Package: guix-patches;
Reported by: Oleg Pykhalov <go.wigust <at> gmail.com>
Date: Sun, 2 Jun 2024 13:06:02 UTC
Severity: normal
Tags: patch
Done: Oleg Pykhalov <go.wigust <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 71324 in the body.
You can then email your comments to 71324 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
pelzflorian <at> pelzflorian.de, julien <at> lepiller.eu, guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Sun, 02 Jun 2024 13:06:02 GMT) Full text and rfc822 format available.Oleg Pykhalov <go.wigust <at> gmail.com>:pelzflorian <at> pelzflorian.de, julien <at> lepiller.eu, guix-patches <at> gnu.org.
(Sun, 02 Jun 2024 13:06:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: guix-patches <at> gnu.org Cc: Oleg Pykhalov <go.wigust <at> gmail.com> Subject: [PATCH] services: containerd: Provision separately from docker service. Date: Sun, 2 Jun 2024 16:04:17 +0300
containerd can now operate autonomously, decoupled from docker. While docker serves as a control interface for containerd, alternative controllers like nerdctl or kubelet offer viable options for managing containerization processes. Oleg Pykhalov (2): services: containerd: Provision separately from docker service. news: Add entry for ‘docker-service-type’ changes. doc/guix.texi | 39 ++++++++++++++++++++++- etc/news.scm | 17 +++++++++++ gnu/services/docker.scm | 68 ++++++++++++++++++++++++++++------------- gnu/tests/docker.scm | 46 +++++++++++++++++++++++++++- 4 files changed, 147 insertions(+), 23 deletions(-) base-commit: 6f72ad465c1e2df965e8d73b209497b4ef456527 -- 2.41.0
pelzflorian <at> pelzflorian.de, ludo <at> gnu.org, matt <at> excalamus.com, maxim.cournoyer <at> gmail.com, guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Sun, 02 Jun 2024 13:18:02 GMT) Full text and rfc822 format available.Message #8 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: 71324 <at> debbugs.gnu.org Cc: Oleg Pykhalov <go.wigust <at> gmail.com> Subject: [PATCH] services: containerd: Provision separately from docker service. Date: Sun, 2 Jun 2024 16:15:11 +0300
containerd can operate independently without relying on Docker for its
configuration.
* gnu/services/docker.scm (docker-configuration): Deprecate containerd field.
(containerd-configuration, containerd-service-type): New variables.
(docker-shepherd-service): Use containerd-configuration. Delete duplicated
variable binding. Allow to configure environment variables.
(docker-service-type): Delete extension with containerd-service-type.
* gnu/tests/docker.scm (%docker-os, %oci-os): Add containerd service.
(run-docker-test, run-docker-system-test, run-oci-container-test): Run
containerd service.
Change-Id: Ife0924e50a3e0aa2302d6592dae51ed894600004
---
doc/guix.texi | 39 ++++++++++++++++++++++-
gnu/services/docker.scm | 68 ++++++++++++++++++++++++++++-------------
gnu/tests/docker.scm | 46 +++++++++++++++++++++++++++-
3 files changed, 130 insertions(+), 23 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c1ff049f03..d210a04d3a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -40465,6 +40465,43 @@ Miscellaneous Services
The @code{(gnu services docker)} module provides the following services.
+@cindex containerd, container runtime
+@defvar containerd-service-type
+
+This service type operates containerd
+@url{https://containerd.io,containerd}, a daemon responsible for
+overseeing the entire container lifecycle on its host system. This
+includes image handling, storage management, container execution,
+supervision, low-level storage operations, network connections, and
+more.
+
+@end defvar
+
+@deftp {Data Type} containerd-configuration
+This is the data type representing the configuration of containerd.
+
+@table @asis
+
+@item @code{containerd} (default: @code{containerd})
+The containerd daemon package to use.
+
+@item @code{debug?} (default @code{#f})
+Enable or disable debug output.
+
+@item @code{environment-variables} (default: @code{'()})
+List of environment variables to set for @command{containerd}.
+
+This must be a list of strings where each string has the form
+@samp{@var{key}=@var{value}} as in this example:
+
+@lisp
+(list "HTTP_PROXY=socks5://127.0.0.1:9150"
+ "HTTPS_PROXY=socks5://127.0.0.1:9150")
+@end lisp
+
+@end table
+@end deftp
+
@defvar docker-service-type
This is the type of the service that runs @url{https://www.docker.com,Docker},
@@ -40485,7 +40522,7 @@ Miscellaneous Services
The Docker client package to use.
@item @code{containerd} (default: @var{containerd})
-The Containerd package to use.
