Skip to content

feat(platform): support containerd as runtime (#1390) #1470

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Aug 24, 2021
Merged

feat(platform): support containerd as runtime (#1390) #1470

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
fd77e31
feat(platform): support containerd as runtime (#1390)
Jul 7, 2021
d5884c4
feat(platform): support containerd as runtime
Huimintai Aug 12, 2021
36857dc
feat(platform): support containerd as runtime
Huimintai Aug 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions api/openapi/zz_generated.openapi.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions api/platform/types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,13 @@ const (
GPUVirtual GPUType = "Virtual"
)

type ContainerRuntimeType = string

const (
Containerd ContainerRuntimeType = "containerd"
Docker ContainerRuntimeType = "docker"
)

// ClusterPhase defines the phase of cluster constructor.
type ClusterPhase string

Expand Down Expand Up @@ -388,6 +395,8 @@ type ClusterFeature struct {
// +optional
EnableCilium bool
// +optional
ContainerRuntime ContainerRuntimeType
// +optional
IPv6DualStack bool
// Upgrade control upgrade process.
// +optional
Expand Down
812 changes: 427 additions & 385 deletions api/platform/v1/generated.pb.go
View file
Open in desktop

Large diffs are not rendered by default.

3 changes: 3 additions & 0 deletions api/platform/v1/generated.proto
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions api/platform/v1/types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,13 @@ const (
GPUVirtual GPUType = "Virtual"
)

type ContainerRuntimeType = string

const (
Containerd ContainerRuntimeType = "containerd"
Docker ContainerRuntimeType = "docker"
)

// ClusterPhase defines the phase of cluster constructor.
type ClusterPhase string

Expand Down Expand Up @@ -395,6 +402,8 @@ type ClusterFeature struct {
IPv6DualStack bool `json:"ipv6DualStack,omitempty" protobuf:"bytes,13,opt,name=ipv6DualStack"`
// +optional
EnableCilium bool `json:"enableCilium,omitempty" protobuf:"bytes,14,opt,name=enableCilium"`
// +optional
ContainerRuntime ContainerRuntimeType `json:"containerRuntime,omitempty" protobuf:"bytes,15,opt,name=containerRuntime"`
// Upgrade control upgrade process.
// +optional
Upgrade Upgrade `json:"upgrade,omitempty" protobuf:"bytes,22,opt,name=upgrade"`
Expand Down
2 changes: 2 additions & 0 deletions api/platform/v1/zz_generated.conversion.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions build/docker/tools/provider-res/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,23 @@ COPY linux-arm64/cni-*.tar.gz res/linux-arm64/
COPY linux-amd64/conntrack-tools-*.tar.gz res/linux-amd64/
COPY linux-arm64/conntrack-tools-*.tar.gz res/linux-arm64/

COPY linux-amd64/nerdctl-*.tar.gz res/linux-amd64/
COPY linux-arm64/nerdctl-*.tar.gz res/linux-arm64/

COPY linux-amd64/docker-*.tar.gz res/linux-amd64/
COPY linux-arm64/docker-*.tar.gz res/linux-arm64/

COPY linux-amd64/containerd-*.tar.gz res/linux-amd64/
COPY linux-arm64/containerd-*.tar.gz res/linux-arm64/

COPY linux-amd64/kubernetes-*.tar.gz res/linux-amd64/
COPY linux-arm64/kubernetes-*.tar.gz res/linux-arm64/

COPY linux-amd64/NVIDIA-*.tar.gz res/linux-amd64/

COPY linux-amd64/nvidia-container-*.tar.gz res/linux-amd64/

COPY containerd conf/containerd
COPY kubeadm conf/kubeadm

ENTRYPOINT ["sh"]
6 changes: 4 additions & 2 deletions build/docker/tools/provider-res/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
# specific language governing permissions and limitations under the License.

IMAGE = provider-res
VERSION = v1.20.4-1
VERSION = v1.20.4-2
REGISTRY_PREFIX ?= tkestack

COMMON_SELF_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
Expand All @@ -34,6 +34,8 @@ include $(ROOT_DIR)/build/lib/docker-buildx.mk
.PHONY: per.build
per.build: download
@cp "$(ROOT_DIR)/build/docker/tools/$(IMAGE)/Dockerfile" "$(WORK_DIR)/Dockerfile"
@cp -r "$(ROOT_DIR)/pkg/platform/provider/baremetal/conf/containerd" "$(WORK_DIR)/containerd"
@cp -r "$(ROOT_DIR)/pkg/platform/provider/baremetal/conf/kubeadm" "$(WORK_DIR)/kubeadm"

