diff --git a/examples/e2e-tests/kubernetes/kubernetes-config/containerd.json b/examples/e2e-tests/kubernetes/kubernetes-config/containerd.json deleted file mode 100644 index facad5df83..0000000000 --- a/examples/e2e-tests/kubernetes/kubernetes-config/containerd.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "apiVersion": "vlabs", - "properties": { - "orchestratorProfile": { - "orchestratorType": "Kubernetes", - "orchestratorRelease": "1.10", - "kubernetesConfig": { - "networkPlugin": "flannel", - "containerRuntime": "containerd" - } - }, - "masterProfile": { - "count": 1, - "dnsPrefix": "", - "vmSize": "Standard_D2_v2" - }, - "agentPoolProfiles": [ - { - "name": "agentpool1", - "count": 3, - "vmSize": "Standard_D2_v2", - "availabilityProfile": "AvailabilitySet" - } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "" - } - ] - } - }, - "servicePrincipalProfile": { - "clientId": "", - "secret": "" - } - } -} diff --git a/examples/e2e-tests/kubernetes/kubernetes-config/flannel.json b/examples/e2e-tests/kubernetes/kubernetes-config/flannel.json deleted file mode 100644 index d015d34c53..0000000000 --- a/examples/e2e-tests/kubernetes/kubernetes-config/flannel.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "apiVersion": "vlabs", - "properties": { - "orchestratorProfile": { - "orchestratorType": "Kubernetes", - "kubernetesConfig": { - "networkPlugin":"flannel", - } - }, - "masterProfile": { - "count": 1, - "dnsPrefix": "", - "vmSize": "Standard_D2_v2" - }, - "agentPoolProfiles": [ - { - "name": "linuxpool1", - "count": 3, - "vmSize": "Standard_D2_v2", - "availabilityProfile": "AvailabilitySet" - } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "" - } - ] - } - }, - "servicePrincipalProfile": { - "clientId": "", - "secret": "" - }, - "certificateProfile": {} - } -} diff --git a/parts/k8s/kubernetesagentcustomdata.yml b/parts/k8s/kubernetesagentcustomdata.yml index d5b6eece1c..7466b748fb 100644 --- a/parts/k8s/kubernetesagentcustomdata.yml +++ b/parts/k8s/kubernetesagentcustomdata.yml @@ -8,14 +8,15 @@ write_files: content: !!binary | {{WrapAsVariable "provisionSource"}} -{{if not .IsCoreOS}} +{{if .KubernetesConfig.RequiresDocker}} + {{if not .IsCoreOS}} - path: "/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf" permissions: "0644" owner: "root" content: | [Service] MountFlags=shared -{{end}} + {{end}} - path: "/etc/systemd/system/docker.service.d/exec_start.conf" permissions: "0644" owner: "root" @@ -43,6 +44,7 @@ write_files: } }{{end}} } +{{end}} - path: "/etc/kubernetes/certs/ca.crt" permissions: "0644" @@ -139,7 +141,10 @@ AGENT_ARTIFACTS_CONFIG_PLACEHOLDER content: | #!/bin/bash /usr/bin/mkdir -p /etc/kubernetes/manifests + + {{if .KubernetesConfig.RequiresDocker}} usermod -aG docker {{WrapAsVariable "username"}} + {{end}} systemctl enable rpcbind systemctl enable rpc-statd diff --git a/parts/k8s/kubernetescustomscript.sh b/parts/k8s/kubernetescustomscript.sh index 9e1534be62..68fdebe19a 100644 --- a/parts/k8s/kubernetescustomscript.sh +++ b/parts/k8s/kubernetescustomscript.sh @@ -337,6 +337,7 @@ function installContainerd() { retrycmd_get_tarball 60 5 "$CONTAINERD_TGZ_TMP" "$CONTAINERD_DOWNLOAD_URL" tar -xzf "$CONTAINERD_TGZ_TMP" -C / rm -f "$CONTAINERD_TGZ_TMP" + sed -i '/\[Service\]/a ExecStartPost=\/sbin\/iptables -P FORWARD ACCEPT' /etc/systemd/system/containerd.service echo "Successfully installed cri-containerd..." if [[ "$CONTAINER_RUNTIME" == "clear-containers" ]] || [[ "$CONTAINER_RUNTIME" == "containerd" ]]; then @@ -511,9 +512,14 @@ if [ -f $CUSTOM_SEARCH_DOMAIN_SCRIPT ]; then fi installDeps -installDocker + +if [[ "$CONTAINER_RUNTIME" == "docker" ]]; then + installDocker + ensureDocker +fi + configureK8s -ensureDocker + configNetworkPlugin if [[ ! -z "${MASTER_NODE}" ]]; then diff --git a/parts/k8s/kubernetesmastercustomdata.yml b/parts/k8s/kubernetesmastercustomdata.yml index cad59d67f2..0ad36b94b1 100644 --- a/parts/k8s/kubernetesmastercustomdata.yml +++ b/parts/k8s/kubernetesmastercustomdata.yml @@ -14,6 +14,7 @@ write_files: content: !!binary | {{WrapAsVariable "provisionSource"}} +{{if .OrchestratorProfile.KubernetesConfig.RequiresDocker}} {{if not .MasterProfile.IsCoreOS}} - path: "/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf" permissions: "0644" @@ -46,6 +47,7 @@ write_files: "max-file": "5" } } +{{end}} - path: "/etc/kubernetes/certs/ca.crt" permissions: "0644" @@ -376,7 +378,10 @@ MASTER_ARTIFACTS_CONFIG_PLACEHOLDER systemctl restart etcd-member retrycmd_if_failure 5 5 10 curl --retry 5 --retry-delay 10 --retry-max-time 10 --max-time 60 http://127.0.0.1:2379/v2/machines mkdir -p /etc/kubernetes/manifests + + {{if .OrchestratorProfile.KubernetesConfig.RequiresDocker}} usermod -aG docker {{WrapAsVariable "username"}} + {{end}} {{if EnableAggregatedAPIs}} sudo bash /etc/kubernetes/generate-proxy-certs.sh diff --git a/pkg/api/types.go b/pkg/api/types.go index 5fc5793b40..d486f04022 100644 --- a/pkg/api/types.go +++ b/pkg/api/types.go @@ -978,3 +978,9 @@ func (k *KubernetesConfig) PrivateJumpboxProvision() bool { } return false } + +// RequiresDocker returns if the kubernetes settings require docker to be installed. +func (k *KubernetesConfig) RequiresDocker() bool { + runtime := strings.ToLower(k.ContainerRuntime) + return runtime == "docker" || runtime == "" +} diff --git a/pkg/api/vlabs/types.go b/pkg/api/vlabs/types.go index 0ca4e39127..507e36d225 100644 --- a/pkg/api/vlabs/types.go +++ b/pkg/api/vlabs/types.go @@ -633,3 +633,9 @@ func (l *LinuxProfile) HasCustomNodesDNS() bool { func (o *OrchestratorProfile) IsSwarmMode() bool { return o.OrchestratorType == SwarmMode } + +// RequiresDocker returns if the kubernetes settings require docker to be installed. +func (k *KubernetesConfig) RequiresDocker() bool { + runtime := strings.ToLower(k.ContainerRuntime) + return runtime == "docker" || runtime == "" +}