From 72dff9059de806303f2fc0c43cfc6ce4ef931455 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 3 Oct 2017 14:56:12 +0100 Subject: [PATCH] kubernetes: arrange for kubelet-plugins directory to be persistent /usr/libexec/kubernetes/kubelet-plugins is a new path in Kube 1.8 (related to flexvolumes) which should be persisted. Like /etc/cni and /opt/cni we also need to arrange for this path to be valid in the host environment (since various system containers will try and mount bind mount it). Signed-off-by: Ian Campbell --- projects/kubernetes/cri-containerd/Dockerfile | 2 +- projects/kubernetes/docker.yml | 3 ++- projects/kubernetes/kube.yml | 2 ++ projects/kubernetes/kubernetes/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/projects/kubernetes/cri-containerd/Dockerfile b/projects/kubernetes/cri-containerd/Dockerfile index f524dcdae..cb4205ec5 100644 --- a/projects/kubernetes/cri-containerd/Dockerfile +++ b/projects/kubernetes/cri-containerd/Dockerfile @@ -48,4 +48,4 @@ FROM scratch WORKDIR / ENTRYPOINT ["cri-containerd", "-v", "2", "--alsologtostderr", "--network-bin-dir", "/var/lib/cni/opt/bin", "--network-conf-dir", "/var/lib/cni/etc/net.d"] COPY --from=build /out / -LABEL org.mobyproject.config='{"binds": ["/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/dev:/dev", "/tmp:/tmp", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes", "/var/lib/cni/etc:/etc/cni:rshared,rbind", "/var/lib/cni/opt:/opt/cni:rshared,rbind", "/run/containerd/containerd.sock:/run/containerd/containerd.sock"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc/net.d", "/var/lib/cni/opt"]}}' +LABEL org.mobyproject.config='{"binds": ["/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/dev:/dev", "/tmp:/tmp", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes", "/var/lib/cni/etc:/etc/cni:rshared,rbind", "/var/lib/cni/opt:/opt/cni:rshared,rbind", "/run/containerd/containerd.sock:/run/containerd/containerd.sock", "/var/lib/kubelet-plugins:/usr/libexec/kubernetes/kubelet-plugins:rshared,rbind"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc/net.d", "/var/lib/cni/opt", "/var/lib/kubelet-plugins"]}}' diff --git a/projects/kubernetes/docker.yml b/projects/kubernetes/docker.yml index a34477eac..b1d865d80 100644 --- a/projects/kubernetes/docker.yml +++ b/projects/kubernetes/docker.yml @@ -16,10 +16,11 @@ services: - /var/lib/kubeadm:/etc/kubernetes - /var/lib/cni/etc:/etc/cni:rshared,rbind - /var/lib/cni/opt:/opt/cni:rshared,rbind + - /var/lib/kubelet-plugins:/usr/libexec/kubernetes/kubelet-plugins:rshared,rbind rootfsPropagation: shared command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"] runtime: - mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"] + mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt", "/var/lib/kubelet-plugins"] - name: kubernetes-image-cache-common image: linuxkitprojects/kubernetes-image-cache-common:465c8781efd6664c9a744eb78bf5b90d6ce5db3e files: diff --git a/projects/kubernetes/kube.yml b/projects/kubernetes/kube.yml index 370aa2b20..1d7394999 100644 --- a/projects/kubernetes/kube.yml +++ b/projects/kubernetes/kube.yml @@ -42,6 +42,8 @@ files: metadata: yaml - path: /etc/kubernetes symlink: "/var/lib/kubeadm" + - path: /usr/libexec/kubernetes/kubelet-plugins + symlink: "/var/lib/kubelet-plugins" - path: /etc/kubeadm/kube-system.init/50-network.yaml source: network.yaml - path: /etc/sysctl.d/01-kubernetes.conf diff --git a/projects/kubernetes/kubernetes/Dockerfile b/projects/kubernetes/kubernetes/Dockerfile index 770cf12cc..26f676a41 100644 --- a/projects/kubernetes/kubernetes/Dockerfile +++ b/projects/kubernetes/kubernetes/Dockerfile @@ -75,4 +75,4 @@ WORKDIR / ENTRYPOINT ["/usr/bin/kubelet.sh"] COPY --from=build /out / ENV KUBECONFIG "/etc/kubernetes/admin.conf" -LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes", "/etc/kubelet.sh.conf:/etc/kubelet.sh.conf", "/etc/kubeadm:/etc/kubeadm"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"], "mounts": [{"type": "bind", "source": "/var/lib/cni/opt", "destination": "/opt/cni", "options": ["rw", "bind"]}, {"type": "bind", "source": "/var/lib/cni/etc", "destination": "/etc/cni", "options": ["rw", "bind"]}]}}' +LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes", "/etc/kubelet.sh.conf:/etc/kubelet.sh.conf", "/etc/kubeadm:/etc/kubeadm", "/var/lib/kubelet-plugins:/usr/libexec/kubernetes/kubelet-plugins:rshared,rbind"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt", "/var/lib/kubelet-plugins"], "mounts": [{"type": "bind", "source": "/var/lib/cni/opt", "destination": "/opt/cni", "options": ["rw", "bind"]}, {"type": "bind", "source": "/var/lib/cni/etc", "destination": "/etc/cni", "options": ["rw", "bind"]}]}}'