Delete shim v1

gvisor-containerd-shim is not compatible with containerd 1.1 or earlier. Starting from containerd 1.2, shim v2 is the preferred interface. PiperOrigin-RevId: 351485556
jason-xie-123 · Jan 13, 2021 · 8b0f0b4 · 8b0f0b4
1 parent be2b9d7
commit 8b0f0b4
Show file tree

Hide file tree

Showing 63 changed files with 228 additions and 1,475 deletions.
diff --git a/BUILD b/BUILD
@@ -116,8 +116,7 @@ go_path(
         # binaries have been factored into a cli package, which is
         # a good practice in any case.
         "//runsc/cli",
-        "//shim/v1/cli",
-        "//shim/v2/cli",
+        "//shim/cli",
         "//webhook/pkg/cli",
 
         # Packages that are not dependencies of the above.

diff --git a/Makefile b/Makefile
@@ -298,13 +298,9 @@ containerd-test-%: load-basic_alpine load-basic_python load-basic_busybox load-b
 	@$(call sudo,tools/installers:shim)
 	@$(call sudo,test/root:root_test,--runtime=$(RUNTIME) -test.v)
 
-# Note that we can't run containerd-test-1.1.8 tests here.
-#
-# Containerd 1.1.8 should work, but because of a bug in loading images locally
-# (https://github.com/kubernetes-sigs/cri-tools/issues/421), we are unable to
-# actually drive the tests. The v1 API is tested exclusively through 1.2.13.
+# The shim builds with containerd 1.3.9 and it's not backward compatible. Test
+# with 1.3.9 and newer versions.
 containerd-tests: ## Runs all supported containerd version tests.
-containerd-tests: containerd-test-1.2.13
 containerd-tests: containerd-test-1.3.9
 containerd-tests: containerd-test-1.4.3
 
@@ -433,8 +429,7 @@ $(RELEASE_KEY):
 $(RELEASE_ARTIFACTS)/%:
 	@mkdir -p $@
 	@$(call copy,//runsc:runsc,$@)
-	@$(call copy,//shim/v1:gvisor-containerd-shim,$@)
-	@$(call copy,//shim/v2:containerd-shim-runsc-v1,$@)
+	@$(call copy,//shim:containerd-shim-runsc-v1,$@)
 	@$(call copy,//debian:debian,$@)
 
 release: $(RELEASE_KEY) $(RELEASE_ARTIFACTS)/$(ARCH)

diff --git a/README.md b/README.md
@@ -93,11 +93,10 @@ GO111MODULE=on go get gvisor.dev/gvisor/runsc@go
 CGO_ENABLED=0 GO111MODULE=on sudo -E go build -o /usr/local/bin/runsc gvisor.dev/gvisor/runsc
 ```
 
-Subsequently, you can build and install the shim binaries for `containerd`:
+Subsequently, you can build and install the shim binary for `containerd`:
 
 ```sh
-GO111MODULE=on sudo -E go build -o /usr/local/bin/gvisor-containerd-shim gvisor.dev/gvisor/shim/v1
-GO111MODULE=on sudo -E go build -o /usr/local/bin/containerd-shim-runsc-v1 gvisor.dev/gvisor/shim/v2
+GO111MODULE=on sudo -E go build -o /usr/local/bin/containerd-shim-runsc-v1 gvisor.dev/gvisor/shim
 ```
 
 Note that this branch is supported in a best effort capacity, and direct

diff --git a/debian/BUILD b/debian/BUILD
@@ -6,8 +6,7 @@ pkg_tar(
     name = "debian-bin",
     srcs = [
         "//runsc",
-        "//shim/v1:gvisor-containerd-shim",
-        "//shim/v2:containerd-shim-runsc-v1",
+        "//shim:containerd-shim-runsc-v1",
     ],
     mode = "0755",
     package_dir = "/usr/bin",

diff --git a/g3doc/user_guide/containerd/BUILD b/g3doc/user_guide/containerd/BUILD
@@ -27,7 +27,7 @@ doc(
     name = "containerd_11",
     src = "containerd_11.md",
     category = "User Guide",
+    include_in_menu = False,
     permalink = "/docs/user_guide/containerd/containerd_11/",
     subcategory = "Containerd",
-    weight = "99",
 )
diff --git a/g3doc/user_guide/containerd/configuration.md b/g3doc/user_guide/containerd/configuration.md
@@ -17,7 +17,7 @@ option = "value"
 ```
 
