misc: support to run snapshotter as systemd service

Signed-off-by: ChengyuZhu6 <[email protected]>
containerd · Jan 16, 2024 · 831474a · 831474a
1 parent 1b43897
commit 831474a
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 6 deletions.
diff --git a/misc/snapshotter/Dockerfile b/misc/snapshotter/Dockerfile
@@ -37,6 +37,7 @@ COPY config-blockdev.toml /etc/nydus/config-blockdev.toml
 COPY config-proxy.toml /etc/nydus/config-proxy.toml
 COPY config-fscache.toml /etc/nydus/config-fscache.toml
 COPY config-fusedev.toml /etc/nydus/config-fusedev.toml
+COPY nydus-snapshotter.service /etc/nydus/nydus-snapshotter.service
 
 COPY entrypoint.sh /
 

diff --git a/misc/snapshotter/nydus-snapshotter.service b/misc/snapshotter/nydus-snapshotter.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=nydus snapshotter
+After=network.target
+Before=containerd.service
+
+[Service]
+Type=simple
+Environment=HOME=/root
+ExecStart=/usr/local/bin/containerd-nydus-grpc --config /etc/nydus/config-proxy.toml
+Restart=always
+RestartSec=1
+KillMode=process
+OOMScoreAdjust=-999
+StandardOutput=journal
+StandardError=journal
+
+[Install]
+WantedBy=multi-user.target
diff --git a/misc/snapshotter/nydus-snapshotter.yaml b/misc/snapshotter/nydus-snapshotter.yaml
@@ -19,6 +19,7 @@ data:
   ENABLE_SNAPSHOTTER_CONFIG_FROM_VOLUME: "true"
   ENABLE_NYDUSD_CONFIG_FROM_VOLUME: "true"
   # ENABLE_RUNTIME_SPECIFIC_SNAPSHOTTER: "false"
+  ENABLE_SYSTEMD_SERVICE: "true"
 
   config.toml: |-
     version = 1
@@ -179,7 +180,13 @@ spec:
               configMapKeyRef:
                 name: nydus-snapshotter-configs
                 key: ENABLE_RUNTIME_SPECIFIC_SNAPSHOTTER
-                optional: true               
+                optional: true
+          - name: ENABLE_SYSTEMD_SERVICE
+            valueFrom:
+              configMapKeyRef:
+                name: nydus-snapshotter-configs
+                key: ENABLE_SYSTEMD_SERVICE
+                optional: true                    
         lifecycle:
           preStop:
             exec:
@@ -205,8 +212,9 @@ spec:
         - name: containerd-conf
           mountPath: "/etc/containerd/config.toml"
         - name: local-bin
-          mountPath: "/usr/local/bin"
-
+          mountPath: "/usr/local/bin/"
+        - name: etc-systemd-system
+          mountPath: "/etc/systemd/system/"
         securityContext:
           privileged: true
 
@@ -229,4 +237,7 @@ spec:
       - name: local-bin
         hostPath:
           path: /usr/local/bin/
+      - name: etc-systemd-system
+        hostPath:
+          path: /etc/systemd/system/
 
diff --git a/misc/snapshotter/snapshotter.sh b/misc/snapshotter/snapshotter.sh
@@ -41,13 +41,16 @@ SNAPSHOTTER_BINARY="${SNAPSHOTTER_BINARY:-${NYDUS_BINARY_DIR}/containerd-nydus-g
 # The config about nydusd and nydus snapshotter
 NYDUSD_CONFIG="${NYDUSD_CONFIG:-${NYDUS_CONFIG_DIR}/nydusd-fusedev.json}"
 SNAPSHOTTER_CONFIG="${SNAPSHOTTER_CONFIG:-${NYDUS_CONFIG_DIR}/config-fusedev.toml}"
+SNAPSHOTTER_SERVICE="${SNAPSHOTTER_SERVICE:-/etc/systemd/system/nydus-snapshotter.service}"
 
 # If true, the script would read the config from env.
 ENABLE_SNAPSHOTTER_CONFIG_FROM_VOLUME="${ENABLE_SNAPSHOTTER_CONFIG_FROM_VOLUME:-false}"
 ENABLE_NYDUSD_CONFIG_FROM_VOLUME="${ENABLE_NYDUSD_CONFIG_FROM_VOLUME:-false}"
 
 # If true, the script would enable the "runtime specific snapshotter" in containerd config.
 ENABLE_RUNTIME_SPECIFIC_SNAPSHOTTER="${ENABLE_RUNTIME_SPECIFIC_SNAPSHOTTER:-false}"
+# If true, the snapshotter would be running as a systemd service
+ENABLE_SYSTEMD_SERVICE="${ENABLE_SYSTEMD_SERVICE:-false}"
 
 COMMANDLINE=""
 
@@ -161,11 +164,20 @@ EOF
 }
 
 function deploy_snapshotter() {
-    COMMANDLINE="${SNAPSHOTTER_BINARY}"
+    cp "${SNAPSHOTTER_BINARY}" "/usr/local/bin/containerd-nydus-grpc"
+    COMMANDLINE="/usr/local/bin/containerd-nydus-grpc"
     fs_driver_handler
     options_handler
     configure_snapshotter
-    ${COMMANDLINE} &
+    if [ "${ENABLE_SYSTEMD_SERVICE}" == "true" ]; then
+        cp "$NYDUS_CONFIG_DIR/nydus-snapshotter.service" "${SNAPSHOTTER_SERVICE}"
+        sed -i "s|^ExecStart=.*$|ExecStart=$COMMANDLINE|" "${SNAPSHOTTER_SERVICE}"
+        nsenter -t 1 -m systemctl daemon-reload
+        nsenter -t 1 -m systemctl enable nydus-snapshotter.service
+        nsenter -t 1 -m systemctl -- restart containerd.service
+    else
+        ${COMMANDLINE} &
+    fi
 }
 
 function cleanup_snapshotter() {
@@ -177,7 +189,13 @@ function cleanup_snapshotter() {
     fi
     echo "Recover containerd config"
     cat "$CONTAINER_RUNTIME_CONFIG".bak.nydus >"$CONTAINER_RUNTIME_CONFIG"
-    kill -9 $pid || true
+    if [ "${ENABLE_SYSTEMD_SERVICE}" == "true" ]; then
+        nsenter -t 1 -m systemctl disable --now nydus-snapshotter.service
+		rm -f "${SNAPSHOTTER_SERVICE}"
+    else
+        kill -9 $pid || true
+    fi
+    nsenter -t 1 -m systemctl -- restart containerd.service
     echo "Removing nydus-snapshotter artifacts from host"
     rm -f "${SNAPSHOTTER_BINARY}"
     rm -f "${NYDUS_BINARY_DIR}/nydus-overlayfs"