From c3245b796a4917a2fd807db30ed090bd263f5569 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 14 May 2019 17:48:20 +0000 Subject: [PATCH] controller: Just sanity check templates, don't copy all of them We haven't changed how the renderer works in forever, but a lot of people keep changing the templates. This causes pointless churn in the test data and makes changing the templates unnecessarily painful. Further, I want to change how the rendering works to inherit from a common base, and having the unit test code also parsing the templates is problematic. Let's just sanity check that we have the pull secret and kubelet unit. --- pkg/controller/template/render_test.go | 104 ++++++++---------- pkg/controller/template/test_data/README.md | 7 -- .../00-master/aws/files/-etc-etcd-etcd.conf | 6 - .../aws/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - ...-etc-kubernetes-manifests-etcd-member.yaml | 6 - ...es-static-pod-resources-etcd-member-ca.crt | 6 - ...ic-pod-resources-etcd-member-metric-ca.crt | 6 - ...atic-pod-resources-etcd-member-root-ca.crt | 6 - .../aws/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../aws/files/-var-lib-kubelet-config.json | 6 - .../libvirt/files/-etc-etcd-etcd.conf | 6 - .../libvirt/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - ...-etc-kubernetes-manifests-etcd-member.yaml | 6 - ...es-static-pod-resources-etcd-member-ca.crt | 6 - ...ic-pod-resources-etcd-member-metric-ca.crt | 6 - ...atic-pod-resources-etcd-member-root-ca.crt | 6 - .../libvirt/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../00-master/none/files/-etc-etcd-etcd.conf | 6 - .../none/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - ...-etc-kubernetes-manifests-etcd-member.yaml | 6 - ...es-static-pod-resources-etcd-member-ca.crt | 6 - ...ic-pod-resources-etcd-member-metric-ca.crt | 6 - ...atic-pod-resources-etcd-member-root-ca.crt | 6 - .../none/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../none/files/-var-lib-kubelet-config.json | 6 - .../openstack/files/-etc-etcd-etcd.conf | 6 - .../openstack/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - ...-etc-kubernetes-manifests-etcd-member.yaml | 6 - ...es-static-pod-resources-etcd-member-ca.crt | 6 - ...ic-pod-resources-etcd-member-metric-ca.crt | 6 - ...atic-pod-resources-etcd-member-root-ca.crt | 6 - .../files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../vsphere/files/-etc-etcd-etcd.conf | 6 - .../vsphere/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - ...-etc-kubernetes-manifests-etcd-member.yaml | 6 - ...es-static-pod-resources-etcd-member-ca.crt | 6 - ...ic-pod-resources-etcd-member-metric-ca.crt | 6 - ...atic-pod-resources-etcd-member-root-ca.crt | 6 - .../vsphere/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../aws/files/-etc-containers-registries.conf | 6 - .../aws/files/-etc-containers-storage.conf | 6 - .../aws/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../libvirt/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../none/files/-etc-containers-storage.conf | 6 - .../none/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../openstack/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../vsphere/files/-etc-crio-crio.conf | 6 - .../aws/files/-etc-kubernetes-cloud.conf | 6 - .../aws/files/-etc-kubernetes-kubelet.conf | 6 - .../aws/units/kubelet.service | 39 ------- .../libvirt/files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../libvirt/units/kubelet.service | 39 ------- .../none/files/-etc-kubernetes-cloud.conf | 6 - .../none/files/-etc-kubernetes-kubelet.conf | 6 - .../none/units/kubelet.service | 39 ------- .../files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../openstack/units/kubelet.service | 34 ------ .../vsphere/files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../vsphere/units/kubelet.service | 39 ------- .../aws/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - .../aws/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../aws/files/-var-lib-kubelet-config.json | 6 - .../libvirt/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - .../libvirt/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../none/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - .../none/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../none/files/-var-lib-kubelet-config.json | 6 - .../openstack/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - .../files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../vsphere/files/-etc-kubernetes-ca.crt | 6 - ...ernetes-kubelet-plugins-volume-exec-.dummy | 6 - .../vsphere/files/-etc-sysctl.d-forward.conf | 6 - ...systemd-system.conf.d-kubelet-cgroups.conf | 6 - .../files/-etc-tmpfiles.d-cleanup-cni.conf | 6 - .../files/-var-lib-kubelet-config.json | 6 - .../aws/files/-etc-containers-registries.conf | 6 - .../aws/files/-etc-containers-storage.conf | 6 - .../aws/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../libvirt/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../none/files/-etc-containers-storage.conf | 6 - .../none/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../openstack/files/-etc-crio-crio.conf | 6 - .../files/-etc-containers-registries.conf | 6 - .../files/-etc-containers-storage.conf | 6 - .../vsphere/files/-etc-crio-crio.conf | 6 - .../aws/files/-etc-kubernetes-cloud.conf | 6 - .../aws/files/-etc-kubernetes-kubelet.conf | 6 - .../aws/units/kubelet.service | 37 ------- .../libvirt/files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../libvirt/units/kubelet.service | 37 ------- .../none/files/-etc-kubernetes-cloud.conf | 6 - .../none/files/-etc-kubernetes-kubelet.conf | 6 - .../none/units/kubelet.service | 37 ------- .../files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../openstack/units/kubelet.service | 32 ------ .../vsphere/files/-etc-kubernetes-cloud.conf | 6 - .../files/-etc-kubernetes-kubelet.conf | 6 - .../vsphere/units/kubelet.service | 37 ------- 147 files changed, 43 insertions(+), 1248 deletions(-) delete mode 100644 pkg/controller/template/test_data/README.md delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-etcd-etcd.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-manifests-etcd-member.yaml delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/aws/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-etcd-etcd.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-manifests-etcd-member.yaml delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-etcd-etcd.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-manifests-etcd-member.yaml delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/none/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-etcd-etcd.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-manifests-etcd-member.yaml delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/openstack/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-etcd-etcd.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-manifests-etcd-member.yaml delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/none/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/none/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-ca.crt delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-sysctl.d-forward.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-var-lib-kubelet-config.json delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-registries.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-storage.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-crio-crio.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/units/kubelet.service delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-cloud.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf delete mode 100644 pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/units/kubelet.service diff --git a/pkg/controller/template/render_test.go b/pkg/controller/template/render_test.go index 7fec125a23..a60a028796 100644 --- a/pkg/controller/template/render_test.go +++ b/pkg/controller/template/render_test.go @@ -2,25 +2,18 @@ package template import ( "bytes" - "encoding/json" "flag" "fmt" "io/ioutil" "os" "path/filepath" - "strings" "testing" ignv2_2types "github.com/coreos/ignition/config/v2_2/types" - "github.com/ghodss/yaml" mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" "k8s.io/client-go/kubernetes/scheme" ) -var ( - updateGoldenFiles = flag.Bool("u", false, "If set to True, the tests will update the golden files before testing.") -) - func TestMain(m *testing.M) { flag.Parse() os.Exit(m.Run()) @@ -271,7 +264,7 @@ func TestInvalidPlatform(t *testing.T) { } func TestGenerateMachineConfigs(t *testing.T) { - for platform, config := range configs { + for _, config := range configs { controllerConfig, err := controllerConfigFromFile(config) if err != nil { t.Fatalf("failed to get controllerconfig config: %v", err) @@ -282,6 +275,11 @@ func TestGenerateMachineConfigs(t *testing.T) { t.Fatalf("failed to generate machine configs: %v", err) } + foundPullSecretMaster := false + foundPullSecretWorker := false + foundKubeletUnitMaster := false + foundKubeletUnitWorker := false + for _, cfg := range cfgs { if cfg.Labels == nil { t.Fatal("non-nil labels expected") @@ -293,13 +291,37 @@ func TestGenerateMachineConfigs(t *testing.T) { } ign := cfg.Spec.Config - if len(ign.Storage.Files) > 0 { - verifyIgnFiles(ign.Storage.Files, filepath.Join(resultDir, role, cfg.Name, platform, "files"), *updateGoldenFiles, t) - } - if len(ign.Systemd.Units) > 0 { - verifyIgnUnits(ign.Systemd.Units, filepath.Join(resultDir, role, cfg.Name, platform, "units"), *updateGoldenFiles, t) + if role == "master" { + if !foundPullSecretMaster { + foundPullSecretMaster = findIgnFile(ign.Storage.Files, "/var/lib/kubelet/config.json", t) + } + if !foundKubeletUnitMaster { + foundKubeletUnitMaster = findIgnUnit(ign.Systemd.Units, "kubelet.service", t) + } + } else if role == "worker" { + if !foundPullSecretWorker { + foundPullSecretWorker = findIgnFile(ign.Storage.Files, "/var/lib/kubelet/config.json", t) + } + if !foundKubeletUnitWorker { + foundKubeletUnitWorker = findIgnUnit(ign.Systemd.Units, "kubelet.service", t) + } + } else { + t.Fatalf("Unknown role %s", role) } } + + if !foundPullSecretMaster { + t.Errorf("Failed to find pull secret for master") + } + if !foundKubeletUnitMaster { + t.Errorf("Failed to find kubelet unit") + } + if !foundPullSecretWorker { + t.Errorf("Failed to find pull secret") + } + if !foundKubeletUnitWorker { + t.Errorf("Failed to find kubelet unit") + } } } @@ -319,62 +341,22 @@ func controllerConfigFromFile(path string) (*mcfgv1.ControllerConfig, error) { return cc, nil } -func verifyIgnFiles(files []ignv2_2types.File, dir string, update bool, t *testing.T) { - var actual [][]byte - +func findIgnFile(files []ignv2_2types.File, path string, t *testing.T) bool { for _, f := range files { - j, err := json.MarshalIndent(f, "", " ") - if err != nil { - t.Fatalf("failed to marshal file: %v", err) - } - - data, err := yaml.JSONToYAML(j) - if err != nil { - t.Fatalf("failed to convert to yaml: %v", err) - } - - actual = append(actual, data) - - if update { - name := strings.Replace(f.Path, "/", "-", -1) - if err := os.MkdirAll(dir, 0755); err != nil { - t.Logf("error creating dir %s: %v", dir, err) - } - if err := ioutil.WriteFile(filepath.Join(dir, name), data, 0644); err != nil { - t.Logf("error writing ign unit %s to disk: %v", name, err) - } + if f.Path == path { + return true } } - - verifyIgn(actual, dir, t) + return false } -func verifyIgnUnits(units []ignv2_2types.Unit, dir string, update bool, t *testing.T) { - var actual [][]byte +func findIgnUnit(units []ignv2_2types.Unit, name string, t *testing.T) bool { for _, u := range units { - j, err := json.MarshalIndent(u, "", " ") - if err != nil { - t.Fatalf("failed to marshal file: %v", err) - } - - data, err := yaml.JSONToYAML(j) - if err != nil { - t.Fatalf("failed to convert to yaml: %v", err) - } - - actual = append(actual, data) - - if update { - if err := os.MkdirAll(dir, 0755); err != nil { - t.Logf("error creating dir %s: %v", dir, err) - } - if err := ioutil.WriteFile(filepath.Join(dir, u.Name), data, 0644); err != nil { - t.Logf("error writing ign unit %s to disk: %v", u.Name, err) - } + if u.Name == name { + return true } } - - verifyIgn(actual, dir, t) + return false } func verifyIgn(actual [][]byte, dir string, t *testing.T) { diff --git a/pkg/controller/template/test_data/README.md b/pkg/controller/template/test_data/README.md deleted file mode 100644 index c3e25c0adc..0000000000 --- a/pkg/controller/template/test_data/README.md +++ /dev/null @@ -1,7 +0,0 @@ -## Updating test data after making changes to original - -test data templates can be updated via: - -``` -go test ./pkg/controller/template/... -u -``` diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-etcd-etcd.conf b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-etcd-etcd.conf deleted file mode 100644 index f3291952a6..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-etcd-etcd.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%5Bmember%5D%0AETCD_SNAPSHOT_COUNT%3D100000%0AETCD_HEARTBEAT_INTERVAL%3D100%0AETCD_ELECTION_TIMEOUT%3D1000%0A%0A%23%5Bstorage%5D%0AETCD_QUOTA_BACKEND_BYTES%3D7516192768%0A%0A%23%5Blogging%5D%0AETCD_DEBUG%3Dfalse%0A%0A%23%5Bprofiling%5D%0AETCD_ENABLE_PPROF%3Dfalse%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/etcd/etcd.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-manifests-etcd-member.yaml b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-manifests-etcd-member.yaml deleted file mode 100644 index f5a049bbef..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-manifests-etcd-member.yaml +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,apiVersion%3A%20v1%0Akind%3A%20Pod%0Ametadata%3A%0A%20%20name%3A%20etcd-member%0A%20%20namespace%3A%20openshift-etcd%0A%20%20labels%3A%0A%20%20%20%20k8s-app%3A%20etcd%0Aspec%3A%0A%20%20initContainers%3A%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20image%3A%20%22image%2FsetupEtcdEnv%3A1%22%0A%20%20%20%20args%3A%0A%20%20%20%20-%20%22run%22%0A%20%20%20%20-%20%22--discovery-srv%3Dmy-test-cluster.installer.team.coreos.systems%22%0A%20%20%20%20-%20%22--output-file%3D%2Frun%2Fetcd%2Fenvironment%22%0A%20%20%20%20-%20%22--v%3D4%22%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20-%20name%3A%20certs%0A%20%20%20%20image%3A%20%22image%2FkubeClientAgentImage%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euxo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-servers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%2C127.0.0.1%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-peers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3D%24%7BETCD_DNS_NAME%7D%2Cmy-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-metrics%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20containers%3A%0A%20%20-%20name%3A%20etcd-member%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20set%20-a%0A%20%20%20%20%20%20source%20%2Fetc%2Fetcd%2Fetcd.conf%0A%20%20%20%20%20%20set%20%2Ba%0A%0A%20%20%20%20%20%20exec%20etcd%20%5C%0A%20%20%20%20%20%20%20%20--discovery-srv%20my-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20--initial-advertise-peer-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--peer-cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--peer-trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--advertise-client-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-client-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-peer-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--listen-metrics-urls%3Dhttps%3A%2F%2F0.0.0.0%3A9978%20%5C%0A%20%20%20%20resources%3A%0A%20%20%20%20%20%20requests%3A%0A%20%20%20%20%20%20%20%20memory%3A%20600Mi%0A%20%20%20%20%20%20%20%20cpu%3A%20300m%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20data-dir%0A%20%20%20%20%20%20mountPath%3A%20%2Fvar%2Flib%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20conf%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fetcd%2F%0A%0A%20%20%20%20env%3A%0A%20%20%20%20-%20name%3A%20ETCD_DATA_DIR%0A%20%20%20%20%20%20value%3A%20%22%2Fvar%2Flib%2Fetcd%22%0A%20%20%20%20-%20name%3A%20ETCD_NAME%0A%20%20%20%20%20%20valueFrom%3A%0A%20%20%20%20%20%20%20%20fieldRef%3A%0A%20%20%20%20%20%20%20%20%20%20fieldPath%3A%20metadata.name%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20peer%0A%20%20%20%20%20%20containerPort%3A%202380%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20%20%20-%20name%3A%20server%0A%20%20%20%20%20%20containerPort%3A%202379%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20-%20name%3A%20etcd-metrics%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20exec%20etcd%20grpc-proxy%20start%20%5C%0A%20%20%20%20%20%20%20%20--endpoints%20https%3A%2F%2F%24%7BETCD_DNS_NAME%7D%3A9978%20%5C%0A%20%20%20%20%20%20%20%20--metrics-addr%20https%3A%2F%2F0.0.0.0%3A9979%20%5C%0A%20%20%20%20%20%20%20%20--listen-addr%20127.0.0.1%3A9977%20%5C%0A%20%20%20%20%20%20%20%20--key%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--key-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--cert%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cacert%20%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%20%2Fetc%2Fssl%2Fetcd%2Fmetric-ca.crt%20%5C%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20metric%0A%20%20%20%20%20%20containerPort%3A%209979%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20hostNetwork%3A%20true%0A%20%20priorityClassName%3A%20system-node-critical%0A%20%20tolerations%3A%0A%20%20-%20operator%3A%20%22Exists%22%0A%20%20restartPolicy%3A%20Always%0A%20%20volumes%3A%0A%20%20-%20name%3A%20certs%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fstatic-pod-resources%2Fetcd-member%0A%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Frun%2Fetcd%0A%20%20-%20name%3A%20data-dir%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fvar%2Flib%2Fetcd%0A%20%20-%20name%3A%20conf%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fetcd%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/manifests/etcd-member.yaml diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt deleted file mode 100644 index 32bcd5d94d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20etcd-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt deleted file mode 100644 index 6e8086dd19..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/metric-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt deleted file mode 100644 index cb1bec649c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/root-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/master/00-master/aws/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/aws/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-etcd-etcd.conf b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-etcd-etcd.conf deleted file mode 100644 index f3291952a6..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-etcd-etcd.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%5Bmember%5D%0AETCD_SNAPSHOT_COUNT%3D100000%0AETCD_HEARTBEAT_INTERVAL%3D100%0AETCD_ELECTION_TIMEOUT%3D1000%0A%0A%23%5Bstorage%5D%0AETCD_QUOTA_BACKEND_BYTES%3D7516192768%0A%0A%23%5Blogging%5D%0AETCD_DEBUG%3Dfalse%0A%0A%23%5Bprofiling%5D%0AETCD_ENABLE_PPROF%3Dfalse%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/etcd/etcd.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-manifests-etcd-member.yaml b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-manifests-etcd-member.yaml deleted file mode 100644 index f5a049bbef..