remove docker installation from everywhere

2025-07-22 11:21:47 +00:00 · 2022-02-17 08:02:13 +00:00 · 2022-02-17 08:02:13 +00:00 · 19a01fa8c6
commit 19a01fa8c6
parent df2768123d
5 changed files with 5 additions and 321 deletions
--- a/cluster/addons/node-problem-detector/npd.yaml
+++ b/cluster/addons/node-problem-detector/npd.yaml
@ -51,7 +51,7 @@ spec:
        command:
        - "/bin/sh"
        - "-c"
-        - "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/docker-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1"
+        - "exec /node-problem-detector --logtostderr --config.system-log-monitor=/config/kernel-monitor.json,/config/systemd-monitor.json --config.custom-plugin-monitor=/config/kernel-monitor-counter.json,/config/systemd-monitor-counter.json --config.system-stats-monitor=/config/system-stats-monitor.json >>/var/log/node-problem-detector.log 2>&1"
        securityContext:
          privileged: true
        resources:
--- a/cluster/gce/gci/configure.sh
+++ b/cluster/gce/gci/configure.sh
@ -472,44 +472,6 @@ function load-docker-images {
  fi
 }
 # If we are on ubuntu we can try to install docker
 function install-docker {
  # bailout if we are not on ubuntu
  if ! command -v apt-get >/dev/null 2>&1; then
    echo "Unable to automatically install docker. Bailing out..."
    return
  fi
  # Install Docker deps, some of these are already installed in the image but
  # that's fine since they won't re-install and we can reuse the code below
  # for another image someday.
  apt-get update
  apt-get install -y --no-install-recommends \
    apt-transport-https \
    ca-certificates \
    socat \
    curl \
    gnupg2 \
    software-properties-common \
    lsb-release
  release=$(lsb_release -cs)
  # Add the Docker apt-repository
  # shellcheck disable=SC2086
  curl ${CURL_FLAGS} \
    --location \
    "https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID")/gpg" \
  | apt-key add -
  add-apt-repository \
    "deb [arch=${HOST_ARCH}] https://download.docker.com/${HOST_PLATFORM}/$(. /etc/os-release; echo "$ID") \
    $release stable"
  # Install Docker
  apt-get update && \
    apt-get install -y --no-install-recommends "${GCI_DOCKER_VERSION:-"docker-ce=5:19.03.*"}"
  rm -rf /var/lib/apt/lists/*
 }
 # If we are on ubuntu we can try to install containerd
 function install-containerd-ubuntu {
  # bailout if we are not on ubuntu
@ -591,7 +553,7 @@ function ensure-container-runtime {
  if [[ -e "/etc/profile.d/containerd_env.sh" ]]; then
   log-wrap 'SourceContainerdEnv' source "/etc/profile.d/containerd_env.sh"
  fi
-    
+
  # Verify presence and print versions of ctr, containerd, runc
  if ! command -v ctr >/dev/null 2>&1; then
    echo "ERROR ctr not found. Aborting."
--- a/cluster/gce/windows/k8s-node-setup.psm1
+++ b/cluster/gce/windows/k8s-node-setup.psm1
@ -982,7 +982,7 @@ function Configure-GcePdTools {
  Import-Module -Name $modulePath'.replace('K8S_DIR', ${env:K8S_DIR})
 }
-# Setup cni network. This function supports both Docker and containerd.
+# Setup cni network for containerd.
 function Prepare-CniNetworking {
    Configure_Containerd_CniNetworking
 }
@ -1213,8 +1213,7 @@ function Pull-InfraContainer {
  Log-Output "Infra/pause container:`n$inspect"
 }
-# Setup the container runtime on the node. It supports both
+# Setup the containerd on the node.
 # Docker and containerd.
 function Setup-ContainerRuntime {
  Install-Pigz
  Install_Containerd
@ -1251,35 +1250,6 @@ function Enable-HyperVFeature {
  Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-Management-PowerShell -All -NoRestart
 }
 function Test-DockerIsInstalled {
  return ((Get-Package `
               -ProviderName DockerMsftProvider `
               -ErrorAction SilentlyContinue |
           Where-Object Name -eq 'docker') -ne $null)
 }
 function Test-DockerIsRunning {
  return ((Get-Service docker).Status -eq 'Running')
 }
 # Installs Docker EE via the DockerMsftProvider. Ensure that the Windows
 # Containers feature is installed before calling this function; otherwise,
 # a restart may be needed after this function returns.
 function Install-Docker {
  Log-Output 'Installing NuGet module'
  Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
  Log-Output 'Installing DockerMsftProvider module'
  Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
  Log-Output "Installing latest Docker EE version"
