diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta2/doc.go b/cmd/kubeadm/app/apis/kubeadm/v1beta2/doc.go index be5ea5bbf9b..b66059cfb1c 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta2/doc.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta2/doc.go @@ -169,7 +169,7 @@ limitations under the License. // - system:bootstrappers:kubeadm:default-node-token // nodeRegistration: // name: "ec2-10-100-0-1" -// criSocket: "unix:///var/run/dockershim.sock" +// criSocket: "unix:///var/run/containerd/containerd.sock" // taints: // - key: "kubeadmNode" // value: "master" diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta3/doc.go b/cmd/kubeadm/app/apis/kubeadm/v1beta3/doc.go index 37a861885c9..4ba87609d38 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta3/doc.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta3/doc.go @@ -173,7 +173,7 @@ limitations under the License. // - system:bootstrappers:kubeadm:default-node-token // nodeRegistration: // name: "ec2-10-100-0-1" -// criSocket: "unix:///var/run/dockershim.sock" +// criSocket: "unix:///var/run/containerd/containerd.sock" // taints: // - key: "kubeadmNode" // value: "master" diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go index 9a87bcb721d..db8a22c5637 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go @@ -579,7 +579,7 @@ func TestValidateJoinConfiguration(t *testing.T) { }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{ Name: "aaa", - CRISocket: "unix:///var/run/dockershim.sock", + CRISocket: "unix:///var/run/containerd/containerd.sock", }, }, true}, {&kubeadmapi.JoinConfiguration{ // Pass with JoinControlPlane @@ -594,7 +594,7 @@ func TestValidateJoinConfiguration(t *testing.T) { }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{ Name: "aaa", - CRISocket: "unix:///var/run/dockershim.sock", + CRISocket: "unix:///var/run/containerd/containerd.sock", }, ControlPlane: &kubeadmapi.JoinControlPlane{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{ @@ -615,7 +615,7 @@ func TestValidateJoinConfiguration(t *testing.T) { }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{ Name: "aaa", - CRISocket: "unix:///var/run/dockershim.sock", + CRISocket: "unix:///var/run/containerd/containerd.sock", }, ControlPlane: &kubeadmapi.JoinControlPlane{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{ @@ -636,7 +636,7 @@ func TestValidateJoinConfiguration(t *testing.T) { }, NodeRegistration: kubeadmapi.NodeRegistrationOptions{ Name: "aaa", - CRISocket: "/var/run/dockershim.sock", + CRISocket: "unix:///var/run/containerd/containerd.sock", }, ControlPlane: &kubeadmapi.JoinControlPlane{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{ diff --git a/cmd/kubeadm/app/cmd/certs_test.go b/cmd/kubeadm/app/cmd/certs_test.go index 18ec56694d2..8efa58c7456 100644 --- a/cmd/kubeadm/app/cmd/certs_test.go +++ b/cmd/kubeadm/app/cmd/certs_test.go @@ -359,7 +359,7 @@ kind: InitConfiguration localAPIEndpoint: advertiseAddress: 192.0.2.1 nodeRegistration: - criSocket: /path/to/dockershim.sock + criSocket: "unix:///var/run/containerd/containerd.sock" --- apiVersion: %[1]s kind: ClusterConfiguration diff --git a/cmd/kubeadm/app/cmd/config.go b/cmd/kubeadm/app/cmd/config.go index 6c875a8bb37..db0488c9990 100644 --- a/cmd/kubeadm/app/cmd/config.go +++ b/cmd/kubeadm/app/cmd/config.go @@ -211,7 +211,7 @@ func getDefaultNodeConfigBytes() ([]byte, error) { }, }, NodeRegistration: kubeadmapiv1.NodeRegistrationOptions{ - CRISocket: constants.DefaultDockerCRISocket, // avoid CRI detection + CRISocket: constants.DefaultCRISocket, // avoid CRI detection }, }) if err != nil { diff --git a/cmd/kubeadm/app/cmd/config_test.go b/cmd/kubeadm/app/cmd/config_test.go index d7d88878ccd..27dd17b75c3 100644 --- a/cmd/kubeadm/app/cmd/config_test.go +++ b/cmd/kubeadm/app/cmd/config_test.go @@ -363,10 +363,10 @@ func TestImagesPull(t *testing.T) { func(cmd string, args ...string) exec.Cmd { return fakeexec.InitFakeCmd(&fcmd, cmd, args...) }, func(cmd string, args ...string) exec.Cmd { return fakeexec.InitFakeCmd(&fcmd, cmd, args...) }, }, - LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/docker", nil }, + LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/crictl", nil }, } - containerRuntime, err := utilruntime.NewContainerRuntime(&fexec, constants.DefaultDockerCRISocket) + containerRuntime, err := utilruntime.NewContainerRuntime(&fexec, constants.DefaultCRISocket) if err != nil { t.Errorf("unexpected NewContainerRuntime error: %v", err) } diff --git a/cmd/kubeadm/app/cmd/phases/init/waitcontrolplane.go b/cmd/kubeadm/app/cmd/phases/init/waitcontrolplane.go index e9f2b9ee1ca..a0af2810b36 100644 --- a/cmd/kubeadm/app/cmd/phases/init/waitcontrolplane.go +++ b/cmd/kubeadm/app/cmd/phases/init/waitcontrolplane.go @@ -29,7 +29,6 @@ import ( "k8s.io/klog/v2" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases/workflow" - kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" "k8s.io/kubernetes/cmd/kubeadm/app/util/apiclient" dryrunutil "k8s.io/kubernetes/cmd/kubeadm/app/util/dryrun" ) @@ -49,17 +48,10 @@ var ( Additionally, a control plane component may have crashed or exited when started by the container runtime. To troubleshoot, list all containers using your preferred container runtimes CLI. -{{ if .IsDocker }} - Here is one example how you may list all Kubernetes containers running in docker: - - 'docker ps -a | grep kube | grep -v pause' - Once you have found the failing container, you can inspect its logs with: - - 'docker logs CONTAINERID' -{{ else }} - Here is one example how you may list all Kubernetes containers running in cri-o/containerd using crictl: + Here is one example how you may list all running Kubernetes containers by using crictl: - 'crictl --runtime-endpoint {{ .Socket }} ps -a | grep kube | grep -v pause' Once you have found the failing container, you can inspect its logs with: - 'crictl --runtime-endpoint {{ .Socket }} logs CONTAINERID' -{{ end }} `))) ) @@ -105,13 +97,11 @@ func runWaitControlPlanePhase(c workflow.RunData) error { if err := waiter.WaitForKubeletAndFunc(waiter.WaitForAPI); err != nil { context := struct { - Error string - Socket string - IsDocker bool + Error string + Socket string }{ - Error: fmt.Sprintf("%v", err), - Socket: data.Cfg().NodeRegistration.CRISocket, - IsDocker: data.Cfg().NodeRegistration.CRISocket == kubeadmconstants.DefaultDockerCRISocket, + Error: fmt.Sprintf("%v", err), + Socket: data.Cfg().NodeRegistration.CRISocket, } kubeletFailTempl.Execute(data.OutputWriter(), context) diff --git a/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go b/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go index ba9e2049729..3e116096ef2 100644 --- a/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go +++ b/cmd/kubeadm/app/cmd/phases/reset/cleanupnode.go @@ -96,6 +96,8 @@ func runCleanupNode(c workflow.RunData) error { fmt.Println("[reset] Would remove Kubernetes-managed containers") } + // TODO: remove the dockershim directory cleanup in 1.25 + // https://github.com/kubernetes/kubeadm/issues/2626 r.AddDirsToClean("/var/lib/dockershim", "/var/run/kubernetes", "/var/lib/cni") // Remove contents from the config and pki directories diff --git a/cmd/kubeadm/app/constants/constants_unix.go b/cmd/kubeadm/app/constants/constants_unix.go index 3d2ecec90f3..0943d0610c0 100644 --- a/cmd/kubeadm/app/constants/constants_unix.go +++ b/cmd/kubeadm/app/constants/constants_unix.go @@ -20,6 +20,13 @@ limitations under the License. package constants const ( - // DefaultDockerCRISocket defines the default Docker CRI socket - DefaultDockerCRISocket = "unix:///var/run/dockershim.sock" + // CRISocketContainerd is the containerd CRI endpoint + CRISocketContainerd = "unix:///var/run/containerd/containerd.sock" + // CRISocketCRIO is the cri-o CRI endpoint + CRISocketCRIO = "unix:///var/run/crio/crio.sock" + // CRISocketDocker is the cri-dockerd CRI endpoint + CRISocketDocker = "unix:///var/run/cri-dockerd.sock" + + // DefaultCRISocket defines the default CRI socket + DefaultCRISocket = CRISocketContainerd ) diff --git a/cmd/kubeadm/app/constants/constants_windows.go b/cmd/kubeadm/app/constants/constants_windows.go index 1a44a82723d..48e870023bc 100644 --- a/cmd/kubeadm/app/constants/constants_windows.go +++ b/cmd/kubeadm/app/constants/constants_windows.go @@ -20,6 +20,14 @@ limitations under the License. package constants const ( - // DefaultDockerCRISocket defines the default Docker CRI socket - DefaultDockerCRISocket = "npipe:////./pipe/docker_engine" + // CRISocketContainerd is the containerd CRI endpoint + CRISocketContainerd = "npipe:////./pipe/containerd-containerd" + // CRISocketCRIO is the cri-o CRI endpoint + // NOTE: this is a placeholder as CRI-O does not support Windows + CRISocketCRIO = "npipe:////./pipe/cri-o" + // CRISocketDocker is the cri-dockerd CRI endpoint + CRISocketDocker = "npipe:////./pipe/cri-dockerd" + + // DefaultCRISocket defines the default CRI socket + DefaultCRISocket = CRISocketContainerd ) diff --git a/cmd/kubeadm/app/phases/kubelet/flags.go b/cmd/kubeadm/app/phases/kubelet/flags.go index de24a57ad3f..6b420869cd7 100644 --- a/cmd/kubeadm/app/phases/kubelet/flags.go +++ b/cmd/kubeadm/app/phases/kubelet/flags.go @@ -21,6 +21,7 @@ import ( "io/ioutil" "os" "path/filepath" + "runtime" "strings" "github.com/pkg/errors" @@ -102,7 +103,13 @@ func buildKubeletArgMapCommon(opts kubeletFlagsOpts) map[string]string { // Once that happens only the "remote" branch option should be left. // TODO: https://github.com/kubernetes/kubeadm/issues/2626 hasDockershim := opts.kubeletVersion.Major() == 1 && opts.kubeletVersion.Minor() < 24 - if opts.nodeRegOpts.CRISocket == constants.DefaultDockerCRISocket && hasDockershim { + var dockerSocket string + if runtime.GOOS == "windows" { + dockerSocket = "npipe:////./pipe/dockershim" + } else { + dockerSocket = "unix:///var/run/dockershim.sock" + } + if opts.nodeRegOpts.CRISocket == dockerSocket && hasDockershim { kubeletFlags["network-plugin"] = "cni" } else { kubeletFlags["container-runtime"] = "remote" diff --git a/cmd/kubeadm/app/phases/patchnode/patchnode_test.go b/cmd/kubeadm/app/phases/patchnode/patchnode_test.go index f0a5656e3ad..35dad449e3c 100644 --- a/cmd/kubeadm/app/phases/patchnode/patchnode_test.go +++ b/cmd/kubeadm/app/phases/patchnode/patchnode_test.go @@ -52,7 +52,7 @@ func TestAnnotateCRISocket(t *testing.T) { }, { name: "CRI-socket annotation needs to be updated", - currentCRISocketAnnotation: "unix:///var/run/dockershim.sock", + currentCRISocketAnnotation: "unix:///foo/bar", newCRISocketAnnotation: "unix:///run/containerd/containerd.sock", expectedPatch: `{"metadata":{"annotations":{"kubeadm.alpha.kubernetes.io/cri-socket":"unix:///run/containerd/containerd.sock"}}}`, }, diff --git a/cmd/kubeadm/app/preflight/checks.go b/cmd/kubeadm/app/preflight/checks.go index 446e10e17ee..fdfb9433d62 100644 --- a/cmd/kubeadm/app/preflight/checks.go +++ b/cmd/kubeadm/app/preflight/checks.go @@ -507,9 +507,7 @@ func (subnet HTTPProxyCIDRCheck) Check() (warnings, errorList []error) { } // SystemVerificationCheck defines struct used for running the system verification node check in test/e2e_node/system -type SystemVerificationCheck struct { - IsDocker bool -} +type SystemVerificationCheck struct{} // Name will return SystemVerification as name for SystemVerificationCheck func (SystemVerificationCheck) Name() string { @@ -530,11 +528,6 @@ func (sysver SystemVerificationCheck) Check() (warnings, errorList []error) { var validators = []system.Validator{ &system.KernelValidator{Reporter: reporter}} - // run the docker validator only with docker runtime - if sysver.IsDocker { - validators = append(validators, &system.DockerValidator{Reporter: reporter}) - } - if runtime.GOOS == "linux" { //add linux validators validators = append(validators, @@ -1025,26 +1018,19 @@ func RunJoinNodeChecks(execer utilsexec.Interface, cfg *kubeadmapi.JoinConfigura // kubeadm init and join commands func addCommonChecks(execer utilsexec.Interface, k8sVersion string, nodeReg *kubeadmapi.NodeRegistrationOptions, checks []Checker) []Checker { containerRuntime, err := utilruntime.NewContainerRuntime(execer, nodeReg.CRISocket) - isDocker := false if err != nil { klog.Warningf("[preflight] WARNING: Couldn't create the interface used for talking to the container runtime: %v\n", err) } else { checks = append(checks, ContainerRuntimeCheck{runtime: containerRuntime}) - if containerRuntime.IsDocker() { - isDocker = true - checks = append(checks, ServiceCheck{Service: "docker", CheckIfActive: true}) - } } // non-windows checks if runtime.GOOS == "linux" { - if !isDocker { - checks = append(checks, InPathCheck{executable: "crictl", mandatory: true, exec: execer}) - } checks = append(checks, FileContentCheck{Path: bridgenf, Content: []byte{'1'}}, FileContentCheck{Path: ipv4Forward, Content: []byte{'1'}}, SwapCheck{}, + InPathCheck{executable: "crictl", mandatory: true, exec: execer}, InPathCheck{executable: "conntrack", mandatory: true, exec: execer}, InPathCheck{executable: "ip", mandatory: true, exec: execer}, InPathCheck{executable: "iptables", mandatory: true, exec: execer}, @@ -1057,7 +1043,7 @@ func addCommonChecks(execer utilsexec.Interface, k8sVersion string, nodeReg *kub InPathCheck{executable: "touch", mandatory: false, exec: execer}) } checks = append(checks, - SystemVerificationCheck{IsDocker: isDocker}, + SystemVerificationCheck{}, HostnameCheck{nodeName: nodeReg.Name}, KubeletVersionCheck{KubernetesVersion: k8sVersion, exec: execer}, ServiceCheck{Service: "kubelet", CheckIfActive: false}, diff --git a/cmd/kubeadm/app/preflight/checks_test.go b/cmd/kubeadm/app/preflight/checks_test.go index 26ef8b5d004..f672d713e68 100644 --- a/cmd/kubeadm/app/preflight/checks_test.go +++ b/cmd/kubeadm/app/preflight/checks_test.go @@ -917,10 +917,10 @@ func TestImagePullCheck(t *testing.T) { func(cmd string, args ...string) exec.Cmd { return fakeexec.InitFakeCmd(&fcmd, cmd, args...) }, func(cmd string, args ...string) exec.Cmd { return fakeexec.InitFakeCmd(&fcmd, cmd, args...) }, }, - LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/docker", nil }, + LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/crictl", nil }, } - containerRuntime, err := utilruntime.NewContainerRuntime(&fexec, constants.DefaultDockerCRISocket) + containerRuntime, err := utilruntime.NewContainerRuntime(&fexec, constants.DefaultCRISocket) if err != nil { t.Errorf("unexpected NewContainerRuntime error: %v", err) } diff --git a/cmd/kubeadm/app/util/config/initconfiguration.go b/cmd/kubeadm/app/util/config/initconfiguration.go index 0b7917de168..2eebad5ca42 100644 --- a/cmd/kubeadm/app/util/config/initconfiguration.go +++ b/cmd/kubeadm/app/util/config/initconfiguration.go @@ -195,7 +195,7 @@ func DefaultedStaticInitConfiguration() (*kubeadmapi.InitConfiguration, error) { LocalAPIEndpoint: kubeadmapiv1.APIEndpoint{AdvertiseAddress: "1.2.3.4"}, BootstrapTokens: []bootstraptokenv1.BootstrapToken{PlaceholderToken}, NodeRegistration: kubeadmapiv1.NodeRegistrationOptions{ - CRISocket: kubeadmconstants.DefaultDockerCRISocket, // avoid CRI detection + CRISocket: kubeadmconstants.DefaultCRISocket, // avoid CRI detection Name: "node", }, } diff --git