 The set of options that can be configured can be found in
-[options.go](https://github.com/google/gvisor/blob/master/pkg/shim/v2/options.go).
+[options.go](https://cs.opensource.google/gvisor/gvisor/+/master:pkg/shim/options.go).
 Values under `[runsc_config]` can be used to set arbitrary flags to runsc.
 `flag = "value"` is converted to `--flag="value"` when runsc is invoked. Run
 `runsc flags` so see which flags are available

diff --git a/g3doc/user_guide/containerd/containerd_11.md b/g3doc/user_guide/containerd/containerd_11.md
@@ -1,5 +1,9 @@
 # Older Versions (containerd 1.1)
 
+**WARNING: containerd 1.1 and shim v1 is no longer supported. The instructions
+below is kept just for reference in case you're dealing with an old version.
+It's highly recommended upgrading to the latest version.**
+
 This document describes how to install and run the `gvisor-containerd-shim`
 using the untrusted workload CRI extension. This requires `containerd` 1.1 or
 later.

diff --git a/g3doc/user_guide/install.md b/g3doc/user_guide/install.md
@@ -15,14 +15,12 @@ To download and install the latest release manually follow these steps:
   ARCH=$(uname -m)
   URL=https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}
   wget ${URL}/runsc ${URL}/runsc.sha512 \
-    ${URL}/gvisor-containerd-shim ${URL}/gvisor-containerd-shim.sha512 \
     ${URL}/containerd-shim-runsc-v1 ${URL}/containerd-shim-runsc-v1.sha512
   sha512sum -c runsc.sha512 \
-    -c gvisor-containerd-shim.sha512 \
     -c containerd-shim-runsc-v1.sha512
   rm -f *.sha512
-  chmod a+rx runsc gvisor-containerd-shim containerd-shim-runsc-v1
-  sudo mv runsc gvisor-containerd-shim containerd-shim-runsc-v1 /usr/local/bin
+  chmod a+rx runsc containerd-shim-runsc-v1
+  sudo mv runsc containerd-shim-runsc-v1 /usr/local/bin
 )
 ```
 

diff --git a/go.mod b/go.mod
@@ -15,7 +15,6 @@ require (
 	github.com/containerd/continuity v0.0.0-20200928162600-f2cc35102c2a // indirect
 	github.com/containerd/fifo v0.0.0-20191213151349-ff969a566b00 // indirect
 	github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328 // indirect
-	github.com/containerd/ttrpc v0.0.0-20200121165050-0be804eadb15 // indirect
 	github.com/containerd/typeurl v0.0.0-20200205145503-b45ef1f1f737 // indirect
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect
 	github.com/coreos/go-systemd/v22 v22.0.0 // indirect

diff --git a/go.sum b/go.sum
@@ -66,9 +66,6 @@ github.com/containerd/fifo v0.0.0-20191213151349-ff969a566b00/go.mod h1:jPQ2IAeZ
 github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0=
 github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328 h1:PRTagVMbJcCezLcHXe8UJvR1oBzp2lG3CEumeFOLOds=
 github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g=
-github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o=
-github.com/containerd/ttrpc v0.0.0-20200121165050-0be804eadb15 h1:+jgiLE5QylzgADj0Yldb4id1NQNRrDOROj7KDvY9PEc=
-github.com/containerd/ttrpc v0.0.0-20200121165050-0be804eadb15/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
 github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc=
 github.com/containerd/typeurl v0.0.0-20200205145503-b45ef1f1f737 h1:HovfQDS/K3Mr7eyS0QJLxE1CbVUhjZCl6g3OhFJgP1o=
 github.com/containerd/typeurl v0.0.0-20200205145503-b45ef1f1f737/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg=

diff --git a/nogo.yaml b/nogo.yaml
@@ -57,7 +57,7 @@ global:
       - "should not use underscores in Go names"
     exclude:
       # Generated: exempt all.
-      - pkg/shim/v2/runtimeoptions/runtimeoptions_cri.go
+      - pkg/shim/runtimeoptions/runtimeoptions_cri.go