.PHONY: download
download:
Expand Down Expand Up @@ -64,7 +66,7 @@ manifest.multiarch: per.build
#@rm -rf "$(WORK_DIR)"
@echo "===========> Pushing manifest $(REGISTRY_PREFIX)/$(IMAGE):$(VERSION) and then remove the local manifest list"
REGISTRY_PREFIX=$(REGISTRY_PREFIX) PLATFROMS="$(PLATFORMS)" IMAGE=$(IMAGE) VERSION=$(VERSION) \
DOCKER_CLI_EXPERIMENTAL=enabled $(ROOT_DIR)/build/lib/create-manifest.sh
DOCKER_CLI_EXPERIMENTAL=enabled $(ROOT_DIR)/build/lib/create-manifest.sh

## help: Show this help info.
.PHONY: help
Expand Down
37 changes: 37 additions & 0 deletions build/docker/tools/provider-res/download.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,41 @@ function download::docker() {
done
}

function download::containerd() {
if [ "${arch}" == "amd64" ]; then
containerd_arch=amd64
for version in ${CONTAINERD_VERSIONS}; do
wget -c "https://github.com/containerd/containerd/releases/download/v${version}/cri-containerd-cni-${version}-linux-${containerd_arch}.tar.gz" \
-O "containerd-${platform}-${version}.tar.gz"
done
elif [ "${arch}" == "arm64" ]; then
containerd_arch=arm64
for version in ${CONTAINERD_VERSIONS}; do
wget -c "https://tke-release-1251707795.cos.ap-guangzhou.myqcloud.com/cri-containerd-cni-${version}-linux-${containerd_arch}.tar.gz" \
-O "containerd-${platform}-${version}.tar.gz"
done
else
echo "[ERROR] Fail to get containerd ${arch} on ${platform} platform."
exit 255
fi
}

function download::nerdctl() {
if [ "${arch}" == "amd64" ]; then
nerdctl_arch=x86_64
elif [ "${arch}" == "arm64" ]; then
nerdctl_arch=arm64
else
echo "[ERROR] Fail to get nerdctl ${arch} on ${platform} platform."
exit 255
fi

for version in ${NERDCTL_VERSIONS}; do
wget -c "https://github.com/containerd/nerdctl/releases/download/v${version}/nerdctl-${version}-linux-${arch}.tar.gz" \
-O "nerdctl-${platform}-${version}.tar.gz"
done
}

function download::kubernetes() {
for version in ${K8S_VERSIONS}; do
if [[ "${version}" =~ "tke" ]]; then
Expand Down Expand Up @@ -115,6 +150,8 @@ for os in ${OSS}; do

download::cni_plugins
download::docker
download::containerd
download::nerdctl
download::kubernetes
download::nvidia_driver
download::nvidia_container_runtime
Expand Down
2 changes: 1 addition & 1 deletion build/docker/tools/tke-installer/release.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ set -o pipefail
REGISTRY_PREFIX=${REGISTRY_PREFIX:-tkestack}
BUILDER=${BUILDER:-default}
VERSION=${VERSION:-$(git describe --dirty --always --tags | sed 's/-/./g')}
PROVIDER_RES_VERSION=v1.20.4-1
PROVIDER_RES_VERSION=v1.20.4-2
K8S_VERSION=${PROVIDER_RES_VERSION%-*}
DOCKER_VERSION=19.03.14
OSS=(linux)
Expand Down
2 changes: 2 additions & 0 deletions cmd/setup-env/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ func main() {
env = append(env, fmt.Sprintf("OSS=%s", strings.Join(spec.OSs, " ")))
env = append(env, fmt.Sprintf("K8S_VERSIONS=%s", strings.Join(spec.K8sVersionsWithV, " ")))
env = append(env, fmt.Sprintf("DOCKER_VERSIONS=%s", strings.Join(spec.DockerVersions, " ")))
env = append(env, fmt.Sprintf("CONTAINERD_VERSIONS=%s", strings.Join(spec.ContainerdVersions, " ")))
env = append(env, fmt.Sprintf("NERDCTL_VERSIONS=%s", strings.Join(spec.NerdctlVersions, " ")))
Copy link
Contributor

@leoryu leoryu Aug 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why we need this

Copy link
Contributor Author

@Huimintai Huimintai Aug 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove it.

env = append(env, fmt.Sprintf("CNI_PLUGINS_VERSIONS=%s", strings.Join(spec.CNIPluginsVersions, " ")))
env = append(env, fmt.Sprintf("NVIDIA_DRIVER_VERSIONS=%s", strings.Join(spec.NvidiaDriverVersions, " ")))
env = append(env, fmt.Sprintf("NVIDIA_CONTAINER_RUNTIME_VERSIONS=%s", strings.Join(spec.NvidiaContainerRuntimeVersions, " ")))
Expand Down
2 changes: 1 addition & 1 deletion cmd/tke-installer/app/installer/images/images.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ var components = Components{
InfluxDB: containerregistry.Image{Name: "influxdb", Tag: "1.7.9"},
Thanos: containerregistry.Image{Name: "thanos", Tag: "v0.15.0"},

ProviderRes: containerregistry.Image{Name: "provider-res", Tag: "v1.20.4-1"},
ProviderRes: containerregistry.Image{Name: "provider-res", Tag: "v1.20.4-2"},

TKEAuthAPI: containerregistry.Image{Name: "tke-auth-api", Tag: Version},
TKEAuthController: containerregistry.Image{Name: "tke-auth-controller", Tag: Version},
Expand Down
2 changes: 1 addition & 1 deletion cmd/tke-installer/app/installer/installer.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1577,7 +1577,7 @@ func (t *TKE) prepareImages(ctx context.Context) error {
if err != nil {
return err
}
cmdString := fmt.Sprintf("docker pull %s", images.Get().TKEGateway.FullName())
cmdString := fmt.Sprintf("nerdctl --insecure-registry --namespace k8s.io pull %s", images.Get().TKEGateway.FullName())
Copy link
Contributor

@leoryu leoryu Aug 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why --insecre

Copy link
Contributor Author

@Huimintai Huimintai Aug 18, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need pull without certs.

_, err = machineSSH.CombinedOutput(cmdString)
if err != nil {
return errors.Wrap(err, machine.IP)
Expand Down
10 changes: 8 additions & 2 deletions ...ke-installer/app/installer/manifests/tke-platform-controller/tke-platform-controller.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,14 @@ spec:
- command:
- sh
- -c
- cp -r /data/res /app/provider/baremetal/
- cp -r /data/res /app/provider/baremetal/ && cp -r /data/conf/* /app/provider/baremetal/conf/
image: {{ .ProviderResImage }}
name: provider-res
volumeMounts:
- mountPath: /app/provider/baremetal
name: provider-volume
- mountPath: /app/provider/baremetal/conf/containerd
name: containerd-volume
containers:
- name: tke-platform-controller
image: {{ .Image }}
Expand All @@ -48,6 +50,8 @@ spec:
mountPath: /app/conf
- name: provider-volume
mountPath: /app/provider/baremetal
- name: containerd-volume
mountPath: /app/provider/baremetal/conf/containerd/
- name: provider-config-volume
mountPath: /app/provider/baremetal/conf/
- name: docker-volume
Expand Down Expand Up @@ -91,6 +95,8 @@ spec:
name: tke-platform-controller
- name: provider-volume
emptyDir: {}
- name: containerd-volume
emptyDir: {}
- name: provider-config-volume
configMap:
name: provider-config
Expand Down Expand Up @@ -187,4 +193,4 @@ data:
- context:
cluster: tke
user: admin-cert
name: tke
name: tke
43 changes: 40 additions & 3 deletions pkg/platform/provider/baremetal/cluster/create.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ import (
"tkestack.io/tke/pkg/platform/provider/baremetal/images"
"tkestack.io/tke/pkg/platform/provider/baremetal/phases/addons/cniplugins"
"tkestack.io/tke/pkg/platform/provider/baremetal/phases/authzwebhook"
"tkestack.io/tke/pkg/platform/provider/baremetal/phases/containerd"
csioperatorimage "tkestack.io/tke/pkg/platform/provider/baremetal/phases/csioperator/images"
"tkestack.io/tke/pkg/platform/provider/baremetal/phases/docker"
"tkestack.io/tke/pkg/platform/provider/baremetal/phases/galaxy"
Expand Down Expand Up @@ -502,6 +503,38 @@ func (p *Provider) EnsureNvidiaContainerRuntime(ctx context.Context, c *v1.Clust
return nil
}

func (p *Provider) EnsureContainerRuntime(ctx context.Context, c *v1.Cluster) error {
if c.Cluster.Spec.Features.ContainerRuntime == platformv1.Docker {
return p.EnsureDocker(ctx, c)
}
return p.EnsureContainerd(ctx, c)
}

func (p *Provider) EnsureContainerd(ctx context.Context, c *v1.Cluster) error {
insecureRegistries := []string{p.config.Registry.Domain}
if p.config.Registry.NeedSetHosts() && c.Spec.TenantID != "" {
insecureRegistries = append(insecureRegistries, c.Spec.TenantID+"."+p.config.Registry.Domain)
}
option := &containerd.Option{
InsecureRegistries: insecureRegistries,
SandboxImage: images.Get().Pause.FullName(),
}
for _, machine := range c.Spec.Machines {
machineSSH, err := machine.SSH()
if err != nil {
return err
}

option.IsGPU = gpu.IsEnable(machine.Labels)
err = containerd.Install(machineSSH, option)
if err != nil {
return errors.Wrap(err, machine.IP)
}
}
Copy link
Contributor

