defaultRuntime = "runsc" seems to have no effect

[msackman]

I'm experimenting with the new gvisor support.

    virtualisation.containerd.rootless = {
      enable = true;
      nixSnapshotterIntegration = true;
      gVisorIntegration = true;
      defaultRuntime = "runsc";
    };

# nerdctl run nix:0/nix/store/adnry81s33j2lmvy5bxpmlyxdc5z0jq7-nix-image-my-redis2.tar:latest
...

it certainly starts up and works, but on the host a ps aux | grep runsc gives nothing. ps aux | grep runc does give results.

Whereas:

# nerdctl run --runtime runsc nix:0/nix/store/adnry81s33j2lmvy5bxpmlyxdc5z0jq7-nix-image-my-redis2.tar:latest

and now a ps aux | grep runsc shows runsc-gofer and runsc-sandbox working.

Incidentally:

# nerdctl help run | grep runsc
      --runtime string                                 Runtime to use for this container, e.g. "crun", or "io.containerd.runsc.v1" (default "io.containerd.runc.v2")

But if I set defaultRuntime = "io.containerd.runsc.v1" then I get the cgroup error (WARN[0002] cannot set cgroup manager to "systemd" for runtime "io.containerd.runsc.v1") because it's not going through your wrapper to ignore the cgroups. So your runsc wrapper definitely works when explicitly used, but for some reason it doesn't seem to be found when set as the default.

The containerd.toml does contain default_runtime_name = "runsc", so I do not understand why it's not taking effect.