From 717a0c83e3032c2255b257531cfd160b98cd8180 Mon Sep 17 00:00:00 2001
From: gaohuatao <gaohuatao@huawei.com>
Date: Tue, 16 Nov 2021 11:30:03 +0800
Subject: [PATCH 01/14] add self def runtime for shimv2

Signed-off-by: gaohuatao <gaohuatao@huawei.com>
---
 CMakeLists.txt                                |  2 +-
 iSulad.spec                                   |  2 +-
 src/contrib/config/daemon.json                |  5 ++-
 src/daemon/config/isulad_config.c             |  3 ++
 .../cri/cri_container_manager_service_impl.cc |  9 +++--
 src/daemon/entry/cri/cri_helpers.cc           | 39 +++++++++++++++++++
 src/daemon/entry/cri/cri_helpers.h            |  2 +
 .../cri_pod_sandbox_manager_service_impl.cc   |  5 ++-
 8 files changed, 60 insertions(+), 7 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2cffc0dc..0f7d6b9c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -104,7 +104,7 @@ endif()
 install(FILES src/contrib/config/daemon.json
     DESTINATION ${conf_prefix}/isulad PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE)
 install(FILES src/contrib/config/daemon_constants.json
-    DESTINATION ${conf_prefix}/isulad PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE)
+    DESTINATION ${conf_prefix}/isulad PERMISSIONS OWNER_READ GROUP_READ)
 install(FILES src/contrib/config/config.json src/contrib/config/systemcontainer_config.json
     DESTINATION ${conf_prefix}/default/isulad PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ GROUP_WRITE)
 install(FILES src/contrib/config/seccomp_default.json
diff --git a/iSulad.spec b/iSulad.spec
index d6e5778c..c5fd802d 100644
--- a/iSulad.spec
+++ b/iSulad.spec
@@ -83,7 +83,7 @@ install -m 0644 ../src/daemon/modules/api/image_api.h         %{buildroot}/%{_in
 
 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/isulad
 install -m 0640 ../src/contrib/config/daemon.json           %{buildroot}/%{_sysconfdir}/isulad/daemon.json
-install -m 0640 ../src/contrib/config/daemon_constants.json %{buildroot}/%{_sysconfdir}/isulad/daemon_constants.json
+install -m 0440 ../src/contrib/config/daemon_constants.json %{buildroot}/%{_sysconfdir}/isulad/daemon_constants.json
 install -m 0640 ../src/contrib/config/seccomp_default.json  %{buildroot}/%{_sysconfdir}/isulad/seccomp_default.json
 
 install -d $RPM_BUILD_ROOT/%{_sysconfdir}/default/isulad
diff --git a/src/contrib/config/daemon.json b/src/contrib/config/daemon.json
index d2ce4d02..92cd6c47 100644
--- a/src/contrib/config/daemon.json
+++ b/src/contrib/config/daemon.json
@@ -33,5 +33,8 @@
     "cni-conf-dir": "",
     "image-layer-check": false,
     "use-decrypted-key": true,
-    "insecure-skip-verify-enforce": false
+    "insecure-skip-verify-enforce": false,
+    "cri-runtimes": {
+        "kata": "io.containerd.kata.v2"
+    }
 }
diff --git a/src/daemon/config/isulad_config.c b/src/daemon/config/isulad_config.c
index ded3c0f6..f70b4575 100644
--- a/src/daemon/config/isulad_config.c
+++ b/src/daemon/config/isulad_config.c
@@ -1522,6 +1522,9 @@ int merge_json_confs_into_global(struct service_arguments *args)
     args->json_confs->runtimes = tmp_json_confs->runtimes;
     tmp_json_confs->runtimes = NULL;
 
+    args->json_confs->cri_runtimes = tmp_json_confs->cri_runtimes;
+    tmp_json_confs->cri_runtimes = NULL;
+
     // Daemon storage-driver
     if (merge_storage_conf_into_global(args, tmp_json_confs)) {
         ret = -1;
diff --git a/src/daemon/entry/cri/cri_container_manager_service_impl.cc b/src/daemon/entry/cri/cri_container_manager_service_impl.cc
index ff98df9b..2e65ab51 100644
--- a/src/daemon/entry/cri/cri_container_manager_service_impl.cc
+++ b/src/daemon/entry/cri/cri_container_manager_service_impl.cc
@@ -296,8 +296,8 @@ auto ContainerManagerServiceImpl::GenerateCreateContainerCustomConfig(
 