+This field is deprecated in favor of @code{containerd-service-type} service.
@item @code{proxy} (default @var{docker-libnetwork-cmd-proxy})
The Docker user-land networking proxy package to use.
diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 7aff8dcc5f..a5375d1ccc 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -49,7 +49,9 @@ (define-module (gnu services docker)
#:use-module (ice-9 format)
#:use-module (ice-9 match)
- #:export (docker-configuration
+ #:export (containerd-configuration
+ containerd-service-type
+ docker-configuration
docker-service-type
singularity-service-type
oci-image
@@ -95,7 +97,7 @@ (define-configuration docker-configuration
"Docker client package.")
(containerd
(file-like containerd)
- "containerd package.")
+ "Deprecated. Do not use.")
(proxy
(file-like docker-libnetwork-cmd-proxy)
"The proxy package to support inter-container and outside-container
@@ -117,6 +119,18 @@ (define-configuration docker-configuration
"JSON configuration file to pass to dockerd")
(no-serialization))
+(define-configuration containerd-configuration
+ (containerd
+ (file-like containerd)
+ "containerd package.")
+ (debug?
+ (boolean #f)
+ "Enable or disable debug output.")
+ (environment-variables
+ (list '())
+ "Environment variables to set for containerd.")
+ (no-serialization))
+
(define %docker-accounts
(list (user-group (name "docker") (system? #t))))
@@ -134,24 +148,37 @@ (define (%docker-activation config)
(mkdir-p #$state-dir))))
(define (containerd-shepherd-service config)
- (let* ((package (docker-configuration-containerd config))
- (debug? (docker-configuration-debug? config))
- (containerd (docker-configuration-containerd config)))
+ (match-record config <containerd-configuration>
+ (containerd debug? environment-variables)
(shepherd-service
- (documentation "containerd daemon.")
- (provision '(containerd))
- (start #~(make-forkexec-constructor
- (list (string-append #$package "/bin/containerd")
- #$@(if debug?
- '("--log-level=debug")
- '()))
- ;; For finding containerd-shim binary.
- #:environment-variables
- (list (string-append "PATH=" #$containerd "/bin"))
- #:pid-file "/run/containerd/containerd.pid"
- #:pid-file-timeout 300
- #:log-file "/var/log/containerd.log"))
- (stop #~(make-kill-destructor)))))
+ (documentation "containerd daemon.")
+ (provision '(containerd))
+ (start #~(make-forkexec-constructor
+ (list (string-append #$containerd "/bin/containerd")
+ #$@(if debug?
+ '("--log-level=debug")
+ '()))
+ ;; For finding containerd-shim binary.
+ #:environment-variables
+ (list #$@environment-variables
+ (string-append "PATH=" #$containerd "/bin"))
+ #:pid-file "/run/containerd/containerd.pid"
+ #:pid-file-timeout 300
+ #:log-file "/var/log/containerd.log"))
+ (stop #~(make-kill-destructor)))))
+
+(define containerd-service-type
+ (service-type (name 'containerd)
+ (description "Run containerd container runtime.")
+ (extensions
+ (list
+ ;; Make sure the 'ctr' command is available.
+ (service-extension profile-service-type
+ (compose list containerd-configuration-containerd))
+ (service-extension shepherd-root-service-type
+ (lambda (config)
+ (list (containerd-shepherd-service config))))))
+ (default-value (containerd-configuration))))
(define (docker-shepherd-service config)
(let* ((docker (docker-configuration-docker config))
@@ -208,8 +235,7 @@ (define docker-service-type
%docker-activation)
(service-extension shepherd-root-service-type
(lambda (config)
- (list (containerd-shepherd-service config)
- (docker-shepherd-service config))))
+ (list (docker-shepherd-service config))))
(service-extension account-service-type
(const %docker-accounts))))
(default-value (docker-configuration))))
diff --git a/gnu/tests/docker.scm b/gnu/tests/docker.scm
index d550136b4a..46c886580c 100644
--- a/gnu/tests/docker.scm
+++ b/gnu/tests/docker.scm
@@ -54,6 +54,7 @@ (define %docker-os
(service dbus-root-service-type)
(service polkit-service-type)
(service elogind-service-type)
+ (service containerd-service-type)
(service docker-service-type)))
(define (run-docker-test docker-tarball)
@@ -88,7 +89,21 @@ (define (run-docker-test docker-tarball)
(test-runner-current (system-test-runner #$output))
(test-begin "docker")
- (test-assert "service running"
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
+ (test-assert "dockerd service running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
@@ -234,6 +249,20 @@ (define (run-docker-system-test tarball)
(test-runner-current (system-test-runner #$output))
(test-begin "docker")
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
(test-assert "service running"
(marionette-eval
'(begin
@@ -327,6 +356,7 @@ (define %oci-os
(service dbus-root-service-type)
(service polkit-service-type)
(service elogind-service-type)
+ (service containerd-service-type)
(service docker-service-type)
(extra-special-file "/shared.txt"
(plain-file "shared.txt" "hello"))
@@ -384,6 +414,20 @@ (define (run-oci-container-test)
(test-runner-current (system-test-runner #$output))
(test-begin "oci-container")
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
(test-assert "dockerd running"
(marionette-eval
'(begin
--
2.41.0
pelzflorian <at> pelzflorian.de, julien <at> lepiller.eu, guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Sun, 02 Jun 2024 13:20:02 GMT) Full text and rfc822 format available.Message #11 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: 71324 <at> debbugs.gnu.org Cc: Oleg Pykhalov <go.wigust <at> gmail.com> Subject: [PATCH] news: Add entry for 'docker-service-type' changes. Date: Sun, 2 Jun 2024 16:17:51 +0300
* etc/news.scm: Add entry.
