From 7c5e2b636b10d9f027ca1c2a2b8abcf2af4e46a8 Mon Sep 17 00:00:00 2001 From: rafzei Date: Tue, 1 Feb 2022 22:27:04 +0100 Subject: [PATCH] Changes after review --- ansible/playbooks/roles/containerd/tasks/main.yml | 2 +- .../roles/containerd/templates/config.toml.j2 | 1 + .../roles/docker/tasks/remove-docker.yml | 4 +++- docs/changelogs/CHANGELOG-2.0.md | 3 +-- .../kubernetes_master/kubernetes_master_spec.rb | 15 +++++++++++++-- .../spec/kubernetes_node/kubernetes_node_spec.rb | 4 ++++ 6 files changed, 23 insertions(+), 6 deletions(-) diff --git a/ansible/playbooks/roles/containerd/tasks/main.yml b/ansible/playbooks/roles/containerd/tasks/main.yml index 3d1e8a15b4..fb19d51222 100644 --- a/ansible/playbooks/roles/containerd/tasks/main.yml +++ b/ansible/playbooks/roles/containerd/tasks/main.yml @@ -58,7 +58,7 @@ path: /var/lib/kubelet/kubeadm-flags.env regexp: '{{ item.regexp }}' replace: '{{ item.replace }}' - backup: yes + backup: true loop: - { regexp: '^(KUBELET_KUBEADM_ARGS=\")(.*)(--container-runtime=[a-zA-Z0-9_]+)(.*)', replace: '\1\2--container-runtime=remote\4' } - { regexp: '^(KUBELET_KUBEADM_ARGS=\")(.*)(--container-runtime-endpoint=.*\.sock)(.*)', replace: '\1\2--container-runtime-endpoint=/run/containerd/containerd.sock\4' } diff --git a/ansible/playbooks/roles/containerd/templates/config.toml.j2 b/ansible/playbooks/roles/containerd/templates/config.toml.j2 index 25160cb4f3..52893a8b8c 100644 --- a/ansible/playbooks/roles/containerd/templates/config.toml.j2 +++ b/ansible/playbooks/roles/containerd/templates/config.toml.j2 @@ -89,6 +89,7 @@ oom_score = 0 privileged_without_host_devices = false base_runtime_spec = "" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] + SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".cni] bin_dir = "/opt/cni/bin" conf_dir = "/etc/cni/net.d" diff --git a/ansible/playbooks/roles/docker/tasks/remove-docker.yml b/ansible/playbooks/roles/docker/tasks/remove-docker.yml index 0a6f952112..3e7c8e7939 100644 --- a/ansible/playbooks/roles/docker/tasks/remove-docker.yml +++ b/ansible/playbooks/roles/docker/tasks/remove-docker.yml @@ -9,7 +9,9 @@ name: docker state: stopped enabled: no - when: "'docker.service' in ansible_facts.services" + when: + - "'docker.service' in ansible_facts.services" + - ansible_facts.services['docker.service']['status'] != 'not-found' - name: Remove Docker packages package: diff --git a/docs/changelogs/CHANGELOG-2.0.md b/docs/changelogs/CHANGELOG-2.0.md index 4c8e185bb4..48d4018351 100644 --- a/docs/changelogs/CHANGELOG-2.0.md +++ b/docs/changelogs/CHANGELOG-2.0.md @@ -9,8 +9,7 @@ - [#2812](https://github.com/epiphany-platform/epiphany/issues/2812) - Extend K8s config validation - [#2950](https://github.com/epiphany-platform/epiphany/issues/2950) - CLI refactor to make it more consistant - [#2716](https://github.com/epiphany-platform/epiphany/issues/2716) - Change container runtime to containerd -- [#2701](https://github.com/epiphany-platform/epiphany/issues/2701) - Epicli prepare - generate files in separate directory -- [#2716](https://github.com/epiphany-platform/epiphany/issues/2716) - Change container runtime to containerd + ### Fixed - [#2653](https://github.com/epiphany-platform/epiphany/issues/2653) - Epicli is failing in air-gapped infra mode diff --git a/tests/spec/spec/kubernetes_master/kubernetes_master_spec.rb b/tests/spec/spec/kubernetes_master/kubernetes_master_spec.rb index 6759ee3ca4..f9a2d33a46 100644 --- a/tests/spec/spec/kubernetes_master/kubernetes_master_spec.rb +++ b/tests/spec/spec/kubernetes_master/kubernetes_master_spec.rb @@ -187,7 +187,6 @@ its(:exit_status) { should eq 0 } end end - end describe 'Check the kubelet cgroup driver' do @@ -215,12 +214,24 @@ describe command("kubectl get nodes -o jsonpath='{.items[].status.nodeInfo.containerRuntimeVersion}'") do its(:stdout) { should include('containerd://1.4.12') } end + describe file('/etc/containerd/config.toml') do + let(:disable_sudo) { false } + its(:content) { should match(/SystemdCgroup = true/) } + end end describe 'Check the OCI-spec' do describe command('crictl --runtime-endpoint unix:///run/containerd/containerd.sock info') do let(:disable_sudo) { false } - its(:stdout) { should contain('\"defaultRuntimeName\": \"runc\"') } + its(:stdout) { should match('\"defaultRuntimeName\": \"runc\"') } + end +end + +describe 'Check the kubelet cgroup driver' do + describe file('/var/lib/kubelet/config.yaml') do + let(:disable_sudo) { false } + its(:content_as_yaml) { should include('cgroupDriver' => 'systemd') } + its(:content_as_yaml) { should_not include('cgroupDriver' => 'cgroupfs') } end end diff --git a/tests/spec/spec/kubernetes_node/kubernetes_node_spec.rb b/tests/spec/spec/kubernetes_node/kubernetes_node_spec.rb index 3e80e995e6..25b74aef7a 100644 --- a/tests/spec/spec/kubernetes_node/kubernetes_node_spec.rb +++ b/tests/spec/spec/kubernetes_node/kubernetes_node_spec.rb @@ -5,6 +5,10 @@ let(:disable_sudo) { false } its(:stdout) { should include('RuntimeName: containerd') } end + describe file('/etc/containerd/config.toml') do + let(:disable_sudo) { false } + its(:content) { should match(/SystemdCgroup = true/) } + end end describe 'Check the kubelet cgroup driver' do