Update .gitreview for stable/train

Change-Id: I6e6fee297b0579d385ca7130f0db0f9e3b2a5df8
2019-10-24 14:47:18 +00:00
13 changed files with 37 additions and 439 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1 +0,0 @@
-.tox
--- a/.gitreview
+++ b/.gitreview
@@ -2,4 +2,4 @@
 host=review.opendev.org
 port=29418
 project=openstack/devstack-plugin-container.git
-defaultbranch=stable/zed
+defaultbranch=stable/train
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -18,7 +18,7 @@
 - job:
    name: devstack-plugin-container-k8s
    parent: devstack-minimal
-    nodeset: openstack-two-node-focal
+    nodeset: openstack-two-node-bionic
    pre-run: playbooks/devstack-plugin-container-k8s/pre.yaml
    run: playbooks/devstack-plugin-container-k8s/run.yaml
    post-run: playbooks/devstack-plugin-container-k8s/post.yaml
@@ -53,11 +53,9 @@
 - project:
    check:
      jobs:
-        - openstack-tox-bashate
        - devstack-plugin-container-dsvm
        - devstack-plugin-container-k8s:
            voting: false
    gate:
      jobs:
-        - openstack-tox-bashate
        - devstack-plugin-container-dsvm
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -1,19 +0,0 @@
-The source repository for this project can be found at:
-
-   https://opendev.org/openstack/devstack-plugin-container
-
-Pull requests submitted through GitHub are not monitored.
-
-To start contributing to OpenStack, follow the steps in the contribution guide
-to set up and use Gerrit:
-
-   https://docs.openstack.org/contributors/code-and-documentation/quick-start.html
-
-Bugs should be filed on Launchpad:
-
-   https://bugs.launchpad.net/devstack
-
-For more specific information about contributing to this repository, see the
-Devstack contributor guide:
-
-   https://docs.openstack.org/devstack/latest/contributor/contributing.html
--- a/devstack/lib/cni/plugins
+++ b/devstack/lib/cni/plugins
@@ -1,94 +0,0 @@
-#!/bin/bash
-#
-# lib/cni/plugins
-# Common CNI plugins functions
-
-# Dependencies:
-# ``functions`` file
-# ``STACK_USER`` has to be defined
-
-# Save trace setting
-_XTRACE_CONTAINER_CNI_PLUGINS=$(set +o | grep xtrace)
-set +o xtrace
-
-# Defaults
-# --------
-
-CNI_PLUGINS_BIN_DIR=/opt/cni/bin
-# install all plugins by default
-CNI_PLUGINS_INSTALL_PLUGINS=${CNI_PLUGINS_INSTALL_PLUGINS:-flannel,ptp,host-local,portmap,tuning,vlan,host-device,sample,dhcp,ipvlan,macvlan,loopback,bridge}
-CNI_PLUGINS_CONF_SOURCE_DIR=${CNI_PLUGINS_CONF_SOURCE_DIR:-$DEST/devstack-plugin-container/etc/cni/net.d}
-CNI_PLUGINS_CONF_DIR=${CNI_PLUGINS_CONF_DIR:-/etc/cni/net.d}
-
-CNI_PLUGINS_VERSION=${CNI_PLUGINS_VERSION:-v0.7.1}
-CNI_PLUGINS_SHA256_AMD64=${CNI_PLUGINS_SHA256_AMD64:-"6ecc5c7dbb8e4296b0d0d017e5440618e19605b9aa3b146a2c29af492f299dc7"}
-CNI_PLUGINS_SHA256_ARM64=${CNI_PLUGINS_SHA256_ARM64:-"258080b94bfc54bd54fd0ea7494efc31806aa4b2836ba3f2d189e0fc16fab0ef"}
-CNI_PLUGINS_SHA256_PPC64=${CNI_PLUGINS_SHA256_PPC64:-"a515c45a52e752249bb0e9feac1654c5d38974df6a36148778f6eeab9826f706"}
-CNI_PLUGINS_SHA256_S390X=${CNI_PLUGINS_SHA256_S390X:-"24e31be69a012395f1026cd37d125f5f81001cfc36434d8f7a17b36bc5f1e6ad"}
-# Make sure CNI plugins downloads the correct architecture
-if is_arch "x86_64"; then
-    CNI_PLUGINS_ARCH="amd64"
-    CNI_PLUGINS_SHA256=${CNI_PLUGINS_SHA256:-$CNI_PLUGINS_SHA256_AMD64}
-elif is_arch "aarch64"; then
-    CNI_PLUGINS_ARCH="arm64"
-    CNI_PLUGINS_SHA256=${CNI_PLUGINS_SHA256:-$CNI_PLUGINS_SHA256_ARM64}
-elif is_arch "ppc64le"; then
-    CNI_PLUGINS_ARCH="ppc64le"
-    CNI_PLUGINS_SHA256=${CNI_PLUGINS_SHA256:-$CNI_PLUGINS_SHA256_PPC64}
-elif is_arch "s390x"; then
-    CNI_PLUGINS_ARCH="s390x"
-    CNI_PLUGINS_SHA256=${CNI_PLUGINS_SHA256:-$CNI_PLUGINS_SHA256_S390X}
-else
-    exit_distro_not_supported "invalid hardware type"
-fi
-CNI_PLUGINS_DOWNLOAD_URL=${CNI_PLUGINS_DOWNLOAD_URL:-https://github.com/containernetworking/plugins/releases/download}
-CNI_PLUGINS_DOWNLOAD_FILE=cni-plugins-$CNI_PLUGINS_ARCH-$CNI_PLUGINS_VERSION.tgz
-CNI_PLUGINS_DOWNLOAD_LOCATION=$CNI_PLUGINS_DOWNLOAD_URL/$CNI_PLUGINS_VERSION/$CNI_PLUGINS_DOWNLOAD_FILE
-
-
-# Installs standard cni plugins.
-function install_cni_plugins {
-    echo "Installing CNI standard plugins"
-
-    # Download and cache the cni plugins tgz for subsequent use
-    local plugins_file
-    cni_plugins_file="$(get_extra_file $CNI_PLUGINS_DOWNLOAD_LOCATION)"
-    if [ ! -d "$FILES/cniplugins" ]; then
-        echo "${CNI_PLUGINS_SHA256} $cni_plugins_file" > $FILES/cniplugins.sha256sum
-        # remove the damaged file when checksum fails
-        sha256sum -c $FILES/cniplugins.sha256sum || (sudo rm -f $cni_plugins_file; exit 1)
-
-        mkdir $FILES/cniplugins
-        tar xzvf $cni_plugins_file -C $FILES/cniplugins
-    fi
-    for plugin in ${CNI_PLUGINS_INSTALL_PLUGINS//,/ }; do
-        if [ $(ls $FILES/cniplugins/$plugin 2> /dev/null) ]; then
-            echo "Install plugin: $plugin"
-            sudo install -o "$STACK_USER" -m 0555 -D "$FILES/cniplugins/$plugin" \
-                "$CNI_PLUGINS_BIN_DIR/$plugin"
-        else
-            echo "Skip installing plugin: $plugin"
-        fi
-    done
-}
-
-# Configure cni plugins.
-function configure_cni_plugins {
-    echo "Configuring CNI plugins"
-
-    for plugin in ${CNI_PLUGINS_INSTALL_PLUGINS//,/ }; do
-        local source_config_file
-        source_config_file=$(ls ${CNI_PLUGINS_CONF_SOURCE_DIR}/*${plugin}.conf 2> /dev/null || true)
-        if [ $source_config_file ]; then
-            echo "Found config file for plugin: $plugin"
-            sudo install -o "$STACK_USER" -m 0664 -t "$CNI_PLUGINS_CONF_DIR" -D \
-                "${source_config_file}"
-        else
-            echo "Config file not found for plugin: $plugin"
-        fi
-    done
-}
-
-
-# Restore xtrace
-$_XTRACE_CONTAINER_CNI_PLUGINS
--- a/devstack/lib/crio
+++ b/devstack/lib/crio
@@ -20,17 +20,16 @@ set +o xtrace
 # --------

 CRIO_ENGINE_SOCKET_FILE=${CRIO_ENGINE_SOCKET_FILE:-/var/run/crio/crio.sock}
-CRIO_ALLOW_ICMP=$(trueorfalse True CRIO_ALLOW_ICMP)

 # Functions
 # ---------

 function check_crio {
    if is_ubuntu; then
-        dpkg -l | grep crio-o > /dev/null 2>&1
+       dpkg -l | grep crio-o > /dev/null 2>&1
    else
-        false
-        # TODO: CentOS/Fedora support.
+       false
+       # TODO: CentOS/Fedora support.
    fi
 }

@@ -41,22 +40,13 @@ function install_crio {

    local lsb_dist=${os_VENDOR,,}
    local dist_version=${os_CODENAME}
-    local kubic_obs_project_key="2472d6d0d2f66af87aba8da34d64390375060aa4"
-    local os="x${os_VENDOR}_${os_RELEASE}"
+    local arch=$(dpkg --print-architecture)
    if is_ubuntu; then
-        apt_get install apt-transport-https ca-certificates \
-            software-properties-common
-        sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 \
-            --recv ${kubic_obs_project_key}
-        sudo apt-add-repository "deb https://download.opensuse.org/"`
-            `"repositories/devel:/kubic:/libcontainers:/stable/${os}/ /"
-        sudo apt-add-repository "deb http://download.opensuse.org/"`
-            `"repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/"`
-            `"${CRIO_VERSION}/${os}/ /"
-
+        apt_get install apt-transport-https ca-certificates software-properties-common
+        sudo add-apt-repository -y ppa:projectatomic/ppa
        # Installing podman and containerd will get us compatible versions of
        # cri-o and runc. And we need podman to manage container images anyway.
-        apt_get install podman buildah cri-o-runc cri-o
+        apt_get install podman buildah
    elif is_fedora; then
        if [[ "$lsb_dist" = "centos" ]]; then
            sudo yum-config-manager \
@@ -74,17 +64,26 @@ function configure_crio {
    # After an ./unstack it will be stopped. So it is ok if it returns exit-code == 1
    sudo systemctl stop crio.service || true

-    export CRIO_CONF="/etc/crio/crio.conf"
+    local crio_conf
+    crio_conf=/etc/crio/crio.conf