Change-Id: I98d562d8b435b697b7c6529c5e788b5e2db9fa2a
---
etc/news.scm | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/etc/news.scm b/etc/news.scm
index a511b7ffbc..3c11121161 100644
--- a/etc/news.scm
+++ b/etc/news.scm
@@ -31,6 +31,23 @@
(channel-news
(version 0)
+ (entry (commit "ba9339f59fec1cd49c8d4e9f26834883f5c1aaed")
+ (title
+ (en "The containerd service is separated from @code{docker-service-type}")
+ (ru "Сервис containerd отделен от @code{docker-service-type}"))
+ (body
+ (en "containerd service has been decoupled from the
+@code{docker-service-type}. Moving forward, users are required to specify
+containerd settings manually for their configurations.
+
+Run @command{info \"(guix) Miscellaneous Services\"} for more info.")
+ (ru "Сервис containerd был отделен от @code{docker-service-type}.
+Впредь пользователям потребуется указывать параметры containerd вручную для
+своих конфигураций.
+
+Смотрите @command{info \"(guix) Miscellaneous Services\"} для получения более
+детальных сведений.")))
+
(entry (commit "8d1d98a3aa3448b9d983e4bd64243a938b96e8ab")
(title
(en "@command{guix git authenticate} usage simplified")
--
2.41.0
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Mon, 03 Jun 2024 09:31:01 GMT) Full text and rfc822 format available.Message #14 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de> To: Oleg Pykhalov <go.wigust <at> gmail.com> Cc: Julien Lepiller <julien <at> lepiller.eu>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Mon, 03 Jun 2024 11:30:01 +0200
Thank you for the containerd service, Oleg.
The main patch’s commit message should contain that you changed
doc/guix.texi.
It is not clear to me, in the English news, when you write “Moving
forward, users are required to specify containerd settings manually for
their configurations”, do you really mean that only users *with manual
configurations* are required to specify containerd settings
*separately*?
Could you add this German translation:
Oleg Pykhalov <go.wigust <at> gmail.com> writes:
> + (entry (commit "ba9339f59fec1cd49c8d4e9f26834883f5c1aaed")
> + (title
> + (en "The containerd service is separated from
> @code{docker-service-type}")
(de "containerd wurde ein eigener Dienst losgelöst von @code{docker-service-type}")
> + (ru "Сервис containerd отделен от @code{docker-service-type}"))
> + (body
> + (en "containerd service has been decoupled from the
> +@code{docker-service-type}. Moving forward, users are required to specify
> +containerd settings manually for their configurations.
> +
> +Run @command{info \"(guix) Miscellaneous Services\"} for more info.")
(de "Es gibt einen eigenen containerd-Dienst losgelöst von
@code{docker-service-type}. In Zukunft müssen Nutzer dort manuelle
Einstellungen für containerd vornehmen.
Siehe @command{info \"(guix.de) Verschiedene Dienste\"} für genauere
Informationen.")
> + (ru "Сервис containerd был отделен от @code{docker-service-type}.
> +Впредь пользователям потребуется указывать параметры containerd вручную для
> +своих конфигураций.
> +
> +Смотрите @command{info \"(guix) Miscellaneous Services\"} для получения более
> +детальных сведений.")))
I presume you should direct Russian readers to
@command{info \"(guix.ru) Разнообразные службы\"}
Regards,
Florian
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Mon, 03 Jun 2024 14:49:01 GMT) Full text and rfc822 format available.Message #17 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de> Cc: Julien Lepiller <julien <at> lepiller.eu>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Mon, 03 Jun 2024 17:47:32 +0300
[Message part 1 (text/plain, inline)]
Hello Florian,
Thank you for the review.
"pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de> writes:
> The main patch’s commit message should contain that you changed
> doc/guix.texi.
Ouch, missed it, thank you.
> It is not clear to me, in the English news, when you write “Moving
> forward, users are required to specify containerd settings manually for
> their configurations”, do you really mean that only users *with manual
> configurations* are required to specify containerd settings
> *separately*?
Every docker-service-type user will need to add containerd-service-type
to their system configurations, otherwise a message about not any
service provides containerd will be displayed during reconfigure.
> Could you add this German translation:
>
> Oleg Pykhalov <go.wigust <at> gmail.com> writes:
>> + (entry (commit "ba9339f59fec1cd49c8d4e9f26834883f5c1aaed")
>> + (title
>> + (en "The containerd service is separated from
>> @code{docker-service-type}")
>
> (de "containerd wurde ein eigener Dienst losgelöst von
> @code{docker-service-type}")
>
>> + (ru "Сервис containerd отделен от @code{docker-service-type}"))
>> + (body
>> + (en "containerd service has been decoupled from the
>> +@code{docker-service-type}. Moving forward, users are required to specify
>> +containerd settings manually for their configurations.
>> +
>> +Run @command{info \"(guix) Miscellaneous Services\"} for more info.")
>
> (de "Es gibt einen eigenen containerd-Dienst losgelöst von
> @code{docker-service-type}. In Zukunft müssen Nutzer dort manuelle
> Einstellungen für containerd vornehmen.
>
> Siehe @command{info \"(guix.de) Verschiedene Dienste\"} für genauere
> Informationen.")
Sure.
>> + (ru "Сервис containerd был отделен от @code{docker-service-type}.
>> +Впредь пользователям потребуется указывать параметры containerd вручную для
>> +своих конфигураций.
>> +
>> +Смотрите @command{info \"(guix) Miscellaneous Services\"} для получения более
>> +детальных сведений.")))
>
> I presume you should direct Russian readers to
> @command{info \"(guix.ru) Разнообразные службы\"}
Yes, it will be definitely better, thank you.
Regards,
Oleg.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Mon, 03 Jun 2024 15:41:02 GMT) Full text and rfc822 format available.Message #20 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de> To: Oleg Pykhalov <go.wigust <at> gmail.com> Cc: Julien Lepiller <julien <at> lepiller.eu>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Mon, 03 Jun 2024 17:17:02 +0200
Hello Oleg, Oleg Pykhalov <go.wigust <at> gmail.com> writes: > Every docker-service-type user will need to add containerd-service-type > to their system configurations, otherwise a message about not any > service provides containerd will be displayed during reconfigure. I understand, but only now, that *every* user must make changes. Could you add this sentence to the news *and* to doc/guix.texi? Regards, Florian
pelzflorian <at> pelzflorian.de, ludo <at> gnu.org, matt <at> excalamus.com, maxim.cournoyer <at> gmail.com, guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Mon, 03 Jun 2024 22:33:01 GMT) Full text and rfc822 format available.Message #23 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: 71324 <at> debbugs.gnu.org Cc: Oleg Pykhalov <go.wigust <at> gmail.com> Subject: [PATCH 1/2] services: containerd: Provision separately from docker service. Date: Tue, 4 Jun 2024 01:30:48 +0300
containerd can operate independently without relying on Docker for its
configuration.
* gnu/services/docker.scm (docker-configuration): Deprecate containerd field.
(containerd-configuration, containerd-service-type): New variables.
(docker-shepherd-service): Use containerd-configuration. Delete duplicated
variable binding. Allow to configure environment variables.
(docker-service-type): Delete extension with containerd-service-type.
* gnu/tests/docker.scm (%docker-os, %oci-os): Add containerd service.
(run-docker-test, run-docker-system-test, run-oci-container-test): Run
containerd service.
* doc/guix.texi (Miscellaneous Services): Document containerd-service-type.
Change-Id: Ife0924e50a3e0aa2302d6592dae51ed894600004
---
doc/guix.texi | 44 +++++++++++++++++++++++++-
gnu/services/docker.scm | 68 ++++++++++++++++++++++++++++-------------
gnu/tests/docker.scm | 46 +++++++++++++++++++++++++++-
3 files changed, 135 insertions(+), 23 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 1224104038..d2ba6784de 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -40484,12 +40484,54 @@ Miscellaneous Services
The @code{(gnu services docker)} module provides the following services.
