Skip to content

refactor(shim): precompute guest rootfs before task create#702

Draft
sidneychang wants to merge 2 commits into
urunc-dev:mainfrom
sidneychang:feat/shim-rootfs-precompute
Draft

refactor(shim): precompute guest rootfs before task create#702
sidneychang wants to merge 2 commits into
urunc-dev:mainfrom
sidneychang:feat/shim-rootfs-precompute

Conversation

@sidneychang
Copy link
Copy Markdown
Contributor

@sidneychang sidneychang commented May 18, 2026
edited
Loading

Description

This PR precomputes guest rootfs in the urunc containerd task shim before inner TaskService.Create mounts bundle/rootfs, so block-backed snapshots (e.g. devmapper) can be selected without relying on getMountInfo on an unmounted path.

Problem (#684)

Previously, guest rootfs was chosen only in runtime Exec(). For containerd, bundle/rootfs is not mounted yet at shim CreateTask time, so block device discovery via getMountInfo was unreliable. Selection must use CreateTask rootfs mounts instead.

Solution

  • Run ChooseRootfs in the shim using r.Rootfs (via BlockFromRootfsMounts for single /dev/* device mounts) plus bundle annotations
  • Persist the result in com.urunc.internal.rootfs.params in config.json
  • Runtime Exec consumes that annotation; podman / direct urunc still fall back to ChooseRootfs at runtime when it is absent
  • Selection in the shim is side-effect free (no MkdirAll / mount); monRootfs is still created in Exec

Rootfs logic is consolidated in pkg/unikontainers/rootfs.go (ChooseRootfs, selectRootfs, encode/decode).

Note on #565

The shim Create path currently also calls annotation injection from image metadata (#565) so rootfs selection has complete unikernel annotations during development. That logic is temporary until #565 lands upstream; we will drop or rework this integration after #565 is merged.

Related issues

How was this tested?

LLM usage

Cursor

Checklist

  • I have read the contribution guide.
  • The linter passes locally (make lint).
  • The e2e tests of at least one tool pass locally (make test_ctr, make test_nerdctl, make test_docker, make test_crictl).
  • If LLMs were used: I have read the llm policy.

@netlify
Copy link
Copy Markdown

netlify Bot commented May 18, 2026
edited
Loading

Deploy Preview for urunc canceled.

Name Link
🔨 Latest commit abb7d84
🔍 Latest deploy log https://app.netlify.com/projects/urunc/deploys/6a0b5a76d416470008077f69

@sidneychang
feat(shim): inject missing urunc annotations from image metadata (uru…
639921e 
…nc-dev#565)

Merge com.urunc.unikernel.* keys from the container image into bundle
config.json when the OCI spec is missing them, using a containerd session
before task create.

Signed-off-by: sidneychang <2190206983@qq.com>
@sidneychang
feat(shim): precompute guest rootfs before task create
abb7d84 
Select guest rootfs in the shim from CreateTask rootfs mounts and bundle
annotations, persist the result in config.json, and consume it at runtime
Exec with a podman fallback when the internal annotation is absent.

Signed-off-by: sidneychang <2190206983@qq.com>
@sidneychang
Copy link
Copy Markdown
Contributor Author

sidneychang commented May 19, 2026

Hi @cmainas ,
Could you please take a look at PR #702 when you have time?
Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Move guest rootfs selection earlier to the shim

1 participant

@sidneychang