diff --git a/cluster/gce/config-default.sh b/cluster/gce/config-default.sh index c9175ffd607..c8dd28ba276 100755 --- a/cluster/gce/config-default.sh +++ b/cluster/gce/config-default.sh @@ -112,6 +112,13 @@ export LOAD_IMAGE_COMMAND=${KUBE_LOAD_IMAGE_COMMAND:-ctr -n=k8s.io images import export UBUNTU_INSTALL_CONTAINERD_VERSION=${KUBE_UBUNTU_INSTALL_CONTAINERD_VERSION:-} export UBUNTU_INSTALL_RUNC_VERSION=${KUBE_UBUNTU_INSTALL_RUNC_VERSION:-} +# Ability to inject custom versions (COS images ONLY) +# if KUBE_COS_INSTALL_CONTAINERD_VERSION or KUBE_COS_INSTALL_RUNC_VERSION +# is set to empty then we do not override the version(s) and just +# use whatever is in the default installation of containerd package +export COS_INSTALL_CONTAINERD_VERSION=${KUBE_COS_INSTALL_CONTAINERD_VERSION:-} +export COS_INSTALL_RUNC_VERSION=${KUBE_COS_INSTALL_RUNC_VERSION:-} + # MASTER_EXTRA_METADATA is the extra instance metadata on master instance separated by commas. export MASTER_EXTRA_METADATA=${KUBE_MASTER_EXTRA_METADATA:-${KUBE_EXTRA_METADATA:-}} # MASTER_EXTRA_METADATA is the extra instance metadata on node instance separated by commas. diff --git a/cluster/gce/config-test.sh b/cluster/gce/config-test.sh index 6c8b84e5b16..4db770315c4 100755 --- a/cluster/gce/config-test.sh +++ b/cluster/gce/config-test.sh @@ -125,6 +125,13 @@ export GCI_DOCKER_VERSION=${KUBE_GCI_DOCKER_VERSION:-} export UBUNTU_INSTALL_CONTAINERD_VERSION=${KUBE_UBUNTU_INSTALL_CONTAINERD_VERSION:-} export UBUNTU_INSTALL_RUNC_VERSION=${KUBE_UBUNTU_INSTALL_RUNC_VERSION:-} +# Ability to inject custom versions (COS images ONLY) +# if KUBE_COS_INSTALL_CONTAINERD_VERSION or KUBE_COS_INSTALL_RUNC_VERSION +# is set to empty then we do not override the version(s) and just +# use whatever is in the default installation of containerd package +export COS_INSTALL_CONTAINERD_VERSION=${KUBE_COS_INSTALL_CONTAINERD_VERSION:-} +export COS_INSTALL_RUNC_VERSION=${KUBE_COS_INSTALL_RUNC_VERSION:-} + # MASTER_EXTRA_METADATA is the extra instance metadata on master instance separated by commas. export MASTER_EXTRA_METADATA=${KUBE_MASTER_EXTRA_METADATA:-${KUBE_EXTRA_METADATA:-}} # MASTER_EXTRA_METADATA is the extra instance metadata on node instance separated by commas. diff --git a/cluster/gce/gci/configure.sh b/cluster/gce/gci/configure.sh index 4ffc0a3deb4..318d0edbfb7 100644 --- a/cluster/gce/gci/configure.sh +++ b/cluster/gce/gci/configure.sh @@ -542,6 +542,46 @@ function install-containerd-ubuntu { sudo systemctl start containerd } +# If we are on cos we can try to install containerd +function install-containerd-cos { + # bailout if we are not on COS + if [ -e /etc/os-release ] && ! grep -q "ID=cos" /etc/os-release; then + echo "Unable to automatically install containerd in non-cos image. Bailing out..." + exit 2 + fi + + # Override to latest versions of containerd and runc + systemctl stop containerd + mkdir -p /home/containerd/ + mount --bind /home/containerd /home/containerd + mount -o remount,exec /home/containerd + if [[ -n "${COS_INSTALL_CONTAINERD_VERSION:-}" ]]; then + # containerd versions have slightly different url(s), so try both + # shellcheck disable=SC2086 + ( curl ${CURL_FLAGS} \ + --location \ + "https://github.com/containerd/containerd/releases/download/${COS_INSTALL_CONTAINERD_VERSION}/containerd-${COS_INSTALL_CONTAINERD_VERSION:1}-${HOST_PLATFORM}-${HOST_ARCH}.tar.gz" \ + || curl ${CURL_FLAGS} \ + --location \ + "https://github.com/containerd/containerd/releases/download/${COS_INSTALL_CONTAINERD_VERSION}/containerd-${COS_INSTALL_CONTAINERD_VERSION:1}.