+@cindex containerd, container runtime
+@defvar containerd-service-type
+
+This service type operates containerd
+@url{https://containerd.io,containerd}, a daemon responsible for
+overseeing the entire container lifecycle on its host system. This
+includes image handling, storage management, container execution,
+supervision, low-level storage operations, network connections, and
+more.
+
+@end defvar
+
+@deftp {Data Type} containerd-configuration
+This is the data type representing the configuration of containerd.
+
+@table @asis
+
+@item @code{containerd} (default: @code{containerd})
+The containerd daemon package to use.
+
+@item @code{debug?} (default @code{#f})
+Enable or disable debug output.
+
+@item @code{environment-variables} (default: @code{'()})
+List of environment variables to set for @command{containerd}.
+
+This must be a list of strings where each string has the form
+@samp{@var{key}=@var{value}} as in this example:
+
+@lisp
+(list "HTTP_PROXY=socks5://127.0.0.1:9150"
+ "HTTPS_PROXY=socks5://127.0.0.1:9150")
+@end lisp
+
+@end table
+@end deftp
+
@defvar docker-service-type
This is the type of the service that runs @url{https://www.docker.com,Docker},
a daemon that can execute application bundles (sometimes referred to as
``containers'') in isolated environments.
+The @code{containerd-service-type} service need to be added to a system
+configuration, otherwise a message about not any service provides
+@code{containerd} will be displayed during @code{guix system
+reconfigure}.
+
@end defvar
@deftp {Data Type} docker-configuration
@@ -40504,7 +40546,7 @@ Miscellaneous Services
The Docker client package to use.
@item @code{containerd} (default: @var{containerd})
-The Containerd package to use.
+This field is deprecated in favor of @code{containerd-service-type} service.
@item @code{proxy} (default @var{docker-libnetwork-cmd-proxy})
The Docker user-land networking proxy package to use.
diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm
index 7aff8dcc5f..a5375d1ccc 100644
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@@ -49,7 +49,9 @@ (define-module (gnu services docker)
#:use-module (ice-9 format)
#:use-module (ice-9 match)
- #:export (docker-configuration
+ #:export (containerd-configuration
+ containerd-service-type
+ docker-configuration
docker-service-type
singularity-service-type
oci-image
@@ -95,7 +97,7 @@ (define-configuration docker-configuration
"Docker client package.")
(containerd
(file-like containerd)
- "containerd package.")
+ "Deprecated. Do not use.")
(proxy
(file-like docker-libnetwork-cmd-proxy)
"The proxy package to support inter-container and outside-container
@@ -117,6 +119,18 @@ (define-configuration docker-configuration
"JSON configuration file to pass to dockerd")
(no-serialization))
+(define-configuration containerd-configuration
+ (containerd
+ (file-like containerd)
+ "containerd package.")
+ (debug?
+ (boolean #f)
+ "Enable or disable debug output.")
+ (environment-variables
+ (list '())
+ "Environment variables to set for containerd.")
+ (no-serialization))
+
(define %docker-accounts
(list (user-group (name "docker") (system? #t))))
@@ -134,24 +148,37 @@ (define (%docker-activation config)
(mkdir-p #$state-dir))))
(define (containerd-shepherd-service config)
- (let* ((package (docker-configuration-containerd config))
- (debug? (docker-configuration-debug? config))
- (containerd (docker-configuration-containerd config)))
+ (match-record config <containerd-configuration>
+ (containerd debug? environment-variables)
(shepherd-service
- (documentation "containerd daemon.")
- (provision '(containerd))
- (start #~(make-forkexec-constructor
- (list (string-append #$package "/bin/containerd")
- #$@(if debug?
- '("--log-level=debug")
- '()))
- ;; For finding containerd-shim binary.
- #:environment-variables
- (list (string-append "PATH=" #$containerd "/bin"))
- #:pid-file "/run/containerd/containerd.pid"
- #:pid-file-timeout 300
- #:log-file "/var/log/containerd.log"))
- (stop #~(make-kill-destructor)))))
+ (documentation "containerd daemon.")
+ (provision '(containerd))
+ (start #~(make-forkexec-constructor
+ (list (string-append #$containerd "/bin/containerd")
+ #$@(if debug?
+ '("--log-level=debug")
+ '()))
+ ;; For finding containerd-shim binary.
+ #:environment-variables
+ (list #$@environment-variables
+ (string-append "PATH=" #$containerd "/bin"))
+ #:pid-file "/run/containerd/containerd.pid"
+ #:pid-file-timeout 300
+ #:log-file "/var/log/containerd.log"))
+ (stop #~(make-kill-destructor)))))
+
+(define containerd-service-type
+ (service-type (name 'containerd)
+ (description "Run containerd container runtime.")
