Browse Source

Add configuration option for NRI in crio & containerd (#10454)

* [containerd] Add Configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtime like containerd. With this commit, we introduce the
containerd_disable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in containerd. In line with containerd's default
configuration, NRI is disabled by default in this containerd role
defaults.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>

* [cri-o] Add configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtimes like containerd/crio. With this commit, we introduce the
crio_enable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in cri-o runtime. In line with crio's default
configuration, NRI is disabled by default in this cri-o role
defaults.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>

---------

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
pull/10466/head
Feruzjon Muyassarov 1 year ago
committed by GitHub
parent
commit
f964b3438d
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 14 additions and 0 deletions
  1. 3
      roles/container-engine/containerd/defaults/main.yml
  2. 3
      roles/container-engine/containerd/templates/config.toml.j2
  3. 3
      roles/container-engine/cri-o/defaults/main.yml
  4. 5
      roles/container-engine/cri-o/templates/crio.conf.j2

3
roles/container-engine/containerd/defaults/main.yml

@ -64,6 +64,9 @@ containerd_enable_unprivileged_ports: false
# If enabled it will allow non root users to use icmp sockets
containerd_enable_unprivileged_icmp: false
# If enabled, it will activate the NRI support in containerd
containerd_nri_disable: true
containerd_cfg_dir: /etc/containerd
# Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally

3
roles/container-engine/containerd/templates/config.toml.j2

@ -78,6 +78,9 @@ oom_score = {{ containerd_oom_score }}
{% endif %}
{% endfor %}
[plugins."io.containerd.nri.v1.nri"]
disable = {{ containerd_nri_disable | default(true) | lower }}
{% if containerd_extra_args is defined %}
{{ containerd_extra_args }}
{% endif %}

3
roles/container-engine/cri-o/defaults/main.yml

@ -97,3 +97,6 @@ crio_man_files:
8:
- crio
- crio-status
# If set to true, it will enable the NRI support in cri-o
crio_enable_nri: false

5
roles/container-engine/cri-o/templates/crio.conf.j2

@ -376,3 +376,8 @@ enable_metrics = {{ crio_enable_metrics | bool | lower }}
# The port on which the metrics server will listen.
metrics_port = {{ crio_metrics_port }}
[crio.nri]
# Enable or disable NRI (Node Resource Interface) support in CRI-O.
enable_nri={{ crio_enable_nri | default(false) | lower }}
Loading…
Cancel
Save