Skip to content

Commit

Permalink
enable test handler for containerd runtime
Browse files Browse the repository at this point in the history
  • Loading branch information
@upodroid
upodroid committed Oct 24, 2023
1 parent 419b93b commit b5a64a9
Show file tree
Hide file tree
Showing 12 changed files with 56 additions and 55 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -752,7 +752,7 @@ dev-upload: dev-upload-linux-amd64 dev-upload-linux-arm64
.PHONY: crds
crds:
cd "${KOPS_ROOT}/hack" && go build -o "${KOPS_ROOT}/_output/bin/controller-gen" sigs.k8s.io/controller-tools/cmd/controller-gen
"${KOPS_ROOT}/_output/bin/controller-gen" crd paths=k8s.io/kops/pkg/apis/kops/v1alpha2 output:dir=k8s/crds/ crd:crdVersions=v1
"${KOPS_ROOT}/_output/bin/controller-gen" crd paths=k8s.io/kops/pkg/apis/kops/v1alpha2 output:dir=k8s/crds/

#------------------------------------------------------
# kops-controller
Expand Down
47 changes: 27 additions & 20 deletions k8s/crds/kops.k8s.io_clusters.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.13.0
name: clusters.kops.k8s.io
spec:
group: kops.k8s.io
Expand Down Expand Up @@ -921,6 +919,10 @@ spec:
description: State directory for execution state files (default
"/run/containerd").
type: string
testHandlerEnabled:
description: TestHandlerEnabled enables a runtime called test-handler,
specific to k/k e2e tests
type: boolean
version:
description: Version used to pick the containerd package.
type: string
Expand Down Expand Up @@ -1513,9 +1515,9 @@ spec:
masters so that they are not on the pod network. true is the kube-up
behaviour, but it is very surprising: it means that daemonsets only
work on the master if they have hostNetwork=true. false is now the
default, and it will: * give the master a normal PodCIDR * run
kube-proxy on the master * enable debugging handlers on the master,
so kubectl logs works'
default, and it will: * give the master a normal PodCIDR * run kube-proxy
on the master * enable debugging handlers on the master, so kubectl
logs works'
type: boolean
karpenter:
description: Karpenter defines the Karpenter configuration.
Expand Down Expand Up @@ -2494,6 +2496,7 @@ spec:
type: object
type: array
type: object
x-kubernetes-map-type: atomic
weight:
description: Weight associated with matching the
corresponding nodeSelectorTerm, in the range 1-100.
Expand Down Expand Up @@ -2599,10 +2602,12 @@ spec:
type: object
type: array
type: object
x-kubernetes-map-type: atomic
type: array
required:
- nodeSelectorTerms
type: object
x-kubernetes-map-type: atomic
type: object
podAffinity:
description: Describes pod affinity scheduling rules (e.g.
Expand Down Expand Up @@ -2683,6 +2688,7 @@ spec:
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaceSelector:
description: A label query over the set of namespaces
that the term applies to. The term is applied
Expand Down Expand Up @@ -2740,6 +2746,7 @@ spec:
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaces:
description: namespaces specifies a static list
of namespace names that the term applies to.
Expand Down Expand Up @@ -2844,6 +2851,7 @@ spec:
The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaceSelector:
description: A label query over the set of namespaces
that the term applies to. The term is applied
Expand Down Expand Up @@ -2900,6 +2908,7 @@ spec:
The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaces:
description: namespaces specifies a static list
of namespace names that the term applies to. The
Expand Down Expand Up @@ -3003,6 +3012,7 @@ spec:
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaceSelector:
description: A label query over the set of namespaces
that the term applies to. The term is applied
Expand Down Expand Up @@ -3060,6 +3070,7 @@ spec:
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaces:
description: namespaces specifies a static list
of namespace names that the term applies to.
Expand Down Expand Up @@ -3164,6 +3175,7 @@ spec:
The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaceSelector:
description: A label query over the set of namespaces
that the term applies to. The term is applied
Expand Down Expand Up @@ -3220,6 +3232,7 @@ spec:
The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
namespaces:
description: namespaces specifies a static list
of namespace names that the term applies to. The
Expand Down Expand Up @@ -3827,9 +3840,9 @@ spec:
description: 'How should the kubelet configure the container bridge
for hairpin packets. Setting this flag allows endpoints in a
Service to loadbalance back to themselves if they should try
to access their own Service. Values: "promiscuous-bridge":
make the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
to access their own Service. Values: "promiscuous-bridge": make
the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
nothing. Setting --configure-cbr0 to false implies that to achieve
hairpin NAT one must set --hairpin-mode=veth-flag, because bridge
assumes the existence of a container bridge named cbr0.'
Expand Down Expand Up @@ -4265,9 +4278,9 @@ spec:
description: 'How should the kubelet configure the container bridge
for hairpin packets. Setting this flag allows endpoints in a
Service to loadbalance back to themselves if they should try
to access their own Service. Values: "promiscuous-bridge":