 analyzers:
   asmdecl:
     external: # Enabled.

diff --git a/pkg/shim/v2/BUILD → pkg/shim/BUILD b/pkg/shim/v2/BUILD → pkg/shim/BUILD
@@ -3,7 +3,7 @@ load("//tools:defs.bzl", "go_library")
 package(licenses = ["notice"])
 
 go_library(
-    name = "v2",
+    name = "shim",
     srcs = [
         "api.go",
         "epoll.go",
@@ -15,10 +15,10 @@ go_library(
     visibility = ["//shim:__subpackages__"],
     deps = [
         "//pkg/cleanup",
+        "//pkg/shim/proc",
         "//pkg/shim/runsc",
-        "//pkg/shim/v1/proc",
-        "//pkg/shim/v1/utils",
-        "//pkg/shim/v2/runtimeoptions",
+        "//pkg/shim/runtimeoptions",
+        "//pkg/shim/utils",
         "//runsc/specutils",
         "@com_github_burntsushi_toml//:go_default_library",
         "@com_github_containerd_cgroups//:go_default_library",

diff --git a/pkg/shim/v2/api.go → pkg/shim/api.go b/pkg/shim/v2/api.go → pkg/shim/api.go
@@ -13,7 +13,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package v2
+package shim
 
 import (
 	"github.com/containerd/containerd/api/events"

diff --git a/pkg/shim/v2/epoll.go → pkg/shim/epoll.go b/pkg/shim/v2/epoll.go → pkg/shim/epoll.go
@@ -15,7 +15,7 @@
 
 // +build linux
 
-package v2
+package shim
 
 import (
 	"context"

diff --git a/pkg/shim/v2/options.go → pkg/shim/options.go b/pkg/shim/v2/options.go → pkg/shim/options.go
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package v2
+package shim
 
 const optionsType = "io.containerd.runsc.v1.options"
 

diff --git a/pkg/shim/v1/proc/BUILD → pkg/shim/proc/BUILD b/pkg/shim/v1/proc/BUILD → pkg/shim/proc/BUILD
@@ -11,7 +11,7 @@ go_library(
         "init.go",
         "init_state.go",
         "io.go",
-        "process.go",
+        "proc.go",
         "types.go",
         "utils.go",
     ],

diff --git a/pkg/shim/v1/proc/deleted_state.go → pkg/shim/proc/deleted_state.go b/pkg/shim/v1/proc/deleted_state.go → pkg/shim/proc/deleted_state.go
diff --git a/pkg/shim/v1/proc/exec.go → pkg/shim/proc/exec.go b/pkg/shim/v1/proc/exec.go → pkg/shim/proc/exec.go
diff --git a/pkg/shim/v1/proc/exec_state.go → pkg/shim/proc/exec_state.go b/pkg/shim/v1/proc/exec_state.go → pkg/shim/proc/exec_state.go
diff --git a/pkg/shim/v1/proc/init.go → pkg/shim/proc/init.go b/pkg/shim/v1/proc/init.go → pkg/shim/proc/init.go
@@ -39,9 +39,6 @@ import (
 	"gvisor.dev/gvisor/pkg/shim/runsc"
 )
 
-// InitPidFile name of the file that contains the init pid.
-const InitPidFile = "init.pid"
-
 // Init represents an initial process for a container.
 type Init struct {
 	wg        sync.WaitGroup
@@ -122,7 +119,8 @@ func (p *Init) Create(ctx context.Context, r *CreateConfig) (err error) {
 			return fmt.Errorf("failed to create OCI runtime io pipes: %w", err)
 		}
 	}
-	pidFile := filepath.Join(p.Bundle, InitPidFile)
+	// pidFile is the file that will contain the sandbox pid.
+	pidFile := filepath.Join(p.Bundle, "init.pid")
 	opts := &runsc.CreateOpts{
 		PidFile: pidFile,
 	}

diff --git a/pkg/shim/v1/proc/init_state.go → pkg/shim/proc/init_state.go b/pkg/shim/v1/proc/init_state.go → pkg/shim/proc/init_state.go
diff --git a/pkg/shim/v1/proc/io.go → pkg/shim/proc/io.go b/pkg/shim/v1/proc/io.go → pkg/shim/proc/io.go
diff --git a/pkg/shim/v1/proc/process.go → pkg/shim/proc/proc.go b/pkg/shim/v1/proc/process.go → pkg/shim/proc/proc.go
@@ -13,7 +13,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package proc contains process-related utilities.
+// Package proc is responsible to manage the communication between the shim and
+// the sandbox process running the container.
 package proc
 
