sysbox icon indicating copy to clipboard operation
sysbox copied to clipboard
verified publisher icon nestybox

Sysbox 0.6.7 installation fails on RKE2 v1.32 ad later Kubernetes cluster due to incompatibility in get_runtime_kubelet_rke2() function of sysbox-pkgr/k8s/scripts /kubelet-config-helper.sh

Open FFock opened this issue 4 months ago • 0 comments

The function get_runtime_kubelet_rke2() in sysbox-pkgr/k8s/scripts /kubelet-config-helper.sh returns an empty string for RKE2 v1.32.9+rke2r1 instead the current runtime of kubelet:

https://github.com/nestybox/sysbox-pkgr/blob/f5b6eb90c212e97b64566efd7a1e974c9b0153d9/k8s/scripts/kubelet-config-helper.sh#L1256

runtime=$(ps -e -o command | egrep kubelet | egrep -o "container-runtime-endpoint=\S*" | cut -d '=' -f2)

The following function is bailing out due to $runtime being set to "unix:///var/run/dockershim.sock" durig sysbox install:

function do_config_kubelet_rke2() {
	echo "Detected RKE2's host-based kubelet deployment on host."

	# Obtain current runtime.
	get_runtime_kubelet_rke2
	if [[ ${runtime} =~ "crio" ]]; then
		echo "Kubelet is already using CRI-O; no action will be taken."
		return
	fi

	# No runtime other than containerd, and obviously crio, is expected in an
	# rke2 deployment.
	if [[ ! ${runtime} =~ "containerd" ]]; then
		echo "Unsupported runtime for RKE2 scenario: $runtime"
		return
	fi

In RKE2 v1.32 the config for the kubelet runtime is located in file /var/lib/rancher/rke2/agent/etc/kubelet.conf.d/00-rke2-defaults.conf in line

containerRuntimeEndpoint: unix:///run/k3s/containerd/containerd.sock

or

containerRuntimeEndpoint: unix:///var/run/crio/crio.sock

The proposed fix for the get_runtime_kubelet_rke2() function is:

function get_runtime_kubelet_rke2() {
    set +e
    
    # Try RKE2 v1.32+ config file first
    local rke2_config="/var/lib/rancher/rke2/agent/etc/kubelet.conf.d/00-rke2-defaults.conf"
    if [[ -f "$rke2_config" ]]; then
        runtime=$(grep "^containerRuntimeEndpoint:" "$rke2_config" | awk '{print $2}')
    fi
    
    # Fallback to legacy kubelet command line parameter for older versions
    if [[ -z "$runtime" ]]; then
        runtime=$(ps -e -o command | grep kubelet | grep -o "container-runtime-endpoint=\S*" | cut -d '=' -f2)
    fi
    
    # If runtime is still unknown, assume it's Docker
    if [[ -z "$runtime" ]]; then
        runtime="unix:///var/run/dockershim.sock"
    fi
    
    set -e
}

FFock avatar Nov 13 '25 23:11 FFock