diff --git a/.github/workflows/build_push_criu.yml b/.github/workflows/build_push_criu.yml index cf5c056..761bfd9 100644 --- a/.github/workflows/build_push_criu.yml +++ b/.github/workflows/build_push_criu.yml @@ -8,7 +8,7 @@ on: env: REGISTRY: ghcr.io CRIU_IMAGE_NAME: ${{ github.repository }}-criu - CRIU_VERSION: v3.19 + CRIU_VERSION: v4.0 jobs: push_to_registry: diff --git a/Makefile b/Makefile index 063f69e..39d5852 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ NAMESPACE := ctrox INSTALLER_IMAGE := $(REGISTRY)/$(NAMESPACE)/zeropod-installer:dev MANAGER_IMAGE := $(REGISTRY)/$(NAMESPACE)/zeropod-manager:dev TEST_IMAGE := $(REGISTRY)/$(NAMESPACE)/zeropod-test:dev -CRIU_VERSION := v3.19 +CRIU_VERSION := v4.0 CRIU_IMAGE := $(REGISTRY)/$(NAMESPACE)/zeropod-criu:$(CRIU_VERSION) DOCKER_SOCK := /var/run/docker.sock EBPF_IMAGE := $(REGISTRY)/$(NAMESPACE)/zeropod-ebpf:dev diff --git a/cmd/installer/main.go b/cmd/installer/main.go index a9270f9..1752e1f 100644 --- a/cmd/installer/main.go +++ b/cmd/installer/main.go @@ -25,7 +25,7 @@ import ( ) var ( - criuImage = flag.String("criu-image", "ghcr.io/ctrox/zeropod-criu:v3.19", "criu image to use.") + criuImage = flag.String("criu-image", "ghcr.io/ctrox/zeropod-criu:v4.0", "criu image to use.") runtime = flag.String("runtime", "containerd", "specifies which runtime to configure. containerd/k3s/rke2") hostOptPath = flag.String("host-opt-path", "/opt/zeropod", "path where zeropod binaries are stored on the host") uninstall = flag.Bool("uninstall", false, "uninstalls zeropod by cleaning up all the files the installer created") diff --git a/config/production/kustomization.yaml b/config/production/kustomization.yaml index 35483db..4a6829d 100644 --- a/config/production/kustomization.yaml +++ b/config/production/kustomization.yaml @@ -17,7 +17,7 @@ patches: - patch: |- - op: add path: /spec/template/spec/initContainers/0/args/- - value: -criu-image=ghcr.io/ctrox/zeropod-criu:v3.19 + value: -criu-image=ghcr.io/ctrox/zeropod-criu:v4.0 target: kind: DaemonSet apiVersion: kustomize.config.k8s.io/v1beta1 diff --git a/criu/Dockerfile b/criu/Dockerfile index b5ddf2b..7595c2a 100644 --- a/criu/Dockerfile +++ b/criu/Dockerfile @@ -1,26 +1,26 @@ -# 20.04 seems to be the best compromise for compatibility with most systems. -# For example when building on 22.04, glibc is too recent to work on GKE. It -# would be better to have a fully static build of criu but so far that has -# been a disappointingly unsuccessful endeavour. -FROM ubuntu:20.04 as build +FROM debian:12 as build RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - git build-essential libprotobuf-dev libprotobuf-c-dev \ - protobuf-c-compiler protobuf-compiler python3-protobuf \ - libcap-dev libnl-3-dev libnet-dev pkg-config curl ca-certificates + git build-essential libprotobuf-dev libprotobuf-c-dev \ + protobuf-c-compiler protobuf-compiler python3-protobuf \ + libcap-dev libnl-3-dev libnet-dev pkg-config curl ca-certificates \ + gnutls-dev WORKDIR /workspace RUN git clone https://github.com/checkpoint-restore/criu.git WORKDIR /workspace/criu -ARG CRIU_VERSION=v3.19 +ARG CRIU_VERSION=v4.0 RUN git checkout $CRIU_VERSION RUN make -j $(nproc) +# copy all libraries that criu needs except libc as replacing libc is not that +# straight-forward. +RUN mkdir criu-libs/ && \ + for l in $(ldd criu/criu | awk '{ print $3 }'); do cp $l criu-libs/; done && \ + rm criu-libs/libc.so* + # we just add libs and binaries from scratch so this image can be used with # containerd's client.Install. FROM scratch AS export-stage COPY --from=build /workspace/criu/criu/criu /bin/ -COPY --from=build /usr/lib/*-linux-gnu/libprotobuf-c.so.1 /lib/ -COPY --from=build /lib/*-linux-gnu/libnl-3.so.200 /lib/ -COPY --from=build /usr/lib/*-linux-gnu/libnet.so.1 /lib/ -COPY --from=build /lib/*-linux-gnu/libjansson.so.4 /lib/ +COPY --from=build /workspace/criu/criu-libs /lib/