monok8s/clitools/pkg/node/crio.go

package node

import (
	"context"
	"fmt"
	"os"
	"strings"
	"time"

	system "example.com/monok8s/pkg/system"
	"k8s.io/klog/v2"
)

const (
	storageConfPath = "/etc/containers/storage.conf"
)

func ConfigureDefaultCNI(ctx context.Context, n *NodeContext) error {
	_ = ctx

	const (
		cniDir       = "/etc/cni/net.d"
		enabledPath  = cniDir + "/10-crio-bridge.conflist"
		disabledPath = cniDir + "/10-crio-bridge.conflist.disabled"
	)

	plugin := strings.TrimSpace(n.Config.Spec.CNIPlugin)

	switch plugin {
	case "none":
		// Fail hard if we cannot ensure the default bridge CNI is disabled.
		if _, err := os.Stat(enabledPath); err == nil {
			if err := os.Rename(enabledPath, disabledPath); err != nil {
				return fmt.Errorf("disable default CRI-O bridge CNI: %w", err)
			}
		} else if !os.IsNotExist(err) {
			return fmt.Errorf("stat %s: %w", enabledPath, err)
		}

		klog.Infof("Default CRI-O bridge CNI disabled")
		return nil

	case "bridge":
		fallthrough
	case "default":
		// Fail soft. User can still install or provide their own CNI.
		if _, err := os.Stat(disabledPath); err == nil {
			if err := os.Rename(disabledPath, enabledPath); err != nil {
				klog.Warningf("failed enabling default CRI-O bridge CNI: %v", err)
				return nil
			}
		} else if !os.IsNotExist(err) {
			klog.Warningf("failed stating %s while enabling default CRI-O bridge CNI: %v", disabledPath, err)
			return nil
		}

		klog.Infof("Default CRI-O bridge CNI enabled")
		return nil

	}
	klog.Infof("unsupported CNIPlugin: %q", plugin)
	return nil
}

func StartCRIO(ctx context.Context, n *NodeContext) error {
	return system.EnsureServiceRunning(ctx, n.SystemRunner, "crio")
}

func RestartCRIO(ctx context.Context, nctx *NodeContext) error {
	_, err := nctx.SystemRunner.RunWithOptions(
		ctx,
		"rc-service",
		[]string{"crio", "restart"},
		system.RunOptions{
			Timeout:      60 * time.Second,
			OnStdoutLine: func(line string) { klog.Infof("[crio] %s", line) },
			OnStderrLine: func(line string) { klog.Infof("[crio] %s", line) },
		},
	)
	return err
}

func writeCRIOStorageConfig(ctx context.Context, nctx *NodeContext, altSource string) error {

	additionalStores := []string{
		"/usr/lib/monok8s/imagestore",
	}

	if altSource != "" {
		additionalStores = append(additionalStores, altSource)
	}

	var b strings.Builder
	b.WriteString("# Generated File. DO NOT MODIFY.\n")
	b.WriteString("[storage]\n")
	b.WriteString("driver = \"overlay\"\n")
	b.WriteString("runroot = \"/run/containers/storage\"\n")
	b.WriteString("graphroot = \"/var/lib/containers/storage\"\n\n")
	b.WriteString("[storage.options]\n")
	b.WriteString("additionalimagestores = [\n")
	for _, s := range additionalStores {
		b.WriteString(fmt.Sprintf("  %q,\n", s))
	}
	b.WriteString("]\n")

	content := b.String()

	path := storageConfPath
	tmp := path + ".tmp"
	if err := os.WriteFile(tmp, []byte(content), 0o644); err != nil {
		return fmt.Errorf("write temp storage.conf: %w", err)
	}
	if err := os.Rename(tmp, path); err != nil {
		_ = os.Remove(tmp)
		return fmt.Errorf("replace storage.conf: %w", err)
	}

	klog.InfoS("wrote CRI-O storage config", "path", path, "additionalImageStores", additionalStores)
	return nil
}