services: containerd: Provision separately from docker service.
containerd can operate independently without relying on Docker for its configuration. * gnu/services/docker.scm (docker-configuration): Deprecate containerd field. (containerd-configuration, containerd-service-type): New variables. (docker-shepherd-service): Use containerd-configuration. Delete duplicated variable binding. Allow to configure environment variables. (docker-service-type): Delete extension with containerd-service-type. * gnu/tests/docker.scm (%docker-os, %oci-os): Add containerd service. (run-docker-test, run-docker-system-test, run-oci-container-test): Run containerd service. * doc/guix.texi (Miscellaneous Services): Document containerd-service-type. Change-Id: Ife0924e50a3e0aa2302d6592dae51ed894600004master
parent
4e9c5c6019
commit
26638b8e81
|
@ -40737,12 +40737,54 @@ The following is an example @code{dicod-service-type} configuration.
|
||||||
|
|
||||||
The @code{(gnu services docker)} module provides the following services.
|
The @code{(gnu services docker)} module provides the following services.
|
||||||
|
|
||||||
|
@cindex containerd, container runtime
|
||||||
|
@defvar containerd-service-type
|
||||||
|
|
||||||
|
This service type operates containerd
|
||||||
|
@url{https://containerd.io,containerd}, a daemon responsible for
|
||||||
|
overseeing the entire container lifecycle on its host system. This
|
||||||
|
includes image handling, storage management, container execution,
|
||||||
|
supervision, low-level storage operations, network connections, and
|
||||||
|
more.
|
||||||
|
|
||||||
|
@end defvar
|
||||||
|
|
||||||
|
@deftp {Data Type} containerd-configuration
|
||||||
|
This is the data type representing the configuration of containerd.
|
||||||
|
|
||||||
|
@table @asis
|
||||||
|
|
||||||
|
@item @code{containerd} (default: @code{containerd})
|
||||||
|
The containerd daemon package to use.
|
||||||
|
|
||||||
|
@item @code{debug?} (default @code{#f})
|
||||||
|
Enable or disable debug output.
|
||||||
|
|
||||||
|
@item @code{environment-variables} (default: @code{'()})
|
||||||
|
List of environment variables to set for @command{containerd}.
|
||||||
|
|
||||||
|
This must be a list of strings where each string has the form
|
||||||
|
@samp{@var{key}=@var{value}} as in this example:
|
||||||
|
|
||||||
|
@lisp
|
||||||
|
(list "HTTP_PROXY=socks5://127.0.0.1:9150"
|
||||||
|
"HTTPS_PROXY=socks5://127.0.0.1:9150")
|
||||||
|
@end lisp
|
||||||
|
|
||||||
|
@end table
|
||||||
|
@end deftp
|
||||||
|
|
||||||
@defvar docker-service-type
|
@defvar docker-service-type
|
||||||
|
|
||||||
This is the type of the service that runs @url{https://www.docker.com,Docker},
|
This is the type of the service that runs @url{https://www.docker.com,Docker},
|
||||||
a daemon that can execute application bundles (sometimes referred to as
|
a daemon that can execute application bundles (sometimes referred to as
|
||||||
``containers'') in isolated environments.
|
``containers'') in isolated environments.
|
||||||
|
|
||||||
|
The @code{containerd-service-type} service need to be added to a system
|
||||||
|
configuration, otherwise a message about not any service provides
|
||||||
|
@code{containerd} will be displayed during @code{guix system
|
||||||
|
reconfigure}.
|
||||||
|
|
||||||
@end defvar
|
@end defvar
|
||||||
|
|
||||||
@deftp {Data Type} docker-configuration
|
@deftp {Data Type} docker-configuration
|
||||||
|
@ -40757,7 +40799,7 @@ The Docker daemon package to use.
|
||||||
The Docker client package to use.
|
The Docker client package to use.
|
||||||
|
|
||||||
@item @code{containerd} (default: @var{containerd})
|
@item @code{containerd} (default: @var{containerd})
|
||||||
The Containerd package to use.
|
This field is deprecated in favor of @code{containerd-service-type} service.
|
||||||
|
|
||||||
@item @code{proxy} (default @var{docker-libnetwork-cmd-proxy})
|
@item @code{proxy} (default @var{docker-libnetwork-cmd-proxy})
|
||||||
The Docker user-land networking proxy package to use.
|
The Docker user-land networking proxy package to use.
|
||||||
|
|
|
@ -49,7 +49,9 @@
|
||||||
#:use-module (ice-9 format)
|
#:use-module (ice-9 format)
|
||||||
#:use-module (ice-9 match)
|
#:use-module (ice-9 match)
|
||||||
|
|
||||||
#:export (docker-configuration
|
#:export (containerd-configuration
|
||||||
|
containerd-service-type
|
||||||
|
docker-configuration
|
||||||
docker-service-type
|
docker-service-type
|
||||||
singularity-service-type
|
singularity-service-type
|
||||||
oci-image
|
oci-image
|
||||||
|
@ -99,7 +101,7 @@
|
||||||
"Docker client package.")
