Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

container didn't get the environment var from CONTAINERD_XXX #10110

Closed
ActivePeter opened this issue May 16, 2024 · 1 comment
Closed

container didn't get the environment var from CONTAINERD_XXX #10110

ActivePeter opened this issue May 16, 2024 · 1 comment

Comments

@ActivePeter
Copy link

ActivePeter commented May 16, 2024

I'm using the k3s with https://github.com/k3s-io/k3s/releases/download/v1.30.0%2Bk3s1/k3s & https://github.com/k3s-io/k3s/releases/download/v1.30.0%2Bk3s1/k3s-airgap-images-amd64.tar.gz.

I found the right configuration of proxy is as follows:

As description, I just need to export the proxy variables when I install the k3s as following:

PROXY="http://192.168.31.53:7890"
os.environ['HTTP_PROXY']=PROXY
os.environ['HTTPS_PROXY']=PROXY
os.environ['NO_PROXY']="127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
os.environ['CONTAINERD_HTTP_PROXY']=PROXY
os.environ['CONTAINERD_HTTPS_PROXY']=PROXY
os.environ['CONTAINERD_NO_PROXY']="127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"

And the environment vars will be added to /etc/systemd/system/k3s.service.env which can be verified.

image

However, I started a test daemonset to echo the env in pod (containerd), and I got empty environment var:

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: environment-check-daemonset
spec:
  selector:
    matchLabels:
      app: environment-check
  template:
    metadata:
      labels:
        app: environment-check
    spec:
      containers:
      - name: environment-check-container
        image: alpine:latest
        command: ["/bin/sh", "-c"]
        args:
        - echo "http_proxy=$http_proxy" && echo "HTTP_PROXY=$HTTP_PROXY" && echo "https_proxy=$https_proxy" && echo "HTTPS_PROXY=$HTTPS_PROXY" && echo "no_proxy=$no_proxy" && echo "NO_PROXY=$NO_PROXY" && env

Result:
image

@brandond
Copy link
Contributor

brandond commented May 16, 2024

Those environment variables are exported for the containerd process. That does NOT mean that they are injected into container env vars. Env vars for your containers must be set in the pod spec; there is no way built in to Kubernetes or containerd to inject "default" vars that are set even if not in the pod spec.

You might look at tools like: https://github.com/redhat-cop/podpreset-webhook

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done Issue
Development

No branches or pull requests

2 participants