictl.yaml Patch1: 0001-customize-containerd-for-StarlingX.patch @@ -23,8 +23,7 @@ BuildRequires: pkgconfig(libseccomp) BuildRequires: pkgconfig(libsystemd-journal) # Build with our own prefered golang -# BuildRequires: golang >= 1.12.16 -BuildRequires: golang >= 1.13 +BuildRequires: golang >= 1.16.8 BuildRequires: systemd BuildRequires: rsync diff --git a/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch b/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch index 6285435ed..1725737e7 100644 --- a/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch +++ b/kubernetes/containerd/centos/files/0001-customize-containerd-for-StarlingX.patch @@ -1,6 +1,6 @@ -From a8466190118c114d5ddeec381bbafa8441d7e638 Mon Sep 17 00:00:00 2001 -From: Chris Friesen -Date: Thu, 17 Jun 2021 10:27:09 -0400 +From ddd7b4af14c97fe14290ce422ccc103a799ea626 Mon Sep 17 00:00:00 2001 +From: Kaustubh Dhokte +Date: Tue, 1 Mar 2022 20:43:42 -0500 Subject: [PATCH] customize containerd for StarlingX 1. disable btrfs to avoid needing to pull in the devel package @@ -8,13 +8,15 @@ Subject: [PATCH] customize containerd for StarlingX for token and will return 400. Switch to GET method to get token if StatusCode is 400. 3. hardcode version info due to miss git info in tarball. + +Signed-off-by: Kaustubh Dhokte --- containerd/Makefile | 3 ++- containerd/remotes/docker/authorizer.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/containerd/Makefile b/containerd/Makefile -index c0fecb9..44dd5ad 100644 +index c0fecb9a6..d8cef89d5 100644 --- a/containerd/Makefile +++ b/containerd/Makefile @@ -20,7 +20,7 @@ ROOTDIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST)))) @@ -22,7 +24,7 @@ index c0fecb9..44dd5ad 100644 # Used to populate variables in version package. -VERSION=$(shell git describe --match 'v[0-9]*' --dirty='.m' --always) -+VERSION=v1.4.6 ++VERSION=v1.4.11 REVISION=$(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi) PACKAGE=github.com/containerd/containerd SHIM_CGO_ENABLED ?= 0 @@ -35,19 +37,19 @@ index c0fecb9..44dd5ad 100644 GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) $(EXTRA_LDFLAGS)' SHIM_GO_LDFLAGS=-ldflags '-X $(PKG)/version.Version=$(VERSION) -X $(PKG)/version.Revision=$(REVISION) -X $(PKG)/version.Package=$(PACKAGE) -extldflags "-static" $(EXTRA_LDFLAGS)' diff --git a/containerd/remotes/docker/authorizer.go b/containerd/remotes/docker/authorizer.go -index 001423a..2db8d60 100644 +index 2f459b70c..330971d5e 100644 --- a/containerd/remotes/docker/authorizer.go +++ b/containerd/remotes/docker/authorizer.go -@@ -366,7 +366,8 @@ func (ah *authHandler) fetchTokenWithOAuth(ctx context.Context, to tokenOptions) +@@ -370,7 +370,8 @@ func (ah *authHandler) fetchTokenWithOAuth(ctx context.Context, to tokenOptions) // Registries without support for POST may return 404 for POST /v2/token. // As of September 2017, GCR is known to return 404. // As of February 2018, JFrog Artifactory is known to return 401. - if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 { -+ // Registry in StarlingX 3.0 returns 400 for POST /v2/token. Should check if still applicable. ++ // Registry in StarlingX 6.0 returns 400 for POST /v2/token. Should check if still applicable. + if (resp.StatusCode == 405 && to.username != "") || resp.StatusCode == 404 || resp.StatusCode == 401 || resp.StatusCode == 400 { return ah.fetchToken(ctx, to) } else if resp.StatusCode < 200 || resp.StatusCode >= 400 { b, _ := ioutil.ReadAll(io.LimitReader(resp.Body, 64000)) // 64KB -- -2.29.2 +2.25.1