@huxiaoliang huxiaoliang Aug 19, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need try contained works well with gpu


return nil
}

func (p *Provider) EnsureDocker(ctx context.Context, c *v1.Cluster) error {
machines := map[bool][]platformv1.ClusterMachine{
true: c.Spec.ScalingMachines,
Expand Down Expand Up @@ -537,13 +570,13 @@ func (p *Provider) EnsureKubernetesImages(ctx context.Context, c *v1.Cluster) er
machines := map[bool][]platformv1.ClusterMachine{
true: c.Spec.ScalingMachines,
false: c.Spec.Machines}[len(c.Spec.ScalingMachines) > 0]
option := &image.Option{Version: c.Spec.Version, RegistryDomain: p.config.Registry.Domain}
option := &image.Option{Version: c.Spec.Version, RegistryDomain: p.config.Registry.Domain, KubeImages: images.KubecomponetNames}
for _, machine := range machines {
machineSSH, err := machine.SSH()
if err != nil {
return err
}
err = image.PullKubernetesImages(machineSSH, option)
err = image.PullKubernetesImages(c, machineSSH, option)
if err != nil {
return errors.Wrap(err, machine.IP)
}
Expand Down Expand Up @@ -581,7 +614,11 @@ func (p *Provider) EnsureKubeadm(ctx context.Context, c *v1.Cluster) error {
return err
}

err = kubeadm.Install(machineSSH, c.Spec.Version)
option := &kubeadm.Option{
RuntimeType: c.Spec.Features.ContainerRuntime,
Version: c.Spec.Version,
}
err = kubeadm.Install(machineSSH, option)
if err != nil {
return errors.Wrap(err, machine.IP)
}
Expand Down
13 changes: 12 additions & 1 deletion pkg/platform/provider/baremetal/cluster/kubeadm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,12 @@ func (p *Provider) getKubeadmJoinConfig(c *v1.Cluster, machineIP string) *kubead
}
}
nodeRegistration.KubeletExtraArgs = kubeletExtraArgs
// Specify cri runtime type
if c.Cluster.Spec.Features.ContainerRuntime == "docker" {
nodeRegistration.CRISocket = "/var/run/dockershim.sock"
} else {
nodeRegistration.CRISocket = "/var/run/containerd/containerd.sock"
}

return &kubeadmv1beta2.JoinConfiguration{
NodeRegistration: nodeRegistration,
Expand Down Expand Up @@ -121,7 +127,12 @@ func (p *Provider) getInitConfiguration(c *v1.Cluster) *kubeadmv1beta2.InitConfi
}
}
nodeRegistration.KubeletExtraArgs = kubeletExtraArgs

// Specify cri runtime type
if c.Cluster.Spec.Features.ContainerRuntime == "docker" {
nodeRegistration.CRISocket = "/var/run/dockershim.sock"
} else {
nodeRegistration.CRISocket = "/var/run/containerd/containerd.sock"
}
return &kubeadmv1beta2.InitConfiguration{
BootstrapTokens: []kubeadmv1beta2.BootstrapToken{
{
Expand Down
2 changes: 1 addition & 1 deletion pkg/platform/provider/baremetal/cluster/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ func NewProvider() (*Provider, error) {
// install packages
p.EnsureNvidiaDriver,
p.EnsureNvidiaContainerRuntime,
p.EnsureDocker,
p.EnsureContainerRuntime,
p.EnsureKubernetesImages,
p.EnsureKubelet,
p.EnsureCNIPlugins,
Expand Down
4 changes: 2 additions & 2 deletions pkg/platform/provider/baremetal/cluster/update.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (p *Provider) EnsureRenewCerts(ctx context.Context, c *v1.Cluster) error {
}

logger.Info("RenewCerts doing")
err = kubeadm.RenewCerts(s)
err = kubeadm.RenewCerts(c, s)
if err != nil {
return errors.Wrap(err, machine.IP)
}
Expand Down Expand Up @@ -124,7 +124,7 @@ func (p *Provider) EnsureAPIServerCert(ctx context.Context, c *v1.Cluster) error
if err != nil {
return errors.Wrap(err, machine.IP)
}
err = kubeadm.RestartContainerByFilter(s, kubeadm.DockerFilterForControlPlane("kube-apiserver"))
err = kubeadm.RestartContainerByLabel(c, s, kubeadm.ContainerLabelOfControlPlane(c, "kube-apiserver"))
if err != nil {
return err
}
Expand Down
Loading