${HOST_PLATFORM}-${HOST_ARCH}.tar.gz" ) \ + | tar --overwrite -xzv -C /home/containerd/ + cp /usr/lib/systemd/system/containerd.service /etc/systemd/system/containerd.service + # fix the path of the new containerd binary + sed -i 's|ExecStart=.*|ExecStart=/home/containerd/bin/containerd|' /etc/systemd/system/containerd.service + fi + if [[ -n "${COS_INSTALL_RUNC_VERSION:-}" ]]; then + # shellcheck disable=SC2086 + curl ${CURL_FLAGS} \ + --location \ + "https://github.com/opencontainers/runc/releases/download/${COS_INSTALL_RUNC_VERSION}/runc.${HOST_ARCH}" --output /home/containerd/bin/runc \ + && chmod 755 /home/containerd/bin/runc + # ensure runc gets picked up from the correct location + sed -i "/\[Service\]/a Environment=PATH=/home/containerd/bin:$PATH" /etc/systemd/system/containerd.service + fi + systemctl daemon-reload + sudo systemctl start containerd +} + function install-auth-provider-gcp { local -r filename="auth-provider-gcp" local -r auth_provider_storage_full_path="${AUTH_PROVIDER_GCP_STORAGE_PATH}/${AUTH_PROVIDER_GCP_VERSION}/${HOST_PLATFORM}_${HOST_ARCH}/${filename}" @@ -587,6 +627,9 @@ function ensure-containerd-runtime { if [[ -n "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}" || -n "${UBUNTU_INSTALL_RUNC_VERSION:-}" ]]; then log-wrap "InstallContainerdUbuntu" install-containerd-ubuntu fi + if [[ -n "${COS_INSTALL_CONTAINERD_VERSION:-}" || -n "${COS_INSTALL_RUNC_VERSION:-}" ]]; then + log-wrap "InstallContainerdCOS" install-containerd-cos + fi # Fall back to installing distro specific containerd, if not found if ! command -v containerd >/dev/null 2>&1; then @@ -598,6 +641,9 @@ function ensure-containerd-runtime { Ubuntu) log-wrap "InstallContainerdUbuntu" install-containerd-ubuntu ;; + cos) + log-wrap "InstallContainerdCOS" install-containerd-cos + ;; *) echo "Installing containerd for linux release ${linuxrelease} not supported" >&2 exit 2 diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index ab8bb70759f..7c450d58c81 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -1211,6 +1211,8 @@ CONTAINER_RUNTIME_TEST_HANDLER: $(yaml-quote "${CONTAINER_RUNTIME_TEST_HANDLER:- CONTAINERD_INFRA_CONTAINER: $(yaml-quote "${CONTAINER_INFRA_CONTAINER:-}") UBUNTU_INSTALL_CONTAINERD_VERSION: $(yaml-quote "${UBUNTU_INSTALL_CONTAINERD_VERSION:-}") UBUNTU_INSTALL_RUNC_VERSION: $(yaml-quote "${UBUNTU_INSTALL_RUNC_VERSION:-}") +COS_INSTALL_CONTAINERD_VERSION: $(yaml-quote "${COS_INSTALL_CONTAINERD_VERSION:-}") +COS_INSTALL_RUNC_VERSION: $(yaml-quote "${COS_INSTALL_RUNC_VERSION:-}") NODE_LOCAL_SSDS_EXT: $(yaml-quote "${NODE_LOCAL_SSDS_EXT:-}") NODE_LOCAL_SSDS_EPHEMERAL: $(yaml-quote "${NODE_LOCAL_SSDS_EPHEMERAL:-}") LOAD_IMAGE_COMMAND: $(yaml-quote "${LOAD_IMAGE_COMMAND:-}")