github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 19:01:49 +00:00
Code Issues Projects Releases Wiki Activity

remove docker installation from everywhere

Browse Source
This commit is contained in:
Sergey Kanzhelev 2022-02-17 08:02:13 +00:00
parent df2768123d
commit 19a01fa8c6
5 changed files with 5 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cluster/addons/node-problem-detector/npd.yaml
View File

@ -51,7 +51,7 @@ spec:
command:
- "/bin/sh"
- "-c"
- "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/docker-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1"
- "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1"
securityContext:
privileged: true
resources:

40
cluster/gce/gci/configure.sh
View File

@ -472,44 +472,6 @@ function load-docker-images {
fi
}
# If we are on ubuntu we can try to install docker
function install-docker {
# bailout if we are not on ubuntu
if ! command -v apt-get >/dev/null 2>&1; then
echo "Unable to automatically install docker. Bailing out..."
return
fi
# Install Docker deps, some of these are already installed in the image but
# that's fine since they won't re-install and we can reuse the code below
# for another image someday.
apt-get update
apt-get install -y --no-install-recommends \
apt-transport-https \
ca-certificates \
socat \
curl \
gnupg2 \
software-properties-common \
lsb-release
release=$(lsb_release -cs)
# Add the Docker apt-repository
# shellcheck disable=SC2086
curl ${CURL_FLAGS} \
--location \
"https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID")/gpg" \
| apt-key add -
add-apt-repository \
"deb [arch=${HOST_ARCH}] https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID") \
$release stable"
# Install Docker
apt-get update && \
apt-get install -y --no-install-recommends "${GCI_DOCKER_VERSION:-"docker-ce=5:19.03.*"}"
rm -rf /var/lib/apt/lists/*
}
# If we are on ubuntu we can try to install containerd
function install-containerd-ubuntu {
# bailout if we are not on ubuntu
@ -591,7 +553,7 @@ function ensure-container-runtime {
if [[ -e "/etc/profile.d/containerd_env.sh" ]]; then
log-wrap 'SourceContainerdEnv' source "/etc/profile.d/containerd_env.sh"
fi
# Verify presence and print versions of ctr, containerd, runc
if ! command -v ctr >/dev/null 2>&1; then
echo "ERROR ctr not found. Aborting."

36
cluster/gce/windows/k8s-node-setup.psm1
View File

@ -982,7 +982,7 @@ function Configure-GcePdTools {
Import-Module -Name $modulePath'.replace('K8S_DIR', ${env:K8S_DIR})
}
# Setup cni network. This function supports both Docker and containerd.
# Setup cni network for containerd.
function Prepare-CniNetworking {
Configure_Containerd_CniNetworking
}
@ -1213,8 +1213,7 @@ function Pull-InfraContainer {
Log-Output "Infra/pause container:`n$inspect"
}
# Setup the container runtime on the node. It supports both
# Docker and containerd.
# Setup the containerd on the node.
function Setup-ContainerRuntime {
Install-Pigz
Install_Containerd
@ -1251,35 +1250,6 @@ function Enable-HyperVFeature {
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-Management-PowerShell -All -NoRestart
}
function Test-DockerIsInstalled {
return ((Get-Package `
-ProviderName DockerMsftProvider `
-ErrorAction SilentlyContinue |
Where-Object Name -eq 'docker') -ne $null)
}
function Test-DockerIsRunning {
return ((Get-Service docker).Status -eq 'Running')
}
# Installs Docker EE via the DockerMsftProvider. Ensure that the Windows
# Containers feature is installed before calling this function; otherwise,
# a restart may be needed after this function returns.
function Install-Docker {
Log-Output 'Installing NuGet module'
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Log-Output 'Installing DockerMsftProvider module'
Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
Log-Output "Installing latest Docker EE version"
Install-Package `
-Name docker `
-ProviderName DockerMsftProvider `
-Force `
-Verbose
}
# Configures the TCP/IP parameters to be in sync with the GCP recommendation.
# Not setting these values correctly can cause network issues for connections
# that live longer than 10 minutes.
@ -1518,7 +1488,7 @@ function Install-Pigz {
Expand-Archive -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip" `
-DestinationPath $PIGZ_ROOT
Remove-Item -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip"
# Docker and Containerd search for unpigz.exe on the first container image
# Containerd search for unpigz.exe on the first container image
# pull request after the service is started. If unpigz.exe is in the
# Windows path it'll use it instead of the default unzipper.
# See: https://github.com/containerd/containerd/issues/1896

