diff --git a/containerd.spec b/containerd.spec index d4d90bad475f854209f02f0dd04f793aefd07a63..d4b3dcdc46a9fc55b68e8e242f906aef996d537a 100644 --- a/containerd.spec +++ b/containerd.spec @@ -2,7 +2,7 @@ %global debug_package %{nil} Version: 1.6.22 Name: containerd -Release: 22 +Release: 23 Summary: An industry-standard container runtime License: ASL 2.0 URL: https://containerd.io @@ -68,6 +68,12 @@ install -D -p -m 0644 %{S:7} %{buildroot}%{_sysconfdir}/containerd/config.toml %exclude %{_bindir}/containerd-stress %changelog +* Mon Sep 22 2025 dongyuzhen - 1.6.22-23 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:fix patch error + * Thu Aug 28 2025 Yu Peng - 1.6.22-22 - Type:bugfix - ID:NA diff --git a/git-commit b/git-commit index cd8ad28e58be27e63dd290b10ee5e9033f4ebd5d..dba6168f11384a43bd72c67836587277c245c380 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -ce9edd5049a834b799e3f343f42e4e4fa89adc9d +d2c431a196e52330a83118f4cc28f8d6fb6d9a22 diff --git a/patch/0044-containerd-remove-limitnofile-from-containerd-service.patch b/patch/0044-containerd-remove-limitnofile-from-containerd-service.patch index 4c6903370532e39fc4f6fae766a5d0f2d872c7b6..87db97c2740853db84e33af325d7724e5aa66100 100644 --- a/patch/0044-containerd-remove-limitnofile-from-containerd-service.patch +++ b/patch/0044-containerd-remove-limitnofile-from-containerd-service.patch @@ -1,43 +1,35 @@ -From bd9e577c267b8bad4537203c85a7d24c3a3d4555 Mon Sep 17 00:00:00 2001 -From: Chenyang Yan -Date: Sat, 9 Aug 2025 14:57:40 +0800 -Subject: [PATCH] Fix ctr snapshot mount produce invalid mount command for - empty option - -snapshotter.Mounts() maybe get empty Options for different snapshot service. - -Empty Options will produce invalid mount command from printMounts: - -Origin: https://github.com/containerd/containerd/commit/bd9e577c267b8bad4537203c85a7d24c3a3d4555 -``` -$ ctr -n flintlock snapshot --snapshotter devmapper mount /mnt flintlock/flintlock/demo-2/01K24ZRN9EFAVQVNGXQS26BYVG/root -mount -t ext4 /dev/mapper/fc-dev-thinpool-snap-19 /mnt -o -$ cmd=$(ctr -n flintlock snapshot --snapshotter devmapper mount /mnt flintlock/flintlock/demo-2/01K24ZRN9EFAVQVNGXQS26BYVG/root) -$ $cmd -mount: option requires an argument -- 'o' -Try 'mount --help' for more information. -``` - -Signed-off-by: Chenyang Yan ---- - cmd/ctr/commands/snapshots/snapshots.go | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/cmd/ctr/commands/snapshots/snapshots.go b/cmd/ctr/commands/snapshots/snapshots.go -index 3ae1491cd..623e700a4 100644 ---- a/cmd/ctr/commands/snapshots/snapshots.go -+++ b/cmd/ctr/commands/snapshots/snapshots.go -@@ -639,6 +640,10 @@ - func printMounts(target string, mounts []mount.Mount) { - // FIXME: This is specific to Unix - for _, m := range mounts { -- fmt.Printf("mount -t %s %s %s -o %s\n", m.Type, m.Source, target, strings.Join(m.Options, ",")) -+ var opt string -+ if len(m.Options) > 0 { -+ opt = fmt.Sprintf(" -o %s", strings.Join(m.Options, ",")) -+ } -+ fmt.Printf("mount -t %s %s %s%s\n", m.Type, m.Source, target, opt) - } - } +commit 3ca39ef01608fdd44245c0173bf071682b3bfe3c +Author: Brennan Kinney <5098581+polarathene@users.noreply.github.com> +Date: Mon Aug 7 12:47:16 2023 +1200 + fix: Remove `LimitNOFILE` from `containerd.service` + + + + Remove `LimitNOFILE` from `containerd.service` to rely on the systemd v240 implicit default of `1024:524288`. On supported platforms with systemd prior to v240, packagers will patch the service with an explicit `LimitNOFILE=1024:524288`. + + - `1024` soft limit is an implicit default, avoiding unexpected breakage. Software that needs a higher limit should request to raise the soft limit for its process. + - `524288` hard limit is an implicit default since systemd v240 and is adequate for most processes (_half of the