Limit implicit image pulling to the pause image
The CRI doesn't expect us to implicitly pull an image if it isn't already present before we're asked to use it to create a container, and the tests no longer depend on us doing so, either. Limit the logic which attempts to pull an image, if it isn't present, to only pulling the configured "pause" image, since our use of that image for running pod sandboxes is an implementation detail that our clients can't be expected to know or care about. Include the name of the image that we didn't pull in the error we return when we don't pull one. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This commit is contained in:
parent
749d24fbab
commit
aeea656581
3 changed files with 22 additions and 10 deletions
|
@ -3,6 +3,7 @@ package storage
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
|
"fmt"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/Sirupsen/logrus"
|
"github.com/Sirupsen/logrus"
|
||||||
|
@ -39,6 +40,7 @@ var (
|
||||||
|
|
||||||
type runtimeService struct {
|
type runtimeService struct {
|
||||||
image ImageServer
|
image ImageServer
|
||||||
|
pauseImage string
|
||||||
}
|
}
|
||||||
|
|
||||||
// ContainerInfo wraps a subset of information about a container: its ID and
|
// ContainerInfo wraps a subset of information about a container: its ID and
|
||||||
|
@ -176,12 +178,7 @@ func (r *runtimeService) createContainerOrPodSandbox(systemContext *types.System
|
||||||
}
|
}
|
||||||
img, err = istorage.Transport.GetStoreImage(r.image.GetStore(), ref)
|
img, err = istorage.Transport.GetStoreImage(r.image.GetStore(), ref)
|
||||||
}
|
}
|
||||||
if err != nil && err != storage.ErrImageUnknown {
|
if img == nil && err == storage.ErrImageUnknown && imageName == r.pauseImage {
|
||||||
return ContainerInfo{}, err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Pull the image down if we don't already have it.
|
|
||||||
if err == storage.ErrImageUnknown {
|
|
||||||
image := imageID
|
image := imageID
|
||||||
if imageName != "" {
|
if imageName != "" {
|
||||||
image = imageName
|
image = imageName
|
||||||
|
@ -200,6 +197,15 @@ func (r *runtimeService) createContainerOrPodSandbox(systemContext *types.System
|
||||||
}
|
}
|
||||||
logrus.Debugf("successfully pulled image %q", image)
|
logrus.Debugf("successfully pulled image %q", image)
|
||||||
}
|
}
|
||||||
|
if img == nil && err == storage.ErrImageUnknown {
|
||||||
|
if imageID == "" {
|
||||||
|
return ContainerInfo{}, fmt.Errorf("image %q not present in image store", imageName)
|
||||||
|
}
|
||||||
|
if imageName == "" {
|
||||||
|
return ContainerInfo{}, fmt.Errorf("image with ID %q not present in image store", imageID)
|
||||||
|
}
|
||||||
|
return ContainerInfo{}, fmt.Errorf("image %q with ID %q not present in image store", imageName, imageID)
|
||||||
|
}
|
||||||
|
|
||||||
// Pull out a copy of the image's configuration.
|
// Pull out a copy of the image's configuration.
|
||||||
image, err := ref.NewImage(systemContext)
|
image, err := ref.NewImage(systemContext)
|
||||||
|
@ -449,8 +455,9 @@ func (r *runtimeService) GetRunDir(id string) (string, error) {
|
||||||
// GetRuntimeService returns a RuntimeServer that uses the passed-in image
|
// GetRuntimeService returns a RuntimeServer that uses the passed-in image
|
||||||
// service to pull and manage images, and its store to manage containers based
|
// service to pull and manage images, and its store to manage containers based
|
||||||
// on those images.
|
// on those images.
|
||||||
func GetRuntimeService(image ImageServer) RuntimeServer {
|
func GetRuntimeService(image ImageServer, pauseImage string) RuntimeServer {
|
||||||
return &runtimeService{
|
return &runtimeService{
|
||||||
image: image,
|
image: image,
|
||||||
|
pauseImage: pauseImage,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -465,7 +465,7 @@ func New(config *Config) (*Server, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
storageRuntimeService := storage.GetRuntimeService(imageService)
|
storageRuntimeService := storage.GetRuntimeService(imageService, config.PauseImage)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -134,6 +134,11 @@ function start_ocid() {
|
||||||
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNC_BINARY" --root "$TESTDIR/ocid" --runroot "$TESTDIR/ocid-run" --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json config >$OCID_CONFIG
|
"$OCID_BINARY" --conmon "$CONMON_BINARY" --listen "$OCID_SOCKET" --runtime "$RUNC_BINARY" --root "$TESTDIR/ocid" --runroot "$TESTDIR/ocid-run" --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$OCID_CNI_CONFIG" --signature-policy "$INTEGRATION_ROOT"/policy.json config >$OCID_CONFIG
|
||||||
"$OCID_BINARY" --debug --config "$OCID_CONFIG" & OCID_PID=$!
|
"$OCID_BINARY" --debug --config "$OCID_CONFIG" & OCID_PID=$!
|
||||||
wait_until_reachable
|
wait_until_reachable
|
||||||
|
|
||||||
|
run ocic image status --id=redis
|
||||||
|
if [ "$status" -ne 0 ] ; then
|
||||||
|
ocic image pull docker://redis:latest
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function cleanup_ctrs() {
|
function cleanup_ctrs() {
|
||||||
|
|
Loading…
Reference in a new issue