Fix sandbox task API endpoints for non-runc runtimes#13360
Conversation
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
There was a problem hiding this comment.
Pull request overview
This PR fixes sandbox task API endpoint handling for non-runc runtimes by moving the task API endpoint fields out of runc-specific runtime options and into the generic Tasks CreateTaskRequest, while keeping backward compatibility via deprecated runc option fields.
Changes:
- Add
task_api_address/task_api_versiontoCreateTaskRequestand plumb them through the client and task service. - Deprecate
task_api_address/task_api_versionin runc options protos and generated code. - Switch the repo to use the in-tree
./apimodule via areplace, updating vendoring metadata accordingly.
Reviewed changes
Copilot reviewed 9 out of 18 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| vendor/modules.txt | Updates vendoring metadata for github.com/containerd/containerd/api to use ./api. |
| vendor/github.com/containerd/containerd/api/types/runc/options/oci.proto | Marks runc option fields for task API endpoint as deprecated (vendored copy). |
| vendor/github.com/containerd/containerd/api/types/runc/options/oci.pb.go | Regenerates vendored Go bindings with deprecation annotations. |
| vendor/github.com/containerd/containerd/api/services/tasks/v1/tasks.proto | Adds task API endpoint fields to CreateTaskRequest (vendored copy). |
| vendor/github.com/containerd/containerd/api/LICENSE | Removes vendored API module LICENSE file. |
| plugins/services/tasks/local.go | Reads task API endpoint from CreateTaskRequest and keeps fallback to deprecated runc options. |
| go.sum | Drops sums for the now-replaced github.com/containerd/containerd/api module. |
| go.mod | Adds replace github.com/containerd/containerd/api => ./api. |
| client/task.go | Extends TaskInfo to carry task API endpoint info. |
| client/task_opts.go | Updates WithTaskAPIEndpoint to set TaskInfo fields instead of mutating runc options. |
| client/container.go | Plumbs TaskInfo task API endpoint fields into CreateTaskRequest. |
| api/types/runc/options/oci.proto | Marks runc option fields for task API endpoint as deprecated (source copy). |
| api/types/runc/options/oci.pb.go | Regenerates Go bindings with deprecation annotations. |
| api/services/tasks/v1/tasks.proto | Adds task API endpoint fields to CreateTaskRequest (source copy). |
| api/services/tasks/v1/tasks.pb.go | Regenerates Go bindings for tasks service request fields. |
| api/next.txtpb | Regenerates Buf descriptor output to reflect proto/API changes. |
| api/buf.lock | Updates Buf dependency lock metadata. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
cc @Apokleos, as this solves the issue you're hitting on kata-containers/kata-containers#12957 @mxpv, it'd be nice to have this one backported to the 2.3 branch Thanks for the quick fix, btw! :-) |
containerd 2.3 requires Go 1.26.3, but Kata still pins Go 1.25.10. Use Go 1.26.3 for the sandbox-api job so that make cri-integration can build containerd from source. Checkout containerd/containerd#13360 which moves the task API address/version fields out of runc-specific options into CreateTaskRequest, fixing the sandbox API flow for non-runc runtimes. Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
dims
left a comment
There was a problem hiding this comment.
LGTM.
there's a comment from @samuelkarp though :)
mikebrow
left a comment
There was a problem hiding this comment.
LGTM
see note to self regarding lack of doc/defaulting for these two fields being deprecated as runc options
| // task api address, can be a unix domain socket, or vsock address. | ||
| // it is in the form of ttrpc+unix://path/to/uds or grpc+vsock://<vsock cid>:<port>. | ||
| string task_api_address = 12; | ||
| string task_api_address = 12 [deprecated = true]; |
There was a problem hiding this comment.
note to self... these two now deprecated fields taskapiaddress and taskapiversion were never documented in the config.md, nor defaulted for display with the containerd config default command.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 18 changed files in this pull request and generated 2 comments.
Files not reviewed (2)
- api/services/tasks/v1/tasks.pb.go: Language not supported
- api/types/runc/options/oci.pb.go: Language not supported
mikebrow
left a comment
There was a problem hiding this comment.
additional log entries also LGTM
94aa30d to
e55f5ef
Compare
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 8 out of 19 changed files in this pull request and generated 1 comment.
Files not reviewed (2)
- api/services/tasks/v1/tasks.pb.go: Language not supported
- api/types/runc/options/oci.pb.go: Language not supported
| CgroupV1: "The support for cgroup v1 is deprecated since containerd v2.2 and will be removed by no later than May 2029. Upgrade the host to use cgroup v2.", | ||
| CRIEnableCDI: "The `enable_cdi` property of `[plugins.\"io.containerd.cri.v1.runtime\"]` is deprecated, will be removed in containerd v2.3, and CDI support will always be enabled.", | ||
|
|
||
| RuncOptionsTaskAPIAddress: "The `task_api_address` field in runc options is deprecated since containerd v2.3. Set `task_api_address` on CreateTaskRequest instead.", |
There was a problem hiding this comment.
Since 2.3? Planning to cherry-pick this back?
There was a problem hiding this comment.
Yes, it'd be good to cherry-pick this to 2.3
|
/cherry-pick release/2.3 |
|
@mxpv: new pull request created: #13422 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
I believe we overlooked this in #9736 and introduced task API address and version fields in Runc options.
Those are used in Sandbox API flow and have nothing to do with runc specifically.
As the result it doesn't work with other runtimes - #12986
This PR deprecates fields introduced in runc options and moves them to
CreateTaskRequest.