[release-1.32] Backport containers common/image/storage #8974
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: hswong3i The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
8000
|
Hi @hswong3i. Thanks for your PR. I'm waiting for a cri-o member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release-1.32 #8974 +/- ##
================================================
- Coverage 47.03% 47.03% -0.01%
================================================
Files 154 154
Lines 22170 22170
================================================
- Hits 10428 10427 -1
- Misses 10672 10673 +1
Partials 1070 1070 🚀 New features to boost your workflow:
|
|
hm do you have an idea of the commit is fixing this? our vendoring scheme is a bit complex and we may need to cherry-pick something rather than bumping |
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Feb 4, 2025
git clean -xdf
go mod download
go mod vendor
tar zcvf ../cri-o_1.32.1.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.1-1.spec
cp ../cri-o*1.32.1*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.1/
rm -rf ../cri-o*1.32.1*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
I try to cherry-pick 1005e0e to release-1.32 but seems too much update. I couldn't even run |
|
@hswong3i I checked out the release-1.32, and tried running |
|
Build directly with release-1.32: build ok, runtime crash in create containers. Build with release-1.32 + this PR: build ok, runtime ok Build with release-1.32 + cherry-pick that huge commit from master: build failed |
$ sudo crictl run test/testdata/container_sleep.json test/testdata/sandbox_config.json
DEBU[0000] get image connection
DEBU[0000] get runtime connection
DEBU[0000] RunPodSandboxRequest: &RunPodSandboxRequest{Config:&PodSandboxConfig{Metadata:&PodSandboxMetadata{Name:podsandbox1,Uid:redhat-test-crio,Namespace:redhat.test.crio,Attempt:1,},Hostname:crictl_host,LogDirectory:,DnsConfig:&DNSConfig{Servers:[8.8.8.8],Searches:[],Options:[],},PortMappings:[]*PortMapping{},Labels:map[string]string{group: test,},Annotations:map[string]string{com.example.test: sandbox annotation,owner: hmeng,security.alpha.kubernetes.io/seccomp/pod: unconfined,},Linux:&LinuxPodSandboxConfig{CgroupParent:pod_123-456.slice,SecurityContext:&LinuxSandboxSecurityContext{NamespaceOptions:&NamespaceOption{Network:POD,Pid:CONTAINER,Ipc:POD,TargetId:,UsernsOptions:nil,},SelinuxOptions:&SELinuxOption{User:system_u,Role:system_r,Type:svirt_lxc_net_t,Level:s0:c4,c5,},RunAsUser:nil,ReadonlyRootfs:false,SupplementalGroups:[],Privileged:false,SeccompProfilePath:,RunAsGroup:nil,Seccomp:nil,Apparmor:nil,},Sysctls:map[string]string{},Overhead:nil,Resources:nil,},Windows:nil,},RuntimeHandler:,}
DEBU[0000] RunPodSandboxResponse: 59d9db45b9a0a5c4ac51cffb2e8f34af2fc46210896244fce7d4e2d582590da8
DEBU[0000] PullImageRequest: &PullImageRequest{Image:&ImageSpec{Image:quay.io/crio/fedora-crio-ci:latest,Annotations:map[string]string{},UserSpecifiedImage:,RuntimeHandler:,},Auth:nil,SandboxConfig:&PodSandboxConfig{Metadata:&PodSandboxMetadata{Name:podsandbox1,Uid:redhat-test-crio,Namespace:redhat.test.crio,Attempt:1,},Hostname:crictl_host,LogDirectory:,DnsConfig:&DNSConfig{Servers:[8.8.8.8],Searches:[],Options:[],},PortMappings:[]*PortMapping{},Labels:map[string]string{group: test,},Annotations:map[string]string{com.example.test: sandbox annotation,owner: hmeng,security.alpha.kubernetes.io/seccomp/pod: unconfined,},Linux:&LinuxPodSandboxConfig{CgroupParent:pod_123-456.slice,SecurityContext:&LinuxSandboxSecurityContext{NamespaceOptions:&NamespaceOption{Network:POD,Pid:CONTAINER,Ipc:POD,TargetId:,UsernsOptions:nil,},SelinuxOptions:&SELinuxOption{User:system_u,Role:system_r,Type:svirt_lxc_net_t,Level:s0:c4,c5,},RunAsUser:nil,ReadonlyRootfs:false,SupplementalGroups:[],Privileged:false,SeccompProfilePath:,RunAsGroup:nil,Seccomp:nil,Apparmor:nil,},Sysctls:map[string]string{},Overhead:nil,Resources:nil,},Windows:nil,},}