    # We're wrapping values in \"<val>\" because that's the format cri-o wants.
-    iniset -sudo ${CRIO_CONF} crio.api listen \"${CRIO_ENGINE_SOCKET_FILE}\"
-    iniset -sudo ${CRIO_CONF} crio.image pause_image \"${CRIO_PAUSE_IMAGE}\"
-    iniset -sudo ${CRIO_CONF} crio.image pause_command \"${CRIO_PAUSE_COMMAND}\"
+    iniset -sudo ${crio_conf} crio.api listen \"${CRIO_ENGINE_SOCKET_FILE}\"
    if [[ "$ENABLE_DEBUG_LOG_LEVEL" == "True" ]]; then
        # debug is way too verbose, info will be enough
-        iniset -sudo ${CRIO_CONF} crio.runtime log_level \"info\"
+        iniset -sudo ${crio_conf} crio.runtime log_level \"info\"
    fi
    if is_ubuntu; then
+        # In Ubuntu's a special vendored version of runc is installed with
+        # cri-o. This means that it'll not work with the system's version of
+        # runc. Moreover vendored runc is not placed into /usr/bin, where
+        # crio.conf states that it will be. We fix that by linking the vendored
+        # binary to /usr/bin.
+        if [[ ! -e /usr/bin/runc ]]; then
+            sudo ln -s /usr/lib/cri-o-runc/sbin/runc /usr/bin/runc
+            sudo chmod +x /usr/bin/runc
+        fi
+
        # At least for 18.04 we need to set up /etc/containers/registries.conf
        # with some initial content. That's another bug with that PPA.
        local registries_conf
@@ -96,41 +95,15 @@ function configure_crio {
 registries = ['docker.io']
 EOF
        fi
-        # CRI-O from kubic repo have placed runc in different place, not even
-        # in path, just to not conflict with runc package from official repo.
-        # We need to change it.
-        iniset -sudo ${CRIO_CONF} crio.runtime.runtimes.runc runtime_path \
-            \"/usr/lib/cri-o-runc/sbin/runc\"
-
-        if [ -n "${CNI_CONF_DIR}" ]; then
-            iniset -sudo ${CRIO_CONF} crio.network network_dir \
-                \"${CNI_CONF_DIR}\"
-        fi
-        if [ -n "${CNI_PLUGIN_DIR}" ]; then
-            iniset -sudo ${CRIO_CONF} crio.network plugin_dir \
-                \"${CNI_PLUGIN_DIR}\"
-        fi
-        # By default CRI-O doesn't allow ICMP between containers, although it
-        # is ususally expected for testing purposes.
-        if [ "${CRIO_ALLOW_ICMP}" == "True" ]; then
-            if grep -q 'default_sysctls =' ${CRIO_CONF}; then
-                export CRIO_KEY="default_sysctls"
-                export CRIO_VAL='[ "net.ipv4.ping_group_range=0 2147483647", ]'
-                _update_config
-            else
-                iniset -sudo ${CRIO_CONF} crio.runtime default_sysctls \
-                    '[ "net.ipv4.ping_group_range=0 2147483647", ]'
-            fi
-        fi
    elif is_fedora; then
        local lsb_dist=${os_VENDOR,,}

        if [[ "$lsb_dist" = "centos" ]]; then
            # CentOS packages are putting runc binary in different place...
-            iniset -sudo ${CRIO_CONF} crio.runtime runtime \"/usr/sbin/runc\"
+            iniset -sudo ${crio_conf} crio.runtime runtime \"/usr/sbin/runc\"

            # CentOS version seems to only work with cgroupfs...
-            iniset -sudo ${CRIO_CONF} crio.runtime cgroup_manager \"cgroupfs\"
+            iniset -sudo ${crio_conf} crio.runtime cgroup_manager \"cgroupfs\"
        fi
    fi

@@ -141,46 +114,5 @@ function stop_crio {
    sudo systemctl stop crio.service || true
 }

-function _update_config {
-sudo -E python3 - <<EOF
-"""
-Update provided by CRIO_KEY key list in crio configuration in a form of:
-
-  some_key = [ some,
-      value
-  ]
-
-or just an empty list:
-
-  some_key = [
-  ]
-
-with the CRIO_VAL value.
-
-Note, CRIO_VAL must include square brackets.
-
-"""
-import os
-import re
-
-crio_key = os.environ.get('CRIO_KEY')
-crio_val = os.environ.get('CRIO_VAL')
-crio_conf = os.environ.get('CRIO_CONF')
-
-pat = re.compile(rf'{crio_key}\s*=\s*\[[^\]]*\]', flags=re.S | re.M)
-
-with open(crio_conf) as fobj:
-    conf = fobj.read()
-
-with open(crio_conf, 'w') as fobj:
-    search = pat.search(conf)
-    if search:
-        start, end = search.span()
-        conf = conf[:start] + f'{crio_key} = {crio_val}' + conf[end:]
-        fobj.write(conf)
-
-EOF
-}
-
 # Restore xtrace
 $_XTRACE_DOCKER
--- a/devstack/lib/docker
+++ b/devstack/lib/docker
@@ -29,23 +29,18 @@ DOCKER_CGROUP_DRIVER=${DOCKER_CGROUP_DRIVER:-}
 # TODO(hongbin): deprecate and remove clear container
 ENABLE_CLEAR_CONTAINER=$(trueorfalse False ENABLE_CLEAR_CONTAINER)
 ENABLE_KATA_CONTAINERS=$(trueorfalse False ENABLE_KATA_CONTAINERS)
-ENABLE_CONTAINERD_CRI=$(trueorfalse False ENABLE_CONTAINERD_CRI)
 ENABLE_LIVE_RESTORE=$(trueorfalse False ENABLE_LIVE_RESTORE)
 ENABLE_IPV6=$(trueorfalse False ENABLE_IPV6)
 KATA_BRANCH=${KATA_BRANCH:-master}
-KATA_RUNTIME=${KATA_RUNTIME:-kata-runtime}
-
-CONTAINERD_CONF_DIR=/etc/containerd
-CONTAINERD_CONF=$CONTAINERD_CONF_DIR/config.toml

