This message was deleted.
# k3sa
adamant-kite-43734
09/26/2023, 8:51 PMThis message was deleted.
c
creamy-pencil-82913
09/26/2023, 8:55 PMdid you provide your own containerd config template, but forget to make it an actual template, and instead just hardcoded a bunch of paths in it that you found in a pre-rendered config file?
creamy-pencil-82913
09/26/2023, 8:55 PMspecifically the cni bin dir…
b
bland-painting-61617
09/26/2023, 9:03 PMDamn yes, because I had deployed kata long time ago as a test on two nodes and the .conf file was copied into .conf.tmpl
What's the best way to add the block below without creating a tmpl file which I guess preserves old path of the cni bin dir?
Copy code
[plugins.cri.containerd.runtimes.kata]
runtime_type = "io.containerd.kata.v2"
privileged_without_host_devices = true
pod_annotations = ["io.katacontainers.*"]c
creamy-pencil-82913
09/26/2023, 9:05 PMcreamy-pencil-82913
09/26/2023, 9:05 PMif you’re on a recent release
b
bland-painting-61617
09/26/2023, 9:08 PMAwesome, I'm on 1.26.8
bland-painting-61617
09/26/2023, 9:08 PMso essentially just create a tmpl file with
Copy code
{{ template "base" . }}
[plugins.cri.containerd.runtimes.kata]
runtime_type = "io.containerd.kata.v2"
privileged_without_host_devices = true
pod_annotations = ["io.katacontainers.*"]c
creamy-pencil-82913
09/26/2023, 9:12 PMyep
b
bland-painting-61617
09/26/2023, 9:23 PMWeird, k3s won't start even on 1.26.9 even though the PR seems backported
c
creamy-pencil-82913
09/26/2023, 9:27 PMis the template getting rendered properly?
creamy-pencil-82913
09/26/2023, 9:28 PMshould be available on 1.26.8+
https://github.com/k3s-io/k3s/issues/8116
b
bland-painting-61617
09/26/2023, 9:29 PMThink there's a change to containerd syntax, invalid plugin key URI "cri" expect io.containerd.x.vx
bland-painting-61617
09/26/2023, 9:37 PM Copy code
# File generated by k3s. DO NOT EDIT. Use config.toml.tmpl instead.
version = 2
[plugins."io.containerd.internal.v1.opt"]
path = "/var/lib/rancher/k3s/agent/containerd"
[plugins."io.containerd.grpc.v1.cri"]
stream_server_address = "127.0.0.1"
stream_server_port = "10010"
enable_selinux = false
enable_unprivileged_ports = true
enable_unprivileged_icmp = true
sandbox_image = "rancher/mirrored-pause:3.6"
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
disable_snapshot_annotations = true
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/var/lib/rancher/k3s/data/8f204184aa58bc8e77f4ef42e7a942f7b27fc2d41072ef15182f996b5d53381a/bin"
conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
[plugins.cri.containerd.runtimes.kata]
runtime_type = "io.containerd.kata.v2"
privileged_without_host_devices = true
pod_annotations = ["io.katacontainers.*"]bland-painting-61617
09/26/2023, 9:37 PMlooks like that
c
creamy-pencil-82913
09/26/2023, 11:23 PMFor the new config format, I think you want
Copy code
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata]creamy-pencil-82913
09/26/2023, 11:23 PMnote that’s the format the other stanzas are in
b
bland-painting-61617
09/27/2023, 3:35 PMI think that is it. You're awesome (as always) 😉
bland-painting-61617
09/27/2023, 3:37 PMNow I can go and figure out the other things that broke yesterday when they got upgraded... Falco and CrowdSec 🤣
Joys of running things-upgrade-on-its-own deployment model
5 Views