Configure Clear Containers with cri-containerd

setup.md

Clear Containres 3.0 and Containerd

Clear Containers is compatible to work with containerd 1.0 and docker 17.10 ( that uses containerd 1.0 )

Install

Install docker 17.10

Docker 17.10+ can be intalled from docker testing repository to do that follow the next instructions:

curl -s https://yum.dockerproject.org/gpg | sudo apt-key add
sudo apt-key fingerprint 58118E89F3A912897C070ADBF76221572C52609D
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) test
sudo apt-get update
sudo apt-get install -y docker-ce

Then configure docker to use cc-rutntime:

sudo mkdir -p /etc/systemd/system/docker.service.d/
cat <<EOF | sudo tee /etc/systemd/system/docker.service.d/clear-containers.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -D --add-runtime cc-runtime=/usr/bin/cc-runtime --default-runtime=cc-runtime
EOF
sudo systemctl daemon-reload
sudo systemctl enable docker.service
sudo systemctl restart docker
sudo systemctl enable cc-proxy.socket

Install cri-containerd

cri-containerd is a cri implementation that uses containerd for container creation. Follow the next instructions to install and configure cri-contaienrd to work with cc-runtime.

#Install cri-contaienrd depedencies 
sudo apt-get install libseccomp-dev libapparmor-dev  btrfs-tools socat
go get -d github.com/kubernetes-incubator/cri-containerd
cd ${GOPATH}/src/github.com/kubernetes-incubator/cri-containerd/
git fetch
git checkout -B jcvenegas/pod-annotations cbda4256cda497f06e7c1c808dbe88471ec035ea
git pull -f https://github.com/jcvenegas/cri-containerd.git clear-containers
#This will install containerd
make install.deps
make
sudo make install
#check integration tests are working with runc
CRI_CONTAINERD_FLAGS="--containerd-runtime-engine runc" make test-integration

** Note cc-runtime is not working with macvtap model, need rework or modify manually to use tap model

diff --git a/vendor/github.com/containers/virtcontainers/network.go b/vendor/github.com/containers/virtcontainers/network.go
index 48300dc..34c18bc 100644
--- a/vendor/github.com/containers/virtcontainers/network.go
+++ b/vendor/github.com/containers/virtcontainers/network.go
@@ -63,7 +63,7 @@ const (
 // DefaultNetInterworkingModel is a package level default
 // that determines how the VM should be connected to the
 // the container network interface
-var DefaultNetInterworkingModel = ModelMacVtap
+var DefaultNetInterworkingModel = ModelBridged

 // Introduces constants related to networking
 const (

TODO: Add branch that adds pod annotations.

Passing Test

#!/bin/bash
passing_test=(
                TestClearContainersCreate
                TestContainerStats
                TestContainerListStatsWithIdFilter
                TestContainerListStatsWithSandboxIdFilterd
                TestContainerListStatsWithIdSandboxIdFilter
                TestDuplicateName
                TestImageLoad
                TestImageFSInfo
                TestSandboxCleanRemove
             )

for t in "${passing_test[@]}"
do
CRI_CONTAINERD_FLAGS="--containerd-runtime-engine cc-runtime" FOCUS="${t}" make test-integration
done

#test basic suppport using critools
FOCUS="runtime should support basic operations on container" CRI_CONTAINERD_FLAGS="--containerd-runtime-engine cc-runtime" make test-cri

Failing tests

--- FAIL: TestContainerListStats (10.44s)
E1215 03:19:23.496662   25725 remote_runtime.go:302] UpdateContainerResources "5804ef6552442baedb55a5bb36b379c73a4bd4300b27cae0e095d7c4722d534b" from runtime service failed: rpc error: code = Unknown desc = failed to update resources: failed to update resources: cc-runtime did not terminate sucessfully: Invalid command "update"
: unknown
--- FAIL: TestUpdateContainerResources (4.19s)
EE1215 03:19:27.573416   25725 remote_runtime.go:187] CreateContainer in sandbox "21deb64205ddfa83987d0e5a448afaacae0247ea36846be036f321d387f39236" from runtime service failed: rpc error: code = Unknown desc = f--- FAIL: TestSandboxAcrossCRIContainerdRestart (0.00s)
--- FAIL: TestSandboxDeletionAcrossCRIContainerdRestart (0.00s)
E1215 03:19:50.271240   25725 remote_runtime.go:132] RemovePodSandbox "0e001314e04698933f79c3c414f50f43ee3da993470d240e840daf306d42646b" from runtime service failed: rpc error: code = Unknown desc = sandbox container "0e001314e04698933f79c3c414f50f43ee3da993470d240e840daf306d42646b" is not fully stopped
E1215 03:19:50.483177   25725 remote_runtime.go:132] RemovePodSandbox "0e001314e04698933f79c3c414f50f43ee3da993470d240e840daf306d42646b" from runtime service failed: rpc error: code = Unknown desc = sandbox network namespace "/var/run/netns/cni-dcf2f0ff-2a5e-cc3b-6382-3a73c59ebad3" is not fully closed
E1215 03:19:50.670875   25725 remote_runtime.go:115] StopPodSandbox "0e001314e04698933f79c3c414f50f43ee3da993470d240e840daf306d42646b" from runtime service failed: rpc error: code = Unknown desc = an error occurred when try to find sandbox "0e001314e04698933f79c3c414f50f43ee3da993470d240e840daf306d42646b": does not exist
E1215 03:19:58.006801   25725 remote_runtime.go:302] UpdateContainerResources "458d62e355b8013fd19c7af552a80b50" from runtime service failed: rpc error: code = Unknown desc = failed to update resources: failed to update resources: cc-runtime did not terminate sucessfully: Invalid command "update"
: unknown
E1215 03:19:58.421705   25725 remote_runtime.go:456] ContainerStatus "458d62e355b8013fd19c7af552a80b50" from runtime service failed: rpc error: code = Unknown desc = unexpected metrics response: []
E1215 03:19:58.458822   25725 remote_runtime.go:278] ContainerStatus "458d62e355b8013fd19c7af552a80b50" from runtime service failed: rpc error: code = Unknown desc = an error occurred when try to find container "458d62e355b8013fd19c7af552a80b50": does not exist
--- FAIL: TestTruncIndex (8.22s)
FAIL