Skip to content

kubelet: enable crio #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
rphillips wants to merge 2 commits into from
Closed

kubelet: enable crio #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
114b898
kubelet: enable crio
rphillips Sep 11, 2018
99552f9
add runtime-request-timeout
rphillips Sep 13, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions pkg/controller/template/test_data/templates/aws/master/files/-etc-containers-registries.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
contents:
source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A
verification: {}
filesystem: root
mode: 420
path: /etc/containers/registries.conf
8 changes: 5 additions & 3 deletions pkg/controller/template/test_data/templates/aws/master/units/kubelet.service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down
6 changes: 6 additions & 0 deletions pkg/controller/template/test_data/templates/aws/worker/files/-etc-containers-registries.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
contents:
source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A
verification: {}
filesystem: root
mode: 420
path: /etc/containers/registries.conf
8 changes: 5 additions & 3 deletions pkg/controller/template/test_data/templates/aws/worker/units/kubelet.service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down
6 changes: 6 additions & 0 deletions ...troller/template/test_data/templates/libvirt/master/files/-etc-containers-registries.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
contents:
source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A
verification: {}
filesystem: root
mode: 420
path: /etc/containers/registries.conf
8 changes: 5 additions & 3 deletions pkg/controller/template/test_data/templates/libvirt/master/units/kubelet.service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down
6 changes: 6 additions & 0 deletions ...troller/template/test_data/templates/libvirt/worker/files/-etc-containers-registries.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
contents:
source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A
verification: {}
filesystem: root
mode: 420
path: /etc/containers/registries.conf
8 changes: 5 additions & 3 deletions pkg/controller/template/test_data/templates/libvirt/worker/units/kubelet.service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down
7 changes: 7 additions & 0 deletions templates/_base/master/files/container-registries.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
filesystem: "root"
Copy link
Contributor

@abhinavdahiya abhinavdahiya Sep 11, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rphillips

  • why is this file required?
  • who uses this ?
  • how will we configure it if we somebody needs to configure it for their internal registry ??

/cc @crawford

Copy link
Contributor Author

@rphillips rphillips Sep 11, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The file is needed since crio gets installed with a default config which only includes the registry.access.redhat.com registry. docker.io needs to be added to the registry list to pull in defaulted docker images.

/cc @sjenning

Copy link
Contributor

@abhinavdahiya abhinavdahiya Sep 11, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this only affects images like openshift/origin-machine-config-operator:latest as this is not a fully qualified name, it should have been docker.io/openshift/origin-machine-config-operator:latest.

I rather have people use fully qualified names, than put this file on each machine... @crawford WDYT?

Copy link
Contributor

@abhinavdahiya abhinavdahiya Sep 12, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rphillips can you change this file to suggestion made in the installer here

Copy link
Contributor Author

@rphillips rphillips Sep 13, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

mode: 0644
path: "/etc/containers/registries.conf"
contents:
inline: |
[registries.search]
registries = ['registry.access.redhat.com', 'docker.io']
8 changes: 5 additions & 3 deletions templates/_base/master/units/kubelet.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down
7 changes: 7 additions & 0 deletions templates/_base/worker/files/container-registries.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
filesystem: "root"
Copy link
Member

@wking wking Sep 12, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It DRY things up a bit to have a templates/_base/all/files/container-registries.yaml or some such which would be added to both masters and workers. But perhaps that is more than we want to bite off in this particular PR.

mode: 0644
path: "/etc/containers/registries.conf"
contents:
inline: |
[registries.search]
registries = ['registry.access.redhat.com', 'docker.io']
8 changes: 5 additions & 3 deletions templates/_base/worker/units/kubelet.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,18 @@ contents: |

[Service]
ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests
Environment=KUBELET_RUNTIME_REQUEST_TIMEOUT=10m
EnvironmentFile=-/etc/kubernetes/kubelet-workaround
EnvironmentFile=-/etc/kubernetes/kubelet-env

ExecStart=/usr/bin/hyperkube \
kubelet \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--kubeconfig=/var/lib/kubelet/kubeconfig \
--rotate-certificates \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--cni-bin-dir=/var/lib/cni/bin \
--network-plugin=cni \
--container-runtime=remote \
--container-runtime-endpoint=unix:///var/run/crio/crio.sock \
--runtime-request-timeout=${KUBELET_RUNTIME_REQUEST_TIMEOUT} \
--lock-file=/var/run/lock/kubelet.lock \
--exit-on-lock-contention \
--pod-manifest-path=/etc/kubernetes/manifests \
Expand Down