New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crio 1.27 has default image registry.k8s.io/pause:3.6 #6985
Comments
This change needs to get backported to 1.27, I will put up a PR shortly. |
Great, thx. But how about the fact that crio overwrites kubernetes? Is this by design? |
currently crio and kubelet both have independent ideas of what pause image to use. Eventually, CRI implementation should specify the |
There should be a warning in place now, if the container runtime has not been updated to use the kubeadm version... |
It is at least the documented workaround, kubernetes requires the user to reconfigure their runtimes. https://kubernetes.io/docs/setup/production-environment/container-runtimes/ Out of the box, they will probably use the wrong pause image - and might even use the wrong cgroups. |
@afbjorklund Thank you for the insight but I cannot see that is is a requirement to overwrite the sandbox (pause) image, only an option that on CAN set. |
Yes, there is such a warning. That's how I initially came across the fact that an older pause image (3.6) had been used, instead of a more recent one (3.9). |
I backported the warning to cri-o and docker, since it was only implemented (and tested) for containerd I think once the backport of the default image to cri-o 1.27 is done, it shouldn't need config (the default should be OK) |
I suggest to keep this ticket open until I can verify it in a test. |
A friendly reminder that this issue had no activity for 30 days. |
@Jeansen what's the status of your check? |
@haircommander Oh, sorry. It's vacation time in Germany ;-) I'll check soon and report here. |
Installing from the repository I initially could not see any changes. During kubeadm setup, I still get: Anyway, installing without any additional configuration settings afterwards shows me, that kubelet runs with version 3.9:
I assume, this is fine now? |
if you run |
No, there is nothing set. Like I wrote, I use the default settings. |
A friendly reminder that this issue had no activity for 30 days. |
same here |
this seems like there's some kubeadm field that's getting in the way. If your crio configuration says 3.9 then that's the one that's being used, regardless of what kubelet/kubeadm ask. |
If the crio config was indeed also changed to 3.9, then it should be reflected in |
A friendly reminder that this issue had no activity for 30 days. |
I think this can be closed, CRI-O is using the pause image it's configured to. kubeadm/kubelet can only ask and CRI-O will ignore :) |
What happened?
Creating a cluster wie kubeadm 1.27 and cri-o 1.27 shows:
Although,
kubeadm config images list
gives:cri-o overwrites the kubeadm image for pause with its default, which currently is 3.6. When I set the relevant config entry to in
/etc/crio/crio.conf
, e.g.pause_image = "registry.k8s.io/pause:3.9
and restart the crio service, kubeadm no longer complains.What did you expect to happen?
No warning and the right pause image in use when creating a cluster with kubeadm in the same version as crio.
How can we reproduce it (as minimally and precisely as possible)?
Follow https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/.
In Essence, it would be enough to have von VM running Ubuntu or Debian with kubeadm and crio installed in version 1.27 and then running
kubeadm init
.Anything else we need to know?
No response
CRI-O and Kubernetes version
OS version
Additional environment details (AWS, VirtualBox, physical, etc.)
The text was updated successfully, but these errors were encountered: