kubo-release
kubo-release copied to clipboard
cloudfoundry-incubator
Feature containerd option
What this PR does / why we need it: This PR allows use containerd instead of docker.
Why is this PR important? What is the user impact?
Containerd works better than docker. It is lighter and more efficient.
No more bug with docker. When docker crashed it filled the disk very quickly with his log and so on fill the bosh director.
How can this PR be verified?
Add
Is there any change in kubo-deployment?
new kubelet property is added to kubelet job spec file:
container-runtime:
description: "The container runtime job can be containerd or docker"
default: docker
so by default no change in kubo-deployment If you plan to use containerd use these operator (with or without proxy setting)
- type: replace
path: /instance_groups/name=worker/jobs/name=kubelet/properties/k8s-args/container-runtime
value: remote
- type: replace
path: /instance_groups/name=worker/jobs/name=kubelet/properties/k8s-args/container-runtime-endpoint?
value: unix:///var/vcap/sys/run/containerd/containerd.sock
- type: replace
path: /instance_groups/name=worker/jobs/name=kubelet/properties/k8s-args/runtime-request-timeout?
value: 15m
- type: replace
path: /instance_groups/name=worker/jobs/-
value:
name: containerd
release: containerd
properties:
proxy:
https: ((https_proxy))
http: ((http_proxy))
noproxy: ((no_proxy))
config_toml:
custom: |
[plugins]
[plugins.cgroups]
no_prometheus = false
[plugins.cri]
stream_server_address = "127.0.0.1"
stream_server_port = "0"
enable_selinux = false
sandbox_image = "k8s.gcr.io/pause:3.1"
stats_collect_period = 10
systemd_cgroup = false
enable_tls_streaming = false
max_container_log_line_size = 16384
disable_proc_mount = false
[plugins.cri.containerd]
snapshotter = "overlayfs"
no_pivot = false
[plugins.cri.containerd.default_runtime]
runtime_type = "io.containerd.runtime.v1.linux"
runtime_engine = ""
runtime_root = ""
[plugins.cri.containerd.untrusted_workload_runtime]
runtime_type = ""
runtime_engine = ""
runtime_root = ""
[plugins.cri.cni]
bin_dir = "/var/vcap/packages/cni/bin"
conf_dir = "/etc/cni/net.d"
conf_template = ""
[plugins.cri.registry]
[plugins.cri.registry.mirrors]
[plugins.cri.registry.mirrors."docker.io"]
endpoint = ["((registry-mirrors))"]
[plugins.cri.x509_key_pair_streaming]
tls_cert_file = ""
tls_key_file = ""
[plugins.diff-service]
default = ["walking"]
[plugins.linux]
shim = "containerd-shim"
runtime = "runc"
runtime_root = ""
no_shim = false
shim_debug = false
[plugins.opt]
path = "/opt/containerd"
[plugins.restart]
interval = "10s"
[plugins.scheduler]
pause_threshold = 0.02
deletion_threshold = 0
mutation_threshold = 100
schedule_delay = "0s"
startup_delay = "100ms"
- type: remove
path: /instance_groups/name=worker/jobs/name=kubelet/properties/k8s-args/docker
- type: remove
path: /instance_groups/name=worker/jobs/name=kubelet/properties/k8s-args/docker-endpoint
- type: replace
path: /releases/-
value:
name: containerd
version: latest
by default the Is there any change in kubo-ci? no
Does this affect upgrade, or is there any migration required? no
Which issue(s) this PR fixes: fix https://github.com/cloudfoundry-incubator/kubo-release/issues/371
Release note:
Add a new kubelet parameter to allow use of containerd instead of docker. It will switch the monit dependency from docker to containerd and change his post deploy to load provisionned docker image by ctr instead of docker.
Finally looking to include this, will mull over how I'd like to see it merged if there are any tweak's I'll add it to a branch.
