Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update for some upstream patch #388

Merged
merged 5 commits into from
Nov 22, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 6 additions & 5 deletions cmd/k8e/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"os"
"os/exec"
"path/filepath"
"slices"
"strconv"
"strings"

Expand All @@ -27,6 +28,7 @@ import (
)

var criDefaultConfigPath = "/etc/crictl.yaml"
var externalCLIActions = []string{"crictl", "ctr", "kubectl"}

// main entrypoint for the k8e multicall binary
func main() {
Expand Down Expand Up @@ -106,7 +108,7 @@ func findDebug(args []string) bool {
if debug {
return debug
}
debug, _ = strconv.ParseBool(configfilearg.MustFindString(args, "debug"))
debug, _ = strconv.ParseBool(configfilearg.MustFindString(args, "debug", externalCLIActions...))
return debug
}

Expand All @@ -126,7 +128,7 @@ func findDataDir(args []string) string {
if dataDir != "" {
return dataDir
}
dataDir = configfilearg.MustFindString(args, "data-dir")
dataDir = configfilearg.MustFindString(args, "data-dir", externalCLIActions...)
if d, err := datadir.Resolve(dataDir); err == nil {
dataDir = d
} else {
Expand All @@ -144,7 +146,7 @@ func findPreferBundledBin(args []string) bool {
fs.SetOutput(io.Discard)
fs.BoolVar(&preferBundledBin, "prefer-bundled-bin", false, "Prefer bundled binaries")

preferRes := configfilearg.MustFindString(args, "prefer-bundled-bin")
preferRes := configfilearg.MustFindString(args, "prefer-bundled-bin", externalCLIActions...)
if preferRes != "" {
preferBundledBin, _ = strconv.ParseBool(preferRes)
}
Expand All @@ -159,8 +161,7 @@ func findPreferBundledBin(args []string) bool {
// it returns false so that standard CLI wrapping can occur.
func runCLIs(dataDir string) bool {
progName := filepath.Base(os.Args[0])
switch progName {
case "crictl", "ctr", "kubectl":
if slices.Contains(externalCLIActions, progName) {
if err := externalCLI(progName, dataDir, os.Args[1:]); err != nil && !errors.Is(err, context.Canceled) {
logrus.Fatal(err)
}
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -129,9 +129,11 @@ require (
github.com/urfave/cli v1.22.15
github.com/yl2chen/cidranger v1.0.2
go.etcd.io/etcd/api/v3 v3.5.16
go.etcd.io/etcd/client/pkg/v3 v3.5.16
go.etcd.io/etcd/client/v3 v3.5.16
go.etcd.io/etcd/etcdutl/v3 v3.5.13
go.etcd.io/etcd/server/v3 v3.5.16
go.uber.org/zap v1.27.0
golang.org/x/crypto v0.27.0
golang.org/x/net v0.29.0
golang.org/x/sys v0.25.0
Expand Down Expand Up @@ -413,7 +415,6 @@ require (
github.com/xlab/treeprint v1.2.0 // indirect
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
go.etcd.io/bbolt v1.3.11 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.16 // indirect
go.etcd.io/etcd/client/v2 v2.305.16 // indirect
go.etcd.io/etcd/pkg/v3 v3.5.16 // indirect
go.etcd.io/etcd/raft/v3 v3.5.16 // indirect
Expand All @@ -435,7 +436,6 @@ require (
go.uber.org/fx v1.20.1 // indirect
go.uber.org/mock v0.4.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.27.0 // indirect
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
golang.org/x/mod v0.20.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
Expand Down
1 change: 1 addition & 0 deletions pkg/agent/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,7 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
nodeConfig.Containerd.Log = filepath.Join(envInfo.DataDir, "agent", "containerd", "containerd.log")
nodeConfig.Containerd.Registry = filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "certs.d")
nodeConfig.Containerd.NoDefault = envInfo.ContainerdNoDefault
nodeConfig.Containerd.NonrootDevices = envInfo.ContainerdNonrootDevices
nodeConfig.Containerd.Debug = envInfo.Debug
applyContainerdStateAndAddress(nodeConfig)
applyCRIDockerdAddress(nodeConfig)
Expand Down
1 change: 1 addition & 0 deletions pkg/agent/containerd/config_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ func SetupContainerdConfig(cfg *config.Node) error {
SystemdCgroup: cfg.AgentConfig.Systemd,
IsRunningInUserNS: isRunningInUserNS,
EnableUnprivileged: kernel.CheckKernelVersion(4, 11, 0),
NonrootDevices: cfg.Containerd.NonrootDevices,
PrivateRegistryConfig: cfg.AgentConfig.Registry,
ExtraRuntimes: extraRuntimes,
Program: version.Program,
Expand Down
7 changes: 7 additions & 0 deletions pkg/cli/cmds/agent.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ type Agent struct {
Snapshotter string
Docker bool
ContainerdNoDefault bool
ContainerdNonrootDevices bool
ContainerRuntimeEndpoint string
DefaultRuntime string
ImageServiceEndpoint string
Expand Down Expand Up @@ -215,6 +216,11 @@ var (
Usage: "(agent/containerd) Disables containerd's fallback default registry endpoint when a mirror is configured for that registry",
Destination: &AgentConfig.ContainerdNoDefault,
}
NonrootDevicesFlag = &cli.BoolFlag{
Name: "nonroot-devices",
Usage: "(agent/containerd) Allows non-root pods to access devices by setting device_ownership_from_security_context=true in the containerd CRI config",
Destination: &AgentConfig.ContainerdNonrootDevices,
}
EnablePProfFlag = &cli.BoolFlag{
Name: "enable-pprof",
Usage: "(experimental) Enable pprof endpoint on supervisor port",
Expand Down Expand Up @@ -278,6 +284,7 @@ func NewAgentCommand(action func(ctx *cli.Context) error) cli.Command {
SnapshotterFlag,
PrivateRegistryFlag,
DisableDefaultRegistryEndpointFlag,
NonrootDevicesFlag,
AirgapExtraRegistryFlag,
NodeIPFlag,
BindAddressFlag,
Expand Down
1 change: 1 addition & 0 deletions pkg/cli/cmds/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -490,6 +490,7 @@ var ServerFlags = []cli.Flag{
DefaultRuntimeFlag,
ImageServiceEndpointFlag,
DisableDefaultRegistryEndpointFlag,
NonrootDevicesFlag,
PauseImageFlag,
SnapshotterFlag,
PrivateRegistryFlag,
Expand Down
2 changes: 2 additions & 0 deletions pkg/cli/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import (
"github.com/xiaods/k8e/pkg/util"
"github.com/xiaods/k8e/pkg/version"
"github.com/xiaods/k8e/pkg/vpn"
etcdversion "go.etcd.io/etcd/api/v3/version"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilnet "k8s.io/apimachinery/pkg/util/net"
kubeapiserverflag "k8s.io/component-base/cli/flag"
Expand Down Expand Up @@ -146,6 +147,7 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
serverConfig.ControlConfig.ExtraSchedulerAPIArgs = cfg.ExtraSchedulerArgs
serverConfig.ControlConfig.ClusterDomain = cfg.ClusterDomain
serverConfig.ControlConfig.Datastore.NotifyInterval = 5 * time.Second
serverConfig.ControlConfig.Datastore.EmulatedETCDVersion = etcdversion.Version
serverConfig.ControlConfig.Datastore.Endpoint = cfg.DatastoreEndpoint
serverConfig.ControlConfig.Datastore.BackendTLSConfig.CAFile = cfg.DatastoreCAFile
serverConfig.ControlConfig.Datastore.BackendTLSConfig.CertFile = cfg.DatastoreCertFile
Expand Down
43 changes: 22 additions & 21 deletions pkg/daemons/config/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ import (
"strings"
"sync"

