diff --git a/pkg/cri/annotations/annotations.go b/pkg/cri/annotations/annotations.go index 181eb05c757c..59624b52fb3a 100644 --- a/pkg/cri/annotations/annotations.go +++ b/pkg/cri/annotations/annotations.go @@ -58,6 +58,11 @@ const ( // SandboxNamespace is the name of the namespace of the sandbox (pod) SandboxNamespace = "io.kubernetes.cri.sandbox-namespace" + // SandboxUID is the uid of the sandbox (pod) passed to CRI via RunPodSanbox, + // this field is useful for linking the uid created by the CRI client (e.g. kubelet) + // to the internal Sandbox.ID created by the containerd sandbox service + SandboxUID = "io.kubernetes.cri.sandbox-uid" + // SandboxName is the name of the sandbox (pod) SandboxName = "io.kubernetes.cri.sandbox-name" diff --git a/pkg/cri/server/container_create_linux.go b/pkg/cri/server/container_create_linux.go index 8fb41e21009e..c9851b175ce0 100644 --- a/pkg/cri/server/container_create_linux.go +++ b/pkg/cri/server/container_create_linux.go @@ -301,6 +301,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/server/container_create_linux_test.go b/pkg/cri/server/container_create_linux_test.go index b000616ad5e5..9b1463455d73 100644 --- a/pkg/cri/server/container_create_linux_test.go +++ b/pkg/cri/server/container_create_linux_test.go @@ -179,6 +179,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/server/container_create_windows.go b/pkg/cri/server/container_create_windows.go index 05c2b8771580..6a18952cc540 100644 --- a/pkg/cri/server/container_create_windows.go +++ b/pkg/cri/server/container_create_windows.go @@ -128,6 +128,7 @@ func (c *criService) containerSpec( customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeContainer), customopts.WithAnnotation(annotations.SandboxID, sandboxID), customopts.WithAnnotation(annotations.SandboxNamespace, sandboxConfig.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, sandboxConfig.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, sandboxConfig.GetMetadata().GetName()), customopts.WithAnnotation(annotations.ContainerName, containerName), customopts.WithAnnotation(annotations.ImageName, imageName), diff --git a/pkg/cri/server/container_create_windows_test.go b/pkg/cri/server/container_create_windows_test.go index 476d14b7f7fe..684d45bf5b9f 100644 --- a/pkg/cri/server/container_create_windows_test.go +++ b/pkg/cri/server/container_create_windows_test.go @@ -130,6 +130,9 @@ func getCreateContainerTestData() (*runtime.ContainerConfig, *runtime.PodSandbox assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-sandbox-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-sandbox-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-sandbox-name") diff --git a/pkg/cri/server/sandbox_run_linux.go b/pkg/cri/server/sandbox_run_linux.go index 63e60d59cfcf..577d25e0521e 100644 --- a/pkg/cri/server/sandbox_run_linux.go +++ b/pkg/cri/server/sandbox_run_linux.go @@ -175,6 +175,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), ) diff --git a/pkg/cri/server/sandbox_run_linux_test.go b/pkg/cri/server/sandbox_run_linux_test.go index 22509b379131..6bb2f07a7515 100644 --- a/pkg/cri/server/sandbox_run_linux_test.go +++ b/pkg/cri/server/sandbox_run_linux_test.go @@ -78,6 +78,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name") diff --git a/pkg/cri/server/sandbox_run_windows.go b/pkg/cri/server/sandbox_run_windows.go index 1a103db1e21c..10c8e5c5727a 100644 --- a/pkg/cri/server/sandbox_run_windows.go +++ b/pkg/cri/server/sandbox_run_windows.go @@ -84,6 +84,7 @@ func (c *criService) sandboxContainerSpec(id string, config *runtime.PodSandboxC customopts.WithAnnotation(annotations.ContainerType, annotations.ContainerTypeSandbox), customopts.WithAnnotation(annotations.SandboxID, id), customopts.WithAnnotation(annotations.SandboxNamespace, config.GetMetadata().GetNamespace()), + customopts.WithAnnotation(annotations.SandboxUID, config.GetMetadata().GetUid()), customopts.WithAnnotation(annotations.SandboxName, config.GetMetadata().GetName()), customopts.WithAnnotation(annotations.SandboxLogDir, config.GetLogDirectory()), customopts.WithAnnotation(annotations.WindowsHostProcess, strconv.FormatBool(config.GetWindows().GetSecurityContext().GetHostProcess())), diff --git a/pkg/cri/server/sandbox_run_windows_test.go b/pkg/cri/server/sandbox_run_windows_test.go index 475beefe3614..358f2eacb5e7 100644 --- a/pkg/cri/server/sandbox_run_windows_test.go +++ b/pkg/cri/server/sandbox_run_windows_test.go @@ -80,6 +80,9 @@ func getRunPodSandboxTestData() (*runtime.PodSandboxConfig, *imagespec.ImageConf assert.Contains(t, spec.Annotations, annotations.SandboxNamespace) assert.EqualValues(t, spec.Annotations[annotations.SandboxNamespace], "test-ns") + assert.Contains(t, spec.Annotations, annotations.SandboxUID) + assert.EqualValues(t, spec.Annotations[annotations.SandboxUID], "test-uid") + assert.Contains(t, spec.Annotations, annotations.SandboxName) assert.EqualValues(t, spec.Annotations[annotations.SandboxName], "test-name")