From 19a01fa8c616a164cb3ef13b3aad72d26b700e29 Mon Sep 17 00:00:00 2001 From: Sergey Kanzhelev Date: Thu, 17 Feb 2022 08:02:13 +0000 Subject: [PATCH] remove docker installation from everywhere --- cluster/addons/node-problem-detector/npd.yaml | 2 +- cluster/gce/gci/configure.sh | 40 +----- cluster/gce/windows/k8s-node-setup.psm1 | 36 +---- test/e2e_node/jenkins/cos-init-docker.yaml | 127 ------------------ test/e2e_node/jenkins/ubuntu-init-docker.yaml | 121 ----------------- 5 files changed, 5 insertions(+), 321 deletions(-) delete mode 100644 test/e2e_node/jenkins/cos-init-docker.yaml delete mode 100644 test/e2e_node/jenkins/ubuntu-init-docker.yaml diff --git a/cluster/addons/node-problem-detector/npd.yaml b/cluster/addons/node-problem-detector/npd.yaml index b3f9fd18ece..dc6b852af07 100644 --- a/cluster/addons/node-problem-detector/npd.yaml +++ b/cluster/addons/node-problem-detector/npd.yaml @@ -51,7 +51,7 @@ spec: command: - "/bin/sh" - "-c" - - "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/docker-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1" + - "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1" securityContext: privileged: true resources: diff --git a/cluster/gce/gci/configure.sh b/cluster/gce/gci/configure.sh index 2e3b5fad1dc..38199f1b5e0 100644 --- a/cluster/gce/gci/configure.sh +++ b/cluster/gce/gci/configure.sh @@ -472,44 +472,6 @@ function load-docker-images { fi } -# If we are on ubuntu we can try to install docker -function install-docker { - # bailout if we are not on ubuntu - if ! command -v apt-get >/dev/null 2>&1; then - echo "Unable to automatically install docker. Bailing out..." - return - fi - # Install Docker deps, some of these are already installed in the image but - # that's fine since they won't re-install and we can reuse the code below - # for another image someday. - apt-get update - apt-get install -y --no-install-recommends \ - apt-transport-https \ - ca-certificates \ - socat \ - curl \ - gnupg2 \ - software-properties-common \ - lsb-release - - release=$(lsb_release -cs) - - # Add the Docker apt-repository - # shellcheck disable=SC2086 - curl ${CURL_FLAGS} \ - --location \ - "https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID")/gpg" \ - | apt-key add - - add-apt-repository \ - "deb [arch=${HOST_ARCH}] https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID") \ - $release stable" - - # Install Docker - apt-get update && \ - apt-get install -y --no-install-recommends "${GCI_DOCKER_VERSION:-"docker-ce=5:19.03.*"}" - rm -rf /var/lib/apt/lists/* -} - # If we are on ubuntu we can try to install containerd function install-containerd-ubuntu { # bailout if we are not on ubuntu @@ -591,7 +553,7 @@ function ensure-container-runtime { if [[ -e "/etc/profile.d/containerd_env.sh" ]]; then log-wrap 'SourceContainerdEnv' source "/etc/profile.d/containerd_env.sh" fi - + # Verify presence and print versions of ctr, containerd, runc if ! command -v ctr >/dev/null 2>&1; then echo "ERROR ctr not found. Aborting." diff --git a/cluster/gce/windows/k8s-node-setup.psm1 b/cluster/gce/windows/k8s-node-setup.psm1 index 1e510afbd45..5c570a29d9c 100644 --- a/cluster/gce/windows/k8s-node-setup.psm1 +++ b/cluster/gce/windows/k8s-node-setup.psm1 @@ -982,7 +982,7 @@ function Configure-GcePdTools { Import-Module -Name $modulePath'.replace('K8S_DIR', ${env:K8S_DIR}) } -# Setup cni network. This function supports both Docker and containerd. +# Setup cni network for containerd. function Prepare-CniNetworking { Configure_Containerd_CniNetworking } @@ -1213,8 +1213,7 @@ function Pull-InfraContainer { Log-Output "Infra/pause container:`n$inspect" } -# Setup the container runtime on the node. It supports both -# Docker and containerd. +# Setup the containerd on the node. function Setup-ContainerRuntime { Install-Pigz Install_Containerd @@ -1251,35 +1250,6 @@ function Enable-HyperVFeature { Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-Management-PowerShell -All -NoRestart } -function Test-DockerIsInstalled { - return ((Get-Package ` - -ProviderName DockerMsftProvider ` - -ErrorAction SilentlyContinue | - Where-Object Name -eq 'docker') -ne $null) -} - -function Test-DockerIsRunning { - return ((Get-Service docker).Status -eq 'Running') -} - -# Installs Docker EE via the DockerMsftProvider. Ensure that the Windows -# Containers feature is installed before calling this function; otherwise, -# a restart may be needed after this function returns. -function Install-Docker { - Log-Output 'Installing NuGet module' - Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force - - Log-Output 'Installing DockerMsftProvider module' - Install-Module -Name DockerMsftProvider -Repository PSGallery -Force - - Log-Output "Installing latest Docker EE version" - Install-Package ` - -Name