From 0b5df251d037a1479a9be253ba676624a14c3f75 Mon Sep 17 00:00:00 2001 From: Michael Henkel Date: Fri, 5 Feb 2021 17:09:38 -0800 Subject: [PATCH] move containerd insecure registry config to containerd.go --- .../package/containerd-bin/config.toml | 1 - .../containerd-bin/config.toml.default | 1 - pkg/minikube/cruntime/containerd.go | 11 +++++-- pkg/minikube/cruntime/cruntime.go | 3 ++ pkg/minikube/node/start.go | 1 + pkg/provision/provision.go | 31 +------------------ 6 files changed, 14 insertions(+), 34 deletions(-) diff --git a/deploy/iso/minikube-iso/package/containerd-bin/config.toml b/deploy/iso/minikube-iso/package/containerd-bin/config.toml index 940f8a696b..f588941a5e 100644 --- a/deploy/iso/minikube-iso/package/containerd-bin/config.toml +++ b/deploy/iso/minikube-iso/package/containerd-bin/config.toml @@ -5,7 +5,6 @@ plugin_dir = "" disabled_plugins = [] required_plugins = [] oom_score = 0 -imports = ["/etc/containerd/config.minikube.toml"] [grpc] address = "/run/containerd/containerd.sock" diff --git a/deploy/iso/minikube-iso/package/containerd-bin/config.toml.default b/deploy/iso/minikube-iso/package/containerd-bin/config.toml.default index 03f644c4f6..c54c96c320 100644 --- a/deploy/iso/minikube-iso/package/containerd-bin/config.toml.default +++ b/deploy/iso/minikube-iso/package/containerd-bin/config.toml.default @@ -5,7 +5,6 @@ plugin_dir = "" disabled_plugins = [] required_plugins = [] oom_score = 0 -imports = ["/etc/containerd/config.minikube.toml"] [grpc] address = "/run/containerd/containerd.sock" diff --git a/pkg/minikube/cruntime/containerd.go b/pkg/minikube/cruntime/containerd.go index 8613b1d4e3..dee2a1dfd9 100644 --- a/pkg/minikube/cruntime/containerd.go +++ b/pkg/minikube/cruntime/containerd.go @@ -98,6 +98,10 @@ oom_score = 0 [plugins.cri.registry.mirrors] [plugins.cri.registry.mirrors."docker.io"] endpoint = ["https://registry-1.docker.io"] + {{ range .InsecureRegistry -}} + [plugins.cri.registry.mirrors."{{. -}}"] + endpoint = ["http://{{. -}}"] + {{ end -}} [plugins.diff-service] default = ["walking"] [plugins.linux] @@ -122,6 +126,7 @@ type Containerd struct { ImageRepository string KubernetesVersion semver.Version Init sysinit.Manager + InsecureRegistry []string } // Name is a human readable name for containerd @@ -172,7 +177,7 @@ func (r *Containerd) Available() error { } // generateContainerdConfig sets up /etc/containerd/config.toml -func generateContainerdConfig(cr CommandRunner, imageRepository string, kv semver.Version, forceSystemd bool) error { +func generateContainerdConfig(cr CommandRunner, imageRepository string, kv semver.Version, forceSystemd bool, insecureRegistry []string) error { cPath := containerdConfigFile t, err := template.New("containerd.config.toml").Parse(containerdConfigTemplate) if err != nil { @@ -182,9 +187,11 @@ func generateContainerdConfig(cr CommandRunner, imageRepository string, kv semve opts := struct { PodInfraContainerImage string SystemdCgroup bool + InsecureRegistry []string }{ PodInfraContainerImage: pauseImage, SystemdCgroup: forceSystemd, + InsecureRegistry: insecureRegistry, } var b bytes.Buffer if err := t.Execute(&b, opts); err != nil { @@ -207,7 +214,7 @@ func (r *Containerd) Enable(disOthers, forceSystemd bool) error { if err := populateCRIConfig(r.Runner, r.SocketPath()); err != nil { return err } - if err := generateContainerdConfig(r.Runner, r.ImageRepository, r.KubernetesVersion, forceSystemd); err != nil { + if err := generateContainerdConfig(r.Runner, r.ImageRepository, r.KubernetesVersion, forceSystemd, r.InsecureRegistry); err != nil { return err } if err := enableIPForwarding(r.Runner); err != nil { diff --git a/pkg/minikube/cruntime/cruntime.go b/pkg/minikube/cruntime/cruntime.go index 5d0b4b6c5f..ba9075051d 100644 --- a/pkg/minikube/cruntime/cruntime.go +++ b/pkg/minikube/cruntime/cruntime.go @@ -130,6 +130,8 @@ type Config struct { ImageRepository string // KubernetesVersion Kubernetes version KubernetesVersion semver.Version + // InsecureRegistry list of insecure registries + InsecureRegistry []string } // ListOptions are the options to use for listing containers @@ -168,6 +170,7 @@ func New(c Config) (Manager, error) { ImageRepository: c.ImageRepository, KubernetesVersion: c.KubernetesVersion, Init: sm, + InsecureRegistry: c.InsecureRegistry, }, nil default: return nil, fmt.Errorf("unknown runtime type: %q", c.Type) diff --git a/pkg/minikube/node/start.go b/pkg/minikube/node/start.go index d1081fd7bb..a62362b18f 100644 --- a/pkg/minikube/node/start.go +++ b/pkg/minikube/node/start.go @@ -244,6 +244,7 @@ func configureRuntimes(runner cruntime.CommandRunner, cc config.ClusterConfig, k Runner: runner, ImageRepository: cc.KubernetesConfig.ImageRepository, KubernetesVersion: kv, + InsecureRegistry: cc.InsecureRegistry, } cr, err := cruntime.New(co) if err != nil { diff --git a/pkg/provision/provision.go b/pkg/provision/provision.go index c4c1a1c7f5..20fa0ddb65 100644 --- a/pkg/provision/provision.go +++ b/pkg/provision/provision.go @@ -218,7 +218,7 @@ func setContainerRuntimeOptions(name string, p miniProvisioner) error { case "crio", "cri-o": return setCrioOptions(p) case "containerd": - return setContainerdOptions(p) + return nil default: _, err := p.GenerateDockerOptions(engine.DefaultPort) return err @@ -249,35 +249,6 @@ CRIO_MINIKUBE_OPTIONS='{{ range .EngineOptions.InsecureRegistry }}--insecure-reg return nil } -func setContainerdOptions(p provision.SSHCommander) error { - // pass through --insecure-registry - var ( - containerdConfigTmpl = `[plugins] - [plugins.cri] - [plugins.cri.registry] - [plugins.cri.registry.mirrors] - {{ range .EngineOptions.InsecureRegistry -}} - [plugins.cri.registry.mirrors.\"{{. -}}\"] - endpoint = [\"{{. -}}\"] - {{ end -}}` - containerdConfigPath = "/etc/containerd/config.minikube.toml" - ) - t, err := template.New("containerdConfigPath").Parse(containerdConfigTmpl) - if err != nil { - return err - } - var containerdConfigBuf bytes.Buffer - if err := t.Execute(&containerdConfigBuf, p); err != nil { - return err - } - - if _, err = p.SSHCommand(fmt.Sprintf("sudo mkdir -p %s && printf %%s \"%s\" | sudo tee %s", path.Dir(containerdConfigPath), containerdConfigBuf.String(), containerdConfigPath)); err != nil { - return err - } - - return nil -} - func rootFileSystemType(p provision.SSHCommander) (string, error) { fs, err := p.SSHCommand("df --output=fstype / | tail -n 1") if err != nil {