Add configuration option for NRI in crio & containerd (#10454)

* [containerd] Add Configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtime like containerd. With this commit, we introduce the
containerd_disable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in containerd. In line with containerd's default
configuration, NRI is disabled by default in this containerd role
defaults.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>

* [cri-o] Add configuration option for Node Resource Interface

Node Resource Interface (NRI) is a common is a common framework for
plugging domain or vendor-specific custom logic into container
runtimes like containerd/crio. With this commit, we introduce the
crio_enable_nri configuration flag, providing cluster
administrators the flexibility to opt in or out (defaulted to 'out')
of this feature in cri-o runtime. In line with crio's default
configuration, NRI is disabled by default in this cri-o role
defaults.

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>

---------

Signed-off-by: Feruzjon Muyassarov <feruzjon.muyassarov@intel.com>
(cherry picked from commit f964b3438d)
pull/10543/head
Feruzjon Muyassarov 2023-09-21 10:30:19 +03:00 committed by Florian Ruynat
parent 9dc2092042
commit 7bd757da5f
4 changed files with 14 additions and 0 deletions

View File

@ -64,6 +64,9 @@ containerd_enable_unprivileged_ports: false
# If enabled it will allow non root users to use icmp sockets
containerd_enable_unprivileged_icmp: false
# If enabled, it will activate the NRI support in containerd
containerd_nri_disable: true
containerd_cfg_dir: /etc/containerd
# Extra config to be put in {{ containerd_cfg_dir }}/config.toml literally

View File

@ -78,6 +78,9 @@ oom_score = {{ containerd_oom_score }}
{% endif %}
{% endfor %}
[plugins."io.containerd.nri.v1.nri"]
disable = {{ containerd_nri_disable | default(true) | lower }}
{% if containerd_extra_args is defined %}
{{ containerd_extra_args }}
{% endif %}

View File

@ -97,3 +97,6 @@ crio_man_files:
8:
- crio
- crio-status
# If set to true, it will enable the NRI support in cri-o
crio_enable_nri: false

View File

@ -376,3 +376,8 @@ enable_metrics = {{ crio_enable_metrics | bool | lower }}
# The port on which the metrics server will listen.
metrics_port = {{ crio_metrics_port }}
[crio.nri]
# Enable or disable NRI (Node Resource Interface) support in CRI-O.
enable_nri={{ crio_enable_nri | default(false) | lower }}