docker ` - -ProviderName DockerMsftProvider ` - -Force ` - -Verbose -} - # Configures the TCP/IP parameters to be in sync with the GCP recommendation. # Not setting these values correctly can cause network issues for connections # that live longer than 10 minutes. @@ -1518,7 +1488,7 @@ function Install-Pigz { Expand-Archive -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip" ` -DestinationPath $PIGZ_ROOT Remove-Item -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip" - # Docker and Containerd search for unpigz.exe on the first container image + # Containerd search for unpigz.exe on the first container image # pull request after the service is started. If unpigz.exe is in the # Windows path it'll use it instead of the default unzipper. # See: https://github.com/containerd/containerd/issues/1896 diff --git a/test/e2e_node/jenkins/cos-init-docker.yaml b/test/e2e_node/jenkins/cos-init-docker.yaml deleted file mode 100644 index 3dec3bd7478..00000000000 --- a/test/e2e_node/jenkins/cos-init-docker.yaml +++ /dev/null @@ -1,127 +0,0 @@ -#cloud-config - -write_files: - - path: /etc/systemd/system/upgrade-docker.service - permissions: 0644 - owner: root - content: | - [Unit] - Description=Upgrade Docker Binaries - Requires=network-online.target - After=network-online.target docker.service - - [Service] - Type=oneshot - # RemainAfterExit so the service runs exactly once. - RemainAfterExit=yes - ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin - ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin - ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin - ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh - ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download - - [Install] - WantedBy=multi-user.target - - - path: /tmp/upgrade-docker/upgrade.sh - permissions: 0644 - owner: root - content: | - # This script reads a GCE metadata key for the user specified Docker - # version, downloads, and replaces the builtin Docker with it. - - set -x - set -o errexit - set -o nounset - set -o pipefail - - # Checks if a Docker binary is the version we want. - # $1: Docker binary - # $2: Requested version - check_installed() { - local docker_bin="$1" - local requested_version="$2" - [[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]] - } - - # $1: Docker version - download_and_install_docker() { - local requested_version="$1" - local download_dir=/home/upgrade-docker/download/docker-"${requested_version}" - local install_location=/home/upgrade-docker/bin - local docker_tgz="docker-${requested_version}.tgz" - - if [[ "${requested_version}" =~ "rc" ]]; then - # RC releases all have the word "rc" in their version - # number, e.g., "1.11.1-rc1". - download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}" - else - download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}" - fi - - echo "Downloading Docker version ${requested_version} from "\ - "${download_url} to ${download_dir} ..." - - # Download and install the binaries. - mkdir -p "${download_dir}"/binaries - /usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}" - tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries - cp "${download_dir}"/binaries/docker/docker* "${install_location}" - mount --bind "${install_location}"/docker /usr/bin/docker - mount --bind "${install_location}"/docker-containerd /usr/bin/docker-containerd - mount --bind "${install_location}"/docker-containerd-shim /usr/bin/docker-containerd-shim - mount --bind "${install_location}"/dockerd /usr/bin/dockerd - mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy - mount --bind "${install_location}"/docker-runc /usr/bin/docker-runc - echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker - } - - # $1: Metadata key - get_metadata() { - /usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error \ - -H "X-Google-Metadata-Request: True" \ - http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1" - } - - main() { - # Get the desired Docker version through the following metadata key. - local requested_version="$(get_metadata "gci-docker-version")" - if [[ -z "${requested_version}" ]]; then - exit 0 - fi - - # Check if we have the requested version installed. - if check_installed /usr/bin/docker "${requested_version}"; then - echo "Requested version already installed. Exiting." - exit 0 - fi - - # Stop the docker daemon during upgrade. - /usr/bin/systemctl stop docker - download_and_install_docker "${requested_version}" - - # Assert that the upgrade was successful. - local rc=0 - check_installed /usr/bin/docker "${requested_version}" || rc=1 - /usr/bin/systemctl start docker && exit $rc - } - - main "$@" - -runcmd: - - systemctl daemon-reload - - systemctl start upgrade-docker.service - - mount /tmp /tmp -o remount,exec,suid - - usermod -a -G docker