diff --git a/cmd/crio/config.go b/cmd/crio/config.go index 840882d7..5d61a02e 100644 --- a/cmd/crio/config.go +++ b/cmd/crio/config.go @@ -120,6 +120,10 @@ pause_command = "{{ .PauseCommand }}" # unspecified so that the default system-wide policy will be used. signature_policy = "{{ .SignaturePolicyPath }}" +# image_volumes controls how image volumes are handled. +# The valid values are mkdir and ignore. +image_volumes = "{{ .ImageVolumes }}" + # insecure_registries is used to skip TLS verification when pulling images. insecure_registries = [ {{ range $opt := .InsecureRegistries }}{{ printf "\t%q,\n" $opt }}{{ end }}] diff --git a/cmd/crio/main.go b/cmd/crio/main.go index 044cbcd6..4f2460c0 100644 --- a/cmd/crio/main.go +++ b/cmd/crio/main.go @@ -22,6 +22,17 @@ import ( const crioConfigPath = "/etc/crio/crio.conf" +func validateConfig(config *server.Config) error { + switch config.ImageVolumes { + case server.ImageVolumesMkdir: + case server.ImageVolumesIgnore: + default: + return fmt.Errorf("Unrecognized image volume type specified") + + } + return nil +} + func mergeConfig(config *server.Config, ctx *cli.Context) error { // Don't parse the config if the user explicitly set it to "". if path := ctx.GlobalString("config"); path != "" { @@ -98,6 +109,9 @@ func mergeConfig(config *server.Config, ctx *cli.Context) error { if ctx.GlobalIsSet("cni-plugin-dir") { config.PluginDir = ctx.GlobalString("cni-plugin-dir") } + if ctx.GlobalIsSet("image-volumes") { + config.ImageVolumes = server.ImageVolumesType(ctx.GlobalString("image-volumes")) + } return nil } @@ -233,6 +247,11 @@ func main() { Name: "cni-plugin-dir", Usage: "CNI plugin binaries directory", }, + cli.StringFlag{ + Name: "image-volumes", + Value: string(server.ImageVolumesMkdir), + Usage: "image volume handling ('mkdir' or 'ignore')", + }, cli.BoolFlag{ Name: "profile", Usage: "enable pprof remote profiler on localhost:6060", @@ -253,6 +272,10 @@ func main() { return err } + if err := validateConfig(config); err != nil { + return err + } + cf := &logrus.TextFormatter{ TimestampFormat: "2006-01-02 15:04:05.000000000Z07:00", FullTimestamp: true, diff --git a/server/config.go b/server/config.go index 32a9a2a3..081dacdd 100644 --- a/server/config.go +++ b/server/config.go @@ -33,6 +33,16 @@ type Config struct { NetworkConfig } +// ImageVolumesType describes image volume handling strategies +type ImageVolumesType string + +const ( + // ImageVolumesMkdir option is for using mkdir to handle image volumes + ImageVolumesMkdir ImageVolumesType = "mkdir" + // ImageVolumesIgnore option is for ignoring image volumes altogether + ImageVolumesIgnore ImageVolumesType = "ignore" +) + // This structure is necessary to fake the TOML tables when parsing, // while also not requiring a bunch of layered structs for no good // reason. @@ -145,6 +155,8 @@ type ImageConfig struct { // InsecureRegistries is a list of registries that must be contacted w/o // TLS verification. InsecureRegistries []string `toml:"insecure_registries"` + // ImageVolumes controls how volumes specified in image config are handled + ImageVolumes ImageVolumesType `toml:"image_volumes"` } // NetworkConfig represents the "crio.network" TOML config table @@ -255,6 +267,7 @@ func DefaultConfig() *Config { PauseImage: pauseImage, PauseCommand: pauseCommand, SignaturePolicyPath: "", + ImageVolumes: ImageVolumesMkdir, }, NetworkConfig: NetworkConfig{ NetworkDir: cniConfigDir,