Skip to content
This repository was archived by the owner on Mar 9, 2022. It is now read-only.

[WIP] adds option for setting oci hooks#496

Closed
mikebrow wants to merge 1 commit into
containerd:masterfrom
mikebrow:oci-hooks
Closed

[WIP] adds option for setting oci hooks#496
mikebrow wants to merge 1 commit into
containerd:masterfrom
mikebrow:oci-hooks

Conversation

@mikebrow
Copy link
Copy Markdown
Member

@mikebrow mikebrow commented Dec 13, 2017
edited
Loading

To address issue containerd/containerd#6645 I've started a prototype.

User must generate a json file for the hooks struct: https://github.com/opencontainers/runtime-spec/blob/master/specs-go/config.go#L114-L130

Hooks explained here: https://github.com/opencontainers/runtime-spec/blob/master/config.md#prestart

Signed-off-by: Mike Brown brownwm@us.ibm.com

@mikebrow
adds option for setting oci hooks
98c65b2 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
@k8s-ci-robot
Copy link
Copy Markdown

k8s-ci-robot commented Dec 13, 2017

@mikebrow: The following test failed, say /retest to rerun them all:

Test name Commit Details Rerun command
pull-cri-containerd-node-e2e 98c65b2 link /test pull-cri-containerd-node-e2e

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@Random-Liu
Copy link
Copy Markdown
Member

Random-Liu commented Dec 13, 2017

@mikebrow Why do we need this feature at cri-containerd level? This should be driven by CRI, right?

@mikebrow
Copy link
Copy Markdown
Member Author

mikebrow commented Dec 13, 2017

@mikebrow Why do we need this feature at cri-containerd level? This should be driven by CRI, right?

Yes, it should be driven by CRI. I put it here for prototyping only.

@lizrice
Copy link
Copy Markdown

lizrice commented Feb 23, 2018

We'd like to be able to configure prestart hooks, and this (or something like this) would give us just what we need. Our case is to hook in a security tool on prestart; our users would have the same hook configured on every node (or at least on every node where they want the tool to run), and the same hook would run for all containers.

It would be nice to be able to add the hook without a restart, but not essential.

@egernst
Copy link
Copy Markdown
Contributor

egernst commented Mar 12, 2019

@mikebrow @lizrice @Random-Liu -- I am hopeful that there's some traction/forward progress here. Any insights on how to drive this forward in containerd?

@krsna1729
Copy link
Copy Markdown

krsna1729 commented Jul 31, 2019
edited
Loading

Need this functionality to do device provisioning at prestart and poststop stage of container lifecycle. Only cri-o seems to be supporting. It would be great if containerd supports too.

@alban
Copy link
Copy Markdown

alban commented Aug 1, 2019

I mentioned this issue for discussion in a previous OCI meeting (notes, slides) and I would like to mention it at the next Kubernetes SIG Node meeting (notes).

@mikebrow mikebrow mentioned this pull request Aug 27, 2019
Closed
@mikebrow
Copy link
Copy Markdown
Member Author

mikebrow commented Aug 27, 2019

moving PR to PR #1248 as this branch has been deleted...

@mikebrow mikebrow closed this Aug 27, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

cncf-cla: yes size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@mikebrow @k8s-ci-robot @Random-Liu @lizrice @egernst @krsna1729 @alban