"github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io"
"github.com/k3s-io/kine/pkg/endpoint"
"github.com/rancher/wharfie/pkg/registries"
"github.com/rancher/wrangler/v3/pkg/generated/controllers/core"
"github.com/rancher/wrangler/v3/pkg/leader"
"github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilnet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apiserver/pkg/authentication/authenticator"
Expand All @@ -22,12 +22,12 @@ import (
)

const (
EgressSelectorModeAgent = "agent"
EgressSelectorModeCluster = "cluster"
EgressSelectorModeDisabled = "disabled"
EgressSelectorModePod = "pod"
CertificateRenewDays = 90
StreamServerPort = "10010"
EgressSelectorModeAgent = "agent"
EgressSelectorModeCluster = "cluster"
EgressSelectorModeDisabled = "disabled"
EgressSelectorModePod = "pod"
CertificateRenewDays = 90
StreamServerPort = "10010"
)

type Node struct {
Expand Down Expand Up @@ -66,19 +66,20 @@ type EtcdS3 struct {
}

type Containerd struct {
Address string
Log string
Root string
State string
Config string
Opt string
Template string
BlockIOConfig string
RDTConfig string
Registry string
NoDefault bool
SELinux bool
Debug bool
Address string
Log string
Root string
State string
Config string
Opt string
Template string
BlockIOConfig string
RDTConfig string
Registry string
NoDefault bool
NonrootDevices bool
SELinux bool
Debug bool
}

type CRIDockerd struct {
Expand Down Expand Up @@ -450,4 +451,4 @@ func GetArgs(initialArgs map[string]string, extraArgs []string) []string {
}

return args
}
}
Loading
Loading