make the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
to access their own Service. Values: "promiscuous-bridge": make
the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
nothing. Setting --configure-cbr0 to false implies that to achieve
hairpin NAT one must set --hairpin-mode=veth-flag, because bridge
assumes the existence of a container bridge named cbr0.'
Expand Down Expand Up @@ -5866,9 +5879,9 @@ spec:
type: object
updatePolicy:
description: 'UpdatePolicy determines the policy for applying upgrades
automatically. Valid values: ''automatic'' (default): apply updates
automatically. Valid values: ''automatic'' (default): apply updates
automatically (apply OS security upgrades, avoiding rebooting when
possible) ''external'': do not apply updates automatically; they
possible) ''external'': do not apply updates automatically; they
are applied manually or by an external system'
type: string
useHostCertificates:
Expand Down Expand Up @@ -5903,9 +5916,3 @@ spec:
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
28 changes: 12 additions & 16 deletions k8s/crds/kops.k8s.io_instancegroups.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.13.0
name: instancegroups.kops.k8s.io
spec:
group: kops.k8s.io
Expand Down Expand Up @@ -225,6 +223,10 @@ spec:
description: State directory for execution state files (default
"/run/containerd").
type: string
testHandlerEnabled:
description: TestHandlerEnabled enables a runtime called test-handler,
specific to k/k e2e tests
type: boolean
version:
description: Version used to pick the containerd package.
type: string
Expand Down Expand Up @@ -286,8 +288,8 @@ spec:
type: array
gcpProvisioningModel:
description: 'GCPProvisioningModel: Specifies the provisioning model
of the GCP instance. Valid values: ''STANDARD'': (default) standard
provisioning with user controlled run time, no discounts ''SPOT'':
of the GCP instance. Valid values: ''STANDARD'': (default) standard
provisioning with user controlled run time, no discounts ''SPOT'':
heavily discounted, no guaranteed run time.'
type: string
guestAccelerators:
Expand Down Expand Up @@ -573,9 +575,9 @@ spec:
description: 'How should the kubelet configure the container bridge
for hairpin packets. Setting this flag allows endpoints in a
Service to loadbalance back to themselves if they should try
to access their own Service. Values: "promiscuous-bridge":
make the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
to access their own Service. Values: "promiscuous-bridge": make
the container bridge promiscuous. "hairpin-veth": set
the hairpin flag on container veth interfaces. "none": do
nothing. Setting --configure-cbr0 to false implies that to achieve
hairpin NAT one must set --hairpin-mode=veth-flag, because bridge
assumes the existence of a container bridge named cbr0.'
Expand Down Expand Up @@ -1052,9 +1054,9 @@ spec:
updatePolicy:
description: 'UpdatePolicy determines the policy for applying upgrades
automatically. If specified, this value overrides a value specified
in the Cluster''s "spec.updatePolicy" field. Valid values: ''automatic''
in the Cluster''s "spec.updatePolicy" field. Valid values: ''automatic''
(default): apply updates automatically (apply OS security upgrades,
avoiding rebooting when possible) ''external'': do not apply updates
avoiding rebooting when possible) ''external'': do not apply updates
automatically; they are applied manually or by an external system'
type: string
volumeMounts:
Expand Down Expand Up @@ -1162,9 +1164,3 @@ spec:
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
10 changes: 1 addition & 9 deletions k8s/crds/kops.k8s.io_keysets.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.13.0
name: keysets.kops.k8s.io
spec:
group: kops.k8s.io
Expand Down Expand Up @@ -76,9 +74,3 @@ spec:
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
10 changes: 1 addition & 9 deletions k8s/crds/kops.k8s.io_sshcredentials.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.13.0
name: sshcredentials.kops.k8s.io
spec:
group: kops.k8s.io
Expand Down Expand Up @@ -41,9 +39,3 @@ spec:
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
3 changes: 3 additions & 0 deletions nodeup/pkg/model/containerd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -492,6 +492,9 @@ func (b *ContainerdBuilder) buildContainerdConfig() (string, error) {
if containerd.SeLinuxEnabled {
config.SetPath([]string{"plugins", "io.containerd.grpc.v1.cri", "enable_selinux"}, true)
}
if containerd.TestHandlerEnabled {
config.SetPath([]string{"plugins", "io.containerd.grpc.v1.cri", "containerd", "runtimes", "test-handler", "runtime_type"}, "io.containerd.runc.v2")
}
if b.NodeupConfig.KubeletConfig.PodInfraContainerImage != "" {
config.SetPath([]string{"plugins", "io.containerd.grpc.v1.cri", "sandbox_image"}, b.NodeupConfig.KubeletConfig.PodInfraContainerImage)
}
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/containerdconfig.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,8 @@ type ContainerdConfig struct {
SeLinuxEnabled bool `json:"selinuxEnabled,omitempty"`
// NRI configures the Node Resource Interface.
NRI *NRIConfig `json:"nri,omitempty"`
// TestHandlerEnabled enables a runtime called test-handler, specific to k/k e2e tests
TestHandlerEnabled bool `json:"testHandlerEnabled,omitempty"`
}

