Merge pull request #4 from latchbio/aidan/kube-v1.22-upgrade

Aidan/kube v1.22 upgrade
latchbio · Jun 20, 2023 · b95b66a · b95b66a
2 parents c43eaca + e691aa1
commit b95b66a
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 33 deletions.
diff --git a/bootstrap.sh.patch b/bootstrap.sh.patch
@@ -1,10 +1,10 @@
---- bootstrap.sh	2023-02-27 11:24:38.000000000 -0800
-+++ bootstrap.patched.sh	2023-02-27 11:24:32.000000000 -0800
+--- bootstrap.sh	2023-06-14 19:28:47.000000000 -0700
++++ bootstrap.patched.sh	2023-06-17 13:22:55.000000000 -0700
 @@ -140,7 +140,7 @@
  API_RETRY_ATTEMPTS="${API_RETRY_ATTEMPTS:-3}"
  DOCKER_CONFIG_JSON="${DOCKER_CONFIG_JSON:-}"
  PAUSE_CONTAINER_VERSION="${PAUSE_CONTAINER_VERSION:-3.1-eksbuild.1}"
--CONTAINER_RUNTIME="dockerd"
+-CONTAINER_RUNTIME="containerd"
 +CONTAINER_RUNTIME="cri-o"
  IP_FAMILY="${IP_FAMILY:-}"
  SERVICE_IPV6_CIDR="${SERVICE_IPV6_CIDR:-}"
@@ -14,22 +14,22 @@
      snap set kubelet-eks \
  	container-runtime=docker
 +elif [[ "$CONTAINER_RUNTIME" = "cri-o" ]]; then
-+    echo "Container runtime is CRI-O"
-+    snap set kubelet-eks \
-+        container-runtime=remote \
-+        container-runtime-endpoint=unix:///var/run/crio/crio.sock
-+    dasel put \
-+      string \
-+      --parser toml \
-+      --file /etc/crio/crio.conf \
-+      --selector 'crio.image.pause_image' \
-+      "${PAUSE_CONTAINER}"
-+    rm --force /run/dockershim.sock
-+    ln -sf /run/crio/crio.sock /run/dockershim.sock
++  echo "Container runtime is CRI-O"
++  snap set kubelet-eks \
++      container-runtime=remote \
++      container-runtime-endpoint=unix:///var/run/crio/crio.sock
++  dasel put \
++    string \
++    --parser toml \
++    --file /etc/crio/crio.conf \
++    --selector 'crio.image.pause_image' \
++    "${PAUSE_CONTAINER}"
++  rm --force /run/dockershim.sock
++  ln -sf /run/crio/crio.sock /run/dockershim.sock
  else
 -    echo "Container runtime ${CONTAINER_RUNTIME} is not supported."
 -    exit 1
-+    echo "Custom container runtime."
++  echo "Custom container runtime."
  fi
 
  echo "Configuring kubelet snap"
diff --git a/sysbox-eks.pkr.hcl b/sysbox-eks.pkr.hcl
@@ -20,7 +20,7 @@ variable "sysbox_version" {
 
 variable "k8s_version" {
   type    = string
-  default = "1.21"
+  default = "1.22"
 
   validation {
     condition     = can(regex("^\\d+\\.\\d+$", var.k8s_version))
@@ -38,7 +38,7 @@ packer {
 }
 
 source "amazon-ebs" "ubuntu-eks" {
-  ami_name        = "latch-bio/sysbox-eks_${var.sysbox_version}_patch-1/k8s_${var.k8s_version}/images/hvm-ssd/ubuntu-${var.ubuntu_version}-amd64-server"
+  ami_name        = "latch-bio/sysbox-eks_${var.sysbox_version}_patch-1/k8s_${var.k8s_version}/images/hvm-ssd/ubuntu-${var.ubuntu_version}-amd64-server-rev-0"
   ami_description = "Latch Bio, Sysbox EKS Node (k8s_${var.k8s_version}), on Ubuntu ${var.ubuntu_version}, amd64 image"
 
   tags = {
@@ -81,19 +81,7 @@ build {
       "set -o pipefail -o errexit",
 
       "echo Updating apt",
-      "sudo apt-get update",
-    ]
-  }
-
-  provisioner "shell" {
-    inline_shebang = "/usr/bin/env bash"
-    inline = [
-      "set -o pipefail -o errexit",
-
-      "echo '>>> Docker bridge config'",
-      # Supplying both bridge (`-b`) and `-bip` causes Docker to crash later
-      "sudo sed -i '/\"bridge\": \"none\",/d' /etc/docker/daemon.json",
-      "sudo systemctl start docker"
+      "sudo apt-get update -y",
     ]
   }
 
@@ -131,7 +119,8 @@ build {
       "echo '>>> Shiftfs'",
 
       "echo Installing dependencies",
-      "sudo apt-get install --yes --no-install-recommends make dkms",
+      "sudo apt-get update",
+      "sudo apt-get install --yes --no-install-recommends make dkms git",
 
       "echo Detecting kernel version to determine the correct branch",
       "export kernel_version=\"$(uname -r | sed --regexp-extended 's/([0-9]+\\.[0-9]+).*/\\1/g')\"",
@@ -223,7 +212,7 @@ build {
       "sudo apt-get install --yes --no-install-recommends golang-go libgpgme-dev",
 
       "echo Cloning the patched CRI-O repository",
-      "git clone --branch v1.21-sysbox --depth 1 --shallow-submodules https://github.com/nestybox/cri-o.git cri-o",
+      "git clone --branch v1.22-sysbox --depth 1 --shallow-submodules https://github.com/nestybox/cri-o.git cri-o",
 
       "echo Building",
       "cd cri-o",
@@ -313,4 +302,15 @@ build {
       "sudo rm -r /etc/cni/net.d/",
     ]
   }
+
+  # https://github.com/containers/podman/issues/11745
+  provisioner "shell" {
+    inline_shebang = "/usr/bin/env bash"
+    inline = [
+      "set -o pipefail -o errexit",
+
+      "echo '>>> Disabling `[machine]` key in /usr/share/containers/containers.conf'",
+      "sudo perl -i -pe 's/^\\[machine\\]/#$&/' /usr/share/containers/containers.conf",
+    ]
+  }
 }