From e174dbe3182f2e57817f65bebfd903606dfb790e Mon Sep 17 00:00:00 2001
From: "SIGUNOV, VLADIMIR (vs422h)" <vs422h@att.com>
Date: Tue, 20 Apr 2021 17:23:44 -0400
Subject: [PATCH] Update default CRI and cgroup driver

Default CRI: containerd
Default cgroup driver: systemd

* Fixed VM disk size issue

Relates-To: #456

Change-Id: I4072fffcd466534e51a4e2da0b38272ead820d65
---
 manifests/function/ephemeral/secret.yaml         |  2 +-
 manifests/function/k8scontrol/controlplane.yaml  | 16 ++++++++++++++--
 .../replacements/k8scontrol-env-vars.yaml        |  6 +++---
 .../workers-capm3/kubeadmconfigtemplate.yaml     | 15 ++++++++++++---
 .../replacements/workers-env-vars.yaml           |  6 +++---
 playbooks/airship-airshipctl-build-gate.yaml     |  6 +++---
 6 files changed, 36 insertions(+), 15 deletions(-)

diff --git a/manifests/function/ephemeral/secret.yaml b/manifests/function/ephemeral/secret.yaml
index d7e55a23e..1a7cc0f0f 100644
--- a/manifests/function/ephemeral/secret.yaml
+++ b/manifests/function/ephemeral/secret.yaml
@@ -130,4 +130,4 @@ stringData:
     - mkdir -p /var/lib/docker-engine /mnt/ephemeral/var/lib/docker-engine
     - mount --bind /mnt/ephemeral/var/lib/docker-engine /var/lib/docker-engine
     - mkdir -p /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
-    - mount --bind /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
+    - mount --bind /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
\ No newline at end of file
diff --git a/manifests/function/k8scontrol/controlplane.yaml b/manifests/function/k8scontrol/controlplane.yaml
index ff7102ddd..705bde3bb 100644
--- a/manifests/function/k8scontrol/controlplane.yaml
+++ b/manifests/function/k8scontrol/controlplane.yaml
@@ -14,29 +14,41 @@ spec:
       apiServer:
         timeoutForControlPlane: 1000s
     files:
-      - path: "/etc/systemd/system/docker.service.d/http-proxy.conf"
+      - path: "/etc/systemd/system/containerd.service.d/http-proxy.conf"
         content: |
           [Service]
           Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
           Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
           Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
+      # Since we are using containerd as a default CRI, we do not need
+      # any adjustments and settings for docker anymore. However, if for
+      # some reason docker has to be presented in the system, we need to
+      # create http-proxy.conf.
     # TODO: add download sources to the versions catalogue
     preKubeadmCommands:
       # Restart docker to apply any proxy settings
       - export HOME=/root
+      - mkdir -p /etc/containerd
+      - containerd config default | sed -r -e '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc\]$/a\          SystemdCgroup = true' | tee /etc/containerd/config.toml
       - systemctl daemon-reload
-      - systemctl restart docker
+      - systemctl restart containerd
     initConfiguration:
       nodeRegistration:
         name: '{{ ds.meta_data.local_hostname }}'
         kubeletExtraArgs:
           node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }},node-type=controlplane'
+          cgroup-driver: "systemd"
+          container-runtime: remote
+        criSocket: "unix:///run/containerd/containerd.sock"
     joinConfiguration:
       controlPlane: {}
       nodeRegistration:
         name: '{{ ds.meta_data.local_hostname }}'
         kubeletExtraArgs:
           node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }},node-type=controlplane'
+          cgroup-driver: "systemd"
+          container-runtime: remote
+        criSocket: "unix:///run/containerd/containerd.sock"
     ntp:
        servers:
           - 0.pool.ntp.org
diff --git a/manifests/function/k8scontrol/replacements/k8scontrol-env-vars.yaml b/manifests/function/k8scontrol/replacements/k8scontrol-env-vars.yaml
index 1978b149d..acc96d9b9 100644
--- a/manifests/function/k8scontrol/replacements/k8scontrol-env-vars.yaml
+++ b/manifests/function/k8scontrol/replacements/k8scontrol-env-vars.yaml
@@ -19,7 +19,7 @@ replacements:
       name: cluster-controlplane
     fieldrefs:
       - "spec.kubeadmConfigSpec.preKubeadmCommands%REPLACEMENT_HTTP_PROXY%"
-      - "spec.kubeadmConfigSpec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTP_PROXY%"
+      - "{.spec.kubeadmConfigSpec.files[:].content}%REPLACEMENT_HTTP_PROXY%"
 - source:
     objref:
       name: env-vars-catalogue
@@ -30,7 +30,7 @@ replacements:
       name: cluster-controlplane
     fieldrefs:
       - "spec.kubeadmConfigSpec.preKubeadmCommands%REPLACEMENT_HTTPS_PROXY%"
-      - "spec.kubeadmConfigSpec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTPS_PROXY%"
+      - "{.spec.kubeadmConfigSpec.files[:].content}%REPLACEMENT_HTTPS_PROXY%"
 - source:
     objref:
       name: env-vars-catalogue
@@ -41,4 +41,4 @@ replacements:
       name: cluster-controlplane
     fieldrefs:
       - "spec.kubeadmConfigSpec.preKubeadmCommands%REPLACEMENT_NO_PROXY%"
-      - "spec.kubeadmConfigSpec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_NO_PROXY%"
+      - "{.spec.kubeadmConfigSpec.files[:].content}%REPLACEMENT_NO_PROXY%"
diff --git a/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml b/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml
index b1e02ee68..5e6b7f878 100644
--- a/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml
+++ b/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml
@@ -12,18 +12,27 @@ spec:
             node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }}'
             provider-id: 'metal3://{{ ds.meta_data.uuid }}'
             feature-gates: "IPv6DualStack=true"
+            cgroup-driver: "systemd"
+            container-runtime: remote
+          criSocket: "unix:///run/containerd/containerd.sock"
       files:
-        - path: "/etc/systemd/system/docker.service.d/http-proxy.conf"
+        - path: "/etc/systemd/system/containerd.service.d/http-proxy.conf"
           content: |
             [Service]
             Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
             Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
             Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
+      # Since we are using containerd as a default CRI, we do not need
+      # any adjustments and settings for docker anymore. However, if for
+      # some reason docker has to be presented in the system, we need to
+      # create http-proxy.conf.
       preKubeadmCommands:
-        # Restart docker to apply any proxy settings
+        # Restart docker and containerd to apply any proxy settings
         - export HOME=/root
+        - mkdir -p /etc/containerd
+        - containerd config default | sed -r -e '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc\]$/a\          SystemdCgroup = true' | tee /etc/containerd/config.toml
         - systemctl daemon-reload
-        - systemctl restart docker
+        - systemctl restart containerd
       users:
         - name: deployer
           sshAuthorizedKeys:
diff --git a/manifests/function/workers-capm3/replacements/workers-env-vars.yaml b/manifests/function/workers-capm3/replacements/workers-env-vars.yaml
index 3d90acfd6..70285051c 100644
--- a/manifests/function/workers-capm3/replacements/workers-env-vars.yaml
+++ b/manifests/function/workers-capm3/replacements/workers-env-vars.yaml
@@ -18,7 +18,7 @@ replacements:
       kind: KubeadmConfigTemplate
       name: worker-1
     fieldrefs:
-      - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTP_PROXY%"
+      - "{.spec.template.spec.files[:].content}%REPLACEMENT_HTTP_PROXY%"
 - source:
     objref:
       name: env-vars-catalogue
@@ -28,7 +28,7 @@ replacements:
       kind: KubeadmConfigTemplate
       name: worker-1
     fieldrefs:
-      - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTPS_PROXY%"
+      - "{.spec.template.spec.files[:].content}%REPLACEMENT_HTTPS_PROXY%"
 - source:
     objref:
       name: env-vars-catalogue
@@ -38,4 +38,4 @@ replacements:
       kind: KubeadmConfigTemplate
       name: worker-1
     fieldrefs:
-      - "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_NO_PROXY%"
+      - "{.spec.template.spec.files[:].content}%REPLACEMENT_NO_PROXY%"
diff --git a/playbooks/airship-airshipctl-build-gate.yaml b/playbooks/airship-airshipctl-build-gate.yaml
index 1cd391193..cf73ae511 100644
--- a/playbooks/airship-airshipctl-build-gate.yaml
+++ b/playbooks/airship-airshipctl-build-gate.yaml
@@ -88,16 +88,16 @@
         airship_gate_flavors:
           medium:
             disk_format: qcow2
-            ephemeral_disk_size: 20G
+            ephemeral_disk_size: 30G
             ephemeral_vm_cfg: "{{ ephemeral_vm_cfg }}"
             ephemeral_vm_memory_mb: 6144
             ephemeral_vm_vcpus: 4
-            target_disk_size: 20G
+            target_disk_size: 30G
             target_vm_cfg: "{{ target_vm_cfg }}"
             target_vm_memory_mb: 7168
             target_vm_vcpus: 2
             target_vms_count: 1
-            worker_disk_size: 20G
+            worker_disk_size: 30G
             worker_vm_cfg: "{{ worker_vm_cfg }}"
             worker_vm_memory_mb: 7168
             worker_vm_vcpus: 2