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-manifests-etcd-member.yaml +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,apiVersion%3A%20v1%0Akind%3A%20Pod%0Ametadata%3A%0A%20%20name%3A%20etcd-member%0A%20%20namespace%3A%20openshift-etcd%0A%20%20labels%3A%0A%20%20%20%20k8s-app%3A%20etcd%0Aspec%3A%0A%20%20initContainers%3A%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20image%3A%20%22image%2FsetupEtcdEnv%3A1%22%0A%20%20%20%20args%3A%0A%20%20%20%20-%20%22run%22%0A%20%20%20%20-%20%22--discovery-srv%3Dmy-test-cluster.installer.team.coreos.systems%22%0A%20%20%20%20-%20%22--output-file%3D%2Frun%2Fetcd%2Fenvironment%22%0A%20%20%20%20-%20%22--v%3D4%22%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20-%20name%3A%20certs%0A%20%20%20%20image%3A%20%22image%2FkubeClientAgentImage%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euxo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-servers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%2C127.0.0.1%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-peers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3D%24%7BETCD_DNS_NAME%7D%2Cmy-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-metrics%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20containers%3A%0A%20%20-%20name%3A%20etcd-member%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20set%20-a%0A%20%20%20%20%20%20source%20%2Fetc%2Fetcd%2Fetcd.conf%0A%20%20%20%20%20%20set%20%2Ba%0A%0A%20%20%20%20%20%20exec%20etcd%20%5C%0A%20%20%20%20%20%20%20%20--discovery-srv%20my-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20--initial-advertise-peer-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--peer-cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--peer-trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--advertise-client-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-client-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-peer-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--listen-metrics-urls%3Dhttps%3A%2F%2F0.0.0.0%3A9978%20%5C%0A%20%20%20%20resources%3A%0A%20%20%20%20%20%20requests%3A%0A%20%20%20%20%20%20%20%20memory%3A%20600Mi%0A%20%20%20%20%20%20%20%20cpu%3A%20300m%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20data-dir%0A%20%20%20%20%20%20mountPath%3A%20%2Fvar%2Flib%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20conf%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fetcd%2F%0A%0A%20%20%20%20env%3A%0A%20%20%20%20-%20name%3A%20ETCD_DATA_DIR%0A%20%20%20%20%20%20value%3A%20%22%2Fvar%2Flib%2Fetcd%22%0A%20%20%20%20-%20name%3A%20ETCD_NAME%0A%20%20%20%20%20%20valueFrom%3A%0A%20%20%20%20%20%20%20%20fieldRef%3A%0A%20%20%20%20%20%20%20%20%20%20fieldPath%3A%20metadata.name%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20peer%0A%20%20%20%20%20%20containerPort%3A%202380%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20%20%20-%20name%3A%20server%0A%20%20%20%20%20%20containerPort%3A%202379%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20-%20name%3A%20etcd-metrics%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20exec%20etcd%20grpc-proxy%20start%20%5C%0A%20%20%20%20%20%20%20%20--endpoints%20https%3A%2F%2F%24%7BETCD_DNS_NAME%7D%3A9978%20%5C%0A%20%20%20%20%20%20%20%20--metrics-addr%20https%3A%2F%2F0.0.0.0%3A9979%20%5C%0A%20%20%20%20%20%20%20%20--listen-addr%20127.0.0.1%3A9977%20%5C%0A%20%20%20%20%20%20%20%20--key%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--key-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--cert%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cacert%20%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%20%2Fetc%2Fssl%2Fetcd%2Fmetric-ca.crt%20%5C%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20metric%0A%20%20%20%20%20%20containerPort%3A%209979%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20hostNetwork%3A%20true%0A%20%20priorityClassName%3A%20system-node-critical%0A%20%20tolerations%3A%0A%20%20-%20operator%3A%20%22Exists%22%0A%20%20restartPolicy%3A%20Always%0A%20%20volumes%3A%0A%20%20-%20name%3A%20certs%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fstatic-pod-resources%2Fetcd-member%0A%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Frun%2Fetcd%0A%20%20-%20name%3A%20data-dir%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fvar%2Flib%2Fetcd%0A%20%20-%20name%3A%20conf%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fetcd%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/manifests/etcd-member.yaml diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt deleted file mode 100644 index 32bcd5d94d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20etcd-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt deleted file mode 100644 index 6e8086dd19..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/metric-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt deleted file mode 100644 index cb1bec649c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/root-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/libvirt/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-etcd-etcd.conf b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-etcd-etcd.conf deleted file mode 100644 index f3291952a6..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-etcd-etcd.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%5Bmember%5D%0AETCD_SNAPSHOT_COUNT%3D100000%0AETCD_HEARTBEAT_INTERVAL%3D100%0AETCD_ELECTION_TIMEOUT%3D1000%0A%0A%23%5Bstorage%5D%0AETCD_QUOTA_BACKEND_BYTES%3D7516192768%0A%0A%23%5Blogging%5D%0AETCD_DEBUG%3Dfalse%0A%0A%23%5Bprofiling%5D%0AETCD_ENABLE_PPROF%3Dfalse%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/etcd/etcd.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-manifests-etcd-member.yaml b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-manifests-etcd-member.yaml deleted file mode 100644 index f5a049bbef..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-manifests-etcd-member.yaml +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,apiVersion%3A%20v1%0Akind%3A%20Pod%0Ametadata%3A%0A%20%20name%3A%20etcd-member%0A%20%20namespace%3A%20openshift-etcd%0A%20%20labels%3A%0A%20%20%20%20k8s-app%3A%20etcd%0Aspec%3A%0A%20%20initContainers%3A%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20image%3A%20%22image%2FsetupEtcdEnv%3A1%22%0A%20%20%20%20args%3A%0A%20%20%20%20-%20%22run%22%0A%20%20%20%20-%20%22--discovery-srv%3Dmy-test-cluster.installer.team.coreos.systems%22%0A%20%20%20%20-%20%22--output-file%3D%2Frun%2Fetcd%2Fenvironment%22%0A%20%20%20%20-%20%22--v%3D4%22%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20-%20name%3A%20certs%0A%20%20%20%20image%3A%20%22image%2FkubeClientAgentImage%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euxo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-servers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%2C127.0.0.1%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-peers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3D%24%7BETCD_DNS_NAME%7D%2Cmy-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-metrics%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20containers%3A%0A%20%20-%20name%3A%20etcd-member%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20set%20-a%0A%20%20%20%20%20%20source%20%2Fetc%2Fetcd%2Fetcd.conf%0A%20%20%20%20%20%20set%20%2Ba%0A%0A%20%20%20%20%20%20exec%20etcd%20%5C%0A%20%20%20%20%20%20%20%20--discovery-srv%20my-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20--initial-advertise-peer-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--peer-cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--peer-trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--advertise-client-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-client-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-peer-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--listen-metrics-urls%3Dhttps%3A%2F%2F0.0.0.0%3A9978%20%5C%0A%20%20%20%20resources%3A%0A%20%20%20%20%20%20requests%3A%0A%20%20%20%20%20%20%20%20memory%3A%20600Mi%0A%20%20%20%20%20%20%20%20cpu%3A%20300m%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20data-dir%0A%20%20%20%20%20%20mountPath%3A%20%2Fvar%2Flib%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20conf%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fetcd%2F%0A%0A%20%20%20%20env%3A%0A%20%20%20%20-%20name%3A%20ETCD_DATA_DIR%0A%20%20%20%20%20%20value%3A%20%22%2Fvar%2Flib%2Fetcd%22%0A%20%20%20%20-%20name%3A%20ETCD_NAME%0A%20%20%20%20%20%20valueFrom%3A%0A%20%20%20%20%20%20%20%20fieldRef%3A%0A%20%20%20%20%20%20%20%20%20%20fieldPath%3A%20metadata.name%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20peer%0A%20%20%20%20%20%20containerPort%3A%202380%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20%20%20-%20name%3A%20server%0A%20%20%20%20%20%20containerPort%3A%202379%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20-%20name%3A%20etcd-metrics%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20exec%20etcd%20grpc-proxy%20start%20%5C%0A%20%20%20%20%20%20%20%20--endpoints%20https%3A%2F%2F%24%7BETCD_DNS_NAME%7D%3A9978%20%5C%0A%20%20%20%20%20%20%20%20--metrics-addr%20https%3A%2F%2F0.0.0.0%3A9979%20%5C%0A%20%20%20%20%20%20%20%20--listen-addr%20127.0.0.1%3A9977%20%5C%0A%20%20%20%20%20%20%20%20--key%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--key-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--cert%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cacert%20%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%20%2Fetc%2Fssl%2Fetcd%2Fmetric-ca.crt%20%5C%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20metric%0A%20%20%20%20%20%20containerPort%3A%209979%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20hostNetwork%3A%20true%0A%20%20priorityClassName%3A%20system-node-critical%0A%20%20tolerations%3A%0A%20%20-%20operator%3A%20%22Exists%22%0A%20%20restartPolicy%3A%20Always%0A%20%20volumes%3A%0A%20%20-%20name%3A%20certs%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fstatic-pod-resources%2Fetcd-member%0A%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Frun%2Fetcd%0A%20%20-%20name%3A%20data-dir%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fvar%2Flib%2Fetcd%0A%20%20-%20name%3A%20conf%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fetcd%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/manifests/etcd-member.yaml diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt deleted file mode 100644 index 32bcd5d94d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20etcd-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt deleted file mode 100644 index 6e8086dd19..