+ (extensions
+ (list
+ ;; Make sure the 'ctr' command is available.
+ (service-extension profile-service-type
+ (compose list containerd-configuration-containerd))
+ (service-extension shepherd-root-service-type
+ (lambda (config)
+ (list (containerd-shepherd-service config))))))
+ (default-value (containerd-configuration))))
(define (docker-shepherd-service config)
(let* ((docker (docker-configuration-docker config))
@@ -208,8 +235,7 @@ (define docker-service-type
%docker-activation)
(service-extension shepherd-root-service-type
(lambda (config)
- (list (containerd-shepherd-service config)
- (docker-shepherd-service config))))
+ (list (docker-shepherd-service config))))
(service-extension account-service-type
(const %docker-accounts))))
(default-value (docker-configuration))))
diff --git a/gnu/tests/docker.scm b/gnu/tests/docker.scm
index d550136b4a..46c886580c 100644
--- a/gnu/tests/docker.scm
+++ b/gnu/tests/docker.scm
@@ -54,6 +54,7 @@ (define %docker-os
(service dbus-root-service-type)
(service polkit-service-type)
(service elogind-service-type)
+ (service containerd-service-type)
(service docker-service-type)))
(define (run-docker-test docker-tarball)
@@ -88,7 +89,21 @@ (define (run-docker-test docker-tarball)
(test-runner-current (system-test-runner #$output))
(test-begin "docker")
- (test-assert "service running"
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
+ (test-assert "dockerd service running"
(marionette-eval
'(begin
(use-modules (gnu services herd))
@@ -234,6 +249,20 @@ (define (run-docker-system-test tarball)
(test-runner-current (system-test-runner #$output))
(test-begin "docker")
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
(test-assert "service running"
(marionette-eval
'(begin
@@ -327,6 +356,7 @@ (define %oci-os
(service dbus-root-service-type)
(service polkit-service-type)
(service elogind-service-type)
+ (service containerd-service-type)
(service docker-service-type)
(extra-special-file "/shared.txt"
(plain-file "shared.txt" "hello"))
@@ -384,6 +414,20 @@ (define (run-oci-container-test)
(test-runner-current (system-test-runner #$output))
(test-begin "oci-container")
+ (test-assert "containerd service running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (match (start-service 'containerd)
+ (#f #f)
+ (('service response-parts ...)
+ (match (assq-ref response-parts 'running)
+ ((pid) (number? pid))))))
+ marionette))
+
+ (test-assert "containerd PID file present"
+ (wait-for-file "/run/containerd/containerd.pid" marionette))
+
(test-assert "dockerd running"
(marionette-eval
'(begin
base-commit: bc06affabcf68bbe93e9afee13bef8cc8c6336a2
--
2.41.0
pelzflorian <at> pelzflorian.de, julien <at> lepiller.eu, guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Mon, 03 Jun 2024 22:33:02 GMT) Full text and rfc822 format available.Message #26 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: 71324 <at> debbugs.gnu.org Cc: Oleg Pykhalov <go.wigust <at> gmail.com> Subject: [PATCH 2/2] news: Add entry for 'docker-service-type' changes. Date: Tue, 4 Jun 2024 01:30:49 +0300
* etc/news.scm: Add entry.
Change-Id: I98d562d8b435b697b7c6529c5e788b5e2db9fa2a
---
etc/news.scm | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/etc/news.scm b/etc/news.scm
index a511b7ffbc..29bf8a1909 100644
--- a/etc/news.scm
+++ b/etc/news.scm
@@ -31,6 +31,35 @@
(channel-news
(version 0)
+ (entry (commit "22d45fa8e5f64e42b509141c3579a0c1626a5fcf")
+ (title
+ (en "The containerd service is separated from @code{docker-service-type}")
+ (ru "Сервис containerd отделен от @code{docker-service-type}"))
+ (body
+ (en "containerd service has been decoupled from the
+@code{docker-service-type}. Moving forward, users are required to specify
+containerd settings manually for their configurations. The
+@code{containerd-service-type} service need to be added to a system
+configuration, otherwise a message about not any service provides
+@code{containerd} will be displayed during @code{guix system reconfigure}.
+
+Run @command{info \"(guix) Miscellaneous Services\"} for more info.")
+ (ru "Сервис containerd был отделен от @code{docker-service-type}.
