From b8fc930425bc9ede4007186b163749b538b57c9c Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 16 May 2023 08:44:59 +0200 Subject: kubernetes: force cri sandbox image --- roles/kubernetes/base/defaults/main.yml | 2 ++ roles/kubernetes/base/tasks/cri_containerd.yml | 1 + roles/kubernetes/base/templates/cri-docker.service.j2 | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) (limited to 'roles/kubernetes/base') diff --git a/roles/kubernetes/base/defaults/main.yml b/roles/kubernetes/base/defaults/main.yml index af48181c..2b69fb5e 100644 --- a/roles/kubernetes/base/defaults/main.yml +++ b/roles/kubernetes/base/defaults/main.yml @@ -1,2 +1,4 @@ --- kubernetes_cri_tools_pkg_version: "{{ ([0, 1] | map('extract', kubernetes_version.split('.'))) | join('.') }}.0-00" + +kubernetes_cri_sandbox_image: "registry.k8s.io/pause:3.9" diff --git a/roles/kubernetes/base/tasks/cri_containerd.yml b/roles/kubernetes/base/tasks/cri_containerd.yml index e13799b0..cf8adc4e 100644 --- a/roles/kubernetes/base/tasks/cri_containerd.yml +++ b/roles/kubernetes/base/tasks/cri_containerd.yml @@ -11,6 +11,7 @@ plugins: "io.containerd.grpc.v1.cri": disable_apparmor: true + sandbox_image: "{{ kubernetes_cri_sandbox_image }}" containerd: runtimes: runc: diff --git a/roles/kubernetes/base/templates/cri-docker.service.j2 b/roles/kubernetes/base/templates/cri-docker.service.j2 index 14f21a7c..2ccdc5bc 100644 --- a/roles/kubernetes/base/templates/cri-docker.service.j2 +++ b/roles/kubernetes/base/templates/cri-docker.service.j2 @@ -9,7 +9,7 @@ StartLimitIntervalSec=60s [Service] Type=notify -ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-conf-dir=/etc/cni/net.d +ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-conf-dir=/etc/cni/net.d --pod-infra-container-image "{{ kubernetes_cri_sandbox_image }}" ExecReload=/bin/kill -s HUP $MAINPID TimeoutSec=0 RestartSec=2 -- cgit v1.2.3