  Install-Package `
      -Name docker `
      -ProviderName DockerMsftProvider `
      -Force `
      -Verbose
 }
 # Configures the TCP/IP parameters to be in sync with the GCP recommendation.
 # Not setting these values correctly can cause network issues for connections
 # that live longer than 10 minutes.
@ -1518,7 +1488,7 @@ function Install-Pigz {
      Expand-Archive -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip" `
        -DestinationPath $PIGZ_ROOT
      Remove-Item -Path "$PIGZ_ROOT\pigz-$PIGZ_VERSION.zip"
-      # Docker and Containerd search for unpigz.exe on the first container image
+      # Containerd search for unpigz.exe on the first container image
      # pull request after the service is started. If unpigz.exe is in the
      # Windows path it'll use it instead of the default unzipper.
      # See: https://github.com/containerd/containerd/issues/1896
--- a/test/e2e_node/jenkins/cos-init-docker.yaml
+++ b/test/e2e_node/jenkins/cos-init-docker.yaml
@ -1,127 +0,0 @@
 #cloud-config
 write_files:
  - path: /etc/systemd/system/upgrade-docker.service
    permissions: 0644
    owner: root
    content: |
      [Unit]
      Description=Upgrade Docker Binaries
      Requires=network-online.target
      After=network-online.target docker.service
      [Service]
      Type=oneshot
      # RemainAfterExit so the service runs exactly once.
      RemainAfterExit=yes
      ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin
      ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin
      ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin
      ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh
      ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download
      [Install]
      WantedBy=multi-user.target
  - path: /tmp/upgrade-docker/upgrade.sh
    permissions: 0644
    owner: root
    content: |
      # This script reads a GCE metadata key for the user specified Docker
      # version, downloads, and replaces the builtin Docker with it.
      set -x
      set -o errexit
      set -o nounset
      set -o pipefail
      # Checks if a Docker binary is the version we want.
      # $1: Docker binary
      # $2: Requested version
      check_installed() {
        local docker_bin="$1"
        local requested_version="$2"
        [[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]]
      }
      # $1: Docker version
      download_and_install_docker() {
        local requested_version="$1"
        local download_dir=/home/upgrade-docker/download/docker-"${requested_version}"
        local install_location=/home/upgrade-docker/bin
        local docker_tgz="docker-${requested_version}.tgz"
        if [[ "${requested_version}" =~ "rc" ]]; then
          # RC releases all have the word "rc" in their version
          # number, e.g., "1.11.1-rc1".
          download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}"
        else
          download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}"
        fi
        echo "Downloading Docker version ${requested_version} from "\
          "${download_url} to ${download_dir} ..."
        # Download and install the binaries.
        mkdir -p "${download_dir}"/binaries
        /usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}"
        tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries
        cp "${download_dir}"/binaries/docker/docker* "${install_location}"
        mount --bind "${install_location}"/docker /usr/bin/docker
        mount --bind "${install_location}"/docker-containerd /usr/bin/docker-containerd
        mount --bind "${install_location}"/docker-containerd-shim /usr/bin/docker-containerd-shim
        mount --bind "${install_location}"/dockerd /usr/bin/dockerd
        mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy
        mount --bind "${install_location}"/docker-runc /usr/bin/docker-runc
        echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker
      }
      # $1: Metadata key
      get_metadata() {
        /usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error  \
          -H "X-Google-Metadata-Request: True" \
          http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1"
      }
      main() {
        # Get the desired Docker version through the following metadata key.
        local requested_version="$(get_metadata "gci-docker-version")"
        if [[ -z "${requested_version}" ]]; then
          exit 0
        fi
        # Check if we have the requested version installed.
        if check_installed /usr/bin/docker "${requested_version}"; then
          echo "Requested version already installed. Exiting."
          exit 0
        fi
        # Stop the docker daemon during upgrade.
        /usr/bin/systemctl stop docker
        download_and_install_docker "${requested_version}"
        # Assert that the upgrade was successful.
        local rc=0
        check_installed /usr/bin/docker "${requested_version}" || rc=1
        /usr/bin/systemctl start docker && exit $rc
      }
      main "$@"
 runcmd:
  - systemctl daemon-reload
  - systemctl start upgrade-docker.service
  - mount /tmp /tmp -o remount,exec,suid
  - usermod -a -G docker jenkins
  - mkdir -p /var/lib/kubelet
  - mkdir -p /home/kubernetes/containerized_mounter/rootfs
  - mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/
  - mount -o remount, exec /home/kubernetes/containerized_mounter/
  - wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar
  - tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs
  - mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc
  - mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev
  - rm /tmp/mounter.tar
--- a/test/e2e_node/jenkins/ubuntu-init-docker.yaml
+++ b/test/e2e_node/jenkins/ubuntu-init-docker.yaml
@ -1,121 +0,0 @@
 #cloud-config
 write_files:
  - path: /etc/systemd/system/upgrade-docker.service
    permissions: 0644
    owner: root
    content: |
      [Unit]
      Description=Upgrade Docker Binaries
      Requires=network-online.target
      After=network-online.target docker.service
      [Service]
      Type=oneshot
      # RemainAfterExit so the service runs exactly once.
      RemainAfterExit=yes
      ExecStartPre=/bin/mkdir -p /home/upgrade-docker/bin
      ExecStartPre=/bin/mount --bind /home/upgrade-docker/bin /home/upgrade-docker/bin
      ExecStartPre=/bin/mount -o remount,exec /home/upgrade-docker/bin
      ExecStart=/bin/bash /tmp/upgrade-docker/upgrade.sh
      ExecStartPost=-/bin/rm -rf /home/upgrade-docker/download
      [Install]
      WantedBy=multi-user.target
  - path: /tmp/upgrade-docker/upgrade.sh
    permissions: 0644
    owner: root
    content: |
      # This script reads a GCE metadata key for the user specified Docker
      # version, downloads, and replaces the builtin Docker with it.
      set -x
      set -o errexit
      set -o nounset
      set -o pipefail
      # Checks if a Docker binary is the version we want.
      # $1: Docker binary
      # $2: Requested version
      check_installed() {
        local docker_bin="$1"
        local requested_version="$2"
        [[ "$(${docker_bin} --version)" =~ "Docker version ${requested_version}," ]]
      }
      # $1: Docker version
      download_and_install_docker() {
        local requested_version="$1"
        local download_dir=/home/upgrade-docker/download/docker-"${requested_version}"
        local install_location=/home/upgrade-docker/bin
        local docker_tgz="docker-${requested_version}.tgz"
        if [[ "${requested_version}" =~ "rc" ]]; then
          # RC releases all have the word "rc" in their version
          # number, e.g., "1.11.1-rc1".
          download_url="https://test.docker.com/builds/Linux/x86_64/${docker_tgz}"
        else
          download_url="https://get.docker.com/builds/Linux/x86_64/${docker_tgz}"
        fi
        echo "Downloading Docker version ${requested_version} from "\
          "${download_url} to ${download_dir} ..."
        # Download and install the binaries.
        mkdir -p "${download_dir}"/binaries
        /usr/bin/curl -o "${download_dir}/${docker_tgz}" --fail "${download_url}"
        tar xzf "${download_dir}/${docker_tgz}" -C "${download_dir}"/binaries
        cp "${download_dir}"/binaries/docker/docker* "${install_location}"
        mount --bind "${install_location}"/docker /usr/bin/docker
        mount --bind "${install_location}"/docker-containerd /usr/bin/containerd
        mount --bind "${install_location}"/docker-containerd-shim /usr/bin/containerd-shim
        mount --bind "${install_location}"/dockerd /usr/bin/dockerd
        mount --bind "${install_location}"/docker-proxy /usr/bin/docker-proxy
        mount --bind "${install_location}"/docker-runc /usr/sbin/runc
        echo "PATH=/home/upgrade-docker/bin:/sbin:/bin:/usr/sbin:/usr/bin" >> /etc/default/docker
      }
      # $1: Metadata key
      get_metadata() {
        /usr/bin/curl --fail --retry 5 --retry-delay 3 --silent --show-error  \
          -H "X-Google-Metadata-Request: True" \
          http://metadata.google.internal/computeMetadata/v1/instance/attributes/"$1"
      }
      main() {
        # Get the desired Docker version through the following metadata key.
        local requested_version="$(get_metadata "ubuntu-docker-version")"
        if [[ -z "${requested_version}" ]]; then
          exit 0
        fi
        # Stop the docker daemon during upgrade.
        systemctl stop docker
        download_and_install_docker "${requested_version}"
        # Assert that the upgrade was successful.
        local rc=0
        check_installed /usr/bin/docker "${requested_version}" || rc=1
        systemctl start docker && exit $rc
      }
      main "$@"
 runcmd:
  - systemctl daemon-reload
  - systemctl start upgrade-docker.service
  - mount /tmp /tmp -o remount,exec,suid
  - usermod -a -G docker jenkins
  - mkdir -p /var/lib/kubelet
  - mkdir -p /home/kubernetes/containerized_mounter/rootfs
  - mount --bind /home/kubernetes/containerized_mounter/ /home/kubernetes/containerized_mounter/
  - mount -o remount, exec /home/kubernetes/containerized_mounter/
  - wget https://dl.k8s.io/gci-mounter/mounter.tar -O /tmp/mounter.tar
  - tar xvf /tmp/mounter.tar -C /home/kubernetes/containerized_mounter/rootfs
  - mkdir -p /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --rbind /var/lib/kubelet /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --make-rshared /home/kubernetes/containerized_mounter/rootfs/var/lib/kubelet
  - mount --bind /proc /home/kubernetes/containerized_mounter/rootfs/proc
  - mount --bind /dev /home/kubernetes/containerized_mounter/rootfs/dev
  - rm /tmp/mounter.tar