historical limit from `fs.nr_open` of `1048576`_), while 4096 is the implicit default from the kernel (often too low). + - The hard limit may not exceed `fs.nr_open` (_which a value of `infinity` will resolve to_). On most systems with systemd v240 or newer, this will resolve to an excessive size of 2^30 (over 1 billion). + - When set to `infinity` (usually as the soft limit) software may experience significantly increased resource usage, resulting in a performance regression or runtime failures that are difficult to troubleshoot. + + Signed-off-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com> +diff --git a/containerd.service b/containerd.service +index 38a345945..cf7c6efed 100644 +--- a/containerd.service ++++ b/containerd.service +@@ -28,11 +28,12 @@ Delegate=yes + KillMode=process + Restart=always + RestartSec=5 ++ + # Having non-zero Limit*s causes performance problems due to accounting overhead + # in the kernel. We recommend using cgroups to do container-local accounting. + LimitNPROC=infinity + LimitCORE=infinity +-LimitNOFILE=infinity ++ + # Comment TasksMax if your systemd version does not supports it. + # Only systemd 226 and above support this version. + TasksMax=infinity diff --git a/patch/0045-containerd-Fix-ctr-snapshot-mount-produce-invalid-mount-command.patch b/patch/0045-containerd-Fix-ctr-snapshot-mount-produce-invalid-mount-command.patch new file mode 100644 index 0000000000000000000000000000000000000000..4c6903370532e39fc4f6fae766a5d0f2d872c7b6 --- /dev/null +++ b/patch/0045-containerd-Fix-ctr-snapshot-mount-produce-invalid-mount-command.patch @@ -0,0 +1,43 @@ +From bd9e577c267b8bad4537203c85a7d24c3a3d4555 Mon Sep 17 00:00:00 2001 +From: Chenyang Yan +Date: Sat, 9 Aug 2025 14:57:40 +0800 +Subject: [PATCH] Fix ctr snapshot mount produce invalid mount command for + empty option + +snapshotter.Mounts() maybe get empty Options for different snapshot service. + +Empty Options will produce invalid mount command from printMounts: + +Origin: https://github.com/containerd/containerd/commit/bd9e577c267b8bad4537203c85a7d24c3a3d4555 +``` +$ ctr -n flintlock snapshot --snapshotter devmapper mount /mnt flintlock/flintlock/demo-2/01K24ZRN9EFAVQVNGXQS26BYVG/root +mount -t ext4 /dev/mapper/fc-dev-thinpool-snap-19 /mnt -o +$ cmd=$(ctr -n flintlock snapshot --snapshotter devmapper mount /mnt flintlock/flintlock/demo-2/01K24ZRN9EFAVQVNGXQS26BYVG/root) +$ $cmd +mount: option requires an argument -- 'o' +Try 'mount --help' for more information. +``` + +Signed-off-by: Chenyang Yan +--- + cmd/ctr/commands/snapshots/snapshots.go | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/cmd/ctr/commands/snapshots/snapshots.go b/cmd/ctr/commands/snapshots/snapshots.go +index 3ae1491cd..623e700a4 100644 +--- a/cmd/ctr/commands/snapshots/snapshots.go ++++ b/cmd/ctr/commands/snapshots/snapshots.go +@@ -639,6 +640,10 @@ + func printMounts(target string, mounts []mount.Mount) { + // FIXME: This is specific to Unix + for _, m := range mounts { +- fmt.Printf("mount -t %s %s %s -o %s\n", m.Type, m.Source, target, strings.Join(m.Options, ",")) ++ var opt string ++ if len(m.Options) > 0 { ++ opt = fmt.Sprintf(" -o %s", strings.Join(m.Options, ",")) ++ } ++ fmt.Printf("mount -t %s %s %s%s\n", m.Type, m.Source, target, opt) + } + } + + diff --git a/series.conf b/series.conf index 8f8f8f7a8a5793dfec4b8920ddc2b454da401533..a86dc0e5fe820fa492cf527238eaebb44e5d4c50 100644 --- a/series.conf +++ b/series.conf @@ -41,3 +41,4 @@ patch/0041-containerd-execute-delayKill-when-fd-is-exhausted.patch patch/0042-containerd-delete-task-asynchronously-to-avoid-conta.patch patch/0043-containerd-fix-dead-loop.patch patch/0044-containerd-remove-limitnofile-from-containerd-service.patch +patch/0045-containerd-Fix-ctr-snapshot-mount-produce-invalid-mount-command.patch