a/cmd/kubeadm/app/util/runtime/runtime.go b/cmd/kubeadm/app/util/runtime/runtime.go index 11cd8bbc1fe..95697d7c656 100644 --- a/cmd/kubeadm/app/util/runtime/runtime.go +++ b/cmd/kubeadm/app/util/runtime/runtime.go @@ -27,9 +27,16 @@ import ( "k8s.io/kubernetes/cmd/kubeadm/app/constants" ) +// defaultKnownCRISockets holds the set of known CRI endpoints +var defaultKnownCRISockets = []string{ + constants.CRISocketContainerd, + constants.CRISocketCRIO, + constants.CRISocketDocker, +} + // ContainerRuntime is an interface for working with container runtimes type ContainerRuntime interface { - IsDocker() bool + Socket() string IsRunning() error ListKubeContainers() ([]string, error) RemoveContainers(containers []string) error @@ -43,39 +50,19 @@ type CRIRuntime struct { criSocket string } -// DockerRuntime is a struct that interfaces with the Docker daemon -type DockerRuntime struct { - exec utilsexec.Interface -} - // NewContainerRuntime sets up and returns a ContainerRuntime struct func NewContainerRuntime(execer utilsexec.Interface, criSocket string) (ContainerRuntime, error) { - var toolName string - var runtime ContainerRuntime - - if criSocket != constants.DefaultDockerCRISocket { - toolName = "crictl" - runtime = &CRIRuntime{execer, criSocket} - } else { - toolName = "docker" - runtime = &DockerRuntime{execer} - } - + toolName := "crictl" + runtime := &CRIRuntime{execer, criSocket} if _, err := execer.LookPath(toolName); err != nil { - return nil, errors.Wrapf(err, "%s is required for container runtime", toolName) + return nil, errors.Wrapf(err, "%s is required by the container runtime", toolName) } - return runtime, nil } -// IsDocker returns true if the runtime is docker -func (runtime *CRIRuntime) IsDocker() bool { - return false -} - -// IsDocker returns true if the runtime is docker -func (runtime *DockerRuntime) IsDocker() bool { - return true +// Socket returns the CRI socket endpoint +func (runtime *CRIRuntime) Socket() string { + return runtime.criSocket } // IsRunning checks if runtime is running @@ -86,14 +73,6 @@ func (runtime *CRIRuntime) IsRunning() error { return nil } -// IsRunning checks if runtime is running -func (runtime *DockerRuntime) IsRunning() error { - if out, err := runtime.exec.Command("docker", "info").CombinedOutput(); err != nil { - return errors.Wrapf(err, "container runtime is not running: output: %s, error", string(out)) - } - return nil -} - // ListKubeContainers lists running k8s CRI pods func (runtime *CRIRuntime) ListKubeContainers() ([]string, error) { out, err := runtime.exec.Command("crictl", "-r", runtime.criSocket, "pods", "-q").CombinedOutput() @@ -105,12 +84,6 @@ func (runtime *CRIRuntime) ListKubeContainers() ([]string, error) { return pods, nil } -// ListKubeContainers lists running k8s containers -func (runtime *DockerRuntime) ListKubeContainers() ([]string, error) { - output, err := runtime.exec.Command("docker", "ps", "-a", "--filter", "name=k8s_", "-q").CombinedOutput() - return strings.Fields(string(output)), err -} - // RemoveContainers removes running k8s pods func (runtime *CRIRuntime) RemoveContainers(containers []string) error { errs := []error{} @@ -129,24 +102,6 @@ func (runtime *CRIRuntime) RemoveContainers(containers []string) error { return errorsutil.NewAggregate(errs) } -// RemoveContainers removes running containers -func (runtime *DockerRuntime) RemoveContainers(containers []string) error { - errs := []error{} - for _, container := range containers { - out, err := runtime.exec.Command("docker", "stop", container).CombinedOutput() - if err != nil { - // don't stop on errors, try to remove as many containers as possible - errs = append(errs, errors.Wrapf(err, "failed to stop running container %s: output: %s, error", container, string(out))) - } else { - out, err = runtime.exec.Command("docker", "rm", "--volumes", container).CombinedOutput() - if err != nil { - errs = append(errs, errors.Wrapf(err, "failed to remove running container %s: output: %s, error", container, string(out))) - } - } - } - return errorsutil.NewAggregate(errs) -} - // PullImage pulls the image func (runtime *CRIRuntime) PullImage(image string) error { var err error @@ -160,47 +115,15 @@ func (runtime *CRIRuntime) PullImage(image string) error { return errors.Wrapf(err, "output: %s, error", out) } -// PullImage pulls the image -func (runtime *DockerRuntime) PullImage(image string) error { - var err error - var out []byte - for i := 0; i < constants.PullImageRetry; i++ { - out, err = runtime.exec.Command("docker", "pull", image).CombinedOutput() - if err == nil { - return nil - } - } - return errors.Wrapf(err, "output: %s, error", out) -} - // ImageExists checks to see if the image exists on the system func (runtime *CRIRuntime) ImageExists(image string) (bool, error) { err := runtime.exec.Command("crictl", "-r", runtime.criSocket, "inspecti", image).Run() return err == nil, nil } -// ImageExists checks to see if the image exists on the system -func (runtime *DockerRuntime) ImageExists(image string) (bool, error) { - err := runtime.exec.Command("docker", "inspect", image).Run() - return err == nil, nil -} - // detectCRISocketImpl is separated out only for test purposes, DON'T call it directly, use DetectCRISocket instead -func detectCRISocketImpl(isSocket func(string) bool) (string, error) { +func detectCRISocketImpl(isSocket func(string) bool, knownCRISockets []string) (string, error) { foundCRISockets := []string{} - knownCRISockets := []string{ - // Docker and containerd sockets are special cased below, hence not to be included here - "unix:///var/run/crio/crio.sock", - } - - if isSocket(dockerSocket) { - // the path in dockerSocket is not CRI compatible, hence we should replace it with a CRI compatible socket - foundCRISockets = append(foundCRISockets, constants.DefaultDockerCRISocket) - } else if isSocket(containerdSocket) { - // Docker 18.09 gets bundled together with containerd, thus having both dockerSocket and containerdSocket present. - // For compatibility reasons, we use the containerd socket only if Docker is not detected. - foundCRISockets = append(foundCRISockets, containerdSocket) - } for _, socket := range knownCRISockets { if isSocket(socket) { @@ -210,18 +133,20 @@ func detectCRISocketImpl(isSocket func(string) bool) (string, error) { switch len(foundCRISockets) { case 0: - // Fall back to Docker if no CRI is detected, we can error out later on if we need it - return constants.DefaultDockerCRISocket, nil + // Fall back to the default socket if no CRI is detected, we can error out later on if we need it + return constants.DefaultCRISocket, nil case 1: // Precisely one CRI found, use that return foundCRISockets[0], nil default: // Multiple CRIs installed? - return "", errors.Errorf("Found multiple CRI sockets, please use --cri-socket to select one: %s", strings.Join(foundCRISockets, ", ")) + return "", errors.Errorf("Found multiple CRI endpoints on the host. Please define which one do you wish "+ + "to use by setting the 'criSocket' field in the kubeadm configuration file: %s", + strings.Join(foundCRISockets, ", ")) } } // DetectCRISocket uses a list of known CRI sockets to detect one. If more than one or none is discovered, an error is returned. func DetectCRISocket() (string, error) { - return detectCRISocketImpl(isExistingSocket) + return detectCRISocketImpl(isExistingSocket, defaultKnownCRISockets) } diff --git a/cmd/kubeadm/app/util/runtime/runtime_test.go b/cmd/kubeadm/app/util/runtime/runtime_test.go index 2995e82e8a1..62e237364bb 100644 --- a/cmd/kubeadm/app/util/runtime/runtime_test.go +++ b/cmd/kubeadm/app/util/runtime/runtime_test.go @@ -40,32 +40,25 @@ func TestNewContainerRuntime(t *testing.T) { LookPathFunc: func(cmd string) (string, error) { return "", errors.Errorf("%s not found", cmd) }, } cases := []struct { - name string - execer fakeexec.FakeExec - criSocket string - isDocker bool - isError bool + name string + execer fakeexec.FakeExec + isError bool }{ - {"valid: default cri socket", execLookPathOK, constants.DefaultDockerCRISocket, true, false}, - {"valid: cri-o socket url", execLookPathOK, "unix:///var/run/crio/crio.sock", false, false}, - {"invalid: no crictl", execLookPathErr, "unix:///var/run/crio/crio.sock", false, true}, + {"valid: crictl present", execLookPathOK, false}, + {"invalid: no crictl", execLookPathErr, true}, } for _, tc := range cases { t.Run(tc.name, func(t *testing.T) { - runtime, err := NewContainerRuntime(&tc.execer, tc.criSocket) + _, err := NewContainerRuntime(&tc.execer, "unix:///some/socket.sock") if err != nil { if !tc.isError { - t.Fatalf("unexpected NewContainerRuntime error. criSocket: %s, error: %v", tc.criSocket, err) + t.Fatalf("unexpected NewContainerRuntime error. error: %v", err) } return // expected error occurs, impossible to test runtime further } if tc.isError && err == nil { - t.Fatalf("unexpected NewContainerRuntime success. criSocket: %s", tc.criSocket) - } - isDocker := runtime.IsDocker() - if tc.isDocker != isDocker { - t.Fatalf("unexpected isDocker() result %v for the criSocket %s", isDocker, tc.criSocket) + t.Fatal("unexpected NewContainerRuntime success") } }) } @@ -96,11 +89,6 @@ func TestIsRunning(t *testing.T) { LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/crictl", nil }, } - dockerExecer := fakeexec.FakeExec{ - CommandScript: genFakeActions(&fcmd, len(fcmd.CombinedOutputScript)), - LookPathFunc: func(cmd string) (string, error) { return "/usr/bin/docker", nil }, - } - cases := []struct { name string criSocket string @@ -109,8 +97,6 @@ func TestIsRunning(t *testing.T) { }{ {"valid: CRI-O is running", "unix:///var/run/crio/crio.sock", criExecer, false}, {"invalid: CRI-O is not running", "unix:///var/run/crio/crio.sock", criExecer, true}, - {"valid: docker is running", constants.DefaultDockerCRISocket, dockerExecer, false}, - {"invalid: docker is not running", constants.DefaultDockerCRISocket, dockerExecer, true}, } for _, tc := range cases { @@ -150,7 +136,6 @@ func TestListKubeContainers(t *testing.T) { }{ {"valid: list containers using CRI socket url", "unix:///var/run/crio/crio.sock", false}, {"invalid: list containers using CRI socket url", "unix:///var/run/crio/crio.sock", true}, - {"valid: list containers using docker", constants.DefaultDockerCRISocket, false}, } for _, tc := range cases { @@ -204,9 +189,6 @@ func TestRemoveContainers(t *testing.T) { {"valid: remove containers using CRI", "unix:///var/run/crio/crio.sock", []string{"k8s_p1", "k8s_p2", "k8s_p3"}, false}, // Test case 1 {"invalid: CRI rmp failure", "unix:///var/run/crio/crio.sock", []string{"k8s_p1", "k8s_p2", "k8s_p3"}, true}, {"invalid: CRI stopp failure", "unix:///var/run/crio/crio.sock", []string{"k8s_p1", "k8s_p2", "k8s_p3"}, true}, - {"valid: remove containers using docker", constants.DefaultDockerCRISocket, []string{"k8s_c1", "k8s_c2", "k8s_c3"}, false}, - {"invalid: docker rm failure", constants.DefaultDockerCRISocket, []string{"k8s_c1", "k8s_c2", "k8s_c3"}, true}, - {"invalid: docker stop failure", constants.DefaultDockerCRISocket, []string{"k8s_c1", "k8s_c2", "k8s_c3"}, true}, } for _, tc := range cases { @@ -259,8 +241,6 @@ func TestPullImage(t *testing.T) { }{ {"valid: pull image using CRI", "unix:///var/run/crio/crio.sock", "image1", false}, {"invalid: CRI pull error", "unix:///var/run/crio/crio.sock", "image2", true}, - {"valid: pull image using