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/metric-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt deleted file mode 100644 index cb1bec649c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/root-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/none/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/master/00-master/none/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/none/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-etcd-etcd.conf b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-etcd-etcd.conf deleted file mode 100644 index f3291952a6..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-etcd-etcd.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%5Bmember%5D%0AETCD_SNAPSHOT_COUNT%3D100000%0AETCD_HEARTBEAT_INTERVAL%3D100%0AETCD_ELECTION_TIMEOUT%3D1000%0A%0A%23%5Bstorage%5D%0AETCD_QUOTA_BACKEND_BYTES%3D7516192768%0A%0A%23%5Blogging%5D%0AETCD_DEBUG%3Dfalse%0A%0A%23%5Bprofiling%5D%0AETCD_ENABLE_PPROF%3Dfalse%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/etcd/etcd.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-manifests-etcd-member.yaml b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-manifests-etcd-member.yaml deleted file mode 100644 index f5a049bbef..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-manifests-etcd-member.yaml +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,apiVersion%3A%20v1%0Akind%3A%20Pod%0Ametadata%3A%0A%20%20name%3A%20etcd-member%0A%20%20namespace%3A%20openshift-etcd%0A%20%20labels%3A%0A%20%20%20%20k8s-app%3A%20etcd%0Aspec%3A%0A%20%20initContainers%3A%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20image%3A%20%22image%2FsetupEtcdEnv%3A1%22%0A%20%20%20%20args%3A%0A%20%20%20%20-%20%22run%22%0A%20%20%20%20-%20%22--discovery-srv%3Dmy-test-cluster.installer.team.coreos.systems%22%0A%20%20%20%20-%20%22--output-file%3D%2Frun%2Fetcd%2Fenvironment%22%0A%20%20%20%20-%20%22--v%3D4%22%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20-%20name%3A%20certs%0A%20%20%20%20image%3A%20%22image%2FkubeClientAgentImage%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euxo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-servers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%2C127.0.0.1%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-peers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3D%24%7BETCD_DNS_NAME%7D%2Cmy-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-metrics%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20containers%3A%0A%20%20-%20name%3A%20etcd-member%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20set%20-a%0A%20%20%20%20%20%20source%20%2Fetc%2Fetcd%2Fetcd.conf%0A%20%20%20%20%20%20set%20%2Ba%0A%0A%20%20%20%20%20%20exec%20etcd%20%5C%0A%20%20%20%20%20%20%20%20--discovery-srv%20my-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20--initial-advertise-peer-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--peer-cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--peer-trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--advertise-client-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-client-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-peer-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--listen-metrics-urls%3Dhttps%3A%2F%2F0.0.0.0%3A9978%20%5C%0A%20%20%20%20resources%3A%0A%20%20%20%20%20%20requests%3A%0A%20%20%20%20%20%20%20%20memory%3A%20600Mi%0A%20%20%20%20%20%20%20%20cpu%3A%20300m%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20data-dir%0A%20%20%20%20%20%20mountPath%3A%20%2Fvar%2Flib%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20conf%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fetcd%2F%0A%0A%20%20%20%20env%3A%0A%20%20%20%20-%20name%3A%20ETCD_DATA_DIR%0A%20%20%20%20%20%20value%3A%20%22%2Fvar%2Flib%2Fetcd%22%0A%20%20%20%20-%20name%3A%20ETCD_NAME%0A%20%20%20%20%20%20valueFrom%3A%0A%20%20%20%20%20%20%20%20fieldRef%3A%0A%20%20%20%20%20%20%20%20%20%20fieldPath%3A%20metadata.name%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20peer%0A%20%20%20%20%20%20containerPort%3A%202380%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20%20%20-%20name%3A%20server%0A%20%20%20%20%20%20containerPort%3A%202379%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20-%20name%3A%20etcd-metrics%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20exec%20etcd%20grpc-proxy%20start%20%5C%0A%20%20%20%20%20%20%20%20--endpoints%20https%3A%2F%2F%24%7BETCD_DNS_NAME%7D%3A9978%20%5C%0A%20%20%20%20%20%20%20%20--metrics-addr%20https%3A%2F%2F0.0.0.0%3A9979%20%5C%0A%20%20%20%20%20%20%20%20--listen-addr%20127.0.0.1%3A9977%20%5C%0A%20%20%20%20%20%20%20%20--key%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--key-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--cert%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cacert%20%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%20%2Fetc%2Fssl%2Fetcd%2Fmetric-ca.crt%20%5C%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20metric%0A%20%20%20%20%20%20containerPort%3A%209979%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20hostNetwork%3A%20true%0A%20%20priorityClassName%3A%20system-node-critical%0A%20%20tolerations%3A%0A%20%20-%20operator%3A%20%22Exists%22%0A%20%20restartPolicy%3A%20Always%0A%20%20volumes%3A%0A%20%20-%20name%3A%20certs%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fstatic-pod-resources%2Fetcd-member%0A%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Frun%2Fetcd%0A%20%20-%20name%3A%20data-dir%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fvar%2Flib%2Fetcd%0A%20%20-%20name%3A%20conf%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fetcd%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/manifests/etcd-member.yaml diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt deleted file mode 100644 index 32bcd5d94d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20etcd-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt deleted file mode 100644 index 6e8086dd19..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/metric-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt deleted file mode 100644 index cb1bec649c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/root-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/openstack/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-etcd-etcd.conf b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-etcd-etcd.conf deleted file mode 100644 index f3291952a6..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-etcd-etcd.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%5Bmember%5D%0AETCD_SNAPSHOT_COUNT%3D100000%0AETCD_HEARTBEAT_INTERVAL%3D100%0AETCD_ELECTION_TIMEOUT%3D1000%0A%0A%23%5Bstorage%5D%0AETCD_QUOTA_BACKEND_BYTES%3D7516192768%0A%0A%23%5Blogging%5D%0AETCD_DEBUG%3Dfalse%0A%0A%23%5Bprofiling%5D%0AETCD_ENABLE_PPROF%3Dfalse%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/etcd/etcd.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-manifests-etcd-member.yaml b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-manifests-etcd-member.yaml deleted file mode 100644 index f5a049bbef..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-manifests-etcd-member.yaml +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,apiVersion%3A%20v1%0Akind%3A%20Pod%0Ametadata%3A%0A%20%20name%3A%20etcd-member%0A%20%20namespace%3A%20openshift-etcd%0A%20%20labels%3A%0A%20%20%20%20k8s-app%3A%20etcd%0Aspec%3A%0A%20%20initContainers%3A%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20image%3A%20%22image%2FsetupEtcdEnv%3A1%22%0A%20%20%20%20args%3A%0A%20%20%20%20-%20%22run%22%0A%20%20%20%20-%20%22--discovery-srv%3Dmy-test-cluster.installer.team.coreos.systems%22%0A%20%20%20%20-%20%22--output-file%3D%2Frun%2Fetcd%2Fenvironment%22%0A%20%20%20%20-%20%22--v%3D4%22%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20-%20name%3A%20certs%0A%20%20%20%20image%3A%20%22image%2FkubeClientAgentImage%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euxo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-servers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%2C127.0.0.1%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-peers%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3D%24%7BETCD_DNS_NAME%7D%2Cmy-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20%20%20%5B%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20-a%20%5C%0A%20%20%20%20%20%20%20%20-e%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5D%20%7C%7C%20%5C%0A%20%20%20%20%20%20%20%20kube-client-agent%20%5C%0A%20%20%20%20%20%20%20%20%20%20request%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--kubeconfig%3D%2Fetc%2Fkubernetes%2Fkubeconfig%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--orgname%3Dsystem%3Aetcd-metrics%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--assetsdir%3D%2Fetc%2Fssl%2Fetcd%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--dnsnames%3Dlocalhost%2Cetcd.kube-system.svc%2Cetcd.kube-system.svc.cluster.local%2Cetcd.openshift-etcd.svc%2Cetcd.openshift-etcd.svc.cluster.local%2C%24%7BETCD_WILDCARD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--commonname%3Dsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D%20%5C%0A%20%20%20%20%20%20%20%20%20%20%20%20--ipaddrs%3D%24%7BETCD_IPV4_ADDRESS%7D%20%5C%0A%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20containers%3A%0A%20%20-%20name%3A%20etcd-member%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20set%20-a%0A%20%20%20%20%20%20source%20%2Fetc%2Fetcd%2Fetcd.conf%0A%20%20%20%20%20%20set%20%2Ba%0A%0A%20%20%20%20%20%20exec%20etcd%20%5C%0A%20%20%20%20%20%20%20%20--discovery-srv%20my-test-cluster.installer.team.coreos.systems%20%5C%0A%20%20%20%20%20%20%20%20--initial-advertise-peer-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-server%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--peer-cert-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-key-file%3D%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--peer-trusted-ca-file%3D%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--peer-client-cert-auth%3Dtrue%20%5C%0A%20%20%20%20%20%20%20%20--advertise-client-urls%3Dhttps%3A%2F%2F%24%7BETCD_IPV4_ADDRESS%7D%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-client-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2379%20%5C%0A%20%20%20%20%20%20%20%20--listen-peer-urls%3Dhttps%3A%2F%2F0.0.0.0%3A2380%20%5C%0A%20%20%20%20%20%20%20%20--listen-metrics-urls%3Dhttps%3A%2F%2F0.0.0.0%3A9978%20%5C%0A%20%20%20%20resources%3A%0A%20%20%20%20%20%20requests%3A%0A%20%20%20%20%20%20%20%20memory%3A%20600Mi%0A%20%20%20%20%20%20%20%20cpu%3A%20300m%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20data-dir%0A%20%20%20%20%20%20mountPath%3A%20%2Fvar%2Flib%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20conf%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fetcd%2F%0A%0A%20%20%20%20env%3A%0A%20%20%20%20-%20name%3A%20ETCD_DATA_DIR%0A%20%20%20%20%20%20value%3A%20%22%2Fvar%2Flib%2Fetcd%22%0A%20%20%20%20-%20name%3A%20ETCD_NAME%0A%20%20%20%20%20%20valueFrom%3A%0A%20%20%20%20%20%20%20%20fieldRef%3A%0A%20%20%20%20%20%20%20%20%20%20fieldPath%3A%20metadata.name%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20peer%0A%20%20%20%20%20%20containerPort%3A%202380%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20%20%20-%20name%3A%20server%0A%20%20%20%20%20%20containerPort%3A%202379%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20-%20name%3A%20etcd-metrics%0A%20%20%20%20image%3A%20%22image%2Fetcd%3A1%22%0A%20%20%20%20command%3A%0A%20%20%20%20-%20%2Fbin%2Fsh%0A%20%20%20%20-%20-c%0A%20%20%20%20-%20%7C%0A%20%20%20%20%20%20%23!%2Fbin%2Fsh%0A%20%20%20%20%20%20set%20-euo%20pipefail%0A%0A%20%20%20%20%20%20source%20%2Frun%2Fetcd%2Fenvironment%0A%0A%20%20%20%20%20%20exec%20etcd%20grpc-proxy%20start%20%5C%0A%20%20%20%20%20%20%20%20--endpoints%20https%3A%2F%2F%24%7BETCD_DNS_NAME%7D%3A9978%20%5C%0A%20%20%20%20%20%20%20%20--metrics-addr%20https%3A%2F%2F0.0.0.0%3A9979%20%5C%0A%20%20%20%20%20%20%20%20--listen-addr%20127.0.0.1%3A9977%20%5C%0A%20%20%20%20%20%20%20%20--key%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--key-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.key%20%5C%0A%20%20%20%20%20%20%20%20--cert%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-peer%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cert-file%20%2Fetc%2Fssl%2Fetcd%2Fsystem%3Aetcd-metric%3A%24%7BETCD_DNS_NAME%7D.crt%20%5C%0A%20%20%20%20%20%20%20%20--cacert%20%2Fetc%2Fssl%2Fetcd%2Fca.crt%20%5C%0A%20%20%20%20%20%20%20%20--trusted-ca-file%20%2Fetc%2Fssl%2Fetcd%2Fmetric-ca.crt%20%5C%0A%20%20%20%20terminationMessagePolicy%3A%20FallbackToLogsOnError%0A%20%20%20%20volumeMounts%3A%0A%20%20%20%20-%20name%3A%20discovery%0A%20%20%20%20%20%20mountPath%3A%20%2Frun%2Fetcd%2F%0A%20%20%20%20-%20name%3A%20certs%0A%20%20%20%20%20%20mountPath%3A%20%2Fetc%2Fssl%2Fetcd%2F%0A%20%20%20%20ports%3A%0A%20%20%20%20-%20name%3A%20metric%0A%20%20%20%20%20%20containerPort%3A%209979%0A%20%20%20%20%20%20protocol%3A%20TCP%0A%20%20hostNetwork%3A%20true%0A%20%20priorityClassName%3A%20system-node-critical%0A%20%20tolerations%3A%0A%20%20-%20operator%3A%20%22Exists%22%0A%20%20restartPolicy%3A%20Always%0A%20%20volumes%3A%0A%20%20-%20name%3A%20certs%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fstatic-pod-resources%2Fetcd-member%0A%20%20-%20name%3A%20kubeconfig%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fkubernetes%2Fkubeconfig%0A%20%20-%20name%3A%20discovery%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Frun%2Fetcd%0A%20%20-%20name%3A%20data-dir%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fvar%2Flib%2Fetcd%0A%20%20-%20name%3A%20conf%0A%20%20%20%20hostPath%3A%0A%20%20%20%20%20%20path%3A%20%2Fetc%2Fetcd%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/manifests/etcd-member.yaml diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt deleted file mode 100644 index 32bcd5d94d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20etcd-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt deleted file mode 100644 index 6e8086dd19..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-metric-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/metric-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt deleted file mode 100644 index cb1bec649c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-kubernetes-static-pod-resources-etcd-member-root-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/static-pod-resources/etcd-member/root-ca.crt diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/master/00-master/vsphere/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/aws/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/libvirt/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/none/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/openstack/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-container-runtime/vsphere/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index d64f62b120..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/units/kubelet.service b/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/units/kubelet.service deleted file mode 100644 index 7674f1c9c0..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/aws/units/kubelet.service +++ /dev/null @@ -1,39 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --rotate-certificates \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider=aws \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - \ - --anonymous-auth=false \ - --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index d64f62b120..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/units/kubelet.service b/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/units/kubelet.service deleted file mode 100644 index e2b118a3e9..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/libvirt/units/kubelet.service +++ /dev/null @@ -1,39 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --rotate-certificates \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider= \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - \ - --anonymous-auth=false \ - --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index d64f62b120..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/units/kubelet.service b/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/units/kubelet.service deleted file mode 100644 index e2b118a3e9..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/none/units/kubelet.service +++ /dev/null @@ -1,39 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --rotate-certificates \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider= \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - \ - --anonymous-auth=false \ - --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 62530a48d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,testing%0Amulti-line%20cloud%20config%0A%5Btest%5D%0A%20%20option%20%3D%20dummy - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index d64f62b120..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/units/kubelet.service b/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/units/kubelet.service deleted file mode 100644 index 2e7852b648..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/openstack/units/kubelet.service +++ /dev/null @@ -1,34 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --rotate-certificates \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/master \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-config=/etc/kubernetes/cloud.conf \ - --anonymous-auth=false \ - --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 62530a48d9..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,testing%0Amulti-line%20cloud%20config%0A%5Btest%5D%0A%20%20option%20%3D%20dummy - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index d64f62b120..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/units/kubelet.service b/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/units/kubelet.service deleted file mode 100644 index b12f902f5b..0000000000 --- a/pkg/controller/template/test_data/templates/master/01-master-kubelet/vsphere/units/kubelet.service +++ /dev/null @@ -1,39 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --rotate-certificates \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider=vsphere \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - \ - --anonymous-auth=false \ - --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/aws/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/libvirt/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/none/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/openstack/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-ca.crt b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-ca.crt deleted file mode 100644 index 93e18c9420..