 # Functions
 # ---------

 function check_docker {
    if is_ubuntu; then
-        dpkg -s docker-engine > /dev/null 2>&1 || dpkg -s docker-ce > /dev/null 2>&1
+       dpkg -s docker-engine > /dev/null 2>&1 || dpkg -s docker-ce > /dev/null 2>&1
    else
-        rpm -q docker-engine > /dev/null 2>&1 || rpm -q docker > /dev/null 2>&1 || rpm -q docker-ce > /dev/null 2>&1
+       rpm -q docker-engine > /dev/null 2>&1 || rpm -q docker > /dev/null 2>&1 || rpm -q docker-ce > /dev/null 2>&1
    fi
 }

@@ -56,12 +51,8 @@ function install_docker {

    local lsb_dist=${os_VENDOR,,}
    local dist_version=${os_CODENAME}
-    if [[ "$lsb_dist" != "centosstream" ]]; then
-        local arch
-        arch=$(dpkg --print-architecture)
-    fi
+    local arch=$(dpkg --print-architecture)
    if is_ubuntu; then
-        apt_get install apparmor
        if [[ ${dist_version} == 'trusty' ]]; then
            if uname -r | grep -q -- '-generic' && dpkg -l 'linux-image-*-generic' | grep -qE '^ii|^hi' 2>/dev/null; then
                apt_get install linux-image-extra-$(uname -r) linux-image-extra-virtual
@@ -76,27 +67,12 @@ function install_docker {
            ${dist_version} \
            stable"
        REPOS_UPDATED=False apt_get_update
-        if [ -n "${UBUNTU_DOCKER_VERSION}" ]; then
-            apt_get install docker-ce=$UBUNTU_DOCKER_VERSION
-        else
-            apt_get install docker-ce
-        fi
+        apt_get install docker-ce
    elif is_fedora; then
        if [[ "$lsb_dist" = "centos" ]]; then
            sudo yum-config-manager \
                --add-repo \
                https://download.docker.com/linux/centos/docker-ce.repo
-        elif  [[ "$lsb_dist" = "centosstream" ]]; then
-            sudo yum-config-manager \
-                --add-repo \
-                https://download.docker.com/linux/centos/docker-ce.repo
-            sudo yum-config-manager \
-                --add-repo \
-                https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 #noqa
-            sudo yum-config-manager \
-                --enable \
-                packages.cloud.google.com_yum_repos_kubernetes-el7-x86_64
-            sudo dnf -y install kubeadm --nogpgcheck
        elif [[ "$lsb_dist" = "fedora" ]]; then
            sudo dnf config-manager \
                --add-repo \
@@ -131,27 +107,9 @@ function install_docker {
            (>&2 echo "WARNING: Clear Container needs the CPU extensions svm or vmx which is not enabled. Skipping Clear Container installation.")
        fi
    fi
-
-    if [[ "$ENABLE_CONTAINERD_CRI" == "True" ]]; then
-        source $DEST/devstack-plugin-container/devstack/lib/cni/plugins
-        install_cni_plugins
-
-        source $DEST/devstack-plugin-container/devstack/lib/tools/crictl
-        install_crictl
-    fi
 }

 function configure_docker {
-    if [[ ${ENABLE_CONTAINERD_CRI} == "True" ]]; then
-        source $DEST/devstack-plugin-container/devstack/lib/cni/plugins
-        configure_cni_plugins
-
-        configure_containerd
-
-        source $DEST/devstack-plugin-container/devstack/lib/tools/crictl
-        configure_crictl
-    fi
-
    # After an ./unstack it will be stopped. So it is ok if it returns exit-code == 1
    sudo systemctl stop docker.service || true

