From 16d29398ad6adac36b53a827213044133eb36280 Mon Sep 17 00:00:00 2001 From: Brad Davidson Date: Tue, 5 Dec 2023 18:16:22 +0000 Subject: [PATCH] Move registries.yaml load into agent config Moving it into config.Agent so that we can use or modify it outside the context of containerd setup Signed-off-by: Brad Davidson --- pkg/agent/config/config.go | 8 +++++++- pkg/agent/containerd/config_linux.go | 8 +------- pkg/agent/containerd/config_windows.go | 8 +------- pkg/daemons/config/types.go | 3 ++- 4 files changed, 11 insertions(+), 16 deletions(-) diff --git a/pkg/agent/config/config.go b/pkg/agent/config/config.go index e8df928c14..e4a9d54613 100644 --- a/pkg/agent/config/config.go +++ b/pkg/agent/config/config.go @@ -30,6 +30,7 @@ import ( "github.com/k3s-io/k3s/pkg/version" "github.com/k3s-io/k3s/pkg/vpn" "github.com/pkg/errors" + "github.com/rancher/wharfie/pkg/registries" "github.com/rancher/wrangler/pkg/slice" "github.com/sirupsen/logrus" "k8s.io/apimachinery/pkg/util/json" @@ -663,7 +664,6 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N nodeConfig.AgentConfig.NodeLabels = envInfo.Labels nodeConfig.AgentConfig.ImageCredProvBinDir = envInfo.ImageCredProvBinDir nodeConfig.AgentConfig.ImageCredProvConfig = envInfo.ImageCredProvConfig - nodeConfig.AgentConfig.PrivateRegistry = envInfo.PrivateRegistry nodeConfig.AgentConfig.DisableCCM = controlConfig.DisableCCM nodeConfig.AgentConfig.DisableNPC = controlConfig.DisableNPC nodeConfig.AgentConfig.Rootless = envInfo.Rootless @@ -675,6 +675,12 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N nodeConfig.AgentConfig.LogFile = cmds.LogConfig.LogFile nodeConfig.AgentConfig.AlsoLogToStderr = cmds.LogConfig.AlsoLogToStderr + privRegistries, err := registries.GetPrivateRegistries(envInfo.PrivateRegistry) + if err != nil { + return nil, err + } + nodeConfig.AgentConfig.Registry = privRegistries.Registry + if err := validateNetworkConfig(nodeConfig); err != nil { return nil, err } diff --git a/pkg/agent/containerd/config_linux.go b/pkg/agent/containerd/config_linux.go index 5750844c0c..a60e7309e5 100644 --- a/pkg/agent/containerd/config_linux.go +++ b/pkg/agent/containerd/config_linux.go @@ -18,7 +18,6 @@ import ( "github.com/k3s-io/k3s/pkg/version" "github.com/opencontainers/runc/libcontainer/userns" "github.com/pkg/errors" - "github.com/rancher/wharfie/pkg/registries" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" "k8s.io/kubernetes/pkg/kubelet/util" @@ -40,11 +39,6 @@ func getContainerdArgs(cfg *config.Node) []string { // setupContainerdConfig generates the containerd.toml, using a template combined with various // runtime configurations and registry mirror settings provided by the administrator. func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { - privRegistries, err := registries.GetPrivateRegistries(cfg.AgentConfig.PrivateRegistry) - if err != nil { - return err - } - isRunningInUserNS := userns.RunningInUserNS() _, _, controllers := cgroups.CheckCgroups() // "/sys/fs/cgroup" is namespaced @@ -72,7 +66,7 @@ func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { SystemdCgroup: cfg.AgentConfig.Systemd, IsRunningInUserNS: isRunningInUserNS, EnableUnprivileged: kernel.CheckKernelVersion(4, 11, 0), - PrivateRegistryConfig: privRegistries.Registry, + PrivateRegistryConfig: cfg.AgentConfig.Registry, ExtraRuntimes: extraRuntimes, Program: version.Program, NoDefaultEndpoint: cfg.Containerd.NoDefault, diff --git a/pkg/agent/containerd/config_windows.go b/pkg/agent/containerd/config_windows.go index f4826391e8..8c1fa0b166 100644 --- a/pkg/agent/containerd/config_windows.go +++ b/pkg/agent/containerd/config_windows.go @@ -11,7 +11,6 @@ import ( "github.com/k3s-io/k3s/pkg/daemons/config" util3 "github.com/k3s-io/k3s/pkg/util" "github.com/pkg/errors" - "github.com/rancher/wharfie/pkg/registries" "github.com/sirupsen/logrus" "k8s.io/kubernetes/pkg/kubelet/util" ) @@ -27,11 +26,6 @@ func getContainerdArgs(cfg *config.Node) []string { // setupContainerdConfig generates the containerd.toml, using a template combined with various // runtime configurations and registry mirror settings provided by the administrator. func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { - privRegistries, err := registries.GetPrivateRegistries(cfg.AgentConfig.PrivateRegistry) - if err != nil { - return err - } - if cfg.SELinux { logrus.Warn("SELinux isn't supported on windows") } @@ -41,7 +35,7 @@ func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { DisableCgroup: true, SystemdCgroup: false, IsRunningInUserNS: false, - PrivateRegistryConfig: privRegistries.Registry, + PrivateRegistryConfig: cfg.AgentConfig.Registry, NoDefaultEndpoint: cfg.Containerd.NoDefault, } diff --git a/pkg/daemons/config/types.go b/pkg/daemons/config/types.go index 00204a787f..5fd9a74140 100644 --- a/pkg/daemons/config/types.go +++ b/pkg/daemons/config/types.go @@ -12,6 +12,7 @@ import ( "github.com/k3s-io/k3s/pkg/generated/controllers/k3s.cattle.io" "github.com/k3s-io/kine/pkg/endpoint" + "github.com/rancher/wharfie/pkg/registries" "github.com/rancher/wrangler/pkg/generated/controllers/core" "github.com/rancher/wrangler/pkg/leader" utilnet "k8s.io/apimachinery/pkg/util/net" @@ -121,7 +122,7 @@ type Agent struct { ImageCredProvConfig string IPSECPSK string FlannelCniConfFile string - PrivateRegistry string + Registry *registries.Registry SystemDefaultRegistry string AirgapExtraRegistry []string DisableCCM bool