|
"Docker client package.")
|
||||||
(containerd
|
(containerd
|
||||||
(file-like containerd)
|
(file-like containerd)
|
||||||
"containerd package.")
|
"Deprecated. Do not use.")
|
||||||
(proxy
|
(proxy
|
||||||
(file-like docker-libnetwork-cmd-proxy)
|
(file-like docker-libnetwork-cmd-proxy)
|
||||||
"The proxy package to support inter-container and outside-container
|
"The proxy package to support inter-container and outside-container
|
||||||
|
@ -121,6 +123,18 @@ loop-back communications.")
|
||||||
"JSON configuration file to pass to dockerd")
|
"JSON configuration file to pass to dockerd")
|
||||||
(no-serialization))
|
(no-serialization))
|
||||||
|
|
||||||
|
(define-configuration containerd-configuration
|
||||||
|
(containerd
|
||||||
|
(file-like containerd)
|
||||||
|
"containerd package.")
|
||||||
|
(debug?
|
||||||
|
(boolean #f)
|
||||||
|
"Enable or disable debug output.")
|
||||||
|
(environment-variables
|
||||||
|
(list '())
|
||||||
|
"Environment variables to set for containerd.")
|
||||||
|
(no-serialization))
|
||||||
|
|
||||||
(define %docker-accounts
|
(define %docker-accounts
|
||||||
(list (user-group (name "docker") (system? #t))))
|
(list (user-group (name "docker") (system? #t))))
|
||||||
|
|
||||||
|
@ -138,25 +152,38 @@ loop-back communications.")
|
||||||
(mkdir-p #$state-dir))))
|
(mkdir-p #$state-dir))))
|
||||||
|
|
||||||
(define (containerd-shepherd-service config)
|
(define (containerd-shepherd-service config)
|
||||||
(let* ((package (docker-configuration-containerd config))
|
(match-record config <containerd-configuration>
|
||||||
(debug? (docker-configuration-debug? config))
|
(containerd debug? environment-variables)
|
||||||
(containerd (docker-configuration-containerd config)))
|
|
||||||
(shepherd-service
|
(shepherd-service
|
||||||
(documentation "containerd daemon.")
|
(documentation "containerd daemon.")
|
||||||
(provision '(containerd))
|
(provision '(containerd))
|
||||||
(start #~(make-forkexec-constructor
|
(start #~(make-forkexec-constructor
|
||||||
(list (string-append #$package "/bin/containerd")
|
(list (string-append #$containerd "/bin/containerd")
|
||||||
#$@(if debug?
|
#$@(if debug?
|
||||||
'("--log-level=debug")
|
'("--log-level=debug")
|
||||||
'()))
|
'()))
|
||||||
;; For finding containerd-shim binary.
|
;; For finding containerd-shim binary.
|
||||||
#:environment-variables
|
#:environment-variables
|
||||||
(list (string-append "PATH=" #$containerd "/bin"))
|
(list #$@environment-variables
|
||||||
|
(string-append "PATH=" #$containerd "/bin"))
|
||||||
#:pid-file "/run/containerd/containerd.pid"
|
#:pid-file "/run/containerd/containerd.pid"
|
||||||
#:pid-file-timeout 300
|
#:pid-file-timeout 300
|
||||||
#:log-file "/var/log/containerd.log"))
|
#:log-file "/var/log/containerd.log"))
|
||||||
(stop #~(make-kill-destructor)))))
|
(stop #~(make-kill-destructor)))))
|
||||||
|
|
||||||
|
(define containerd-service-type
|
||||||
|
(service-type (name 'containerd)
|
||||||
|
(description "Run containerd container runtime.")
|
||||||
|
(extensions
|
||||||
|
(list
|
||||||
|
;; Make sure the 'ctr' command is available.
|
||||||
|
(service-extension profile-service-type
|
||||||
|
(compose list containerd-configuration-containerd))
|
||||||
|
(service-extension shepherd-root-service-type
|
||||||
|
(lambda (config)
|
||||||
|
(list (containerd-shepherd-service config))))))
|
||||||
|
(default-value (containerd-configuration))))
|
||||||
|
|
||||||
(define (docker-shepherd-service config)
|
(define (docker-shepherd-service config)
|
||||||
(let* ((docker (docker-configuration-docker config))
|
(let* ((docker (docker-configuration-docker config))
|
||||||
(enable-proxy? (docker-configuration-enable-proxy? config))
|
(enable-proxy? (docker-configuration-enable-proxy? config))
|
||||||
|
@ -212,8 +239,7 @@ bundles in Docker containers.")
