Skip to content

containerd in MicroK8s does not pass runtime.options TOML to custom shim #5093

New issue
New issue
Open
Open
containerd in MicroK8s does not pass runtime.options TOML to custom shim#5093
@kate-goldenring

Description

@kate-goldenring
kate-goldenring
opened on May 30, 2025

Description:

I'm running a custom containerd shim on MicroK8s and encountering a bug where the [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.<name>.options] TOML configuration does not appear to be passed to the shim at runtime.

This works as expected in Minikube, but fails in MicroK8s with the same containerd configuration. This pull request has more details along with examples of how CI succeeds on all runtimes except MicroK8s: spinframework/runtime-class-manager#387 (comment)

Repro Steps:

  1. Create a MicroK8s cluster with the following in /var/snap/microk8s/current/args/containerd-template.toml:

    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.spin-v2]
runtime_type = "/opt/rcm/bin/containerd-shim-spin-v2"

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.spin-v2.options]
systemd_cgroup = true

  2. Restart containerd (systemctl restart snap.microk8s.daemon-containerd) and attempt to run a pod with runtimeClassName: spin-v2.

  3. Observe in the custom shim logs that config_body is empty or missing.

    Error:

     Warning  FailedCreatePodSandBox  0s (x10 over 9s)  kubelet            Failed to create pod sandbox: rpc error: 
 code = InvalidArgument desc = failed to create containerd task: failed to create shim task: invalid shim options: 
 invalid argument: invalid shim options with body : TOML parse error at line 1, column 1
   |
 1 | 
   | ^
 missing field `systemd_cgroup`
 : invalid argument

  4. When running the same shim and config on Minikube, the TOML in options is correctly passed via the config_body in the CreateTaskRequest.

Expected Behavior:

Containerd should pass the contents of the options block as TOML in config_body in the CreateTaskRequest.Options.

Actual Behavior:

config_body is either empty or missing entirely in MicroK8s, even though the runtime config appears valid and works on other distributions.

Environment:

The same configuration and shim run fine in Minikube and other containerd environments.

Suggested Fix / Workaround:

  • Confirm whether MicroK8s is writing the options block into containerd's live config
  • Consider verifying behavior in containerd config dump
  • Ensure that custom runtime.options blocks are not stripped or ignored when containerd is launched via snap

Let me know if you'd like me to provide a minimal reproduction with a dummy shim binary.

Would you like me to submit the issue for you or draft a separate reproduction repo?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions