Skip to content

Commit

Permalink
Add Podman v5 breaking changes checks
Browse files Browse the repository at this point in the history
Podman 5 will come with breaking changes affecting upgradability.
CGroups v1 environments will be required to switch to CGroups v2
and CNI plugin environemnts will need to switch to netavark.
In the above script we added the CLHM helpers to notifiy people
of the incoming changes
  • Loading branch information
gursewak1997 committed Feb 8, 2024
1 parent 9d7ccf0 commit a779112
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 0 deletions.
2 changes: 2 additions & 0 deletions manifests/enable-coreos-podman-check.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
ostree-layers:
- overlay/14container
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
enable coreos-podman-changes-check.service
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# This service checks if the system nodes are still using
# cgroups v1 and CNI networking. If so, they will be warned
# to move their nodes to cgroups v2 and netavark respectively.
[Unit]
Description=Check if nodes are still using cgroupv1 or CNI networking
[Service]
Type=oneshot
ExecStart=/usr/libexec/coreos-podman-changes-check
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
33 changes: 33 additions & 0 deletions overlay.d/14container/usr/libexec/coreos-podman-changes-check
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/usr/bin/bash
# Podman is dropping support for cgroup v1 and CNI networking.
# Podman 5 changes: https://fedoraproject.org/wiki/Changes/Podman5
# This script checks if the system nodes are still using
# cgroups v1 and CNI networking. If so, they will warned
# to move their nodes to cgroups v2 and netavark respectively.

# Change the output color to yellow
warn=$(echo -e '\033[0;33m')
# No color
nc=$(echo -e '\033[0m')

# For cgroup v2, the output is cgroup2fs.
# For cgroup v1, the output is tmpfs.
# Ref: https://kubernetes.io/docs/concepts/architecture/cgroups/#check-cgroup-version
# Update an existing system from cgroupsv1 to cgroupsv2 and immediately reboot
# Run $ sudo rpm-ostree kargs --delete=systemd.unified_cgroup_hierarchy --reboot

cgroupVersion=$(stat -fc %T /sys/fs/cgroup/)

if [[ $cgroupVersion == "tmpfs" ]]; then
echo -e "${warn}Podman is dropping support for cgroups v1. Move your nodes to cgroups v2 if not already${nc}"
fi

# Podman supports two network backends Netavark and CNI.
# Netavark is the default network backend and was added in
# Podman version 4.0. CNI is deprecated and is removed
# in Podman version 5.0, in preference of Netavark.
podmanBackend=$(podman info --format "{{.Host.NetworkBackend}}")

if [[ $podmanBackend != "netavark" ]]; then
echo -e "${warn}Podman is dropping support for CNI networking entirely. Switch to netavark${nc}"
fi

0 comments on commit a779112

Please sign in to comment.