|
||||||
%docker-activation)
|
%docker-activation)
|
||||||
(service-extension shepherd-root-service-type
|
(service-extension shepherd-root-service-type
|
||||||
(lambda (config)
|
(lambda (config)
|
||||||
(list (containerd-shepherd-service config)
|
(list (docker-shepherd-service config))))
|
||||||
(docker-shepherd-service config))))
|
|
||||||
(service-extension account-service-type
|
(service-extension account-service-type
|
||||||
(const %docker-accounts))))
|
(const %docker-accounts))))
|
||||||
(default-value (docker-configuration))))
|
(default-value (docker-configuration))))
|
||||||
|
|
|
@ -54,6 +54,7 @@
|
||||||
(service dbus-root-service-type)
|
(service dbus-root-service-type)
|
||||||
(service polkit-service-type)
|
(service polkit-service-type)
|
||||||
(service elogind-service-type)
|
(service elogind-service-type)
|
||||||
|
(service containerd-service-type)
|
||||||
(service docker-service-type)))
|
(service docker-service-type)))
|
||||||
|
|
||||||
(define (run-docker-test docker-tarball)
|
(define (run-docker-test docker-tarball)
|
||||||
|
@ -88,7 +89,21 @@ inside %DOCKER-OS."
|
||||||
(test-runner-current (system-test-runner #$output))
|
(test-runner-current (system-test-runner #$output))
|
||||||
(test-begin "docker")
|
(test-begin "docker")
|
||||||
|
|
||||||
(test-assert "service running"
|
(test-assert "containerd service running"
|
||||||
|
(marionette-eval
|
||||||
|
'(begin
|
||||||
|
(use-modules (gnu services herd))
|
||||||
|
(match (start-service 'containerd)
|
||||||
|
(#f #f)
|
||||||
|
(('service response-parts ...)
|
||||||
|
(match (assq-ref response-parts 'running)
|
||||||
|
((pid) (number? pid))))))
|
||||||
|
marionette))
|
||||||
|
|
||||||
|
(test-assert "containerd PID file present"
|
||||||
|
(wait-for-file "/run/containerd/containerd.pid" marionette))
|
||||||
|
|
||||||
|
(test-assert "dockerd service running"
|
||||||
(marionette-eval
|
(marionette-eval
|
||||||
'(begin
|
'(begin
|
||||||
(use-modules (gnu services herd))
|
(use-modules (gnu services herd))
|
||||||
|
@ -234,6 +249,20 @@ inside %DOCKER-OS."
|
||||||
(test-runner-current (system-test-runner #$output))
|
(test-runner-current (system-test-runner #$output))
|
||||||
(test-begin "docker")
|
(test-begin "docker")
|
||||||
|
|
||||||
|
(test-assert "containerd service running"
|
||||||
|
(marionette-eval
|
||||||
|
'(begin
|
||||||
|
(use-modules (gnu services herd))
|
||||||
|
(match (start-service 'containerd)
|
||||||
|
(#f #f)
|
||||||
|
(('service response-parts ...)
|
||||||
|
(match (assq-ref response-parts 'running)
|
||||||
|
((pid) (number? pid))))))
|
||||||
|
marionette))
|
||||||
|
|
||||||
|
(test-assert "containerd PID file present"
|
||||||
|
(wait-for-file "/run/containerd/containerd.pid" marionette))
|
||||||
|
|
||||||
(test-assert "service running"
|
(test-assert "service running"
|
||||||
(marionette-eval
|
(marionette-eval
|
||||||
'(begin
|
'(begin
|
||||||
|
@ -327,6 +356,7 @@ docker-image} inside Docker.")
|
||||||
(service dbus-root-service-type)
|
(service dbus-root-service-type)
|
||||||
(service polkit-service-type)
|
(service polkit-service-type)
|
||||||
(service elogind-service-type)
|
(service elogind-service-type)
|
||||||
|
(service containerd-service-type)
|
||||||
(service docker-service-type)
|
(service docker-service-type)
|
||||||
(extra-special-file "/shared.txt"
|
(extra-special-file "/shared.txt"
|
||||||
(plain-file "shared.txt" "hello"))
|
(plain-file "shared.txt" "hello"))
|
||||||
|
@ -384,6 +414,20 @@ docker-image} inside Docker.")
|
||||||
(test-runner-current (system-test-runner #$output))
|
(test-runner-current (system-test-runner #$output))
|
||||||
(test-begin "oci-container")
|
(test-begin "oci-container")
|
||||||
|
|
||||||
|
(test-assert "containerd service running"
|
||||||
|
(marionette-eval
|
||||||
|
'(begin
|
||||||
|
(use-modules (gnu services herd))
|
||||||
|
(match (start-service 'containerd)
|
||||||
|
(#f #f)
|
||||||
|
(('service response-parts ...)
|
||||||
|
(match (assq-ref response-parts 'running)
|
||||||
|
((pid) (number? pid))))))
|
||||||
|
marionette))
|
||||||
|
|
||||||
|
(test-assert "containerd PID file present"
|
||||||
|
(wait-for-file "/run/containerd/containerd.pid" marionette))
|
||||||
|
|
||||||
(test-assert "dockerd running"
|
(test-assert "dockerd running"
|
||||||
(marionette-eval
|
(marionette-eval
|
||||||
'(begin
|
'(begin
|
||||||
|
|
Reference in New Issue