jenkins - - mkdir -p /var/lib/kubelet - - mkdir -p /home/kubernetes/containerized_mounter/rootfs - - mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/ - - mount -o remount, exec /home/kubernetes/containerized_mounter/ - - wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar - - tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs - - mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc - - mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev - - rm /tmp/mounter.tar diff --git a/test/e2e_node/jenkins/ubuntu-init-docker.yaml b/test/e2e_node/jenkins/ubuntu-init-docker.yaml deleted file mode 100644 index eb551171e21..00000000000 --- a/test/e2e_node/jenkins/ubuntu-init-docker.yaml +++ /dev/null @@ -1,121 +0,0 @@ -#cloud-config - -write_files: - - path: /etc/systemd/system/upgrade-docker.service - permissions: 0644 - owner: root - content: | - [Unit] - Description=Upgrade Docker Binaries - Requires=network-online.target - After=network-online.target docker.service - - [Service] - Type=oneshot - # RemainAfterExit so the service runs exactly once. - RemainAfterExit=yes - ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin - ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin - ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin - ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh - ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download - - [Install] - WantedBy=multi-user.target - - - path: /tmp/upgrade-docker/upgrade.sh - permissions: 0644 - owner: root - content: | - # This script reads a GCE metadata key for the user specified Docker - # version, downloads, and replaces the builtin Docker with it. - - set -x - set -o errexit - set -o nounset - set -o pipefail - - # Checks if a Docker binary is the version we want. - # $1: Docker binary - # $2: Requested version - check_installed() { - local docker_bin="$1" - local requested_version="$2" - [[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]] - } - - # $1: Docker version - download_and_install_docker() { - local requested_version="$1" - local download_dir=/home/upgrade-docker/download/docker-"${requested_version}" - local install_location=/home/upgrade-docker/bin - local docker_tgz="docker-${requested_version}.tgz" - - if [[ "${requested_version}" =~ "rc" ]]; then - # RC releases all have the word "rc" in their version - # number, e.g., "1.11.1-rc1". - download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}" - else - download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}" - fi - - echo "Downloading Docker version ${requested_version} from "\ - "${download_url} to ${download_dir} ..." - - # Download and install the binaries. - mkdir -p "${download_dir}"/binaries - /usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}" - tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries - cp "${download_dir}"/binaries/docker/docker* "${install_location}" - mount --bind "${install_location}"/docker /usr/bin/docker - mount --bind "${install_location}"/docker-containerd /usr/bin/containerd - mount --bind "${install_location}"/docker-containerd-shim /usr/bin/containerd-shim - mount --bind "${install_location}"/dockerd /usr/bin/dockerd - mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy - mount --bind "${install_location}"/docker-runc /usr/sbin/runc - echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker - } - - # $1: Metadata key - get_metadata() { - /usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error \ - -H "X-Google-Metadata-Request: True" \ - http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1" - } - - main() { - # Get the desired Docker version through the following metadata key. - local requested_version="$(get_metadata "ubuntu-docker-version")" - if [[ -z "${requested_version}" ]]; then - exit 0 - fi - - # Stop the docker daemon during upgrade. - systemctl stop docker - download_and_install_docker "${requested_version}" - - # Assert that the upgrade was successful. - local rc=0 - check_installed /usr/bin/docker "${requested_version}" || rc=1 - systemctl start docker && exit $rc - } - - main "$@" - -runcmd: - - systemctl daemon-reload - - systemctl start upgrade-docker.service - - mount /tmp /tmp -o remount,exec,suid - - usermod -a -G docker jenkins - - mkdir -p /var/lib/kubelet - - mkdir -p /home/kubernetes/containerized_mounter/rootfs - - mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/ - - mount -o remount, exec /home/kubernetes/containerized_mounter/ - - wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar - - tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs - - mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet - - mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc - - mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev - - rm /tmp/mounter.tar