docker", constants.DefaultDockerCRISocket, "image1", false}, - {"invalid: docker pull error", constants.DefaultDockerCRISocket, "image2", true}, } for _, tc := range cases { @@ -302,9 +282,7 @@ func TestImageExists(t *testing.T) { result bool }{ {"valid: test if image exists using CRI", "unix:///var/run/crio/crio.sock", "image1", false}, - {"invalid: CRI inspecti failure", "unix:///var/run/crio/crio.sock", "image2", true}, - {"valid: test if image exists using docker", constants.DefaultDockerCRISocket, "image1", false}, - {"invalid: docker inspect failure", constants.DefaultDockerCRISocket, "image2", true}, + {"invalid: CRI inspect failure", "unix:///var/run/crio/crio.sock", "image2", true}, } for _, tc := range cases { @@ -395,45 +373,22 @@ func TestDetectCRISocketImpl(t *testing.T) { expectedSocket string }{ { - name: "No existing sockets, use Docker", + name: "No existing sockets, use default", existingSockets: []string{}, expectedError: false, - expectedSocket: constants.DefaultDockerCRISocket, + expectedSocket: constants.DefaultCRISocket, }, { name: "One valid CRI socket leads to success", - existingSockets: []string{"unix:///var/run/crio/crio.sock"}, + existingSockets: []string{"unix:///foo/bar.sock"}, expectedError: false, - expectedSocket: "unix:///var/run/crio/crio.sock", + expectedSocket: "unix:///foo/bar.sock", }, { - name: "Correct Docker CRI socket is returned", - existingSockets: []string{"unix:///var/run/docker.sock"}, - expectedError: false, - expectedSocket: constants.DefaultDockerCRISocket, - }, - { - name: "CRI and Docker sockets lead to an error", + name: "Multiple CRI sockets lead to an error", existingSockets: []string{ - "unix:///var/run/docker.sock", - "unix:///var/run/crio/crio.sock", - }, - expectedError: true, - }, - { - name: "Docker and containerd lead to Docker being used", - existingSockets: []string{ - "unix:///var/run/docker.sock", - "unix:///run/containerd/containerd.sock", - }, - expectedError: false, - expectedSocket: constants.DefaultDockerCRISocket, - }, - { - name: "A couple of CRI sockets lead to an error", - existingSockets: []string{ - "unix:///var/run/crio/crio.sock", - "unix:///run/containerd/containerd.sock", + "unix:///foo/bar.sock", + "unix:///foo/baz.sock", }, expectedError: true, }, @@ -447,9 +402,9 @@ func TestDetectCRISocketImpl(t *testing.T) { return true } } - return false - }) + }, test.existingSockets) + if (err != nil) != test.expectedError { t.Fatalf("detectCRISocketImpl returned unexpected result\n\tExpected error: %t\n\tGot error: %t", test.expectedError, err != nil) } diff --git a/cmd/kubeadm/app/util/runtime/runtime_unix.go b/cmd/kubeadm/app/util/runtime/runtime_unix.go index b0695324ee0..5989c14290f 100644 --- a/cmd/kubeadm/app/util/runtime/runtime_unix.go +++ b/cmd/kubeadm/app/util/runtime/runtime_unix.go @@ -24,11 +24,6 @@ import ( "net/url" ) -const ( - dockerSocket = "unix:///var/run/docker.sock" // The Docker socket is not CRI compatible - containerdSocket = "unix:///run/containerd/containerd.sock" -) - // isExistingSocket checks if path exists and is domain socket func isExistingSocket(path string) bool { u, err := url.Parse(path) diff --git a/cmd/kubeadm/app/util/runtime/runtime_windows.go b/cmd/kubeadm/app/util/runtime/runtime_windows.go index b82f6b8f727..460bfcd0388 100644 --- a/cmd/kubeadm/app/util/runtime/runtime_windows.go +++ b/cmd/kubeadm/app/util/runtime/runtime_windows.go @@ -25,11 +25,6 @@ import ( winio "github.com/Microsoft/go-winio" ) -const ( - dockerSocket = "npipe:////./pipe/docker_engine" // The Docker socket is not CRI compatible - containerdSocket = "npipe:////./pipe/containerd-containerd" // Proposed containerd named pipe for Windows -) - // isExistingSocket checks if path exists and is domain socket func isExistingSocket(path string) bool { u, err := url.Parse(path)