Avoid relying on extra kubernetes packages #4198
Conversation
|
For testing let's merge this first |
templates/k8s.yaml
Outdated
| [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] | ||
| SystemdCgroup = true | ||
| [plugins.'io.containerd.cri.v1.runtime'.cni] | ||
| bin_dirs = ['/opt/cni/bin','/usr/local/libexec/cni'] |
There was a problem hiding this comment.
Probably we do not need this config if we symlink it
There was a problem hiding this comment.
The symlink conflicts with the current package, and is part of the kubernetes-cni legacy (why /opt?)
But we need to add it to the path, since the flannel manifest still uses it for their cni plugin install
Should put the newer binaries first, though.
The kubernetes ones are usually forgotten...
kubernetes-cni/unknown,now 1.7.1-1.1 amd64 [installed,automatic]
kubernetes-cni/unknown 1.6.0-1.1 amd64
"Install CNI plugins (required for most pod network):"
CNI_PLUGINS_VERSION="v1.3.0"
afbjorklund
force-pushed
the
k8s-packages
branch
from
3390a7a to
79eff06
Compare
The second-party package of "cri-tools" (crictl) and also the third-party package "kubernetes-cni" (cni-plugins) will go away. So don't rely on them being installed, but just use "ctr" and "/usr/local/libexec/cni" instead from the nerdctl-full install. Signed-off-by: Anders F Björklund <[email protected]>
afbjorklund
force-pushed
the
k8s-packages
branch
from
79eff06 to
493335e
Compare
|
This is just something that is being discussed, it has not happened yet (in pre-release https://www.kubernetes.dev/resources/release/ https://build.opensuse.org/project/show/isv:kubernetes:core:prerelease:v1.35 |
2 participants
The second-party package of "cri-tools" (crictl) and also the third-party package "kubernetes-cni" (cni-plugins) will go away.
So don't rely on them being installed, but just use "ctr" and "/usr/local/libexec/cni" instead from the
nerdctl-fullinstall.Kubernetes wants to stop distributing kubernetes-cni package #4186
Consider discontinuing the kubernetes-cni package kubernetes/release#4156
Note: the packages are still installed by default, in Kubernetes version 1.34...
But this way, the k8s installation will continue to work - even if they are not
The main difference from before, is that there will be small warning printed:
WARN[0000] Image connect using default endpoints: [unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.It has been deprecated for 5 years, but the user is supposed to configure it:
https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/ (in
/etc/crictl.yaml)And the other cni-plugins are upgraded from version 1.7.1 to version 1.8.0.
It can now use the standard version from
nerdctl, instead of from kubelet.