kata-deploy-stable: Adapt to what we're using in the stable branch

This is basically to make sure that folks trying to use the kata-deploy script from the main branch, to deploy **stable** kata-deploy images, do not have a hard time. Fixes: #7194 Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-04-28 11:44:38 +00:00 · 2023-06-28 15:02:56 +02:00 · 2023-06-28 15:02:56 +02:00 · a93fdb014b
commit a93fdb014b
parent 79ed501a20
2 changed files with 68 additions and 68 deletions
--- a/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml
+++ b/tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup-stable.yaml
@ -6,40 +6,39 @@ metadata:
  namespace: kube-system
 spec:
  selector:
-      matchLabels:
-        name: kubelet-kata-cleanup
+    matchLabels:
+      name: kubelet-kata-cleanup
  template:
    metadata:
-        labels:
-          name: kubelet-kata-cleanup
+      labels:
+        name: kubelet-kata-cleanup
    spec:
-      serviceAccountName: kata-label-node
+      serviceAccountName: kata-deploy-sa
+      hostPID: true
      nodeSelector:
-          katacontainers.io/kata-runtime: cleanup
+        katacontainers.io/kata-runtime: cleanup
      containers:
-      - name: kube-kata-cleanup
-        image: quay.io/kata-containers/kata-deploy:stable
-        imagePullPolicy: Always
-        command: [ "bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh reset" ]
-        env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-        securityContext:
-          privileged: false
-        volumeMounts:
-        - name: dbus
-          mountPath: /var/run/dbus
-        - name: systemd
-          mountPath: /run/systemd
-      volumes:
-        - name: dbus
-          hostPath:
-            path: /var/run/dbus
-        - name: systemd
-          hostPath:
-            path: /run/systemd
+        - name: kube-kata-cleanup
+          image: quay.io/kata-containers/kata-deploy:stable
+          imagePullPolicy: Always
+          command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh reset"]
+          env:
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: DEBUG
+              value: "false"
+            - name: SHIMS
+              value: "clh dragonball fc qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx qemu"
+            - name: DEFAULT_SHIM
+              value: "qemu"
+            - name: CREATE_RUNTIMECLASSES
+              value: "false"
+            - name: CREATE_DEFAULT_RUNTIMECLASS
+              value: "false"
+          securityContext:
+            privileged: true
  updateStrategy:
    rollingUpdate:
      maxUnavailable: 1
--- a/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml
+++ b/tools/packaging/kata-deploy/kata-deploy/base/kata-deploy-stable.yaml
@ -6,43 +6,50 @@ metadata:
  namespace: kube-system
 spec:
  selector:
-      matchLabels:
-        name: kata-deploy
+    matchLabels:
+      name: kata-deploy
  template:
    metadata:
-        labels:
-          name: kata-deploy
+      labels:
+        name: kata-deploy
    spec:
-      serviceAccountName: kata-label-node
+      serviceAccountName: kata-deploy-sa
+      hostPID: true
      containers:
-      - name: kube-kata
-        image: quay.io/kata-containers/kata-deploy:stable
-        imagePullPolicy: Always
-        lifecycle:
-          preStop:
-            exec:
-              command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"]
-        command: [ "bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh install" ]
-        env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-        securityContext:
-          privileged: false
-        volumeMounts:
-        - name: crio-conf
-          mountPath: /etc/crio/
-        - name: containerd-conf
-          mountPath: /etc/containerd/
-        - name: kata-artifacts
-          mountPath: /opt/kata/
-        - name: dbus
-          mountPath: /var/run/dbus
-        - name: systemd
-          mountPath: /run/systemd
-        - name: local-bin
-          mountPath: /usr/local/bin/
+        - name: kube-kata
+          image: quay.io/kata-containers/kata-deploy:stable
+          imagePullPolicy: Always
+          lifecycle:
+            preStop:
+              exec:
+                command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"]
+          command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh install"]
+          env:
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: DEBUG
+              value: "false"
+            - name: SHIMS
+              value: "clh dragonball fc qemu qemu-nvidia-gpu qemu-sev qemu-snp qemu-tdx"
+            - name: DEFAULT_SHIM
+              value: "qemu"
+            - name: CREATE_RUNTIMECLASSES
+              value: "false"
+            - name: CREATE_DEFAULT_RUNTIMECLASS
+              value: "false"
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - name: crio-conf
+              mountPath: /etc/crio/
+            - name: containerd-conf
+              mountPath: /etc/containerd/
+            - name: kata-artifacts
+              mountPath: /opt/kata/
+            - name: local-bin
+              mountPath: /usr/local/bin/
      volumes:
        - name: crio-conf
          hostPath:
@ -54,12 +61,6 @@ spec:
          hostPath:
            path: /opt/kata/
            type: DirectoryOrCreate
-        - name: dbus
-          hostPath:
-            path: /var/run/dbus
-        - name: systemd
-          hostPath:
-            path: /run/systemd
        - name: local-bin
          hostPath:
            path: /usr/local/bin/