Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
小 白蛋
Rke
Commits
7bdc2a7e
Unverified
Commit
7bdc2a7e
authored
3 years ago
by
Sebastiaan van Steenis
Committed by
GitHub
3 years ago
Browse files
Options
Download
Plain Diff
Merge pull request #2565 from superseb/add_cridockerd
Add cridockerd
parents
ff493523
62cb6cf8
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
cluster/plan.go
+22
-0
cluster/plan.go
cluster/validation.go
+29
-0
cluster/validation.go
types/rke_types.go
+2
-0
types/rke_types.go
with
53 additions
and
0 deletions
+53
-0
cluster/plan.go
+
22
-
0
View file @
7bdc2a7e
...
...
@@ -57,6 +57,8 @@ const (
MaxEtcdNoStrictTLSVersion
=
"v3.4.14-rancher99"
EncryptionProviderConfigArgument
=
"encryption-provider-config"
KubeletCRIDockerdNameEnv
=
"RKE_KUBELET_CRIDOCKERD"
)
var
admissionControlOptionNames
=
[]
string
{
"enable-admission-plugins"
,
"admission-control"
}
...
...
@@ -436,6 +438,10 @@ func (c *Cluster) BuildKubeletProcess(host *hosts.Host, serviceOptions v3.Kubern
CommandArgs
[
"tls-cert-file"
]
=
pki
.
GetCertPath
(
pki
.
GetCrtNameForHost
(
host
,
pki
.
KubeletCertName
))
CommandArgs
[
"tls-private-key-file"
]
=
pki
.
GetCertPath
(
fmt
.
Sprintf
(
"%s-key"
,
pki
.
GetCrtNameForHost
(
host
,
pki
.
KubeletCertName
)))
}
if
c
.
IsCRIDockerdEnabled
()
{
CommandArgs
[
"container-runtime"
]
=
"remote"
CommandArgs
[
"container-runtime-endpoint"
]
=
"/var/run/dockershim.sock"
}
if
serviceOptions
.
Kubelet
!=
nil
{
for
k
,
v
:=
range
serviceOptions
.
Kubelet
{
...
...
@@ -508,6 +514,12 @@ func (c *Cluster) BuildKubeletProcess(host *hosts.Host, serviceOptions v3.Kubern
Env
:=
host
.
GetExtraEnv
(
kubelet
.
BaseService
)
if
c
.
IsCRIDockerdEnabled
()
{
Env
=
append
(
Env
,
// Enable running cri-dockerd
fmt
.
Sprintf
(
"%s=%s"
,
KubeletCRIDockerdNameEnv
,
"true"
))
}
if
len
(
c
.
CloudProvider
.
Name
)
>
0
{
Env
=
append
(
Env
,
fmt
.
Sprintf
(
"%s=%s"
,
CloudConfigSumEnv
,
getStringChecksum
(
c
.
CloudConfigFile
)))
...
...
@@ -1096,3 +1108,13 @@ func appendArgs(command []string, args map[string]string) []string {
}
return
command
}
func
(
c
*
Cluster
)
IsCRIDockerdEnabled
()
bool
{
if
c
==
nil
{
return
false
}
if
c
.
EnableCRIDockerd
!=
nil
&&
*
c
.
EnableCRIDockerd
{
return
true
}
return
false
}
This diff is collapsed.
Click to expand it.
cluster/validation.go
+
29
-
0
View file @
7bdc2a7e
...
...
@@ -6,11 +6,13 @@ import (
"fmt"
"strings"
"github.com/blang/semver"
"github.com/rancher/rke/log"
"github.com/rancher/rke/metadata"
"github.com/rancher/rke/pki"
"github.com/rancher/rke/services"
"github.com/rancher/rke/util"
"github.com/sirupsen/logrus"
v1
"k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/util/validation"
)
...
...
@@ -47,6 +49,11 @@ func (c *Cluster) ValidateCluster(ctx context.Context) error {
return
err
}
// validate enabling CRIDockerd
if
err
:=
validateCRIDockerdOption
(
c
);
err
!=
nil
{
return
err
}
// validate services options
return
validateServicesOptions
(
c
)
}
...
...
@@ -576,3 +583,25 @@ func validateIngressImages(c *Cluster) error {
}
return
nil
}
func
validateCRIDockerdOption
(
c
*
Cluster
)
error
{
if
c
.
EnableCRIDockerd
!=
nil
&&
*
c
.
EnableCRIDockerd
{
k8sVersion
:=
c
.
RancherKubernetesEngineConfig
.
Version
toMatch
,
err
:=
semver
.
Make
(
k8sVersion
[
1
:
])
if
err
!=
nil
{
return
fmt
.
Errorf
(
"%s is not valid semver"
,
k8sVersion
)
}
logrus
.
Debugf
(
"Checking cri-dockerd for cluster version [%s]"
,
k8sVersion
)
// cri-dockerd can be enabled for k8s 1.21 and up
CRIDockerdAllowedRange
,
err
:=
semver
.
ParseRange
(
">=1.21.0-rancher0"
)
if
err
!=
nil
{
logrus
.
Warnf
(
"Failed to parse semver range for checking cri-dockerd"
)
}
if
!
CRIDockerdAllowedRange
(
toMatch
)
{
logrus
.
Debugf
(
"Cluster version [%s] is not allowed to enable cri-dockerd"
,
k8sVersion
)
return
fmt
.
Errorf
(
"Enabling cri-dockerd for cluster version [%s] is not supported"
,
k8sVersion
)
}
logrus
.
Infof
(
"cri-dockerd is enabled for cluster version [%s]"
,
k8sVersion
)
}
return
nil
}
This diff is collapsed.
Click to expand it.
types/rke_types.go
+
2
-
0
View file @
7bdc2a7e
...
...
@@ -33,6 +33,8 @@ type RancherKubernetesEngineConfig struct {
Authorization
AuthzConfig
`yaml:"authorization" json:"authorization,omitempty"`
// Enable/disable strict docker version checking
IgnoreDockerVersion
*
bool
`yaml:"ignore_docker_version" json:"ignoreDockerVersion" norman:"default=true"`
// Enable/disable using cri-dockerd
EnableCRIDockerd
*
bool
`yaml:"enable_cri_dockerd" json:"enableCRIDockerd" norman:"default=false"`
// Kubernetes version to use (if kubernetes image is specified, image version takes precedence)
Version
string
`yaml:"kubernetes_version" json:"kubernetesVersion,omitempty"`
// List of private registries and their credentials
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment