search

confidential-containers / cloud-api-adaptor

Ability to create Kata pods using cloud provider APIs aka the peer-pods approach
Apache License 2.0
47 stars 79 forks source link

Do not pull pause image in any case #1552

Open huoqifeng opened 11 months ago

huoqifeng commented 11 months ago

nydus seems not append Device information for pause image sometimes as below:

2023/10/11 14:36:00 [adaptor/proxy]     storages:
2023/10/11 14:36:00 [adaptor/proxy]         mount_point:/run/kata-containers/23f3c16bd7118748a85f8d2405de1ba108825e56a0ac9433fb8ed5a1e2b109ad/rootfs source:pause fstype:overlay driver:image_guest_pull

Which might be nydus or containerd algorithm change, shall we don't pull pause image for all cases to avoid trouble when containerd or nydus change?

For example, when we identified the container_type is pod_sandbox in CreateContainer like below. We can always leverage pullImageInGuest as which has been embedded in guest already.

"io.katacontainers.pkg.oci.container_type": "pod_sandbox",
huoqifeng commented 11 months ago

@bpradipt @stevenhorsman @yoheiueda @snir911 idea?

stevenhorsman commented 11 months ago

@huoqifeng - I think we might have discussed this in https://github.com/confidential-containers/cloud-api-adaptor/issues/811 IIRC and it is related to a kata-agent change rather than nydus (which might also impact it though)?