type NRIConfig struct {
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha2/containerdconfig.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ type ContainerdConfig struct {
SeLinuxEnabled bool `json:"selinuxEnabled,omitempty"`
// NRI configures the Node Resource Interface.
NRI *NRIConfig `json:"nri,omitempty"`
// TestHandlerEnabled enables a runtime called test-handler, specific to k/k e2e tests
TestHandlerEnabled bool `json:"testHandlerEnabled,omitempty"`
}

type NRIConfig struct {
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha2/zz_generated.conversion.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha3/containerdconfig.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ type ContainerdConfig struct {
SeLinuxEnabled bool `json:"selinuxEnabled,omitempty"`
// NRI configures the Node Resource Interface.
NRI *NRIConfig `json:"nri,omitempty"`
// TestHandlerEnabled enables a runtime called test-handler, specific to k/k e2e tests
TestHandlerEnabled bool `json:"testHandlerEnabled,omitempty"`
}

type NRIConfig struct {
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/kops/v1alpha3/zz_generated.conversion.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions tests/e2e/kubetest2-kops/deployer/up.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ func (d *deployer) createCluster(zones []string, adminAccess string, yes bool) e
"--kubernetes-version", d.KubernetesVersion,
"--ssh-public-key", d.SSHPublicKeyPath,
"--set", "cluster.spec.nodePortAccess=0.0.0.0/0",
"--set", "spec.containerd.testHandlerEnabled=true",
}
if yes {
args = append(args, "--yes")
Expand Down

0 comments on commit b5a64a9

Please sign in to comment.