Skip to content

chore(core): Add static mount points #1343

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

chore(core): Add static mount points #1343

wants to merge 4 commits into from

Conversation

YuryLysov
Copy link

@YuryLysov YuryLysov commented Aug 13, 2025
edited by diafour
Loading

Description

Part of deckhouse/deckhouse#14920

  • Pre-create all "top" mount points in final images.
  • Cleanup: remove unused extraheaders settings.
  • Create /run, /var, and /var/run -> ../run in the base 'distroless' image to mimic strict containerd mode if run in regular mode.

TODO

  • Change virt-launcher manifest, add mount /var/run as emptyDir, change location /usr/bin in container-disk containers.

Why do we need it, and what problem does it solve?

All mountPaths should pre-created during build time to run in the environment with containerd integrity checks.

What is the expected result?

Module works as usual in the environment with containerd integrity checks.

Checklist

  • The code is covered by unit tests.
  • e2e tests passed.
  • Documentation updated according to the changes.
  • Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: core
type: chore
summary: Pre-create mount points in all final images.

@YuryLysov YuryLysov self-assigned this Aug 13, 2025
@YuryLysov YuryLysov added the enhancement New feature or request label Aug 13, 2025
@YuryLysov YuryLysov added this to the v0.24.1 milestone Aug 13, 2025
diafour
diafour reviewed Aug 14, 2025
View reviewed changes
@universal-itengineer universal-itengineer modified the milestones: v0.24.1, v0.25.0 Aug 15, 2025
@universal-itengineer universal-itengineer changed the title [ci] Add static mount points chore(core): Add static mount points Aug 18, 2025
diafour
diafour reviewed Aug 22, 2025
View reviewed changes
@nevermarine nevermarine modified the milestones: v0.25.0, v0.26.0 Aug 29, 2025
diafour
diafour reviewed Aug 29, 2025
View reviewed changes
YuryLysov and others added 4 commits September 4, 2025 18:16
@YuryLysov @diafour
mount points
4c757f0 
Signed-off-by: YuryLysov <[email protected]>
@YuryLysov @diafour
Update .werf/defines/image-mountpoints.tmpl
de040c7 
Co-authored-by: Ivan Mikheykin <[email protected]>
Signed-off-by: YuryLysov <[email protected]>
@universal-itengineer @diafour
add context in template 'image mount points'
2e6a6eb 
Signed-off-by: Nikita Korolev <[email protected]>
@diafour
Add pre-created mount points to images:
a247a0d 
- cdi-apiserver
- cdi-cloner
- cdi-controller
- cdi-importer
- cdi-operator
- dvcr
- dvcr-importer
- dvcr-uploader
- kube-api-rewriter
- virt-api
- virt-controller
- virt-handler
- virt-launcher
- virt-operator
- virtualization-api
- virtualization-audit
- virtualization-controller
- hp pods

Some notes:

- Create /var/run subdirectories in /run, as /var/run is a symlink to ../run.
- Add /var, /run and symlink /var/run -> ../run in 'distroless' base image.
- Pre-create /var, /run and symlink /var/run -> ../run in kube-api-rewriter image.
- Remove unused extraheaders settings in dvcr-importer and dvcr-uploader.

Signed-off-by: Ivan Mikheykin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diafour diafour diafour left review comments

@universal-itengineer universal-itengineer universal-itengineer left review comments

@nevermarine nevermarine Awaiting requested review from nevermarine nevermarine is a code owner

@fl64 fl64 Awaiting requested review from fl64 fl64 is a code owner

@Isteb4k Isteb4k Awaiting requested review from Isteb4k Isteb4k is a code owner

@yaroslavborbat yaroslavborbat Awaiting requested review from yaroslavborbat yaroslavborbat is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@YuryLysov YuryLysov

Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.0.0
Development

Successfully merging this pull request may close these issues.
4 participants
@YuryLysov @diafour @universal-itengineer @nevermarine