Skip to content

Commit

Permalink
Add configuration option for NRI in crio & containerd (#10454)
Browse files Browse the repository at this point in the history
* [containerd] Add Configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtime like containerd. With this commit, we introduce the
containerd_disable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in containerd. In line with containerd's default
configuration, NRI is disabled by default in this containerd role
defaults.

Signed-off-by: Feruzjon Muyassarov <[email protected]>

* [cri-o] Add configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtimes like containerd/crio. With this commit, we introduce the
crio_enable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in cri-o runtime. In line with crio's default
configuration, NRI is disabled by default in this cri-o role
defaults.

Signed-off-by: Feruzjon Muyassarov <[email protected]>

---------

Signed-off-by: Feruzjon Muyassarov <[email protected]>
(cherry picked from commit f964b34)
  • Loading branch information
fmuyassarov authored and floryut committed Oct 6, 2023
1 parent 9dc2092 commit 7bd757d
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 0 deletions.
3 changes: 3 additions & 0 deletions roles/container-engine/containerd/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ containerd_enable_unprivileged_ports: false
# If enabled it will allow non root users to use icmp sockets
containerd_enable_unprivileged_icmp: false

# If enabled, it will activate the NRI support in containerd
containerd_nri_disable: true

containerd_cfg_dir: /etc/containerd

# Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally
Expand Down
3 changes: 3 additions & 0 deletions roles/container-engine/containerd/templates/config.toml.j2
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,9 @@ oom_score = {{ containerd_oom_score }}
{% endif %}
{% endfor %}

[plugins."io.containerd.nri.v1.nri"]
disable = {{ containerd_nri_disable | default(true) | lower }}

{% if containerd_extra_args is defined %}
{{ containerd_extra_args }}
{% endif %}
3 changes: 3 additions & 0 deletions roles/container-engine/cri-o/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -97,3 +97,6 @@ crio_man_files:
8:
- crio
- crio-status

# If set to true, it will enable the NRI support in cri-o
crio_enable_nri: false
5 changes: 5 additions & 0 deletions roles/container-engine/cri-o/templates/crio.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -376,3 +376,8 @@ enable_metrics = {{ crio_enable_metrics | bool | lower }}

# The port on which the metrics server will listen.
metrics_port = {{ crio_metrics_port }}

[crio.nri]

# Enable or disable NRI (Node Resource Interface) support in CRI-O.
enable_nri={{ crio_enable_nri | default(false) | lower }}

0 comments on commit 7bd757d

Please sign in to comment.