Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flannel is broken in Clearlinux due to CNI directory setup in crio.conf #104

Closed
mcastelino opened this issue Jun 22, 2019 · 5 comments
Closed

Flannel is broken in Clearlinux due to CNI directory setup in crio.conf #104

mcastelino opened this issue Jun 22, 2019 · 5 comments
Assignees
@ahsan518

Comments

@mcastelino
Copy link
Contributor

Core DNS Pod logs

  Warning  FailedCreatePodSandBox  98s                    kubelet, clr-02    Failed create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_coredns-fb8b8dccf-9fpfn_kube-system_50f10a4d-947c-11e9-9e0f-52540041e026_0(fd2c062948fa94deb8214b9c088acbe3a6f69dd2606f8261f56aae85209d876b): failed to find plugin "loopback" in path [/opt/cni/bin/ /opt/cni/bin/]

Clearlinux version

sudo swupd info
Installed version: 30030

CRIO Version

sudo crictl version
Version:  0.1.0
RuntimeName:  cri-o
RuntimeVersion:  1.14.4
RuntimeApiVersion:  v1alpha1

Root cause

# Paths to directories where CNI plugin binaries are located.
plugin_dirs = [
        "/usr/libexec/cni",
        "/opt/cni/bin/",
]

/usr/share/defaults/crio/crio.conf has the proper values, but /etc/crio/crio.conf is incorrect

It looks like based on which version of crio you were on. When clearlinux is updated from a version where crio did not support plugin_dirs list to one that did, the exiting /etc/crio/crio.conf will have the older value.

Hence on a crio update the user unfortunately needs to delete /etc/crio/crio.conf

Hence we should delete crio.conf and restart crio which will automatically setup crio based on latest values.
@mcastelino
Copy link
Contributor Author

/cc @bryteise @hnanni

@mythi
Copy link
Contributor

mythi commented Jun 24, 2019

@mcastelino

Hence we should delete crio.conf and restart crio which will automatically setup crio based on latest values.

I'd propose we first check can we get rid of kata-runtime adding a copy of crio.conf in /etc/crio to get to proper stateless. kata-runtime is now installed part of cloud-native-basic so also default crio.conf could assume kata is present. #89 is also relevant in that case.

@mcastelino
Copy link
Contributor Author

I'd propose we first check can we get rid of kata-runtime adding a copy of crio.conf in /etc/crio to get to proper stateless. kata-runtime is now installed part of cloud-native-basic so also default crio.conf could assume kata is present. #89 is also relevant in that case.

@mythi I agree. It does not hurt to have kata enabled in crio even if the system cannot launch kata (i.e. if VT-x is not enabled or not available). What makes the problem worse was the crio did not seem to output any failure logs. The kata binaries are present and the user may choose to enable VT-x at a later state. Also nothing prevents the user from disabling VT-x. So having kata presetup in the stateless crio.conf makes sense to me.

/cc @krsna1729

@NitinAtIntel NitinAtIntel self-assigned this Aug 12, 2019
@ahsan518 ahsan518 assigned ahsan518 and unassigned NitinAtIntel Aug 12, 2019
@ahsan518
Copy link
Contributor

ahsan518 commented Sep 18, 2019
edited
Loading

Tested this with Flannel and Crio, and this works fine. Testing Flannel with containerd, and seems like coredns service isn't starting, debugging it. Shall we add flannel to the CNI as well ? so the user have the option to use Flannel when desired.

@ahsan518 ahsan518 mentioned this issue Sep 23, 2019
Closed
@ahsan518
Copy link
Contributor

ahsan518 commented Oct 28, 2019
edited
Loading

Closing this as Flannel is merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ahsan518 ahsan518

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mythi @mcastelino @NitinAtIntel @ahsan518