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-ca.crt +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,dummy%20root-ca%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/ca.crt diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy deleted file mode 100644 index 745cb9e5d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-kubernetes-kubelet-plugins-volume-exec-.dummy +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 493 -path: /etc/kubernetes/kubelet-plugins/volume/exec/.dummy diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-sysctl.d-forward.conf b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-sysctl.d-forward.conf deleted file mode 100644 index dc3f2dc75d..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-sysctl.d-forward.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,net.ipv4.ip_forward%20%3D%201%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/sysctl.d/forward.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf deleted file mode 100644 index 388167ff03..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-systemd-system.conf.d-kubelet-cgroups.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20Turning%20on%20Accounting%20helps%20track%20down%20performance%20issues.%0A%5BManager%5D%0ADefaultCPUAccounting%3Dyes%0ADefaultMemoryAccounting%3Dyes%0ADefaultBlockIOAccounting%3Dyes%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/systemd/system.conf.d/kubelet-cgroups.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf deleted file mode 100644 index f409309b5c..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-etc-tmpfiles.d-cleanup-cni.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,r%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F80-openshift-network.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F10-ovn-kubernetes.conf%0Ar%20%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F00-multus.conf%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/tmpfiles.d/cleanup-cni.conf diff --git a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-var-lib-kubelet-config.json b/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-var-lib-kubelet-config.json deleted file mode 100644 index 0ba6c19e6a..0000000000 --- a/pkg/controller/template/test_data/templates/worker/00-worker/vsphere/files/-var-lib-kubelet-config.json +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%7B%22dummy%22%3A%22dummy%22%7D%0A - verification: {} -filesystem: root -mode: 420 -path: /var/lib/kubelet/config.json diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/aws/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/libvirt/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/none/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/openstack/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-registries.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-registries.conf deleted file mode 100644 index 53c1015d88..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-registries.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%5Bregistries.search%5D%0Aregistries%20%3D%20%5B'registry.access.redhat.com'%2C%20'docker.io'%5D%0A%0A%5Bregistries.insecure%5D%0Aregistries%20%3D%20%5B%5D%0A%0A%5Bregistries.block%5D%0Aregistries%20%3D%20%5B%5D%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/registries.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-storage.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-storage.conf deleted file mode 100644 index f955c08a3e..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-containers-storage.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20storage.conf%20is%20the%20configuration%20file%20for%20all%20tools%0A%23%20that%20share%20the%20containers%2Fstorage%20libraries%0A%23%20See%20man%205%20containers-storage.conf%20for%20more%20information%0A%23%20The%20%22container%20storage%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bstorage%5D%0A%0A%23%20Default%20Storage%20Driver%0Adriver%20%3D%20%22overlay%22%0A%0A%23%20Temporary%20storage%20location%0Arunroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20Primary%20Read%2FWrite%20location%20of%20container%20storage%0Agraphroot%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%5Bstorage.options%5D%0A%23%20Storage%20options%20to%20be%20passed%20to%20underlying%20storage%20drivers%0A%0A%23%20AdditionalImageStores%20is%20used%20to%20pass%20paths%20to%20additional%20Read%2FOnly%20image%20stores%0A%23%20Must%20be%20comma%20separated%20list.%0Aadditionalimagestores%20%3D%20%5B%0A%5D%0A%0A%23%20Size%20is%20used%20to%20set%20a%20maximum%20size%20of%20the%20container%20image.%20%20Only%20supported%20by%0A%23%20certain%20container%20storage%20drivers.%0Asize%20%3D%20%22%22%0A%0A%23%20OverrideKernelCheck%20tells%20the%20driver%20to%20ignore%20kernel%20checks%20based%20on%20kernel%20version%0Aoverride_kernel_check%20%3D%20%22true%22%0A%0A%23%20Remap-UIDs%2FGIDs%20is%20the%20mapping%20from%20UIDs%2FGIDs%20as%20they%20should%20appear%20inside%20of%0A%23%20a%20container%2C%20to%20UIDs%2FGIDs%20as%20they%20should%20appear%20outside%20of%20the%20container%2C%20and%0A%23%20the%20length%20of%20the%20range%20of%20UIDs%2FGIDs.%20%20Additional%20mapped%20sets%20can%20be%20listed%0A%23%20and%20will%20be%20heeded%20by%20libraries%2C%20but%20there%20are%20limits%20to%20the%20number%20of%0A%23%20mappings%20which%20the%20kernel%20will%20allow%20when%20you%20later%20attempt%20to%20run%20a%0A%23%20container.%0A%23%0A%23%20remap-uids%20%3D%200%3A1668442479%3A65536%0A%23%20remap-gids%20%3D%200%3A1668442479%3A65536%0A%0A%23%20Remap-User%2FGroup%20is%20a%20name%20which%20can%20be%20used%20to%20look%20up%20one%20or%20more%20UID%2FGID%0A%23%20ranges%20in%20the%20%2Fetc%2Fsubuid%20or%20%2Fetc%2Fsubgid%20file.%20%20Mappings%20are%20set%20up%20starting%0A%23%20with%20an%20in-container%20ID%20of%200%20and%20the%20a%20host-level%20ID%20taken%20from%20the%20lowest%0A%23%20range%20that%20matches%20the%20specified%20name%2C%20and%20using%20the%20length%20of%20that%20range.%0A%23%20Additional%20ranges%20are%20then%20assigned%2C%20using%20the%20ranges%20which%20specify%20the%0A%23%20lowest%20host-level%20IDs%20first%2C%20to%20the%20lowest%20not-yet-mapped%20container-level%20ID%2C%0A%23%20until%20all%20of%20the%20entries%20have%20been%20used%20for%20maps.%0A%23%0A%23%20remap-user%20%3D%20%22storage%22%0A%23%20remap-group%20%3D%20%22storage%22%0A%0A%5Bstorage.options.thinpool%5D%0A%23%20Storage%20Options%20for%20thinpool%0A%0A%23%20autoextend_percent%20determines%20the%20amount%20by%20which%20pool%20needs%20to%20be%0A%23%20grown.%20This%20is%20specified%20in%20terms%20of%20%25%20of%20pool%20size.%20So%20a%20value%20of%2020%20means%0A%23%20that%20when%20threshold%20is%20hit%2C%20pool%20will%20be%20grown%20by%2020%25%20of%20existing%0A%23%20pool%20size.%0A%23%20autoextend_percent%20%3D%20%2220%22%0A%0A%23%20autoextend_threshold%20determines%20the%20pool%20extension%20threshold%20in%20terms%0A%23%20of%20percentage%20of%20pool%20size.%20For%20example%2C%20if%20threshold%20is%2060%2C%20that%20means%20when%0A%23%20pool%20is%2060%25%20full%2C%20threshold%20has%20been%20hit.%0A%23%20autoextend_threshold%20%3D%20%2280%22%0A%0A%23%20basesize%20specifies%20the%20size%20to%20use%20when%20creating%20the%20base%20device%2C%20which%0A%23%20limits%20the%20size%20of%20images%20and%20containers.%0A%23%20basesize%20%3D%20%2210G%22%0A%0A%23%20blocksize%20specifies%20a%20custom%20blocksize%20to%20use%20for%20the%20thin%20pool.%0A%23%20blocksize%3D%2264k%22%0A%0A%23%20directlvm_device%20specifies%20a%20custom%20block%20storage%20device%20to%20use%20for%20the%0A%23%20thin%20pool.%20Required%20if%20you%20setup%20devicemapper%0A%23%20directlvm_device%20%3D%20%22%22%0A%0A%23%20directlvm_device_force%20wipes%20device%20even%20if%20device%20already%20has%20a%20filesystem%0A%23%20directlvm_device_force%20%3D%20%22True%22%0A%0A%23%20fs%20specifies%20the%20filesystem%20type%20to%20use%20for%20the%20base%20device.%0A%23%20fs%3D%22xfs%22%0A%0A%23%20log_level%20sets%20the%20log%20level%20of%20devicemapper.%0A%23%200%3A%20LogLevelSuppress%200%20(Default)%0A%23%202%3A%20LogLevelFatal%0A%23%203%3A%20LogLevelErr%0A%23%204%3A%20LogLevelWarn%0A%23%205%3A%20LogLevelNotice%0A%23%206%3A%20LogLevelInfo%0A%23%207%3A%20LogLevelDebug%0A%23%20log_level%20%3D%20%227%22%0A%0A%23%20min_free_space%20specifies%20the%20min%20free%20space%20percent%20in%20a%20thin%20pool%20require%20for%0A%23%20new%20device%20creation%20to%20succeed.%20Valid%20values%20are%20from%200%25%20-%2099%25.%0A%23%20Value%200%25%20disables%0A%23%20min_free_space%20%3D%20%2210%25%22%0A%0A%23%20mkfsarg%20specifies%20extra%20mkfs%20arguments%20to%20be%20used%20when%20creating%20the%20base%0A%23%20device.%0A%23%20mkfsarg%20%3D%20%22%22%0A%0A%23%20mountopt%20specifies%20extra%20mount%20options%20used%20when%20mounting%20the%20thin%20devices.%0A%23%20mountopt%20%3D%20%22%22%0A%0A%23%20use_deferred_removal%20Marking%20device%20for%20deferred%20removal%0A%23%20use_deferred_removal%20%3D%20%22True%22%0A%0A%23%20use_deferred_deletion%20Marking%20device%20for%20deferred%20deletion%0A%23%20use_deferred_deletion%20%3D%20%22True%22%0A%0A%23%20xfs_nospace_max_retries%20specifies%20the%20maximum%20number%20of%20retries%20XFS%20should%0A%23%20attempt%20to%20complete%20IO%20when%20ENOSPC%20(no%20space)%20error%20is%20returned%20by%0A%23%20underlying%20storage%20device.%0A%23%20xfs_nospace_max_retries%20%3D%20%220%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/containers/storage.