podvm: remove mount units

Previously we had /peerpod and /kata-containers bind-mounted to /run to keep the size of the tempFS under /run small. As / is now read-only this does not make sense anymore, so removing it. This triggered a bug in kata-agent/ttrpc-rust as the path of the socket is not created automatically. Adding a workaround to the kata-agent unit until this is fixed upstream.
confidential-containers · Nov 30, 2023 · e194515 · e194515
1 parent cbb1a20
commit e194515
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 25 deletions.
diff --git a/podvm/files/etc/systemd/system/kata-agent.service b/podvm/files/etc/systemd/system/kata-agent.service
@@ -5,7 +5,9 @@ Wants=process-user-data.service
 After=netns@podns.service process-user-data.service
 
 [Service]
-ExecStart=/usr/local/bin/kata-agent --config /run/peerpod/agent-config.toml
+# Temporary fix for
+ExecStartPre=mkdir -p /run/kata-containers
+ExecStart=/usr/local/bin/kata-agent --config /etc/agent-config.toml
 ExecStartPre=-umount /sys/fs/cgroup/misc
 ExecStopPost=/usr/local/bin/kata-agent-clean --config /run/peerpod/agent-config.toml
 # Now specified in the agent-config.toml Environment="KATA_AGENT_SERVER_ADDR=unix:///run/kata-containers/agent.sock"

diff --git a/podvm/files/etc/systemd/system/run-image.mount b/podvm/files/etc/systemd/system/run-image.mount
diff --git a/podvm/files/etc/systemd/system/run-kata\x2dcontainers.mount b/podvm/files/etc/systemd/system/run-kata\x2dcontainers.mount