Skip to content

Commit

Permalink
Merge pull request #388 from xiaods/dev
Browse files Browse the repository at this point in the history
update for some upstream patch
  • Loading branch information
xiaods authored Nov 22, 2024
2 parents 2bae381 + 94d2940 commit b1489ee
Show file tree
Hide file tree
Showing 13 changed files with 737 additions and 117 deletions.
11 changes: 6 additions & 5 deletions cmd/k8e/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"os"
"os/exec"
"path/filepath"
"slices"
"strconv"
"strings"

Expand All @@ -27,6 +28,7 @@ import (
)

var criDefaultConfigPath = "/etc/crictl.yaml"
var externalCLIActions = []string{"crictl", "ctr", "kubectl"}

// main entrypoint for the k8e multicall binary
func main() {
Expand Down Expand Up @@ -106,7 +108,7 @@ func findDebug(args []string) bool {
if debug {
return debug
}
debug, _ = strconv.ParseBool(configfilearg.MustFindString(args, "debug"))
debug, _ = strconv.ParseBool(configfilearg.MustFindString(args, "debug", externalCLIActions...))
return debug
}

Expand All @@ -126,7 +128,7 @@ func findDataDir(args []string) string {
if dataDir != "" {
return dataDir
}
dataDir = configfilearg.MustFindString(args, "data-dir")
dataDir = configfilearg.MustFindString(args, "data-dir", externalCLIActions...)
if d, err := datadir.Resolve(dataDir); err == nil {
dataDir = d
} else {
Expand All @@ -144,7 +146,7 @@ func findPreferBundledBin(args []string) bool {
fs.SetOutput(io.Discard)
fs.BoolVar(&preferBundledBin, "prefer-bundled-bin", false, "Prefer bundled binaries")

