From 80611a1fb6475ece3758be37608094612eec571e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=AA=20de=20Souza=20Pinto?= <rene@renesp.com.br>
Date: Thu, 13 Jun 2024 14:46:24 +0200
Subject: [PATCH] dom0-ztools: rootfs: Enable Container Device Interface
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit introduces the following changes:

- Enables CDI plugin in order to allow native containers to access
  devices specified by CDI spec.

- Adds a default loopback network configuration otherwise the plugin will
  throw an error during initialization.

Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
---
 pkg/dom0-ztools/Dockerfile                        | 3 +++
 pkg/dom0-ztools/rootfs/etc/cni/net.d/lo.conf      | 5 +++++
 pkg/dom0-ztools/rootfs/etc/containerd/config.toml | 9 ++++++++-
 3 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 pkg/dom0-ztools/rootfs/etc/cni/net.d/lo.conf

diff --git a/pkg/dom0-ztools/Dockerfile b/pkg/dom0-ztools/Dockerfile
index 983767e788..1c4b291546 100644
--- a/pkg/dom0-ztools/Dockerfile
+++ b/pkg/dom0-ztools/Dockerfile
@@ -39,6 +39,9 @@ RUN rm -rf /tmp/zfs-out/usr/share && rm -rf /tmp/zfs-out/usr/src && \
 RUN find /tmp/zfs-out -mindepth 1|sed 's@/tmp/zfs-out@@'>/out/etc/zfs-files
 RUN cp -r /tmp/zfs-out/* /out
 
+# Add directory for CDI files
+RUN mkdir -p /out/etc/cdi
+
 FROM scratch
 COPY --from=zfs /out/ /
 # hadolint ignore=DL3020
diff --git a/pkg/dom0-ztools/rootfs/etc/cni/net.d/lo.conf b/pkg/dom0-ztools/rootfs/etc/cni/net.d/lo.conf
new file mode 100644
index 0000000000..70c5f1afd1
--- /dev/null
+++ b/pkg/dom0-ztools/rootfs/etc/cni/net.d/lo.conf
@@ -0,0 +1,5 @@
+{
+       "cniVersion": "0.2.0",
+       "name": "lo",
+       "type": "loopback"
+}
diff --git a/pkg/dom0-ztools/rootfs/etc/containerd/config.toml b/pkg/dom0-ztools/rootfs/etc/containerd/config.toml
index 2b1c4ac5ee..b19296939e 100644
--- a/pkg/dom0-ztools/rootfs/etc/containerd/config.toml
+++ b/pkg/dom0-ztools/rootfs/etc/containerd/config.toml
@@ -2,7 +2,6 @@ version = 2
 state = "/run/containerd"
 root = "/persist/containerd-system-root"
 disabled_plugins = [
-    "io.containerd.grpc.v1.cri",
     "io.containerd.snapshotter.v1.btrfs",
     "io.containerd.snapshotter.v1.aufs",
     "io.containerd.internal.v1.opt",
@@ -10,6 +9,14 @@ disabled_plugins = [
     "io.containerd.tracing.processor.v1.otlp"
 ]
 
+[plugins]
+  [plugins."io.containerd.grpc.v1.cri"]
+    enable_cdi = true
+    cdi_spec_dirs = ["/etc/cdi"]
+
+  [plugins."io.containerd.grpc.v1.cri".cni]
+    max_conf_num = 1
+
 [grpc]
   address = "/run/containerd/containerd.sock"
   uid = 0