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-crio-crio.conf b/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-crio-crio.conf deleted file mode 100644 index f7a9afad2f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-container-runtime/vsphere/files/-etc-crio-crio.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,%23%20The%20%22crio%22%20table%20contains%20all%20of%20the%20server%20options.%0A%5Bcrio%5D%0A%0A%23%20CRI-O%20reads%20its%20storage%20defaults%20from%20the%20containers%2Fstorage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fstorage.conf.%20Modify%20storage.conf%20if%20you%20want%20to%0A%23%20change%20default%20storage%20for%20all%20tools%20that%20use%20containers%2Fstorage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20storage%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20root%20is%20a%20path%20to%20the%20%22root%20directory%22.%20CRIO%20stores%20all%20of%20its%20data%2C%0A%23%20including%20container%20images%2C%20in%20this%20directory.%0A%23root%20%3D%20%22%2Fvar%2Flib%2Fcontainers%2Fstorage%22%0A%0A%23%20run%20is%20a%20path%20to%20the%20%22run%20directory%22.%20CRIO%20stores%20all%20of%20its%20state%0A%23%20in%20this%20directory.%0A%23runroot%20%3D%20%22%2Fvar%2Frun%2Fcontainers%2Fstorage%22%0A%0A%23%20storage_driver%20select%20which%20storage%20driver%20is%20used%20to%20manage%20storage%0A%23%20of%20images%20and%20containers.%0A%23storage_driver%20%3D%20%22%22%0A%0A%23%20storage_option%20is%20used%20to%20pass%20an%20option%20to%20the%20storage%20driver.%0A%23storage_option%20%3D%20%5B%0A%23%5D%0A%0A%23%20The%20%22crio.api%22%20table%20contains%20settings%20for%20the%20kubelet%2FgRPC%20interface.%0A%5Bcrio.api%5D%0A%0A%23%20listen%20is%20the%20path%20to%20the%20AF_LOCAL%20socket%20on%20which%20crio%20will%20listen.%0Alisten%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fcrio.sock%22%0A%0A%23%20stream_address%20is%20the%20IP%20address%20on%20which%20the%20stream%20server%20will%20listen%0Astream_address%20%3D%20%22%22%0A%0A%23%20stream_port%20is%20the%20port%20on%20which%20the%20stream%20server%20will%20listen%0Astream_port%20%3D%20%2210010%22%0A%0A%23%20stream_enable_tls%20enables%20encrypted%20tls%20transport%20of%20the%20stream%20server%0Astream_enable_tls%20%3D%20false%0A%0A%23%20stream_tls_cert%20is%20the%20x509%20certificate%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_cert%20%3D%20%22%22%0A%0A%23%20stream_tls_key%20is%20the%20key%20file%20path%20used%20to%20serve%20the%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_key%20%3D%20%22%22%0A%0A%23%20stream_tls_ca%20is%20the%20x509%20CA(s)%20file%20used%20to%20verify%20and%20authenticate%20client%0A%23%20communication%20with%20the%20tls%20encrypted%20stream.%0A%23%20This%20file%20can%20change%2C%20and%20CRIO%20will%20automatically%20pick%20up%20the%20changes%20within%205%20minutes.%0Astream_tls_ca%20%3D%20%22%22%0A%0A%23%20file_locking%20is%20whether%20file-based%20locking%20will%20be%20used%20instead%20of%0A%23%20in-memory%20locking%0Afile_locking%20%3D%20false%0A%0A%23%20The%20%22crio.runtime%22%20table%20contains%20settings%20pertaining%20to%20the%20OCI%0A%23%20runtime%20used%20and%20options%20for%20how%20to%20set%20up%20and%20manage%20the%20OCI%20runtime.%0A%5Bcrio.runtime%5D%0A%0A%23%20runtime%20is%20the%20OCI%20compatible%20runtime%20used%20for%20trusted%20container%20workloads.%0A%23%20This%20is%20a%20mandatory%20setting%20as%20this%20runtime%20will%20be%20the%20default%20one%0A%23%20and%20will%20also%20be%20used%20for%20untrusted%20container%20workloads%20if%0A%23%20runtime_untrusted_workload%20is%20not%20set.%0Aruntime%20%3D%20%22%2Fusr%2Fbin%2Frunc%22%0A%0A%23%20runtime_untrusted_workload%20is%20the%20OCI%20compatible%20runtime%20used%20for%20untrusted%0A%23%20container%20workloads.%20This%20is%20an%20optional%20setting%2C%20except%20if%0A%23%20default_container_trust%20is%20set%20to%20%22untrusted%22.%0Aruntime_untrusted_workload%20%3D%20%22%22%0A%0A%23%20default_workload_trust%20is%20the%20default%20level%20of%20trust%20crio%20puts%20in%20container%0A%23%20workloads.%20It%20can%20either%20be%20%22trusted%22%20or%20%22untrusted%22%2C%20and%20the%20default%0A%23%20is%20%22trusted%22.%0A%23%20Containers%20can%20be%20run%20through%20different%20container%20runtimes%2C%20depending%20on%0A%23%20the%20trust%20hints%20we%20receive%20from%20kubelet%3A%0A%23%20-%20If%20kubelet%20tags%20a%20container%20workload%20as%20untrusted%2C%20crio%20will%20try%20first%20to%0A%23%20run%20it%20through%20the%20untrusted%20container%20workload%20runtime.%20If%20it%20is%20not%20set%2C%0A%23%20crio%20will%20use%20the%20trusted%20runtime.%0A%23%20-%20If%20kubelet%20does%20not%20provide%20any%20information%20about%20the%20container%20workload%20trust%0A%23%20level%2C%20the%20selected%20runtime%20will%20depend%20on%20the%20default_container_trust%20setting.%0A%23%20If%20it%20is%20set%20to%20%22untrusted%22%2C%20then%20all%20containers%20except%20for%20the%20host%20privileged%0A%23%20ones%2C%20will%20be%20run%20by%20the%20runtime_untrusted_workload%20runtime.%20Host%20privileged%0A%23%20containers%20are%20by%20definition%20trusted%20and%20will%20always%20use%20the%20trusted%20container%0A%23%20runtime.%20If%20default_container_trust%20is%20set%20to%20%22trusted%22%2C%20crio%20will%20use%20the%20trusted%0A%23%20container%20runtime%20for%20all%20containers.%0Adefault_workload_trust%20%3D%20%22trusted%22%0A%0A%23%20no_pivot%20instructs%20the%20runtime%20to%20not%20use%20pivot_root%2C%20but%20instead%20use%20MS_MOVE%0Ano_pivot%20%3D%20false%0A%0A%23%20conmon%20is%20the%20path%20to%20conmon%20binary%2C%20used%20for%20managing%20the%20runtime.%0Aconmon%20%3D%20%22%2Fusr%2Flibexec%2Fcrio%2Fconmon%22%0A%0A%23%20conmon_env%20is%20the%20environment%20variable%20list%20for%20conmon%20process%2C%0A%23%20used%20for%20passing%20necessary%20environment%20variable%20to%20conmon%20or%20runtime.%0Aconmon_env%20%3D%20%5B%0A%20%20%22PATH%3D%2Fusr%2Flocal%2Fsbin%3A%2Fusr%2Flocal%2Fbin%3A%2Fusr%2Fsbin%3A%2Fusr%2Fbin%3A%2Fsbin%3A%2Fbin%22%2C%0A%5D%0A%0A%23%20selinux%20indicates%20whether%20or%20not%20SELinux%20will%20be%20used%20for%20pod%0A%23%20separation%20on%20the%20host.%20If%20you%20enable%20this%20flag%2C%20SELinux%20must%20be%20running%0A%23%20on%20the%20host.%0Aselinux%20%3D%20true%0A%0A%23%20seccomp_profile%20is%20the%20seccomp%20json%20profile%20path%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aseccomp_profile%20%3D%20%22%2Fetc%2Fcrio%2Fseccomp.json%22%0A%0A%23%20apparmor_profile%20is%20the%20apparmor%20profile%20name%20which%20is%20used%20as%20the%0A%23%20default%20for%20the%20runtime.%0Aapparmor_profile%20%3D%20%22crio-default%22%0A%0A%23%20cgroup_manager%20is%20the%20cgroup%20management%20implementation%20to%20be%20used%0A%23%20for%20the%20runtime.%0Acgroup_manager%20%3D%20%22systemd%22%0A%0A%23%20default_capabilities%20is%20the%20list%20of%20capabilities%20to%20add%20and%20can%20be%20modified%20here.%0A%23%20If%20capabilities%20below%20is%20commented%20out%2C%20the%20default%20list%20of%20capabilities%20defined%20in%20the%0A%23%20spec%20will%20be%20added.%0A%23%20If%20capabilities%20is%20empty%20below%2C%20only%20the%20capabilities%20defined%20in%20the%20container%20json%0A%23%20file%20by%20the%20user%2Fkube%20will%20be%20added.%0Adefault_capabilities%20%3D%20%5B%0A%20%20%22CHOWN%22%2C%20%0A%20%20%22DAC_OVERRIDE%22%2C%20%0A%20%20%22FSETID%22%2C%20%0A%20%20%22FOWNER%22%2C%20%0A%20%20%22NET_RAW%22%2C%20%0A%20%20%22SETGID%22%2C%20%0A%20%20%22SETUID%22%2C%20%0A%20%20%22SETPCAP%22%2C%20%0A%20%20%22NET_BIND_SERVICE%22%2C%20%0A%20%20%22SYS_CHROOT%22%2C%20%0A%20%20%22KILL%22%2C%20%0A%5D%0A%0A%23%20hooks_dir_path%20is%20the%20oci%20hooks%20directory%20for%20automatically%20executed%20hooks%0Ahooks_dir_path%20%3D%20%22%2Fusr%2Fshare%2Fcontainers%2Foci%2Fhooks.d%22%0A%0A%23%20default_mounts%20is%20the%20mounts%20list%20to%20be%20mounted%20for%20the%20container%20when%20created%0A%23%20deprecated%2C%20will%20be%20taken%20out%20in%20future%20versions%2C%20add%20default%20mounts%20to%20either%0A%23%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20or%20%2Fetc%2Fcontainers%2Fmounts.conf%0Adefault_mounts%20%3D%20%5B%0A%20%20%22%2Fusr%2Fshare%2Frhel%2Fsecrets%3A%2Frun%2Fsecrets%22%2C%20%0A%5D%0A%0A%23%20Path%20to%20directory%20in%20which%20container%20exit%20files%20are%20written%20to%20by%20conmon.%0Acontainer_exits_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%2Fexits%22%0A%0A%23%20Path%20to%20directory%20for%20container%20attach%20sockets.%0Acontainer_attach_socket_dir%20%3D%20%22%2Fvar%2Frun%2Fcrio%22%0A%0A%23%20CRI-O%20reads%20its%20default%20mounts%20from%20the%20following%20two%20files%3A%0A%23%201)%20%2Fetc%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20override%20file%2C%20where%20users%20can%0A%23%20either%20add%20in%20their%20own%20default%20mounts%2C%20or%20override%20the%20default%20mounts%20shipped%0A%23%20with%20the%20package.%0A%23%202)%20%2Fusr%2Fshare%2Fcontainers%2Fmounts.conf%20-%20this%20is%20the%20default%20file%20read%20for%20mounts.%0A%23%20If%20you%20want%20CRI-O%20to%20read%20from%20a%20different%2C%20specific%20mounts%20file%2C%20you%20can%20change%0A%23%20the%20default_mounts_file%20path%20right%20below.%20Note%2C%20if%20this%20is%20done%2C%20CRI-O%20will%20only%20add%0A%23%20mounts%20it%20finds%20in%20this%20file.%0A%0A%23%20default_mounts_file%20is%20the%20file%20path%20holding%20the%20default%20mounts%20to%20be%20mounted%20for%20the%0A%23%20container%20when%20created.%0A%23%20default_mounts_file%20%3D%20%22%22%0A%0A%23%20pids_limit%20is%20the%20number%20of%20processes%20allowed%20in%20a%20container%0Apids_limit%20%3D%201024%0A%0A%23%20log_size_max%20is%20the%20max%20limit%20for%20the%20container%20log%20size%20in%20bytes.