preferRes := configfilearg.MustFindString(args, "prefer-bundled-bin")
preferRes := configfilearg.MustFindString(args, "prefer-bundled-bin", externalCLIActions...)
if preferRes != "" {
preferBundledBin, _ = strconv.ParseBool(preferRes)
}
Expand All @@ -159,8 +161,7 @@ func findPreferBundledBin(args []string) bool {
// it returns false so that standard CLI wrapping can occur.
func runCLIs(dataDir string) bool {
progName := filepath.Base(os.Args[0])
switch progName {
case "crictl", "ctr", "kubectl":
if slices.Contains(externalCLIActions, progName) {
if err := externalCLI(progName, dataDir, os.Args[1:]); err != nil && !errors.Is(err, context.Canceled) {
logrus.Fatal(err)
}
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -129,9 +129,11 @@ require (
github.com/urfave/cli v1.22.15
github.com/yl2chen/cidranger v1.0.2
go.etcd.io/etcd/api/v3 v3.5.16
go.etcd.io/etcd/client/pkg/v3 v3.5.16
go.etcd.io/etcd/client/v3 v3.5.16
go.etcd.io/etcd/etcdutl/v3 v3.5.13
go.etcd.io/etcd/server/v3 v3.5.16
go.uber.org/zap v1.27.0
golang.org/x/crypto v0.27.0
golang.org/x/net v0.29.0
golang.org/x/sys v0.25.0
Expand Down Expand Up @@ -413,7 +415,6 @@ require (
github.com/xlab/treeprint v1.2.0 // indirect
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
go.etcd.io/bbolt v1.3.11 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.16 // indirect
go.etcd.io/etcd/client/v2 v2.305.16 // indirect
go.etcd.io/etcd/pkg/v3 v3.5.16 // indirect
go.etcd.io/etcd/raft/v3 v3.5.16 // indirect
Expand All @@ -435,7 +436,6 @@ require (
go.uber.org/fx v1.20.1 // indirect
go.uber.org/mock v0.4.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.27.0 // indirect
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
golang.org/x/mod v0.20.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
Expand Down
1 change: 1 addition & 0 deletions pkg/agent/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,7 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N
nodeConfig.Containerd.Log = filepath.Join(envInfo.DataDir, "agent", "containerd", "containerd.log")
nodeConfig.Containerd.Registry = filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "certs.d")
nodeConfig.Containerd.NoDefault = envInfo.ContainerdNoDefault
nodeConfig.Containerd.NonrootDevices = envInfo.ContainerdNonrootDevices
nodeConfig.Containerd.Debug = envInfo.Debug
applyContainerdStateAndAddress(nodeConfig)
applyCRIDockerdAddress(nodeConfig)
Expand Down
1 change: 1 addition & 0 deletions pkg/agent/containerd/config_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ func SetupContainerdConfig(cfg *config.Node) error {
SystemdCgroup: cfg.AgentConfig.Systemd,
IsRunningInUserNS: isRunningInUserNS,
EnableUnprivileged: kernel.CheckKernelVersion(4, 11, 0),
NonrootDevices: cfg.Containerd.NonrootDevices,
PrivateRegistryConfig: cfg.AgentConfig.Registry,
ExtraRuntimes: extraRuntimes,
Program: version.Program,
Expand Down
7 changes: 7 additions & 0 deletions pkg/cli/cmds/agent.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ type Agent struct {
Snapshotter string
Docker bool
ContainerdNoDefault bool
ContainerdNonrootDevices bool
ContainerRuntimeEndpoint string
DefaultRuntime string
ImageServiceEndpoint string
Expand Down Expand Up @@ -215,6 +216,11 @@ var (
Usage: "(agent/containerd) Disables containerd's fallback default registry endpoint when a mirror is configured for that registry",
Destination: &AgentConfig.ContainerdNoDefault,
}
NonrootDevicesFlag = &cli.BoolFlag{
Name: "nonroot-devices",
Usage: "(agent/containerd) Allows non-root pods to access devices by setting device_ownership_from_security_context=true in the containerd CRI config",
Destination: &AgentConfig.ContainerdNonrootDevices,
}
EnablePProfFlag = &cli.BoolFlag{
Name: "enable-pprof",
Usage: "(experimental) Enable pprof endpoint on supervisor port",
Expand Down Expand Up @@ -278,6 +284,7 @@ func NewAgentCommand(action func(ctx *cli.Context) error) cli.Command {
SnapshotterFlag,
PrivateRegistryFlag,
DisableDefaultRegistryEndpointFlag,
NonrootDevicesFlag,
AirgapExtraRegistryFlag,
NodeIPFlag,
BindAddressFlag,
Expand Down
1 change: 1 addition & 0 deletions pkg/cli/cmds/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -490,6 +490,7 @@ var ServerFlags = []cli.Flag{
DefaultRuntimeFlag,
ImageServiceEndpointFlag,
DisableDefaultRegistryEndpointFlag,
NonrootDevicesFlag,
PauseImageFlag,
SnapshotterFlag,
PrivateRegistryFlag,
Expand Down
2 changes: 2 additions & 0 deletions pkg/cli/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import (
"github.com/xiaods/k8e/pkg/util"
"github.com/xiaods/k8e/pkg/version"
"github.com/xiaods/k8e/pkg/vpn"
etcdversion "go.etcd.io/etcd/api/v3/version"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilnet "k8s.io/apimachinery/pkg/util/net"
kubeapiserverflag "k8s.io/component-base/cli/flag"
Expand Down Expand Up @@ -146,6 +147,7 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
serverConfig.ControlConfig.ExtraSchedulerAPIArgs = cfg.ExtraSchedulerArgs
serverConfig.ControlConfig.ClusterDomain = cfg.ClusterDomain
serverConfig.ControlConfig.Datastore.NotifyInterval = 5 * time.Second
serverConfig.ControlConfig.Datastore.EmulatedETCDVersion = etcdversion.Version
serverConfig.ControlConfig.Datastore.Endpoint = cfg.DatastoreEndpoint
serverConfig.ControlConfig.Datastore.BackendTLSConfig.CAFile = cfg.DatastoreCAFile
serverConfig.ControlConfig.Datastore.BackendTLSConfig.CertFile = cfg.DatastoreCertFile
Expand Down
43 changes: 22 additions & 21 deletions pkg/daemons/config/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ import (
"strings"
"sync"

"github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io"
"github.com/k3s-io/kine/pkg/endpoint"
"github.com/rancher/wharfie/pkg/registries"
"github.com/rancher/wrangler/v3/pkg/generated/controllers/core"
"github.com/rancher/wrangler/v3/pkg/leader"
"github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilnet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apiserver/pkg/authentication/authenticator"
Expand All @@ -22,12 +22,12 @@ import (
)

const (
EgressSelectorModeAgent = "agent"
EgressSelectorModeCluster = "cluster"
EgressSelectorModeDisabled = "disabled"
EgressSelectorModePod = "pod"
CertificateRenewDays = 90
StreamServerPort = "10010"
EgressSelectorModeAgent = "agent"
EgressSelectorModeCluster = "cluster"
EgressSelectorModeDisabled = "disabled"
EgressSelectorModePod = "pod"
CertificateRenewDays = 90
StreamServerPort = "10010"
)

type Node struct {
Expand Down Expand Up @@ -66,19 +66,20 @@ type EtcdS3 struct {
}

type Containerd struct {
Address string
Log string
Root string
State string
Config string
Opt string
Template string
BlockIOConfig string
RDTConfig string
Registry string
NoDefault bool
SELinux bool
Debug bool
Address string
Log string
Root string
State string
Config string
Opt string
Template string
BlockIOConfig string
RDTConfig string
Registry string
NoDefault bool
NonrootDevices bool
SELinux bool
Debug bool
}

type CRIDockerd struct {
Expand Down Expand Up @@ -450,4 +451,4 @@ func GetArgs(initialArgs map[string]string, extraArgs []string) []string {
}

return args
}
}
Loading

0 comments on commit b1489ee

Please sign in to comment.