contract: publish atelet↔ateom under pkg/, neutralize names, drop runsc_path#336
Open
Davanum Srinivas (dims) wants to merge 3 commits into
Open
contract: publish atelet↔ateom under pkg/, neutralize names, drop runsc_path#336Davanum Srinivas (dims) wants to merge 3 commits into
Davanum Srinivas (dims) wants to merge 3 commits into
Conversation
Collaborator
|
BTW I was chatting with Tim Hockin (@thockin) about this and one key suggestion was that we might wind up with atelet as the extension mechanism. Undecided I think ... |
Davanum Srinivas (dims)
force-pushed
the
pluggable/publish-ateom-contract
branch
from
1913f48 to
2e59f04
Compare
Collaborator
Author
ACK Benjamin Elder (@BenTheElder) some of what i am doing is still useful to get rid of gvisor-isms i think. I am ok with going to |
Davanum Srinivas (dims)
changed the title
… B1) Move internal/proto/ateompb -> pkg/proto/ateompb (the ateom gRPC contract) and internal/ateompath -> pkg/ateompath (the runtime path conventions: BasePath, the ateom socket, OCI bundle, netns, and asset-cache layout). Both lived under internal/, so an out-of-tree custom ateom-* backend could not import them -- it had to vendor the .proto and hand-duplicate the path conventions (and risk drift). Publishing them under pkg/ lets a backend `go get` the contract + conventions directly. Update all in-tree importers; regenerate ateom.pb.go with the new go_package (clean rawDesc, not a hand-edit). Mechanical relocation; no behavior change.
B1 publishes pkg/ateompath, so RunSCBinaryPath becomes public API -- but it returns the cache path for any content-addressed sandbox asset (a backend's cloud-hypervisor/kernel/firecracker binary), not just gVisor's runsc. Rename: ateompath.RunSCBinaryPath -> ateompath.CachedAssetPath resources.ValidateRunscHash -> resources.ValidateAssetHash Pure rename + comment cleanup; no behavior change. The on-disk "runsc-<sha>" filename is deliberately kept -- existing snapshots embed that absolute path, so renaming it is a separate breaking migration.
…t_paths (Path B / B4) Remove runsc_path (field 4, now reserved) from RunWorkload/Checkpoint/Restore requests so the ateom contract has no backend-specific fields. gVisor now reads its binary from runtime_asset_paths["runsc"] -- the same map every other backend uses; atelet stops setting RunscPath and the runscPathFor helper is removed. Regenerate ateom.pb.go. A custom ateom-* now sees a backend-neutral contract: it declares whatever asset names it wants on its SandboxConfig and reads them from runtime_asset_paths.
Davanum Srinivas (dims)
force-pushed
the
pluggable/publish-ateom-contract
branch
from
2e59f04 to
0df7eff
Compare
Collaborator
|
Ack ... I'm not sure we should publish to pkg/, given the guidelines for that ... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Path B — making a custom out-of-tree
ateom-*backend a first-class citizen — the contract pieces, as one PR (three commits).Companion to #332 (open the
sandboxClassenum) and #333 (declarative WorkerPool pod shape). Those were the CRD/controller pluggability changes; this PR is the atelet↔ateom contract changes. They're in one PR because all three commits rewrite/regenerate the sameateom.proto(separate PRs would just rebase over each other) and they are one decision: whether to commit to this contract shape.Commits
proto,paths: publish the atelet<->ateom contract under pkg/—git mv internal/proto/ateompb → pkg/proto/ateompbandinternal/ateompath → pkg/ateompathso an out-of-tree backend cango getthe gRPC contract + path conventions instead of vendoringinternal/. Mechanical move + clean regen ofateom.pb.go; behavior-neutral.paths,resources: name the asset cache neutrally— now thatpkg/ateompathis public API,RunSCBinaryPath→CachedAssetPathandValidateRunscHash→ValidateAssetHash(the cache holds any backend's content-addressed asset, not just gVisor's runsc). The on-diskrunsc-<sha>filename is deliberately unchanged — existing snapshots embed that absolute path. No behavior change.proto: drop the gVisor-specific runsc_path— removerunsc_path(field 4, nowreserved) from RunWorkload/Checkpoint/Restore; gVisor reads its binary fromruntime_asset_paths["runsc"]like every other backend. The wire contract now has zero backend-specific fields.Draft on purpose
Committing to the atelet↔ateom contract may be premature, so this is a Draft for visibility/review rather than merge — fine to hold behind #332/#333.
Verified locally:
go build ./...andgo teston the affected packages pass;ateom.pb.goregenerated with protoc v25.3.