%0A%23%20Negative%20values%20indicate%20that%20no%20limit%20is%20imposed.%0Alog_size_max%20%3D%20-1%0A%0A%23%20read-only%20indicates%20whether%20all%20containers%20will%20run%20in%20read-only%20mode%0Aread_only%20%3D%20false%0A%0A%23%20log_level%20changes%20the%20verbosity%20of%20the%20logs%20printed.%0A%23%20Options%20are%3A%20error%20(default)%2C%20fatal%2C%20panic%2C%20warn%2C%20info%2C%20and%20debug%0Alog_level%20%3D%20%22error%22%0A%0A%23%20The%20%22crio.image%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20OCI%20images.%0A%0A%23%20uid_mappings%20specifies%20the%20UID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerUID%3AHostUID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Auid_mappings%20%3D%20%22%22%0A%0A%23%20gid_mappings%20specifies%20the%20GID%20mappings%20to%20have%20in%20the%20user%20namespace.%0A%23%20A%20range%20is%20specified%20in%20the%20form%20containerGID%3AHostGID%3ASize.%20%20Multiple%0A%23%20ranges%20are%20separed%20by%20comma.%0Agid_mappings%20%3D%20%22%22%0A%0A%5Bcrio.image%5D%0A%0A%23%20default_transport%20is%20the%20prefix%20we%20try%20prepending%20to%20an%20image%20name%20if%20the%0A%23%20image%20name%20as%20we%20receive%20it%20can't%20be%20parsed%20as%20a%20valid%20source%20reference%0Adefault_transport%20%3D%20%22docker%3A%2F%2F%22%0A%0A%23%20pause_image%20is%20the%20image%20which%20we%20use%20to%20instantiate%20infra%20containers.%0Apause_image%20%3D%20%22image%2FinfraImage%3A1%22%0A%0A%23%20If%20not%20empty%2C%20the%20path%20to%20a%20docker%2Fconfig.json-like%20file%20containing%20credentials%0A%23%20necessary%20for%20pulling%20the%20image%20specified%20by%20pause_image%C2%A0above.%0Apause_image_auth_file%20%3D%20%22%2Fvar%2Flib%2Fkubelet%2Fconfig.json%22%0A%0A%23%20pause_command%20is%20the%20command%20to%20run%20in%20a%20pause_image%20to%20have%20a%20container%20just%0A%23%20sit%20there.%20%20If%20the%20image%20contains%20the%20necessary%20information%2C%20this%20value%20need%0A%23%20not%20be%20specified.%0Apause_command%20%3D%20%22%2Fusr%2Fbin%2Fpod%22%0A%0A%23%20signature_policy%20is%20the%20name%20of%20the%20file%20which%20decides%20what%20sort%20of%20policy%20we%0A%23%20use%20when%20deciding%20whether%20or%20not%20to%20trust%20an%20image%20that%20we've%20pulled.%0A%23%20Outside%20of%20testing%20situations%2C%20it%20is%20strongly%20advised%20that%20this%20be%20left%0A%23%20unspecified%20so%20that%20the%20default%20system-wide%20policy%20will%20be%20used.%0Asignature_policy%20%3D%20%22%22%0A%0A%23%20image_volumes%20controls%20how%20image%20volumes%20are%20handled.%0A%23%20The%20valid%20values%20are%20mkdir%20and%20ignore.%0Aimage_volumes%20%3D%20%22mkdir%22%0A%0A%23%20CRI-O%20reads%20its%20configured%20registries%20defaults%20from%20the%20containers%2Fimage%20configuration%0A%23%20file%2C%20%2Fetc%2Fcontainers%2Fregistries.conf.%20Modify%20registries.conf%20if%20you%20want%20to%0A%23%20change%20default%20registries%20for%20all%20tools%20that%20use%20containers%2Fimage.%20%20If%20you%0A%23%20want%20to%20modify%20just%20crio%2C%20you%20can%20change%20the%20registies%20configuration%20in%20this%0A%23%20file.%0A%0A%23%20insecure_registries%20is%20used%20to%20skip%20TLS%20verification%20when%20pulling%20images.%0A%23%20insecure_registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20registries%20is%20used%20to%20specify%20a%20comma%20separated%20list%20of%20registries%20to%20be%20used%0A%23%20when%20pulling%20an%20unqualified%20image%20(e.g.%20fedora%3Arawhide).%0A%23registries%20%3D%20%5B%0A%23%20%5D%0A%0A%23%20The%20%22crio.network%22%20table%20contains%20settings%20pertaining%20to%20the%0A%23%20management%20of%20CNI%20plugins.%0A%5Bcrio.network%5D%0A%0A%23%20network_dir%20is%20is%20where%20CNI%20network%20configuration%60%0A%23%20files%20are%20stored.%20%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Anetwork_dir%20%3D%20%22%2Fetc%2Fkubernetes%2Fcni%2Fnet.d%2F%22%0A%0A%23%20plugin_dir%20is%20is%20where%20CNI%20plugin%20binaries%20are%20stored.%0A%23%20Note%20this%20default%20is%20changed%20from%20the%20RPM.%0Aplugin_dir%20%3D%20%22%2Fvar%2Flib%2Fcni%2Fbin%22%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/crio/crio.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index ea7d759ca8..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0ArotateCertificates%3A%20true%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/units/kubelet.service b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/units/kubelet.service deleted file mode 100644 index 667af5642b..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/aws/units/kubelet.service +++ /dev/null @@ -1,37 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider=aws \ - \ - --anonymous-auth=false \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index ea7d759ca8..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0ArotateCertificates%3A%20true%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/units/kubelet.service b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/units/kubelet.service deleted file mode 100644 index a617324314..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/libvirt/units/kubelet.service +++ /dev/null @@ -1,37 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider= \ - \ - --anonymous-auth=false \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 4e8968ac5f..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:, - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index ea7d759ca8..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0ArotateCertificates%3A%20true%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/units/kubelet.service b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/units/kubelet.service deleted file mode 100644 index a617324314..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/none/units/kubelet.service +++ /dev/null @@ -1,37 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider= \ - \ - --anonymous-auth=false \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 62530a48d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,testing%0Amulti-line%20cloud%20config%0A%5Btest%5D%0A%20%20option%20%3D%20dummy - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index ea7d759ca8..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0ArotateCertificates%3A%20true%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/units/kubelet.service b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/units/kubelet.service deleted file mode 100644 index c7fe757f84..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/openstack/units/kubelet.service +++ /dev/null @@ -1,32 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/worker \ - --minimum-container-ttl-duration=6m0s \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-config=/etc/kubernetes/cloud.conf \ - --anonymous-auth=false \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-cloud.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-cloud.conf deleted file mode 100644 index 62530a48d9..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-cloud.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,testing%0Amulti-line%20cloud%20config%0A%5Btest%5D%0A%20%20option%20%3D%20dummy - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/cloud.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf deleted file mode 100644 index ea7d759ca8..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/files/-etc-kubernetes-kubelet.conf +++ /dev/null @@ -1,6 +0,0 @@ -contents: - source: data:,kind%3A%20KubeletConfiguration%0AapiVersion%3A%20kubelet.config.k8s.io%2Fv1beta1%0AcgroupDriver%3A%20systemd%0AclusterDNS%3A%0A%20%20-%2010.3.0.10%0AclusterDomain%3A%20cluster.local%0AmaxPods%3A%20250%0ArotateCertificates%3A%20true%0AruntimeRequestTimeout%3A%2010m%0AserializeImagePulls%3A%20false%0AstaticPodPath%3A%20%2Fetc%2Fkubernetes%2Fmanifests%0AsystemReserved%3A%0A%20%20cpu%3A%20500m%0A%20%20memory%3A%20500Mi%0AfeatureGates%3A%0A%20%20RotateKubeletServerCertificate%3A%20true%0A%20%20ExperimentalCriticalPodAnnotation%3A%20true%0A%20%20SupportPodPidsLimit%3A%20true%0A%20%20LocalStorageCapacityIsolation%3A%20false%0AserverTLSBootstrap%3A%20true%0A - verification: {} -filesystem: root -mode: 420 -path: /etc/kubernetes/kubelet.conf diff --git a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/units/kubelet.service b/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/units/kubelet.service deleted file mode 100644 index 19c45387c5..0000000000 --- a/pkg/controller/template/test_data/templates/worker/01-worker-kubelet/vsphere/units/kubelet.service +++ /dev/null @@ -1,37 +0,0 @@ -contents: | - [Unit] - Description=Kubernetes Kubelet - Wants=rpc-statd.service - - [Service] - Type=notify - ExecStartPre=/bin/mkdir --parents /etc/kubernetes/manifests - ExecStartPre=/bin/rm -f /var/lib/kubelet/cpu_manager_state - EnvironmentFile=/etc/os-release - EnvironmentFile=-/etc/kubernetes/kubelet-workaround - EnvironmentFile=-/etc/kubernetes/kubelet-env - - ExecStart=/usr/bin/hyperkube \ - kubelet \ - --config=/etc/kubernetes/kubelet.conf \ - --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ - --kubeconfig=/var/lib/kubelet/kubeconfig \ - --container-runtime=remote \ - --container-runtime-endpoint=/var/run/crio/crio.sock \ - --allow-privileged \ - --node-labels=node-role.kubernetes.io/worker,node.openshift.io/os_id=${ID} \ - --minimum-container-ttl-duration=6m0s \ - --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \ - --client-ca-file=/etc/kubernetes/ca.crt \ - --cloud-provider=vsphere \ - \ - --anonymous-auth=false \ - --v=3 \ - - Restart=always - RestartSec=10 - - [Install] - WantedBy=multi-user.target -enabled: true -name: kubelet.service