     if (containerConfig.has_metadata()) {
         if (append_json_map_string_string(custom_config->annotations,
-                                      CRIHelpers::Constants::CONTAINER_NAME_ANNOTATION_KEY.c_str(),
-                                      containerConfig.metadata().name().c_str()) != 0) {
+                                          CRIHelpers::Constants::CONTAINER_NAME_ANNOTATION_KEY.c_str(),
+                                          containerConfig.metadata().name().c_str()) != 0) {
             error.SetError("Append container name into annotation failed");
             goto cleanup;
         }
@@ -355,7 +355,10 @@ ContainerManagerServiceImpl::GenerateCreateContainerRequest(const std::string &r
     request->id = util_strdup_s(cname.c_str());
 
     if (!podSandboxRuntime.empty()) {
-        request->runtime = util_strdup_s(podSandboxRuntime.c_str());
+        request->runtime = CRIHelpers::cri_runtime_convert(podSandboxRuntime.c_str());
+        if (request->runtime == nullptr) {
+            request->runtime = util_strdup_s(podSandboxRuntime.c_str());
+        }
     }
 
     if (!containerConfig.image().image().empty()) {
diff --git a/src/daemon/entry/cri/cri_helpers.cc b/src/daemon/entry/cri/cri_helpers.cc
index 137726e6..f45c669f 100644
--- a/src/daemon/entry/cri/cri_helpers.cc
+++ b/src/daemon/entry/cri/cri_helpers.cc
@@ -32,6 +32,7 @@
 #include "path.h"
 #include "utils.h"
 #include "service_container_api.h"
+#include "isulad_config.h"
 
 namespace CRIHelpers {
 const std::string Constants::POD_NETWORK_ANNOTATION_KEY { "network.alpha.kubernetes.io/network" };
@@ -992,4 +993,42 @@ char *GenerateExecSuffix()
     return exec_suffix;
 }
 
+char *cri_runtime_convert(const char *runtime)
+{
+    char *runtime_val = nullptr;
+    json_map_string_string *cri_shimv2_runtimes = nullptr;
+
+    if (runtime == nullptr) {
+        return nullptr;
+    }
+
+    if (isulad_server_conf_rdlock()) {
+        ERROR("Lock isulad server conf failed");
+        return nullptr;
+    }
+
+    struct service_arguments *args = conf_get_server_conf();
+    if (args == nullptr || args->json_confs == nullptr || args->json_confs->cri_runtimes == nullptr) {
+        ERROR("Cannot get cri runtime list");
+        goto out;
+    }
+
+    cri_shimv2_runtimes = args->json_confs->cri_runtimes;
+    for (size_t i = 0; i < cri_shimv2_runtimes->len; i++) {
+        if (cri_shimv2_runtimes->keys[i] == nullptr || cri_shimv2_runtimes->values[i] == nullptr) {
+            WARN("CRI runtimes key or value is null");
+            continue;
+        }
+
+        if (strcmp(runtime, cri_shimv2_runtimes->keys[i]) == 0) {
+            runtime_val = util_strdup_s(cri_shimv2_runtimes->values[i]);
+            break;
+        }
+    }
+
+out:
+    (void)isulad_server_conf_unlock();
+    return runtime_val;
+}
+
 } // namespace CRIHelpers
diff --git a/src/daemon/entry/cri/cri_helpers.h b/src/daemon/entry/cri/cri_helpers.h
index 450c899c..9eccc1da 100644
--- a/src/daemon/entry/cri/cri_helpers.h
+++ b/src/daemon/entry/cri/cri_helpers.h
@@ -150,6 +150,8 @@ void RemoveContainer(service_executor_t *cb, const std::string &containerID, Err
 void StopContainer(service_executor_t *cb, const std::string &containerID, int64_t timeout, Errors &error);
 
 char *GenerateExecSuffix();
+
+char *cri_runtime_convert(const char *runtime);
 }; // namespace CRIHelpers
 
 #endif // DAEMON_ENTRY_CRI_CRI_HELPERS_H
diff --git a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
index 8801bea6..0f9ef044 100644
--- a/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
+++ b/src/daemon/entry/cri/cri_pod_sandbox_manager_service_impl.cc
@@ -251,7 +251,10 @@ container_create_request *PodSandboxManagerServiceImpl::PackCreateContainerReque
     create_request->id = util_strdup_s(sandboxName.c_str());
 
     if (!runtimeHandler.empty()) {
-        create_request->runtime = util_strdup_s(runtimeHandler.c_str());
+        create_request->runtime = CRIHelpers::cri_runtime_convert(runtimeHandler.c_str());
+        if (create_request->runtime == nullptr) {
+            create_request->runtime = util_strdup_s(runtimeHandler.c_str());
+        }
     }
 
     create_request->image = util_strdup_s(image.c_str());
-- 
2.25.1