1. AKS based action updated to be run from either packaging or remote
repository. We will only clone kata-deploy for yaml/scripts/tests if we
are running the action outside of the packaging repo. If in packaging,
the bits are already included. Misc. cleanup as well.
2. Workflow introduced which leverages the updated AKS action. This will
allow testing of packaging changes to kata-deploy.
The workflow itself uses the following github action: xt0rted/slash-command-action
The workflow will create a kata-deploy container image based off of the latest
release, utilizing the latest released Kata artifacts off of master. It
will then use the AKS kata-deploy GitHub action.
Users with admin access on the repo can trigger this test by:
/test kata-deploy
Fixes: #845
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
By default, k3s uses an embedded containerd. Reconfiguring this
containerd requires modifying a template config file and restarting the
k3s (master node) or k3s-agent (worker node) systemd service.
Signed-off-by: Brandon Wilson <brandon@coil.com>
Use correct key for the kata-qemu-virtiofs runtime class definition
in the crio configuration file.
Fixes: #771.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
We need an entry of `kata-qemu-virtiofs` on the
containerd configuration file.
In addition we need to add `kata-qemu-virtiofs` to the
shim list, so that the wrapper is created for shimv2.
Fixes: #760.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
This adds the kata deploy for QEMU and kernel with virtio-fs 3.0
Depends-on: github.com/kata-containers/runtime#2052
Fixes#709
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
If the container has had to restart, lack of overwrite here causes a benign error message to appear since the nodes already have `katacontainers.io/kata-runtime=true` label. Having a overwrite here means that we don't get the following error message:
error: 'katacontainers.io/kata-runtime' already has a value (true), and --overwrite is false
Signed-off-by: Bharat Kunwar <b.kunwar@gmail.com>
When writing our runtime configs to crio.conf, let's add some
whitespace and comments to make it clearer, and fit in with the
rest of the crio.conf file.
Fixes: #412
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Rather than add the config for kata-qemu and kata-fc unconditionally,
the script now checks if the runtime config exists.
If it exists, then do not chnage the path for the runtime.
The user may have configured this to a specific path for testing
local chnages.
Fixes#374
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Eventually containerd will allow us to provide an argument for a given
runtime handler, but in the meantime, let's use bash to provide
indirection to specify the appropriate configuration file.
Only QEMU is handled until we have a block based snapshotter available.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Add support for the v2-shim integration with containerd. This registers
a runtimeClass named 'kata', utilizing the containerd-shim-kata-v2
binary.
This change adds volume mounts (hopefully temporarily) for
/usr/local/bin, as containerd requires the shim binary be within the
existing path.
Fixes: #323
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
kata-deploy inserts 'manage_network_ns_lifecycle' into crio.conf without any
prior checks and if there is a previous entry in the file, this becomes a
duplicate causing crio service restart issues. This patch addresses that
particular scenario.
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
Simplify the yaml and combine the prior scripts. The resulting script,
kata-deploy.sh, is used for install and configuration and
removal for CRI-O and containerd. While this could be used standalone
outside of daemonsets, today it will sleep infinity after processing the
request, since it is assumed to be called by a daemon.
By checking the CRI runtime within the script itself, we no longer need
to support many daemonsets for deploy - just a single. Still requires a
seperate cleanup daemonset (for restarting the CRI runtime), and an
RBAC.
Verified with CRI-O -- containerd testing WIP
Throwing this up now for feedback since I do not bash good.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Signed-off-by: Saikrishna Edupuganti <saikrishna.edupuganti@intel.com>