127
test/e2e_node/jenkins/cos-init-docker.yaml
View File

@ -1,127 +0,0 @@
#cloud-config
write_files:
- path: /etc/systemd/system/upgrade-docker.service
permissions: 0644
owner: root
content: |
[Unit]
Description=Upgrade Docker Binaries
Requires=network-online.target
After=network-online.target docker.service
[Service]
Type=oneshot
# RemainAfterExit so the service runs exactly once.
RemainAfterExit=yes
ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin
ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin
ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin
ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh
ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download
[Install]
WantedBy=multi-user.target
- path: /tmp/upgrade-docker/upgrade.sh
permissions: 0644
owner: root
content: |
# This script reads a GCE metadata key for the user specified Docker
# version, downloads, and replaces the builtin Docker with it.
set -x
set -o errexit
set -o nounset
set -o pipefail
# Checks if a Docker binary is the version we want.
# $1: Docker binary
# $2: Requested version
check_installed() {
local docker_bin="$1"
local requested_version="$2"
[[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]]
}
# $1: Docker version
download_and_install_docker() {
local requested_version="$1"
local download_dir=/home/upgrade-docker/download/docker-"${requested_version}"
local install_location=/home/upgrade-docker/bin
local docker_tgz="docker-${requested_version}.tgz"
if [[ "${requested_version}" =~ "rc" ]]; then
# RC releases all have the word "rc" in their version
# number, e.g., "1.11.1-rc1".
download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}"
else
download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}"
fi
echo "Downloading Docker version ${requested_version} from "\
"${download_url} to ${download_dir} ..."
# Download and install the binaries.
mkdir -p "${download_dir}"/binaries
/usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}"
tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries
cp "${download_dir}"/binaries/docker/docker* "${install_location}"
mount --bind "${install_location}"/docker /usr/bin/docker
mount --bind "${install_location}"/docker-containerd /usr/bin/docker-containerd
mount --bind "${install_location}"/docker-containerd-shim /usr/bin/docker-containerd-shim
mount --bind "${install_location}"/dockerd /usr/bin/dockerd
mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy
mount --bind "${install_location}"/docker-runc /usr/bin/docker-runc
echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker
}
# $1: Metadata key
get_metadata() {
/usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error \
-H "X-Google-Metadata-Request: True" \
http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1"
}
main() {
# Get the desired Docker version through the following metadata key.
local requested_version="$(get_metadata "gci-docker-version")"
if [[ -z "${requested_version}" ]]; then
exit 0
fi
# Check if we have the requested version installed.
if check_installed /usr/bin/docker "${requested_version}"; then
echo "Requested version already installed. Exiting."
exit 0
fi
# Stop the docker daemon during upgrade.
/usr/bin/systemctl stop docker
download_and_install_docker "${requested_version}"
# Assert that the upgrade was successful.
local rc=0
check_installed /usr/bin/docker "${requested_version}" || rc=1
/usr/bin/systemctl start docker && exit $rc
}
main "$@"
runcmd:
- systemctl daemon-reload
- systemctl start upgrade-docker.service
- mount /tmp /tmp -o remount,exec,suid
- usermod -a -G docker jenkins
- mkdir -p /var/lib/kubelet
- mkdir -p /home/kubernetes/containerized_mounter/rootfs
- mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/
- mount -o remount, exec /home/kubernetes/containerized_mounter/
- wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar
- tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs
- mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc
- mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev
- rm /tmp/mounter.tar

121
test/e2e_node/jenkins/ubuntu-init-docker.yaml
View File

@ -1,121 +0,0 @@
#cloud-config
write_files:
- path: /etc/systemd/system/upgrade-docker.service
permissions: 0644
owner: root
content: |
[Unit]
Description=Upgrade Docker Binaries
Requires=network-online.target
After=network-online.target docker.service
[Service]
Type=oneshot
# RemainAfterExit so the service runs exactly once.
RemainAfterExit=yes
ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin
ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin
ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin
ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh
ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download
[Install]
WantedBy=multi-user.target
- path: /tmp/upgrade-docker/upgrade.sh
permissions: 0644
owner: root
content: |
# This script reads a GCE metadata key for the user specified Docker
# version, downloads, and replaces the builtin Docker with it.
set -x
set -o errexit
set -o nounset
set -o pipefail
# Checks if a Docker binary is the version we want.
# $1: Docker binary
# $2: Requested version
check_installed() {
local docker_bin="$1"
local requested_version="$2"
[[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]]
}
# $1: Docker version
download_and_install_docker() {
local requested_version="$1"
local download_dir=/home/upgrade-docker/download/docker-"${requested_version}"
local install_location=/home/upgrade-docker/bin
local docker_tgz="docker-${requested_version}.tgz"
if [[ "${requested_version}" =~ "rc" ]]; then
# RC releases all have the word "rc" in their version
# number, e.g., "1.11.1-rc1".
download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}"
else
download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}"
fi
echo "Downloading Docker version ${requested_version} from "\
"${download_url} to ${download_dir} ..."
# Download and install the binaries.
mkdir -p "${download_dir}"/binaries
/usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}"
tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries
cp "${download_dir}"/binaries/docker/docker* "${install_location}"
mount --bind "${install_location}"/docker /usr/bin/docker
mount --bind "${install_location}"/docker-containerd /usr/bin/containerd
mount --bind "${install_location}"/docker-containerd-shim /usr/bin/containerd-shim
mount --bind "${install_location}"/dockerd /usr/bin/dockerd
mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy
mount --bind "${install_location}"/docker-runc /usr/sbin/runc
echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker
}
# $1: Metadata key
get_metadata() {
/usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error \
-H "X-Google-Metadata-Request: True" \
http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1"
}
main() {
# Get the desired Docker version through the following metadata key.
local requested_version="$(get_metadata "ubuntu-docker-version")"
if [[ -z "${requested_version}" ]]; then
exit 0
fi
# Stop the docker daemon during upgrade.
systemctl stop docker
download_and_install_docker "${requested_version}"
# Assert that the upgrade was successful.
local rc=0
check_installed /usr/bin/docker "${requested_version}" || rc=1
systemctl start docker && exit $rc
}
main "$@"
runcmd:
- systemctl daemon-reload
- systemctl start upgrade-docker.service
- mount /tmp /tmp -o remount,exec,suid
- usermod -a -G docker jenkins
- mkdir -p /var/lib/kubelet
- mkdir -p /home/kubernetes/containerized_mounter/rootfs
- mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/
- mount -o remount, exec /home/kubernetes/containerized_mounter/
- wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar
- tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs
- mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
- mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc
- mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev
- rm /tmp/mounter.tar