DEBU[0001] PullImageResponse: &PullImageResponse{ImageRef:quay.io/crio/fedora-crio-ci@sha256:7f3bd3e9c21eb31e22ea0d8bcf5f67e3dcc07bd7834028ea003a40aa796493f3,}
DEBU[0001] CreateContainerRequest: &CreateContainerRequest{PodSandboxId:59d9db45b9a0a5c4ac51cffb2e8f34af2fc46210896244fce7d4e2d582590da8,Config:&ContainerConfig{Metadata:&ContainerMetadata{Name:podsandbox-sleep,Attempt:0,},Image:&ImageSpec{Image:quay.io/crio/fedora-crio-ci:latest,Annotations:map[string]string{},UserSpecifiedImage:quay.io/crio/fedora-crio-ci:latest,RuntimeHandler:,},Command:[/bin/sleep 6000],Args:[6000],WorkingDir:/,Envs:[]*KeyValue{&KeyValue{Key:PATH,Value:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin,},&KeyValue{Key:GLIBC_TUNABLES,Value:glibc.pthread.rseq=0,},},Mounts:[]*Mount{},Devices:[]*Device{},Labels:map[string]string{},Annotations:map[string]string{pod: podsandbox,},LogPath:,Stdin:false,StdinOnce:false,Tty:false,Linux:&LinuxContainerConfig{Resources:&LinuxContainerResources{CpuPeriod:10000,CpuQuota:20000,CpuShares:512,MemoryLimitInBytes:268435456,OomScoreAdj:30,CpusetCpus:,CpusetMems:,HugepageLimits:[]*HugepageLimit{},Unified:map[string]string{},MemorySwapLimitInBytes:0,},SecurityContext:&LinuxContainerSecurityContext{Capabilities:nil,Privileged:false,NamespaceOptions:&NamespaceOption{Network:POD,Pid:CONTAINER,Ipc:POD,TargetId:,UsernsOptions:nil,},SelinuxOptions:nil,RunAsUser:nil,RunAsUsername:,ReadonlyRootfs:false,SupplementalGroups:[],ApparmorProfile:,SeccompProfilePath:,NoNewPrivs:false,RunAsGroup:nil,MaskedPaths:[],ReadonlyPaths:[],Seccomp:nil,Apparmor:nil,},},Windows:nil,CDIDevices:[]*CDIDevice{},},SandboxConfig:&PodSandboxConfig{Metadata:&PodSandboxMetadata{Name:podsandbox1,Uid:redhat-test-crio,Namespace:redhat.test.crio,Attempt:1,},Hostname:crictl_host,LogDirectory:,DnsConfig:&DNSConfig{Servers:[8.8.8.8],Searches:[],Options:[],},PortMappings:[]*PortMapping{},Labels:map[string]string{group: test,},Annotations:map[string]string{com.example.test: sandbox annotation,owner: hmeng,security.alpha.kubernetes.io/seccomp/pod: unconfined,},Linux:&LinuxPodSandboxConfig{CgroupParent:pod_123-456.slice,SecurityContext:&LinuxSandboxSecurityContext{NamespaceOptions:&NamespaceOption{Network:POD,Pid:CONTAINER,Ipc:POD,TargetId:,UsernsOptions:nil,},SelinuxOptions:&SELinuxOption{User:system_u,Role:system_r,Type:svirt_lxc_net_t,Level:s0:c4,c5,},RunAsUser:nil,ReadonlyRootfs:false,SupplementalGroups:[],Privileged:false,SeccompProfilePath:,RunAsGroup:nil,Seccomp:nil,Apparmor:nil,},Sysctls:map[string]string{},Overhead:nil,Resources:nil,},Windows:nil,},}
DEBU[0001] CreateContainerResponse: 8b47cf9c0be2391190162d63a0c6dcb6e7ec0a1b77b3e7b02284000a77ec8904
8b47cf9c0be2391190162d63a0c6dcb6e7ec0a1b77b3e7b02284000a77ec8904
$ sudo crictl ps -a
DEBU[0000] get runtime connection
DEBU[0000] get image connection
DEBU[0000] ListContainerResponse: [&Container{Id:8b47cf9c0be2391190162d63a0c6dcb6e7ec0a1b77b3e7b02284000a77ec8904,PodSandboxId:59d9db45b9a0a5c4ac51cffb2e8f34af2fc46210896244fce7d4e2d582590da8,Metadata:&ContainerMetadata{Name:podsandbox-sleep,Attempt:0,},Image:&ImageSpec{Image:quay.io/crio/fedora-crio-ci:latest,Annotations:map[string]string{},UserSpecifiedImage:,RuntimeHandler:,},ImageRef:quay.io/crio/fedora-crio-ci@sha256:457da543f980417ffa752b5c026b2953a92707c41c4f3365542ceddb9edf6b63,State:CONTAINER_RUNNING,CreatedAt:1738768784055629513,Labels:map[string]string{},Annotations:map[string]string{pod: podsandbox,},ImageId:492b81c586bf4fe31298733e7dd38ad35d03f5288a6810835d5d8c3c064d6837,}]
CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID POD
8b47cf9c0be23 quay.io/crio/fedora-crio-ci:latest 17 seconds ago Running podsandbox-sleep 0 59d9db45b9a0a unknown
|
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Feb 12, 2025
git clean -xdf
go mod download
go mod vendor
tar zcvf ../cri-o_1.32.1.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.1-1.spec
cp ../cri-o*1.32.1*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.1/
rm -rf ../cri-o*1.32.1*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Mar 3, 2025
git clean -xdf
go mod download
go mod vendor
tar zcvf ../cri-o_1.32.2.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.2-1.spec
cp ../cri-o*1.32.2*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.2/
rm -rf ../cri-o*1.32.2*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
Original CRI-O v1.32.0 release keep crashing when working with
Kubernetes v1.32.1, containers could create correctly.
Once backport following go mod from main branch, problem get solved:
* github.com/containers/common@v0.61.1
* github.com/containers/image/v5@v5.33.1
* github.com/containers/storage@v1.56.1
Code updated with following commands:
go get github.com/containers/common@v0.61.1
go get github.com/containers/storage@v1.56.1
go get github.com/containers/image/v5@v5.33.1
go mod tidy
go mod download
go mod vendor
git add --all --force vendor/
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
1ce22e4 to
76a05ba
Compare
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Apr 2, 2025
git clean -xdf
go mod download
go mod vendor
tar zcvf ../cri-o_1.32.3.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.3-1.spec
cp ../cri-o*1.32.3*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.3/
rm -rf ../cri-o*1.32.3*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Apr 2, 2025
git clean -xdf
go mod download
go mod vendor
tar zcvf ../cri-o_1.32.3.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.3-1.spec
cp ../cri-o*1.32.3*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.3/
rm -rf ../cri-o*1.32.3*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
hswong3i
added a commit
to alvistack/cri-o-cri-o
that referenced
this pull request
Apr 2, 2025
git clean -xdf
go get github.com/containers/common@v0.62.2
go get github.com/containers/storage@v1.57.3-0.20250310120440-ab85543c3c6a
go get github.com/containers/image/v5@v5.34.3-0.20250314011931-36a971d8ff51
go mod tidy
go mod download
go mod vendor
git add --all --force vendor/
tar zcvf ../cri-o_1.32.3.orig.tar.gz --exclude=.git .
debuild -uc -us
cp cri-o.spec ../cri-o_1.32.3-1.spec
cp ../cri-o*1.32.3*.{gz,xz,spec,dsc} /osc/home\:alvistack/cri-o-cri-o-1.32.3/
rm -rf ../cri-o*1.32.3*.*
See cri-o#8974
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
|
A friendly reminder that this PR had no activity for 30 days. |
|
A friendly reminder that this PR had no activity for 30 days. |
|
A friendly reminder that this PR had no activity for 30 days. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind bug
/kind dependency-change
What this PR does / why we need it:
Original CRI-O v1.32.0 release keep crashing when working with Kubernetes v1.32.1, containers could create correctly.
Once backport following go mod from main branch, problem get solved:
Code updated with following commands:
Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?