feat: switch to binary runc and containerd install (#333)
* feat: switch to binary runc and containerd install
* fix: always download directly to dst node
* feat: add crictl role
* ci: add tests for binary downloads
* ci: rename scenario and add matrix
* ci: move to using prepare
* ci: stop using anchors
* chore: refactor to download_artifact
* chore: add jammy to containerd+runc
* chore: bump ansible-lint
* chore: add more platforms for cri
* fix: ensure tar command exists
* chore: drop amznlinux2
---------
Co-authored-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/roles/containerd/tasks/main.yml b/roles/containerd/tasks/main.yml
index 95b38e6..3040bd7 100644
--- a/roles/containerd/tasks/main.yml
+++ b/roles/containerd/tasks/main.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
+# Copyright (c) 2023 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
@@ -12,48 +12,60 @@
# License for the specific language governing permissions and limitations
# under the License.
-- name: Add repository
- ansible.builtin.apt_repository:
- repo: "deb {{ containerd_repository_url }} {{ ansible_distribution_release }} main"
- state: present
- when:
- - containerd_repository_url is defined
+- name: Remove containerd package
+ ansible.builtin.package:
+ name: "{{ containerd_package_name }}"
+ state: absent
-- name: Install packages
- ansible.builtin.apt:
- name: containerd
- state: present
+- name: Install containerd binaries
+ ansible.builtin.copy:
+ src: "{{ containerd_download_unarchive_dest }}/{{ item }}"
+ dest: "{{ containerd_bin_dir }}/{{ item }}"
+ mode: "0755"
+ remote_src: true
+ loop: "{{ containerd_binaries }}"
+ notify: Restart containerd
-- name: Create folder for configuration
+- name: Remove containerd orphaned binaries
ansible.builtin.file:
- path: /etc/containerd
+ path: "/usr/bin/{{ item }}"
+ state: absent
+ loop: "{{ containerd_binaries }}"
+ when: containerd_bin_dir != "/usr/bin"
+
+- name: Create systemd service file for containerd
+ ansible.builtin.template:
+ src: containerd.service.j2
+ dest: /etc/systemd/system/containerd.service
+ mode: "0644"
+ notify:
+ - Reload systemd
+ - Restart containerd
+
+- name: Create folders for configuration
+ ansible.builtin.file:
+ dest: "{{ item }}"
state: directory
+ mode: "0755"
owner: root
group: root
- mode: 0755
+ with_items:
+ - "{{ containerd_cfg_dir }}"
+ - "{{ containerd_storage_dir }}"
+ - "{{ containerd_state_dir }}"
notify:
- Restart containerd
-- name: Update pause image in configuration
+- name: Create containerd config file
ansible.builtin.template:
src: config.toml.j2
dest: /etc/containerd/config.toml
owner: root
group: root
- mode: 0644
+ mode: "0644"
notify:
- Restart containerd
-- name: Bump DefaultLimitMEMLOCK for system
- ansible.builtin.lineinfile:
- path: /etc/systemd/system.conf
- regexp: '^DefaultLimitMEMLOCK='
- line: 'DefaultLimitMEMLOCK=infinity'
- state: present
- notify:
- - Reload systemd
- - Restart containerd
-
- name: Force any restarts if necessary
ansible.builtin.meta: flush_handlers