kubelet, containerd: set container runtime socket to 'containerd.sock'

This changes containerd's container runtime socket to '/run/containerd/containerd.sock'
from '/run/dockershim.sock'.

This change reverts changes done in bottlerocket-os#796

More K8s deployments are now containerd-aware so customers are having to
do daemonset edits for solutions that assume containerd as the
underlying runtime.

In the containerd systemd service, we create a symlink for the
containerd socket at `/run/dockershim.sock` just so other deployments
that assume docker as underlying runtime can still work.

packages/containerd/containerd-config-toml_k8s

@@ -10,7 +10,7 @@ disabled_plugins = [
 ]
 
 [grpc]
-address = "/run/dockershim.sock"
+address = "/run/containerd/containerd.sock"
 
 [plugins."io.containerd.grpc.v1.cri"]
 enable_selinux = true

packages/containerd/containerd-config-toml_k8s_nvidia

@@ -10,7 +10,7 @@ disabled_plugins = [
 ]
 
 [grpc]
-address = "/run/dockershim.sock"
+address = "/run/containerd/containerd.sock"
 
 [plugins."io.containerd.grpc.v1.cri"]
 enable_selinux = true

packages/containerd/containerd.service

@@ -8,6 +8,8 @@ Wants=network-online.target configured.target
 Slice=runtime.slice
 EnvironmentFile=/etc/network/proxy.env
 EnvironmentFile=-/etc/containerd/nvidia.env
+# We symlink the containerd socket for IPAMD which looks for dockershim.sock
+ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock
 ExecStart=/usr/bin/containerd
 Type=notify
 Delegate=yes

packages/kubernetes-1.19/kubelet-exec-start-conf

@@ -12,8 +12,8 @@ ExecStart=/usr/bin/kubelet \
 {{/unless}}
     --config /etc/kubernetes/kubelet/config \
     --container-runtime=remote \
-    --container-runtime-endpoint=unix:///run/dockershim.sock \
-    --containerd=/run/dockershim.sock \
+    --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
+    --containerd=/run/containerd/containerd.sock \
     --network-plugin cni \
     --root-dir /var/lib/kubelet \
     --cert-dir /var/lib/kubelet/pki \

packages/kubernetes-1.19/kubelet.service

@@ -13,7 +13,7 @@ EnvironmentFile=/etc/kubernetes/kubelet/env
 ExecStartPre=/sbin/iptables -P FORWARD ACCEPT
 # Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to
 ExecStartPre=/usr/bin/host-ctr \
-    --containerd-socket=/run/dockershim.sock \
+    --containerd-socket=/run/containerd/containerd.sock \
     --namespace=k8s.io \
     pull-image \
     --source=${POD_INFRA_CONTAINER_IMAGE} \

packages/kubernetes-1.20/kubelet-exec-start-conf

@@ -12,8 +12,8 @@ ExecStart=/usr/bin/kubelet \
 {{/unless}}
     --config /etc/kubernetes/kubelet/config \
     --container-runtime=remote \
-    --container-runtime-endpoint=unix:///run/dockershim.sock \
-    --containerd=/run/dockershim.sock \
+    --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
+    --containerd=/run/containerd/containerd.sock \
     --network-plugin cni \
     --root-dir /var/lib/kubelet \
     --cert-dir /var/lib/kubelet/pki \

packages/kubernetes-1.20/kubelet.service

@@ -13,7 +13,7 @@ EnvironmentFile=/etc/kubernetes/kubelet/env
 ExecStartPre=/sbin/iptables -P FORWARD ACCEPT
 # Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to
 ExecStartPre=/usr/bin/host-ctr \
-    --containerd-socket=/run/dockershim.sock \
+    --containerd-socket=/run/containerd/containerd.sock \
     --namespace=k8s.io \
     pull-image \
     --source=${POD_INFRA_CONTAINER_IMAGE} \

packages/kubernetes-1.21/kubelet-exec-start-conf

@@ -12,8 +12,8 @@ ExecStart=/usr/bin/kubelet \
 {{/unless}}
     --config /etc/kubernetes/kubelet/config \
     --container-runtime=remote \
-    --container-runtime-endpoint=unix:///run/dockershim.sock \
-    --containerd=/run/dockershim.sock \
+    --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
+    --containerd=/run/containerd/containerd.sock\
     --network-plugin cni \
     --root-dir /var/lib/kubelet \
     --cert-dir /var/lib/kubelet/pki \

packages/kubernetes-1.21/kubelet.service

@@ -13,7 +13,7 @@ EnvironmentFile=/etc/kubernetes/kubelet/env
 ExecStartPre=/sbin/iptables -P FORWARD ACCEPT
 # Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to
 ExecStartPre=/usr/bin/host-ctr \
-    --containerd-socket=/run/dockershim.sock \
+    --containerd-socket=/run/containerd/containerd.sock\
     --namespace=k8s.io \
     pull-image \
     --source=${POD_INFRA_CONTAINER_IMAGE} \

packages/kubernetes-1.22/kubelet-exec-start-conf

@@ -12,8 +12,8 @@ ExecStart=/usr/bin/kubelet \
 {{/unless}}
     --config /etc/kubernetes/kubelet/config \
     --container-runtime=remote \
-    --container-runtime-endpoint=unix:///run/dockershim.sock \
-    --containerd=/run/dockershim.sock \
+    --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
+    --containerd=/run/containerd/containerd.sock \
     --network-plugin cni \
     --root-dir /var/lib/kubelet \
     --cert-dir /var/lib/kubelet/pki \

packages/kubernetes-1.22/kubelet.service

@@ -13,7 +13,7 @@ EnvironmentFile=/etc/kubernetes/kubelet/env
 ExecStartPre=/sbin/iptables -P FORWARD ACCEPT
 # Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to
 ExecStartPre=/usr/bin/host-ctr \
-    --containerd-socket=/run/dockershim.sock \
+    --containerd-socket=/run/containerd/containerd.sock\
     --namespace=k8s.io \
     pull-image \
     --source=${POD_INFRA_CONTAINER_IMAGE} \