Skip to content

Commit 36cb243

Browse files
committed
feat(shim): add containerd access session
Signed-off-by: sidneychang <2190206983@qq.com>
1 parent 05b0d3e commit 36cb243

3 files changed

Lines changed: 145 additions & 1 deletion

File tree

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,7 @@ URUNC_SRC += $(wildcard $(CURDIR)/pkg/unikontainers/initrd/*.go)
7373
URUNC_SRC += $(wildcard $(CURDIR)/pkg/network/*.go)
7474
SHIM_SRC := $(wildcard $(CURDIR)/cmd/containerd-shim-urunc-v2/*.go)
7575
SHIM_SRC += $(wildcard $(CURDIR)/pkg/containerd-shim/*.go)
76+
SHIM_SRC += $(wildcard $(CURDIR)/pkg/containerd-shim/containerd/*.go)
7677

7778
#? CNTR_TOOL Tool to run the linter container (default: docker)
7879
CNTR_TOOL ?= docker

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ require (
2828
github.com/vishvananda/netlink v1.3.1
2929
github.com/vishvananda/netns v0.0.5
3030
golang.org/x/sys v0.43.0
31+
google.golang.org/grpc v1.79.3
3132
k8s.io/cri-api v0.35.4
3233
)
3334

@@ -79,7 +80,6 @@ require (
7980
golang.org/x/tools v0.41.0 // indirect
8081
google.golang.org/genproto v0.0.0-20260128011058-8636f8732409 // indirect
8182
google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 // indirect
82-
google.golang.org/grpc v1.79.3 // indirect
8383
google.golang.org/protobuf v1.36.11 // indirect
8484
gopkg.in/yaml.v3 v3.0.1 // indirect
8585
)
Lines changed: 143 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,143 @@
1+
// Copyright (c) 2023-2026, Nubificus LTD
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
package containerd
16+
17+
import (
18+
"context"
19+
"fmt"
20+
"time"
21+
22+
containersapi "github.com/containerd/containerd/api/services/containers/v1"
23+
"github.com/containerd/containerd/defaults"
24+
"github.com/containerd/containerd/errdefs"
25+
"github.com/containerd/containerd/namespaces"
26+
"github.com/containerd/containerd/pkg/dialer"
27+
"google.golang.org/grpc"
28+
"google.golang.org/grpc/backoff"
29+
"google.golang.org/grpc/credentials/insecure"
30+
)
31+
32+
const defaultConnectTimeout = 10 * time.Second
33+
34+
type Session struct {
35+
conn *grpc.ClientConn
36+
37+
namespace string
38+
containerID string
39+
container *containersapi.Container
40+
}
41+
42+
// OpenSession opens a containerd session and loads the task container metadata.
43+
func OpenSession(ctx context.Context, address, containerID string) (*Session, error) {
44+
if address == "" {
45+
return nil, fmt.Errorf("containerd address is empty")
46+
}
47+
if containerID == "" {
48+
return nil, fmt.Errorf("container id is empty")
49+
}
50+
51+
namespace, err := namespaces.NamespaceRequired(ctx)
52+
if err != nil {
53+
return nil, err
54+
}
55+
56+
backoffConfig := backoff.DefaultConfig
57+
backoffConfig.MaxDelay = 3 * time.Second
58+
dialOptions := []grpc.DialOption{
59+
grpc.WithBlock(),
60+
grpc.WithTransportCredentials(insecure.NewCredentials()),
61+
grpc.FailOnNonTempDialError(true),
62+
grpc.WithConnectParams(grpc.ConnectParams{Backoff: backoffConfig}),
63+
grpc.WithContextDialer(dialer.ContextDialer),
64+
grpc.WithReturnConnectionError(),
65+
grpc.WithDefaultCallOptions(
66+
grpc.MaxCallRecvMsgSize(defaults.DefaultMaxRecvMsgSize),
67+
grpc.MaxCallSendMsgSize(defaults.DefaultMaxSendMsgSize),
68+
),
69+
}
70+
71+
dialCtx, cancel := context.WithTimeout(ctx, defaultConnectTimeout)
72+
defer cancel()
73+
74+
conn, err := grpc.DialContext(dialCtx, dialer.DialAddress(address), dialOptions...)
75+
if err != nil {
76+
return nil, fmt.Errorf("dial containerd at %q: %w", address, err)
77+
}
78+
79+
session := &Session{
80+
conn: conn,
81+
namespace: namespace,
82+
containerID: containerID,
83+
}
84+
85+
container, err := loadContainer(ctx, namespace, containerID, containersapi.NewContainersClient(conn))
86+
if err != nil {
87+
if closeErr := conn.Close(); closeErr != nil {
88+
return nil, fmt.Errorf("loadContainer failed: %w; close containerd connection: %v", err, closeErr)
89+
}
90+
return nil, fmt.Errorf("loadContainer failed: %w", err)
91+
}
92+
session.container = container
93+
94+
return session, nil
95+
}
96+
97+
func (s *Session) Close() error {
98+
if s == nil || s.conn == nil {
99+
return nil
100+
}
101+
return s.conn.Close()
102+
}
103+
104+
func (s *Session) GetNamespace() string {
105+
return s.namespace
106+
}
107+
108+
func (s *Session) GetContainerID() string {
109+
return s.containerID
110+
}
111+
112+
func (s *Session) GetContainer() *containersapi.Container {
113+
return s.container
114+
}
115+
116+
func loadContainer(ctx context.Context, namespace, containerID string, client containersapi.ContainersClient) (*containersapi.Container, error) {
117+
resp, err := client.Get(withNamespace(ctx, namespace), &containersapi.GetContainerRequest{
118+
ID: containerID,
119+
})
120+
if err != nil {
121+
return nil, fmt.Errorf("get container %q: %w", containerID, containerdErr(err))
122+
}
123+
container := resp.GetContainer()
124+
if container == nil {
125+
return nil, fmt.Errorf("get container %q: response missing container", containerID)
126+
}
127+
128+
return container, nil
129+
}
130+
131+
func withNamespace(ctx context.Context, namespace string) context.Context {
132+
if ctx == nil {
133+
ctx = context.Background()
134+
}
135+
return namespaces.WithNamespace(ctx, namespace)
136+
}
137+
138+
func containerdErr(err error) error {
139+
if err == nil {
140+
return nil
141+
}
142+
return errdefs.FromGRPC(err)
143+
}

0 commit comments

Comments
 (0)