M #-: Improve capone131 image (cloud provider research)

- Use the k8s.io namespace with ctr (fix) - Correctly escape dollar sign in kube-vip wrapper (fix) - Add env vars required by crictl (deprecation) - Add insecure registry.dev for development use
OpenNebula · Nov 7, 2024 · f975f1a · f975f1a
1 parent ef6577a
commit f975f1a
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 4 deletions.
diff --git a/apps-code/community-apps/packer/capone/40-containerd.sh.131 b/apps-code/community-apps/packer/capone/40-containerd.sh.131
@@ -48,9 +48,29 @@ curl -fsSL "https://raw.githubusercontent.com/containerd/containerd/v$CONTAINERD
 systemctl daemon-reload
 
 (containerd config default | gawk -f /dev/fd/3 | install -m u=rw,go=r /dev/fd/0 /etc/containerd/config.toml) 3<<'AWK'
-{ print gensub("^(\\s*SystemdCgroup\\s*)=.*$", "\\1= true", 1) }
+$1 == "[plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.runc.options]" {
+    update_SystemdCgroup = 1
+}
+update_SystemdCgroup && $1 == "SystemdCgroup" {
+    update_SystemdCgroup = 0
+    $0 = gensub("^(\\s*SystemdCgroup\\s*)=.*$", "\\1= true", 1)
+}
+$1 == "[plugins.\"io.containerd.grpc.v1.cri\".registry]" {
+    update_config_path = 1
+}
+update_config_path && $1 == "config_path" {
+    update_config_path = 0
+    $0 = gensub("^(\\s*config_path\\s*)=.*$", "\\1= \"/etc/containerd/certs.d/\"", 1)
+}
+{ print }
 AWK
 
+install -m u=rw,go=r -D /dev/fd/0 /etc/containerd/certs.d/registry.dev:5005/hosts.toml <<'EOF'
+[host."http://registry.dev:5005"]
+  capabilities = ["pull", "resolve"]
+  skip_verify = true
+EOF
+
 systemctl enable containerd --now # must be started to pre-pull images in later stages
 
 sync
diff --git a/apps-code/community-apps/packer/capone/41-kubernetes.sh.131 b/apps-code/community-apps/packer/capone/41-kubernetes.sh.131
@@ -56,12 +56,17 @@ systemctl daemon-reload
 
 kubeadm config images pull "--kubernetes-version=v$KUBERNETES_VERSION"
 
-ctr image pull "ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION"
-ctr image pull "ghcr.io/kube-vip/kube-vip-cloud-provider:v$KUBEVIP_CLOUD_PROVIDER_VERSION"
+ctr --namespace=k8s.io image pull "ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION"
+ctr --namespace=k8s.io image pull "ghcr.io/kube-vip/kube-vip-cloud-provider:v$KUBEVIP_CLOUD_PROVIDER_VERSION"
 
 install -m u=rwx,go=rx /dev/fd/0 /usr/local/bin/kube-vip <<EOF
 #!/usr/bin/env bash
-exec ctr run --rm --net-host ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION vip /kube-vip "$$@"
+exec ctr --namespace=k8s.io run --rm --net-host ghcr.io/kube-vip/kube-vip:v$KUBEVIP_VERSION vip /kube-vip "\$@"
+EOF
+
+install -m u=rw,go=r /dev/fd/0 /etc/profile.d/crictl.sh <<'EOF'
+export CONTAINER_RUNTIME_ENDPOINT=/run/containerd/containerd.sock
+export IMAGE_SERVICE_ENDPOINT=/run/containerd/containerd.sock
 EOF
 
 install -m u=rw,go=r /dev/fd/0 /etc/profile.d/kubeconfig.sh <<'EOF'