From 26638b8e8129aa755586d017677b4cf076bafda6 Mon Sep 17 00:00:00 2001 From: Oleg Pykhalov Date: Sun, 2 Jun 2024 09:15:54 +0300 Subject: services: containerd: Provision separately from docker service. containerd can operate independently without relying on Docker for its configuration. * gnu/services/docker.scm (docker-configuration): Deprecate containerd field. (containerd-configuration, containerd-service-type): New variables. (docker-shepherd-service): Use containerd-configuration. Delete duplicated variable binding. Allow to configure environment variables. (docker-service-type): Delete extension with containerd-service-type. * gnu/tests/docker.scm (%docker-os, %oci-os): Add containerd service. (run-docker-test, run-docker-system-test, run-oci-container-test): Run containerd service. * doc/guix.texi (Miscellaneous Services): Document containerd-service-type. Change-Id: Ife0924e50a3e0aa2302d6592dae51ed894600004 --- doc/guix.texi | 44 +++++++++++++++++++++++++++++++- gnu/services/docker.scm | 68 ++++++++++++++++++++++++++++++++++--------------- gnu/tests/docker.scm | 46 ++++++++++++++++++++++++++++++++- 3 files changed, 135 insertions(+), 23 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 41814042f5..b7eb8fd346 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -40737,12 +40737,54 @@ The following is an example @code{dicod-service-type} configuration. The @code{(gnu services docker)} module provides the following services. +@cindex containerd, container runtime +@defvar containerd-service-type + +This service type operates containerd +@url{https://containerd.io,containerd}, a daemon responsible for +overseeing the entire container lifecycle on its host system. This +includes image handling, storage management, container execution, +supervision, low-level storage operations, network connections, and +more. + +@end defvar + +@deftp {Data Type} containerd-configuration +This is the data type representing the configuration of containerd. + +@table @asis + +@item @code{containerd} (default: @code{containerd}) +The containerd daemon package to use. + +@item @code{debug?} (default @code{#f}) +Enable or disable debug output. + +@item @code{environment-variables} (default: @code{'()}) +List of environment variables to set for @command{containerd}. + +This must be a list of strings where each string has the form +@samp{@var{key}=@var{value}} as in this example: + +@lisp +(list "HTTP_PROXY=socks5://127.0.0.1:9150" + "HTTPS_PROXY=socks5://127.0.0.1:9150") +@end lisp + +@end table +@end deftp + @defvar docker-service-type This is the type of the service that runs @url{https://www.docker.com,Docker}, a daemon that can execute application bundles (sometimes referred to as ``containers'') in isolated environments. +The @code{containerd-service-type} service need to be added to a system +configuration, otherwise a message about not any service provides +@code{containerd} will be displayed during @code{guix system +reconfigure}. + @end defvar @deftp {Data Type} docker-configuration @@ -40757,7 +40799,7 @@ The Docker daemon package to use. The Docker client package to use. @item @code{containerd} (default: @var{containerd}) -The Containerd package to use. +This field is deprecated in favor of @code{containerd-service-type} service. @item @code{proxy} (default @var{docker-libnetwork-cmd-proxy}) The Docker user-land networking proxy package to use. diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index 6f91c9659b..1963f3c4bd 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -49,7 +49,9 @@ #:use-module (ice-9 format) #:use-module (ice-9 match) - #:export (docker-configuration + #:export (containerd-configuration + containerd-service-type + docker-configuration docker-service-type singularity-service-type oci-image @@ -99,7 +101,7 @@ "Docker client package.") (containerd (file-like containerd) - "containerd package.") + "Deprecated. Do not use.") (proxy (file-like docker-libnetwork-cmd-proxy) "The proxy package to support inter-container and outside-container @@ -121,6 +123,18 @@ loop-back communications.") "JSON configuration file to pass to dockerd") (no-serialization)) +(define-configuration containerd-configuration + (containerd + (file-like containerd) + "containerd package.") + (debug? + (boolean #f) + "Enable or disable debug output.") + (environment-variables + (list '()) + "Environment variables to set for containerd.") + (no-serialization)) + (define %docker-accounts (list (user-group (name "docker") (system? #t)))) @@ -138,24 +152,37 @@ loop-back communications.") (mkdir-p #$state-dir)))) (define (containerd-shepherd-service config) - (let* ((package (docker-configuration-containerd config)) - (debug? (docker-configuration-debug? config)) - (containerd (docker-configuration-containerd config))) + (match-record config + (containerd debug? environment-variables) (shepherd-service - (documentation "containerd daemon.") - (provision '(containerd)) - (start #~(make-forkexec-constructor - (list (string-append #$package "/bin/containerd") - #$@(if debug? - '("--log-level=debug") - '())) - ;; For finding containerd-shim binary. - #:environment-variables - (list (string-append "PATH=" #$containerd "/bin")) - #:pid-file "/run/containerd/containerd.pid" - #:pid-file-timeout 300 - #:log-file "/var/log/containerd.log")) - (stop #~(make-kill-destructor))))) + (documentation "containerd daemon.") + (provision '(containerd)) + (start #~(make-forkexec-constructor + (list (string-append #$containerd "/bin/containerd") + #$@(if debug? + '("--log-level=debug") + '())) + ;; For finding containerd-shim binary. + #:environment-variables + (list #$@environment-variables + (string-append "PATH=" #$containerd "/bin")) + #:pid-file "/run/containerd/containerd.pid" + #:pid-file-timeout 300 + #:log-file "/var/log/containerd.log")) + (stop #~(make-kill-destructor))))) + +(define containerd-service-type + (service-type (name 'containerd) + (description "Run containerd container runtime.") + (extensions + (list + ;; Make sure the 'ctr' command is available. + (service-extension profile-service-type + (compose list containerd-configuration-containerd)) + (service-extension shepherd-root-service-type + (lambda (config) + (list (containerd-shepherd-service config)))))) + (default-value (containerd-configuration)))) (define (docker-shepherd-service config) (let* ((docker (docker-configuration-docker config)) @@ -212,8 +239,7 @@ bundles in Docker containers.") %docker-activation) (service-extension shepherd-root-service-type (lambda (config) - (list (containerd-shepherd-service config) - (docker-shepherd-service config)))) + (list (docker-shepherd-service config)))) (service-extension account-service-type (const %docker-accounts)))) (default-value (docker-configuration)))) diff --git a/gnu/tests/docker.scm b/gnu/tests/docker.scm index d550136b4a..46c886580c 100644 --- a/gnu/tests/docker.scm +++ b/gnu/tests/docker.scm @@ -54,6 +54,7 @@ (service dbus-root-service-type) (service polkit-service-type) (service elogind-service-type) + (service containerd-service-type) (service docker-service-type))) (define (run-docker-test docker-tarball) @@ -88,7 +89,21 @@ inside %DOCKER-OS." (test-runner-current (system-test-runner #$output)) (test-begin "docker") - (test-assert "service running" + (test-assert "containerd service running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (match (start-service 'containerd) + (#f #f) + (('service response-parts ...) + (match (assq-ref response-parts 'running) + ((pid) (number? pid)))))) + marionette)) + + (test-assert "containerd PID file present" + (wait-for-file "/run/containerd/containerd.pid" marionette)) + + (test-assert "dockerd service running" (marionette-eval '(begin (use-modules (gnu services herd)) @@ -234,6 +249,20 @@ inside %DOCKER-OS." (test-runner-current (system-test-runner #$output)) (test-begin "docker") + (test-assert "containerd service running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (match (start-service 'containerd) + (#f #f) + (('service response-parts ...) + (match (assq-ref response-parts 'running) + ((pid) (number? pid)))))) + marionette)) + + (test-assert "containerd PID file present" + (wait-for-file "/run/containerd/containerd.pid" marionette)) + (test-assert "service running" (marionette-eval '(begin @@ -327,6 +356,7 @@ docker-image} inside Docker.") (service dbus-root-service-type) (service polkit-service-type) (service elogind-service-type) + (service containerd-service-type) (service docker-service-type) (extra-special-file "/shared.txt" (plain-file "shared.txt" "hello")) @@ -384,6 +414,20 @@ docker-image} inside Docker.") (test-runner-current (system-test-runner #$output)) (test-begin "oci-container") + (test-assert "containerd service running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (match (start-service 'containerd) + (#f #f) + (('service response-parts ...) + (match (assq-ref response-parts 'running) + ((pid) (number? pid)))))) + marionette)) + + (test-assert "containerd PID file present" + (wait-for-file "/run/containerd/containerd.pid" marionette)) + (test-assert "dockerd running" (marionette-eval '(begin -- cgit 1.4.1