This morning I completed some tests and the remote containerd snapshotter seems to work fine and it allow to run a simple image.
To recap: this will allow to run docker images in k8s without doing any pulling but getting the filesystem of the images directly from cvmfs.
Of course the filesystem of the image must be ingested in cvmfs, and it must follow the structure of unpacked.cern.ch.
This is definitely a preliminary release and all the feedback is greatly appreciated.
Even now, quite a few months later, the latest version of Kubespray deploys containerd v1.3.9.
Not sure if I am interpreting the release notes for v.1.4.0 correctly:
Looks like it may have a dependence related to k8s API v1.19 , but our dev cluster is 1.19 so that’s okay, I should be able to start experimenting.
I see the containerd 1.5.0 beta is available, with several changes related to snapshotters:
Using the cvmfs remote snapshotter will require some new config so I will start working on integrating that into Kubespray( [plugins."io.containerd.grpc.v1.cri".containerd] and [proxy_plugins]). @smosciat Do you know if the config syntax for setting up the containerd remote snapshotter is stable, or is expected to change?
GKE also offers older versions of containerd - 1.3.x for COS_containerd and 1.2.x for UBUNTU_containerd. Doing some tests with kubernetes 1.17.x at the time on GKE i wrote something on brute force upgrading the clusters containerd to 1.4.x:
It does work , there is no dependency on 1.19.x.
At CERN clusters >=1.19 are being deployed with containerd 1.4.x.