diff --git a/k8s/crds/kops.k8s.io_clusters.yaml b/k8s/crds/kops.k8s.io_clusters.yaml index cf2092f733..9942235398 100644 --- a/k8s/crds/kops.k8s.io_clusters.yaml +++ b/k8s/crds/kops.k8s.io_clusters.yaml @@ -897,6 +897,12 @@ spec: description: ConfigOverride is the complete containerd config file provided by the user. type: string + installCriCtl: + description: InstallCriCtl installs crictl (default "false"). + type: boolean + installNerdCtl: + description: InstallNerdCtl installs nerdctl (default "false"). + type: boolean logLevel: description: LogLevel controls the logging details [trace, debug, info, warn, error, fatal, panic] (default "info"). diff --git a/k8s/crds/kops.k8s.io_instancegroups.yaml b/k8s/crds/kops.k8s.io_instancegroups.yaml index 0726247213..a352968ca2 100644 --- a/k8s/crds/kops.k8s.io_instancegroups.yaml +++ b/k8s/crds/kops.k8s.io_instancegroups.yaml @@ -133,6 +133,12 @@ spec: description: ConfigOverride is the complete containerd config file provided by the user. type: string + installCriCtl: + description: InstallCriCtl installs crictl (default "false"). + type: boolean + installNerdCtl: + description: InstallNerdCtl installs nerdctl (default "false"). + type: boolean logLevel: description: LogLevel controls the logging details [trace, debug, info, warn, error, fatal, panic] (default "info"). diff --git a/nodeup/pkg/model/crictl.go b/nodeup/pkg/model/crictl.go index 51ce9f9076..a588ab6a9c 100644 --- a/nodeup/pkg/model/crictl.go +++ b/nodeup/pkg/model/crictl.go @@ -33,6 +33,11 @@ type CrictlBuilder struct { var _ fi.NodeupModelBuilder = &CrictlBuilder{} func (b *CrictlBuilder) Build(c *fi.NodeupModelBuilderContext) error { + if b.skipInstall() { + klog.V(8).Info("won't install crictl") + return nil + } + assets := b.Assets.FindMatches(regexp.MustCompile(`^crictl$`)) if len(assets) == 0 { klog.Warning("unable to find any crictl binaries in assets") @@ -65,3 +70,13 @@ func (b *CrictlBuilder) binaryPath() string { } return path } + +func (b *CrictlBuilder) skipInstall() bool { + containerd := b.NodeupConfig.ContainerdConfig + + if containerd == nil { + return false + } + + return containerd.SkipInstall && !containerd.InstallCriCtl +} diff --git a/nodeup/pkg/model/nerdctl.go b/nodeup/pkg/model/nerdctl.go index 594135e14b..4d252d0df4 100644 --- a/nodeup/pkg/model/nerdctl.go +++ b/nodeup/pkg/model/nerdctl.go @@ -18,6 +18,7 @@ package model import ( "path/filepath" + "regexp" "k8s.io/klog/v2" "k8s.io/kops/upup/pkg/fi" @@ -33,24 +34,28 @@ var _ fi.NodeupModelBuilder = &NerdctlBuilder{} func (b *NerdctlBuilder) Build(c *fi.NodeupModelBuilderContext) error { if b.skipInstall() { - klog.Info("containerd.skipInstall is set to true; won't install nerdctl") + klog.V(8).Info("won't install nerdctl") return nil } - assetName := "nerdctl" - assetPath := "" - asset, err := b.Assets.Find(assetName, assetPath) - if err != nil { - klog.Warningf("unable to locate asset %q: %v", assetName, err) + assets := b.Assets.FindMatches(regexp.MustCompile(`^nerdctl$`)) + if len(assets) == 0 { + klog.Warning("unable to find any nerdctl binaries in assets") + return nil + } + if len(assets) > 1 { + klog.Warning("multiple nerdctl binaries are found") return nil } - c.AddTask(&nodetasks.File{ - Path: b.nerdctlPath(), - Contents: asset, - Type: nodetasks.FileType_File, - Mode: s("0755"), - }) + for k, v := range assets { + c.AddTask(&nodetasks.File{ + Path: filepath.Join(b.binaryPath(), k), + Contents: v, + Type: nodetasks.FileType_File, + Mode: s("0755"), + }) + } return nil } @@ -64,19 +69,14 @@ func (b *NerdctlBuilder) binaryPath() string { path = "/home/kubernetes/bin" } return path - -} - -func (b *NerdctlBuilder) nerdctlPath() string { - return filepath.Join(b.binaryPath(), "nerdctl") } func (b *NerdctlBuilder) skipInstall() bool { - d := b.NodeupConfig.ContainerdConfig + containerd := b.NodeupConfig.ContainerdConfig - if d == nil { + if containerd == nil { return false } - return d.SkipInstall + return containerd.SkipInstall && !containerd.InstallNerdCtl } diff --git a/pkg/apis/kops/containerdconfig.go b/pkg/apis/kops/containerdconfig.go index 2e6288b631..cb90a838db 100644 --- a/pkg/apis/kops/containerdconfig.go +++ b/pkg/apis/kops/containerdconfig.go @@ -60,6 +60,10 @@ type ContainerdConfig struct { NRI *NRIConfig `json:"nri,omitempty"` // Enables Kubelet ECR Credential helper to pass credentials to containerd mirrors, to use ECR as a pull-through cache UseECRCredentialsForMirrors bool `json:"useECRCredentialsForMirrors,omitempty"` + // InstallCriCtl installs crictl (default "false"). + InstallCriCtl bool `json:"installCriCtl,omitempty"` + // InstallNerdCtl installs nerdctl (default "false"). + InstallNerdCtl bool `json:"installNerdCtl,omitempty"` } type NRIConfig struct { diff --git a/pkg/apis/kops/v1alpha2/containerdconfig.go b/pkg/apis/kops/v1alpha2/containerdconfig.go index 0b209ee89b..fb0fe9d733 100644 --- a/pkg/apis/kops/v1alpha2/containerdconfig.go +++ b/pkg/apis/kops/v1alpha2/containerdconfig.go @@ -53,6 +53,10 @@ type ContainerdConfig struct { NRI *NRIConfig `json:"nri,omitempty"` // Enables Kubelet ECR Credential helper to pass credentials to containerd mirrors, to use ECR as a pull-through cache UseECRCredentialsForMirrors bool `json:"useECRCredentialsForMirrors,omitempty"` + // InstallCriCtl installs crictl (default "false"). + InstallCriCtl bool `json:"installCriCtl,omitempty"` + // InstallNerdCtl installs nerdctl (default "false"). + InstallNerdCtl bool `json:"installNerdCtl,omitempty"` } type NRIConfig struct { diff --git a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go index e0fb80f254..2e8142bbc8 100644 --- a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go +++ b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go @@ -3318,6 +3318,8 @@ func autoConvert_v1alpha2_ContainerdConfig_To_kops_ContainerdConfig(in *Containe out.NRI = nil } out.UseECRCredentialsForMirrors = in.UseECRCredentialsForMirrors + out.InstallCriCtl = in.InstallCriCtl + out.InstallNerdCtl = in.InstallNerdCtl return nil } @@ -3374,6 +3376,8 @@ func autoConvert_kops_ContainerdConfig_To_v1alpha2_ContainerdConfig(in *kops.Con out.NRI = nil } out.UseECRCredentialsForMirrors = in.UseECRCredentialsForMirrors + out.InstallCriCtl = in.InstallCriCtl + out.InstallNerdCtl = in.InstallNerdCtl return nil } diff --git a/pkg/apis/kops/v1alpha3/containerdconfig.go b/pkg/apis/kops/v1alpha3/containerdconfig.go index c34aabe58b..3a310b9a99 100644 --- a/pkg/apis/kops/v1alpha3/containerdconfig.go +++ b/pkg/apis/kops/v1alpha3/containerdconfig.go @@ -53,6 +53,10 @@ type ContainerdConfig struct { NRI *NRIConfig `json:"nri,omitempty"` // Enables Kubelet ECR Credential helper to pass credentials to containerd mirrors, to use ECR as a pull-through cache UseECRCredentialsForMirrors bool `json:"useECRCredentialsForMirrors,omitempty"` + // InstallCriCtl installs crictl (default "false"). + InstallCriCtl bool `json:"installCriCtl,omitempty"` + // InstallNerdCtl installs nerdctl (default "false"). + InstallNerdCtl bool `json:"installNerdCtl,omitempty"` } type NRIConfig struct { diff --git a/pkg/apis/kops/v1alpha3/zz_generated.conversion.go b/pkg/apis/kops/v1alpha3/zz_generated.conversion.go index ef98f23863..101a93e093 100644 --- a/pkg/apis/kops/v1alpha3/zz_generated.conversion.go +++ b/pkg/apis/kops/v1alpha3/zz_generated.conversion.go @@ -3563,6 +3563,8 @@ func autoConvert_v1alpha3_ContainerdConfig_To_kops_ContainerdConfig(in *Containe out.NRI = nil } out.UseECRCredentialsForMirrors = in.UseECRCredentialsForMirrors + out.InstallCriCtl = in.InstallCriCtl + out.InstallNerdCtl = in.InstallNerdCtl return nil } @@ -3619,6 +3621,8 @@ func autoConvert_kops_ContainerdConfig_To_v1alpha3_ContainerdConfig(in *kops.Con out.NRI = nil } out.UseECRCredentialsForMirrors = in.UseECRCredentialsForMirrors + out.InstallCriCtl = in.InstallCriCtl + out.InstallNerdCtl = in.InstallNerdCtl return nil } diff --git a/pkg/nodemodel/fileassets.go b/pkg/nodemodel/fileassets.go index 93d54362e7..0853ef2f1d 100644 --- a/pkg/nodemodel/fileassets.go +++ b/pkg/nodemodel/fileassets.go @@ -146,23 +146,25 @@ func BuildKubernetesFileAssets(ig model.InstanceGroup, assetBuilder *assets.Asse if runcAsset != nil { kubernetesAssets[arch] = append(kubernetesAssets[arch], assets.BuildMirroredAsset(runcAsset)) } - nerdctlAsset, err := wellknownassets.FindNerdctlAsset(ig, assetBuilder, arch) - if err != nil { - return nil, err + if ig.RawClusterSpec().Containerd.InstallNerdCtl { + nerdctlAsset, err := wellknownassets.FindNerdctlAsset(ig, assetBuilder, arch) + if err != nil { + return nil, err + } + if nerdctlAsset != nil { + kubernetesAssets[arch] = append(kubernetesAssets[arch], assets.BuildMirroredAsset(nerdctlAsset)) + } } - if nerdctlAsset != nil { - kubernetesAssets[arch] = append(kubernetesAssets[arch], assets.BuildMirroredAsset(nerdctlAsset)) + if ig.RawClusterSpec().Containerd.InstallCriCtl { + crictlAsset, err := wellknownassets.FindCrictlAsset(ig, assetBuilder, arch) + if err != nil { + return nil, err + } + if crictlAsset != nil { + kubernetesAssets[arch] = append(kubernetesAssets[arch], assets.BuildMirroredAsset(crictlAsset)) + } } } - - crictlAsset, err := wellknownassets.FindCrictlAsset(ig, assetBuilder, arch) - if err != nil { - return nil, err - } - if crictlAsset != nil { - kubernetesAssets[arch] = append(kubernetesAssets[arch], assets.BuildMirroredAsset(crictlAsset)) - } - } return &KubernetesFileAssets{