gVisor w/ containerd v2.x #11319
Comments
|
https://github.com/monogon-dev/monogon/blob/main/third_party/go/patches/gvisor-containerd-compat.patch is what we're using, most things work fine with that. |
|
Thanks a lot @lorenz |
|
I tried adapting @lorenz patch above to latest |
|
It looks like this is a bug in containerd. We've merged a fix in containerd/containerd#11741 and it should be in the next 2.0.x release (2.0.6). |
|
I tested and verified that gvsior behavior is working pro once the fix is patched. |
|
Hi colleagues, Can you please confirm if the fix discussed here will be available in containerd v2.1.0? Thanks! |
|
Please note the change got reverted in containerd 2.1.0: containerd/containerd#11793 |
|
The PR you linked is the new fix, which I have verified that it works |
We're observing some issues with Talos Linux and gvisor/containerd 2.1.0:
I will update once I know more, but it seems to be a different issue linked to gvsior pod shutdown. |
|
@smira can you verified that Talos works with https://github.com/containerd/containerd/tree/release/2.0 I am working on containerd/containerd#11828 to cherry pick the change into 2.0.x release, it will be helpful if you can share more on what went wrong on your side |
|
I can verify that containerd 2.0 works with the patch from the original PR with gvisor: https://github.com/siderolabs/pkgs/tree/release-1.10/containerd/patches The restart patch is not relevant here. |
|
@milantracy the tests seem to pass now for Talos I don't have any details (yet), but there's definitely something missing. |
|
So I can see that the following process is "left" once the gVisor pod terminated with contianerd 2.1.0: |
Description
integrate gVisor with containerd v2.x
would be good to start with, while I don't expect a significant number of changes on gVisor.
Is this feature related to a specific bug?
No response
Do you have a specific solution in mind?
No response
The text was updated successfully, but these errors were encountered: