Fix the issue with default_sysctls for cri-o.
In earlier version of cri-o (at least that been seen in 1.18) cri-o packages have default configuration stored as /etc/crio/crio.conf, with all the default values defined. Setting a value for the key means that was a need to actually change the default. In version up to 1.23 there was even no configuration stored at all, but starting from 1.24, all the default config options has been commented out, and only section names are not commented. Similar situation has been detected for registry configuration, but here it is even more difficult, as in recent version toml format has been used instead of ini. With this patch all of the cases has been covered. Change-Id: Ia1b3dee3979841e798cec11c02ba1412dccef6c2
This commit is contained in:
parent
a6494044ff
commit
aef3c9209b
|
@ -85,16 +85,38 @@ function configure_crio {
|
||||||
iniset -sudo ${CRIO_CONF} crio.runtime log_level \"info\"
|
iniset -sudo ${CRIO_CONF} crio.runtime log_level \"info\"
|
||||||
fi
|
fi
|
||||||
if is_ubuntu; then
|
if is_ubuntu; then
|
||||||
|
local crio_minor=${CRIO_VERSION#*.}
|
||||||
# At least for 18.04 we need to set up /etc/containers/registries.conf
|
# At least for 18.04 we need to set up /etc/containers/registries.conf
|
||||||
# with some initial content. That's another bug with that PPA.
|
# with some initial content. That's another bug with that PPA.
|
||||||
local registries_conf
|
local registries_conf
|
||||||
registries_conf="/etc/containers/registries.conf"
|
registries_conf="/etc/containers/registries.conf"
|
||||||
if [[ ! -f ${registries_conf} ]]; then
|
|
||||||
|
if [[ ! -f ${registries_conf} && $crio_minor -lt 24 ]]; then
|
||||||
sudo mkdir -p `dirname ${registries_conf}`
|
sudo mkdir -p `dirname ${registries_conf}`
|
||||||
cat << EOF | sudo tee ${registries_conf}
|
cat << EOF | sudo tee ${registries_conf}
|
||||||
[registries.search]
|
[registries.search]
|
||||||
registries = ['docker.io']
|
registries = ['docker.io']
|
||||||
EOF
|
EOF
|
||||||
|
else
|
||||||
|
# If there is a config file, that means, we are probably on the
|
||||||
|
# newer version of crio/container/podman, which basically means
|
||||||
|
# we cannot mix [registries.search] registries filled with
|
||||||
|
# something and unqualified-search-registries setting which appear
|
||||||
|
# on sysregistry v2 config syntax. And because it's a TOML now, we
|
||||||
|
# cannot rely on iniset, but directly change the file.
|
||||||
|
|
||||||
|
local rname='unqualified-search-registries'
|
||||||
|
local rval='["docker.io", "quay.io"]'
|
||||||
|
if [[ ! -f ${registries_conf} ]]; then
|
||||||
|
cat << EOF | sudo tee ${registries_conf}
|
||||||
|
unqualified-search-registries = ["docker.io", "quay.io"]
|
||||||
|
EOF
|
||||||
|
elif grep -wq "^${rname}" "${registries_conf}"; then
|
||||||
|
sudo sed -i -e \
|
||||||
|
"s/^${rname}.*$/${rname} = ${rval}/" "${registries_conf}"
|
||||||
|
else
|
||||||
|
sudo sed -i "1s/^/${rname} = ${rval}\n/" "${registries_conf}"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
# CRI-O from kubic repo have placed runc in different place, not even
|
# CRI-O from kubic repo have placed runc in different place, not even
|
||||||
# in path, just to not conflict with runc package from official repo.
|
# in path, just to not conflict with runc package from official repo.
|
||||||
|
@ -113,7 +135,7 @@ EOF
|
||||||
# By default CRI-O doesn't allow ICMP between containers, although it
|
# By default CRI-O doesn't allow ICMP between containers, although it
|
||||||
# is ususally expected for testing purposes.
|
# is ususally expected for testing purposes.
|
||||||
if [ "${CRIO_ALLOW_ICMP}" == "True" ]; then
|
if [ "${CRIO_ALLOW_ICMP}" == "True" ]; then
|
||||||
if grep -q 'default_sysctls =' ${CRIO_CONF}; then
|
if grep -wq '^default_sysctls' ${CRIO_CONF}; then
|
||||||
export CRIO_KEY="default_sysctls"
|
export CRIO_KEY="default_sysctls"
|
||||||
export CRIO_VAL='[ "net.ipv4.ping_group_range=0 2147483647", ]'
|
export CRIO_VAL='[ "net.ipv4.ping_group_range=0 2147483647", ]'
|
||||||
_update_config
|
_update_config
|
||||||
|
|
Loading…
Reference in New Issue