Add runtime config from source containerd config to drop-in file

This change updates the drop-in file contents that the nvidia-ctk-installer creates
for containerd. In addition to adding nvidia runtimes, the nvidia-ctk-installer
also includes all existing runtime configuration present in the source containerd
configuration. That is, all configuration already present in the
'plugins."io.containerd.grpc.v1.cri".containerd.runtimes' section will be added
to our drop-in file.

This is needed due to how containerd merges configuration from multiple files.
See containerd/containerd#5837

Signed-off-by: Christopher Desiniotis <[email protected]>

Author: cdesiniotis

cmd/nvidia-ctk-installer/container/runtime/containerd/config_test.go

@@ -809,6 +809,12 @@ version = 2
 
           [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 				return nil
@@ -954,6 +960,12 @@ version = 2
 
           [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 				return nil
@@ -1109,6 +1121,12 @@ version = 2
 
       [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
 
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.custom]
+          runtime_type = "io.containerd.custom.v1"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.custom.options]
+            TypeUrl = "custom.runtime/options"
+
         [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia]
           container_annotations = ["cdi.k8s.io*"]
           runtime_type = "io.containerd.runc.v2"
@@ -1132,6 +1150,13 @@ version = 2
           [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
             SystemdCgroup = true
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
+            SystemdCgroup = true
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 				return nil
@@ -1278,6 +1303,12 @@ version = 2
 
           [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
 `
 
 				require.Equal(t, expectedDropIn, string(actualDropIn))
@@ -1407,6 +1438,12 @@ version = 2
 
           [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 				return nil
@@ -1533,6 +1570,12 @@ version = 3
 
           [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.nvidia-legacy.options]
             BinaryName = "/usr/bin/nvidia-container-runtime.legacy"
+
+        [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 
@@ -1678,6 +1721,15 @@ version = 3
             NoPivotRoot = false
             Root = "/run/containerd/runc"
             SystemdCgroup = true
+
+        [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
+          runtime_type = "io.containerd.runc.v2"
+
+          [plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc.options]
+            BinaryName = "/usr/bin/runc"
+            NoPivotRoot = false
+            Root = "/run/containerd/runc"
+            SystemdCgroup = true
 `
 				require.Equal(t, expectedDropIn, string(actualDropIn))
 

pkg/config/engine/containerd/config_test.go

@@ -95,6 +95,14 @@ func TestAddRuntime(t *testing.T) {
 			[plugins."io.containerd.grpc.v1.cri"]
 				[plugins."io.containerd.grpc.v1.cri".containerd]
 				[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+					privileged_without_host_devices = true
+					runtime_engine = "engine"
+					runtime_root = "root"
+					runtime_type = "type"
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+						BinaryName = "/usr/bin/runc"
+						SystemdCgroup = true
 					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test]
 					privileged_without_host_devices = true
 					runtime_engine = "engine"
@@ -129,6 +137,14 @@ func TestAddRuntime(t *testing.T) {
 			[plugins."io.containerd.grpc.v1.cri"]
 				[plugins."io.containerd.grpc.v1.cri".containerd]
 				[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.default]
+					privileged_without_host_devices = true
+					runtime_engine = "engine"
+					runtime_root = "root"
+					runtime_type = "type"
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.default.options]
+						BinaryName = "/usr/bin/default"
+						SystemdCgroup = true
 					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test]
 					privileged_without_host_devices = true
 					runtime_engine = "engine"
@@ -171,6 +187,22 @@ func TestAddRuntime(t *testing.T) {
 			[plugins."io.containerd.grpc.v1.cri"]
 				[plugins."io.containerd.grpc.v1.cri".containerd]
 				[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+					privileged_without_host_devices = true
+					runtime_engine = "engine"
+					runtime_root = "root"
+					runtime_type = "type"
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+						BinaryName = "/usr/bin/runc"
+						SystemdCgroup = true
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.default]
+					privileged_without_host_devices = false
+					runtime_engine = "defaultengine"
+					runtime_root = "defaultroot"
+					runtime_type = "defaulttype"
+					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.default.options]
+						BinaryName = "/usr/bin/default"
+						SystemdCgroup = false
 					[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.test]
 					privileged_without_host_devices = false
 					runtime_engine = "defaultengine"
@@ -225,6 +257,14 @@ func TestAddRuntime(t *testing.T) {
 			[plugins."io.containerd.cri.v1.runtime"]
 				[plugins."io.containerd.cri.v1.runtime".containerd]
 				[plugins."io.containerd.cri.v1.runtime".containerd.runtimes]
+					[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
+					privileged_without_host_devices = true
+					runtime_engine = "engine"
+					runtime_root = "root"
+					runtime_type = "type"
+					[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc.options]
+						BinaryName = "/usr/bin/runc"
+						SystemdCgroup = true
 					[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.test]
 					privileged_without_host_devices = true
 					runtime_engine = "engine"

pkg/config/engine/containerd/containerd.go

@@ -133,10 +133,14 @@ func New(opts ...Option) (engine.Interface, error) {
 		}
 		dropInConfig := &engine.Config{
 			Source: sourceConfig,
-			// The destinationConfig is an empty config with the same options
-			// as the source config.
+			// The destinationConfig is a minimal config with the same options
+			// as the source config. The starting content of the destinationConfig
+			// is the entire plugins."io.containerd.grpc.v1.cri".containerd.runtimes
+			// section of the source config. This is needed due to how containerd
+			// merges configuration from multiple files.
+			// Reference: https://github.com/containerd/containerd/issues/5837
 			Destination: &Config{
-				Tree:          toml.NewEmpty(),
+				Tree:          getBaseDropInConfigTree(sourceConfig),
 				configOptions: sourceConfigOptions,
 			},
 		}
@@ -204,3 +208,12 @@ func chrootIfRequired(hostRoot string, commandLine ...string) []string {
 
 	return append([]string{"chroot", hostRoot}, commandLine...)
 }
+
+func getBaseDropInConfigTree(sourceConfig *Config) *toml.Tree {
+	baseDropInConfigTree := toml.NewEmpty()
+	runtimes := sourceConfig.GetSubtreeByPath([]string{"plugins", sourceConfig.CRIRuntimePluginName, "containerd", "runtimes"})
+	if runtimes != nil {
+		baseDropInConfigTree.SetPath([]string{"plugins", sourceConfig.CRIRuntimePluginName, "containerd", "runtimes"}, runtimes)
+	}
+	return baseDropInConfigTree
+}