Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow manually configuring containerd version via CLI flag #1518

Merged
merged 2 commits into from Dec 21, 2022
Merged

Allow manually configuring containerd version via CLI flag #1518

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
96c178e
Allow manually configuring containerd version via CLI flag
Dec 19, 2022
bb6a6c0
Also configure docker's containerd version via CLI flag
Dec 20, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions cmd/machine-controller/main.go
View file
Open in desktop
Expand Up @@ -84,6 +84,7 @@ var (
podCIDR string
nodePortRange string
nodeRegistryCredentialsSecret string
nodeContainerdVersion string
nodeContainerdRegistryMirrors = containerruntime.RegistryMirrorsFlags{}
overrideBootstrapKubeletAPIServer string
)
Expand Down Expand Up @@ -170,6 +171,7 @@ func main() {
flag.StringVar(&nodePauseImage, "node-pause-image", "", "Image for the pause container including tag. If not set, the kubelet default will be used: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/")
flag.String("node-kubelet-repository", "quay.io/kubermatic/kubelet", "[NO-OP] Repository for the kubelet container. Has no effects.")
flag.StringVar(&nodeContainerRuntime, "node-container-runtime", "docker", "container-runtime to deploy")
flag.StringVar(&nodeContainerdVersion, "node-containerd-version", "", "version of containerd to deploy")
flag.Var(&nodeContainerdRegistryMirrors, "node-containerd-registry-mirrors", "Configure registry mirrors endpoints. Can be used multiple times to specify multiple mirrors")
flag.StringVar(&caBundleFile, "ca-bundle", "", "path to a file containing all PEM-encoded CA certificates (will be used instead of the host's certificates if set)")
flag.BoolVar(&nodeCSRApprover, "node-csr-approver", true, "Enable NodeCSRApprover controller to automatically approve node serving certificate requests")
Expand Down Expand Up @@ -240,6 +242,7 @@ func main() {

containerRuntimeOpts := containerruntime.Opts{
ContainerRuntime: nodeContainerRuntime,
ContainerdVersion: nodeContainerdVersion,
ContainerdRegistryMirrors: nodeContainerdRegistryMirrors,
InsecureRegistries: nodeInsecureRegistries,
PauseImage: nodePauseImage,
Expand Down
2 changes: 2 additions & 0 deletions pkg/containerruntime/config.go
View file
Open in desktop
Expand Up @@ -31,6 +31,7 @@ import (

type Opts struct {
ContainerRuntime string
ContainerdVersion string
InsecureRegistries string
RegistryMirrors string
RegistryCredentialsSecret string
Expand Down Expand Up @@ -92,6 +93,7 @@ func BuildConfig(opts Opts) (Config, error) {
withInsecureRegistries(insecureRegistries),
withRegistryMirrors(opts.ContainerdRegistryMirrors),
withSandboxImage(opts.PauseImage),
withContainerdVersion(opts.ContainerdVersion),
), nil
}

Expand Down
10 changes: 5 additions & 5 deletions pkg/containerruntime/containerd.go
View file
Open in desktop
Expand Up @@ -27,8 +27,8 @@ import (
)

const (
LegacyContainerdVersion = "1.4"
DefaultContainerdVersion = "1.6"
LegacyContainerdVersion = "1.4*"
DefaultContainerdVersion = "1.6*"
)

type Containerd struct {
Expand Down Expand Up @@ -123,7 +123,7 @@ runtime-endpoint: unix:///run/containerd/containerd.sock
EOF

yum install -y \
containerd-{{ .ContainerdVersion }}* \
containerd-{{ .ContainerdVersion }} \
yum-plugin-versionlock
yum versionlock add containerd

