Add support for Kubenet with containerd

2020-05-09 11:37:31 +03:00 · 2020-05-09 11:37:31 +03:00 · e608cd5265
parent 8768178082
commit e608cd5265
4 changed files with 94 additions and 4 deletions
--- a/nodeup/pkg/model/containerd.go
+++ b/nodeup/pkg/model/containerd.go
@ -335,6 +335,13 @@ func (b *ContainerdBuilder) Build(c *fi.ModelBuilderContext) error {
 		return err
 	}

+	// Using containerd with Kubenet requires special configuration. This is a temporary backwards-compatible solution
+	// and will be deprecated when Kubenet is deprecated:
+	// https://github.com/containerd/cri/blob/master/docs/config.md#cni-config-template
+	if b.Cluster.Spec.ContainerRuntime == "containerd" && b.Cluster.Spec.Networking != nil && b.Cluster.Spec.Networking.Kubenet != nil {
+		b.buildKubenetCNIConfigTemplate(c)
+	}
+
 	return nil
 }

@ -389,7 +396,6 @@ func (b *ContainerdBuilder) buildContainerOSConfigurationDropIn(c *fi.ModelBuild
 		"EnvironmentFile=/etc/environment",
 		"TasksMax=infinity",
 	}
-
 	contents := strings.Join(lines, "\n")

 	c.AddTask(&nodetasks.File{
@ -441,6 +447,40 @@ func (b *ContainerdBuilder) buildSysconfig(c *fi.ModelBuilderContext) error {
 	return nil
 }

+// buildKubenetCNIConfigTemplate is responsible for creating a special template for setups using Kubenet
+func (b *ContainerdBuilder) buildKubenetCNIConfigTemplate(c *fi.ModelBuilderContext) {
+	lines := []string{
+		"{",
+		"    \"cniVersion\": \"0.3.1\",",
+		"    \"name\": \"kubenet\",",
+		"    \"plugins\": [",
+		"        {",
+		"            \"type\": \"bridge\",",
+		"            \"bridge\": \"cbr0\",",
+		"            \"mtu\": 1460,",
+		"            \"addIf\": \"eth0\",",
+		"            \"isGateway\": true,",
+		"            \"ipMasq\": true,",
+		"            \"promiscMode\": true,",
+		"            \"ipam\": {",
+		"                \"type\": \"host-local\",",
+		"                \"subnet\": \"{{.PodCIDR}}\",",
+		"                \"routes\": [{ \"dst\": \"0.0.0.0/0\" }]",
+		"            }",
+		"        }",
+		"    ]",
+		"}",
+	}
+	contents := strings.Join(lines, "\n")
+	klog.V(8).Infof("Built kubenet CNI config file\n%s", contents)
+
+	c.AddTask(&nodetasks.File{
+		Path:     "/etc/containerd/cni-config.template",
+		Contents: fi.NewStringResource(contents),
+		Type:     nodetasks.FileType_File,
+	})
+}
+
 // skipInstall determines if kops should skip the installation and configuration of containerd
 func (b *ContainerdBuilder) skipInstall() bool {
 	d := b.Cluster.Spec.Containerd
--- a/nodeup/pkg/model/tests/containerdbuilder/simple/tasks.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/simple/tasks.yaml
@ -1,3 +1,27 @@
+contents: |-
+  {
+      "cniVersion": "0.3.1",
+      "name": "kubenet",
+      "plugins": [
+          {
+              "type": "bridge",
+              "bridge": "cbr0",
+              "mtu": 1460,
+              "addIf": "eth0",
+              "isGateway": true,
+              "ipMasq": true,
+              "promiscMode": true,
+              "ipam": {
+                  "type": "host-local",
+                  "subnet": "{{.PodCIDR}}",
+                  "routes": [{ "dst": "0.0.0.0/0" }]
+              }
+          }
+      ]
+  }
+path: /etc/containerd/cni-config.template
+type: file
+---
 contents: ""
 path: /etc/containerd/config-kops.toml
 type: file
--- a/pkg/model/components/containerd.go
+++ b/pkg/model/components/containerd.go
@ -18,6 +18,7 @@ package components

 import (
 	"fmt"
+	"strings"

 	"k8s.io/klog"
 	"k8s.io/kops/pkg/apis/kops"
@ -62,7 +63,22 @@ func (b *ContainerdOptionsBuilder) BuildOptions(o interface{}) error {

 		// Apply defaults for containerd running in container runtime mode
 		containerd.LogLevel = fi.String("info")
-		containerd.ConfigOverride = fi.String("")
+		if clusterSpec.Networking != nil && clusterSpec.Networking.Kubenet != nil {
+			// Using containerd with Kubenet requires special configuration. This is a temporary backwards-compatible solution
+			// and will be deprecated when Kubenet is deprecated:
+			// https://github.com/containerd/cri/blob/master/docs/config.md#cni-config-template
+			lines := []string{
+				"version = 2",
+				"[plugins]",
+				"  [plugins.\"io.containerd.grpc.v1.cri\"]",
+				"    [plugins.\"io.containerd.grpc.v1.cri\".cni]",
+				"      conf_template = \"/etc/containerd/cni-config.template\"",
+			}
+			contents := strings.Join(lines, "\n")
+			containerd.ConfigOverride = fi.String(contents)
+		} else {
+			containerd.ConfigOverride = fi.String("")
+		}

 	} else if clusterSpec.ContainerRuntime == "docker" {
 		if fi.StringValue(containerd.Version) == "" {
--- a/tests/integration/update_cluster/containerd-cloudformation/cloudformation.json.extracted.yaml
+++ b/tests/integration/update_cluster/containerd-cloudformation/cloudformation.json.extracted.yaml
@ -134,7 +134,12 @@ Resources.AWSAutoScalingLaunchConfigurationmasterustest1amasterscontainerdexampl
  cloudConfig: null
  containerRuntime: containerd
  containerd:
-    configOverride: ""
+    configOverride: |-
+      version = 2
+      [plugins]
+        [plugins."io.containerd.grpc.v1.cri"]
+          [plugins."io.containerd.grpc.v1.cri".cni]
+            conf_template = "/etc/containerd/cni-config.template"
    logLevel: info
    version: 1.2.10
  docker:
@ -421,7 +426,12 @@ Resources.AWSAutoScalingLaunchConfigurationnodescontainerdexamplecom.Properties.
  cloudConfig: null
  containerRuntime: containerd
  containerd:
-    configOverride: ""
+    configOverride: |-
+      version = 2
+      [plugins]
+        [plugins."io.containerd.grpc.v1.cri"]
+          [plugins."io.containerd.grpc.v1.cri".cni]
+            conf_template = "/etc/containerd/cni-config.template"
    logLevel: info
    version: 1.2.10
  docker: