Install and start D-Bus after configuring runtime options

Signed-off-by: Kate Goldenring <[email protected]>

Author: kate-goldenring

api/v1alpha1/zz_generated.deepcopy.go

@@ -23,7 +23,7 @@ type Config struct {
 		// Options is a map of containerd runtime options for the shim plugin.
 		// See an example of the cgroup drive option here:
 		// https://github.com/containerd/containerd/blob/main/docs/cri/config.md#cgroup-driver
-		Options    map[string]string
+		Options map[string]string
 	}
 	RCM struct {
 		Path      string

cmd/node-installer/config.go

@@ -51,14 +51,10 @@ var installCmd = &cobra.Command{
 			os.Exit(1)
 		}
 
-		optionsJson := os.Getenv("RUNTIME_OPTIONS")
-		config.Runtime.Options = make(map[string]string)
-		if optionsJson != "" {
-			err := json.Unmarshal([]byte(optionsJson), &config.Runtime.Options)
-			if err != nil {
-				slog.Error("Error unmarshaling runtime options JSON", "error", err)
-				return
-			}
+		config.Runtime.Options, err = RuntimeOptions()
+		if err != nil {
+			slog.Error("failed to get runtime options", "error", err)
+			os.Exit(1)
 		}
 
 		if err := RunInstall(config, rootFs, hostFs, distro.Restarter); err != nil {
@@ -120,6 +116,14 @@ func RunInstall(config Config, rootFs, hostFs afero.Fs, restarter containerd.Res
 		return nil
 	}
 
+	// Ensure D-Bus is installed and running if using systemd
+	if containerd.UsesSystemd() {
+		err = containerd.InstallDbus()
+		if err != nil {
+			return fmt.Errorf("failed to install D-Bus: %w", err)
+		}
+	}
+
 	slog.Info("restarting containerd")
 	err = containerdConfig.RestartRuntime()
 	if err != nil {
@@ -128,3 +132,16 @@ func RunInstall(config Config, rootFs, hostFs afero.Fs, restarter containerd.Res
 
 	return nil
 }
+
+func RuntimeOptions() (map[string]string, error) {
+	runtimeOptions := make(map[string]string)
+	optionsJSON := os.Getenv("RUNTIME_OPTIONS")
+	config.Runtime.Options = make(map[string]string)
+	if optionsJSON != "" {
+		err := json.Unmarshal([]byte(optionsJSON), &runtimeOptions)
+		if err != nil {
+			return nil, fmt.Errorf("failed to unmarshal runtime options JSON %s: %w", optionsJSON, err)
+		}
+	}
+	return runtimeOptions, nil
+}

cmd/node-installer/install.go

@@ -17,7 +17,6 @@
 package main
 
 import (
-	"encoding/json"
 	"fmt"
 	"log/slog"
 	"os"
@@ -46,14 +45,10 @@ var uninstallCmd = &cobra.Command{
 
 		config.Runtime.ConfigPath = distro.ConfigPath
 
-		optionsJson := os.Getenv("RUNTIME_OPTIONS")
-		config.Runtime.Options = make(map[string]string)
-		if optionsJson != "" {
-			err := json.Unmarshal([]byte(optionsJson), &config.Runtime.Options)
-			if err != nil {
-				slog.Error("Error unmarshaling runtime options JSON", "error", err)
-				return
-			}
+		config.Runtime.Options, err = RuntimeOptions()
+		if err != nil {
+			slog.Error("failed to get runtime options", "error", err)
+			os.Exit(1)
 		}
 
 		if err := RunUninstall(config, rootFs, hostFs, distro.Restarter); err != nil {

cmd/node-installer/uninstall.go

@@ -100,7 +100,7 @@ spec:
                   type: string
                 description: |-
                   RuntimeOptions is a map of containerd runtime options for the shim plugin.
-                  Read more here: https://github.com/containerd/containerd/blob/main/docs/cri/config.md#cgroup-driver
+                  See an example of configuring cgroup driver via runtime options: https://github.com/containerd/containerd/blob/main/docs/cri/config.md#cgroup-driver
                 type: object
             required:
             - fetchStrategy

config/crd/bases/runtime.spinkube.dev_shims.yaml

@@ -10,7 +10,8 @@ COPY . .
 RUN CGO_ENABLED=0 go build -o rcm-node-installer ./cmd/node-installer
 RUN /app/rcm-node-installer -h
 
-FROM scratch
+# Using busybox instead of scratch so that the nsenter utility is present, as used in restarter logic
+FROM busybox
 COPY --from=builder /app/rcm-node-installer /rcm-node-installer
 
 ENTRYPOINT ["/rcm-node-installer"]

images/installer/Dockerfile

@@ -130,12 +130,12 @@ runtime_type = "%s"
 `, runtimeName, domain, runtimeName, shimPath)
 	// Add runtime options if any are provided
 	if len(runtimeOptions) > 0 {
-		options := fmt.Sprintf(`[plugins."%s".containerd.runtimes."%s".options]`, domain, runtimeName)
+		options := fmt.Sprintf(`[plugins."%s".containerd.runtimes.%s.options]`, domain, runtimeName)
 		for k, v := range runtimeOptions {
 			options += fmt.Sprintf(`
-			%s = "%s"\n`, k, v)
+%s = %s`, k, v)
 		}
-		runtimeConfiguration += "\n" + options
+		runtimeConfiguration += options
 	}
 	return runtimeConfiguration
 }

internal/containerd/configure.go

@@ -0,0 +1,78 @@
+package containerd
+
+import (
+	"fmt"
+	"log/slog"
+	"os"
+	"os/exec"
+)
+
+// UsesSystemd checks if the system is using systemd
+// by running the "systemctl is-system-running" command.
+// NOTE: this limits support to systems using systemctl to manage systemd
+func UsesSystemd() bool {
+	// Check if is a systemd system
+	cmd := nsenterCmd("systemctl", "is-system-running", "--quiet")
+	if err := cmd.Run(); err != nil {
+		slog.Info("Error with systemctl: %w\n", "error", err)
+		return false
+	}
+	return true
+}
+
+// InstallDbus checks if D-Bus service is installed and active. If not, installs D-Bus
+// and starts the service.
+// NOTE: this limits support to systems using systemctl to manage systemd.
+func InstallDbus() error {
+	cmd := nsenterCmd("systemctl", "is-active", "dbus", "--quiet")
+	if err := cmd.Run(); err == nil {
+		slog.Info("D-Bus is already installed and running")
+		return nil
+	}
+	slog.Info("Installing D-Bus")
+	whichApt := nsenterCmd("which", "apt-get")
+	whichYum := nsenterCmd("which", "yum")
+	whichDnf := nsenterCmd("which", "dnf")
+	whichApk := nsenterCmd("which", "apk")
+	if err := whichApt.Run(); err == nil {
+		cmd = nsenterCmd("apt-get", "update", "--yes")
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("failed to update apt: %w", err)
+		}
+		cmd = nsenterCmd("apt-get", "install", "--yes", "dbus")
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("failed to install D-Bus with apt: %w", err)
+		}
+	} else if err = whichDnf.Run(); err == nil {
+		cmd = nsenterCmd("dnf", "install", "--yes", "dbus")
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("failed to install D-Bus with dnf: %w", err)
+		}
+	} else if err = whichApk.Run(); err == nil {
+		cmd = nsenterCmd("apk", "add", "dbus")
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("failed to install D-Bus with apk: %w", err)
+		}
+	} else if err = whichYum.Run(); err == nil {
+		cmd = nsenterCmd("yum", "install", "--yes", "dbus")
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("failed to install D-Bus with yum: %w", err)
+		}
+	} else {
+		slog.Info("WARNING: Could not install D-Bus. No supported package manager found.")
+		return nil
+	}
+
+	slog.Info("Restarting D-Bus")
+	cmd = nsenterCmd("systemctl", "restart", "dbus")
+	if err := cmd.Run(); err != nil {
+		return fmt.Errorf("failed to restart D-Bus: %w", err)
+	}
+
+	return nil
+}
+
+func nsenterCmd(cmd ...string) *exec.Cmd {
+	return exec.Command("nsenter",
+		append([]string{fmt.Sprintf("-m/%s/proc/1/ns/mnt", os.Getenv("HOST_ROOT")), "--"}, cmd...)...) // #nosec G204
+}

internal/containerd/install_dbus.go

@@ -464,17 +464,17 @@ func (sr *ShimReconciler) createJobManifest(shim *rcmv1.Shim, node *corev1.Node,
 	}
 
 	if shim.Spec.RuntimeOptions != nil {
-		optionsJson, err := json.Marshal(shim.Spec.RuntimeOptions)
+		optionsJSON, err := json.Marshal(shim.Spec.RuntimeOptions)
 		if err != nil {
 			log.Error().Msgf("Unable to marshal runtime options: %s", err)
 		} else {
 			job.Spec.Template.Spec.Containers[0].Env = append(job.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
 				Name:  "RUNTIME_OPTIONS",
-				Value: string(optionsJson),
+				Value: string(optionsJSON),
 			})
 		}
 	}
-	
+
 	// set ttl for the installer job only if specified by the user
 	if ttlStr := os.Getenv("SHIM_NODE_INSTALLER_JOB_TTL"); ttlStr != "" {
 		if ttl, err := strconv.ParseInt(ttlStr, 10, 32); err == nil && ttl > 0 {