 import (

diff --git a/pkg/shim/v1/proc/types.go → pkg/shim/proc/types.go b/pkg/shim/v1/proc/types.go → pkg/shim/proc/types.go
diff --git a/pkg/shim/v1/proc/utils.go → pkg/shim/proc/utils.go b/pkg/shim/v1/proc/utils.go → pkg/shim/proc/utils.go
diff --git a/pkg/shim/v2/runtimeoptions/BUILD → pkg/shim/runtimeoptions/BUILD b/pkg/shim/v2/runtimeoptions/BUILD → pkg/shim/runtimeoptions/BUILD
@@ -15,7 +15,7 @@ go_library(
         "runtimeoptions.go",
         "runtimeoptions_cri.go",
     ],
-    visibility = ["//pkg/shim/v2:__pkg__"],
+    visibility = ["//pkg/shim:__pkg__"],
     deps = ["@com_github_gogo_protobuf//proto:go_default_library"],
 )
 

diff --git a/pkg/shim/v2/runtimeoptions/runtimeoptions.go → pkg/shim/runtimeoptions/runtimeoptions.go b/pkg/shim/v2/runtimeoptions/runtimeoptions.go → pkg/shim/runtimeoptions/runtimeoptions.go
diff --git a/...im/v2/runtimeoptions/runtimeoptions.proto → pkg/shim/runtimeoptions/runtimeoptions.proto b/...im/v2/runtimeoptions/runtimeoptions.proto → pkg/shim/runtimeoptions/runtimeoptions.proto
diff --git a/...m/v2/runtimeoptions/runtimeoptions_cri.go → ...shim/runtimeoptions/runtimeoptions_cri.go b/...m/v2/runtimeoptions/runtimeoptions_cri.go → ...shim/runtimeoptions/runtimeoptions_cri.go
diff --git a/.../v2/runtimeoptions/runtimeoptions_test.go → ...him/runtimeoptions/runtimeoptions_test.go b/.../v2/runtimeoptions/runtimeoptions_test.go → ...him/runtimeoptions/runtimeoptions_test.go
diff --git a/pkg/shim/v2/service.go → pkg/shim/service.go b/pkg/shim/v2/service.go → pkg/shim/service.go
@@ -12,8 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package v2 implements Containerd Shim v2 interface.
-package v2
+// Package shim implements Containerd Shim v2 interface.
+package shim
 
 import (
 	"context"
@@ -49,10 +49,10 @@ import (
 	"golang.org/x/sys/unix"
 	"gvisor.dev/gvisor/pkg/cleanup"
 
+	"gvisor.dev/gvisor/pkg/shim/proc"
 	"gvisor.dev/gvisor/pkg/shim/runsc"
-	"gvisor.dev/gvisor/pkg/shim/v1/proc"
-	"gvisor.dev/gvisor/pkg/shim/v1/utils"
-	"gvisor.dev/gvisor/pkg/shim/v2/runtimeoptions"
+	"gvisor.dev/gvisor/pkg/shim/runtimeoptions"
+	"gvisor.dev/gvisor/pkg/shim/utils"
 	"gvisor.dev/gvisor/runsc/specutils"
 )
 

diff --git a/pkg/shim/v2/service_linux.go → pkg/shim/service_linux.go b/pkg/shim/v2/service_linux.go → pkg/shim/service_linux.go
@@ -15,7 +15,7 @@
 
 // +build linux
 
-package v2
+package shim
 
 import (
 	"context"

diff --git a/pkg/shim/v2/state.go → pkg/shim/state.go b/pkg/shim/v2/state.go → pkg/shim/state.go
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package v2
+package shim
 
 import (
 	"encoding/json"

diff --git a/pkg/shim/v1/utils/BUILD → pkg/shim/utils/BUILD b/pkg/shim/v1/utils/BUILD → pkg/shim/utils/BUILD
diff --git a/pkg/shim/v1/utils/annotations.go → pkg/shim/utils/annotations.go b/pkg/shim/v1/utils/annotations.go → pkg/shim/utils/annotations.go
diff --git a/pkg/shim/v1/utils/utils.go → pkg/shim/utils/utils.go b/pkg/shim/v1/utils/utils.go → pkg/shim/utils/utils.go
@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package utils contains utility functions.
+// Package utils container miscellaneous utility function used by the shim.
 package utils
 
 import (

diff --git a/pkg/shim/v1/utils/volumes.go → pkg/shim/utils/volumes.go b/pkg/shim/v1/utils/volumes.go → pkg/shim/utils/volumes.go
diff --git a/pkg/shim/v1/utils/volumes_test.go → pkg/shim/utils/volumes_test.go b/pkg/shim/v1/utils/volumes_test.go → pkg/shim/utils/volumes_test.go
diff --git a/pkg/shim/v1/shim/BUILD b/pkg/shim/v1/shim/BUILD
diff --git a/pkg/shim/v1/shim/api.go b/pkg/shim/v1/shim/api.go