From 18d27f794970b32a3d760748cbafba08d666e719 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Wed, 27 Apr 2022 18:54:04 +0200 Subject: [PATCH 1/3] kata-deploy: Add a missing `$` prefix in the README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit short-log says it all. Signed-off-by: Fabiano FidĂȘncio --- tools/packaging/kata-deploy/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/packaging/kata-deploy/README.md b/tools/packaging/kata-deploy/README.md index c900a95b99..088ebaae24 100644 --- a/tools/packaging/kata-deploy/README.md +++ b/tools/packaging/kata-deploy/README.md @@ -45,7 +45,7 @@ $ kubectl apply -k kata-deploy/overlays/k3s #### Ensure kata-deploy is ready ```bash -kubectl -n kube-system wait --timeout=10m --for=condition=Ready -l name=kata-deploy pod +$ kubectl -n kube-system wait --timeout=10m --for=condition=Ready -l name=kata-deploy pod ``` ### Run a sample workload From 9d39362e30e7e988d21f6794677de99bb0c5f063 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Wed, 27 Apr 2022 19:01:21 +0200 Subject: [PATCH 2/3] kata-deploy: Reestructure the installing section MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Let's move the specific installation instructions, such as for k3s, upper in the document. This helps reading (and also skipping) according to what the user is looking for. Signed-off-by: Fabiano FidĂȘncio --- tools/packaging/kata-deploy/README.md | 33 ++++++++++++++++----------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/tools/packaging/kata-deploy/README.md b/tools/packaging/kata-deploy/README.md index 088ebaae24..a1ef2b69b5 100644 --- a/tools/packaging/kata-deploy/README.md +++ b/tools/packaging/kata-deploy/README.md @@ -11,7 +11,25 @@ be utilized to install Kata Containers on a running Kubernetes cluster. ### Install Kata on a running Kubernetes cluster -#### Installing the latest image +#### k3s cluster + +For your [k3s](https://k3s.io/) cluster, run: + +```sh +$ git clone github.com/kata-containers/kata-containers +``` + +Check and switch to the stable branch of your choice, if wanted, and then run: + +```bash +$ cd kata-containers/kata-containers/tools/packaging/kata-deploy +$ kubectl apply -f kata-rbac/base/kata-rbac.yaml +$ kubectl apply -k kata-deploy/overlays/k3s +``` + +#### Vanilla Kubernetes cluster + +##### Installing the latest image The latest image refers to pre-release and release candidate content. For stable releases, please, use the "stable" instructions. @@ -20,7 +38,7 @@ $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-contai $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml ``` -#### Installing the stable image +##### Installing the stable image The stable image refers to the last stable releases content. @@ -32,17 +50,6 @@ $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-contai $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml ``` -#### For your [k3s](https://k3s.io/) cluster, do: - -```sh -$ GO111MODULE=auto go get github.com/kata-containers/kata-containers -``` - -```bash -$ cd $GOPATH/src/github.com/kata-containers/kata-containers/tools/packaging/kata-deploy -$ kubectl apply -k kata-deploy/overlays/k3s -``` - #### Ensure kata-deploy is ready ```bash $ kubectl -n kube-system wait --timeout=10m --for=condition=Ready -l name=kata-deploy pod From ccb01839345afac75ec65538c90649bbdb86ef72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 26 Apr 2022 18:47:51 +0200 Subject: [PATCH 3/3] kata-deploy: Add support to RKE2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit "RKE2 - Rancher's Next Generation Kuberentes Distribution" can easily be supported by kata-deploy with some simple adjustments to what we've been relying on for "k3s". The main differences between k3s and RKE2 are, basically: 1. The location where the containerd configuration is stored - k3s: /var/lib/rancher/k3s/agent/etc/containerd/ - rke2: /var/lib/rancher/rke2/agent/etc/containerd/ 2. The name of the systemd services used: - k3s: k3s.service or k3s-agent.service - rke2: rke2-server.service or rke2-agent.service Knowing this, let's add a new overlay for RKE2, adapt the kata-deploy and the kata-cleanup scripts, and that's it. Fixes: #4160 Signed-off-by: Fabiano FidĂȘncio --- tools/packaging/kata-deploy/README.md | 16 ++++++++++++++++ .../overlays/rke2/kustomization.yaml | 5 +++++ .../overlays/rke2/mount_rke2_conf.yaml | 17 +++++++++++++++++ .../overlays/rke2/kustomization.yaml | 5 +++++ .../overlays/rke2/mount_rke2_conf.yaml | 12 ++++++++++++ .../kata-deploy/scripts/kata-deploy.sh | 15 +++++++++------ 6 files changed, 64 insertions(+), 6 deletions(-) create mode 100644 tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/kustomization.yaml create mode 100644 tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/mount_rke2_conf.yaml create mode 100644 tools/packaging/kata-deploy/kata-deploy/overlays/rke2/kustomization.yaml create