pre-install: pre-install: Remove nydus-snapshotter config #280
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/test |
fitzthum
approved these changes
Oct 31, 2023
There was a problem hiding this comment.
LGTM. We might want to run the tests twice here because this is a change to the uninstall stuff.
Also, @ryansavino looks like we need some cleanup on the SEV/SNP node.
wainersm
approved these changes
Oct 31, 2023
fidencio
force-pushed
the
topic/remove-leftover-config-on-post-uninstall
branch
from
f29c2ac to
f73b1de
Compare
|
/test |
fidencio
force-pushed
the
topic/remove-leftover-config-on-post-uninstall
branch
from
f73b1de to
db75f8e
Compare
wainersm
reviewed
Oct 31, 2023
| for i in `ctr -n k8s.io snapshot --snapshotter nydus list | grep -v KEY | cut -d' ' -f1`; do | ||
| ctr -n k8s.io snapshot --snapshotter nydus rm $i || true | ||
| for i in `host_ctr -n k8s.io snapshot --snapshotter nydus list | grep -v KEY | cut -d' ' -f1`; do | ||
| host_ctr -n k8s.io snapshot --snapshotter nydus rm $i || true |
There was a problem hiding this comment.
@fidencio I was about to ask you if there is a situation where ctr is not installed, but this || true will handle any error.
|
/test |
We've been leaving the nydus-snapshotter config behind because we were trying to remove it from a path that was changed from the first iteration of the nydus-snapshotter addition, but ended up not being noticed during review. While here, let's also make sure to entirely remove `/opt/confidential-containers/share`, as nydus-snapshotter is the only bit of code using that. Fixes: confidential-containers#278 Signed-off-by: Fabiano Fidêncio <[email protected]>
Otherwise ctr will not find nydus as one of its available napshotters. Signed-off-by: Fabiano Fidêncio <[email protected]>
Let's take the same approach taken to use systemd and use ctr directly from the host, which helps us to avoid actually mounting /run/ content into our daemonset. Signed-off-by: Fabiano Fidêncio <[email protected]>
fidencio
force-pushed
the
topic/remove-leftover-config-on-post-uninstall
branch
from
db75f8e to
4c8d276
Compare
|
/test |
|
I'm going ahead and merging this one, as the changes will most likely help with the AMD / Intel CIs. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We've been leaving the nydus-snapshotter config behind because we were
trying to remove it from a path that was changed from the first
iteration of the nydus-snapshotter addition, but ended up not being
noticed during review.
While here, let's also make sure to entirely remove
/opt/confidential-containers/share, as nydus-snapshotter is the onlybit of code using that.
Fixes: #278
While here let's also pre-remove ctr cleanup of nydus snapshotters
This has proven to be useless as it is, as
ctrdoesn't have access tothe
/var/run/{containerd,containerd-nydus}to actually be able toperform any operation.
We could, obviously, expose those to the operator, but I'm very much
against adding even more host mounts to the operator, unless this is
strictly needed, and right now I don't think it is (and I'm fine to be
proven wrong in the future ;-)).