Expand Down Expand Up @@ -151,7 +151,7 @@ Restart=always
EnvironmentFile=-/etc/environment
EOF

yum install -y containerd.io-{{ .ContainerdVersion }}* yum-plugin-versionlock
yum install -y containerd.io-{{ .ContainerdVersion }} yum-plugin-versionlock
yum versionlock add containerd.io

systemctl daemon-reload
Expand All @@ -175,7 +175,7 @@ Restart=always
EnvironmentFile=-/etc/environment
EOF

apt-get install -y --allow-downgrades containerd.io={{ .ContainerdVersion }}*
apt-get install -y --allow-downgrades containerd.io={{ .ContainerdVersion }}
apt-mark hold containerd.io

systemctl daemon-reload
Expand Down
9 changes: 9 additions & 0 deletions pkg/containerruntime/containerruntime.go
View file
Open in desktop
Expand Up @@ -57,6 +57,12 @@ func withSandboxImage(image string) Opt {
}
}

func withContainerdVersion(version string) Opt {
return func(cfg *Config) {
cfg.ContainerdVersion = version
}
}

func get(containerRuntimeName string, opts ...Opt) Config {
cfg := Config{}

Expand Down Expand Up @@ -88,6 +94,7 @@ type Config struct {
SandboxImage string `json:",omitempty"`
ContainerLogMaxFiles string `json:",omitempty"`
ContainerLogMaxSize string `json:",omitempty"`
ContainerdVersion string `json:",omitempty"`
}

// AuthConfig is a COPY of github.com/containerd/containerd/pkg/cri/config.AuthConfig.
Expand Down Expand Up @@ -123,13 +130,15 @@ func (cfg Config) Engine(kubeletVersion *semver.Version) Engine {
containerLogMaxFiles: cfg.ContainerLogMaxFiles,
containerLogMaxSize: cfg.ContainerLogMaxSize,
registryCredentials: cfg.RegistryCredentials,
containerdVersion: cfg.ContainerdVersion,
}

containerd := &Containerd{
insecureRegistries: cfg.InsecureRegistries,
registryMirrors: cfg.RegistryMirrors,
sandboxImage: cfg.SandboxImage,
registryCredentials: cfg.RegistryCredentials,
version: cfg.ContainerdVersion,
xmudrii marked this conversation as resolved.
Show resolved Hide resolved
}

moreThan124, _ := semver.NewConstraint(">= 1.24")
Expand Down
15 changes: 10 additions & 5 deletions pkg/containerruntime/docker.go
View file
Open in desktop
Expand Up @@ -27,8 +27,8 @@ import (
)

const (
LegacyDockerContainerdVersion = "1.4"
DefaultDockerContainerdVersion = "1.6"
LegacyDockerContainerdVersion = "1.4*"
DefaultDockerContainerdVersion = "1.6*"
DefaultDockerVersion = "20.10"
LegacyDockerVersion = "19.03"
)
Expand All @@ -39,6 +39,7 @@ type Docker struct {
containerLogMaxFiles string
containerLogMaxSize string
registryCredentials map[string]AuthConfig
containerdVersion string
}

type DockerCfgJSON struct {
Expand Down Expand Up @@ -88,6 +89,10 @@ func (eng *Docker) ScriptFor(os types.OperatingSystem) (string, error) {
ContainerdVersion: DefaultDockerContainerdVersion,
}

if eng.containerdVersion != "" {
args.ContainerdVersion = eng.containerdVersion
}

switch os {
case types.OperatingSystemAmazonLinux2:
args.ContainerdVersion = LegacyDockerContainerdVersion
Expand Down Expand Up @@ -126,7 +131,7 @@ EOF

yum install -y \
{{- if .ContainerdVersion }}
containerd-{{ .ContainerdVersion }}* \
containerd-{{ .ContainerdVersion }} \
{{- end }}
docker-{{ .DockerVersion }}* \
yum-plugin-versionlock
Expand All @@ -152,7 +157,7 @@ EOF
yum install -y \
{{- if .ContainerdVersion }}
docker-ce-cli-{{ .DockerVersion }}* \
containerd.io-{{ .ContainerdVersion }}* \
containerd.io-{{ .ContainerdVersion }} \
{{- end }}
docker-ce-{{ .DockerVersion }}* \
yum-plugin-versionlock
Expand All @@ -178,7 +183,7 @@ EOF

apt-get install --allow-downgrades -y \
{{- if .ContainerdVersion }}
containerd.io={{ .ContainerdVersion }}* \
containerd.io={{ .ContainerdVersion }} \
docker-ce-cli=5:{{ .DockerVersion }}* \
{{- end }}
docker-ce=5:{{ .DockerVersion }}*
Expand Down