mode 100644 tools/packaging/kata-deploy/kata-deploy/overlays/rke2/mount_rke2_conf.yaml diff --git a/tools/packaging/kata-deploy/README.md b/tools/packaging/kata-deploy/README.md index a1ef2b69b5..f56bb005cd 100644 --- a/tools/packaging/kata-deploy/README.md +++ b/tools/packaging/kata-deploy/README.md @@ -27,6 +27,22 @@ $ kubectl apply -f kata-rbac/base/kata-rbac.yaml $ kubectl apply -k kata-deploy/overlays/k3s ``` +#### RKE2 cluster + +For your [RKE2](https://docs.rke2.io/) cluster, run: + +```sh +$ git clone github.com/kata-containers/kata-containers +``` + +Check and switch to the stable branch of your choice, if wanted, and then run: + +```bash +$ cd kata-containers/kata-containers/tools/packaging/kata-deploy +$ kubectl apply -f kata-rbac/base/kata-rbac.yaml +$ kubectl apply -k kata-deploy/overlays/rke2 +``` + #### Vanilla Kubernetes cluster ##### Installing the latest image diff --git a/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/kustomization.yaml b/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/kustomization.yaml new file mode 100644 index 0000000000..90dbe7bf8e --- /dev/null +++ b/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/kustomization.yaml @@ -0,0 +1,5 @@ +bases: +- ../../base + +patchesStrategicMerge: +- mount_rke2_conf.yaml diff --git a/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/mount_rke2_conf.yaml b/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/mount_rke2_conf.yaml new file mode 100644 index 0000000000..19d25db6bb --- /dev/null +++ b/tools/packaging/kata-deploy/kata-cleanup/overlays/rke2/mount_rke2_conf.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: kubelet-kata-cleanup + namespace: kube-system +spec: + template: + spec: + containers: + - name: kube-kata-cleanup + volumeMounts: + - name: containerd-conf + mountPath: /etc/containerd/ + volumes: + - name: containerd-conf + hostPath: + path: /var/lib/rancher/rke2/agent/etc/containerd/ diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/kustomization.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/kustomization.yaml new file mode 100644 index 0000000000..90dbe7bf8e --- /dev/null +++ b/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/kustomization.yaml @@ -0,0 +1,5 @@ +bases: +- ../../base + +patchesStrategicMerge: +- mount_rke2_conf.yaml diff --git a/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/mount_rke2_conf.yaml b/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/mount_rke2_conf.yaml new file mode 100644 index 0000000000..b8a22bc00d --- /dev/null +++ b/tools/packaging/kata-deploy/kata-deploy/overlays/rke2/mount_rke2_conf.yaml @@ -0,0 +1,12 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: kata-deploy + namespace: kube-system +spec: + template: + spec: + volumes: + - name: containerd-conf + hostPath: + path: /var/lib/rancher/rke2/agent/etc/containerd/ diff --git a/tools/packaging/kata-deploy/scripts/kata-deploy.sh b/tools/packaging/kata-deploy/scripts/kata-deploy.sh index 43c478dd72..1bd51f4e28 100755 --- a/tools/packaging/kata-deploy/scripts/kata-deploy.sh +++ b/tools/packaging/kata-deploy/scripts/kata-deploy.sh @@ -39,7 +39,11 @@ function get_container_runtime() { die "invalid node name" fi if echo "$runtime" | grep -qE 'containerd.*-k3s'; then - if systemctl is-active --quiet k3s-agent; then + if systemctl is-active --quiet rke2-agent; then + echo "rke2-agent" + elif systemctl is-active --quiet rke2-server; then + echo "rke2-server" + elif systemctl is-active --quiet k3s-agent; then echo "k3s-agent" else echo "k3s" @@ -62,7 +66,7 @@ function configure_cri_runtime() { crio) configure_crio ;; - containerd | k3s | k3s-agent) + containerd | k3s | k3s-agent | rke2-agent | rke2-server) configure_containerd ;; esac @@ -228,7 +232,7 @@ function cleanup_cri_runtime() { crio) cleanup_crio ;; - containerd | k3s | k3s-agent) + containerd | k3s | k3s-agent | rke2-agent | rke2-server) cleanup_containerd ;; esac @@ -267,7 +271,7 @@ function main() { # CRI-O isn't consistent with the naming -- let's use crio to match the service file if [ "$runtime" == "cri-o" ]; then runtime="crio" - elif [ "$runtime" == "k3s" ] || [ "$runtime" == "k3s-agent" ]; then + elif [ "$runtime" == "k3s" ] || [ "$runtime" == "k3s-agent" ] || [ "$runtime" == "rke2-agent" ] || [ "$runtime" == "rke2-server" ]; then containerd_conf_tmpl_file="${containerd_conf_file}.tmpl" if [ ! -f "$containerd_conf_tmpl_file" ]; then cp "$containerd_conf_file" "$containerd_conf_tmpl_file" @@ -290,11 +294,10 @@ function main() { fi # only install / remove / update if we are dealing with CRIO or containerd - if [[ "$runtime" =~ ^(crio|containerd|k3s|k3s-agent)$ ]]; then + if [[ "$runtime" =~ ^(crio|containerd|k3s|k3s-agent|rke2-agent|rke2-server)$ ]]; then case "$action" in install) - install_artifacts configure_cri_runtime "$runtime" kubectl label node "$NODE_NAME" --overwrite katacontainers.io/kata-runtime=true