github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-25 03:02:17 +00:00
Code Issues Projects Releases Wiki Activity

kata-deploy-cc: Port fixes

Browse Source 
Port over fixes from `kata-deploy` into `kata-deploy-cc`
- https://github.com/kata-containers/kata-containers/pull/6829
- https://github.com/kata-containers/kata-containers/pull/6913
- https://github.com/kata-containers/kata-containers/pull/6648

Fixes: #6955
Signed-off-by: stevenhorsman <steven@uk.ibm.com>
This commit is contained in:
stevenhorsman 2023-05-24 17:14:03 +01:00
parent 585edca06d
commit b1fc929191
2 changed files with 26 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
tools/packaging/kata-deploy-cc/Dockerfile
View File

@ -6,25 +6,25 @@
ARG BASE_IMAGE_NAME=ubuntu ARG BASE_IMAGE_NAME=ubuntu
ARG BASE_IMAGE_TAG=20.04 ARG BASE_IMAGE_TAG=20.04
FROM $BASE_IMAGE_NAME:$BASE_IMAGE_TAG FROM $BASE_IMAGE_NAME:$BASE_IMAGE_TAG
ENV DEBIAN_FRONTEND=noninteractive
ARG KATA_ARTIFACTS=./kata-static.tar.xz ARG KATA_ARTIFACTS=./kata-static.tar.xz
ARG DESTINATION=/opt/kata-artifacts ARG DESTINATION=/opt/kata-artifacts
COPY ${KATA_ARTIFACTS} ${WORKDIR} COPY ${KATA_ARTIFACTS} ${WORKDIR}
ENV DEBIAN_FRONTEND=noninteractive
SHELL ["/bin/bash", "-o", "pipefail", "-c"] SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN \ RUN \
apt-get update && \ apt-get update && \
apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl xz-utils systemd && \ apt-get install -y --no-install-recommends apt-transport-https ca-certificates curl xz-utils systemd && \
mkdir -p /etc/apt/keyrings/ && \ mkdir -p /etc/apt/keyrings/ && \
curl -fsSLo /etc/apt/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg && \ curl -fsSLo /etc/apt/keyrings/kubernetes-archive-keyring.gpg https://dl.k8s.io/apt/doc/apt-key.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list && \ echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list && \
apt-get update && \ apt-get update && \
apt-get install -y --no-install-recommends kubectl && \ apt-get install -y --no-install-recommends kubectl && \
apt-get clean && rm -rf /var/lib/apt/lists/ && \ apt-get clean && rm -rf /var/lib/apt/lists/ && \
mkdir -p ${DESTINATION} && \ mkdir -p ${DESTINATION} && \
tar xvf ${KATA_ARTIFACTS} -C ${DESTINATION} && \ tar xvf ${WORKDIR}/${KATA_ARTIFACTS} -C ${DESTINATION} && \
rm ${WORKDIR}/${KATA_ARTIFACTS} rm -f ${WORKDIR}/${KATA_ARTIFACTS}
COPY scripts ${DESTINATION}/scripts COPY scripts ${DESTINATION}/scripts

29
tools/packaging/kata-deploy-cc/scripts/kata-deploy.sh
View File

@ -64,6 +64,15 @@ function install_artifacts() {
chmod +x /opt/confidential-containers/bin/* chmod +x /opt/confidential-containers/bin/*
} }
function wait_till_node_is_ready() {
local ready="False"
while ! [[ "${ready}" == "True" ]]; do
sleep 2s
ready=$(kubectl get node $NODE_NAME -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}')
done
}
function configure_cri_runtime() { function configure_cri_runtime() {
configure_different_shims_base configure_different_shims_base
@ -77,6 +86,8 @@ function configure_cri_runtime() {
esac esac
systemctl daemon-reload systemctl daemon-reload
systemctl restart "$1" systemctl restart "$1"
wait_till_node_is_ready
} }
function backup_shim() { function backup_shim() {
@ -303,6 +314,8 @@ function reset_runtime() {
if [ "$1" == "crio" ] || [ "$1" == "containerd" ]; then if [ "$1" == "crio" ] || [ "$1" == "containerd" ]; then
systemctl restart kubelet systemctl restart kubelet
fi fi
wait_till_node_is_ready
} }
function main() { function main() {
@ -314,7 +327,10 @@ function main() {
runtime=$(get_container_runtime) runtime=$(get_container_runtime)
if [ "$runtime" == "k3s" ] || [ "$runtime" == "k3s-agent" ] || [ "$runtime" == "rke2-agent" ] || [ "$runtime" == "rke2-server" ]; then # CRI-O isn't consistent with the naming -- let's use crio to match the service file
if [ "$runtime" == "cri-o" ]; then
runtime="crio"
elif [ "$runtime" == "k3s" ] || [ "$runtime" == "k3s-agent" ] || [ "$runtime" == "rke2-agent" ] || [ "$runtime" == "rke2-server" ]; then
containerd_conf_tmpl_file="${containerd_conf_file}.tmpl" containerd_conf_tmpl_file="${containerd_conf_file}.tmpl"
if [ ! -f "$containerd_conf_tmpl_file" ]; then if [ ! -f "$containerd_conf_tmpl_file" ]; then
cp "$containerd_conf_file" "$containerd_conf_tmpl_file" cp "$containerd_conf_file" "$containerd_conf_tmpl_file"
@ -322,15 +338,12 @@ function main() {
containerd_conf_file="${containerd_conf_tmpl_file}" containerd_conf_file="${containerd_conf_tmpl_file}"
containerd_conf_file_backup="${containerd_conf_file}.bak" containerd_conf_file_backup="${containerd_conf_file}.bak"
elif [ "$runtime" == "containerd" ]; then else
# runtime == containerd # runtime == containerd
if [ ! -f "$containerd_conf_file" ] && [ -d $(dirname "$containerd_conf_file") ] && \ if [ ! -f "$containerd_conf_file" ] && [ -d $(dirname "$containerd_conf_file") ] && \
[ -x $(command -v containerd) ]; then [ -x $(command -v containerd) ]; then
containerd config default > "$containerd_conf_file" containerd config default > "$containerd_conf_file"
fi fi
# CRI-O isn't consistent with the naming -- let's use crio to match the service file
elif [ "$runtime" == "cri-o" ]; then
runtime="crio"
fi fi
action=${1:-} action=${1:-}
@ -339,8 +352,8 @@ function main() {
die "invalid arguments" die "invalid arguments"
fi fi
# only install / remove / update if we are dealing with containerd # only install / remove / update if we are dealing with CRIO or containerd
if [[ "$runtime" =~ ^(containerd|k3s|k3s-agent|rke2-agent|rke2-server|crio)$ ]]; then if [[ "$runtime" =~ ^(crio|containerd|k3s|k3s-agent|rke2-agent|rke2-server)$ ]]; then
case "$action" in case "$action" in
install) install)
@ -368,4 +381,4 @@ function main() {
sleep infinity sleep infinity
} }
main "$@" main "$@"