Change infra_image default to ""

Signed-off-by: Daniel J Walsh <[email protected]>
containers · Jan 27, 2022 · 7150438 · 7150438
1 parent 2c6d182
commit 7150438
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 27 deletions.
diff --git a/docs/containers.conf.5.md b/docs/containers.conf.5.md
@@ -11,7 +11,7 @@ a TOML format that can be easily modified and versioned.
 
 Container engines read the /usr/share/containers/containers.conf and
 /etc/containers/containers.conf, and /etc/containers/containers.conf.d/*.conf files
-if they exist.  When running in rootless mode, they also read
+if they exist. When running in rootless mode, they also read
 $HOME/.config/containers/containers.conf and
 $HOME/.config/containers/containers.conf.d/*.conf files.
 
@@ -159,7 +159,7 @@ Run an init inside the container that forwards signals and reaps processes.
 **init_path**="/usr/libexec/podman/catatonit"
 
 Path to the container-init binary, which forwards signals and reaps processes
-within containers.  Note that the container-init binary will only be used when
+within containers. Note that the container-init binary will only be used when
 the `--init` for podman-create and podman-run is set.
 
 **ipcns**="private"
@@ -191,7 +191,7 @@ limit is never exceeded.
 
 **log_tag**=""
 
-Default format tag for container log messages.  This is useful for creating a specific tag for container log messages. Container log messages default to using the truncated container ID as a tag.
+Default format tag for container log messages. This is useful for creating a specific tag for container log messages. Container log messages default to using the truncated container ID as a tag.
 
 **netns**="private"
 
@@ -203,7 +203,7 @@ Options are:
 
 **no_hosts**=false
 
-Create /etc/hosts for the container.  By default, container engines manage
+Create /etc/hosts for the container. By default, container engines manage
 /etc/hosts, automatically adding  the container's  own  IP  address.
 
 **pidns**="private"
@@ -377,7 +377,7 @@ Disabling this can save memory.
 
 **env**=[]
 
-Environment variables to be used when running the container engine (e.g., Podman, Buildah).  For example "http_proxy=internal.proxy.company.com".
+Environment variables to be used when running the container engine (e.g., Podman, Buildah). For example "http_proxy=internal.proxy.company.com".
 Note these environment variables will not be used within the container. Set the env section under [containers] table,
 if you want to set environment variables for the container.
 
@@ -435,21 +435,26 @@ Not setting this field will fall back to containers/image defaults. (6)
 
 **infra_command**="/pause"
 
-Command to run the infra container.
+Infra (pause) container image command for pod infra containers. When running a
+pod, we start a `/pause` process in a container to hold open the namespaces
+associated with the pod. This container does nothing other then sleep,
+reserving the pods resources for the lifetime of the pod.
 
-**infra_image**="k8s.gcr.io/pause:3.4.1"
+**infra_image**=""
 
-Infra (pause) container image name for pod infra containers.  When running a
+Infra (pause) container image for pod infra containers. When running a
 pod, we start a `pause` process in a container to hold open the namespaces
-associated with the  pod.  This container does nothing other then sleep,
-reserving the pods resources for the lifetime of the pod.
+associated with the pod. This container does nothing other then sleep,
+reserving the pods resources for the lifetime of the pod. By default container
+engines run a builtin container using the pause executable. If you want override
+specify an image to pull.
 
 **lock_type**="shm"
 
 Specify the locking mechanism to use; valid values are "shm" and "file".
 Change the default only if you are sure of what you are doing, in general
 "file" is useful only on platforms where cgo is not available for using the
-faster "shm" lock type.  You may need to run "podman system renumber" after you
+faster "shm" lock type. You may need to run "podman system renumber" after you
 change the lock type.
 
 **machine_enabled**=false
@@ -460,13 +465,13 @@ container inside the VM to to host.
 
 **multi_image_archive**=false
 
-Allows for creating archives (e.g., tarballs) with more than one image.  Some container engines, such as Podman, interpret additional arguments as tags for one image and hence do not store more than one image.  The default behavior can be altered with this option.
+Allows for creating archives (e.g., tarballs) with more than one image. Some container engines, such as Podman, interpret additional arguments as tags for one image and hence do not store more than one image. The default behavior can be altered with this option.
 
 **namespace**=""
 
 Default engine namespace. If the engine is joined to a namespace, it will see
 only containers and pods that were created in the same namespace, and will
-create new containers and pods in that namespace.  The default namespace is "",
+create new containers and pods in that namespace. The default namespace is "",
 which corresponds to no namespace. When no namespace is set, all containers
 and pods are visible.
 
@@ -499,7 +504,7 @@ Whether to use chroot instead of pivot_root in the runtime.
 **num_locks**=2048
 
 Number of locks available for containers and pods. Each created container or
-pod consumes one lock.  The default number available is 2048.  If this is
+pod consumes one lock. The default number available is 2048. If this is
 changed, a lock renumbering must be performed, using the
 `podman system renumber` command.
 
@@ -535,8 +540,8 @@ The list of OCI runtimes that support running containers without CGroups.
 
 **image_copy_tmp_dir**="/var/tmp"
 
-Default location for storing temporary container image content.  Can be
-overridden with the TMPDIR environment variable.  If you specify "storage", then
+Default location for storing temporary container image content. Can be
+overridden with the TMPDIR environment variable. If you specify "storage", then
 the location of the container/storage tmp directory will be used. If set then it
 is the users responsibility to cleanup storage. Configure tmpfiles.d(5) to
 cleanup storage.
@@ -576,7 +581,7 @@ the primary uid/gid of the container.
 
 **compression_format**=""
 
-Specifies the compression format to use when pushing an image.  Supported values are: `gzip`, `zstd` and `zstd:chunked`.
+Specifies the compression format to use when pushing an image. Supported values are: `gzip`, `zstd` and `zstd:chunked`.
 
 ## SERVICE DESTINATION TABLE
 The `service_destinations` table contains configuration options used to set up remote connections to the podman service for the podman API.
@@ -656,7 +661,7 @@ configuration. Rootless users can further override fields in the config by
 creating a config file stored in the `$HOME/.config/containers/containers.conf` file.
 
 If the `CONTAINERS_CONF` path environment variable is set, just
-this path will be used.  This is primarily used for testing.
+this path will be used. This is primarily used for testing.
 
 Fields specified in the containers.conf file override the default options, as
 well as options in previously read containers.conf files.

diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -30,6 +30,7 @@ var _ = Describe("Config", func() {
 			gomega.Expect(defaultConfig.Containers.PidsLimit).To(gomega.BeEquivalentTo(2048))
 			gomega.Expect(defaultConfig.Engine.ServiceTimeout).To(gomega.BeEquivalentTo(5))
 			gomega.Expect(defaultConfig.NetNS()).To(gomega.BeEquivalentTo("private"))
+			gomega.Expect(defaultConfig.Engine.InfraImage).To(gomega.BeEquivalentTo(""))
 			path, err := defaultConfig.ImageCopyTmpDir()
 			gomega.Expect(err).To(gomega.BeNil())
 			gomega.Expect(path).To(gomega.BeEquivalentTo("/var/tmp"))
@@ -221,6 +222,7 @@ image_copy_tmp_dir="storage"`
 			gomega.Expect(defaultConfig.Engine.NetworkCmdOptions).To(gomega.BeEquivalentTo(networkCmdOptions))
 			gomega.Expect(defaultConfig.Engine.HelperBinariesDir).To(gomega.Equal(helperDirs))
 			gomega.Expect(defaultConfig.Engine.ServiceTimeout).To(gomega.BeEquivalentTo(300))
+			gomega.Expect(defaultConfig.Engine.InfraImage).To(gomega.BeEquivalentTo("k8s.gcr.io/pause:3.4.1"))
 		})
 
 		It("test GetDefaultEnvEx", func() {

diff --git a/pkg/config/containers.conf b/pkg/config/containers.conf
@@ -399,14 +399,16 @@ default_sysctls = [
 # Infra (pause) container image name for pod infra containers.  When running a
 # pod, we start a `pause` process in a container to hold open the namespaces
 # associated with the  pod.  This container does nothing other then sleep,
-# reserving the pods resources for the lifetime of the pod.
+# reserving the pods resources for the lifetime of the pod. By default container
+# engines run a builtin container using the pause executable. If you want override
+# specify an image to pull.
 #
-#infra_image = "k8s.gcr.io/pause:3.4.1"
+#infra_image = ""
 
 # Specify the locking mechanism to use; valid values are "shm" and "file".
 # Change the default only if you are sure of what you are doing, in general
 # "file" is useful only on platforms where cgo is not available for using the
-# faster "shm" lock type.  You may need to run "podman system renumber" after
+# faster "shm" lock type. You may need to run "podman system renumber" after
 # you change the lock type.
 #
 #lock_type** = "shm"
@@ -465,7 +467,7 @@ default_sysctls = [
 #
 #runtime = "crun"
 
-# List of the OCI runtimes that support --format=json.  When json is supported
+# List of the OCI runtimes that support --format=json. When json is supported
 # engine will use it for reporting nicer errors.
 #
 #runtime_supports_json = ["crun", "runc", "kata", "runsc", "krun"]
@@ -478,8 +480,8 @@ default_sysctls = [
 #
 #runtime_supports_nocgroups = ["crun", "krun"]
 
-# Default location for storing temporary container image content.  Can be overridden with the TMPDIR environment
-# variable.  If you specify "storage", then the location of the
+# Default location for storing temporary container image content. Can be overridden with the TMPDIR environment
+# variable. If you specify "storage", then the location of the
 # container/storage tmp directory will be used.
 # image_copy_tmp_dir="/var/tmp"
 

diff --git a/pkg/config/default.go b/pkg/config/default.go
@@ -46,7 +46,7 @@ var (
 	// DefaultInitPath is the default path to the container-init binary
 	DefaultInitPath = "/usr/libexec/podman/catatonit"
 	// DefaultInfraImage to use for infra container
-	DefaultInfraImage = "k8s.gcr.io/pause:3.5"
+	DefaultInfraImage = ""
 	// DefaultRootlessSHMLockPath is the default path for rootless SHM locks
 	DefaultRootlessSHMLockPath = "/libpod_rootless_lock"
 	// DefaultDetachKeys is the default keys sequence for detaching a

diff --git a/pkg/config/testdata/containers_comment.conf b/pkg/config/testdata/containers_comment.conf
@@ -148,7 +148,7 @@
 #namespace = ""
 
 # Default infra (pause) image name for pod infra containers
-# infra_image = "k8s.gcr.io/pause:3.4.1"
+# infra_image = ""
 
 # Default command to run the infra container
 # infra_command = "/pause"

diff --git a/pkg/config/testdata/containers_invalid.conf b/pkg/config/testdata/containers_invalid.conf
@@ -146,7 +146,7 @@ no_pivot_root = false
 #namespace = ""
 
 # Default infra (pause) image name for pod infra containers
-infra_image = "k8s.gcr.io/pause:3.4.1"
+infra_image = ""
 
 # Default command to run the infra container
 infra_command = "/pause"