+Впредь пользователям потребуется указывать параметры containerd вручную для
+своих конфигураций. Сервис @code{containerd-service-type} должен быть
+добавлен в конфигурацию системы, в противном случае будет отображено сообщение
+о том, что ни один сервис не предоставляет поддержку для @code{containerd} во
+время выполнения команды @code{guix system reconfigure}.
+
+Смотрите @command{info \"(guix.ru) Разнообразные службы\"} для получения более
+детальных сведений.")
+ (de "Es gibt einen eigenen containerd-Dienst losgelöst von
+@code{docker-service-type}. In Zukunft müssen Nutzer dort manuelle
+Einstellungen für containerd vornehmen.
+
+Siehe @command{info \"(guix.de) Verschiedene Dienste\"} für genauere
+Informationen.")))
+
(entry (commit "8d1d98a3aa3448b9d983e4bd64243a938b96e8ab")
(title
(en "@command{guix git authenticate} usage simplified")
--
2.41.0
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Tue, 04 Jun 2024 10:14:01 GMT) Full text and rfc822 format available.Message #29 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de> To: Oleg Pykhalov <go.wigust <at> gmail.com> Cc: Julien Lepiller <julien <at> lepiller.eu>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH 2/2] news: Add entry for 'docker-service-type' changes. Date: Tue, 04 Jun 2024 12:13:17 +0200
Thank you for making the changes. Could you similarly augment the
German translation in this way:
(de "Es gibt einen eigenen containerd-Dienst losgelöst von
@code{docker-service-type}. In Zukunft müssen Nutzer dort manuelle
Einstellungen für containerd vornehmen. Der Dienst
@code{containerd-service-type} muss zur Systemkonfiguration hinzugefügt
werden, sonst wird durch @code{guix system reconfigure} eine Meldung
gezeigt, dass kein Dienst @code{containerd} zur Verfügung stellt.
Siehe @command{info \"(guix.de) Verschiedene Dienste\"} für genauere
Informationen.")))
Regards,
Florian
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Tue, 04 Jun 2024 11:13:02 GMT) Full text and rfc822 format available.Message #32 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Carlo Zancanaro <carlo <at> zancanaro.id.au> To: Oleg Pykhalov <go.wigust <at> gmail.com> Cc: Julien Lepiller <julien <at> lepiller.eu>, "pelzflorian \(Florian Pelz\)" <pelzflorian <at> pelzflorian.de>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Tue, 04 Jun 2024 21:11:54 +1000
On Mon, Jun 03 2024, Oleg Pykhalov wrote:
> Every docker-service-type user will need to add containerd-service-type
> to their system configurations, otherwise a message about not any
> service provides containerd will be displayed during reconfigure.
Is this necessary? If I understand correctly, the docker service has a
hard dependency on containerd, so having to specify it every time is
unnecessary boilerplate. Could we add an extension for containerd that
does nothing, but which the docker service can use just to request its
inclusion? Something like:
--8<---------------cut here---------------start------------->8---
(define containerd-service-type
(service-type (name 'containerd)
(description ...)
(extensions ...)
;; Declare an extension point, so containerd can be requested
;; by other services without affecting its configuration.
(compose (const #t))
(extend (lambda (config _) config))
(default-value (containerd-configuration))))
(define docker-service-type
(service-type ...
(extensions
...
(service-extension containerd-service-type (const #t)))))
--8<---------------cut here---------------end--------------->8---
That way users could instantiate containerd themselves if they need some
particular configuration, but if not it would be pulled in automatically
by the docker service. Hopefully this would cause less of an issue for
existing configs that don't use a custom containerd (like mine).
We could even, for backwards compatibility, allow the docker service
type to pass through the containerd package from its old configuration
(while printing a warning). This could make it possible to separate
containerd from docker without breaking any existing configurations.
Carlo
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Tue, 04 Jun 2024 13:51:02 GMT) Full text and rfc822 format available.Message #35 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: Carlo Zancanaro <carlo <at> zancanaro.id.au> Cc: Julien Lepiller <julien <at> lepiller.eu>, "pelzflorian \(Florian Pelz\)" <pelzflorian <at> pelzflorian.de>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Tue, 04 Jun 2024 16:41:10 +0300
[Message part 1 (text/plain, inline)]
Hello Carlo, Thank you for your thoughtful review and valuable suggestions. Carlo Zancanaro <carlo <at> zancanaro.id.au> writes: > On Mon, Jun 03 2024, Oleg Pykhalov wrote: >> Every docker-service-type user will need to add containerd-service-type >> to their system configurations, otherwise a message about not any >> service provides containerd will be displayed during reconfigure. > > Is this necessary? If I understand correctly, the docker service has a > hard dependency on containerd, so having to specify it every time is > unnecessary boilerplate. Could we add an extension for containerd that > does nothing, but which the docker service can use just to request its > inclusion? Something like: Technically, Docker relies on a container runtime, not specifically limited to containerd. While containerd is a popular choice, there are alternative runtime options available as well. > (define containerd-service-type > (service-type (name 'containerd) > (description ...) > (extensions ...) > ;; Declare an extension point, so containerd can be requested > ;; by other services without affecting its configuration. > (compose (const #t)) > (extend (lambda (config _) config)) > (default-value (containerd-configuration)))) > > (define docker-service-type > (service-type ... > (extensions > ... > (service-extension containerd-service-type (const #t))))) > > That way users could instantiate containerd themselves if they need some > particular configuration, but if not it would be pulled in automatically > by the docker service. Hopefully this would cause less of an issue for > existing configs that don't use a custom containerd (like mine). Will this mechanism support the use of different container runtimes? > We could even, for backwards compatibility, allow the docker service > type to pass through the containerd package from its old configuration > (while printing a warning). This could make it possible to separate > containerd from docker without breaking any existing configurations. If I understand correctly, could we potentially prevent users from needing to provide the containerd-service-type and instead issue a warning that they will need to provide it in the future? I believe this would be a great solution, but I couldn't locate it while writing this patch. Regards, Oleg.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#71324; Package guix-patches.
(Tue, 04 Jun 2024 14:26:01 GMT) Full text and rfc822 format available.Message #38 received at 71324 <at> debbugs.gnu.org (full text, mbox):
From: Carlo Zancanaro <carlo <at> zancanaro.id.au> To: Oleg Pykhalov <go.wigust <at> gmail.com> Cc: Julien Lepiller <julien <at> lepiller.eu>, "pelzflorian \(Florian Pelz\)" <pelzflorian <at> pelzflorian.de>, 71324 <at> debbugs.gnu.org Subject: Re: [bug#71324] [PATCH] news: Add entry for 'docker-service-type' changes. Date: Wed, 05 Jun 2024 00:22:09 +1000
HI Oleg, On Tue, Jun 04 2024, Oleg Pykhalov wrote: > Technically, Docker relies on a container runtime, not specifically > limited to containerd. While containerd is a popular choice, there are > alternative runtime options available as well. Ah, okay. That complicates things if we want to support multiple options. I misunderstood the situation. > Will this mechanism support the use of different container runtimes? No, unfortunately I don't think it would. The extensions are a static property of the service type, so the request to create a containerd service can't be turned on/off based on the configuration. You could make the containerd configuration have a "do nothing" configuration by default, but then that's confusing for using containerd directly. To manage multiple container runtimes we could add additional docker service types, with names like containerd-docker-service-type. That might be a pain to maintain, depending on how many container runtimes there are. I have thought for a while now that would be nice to have a way for a service extension to return a "disregard this extension" value. This would allow us to have extensions that are turned on/off by config. Unfortunately, it doesn't seem straightforward to do given the way things are currently implemented. > If I understand correctly, could we potentially prevent users from > needing to provide the containerd-service-type and instead issue a > warning that they will need to provide it in the future? I believe this > would be a great solution, but I couldn't locate it while writing this > patch. I can't think of a way to warn the user if they haven't provided a containerd service, but to create one anyway. The only way I could think to do it would be to force them to provide an explicit configuration, so we can detect that the service was not created with the default configuration (i.e. by the docker service). That's not ideal. Carlo
Oleg Pykhalov <go.wigust <at> gmail.com>:Oleg Pykhalov <go.wigust <at> gmail.com>:Message #43 received at 71324-done <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: 71324-done <at> debbugs.gnu.org Cc: Julien Lepiller <julien <at> lepiller.eu>, Florian Pelz <pelzflorian <at> pelzflorian.de> Subject: Re: [bug#71324] [PATCH 2/2] news: Add entry for 'docker-service-type' changes. Date: Sun, 04 Aug 2024 12:57:20 +0300
[Message part 1 (text/plain, inline)]
Oleg Pykhalov <go.wigust <at> gmail.com> writes: > * etc/news.scm: Add entry. > > Change-Id: I98d562d8b435b697b7c6529c5e788b5e2db9fa2a > --- > etc/news.scm | 29 +++++++++++++++++++++++++++++ > 1 file changed, 29 insertions(+) Pushed to master as: 5e355dd413 * news: Add entry for 'docker-service-type' changes. 26638b8e81 * services: containerd: Provision separately from docker service. Regards, Oleg.
[signature.asc (application/pgp-signature, inline)]
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Sun, 01 Sep 2024 11:24:07 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.