Change docker client to crictl in cert rotation

When container runtime moving to containerd, the containers are created by containerd. Accordingly, the client tool is changed to crictl. In the kube cert rotation script, the containers will be stopped by crictl and automatically started by kubelet to update the renewed certificates within the container. Story: 2006145 Task: 37619 Change-Id: Ia8cf76c15811f8f9d88199158e83ccba31534e4e Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
2020-02-18 03:48:44 +00:00
parent 0719faf33b
commit b330498aec
1 changed files with 4 additions and 4 deletions
--- a/sysinv/sysinv/sysinv/scripts/kube-cert-rotation.sh
+++ b/sysinv/sysinv/sysinv/scripts/kube-cert-rotation.sh
@@ -109,23 +109,23 @@ if [ ${DAY_LEFT_S} -lt ${NINETY_DAYS_S} ]; then
        ERR=1
    fi

-    # Restart docker container of k8s components to refresh the configurations within container
+    # Restart the containers of k8s components to refresh the configurations within container
    if [ ${ERR} -eq 0 ]; then
-        docker ps | awk '/k8s_kube-apiserver/{print$1}' | xargs docker restart > /dev/null
+        crictl ps | awk '/kube-apiserver/{print$1}' | xargs crictl stop > /dev/null
        if [ $? -ne 0 ]; then
            ERR=2
        fi
    fi

    if [ ${ERR} -eq 0 ]; then
-        docker ps | awk '/k8s_kube-controller-manager/{print$1}' | xargs docker restart > /dev/null
+        crictl ps | awk '/kube-controller-manager/{print$1}' | xargs crictl stop > /dev/null
        if [ $? -ne 0 ]; then
            ERR=2
        fi
    fi

    if [ ${ERR} -eq 0 ]; then
-        docker ps | awk '/k8s_kube-scheduler/{print$1}' | xargs docker restart > /dev/null
+        crictl ps | awk '/kube-scheduler/{print$1}' | xargs crictl stop > /dev/null
        if [ $? -ne 0 ]; then
            ERR=2
        fi