diff --git a/nertctl.tf b/nertctl.tf deleted file mode 100644 index f7356e9..0000000 --- a/nertctl.tf +++ /dev/null @@ -1,27 +0,0 @@ - -data "ignition_file" "init_nerdctl" { - overwrite = true - path = "/opt/bin/init-nerdctl" - mode = 500 - - content { - content = file("${path.module}/scripts/init-nerdctl.sh") - } -} - -data "ignition_systemd_unit" "init_nerdctl" { - name = "init-nerdctl.service" - enabled = true - content = templatefile("${path.module}/templates/init-nerdctl.service.tpl", {}) -} - -data "ignition_file" "nerdctl" { - path = "/opt/bin/nerdctl.tar.gz" - mode = 500 - overwrite = true - - source { - source = local.binaries["nerdctl"].source - verification = local.binaries["nerdctl"].checksum - } -} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index b890b01..7e5e6f1 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,7 +2,6 @@ output "systemd_units" { value = concat([ data.ignition_systemd_unit.etcd_service.rendered, data.ignition_systemd_unit.etcd_data_mount.rendered, - data.ignition_systemd_unit.init_nerdctl.rendered, ], var.enable_metrics_proxy ? [ data.ignition_systemd_unit.etcd_metrics_proxy_service.rendered @@ -20,9 +19,7 @@ output "files" { data.ignition_file.etcd_server_cert.rendered, data.ignition_file.etcd_server_key.rendered, data.ignition_file.etcd_peer_cert.rendered, - data.ignition_file.etcd_peer_key.rendered, - data.ignition_file.init_nerdctl.rendered, - data.ignition_file.nerdctl.rendered, + data.ignition_file.etcd_peer_key.rendered ], var.enable_metrics_proxy ? [ data.ignition_file.etcd_metrics_proxy_wrapper_sh.rendered diff --git a/scripts/etcd-metrics-proxy-wrapper.sh b/scripts/etcd-metrics-proxy-wrapper.sh index ae5af4c..1867c53 100644 --- a/scripts/etcd-metrics-proxy-wrapper.sh +++ b/scripts/etcd-metrics-proxy-wrapper.sh @@ -32,9 +32,9 @@ fi DOCKER_RUN_ARGS="${DOCKER_RUN_ARGS} ${DOCKER_OPTS}" -NERDCTL="${NERDCTL:-/opt/bin/nerdctl}" +DOCKER="${DOCKER:-/usr/bin/docker}" set -x -exec ${NERDCTL} run \ +exec ${DOCKER} run \ -v ${ETCD_CERT_PATH}:${ETCD_CERT_PATH}:ro \ --env-file=/etc/etcd/config.env \ --net=host \ diff --git a/scripts/etcd-wrapper.sh b/scripts/etcd-wrapper.sh index 6432941..9d0f828 100644 --- a/scripts/etcd-wrapper.sh +++ b/scripts/etcd-wrapper.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Wrapper for launching etcd via nerdctl. +# Wrapper for launching etcd via docker. set -e @@ -60,9 +60,9 @@ fi DOCKER_RUN_ARGS="${DOCKER_RUN_ARGS} ${DOCKER_OPTS}" -NERDCTL="${NERDCTL:-/opt/bin/nerdctl}" +DOCKER="${DOCKER:-/usr/bin/docker}" set -x -exec ${NERDCTL} run \ +exec ${DOCKER} run \ -v ${ETCD_DATA_DIR}:${ETCD_DATA_DIR}:rw \ -v /etc/ssl/certs:/etc/ssl/certs:ro \ -v ${ETCD_CERT_PATH}:${ETCD_CERT_PATH}:rw \ diff --git a/scripts/init-nerdctl.sh b/scripts/init-nerdctl.sh deleted file mode 100644 index 2793413..0000000 --- a/scripts/init-nerdctl.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Wrapper script for initing nerdctl. - -set -eu - -NERDCTL_BIN_PATH=${NERDCTL_BIN_PATH:="/opt/bin"} -mkdir -p ${NERDCTL_BIN_PATH} -sudo tar -xvf /opt/bin/nerdctl.tar.gz -C ${NERDCTL_BIN_PATH} \ No newline at end of file diff --git a/templates/etcd-metrics-proxy.service.tpl b/templates/etcd-metrics-proxy.service.tpl index f8bbb4e..dfe0b6e 100644 --- a/templates/etcd-metrics-proxy.service.tpl +++ b/templates/etcd-metrics-proxy.service.tpl @@ -1,14 +1,13 @@ [Unit] Description=etcd-metrics-proxy service -After=init-nerdctl.service Requires=network-online.target [Service] Environment="PATH=/opt/bin:/opt/etcd/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin" EnvironmentFile=/etc/etcd/config.env -ExecStartPre=-/opt/bin/nerdctl rm -f etcd-metrics-proxy +ExecStartPre=-/usr/bin/docker rm -f etcd-metrics-proxy ExecStart=/opt/etcd/bin/etcd-metrics-proxy-wrapper -ExecStop=-/opt/bin/nerdctl stop etcd-metrics-proxy +ExecStop=-/usr/bin/docker stop etcd-metrics-proxy Restart=always RestartSec=10 diff --git a/templates/etcd.service.tpl b/templates/etcd.service.tpl index aaec631..234b791 100644 --- a/templates/etcd.service.tpl +++ b/templates/etcd.service.tpl @@ -1,14 +1,13 @@ [Unit] Description=etcd service -After=init-nerdctl.service Requires=network-online.target [Service] Environment="PATH=/opt/bin:/opt/etcd/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin" EnvironmentFile=/etc/etcd/config.env -ExecStartPre=-/opt/bin/nerdctl rm -f etcd +ExecStartPre=-/usr/bin/docker rm -f etcd ExecStart=/opt/etcd/bin/etcd-wrapper -ExecStop=-/opt/bin/nerdctl stop etcd +ExecStop=-/usr/bin/docker stop etcd Restart=always RestartSec=10 diff --git a/templates/init-nerdctl.service.tpl b/templates/init-nerdctl.service.tpl deleted file mode 100644 index 48e5bd1..0000000 --- a/templates/init-nerdctl.service.tpl +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=init nerdctl service -ConditionPathExists = !/opt/bin/init-configs.done -Requires=network-online.target - -[Service] -Type=oneshot -RemainAfterExit=true - -User=root -Group=root - -Environment="PATH=/opt/bin:/opt/etcd/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin" -ExecStart=/opt/bin/init-nerdctl -ExecStartPost=/bin/touch /opt/bin/init-configs.done - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/variables.tf b/variables.tf index 372f997..9f89971 100644 --- a/variables.tf +++ b/variables.tf @@ -12,15 +12,6 @@ variable "containers" { default = {} } -variable "binaries" { - description = "Desired addon binaries url and checksum." - type = map(object({ - source = string - checksum = string - })) - default = {} -} - variable "cloud_provider" { description = "The name of public cloud." type = string diff --git a/variables_defaults.tf b/variables_defaults.tf index 400c2e4..235a07f 100644 --- a/variables_defaults.tf +++ b/variables_defaults.tf @@ -13,12 +13,4 @@ locals { extra_flags = merge({ "log-level" = var.log_level }, var.extra_flags) - - binaries = merge( - { - nerdctl = { - source = "https://github.com/containerd/nerdctl/releases/download/v1.6.0/nerdctl-1.6.0-linux-amd64.tar.gz" - checksum = "sha512-89dcba32badfd1481d88cd5f4179ff99348578af5004a7e96daa05101e99ba7448685596692ada3186f718ffd1166768ac6a22e041c5887e416e6dc7fda97f24" - } - }, var.binaries) }