@@ -163,11 +121,11 @@ function configure_docker {
    if [[ "$ENABLE_KATA_CONTAINERS" == "True" ]]; then
        if sudo grep -E 'svm|vmx' /proc/cpuinfo &> /dev/null; then
            runtime_opts+="\"runtimes\": {
-                \"$KATA_RUNTIME\": {
+                \"kata-runtime\": {
                    \"path\": \"/usr/bin/kata-runtime\"
                }
            },
-            \"default-runtime\": \"$KATA_RUNTIME\","
+            \"default-runtime\": \"kata-runtime\","
        fi
    # TODO(hongbin): deprecate and remove clear container
    elif [[ "$ENABLE_CLEAR_CONTAINER" == "True" ]]; then
@@ -238,39 +196,12 @@ EOF
    sudo systemctl --no-block restart docker.service
 }

-function configure_containerd {
-    sudo mkdir -p $CONTAINERD_CONF_DIR
-    sudo chown -R $STACK_USER $CONTAINERD_CONF_DIR
-
-    stack_user_gid=$(getent group $STACK_USER | cut -d: -f3)
-    cat <<EOF | sudo tee $CONTAINERD_CONF >/dev/null
-[grpc]
-  gid = $stack_user_gid
-
-[debug]
-  level = "debug"
-
-EOF
-    if [[ "$ENABLE_KATA_CONTAINERS" == "True" ]]; then
-        cat <<EOF | sudo tee -a $CONTAINERD_CONF >/dev/null
-[plugins]
-  [plugins.cri]
-    [plugins.cri.containerd]
-      [plugins.cri.containerd.runtimes.${KATA_RUNTIME}]
-         runtime_type = "io.containerd.kata.v2"
-EOF
-    fi
-
-    sudo systemctl --no-block restart containerd.service
-}
-
 function stop_docker {
    sudo systemctl stop docker.service || true
 }

 function cleanup_docker {
    uninstall_package docker-ce
-    rm -f $CONTAINERD_CONF
 }

 # TODO(hongbin): deprecate and remove clear container
--- a/devstack/lib/k8s
+++ b/devstack/lib/k8s
@@ -27,7 +27,7 @@ K8S_NODE_IP=${K8S_NODE_IP:-$HOST_IP}
 K8S_API_SERVER_PORT=${K8S_API_SERVER_PORT:-6443}
 K8S_POD_NETWORK_CIDR=${K8S_POD_NETWORK_CIDR:-10.244.0.0/16}
 K8S_SERVICE_NETWORK_CIDR=${K8S_SERVICE_NETWORK_CIDR:-10.96.0.0/12}
-K8S_VERSION=${K8S_VERSION:-1.19.0-00}
+K8S_VERSION=${K8S_VERSION:-1.14.1-00}
 K8S_NETWORK_ADDON=${K8S_NETWORK_ADDON:-flannel}

 # Functions
@@ -58,12 +58,10 @@ function install_kubeadm {
 }

 function kubeadm_init {
-    local kubeadm_config_file
-    kubeadm_config_file=$(mktemp)
-    cat <<EOF | tee $kubeadm_config_file >/dev/null
+    local kubeadm_config_file=$(mktemp)
+    cat <<EOF | sudo tee $kubeadm_config_file >/dev/null
 apiVersion: kubeadm.k8s.io/v1beta1
 kind: ClusterConfiguration
-imageRepository: "${KUBEADMIN_IMAGE_REPOSITORY}"
 etcd:
  external:
    endpoints:
@@ -85,7 +83,6 @@ apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 failSwapOn: false
 EOF
-    sudo kubeadm config images pull --image-repository=${KUBEADMIN_IMAGE_REPOSITORY}
    sudo kubeadm init --config $kubeadm_config_file --ignore-preflight-errors Swap

    local kube_config_file=$HOME/.kube/config
@@ -94,14 +91,13 @@ EOF
    safe_chown $STACK_USER:$STACK_USER $kube_config_file

    if [[ "$K8S_NETWORK_ADDON" == "flannel" ]]; then
-        kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/4ff77dc7c35851913587f7daccf25d754e77aa65/Documentation/kube-flannel.yml
+        kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
    fi
 }

 function kubeadm_join {
-    local kubeadm_config_file
-    kubeadm_config_file=$(mktemp)
-    cat <<EOF | tee $kubeadm_config_file >/dev/null
+    local kubeadm_config_file=$(mktemp)
+    cat <<EOF | sudo tee $kubeadm_config_file >/dev/null
 apiVersion: kubeadm.k8s.io/v1beta1
 kind: JoinConfiguration
 discovery:
--- a/devstack/lib/tools/crictl
+++ b/devstack/lib/tools/crictl
@@ -1,76 +0,0 @@
-#!/bin/bash
-#
-# lib/tools/crictl
-# CRI command line tools functions
-
-# Dependencies:
-# ``functions`` file
-# ``STACK_USER`` has to be defined
-
-# Save trace setting
-_XTRACE_CONTAINER_TOOLS_CRICTL=$(set +o | grep xtrace)
-set +o xtrace
-
-# Defaults
-# --------
-
-CRICTL_BIN_DIR=/usr/local/bin
-
-CRICTL_VERSION=${CRICTL_VERSION:-v1.17.0}
-CRICTL_SHA256_AMD64=${CRICTL_SHA256_AMD64:-"7b72073797f638f099ed19550d52e9b9067672523fc51b746e65d7aa0bafa414"}
-CRICTL_SHA256_ARM64=${CRICTL_SHA256_ARM64:-"d89afd89c2852509fafeaff6534d456272360fcee732a8d0cb89476377387e12"}
-CRICTL_SHA256_PPC64=${CRICTL_SHA256_PPC64:-"a61c52b9ac5bffe94ae4c09763083c60f3eccd30eb351017b310f32d1cafb855"}
-CRICTL_SHA256_S390X=${CRICTL_SHA256_S390X:-"0db445f0b74ecb51708b710480a462b728174155c5f2709a39d1cc2dc975e350"}
-# Make sure downloads the correct architecture
-if is_arch "x86_64"; then
-    CRICTL_ARCH="amd64"
-    CRICTL_SHA256=${CRICTL_SHA256:-$CRICTL_SHA256_AMD64}
-elif is_arch "aarch64"; then
-    CRICTL_ARCH="arm64"
-    CRICTL_SHA256=${CRICTL_SHA256:-$CRICTL_SHA256_ARM64}
-elif is_arch "ppc64le"; then
-    CRICTL_ARCH="ppc64le"
-    CRICTL_SHA256=${CRICTL_SHA256:-$CRICTL_SHA256_PPC64}
-elif is_arch "s390x"; then
-    CRICTL_ARCH="s390x"
-    CRICTL_SHA256=${CRICTL_SHA256:-$CRICTL_SHA256_S390X}
-else
-    exit_distro_not_supported "invalid hardware type"
-fi
-CRICTL_DOWNLOAD_URL=${CRICTL_DOWNLOAD_URL:-https://github.com/kubernetes-sigs/cri-tools/releases/download}
-CRICTL_DOWNLOAD_FILE=crictl-$CRICTL_VERSION-linux-$CRICTL_ARCH.tar.gz
-CRICTL_DOWNLOAD_LOCATION=$CRICTL_DOWNLOAD_URL/$CRICTL_VERSION/$CRICTL_DOWNLOAD_FILE
-
-
-# Installs crictl tools.
-function install_crictl {
-    echo "Installing CRI command-line tools"
-
-    # Download and cache the crictl tar for subsequent use
-    local crictl_file
-    crictl_file="$(get_extra_file $CRICTL_DOWNLOAD_LOCATION)"
-    if [ ! -f "$FILES/crictl" ]; then
-        echo "${CRICTL_SHA256} $crictl_file" > $FILES/crictl.sha256sum
-        # remove the damaged file when checksum fails
-        sha256sum -c $FILES/crictl.sha256sum || (sudo rm -f $crictl_file; exit 1)
-
-        tar xzvf $crictl_file -C $FILES
-        sudo install -o "$STACK_USER" -m 0555 -D "$FILES/crictl" \
-            "$CRICTL_BIN_DIR/crictl"
-    fi
-}
-
-# Configure crictl tools.
-function configure_crictl {
-    local crictl_config_file=/etc/crictl.yaml
-    cat <<EOF | sudo tee $crictl_config_file >/dev/null
-runtime-endpoint: unix:///run/containerd/containerd.sock
-image-endpoint: unix:///run/containerd/containerd.sock
-timeout: 10
-debug: true
-EOF
-}
-
-
-# Restore xtrace
-$_XTRACE_CONTAINER_TOOLS_CRICTL
--- a/devstack/settings
+++ b/devstack/settings
@@ -8,13 +8,6 @@ ENABLE_KATA_CONTAINERS=${ENABLE_KATA_CONTAINERS:-false}
 ENABLE_LIVE_RESTORE=${ENABLE_LIVE_RESTORE:-false}
 ENABLE_IPV6=${ENABLE_IPV6:-false}
 K8S_NETWORK_ADDON=${K8S_NETWORK_ADDON:-flannel}
-ENABLE_CONTAINERD_CRI=${ENABLE_CONTAINERD_CRI:-false}
-CRIO_VERSION=${CRIO_VERSION:-"1.18:/1.18.0"}
-CRIO_ALLOW_ICMP=${CRIO_ALLOW_ICMP:-true}
-CNI_CONF_DIR=${CNI_CONF_DIR:-}
-CNI_PLUGIN_DIR=${CNI_PLUGIN_DIR:-}
-
-UBUNTU_DOCKER_VERSION=${UBUNTU_DOCKER_VERSION:-}

 # Enable container services
 enable_service container
@@ -26,10 +19,3 @@ if [[ ,${ENABLED_SERVICES} =~ ,"k8s-master" ]]; then
    enable_service kube-scheduler
    enable_service kube-proxy
 fi
-
-# Customize kubeadm container images repository
-KUBEADMIN_IMAGE_REPOSITORY=${KUBEADMIN_IMAGE_REPOSITORY:-"k8s.gcr.io"}
-
-# Configure crio pause image
-CRIO_PAUSE_IMAGE=${CRIO_PAUSE_IMAGE:-"k8s.gcr.io/pause:3.6"}
-CRIO_PAUSE_COMMAND=${CRIO_PAUSE_COMMAND:-"/pause"}
--- a/etc/cni/net.d/10-bridge.conf
+++ b/etc/cni/net.d/10-bridge.conf
@@ -1,15 +0,0 @@
-{
-    "cniVersion": "0.2.0",
-    "name": "mynet",
-    "type": "bridge",
-    "bridge": "cni0",
-    "isGateway": true,
-    "ipMasq": true,
-    "ipam": {
-        "type": "host-local",
-        "subnet": "10.22.0.0/16",
-        "routes": [
-            { "dst": "0.0.0.0/0" }
-        ]
-    }
-}
--- a/etc/cni/net.d/99-loopback.conf
+++ b/etc/cni/net.d/99-loopback.conf
@@ -1,5 +0,0 @@
-{
-    "cniVersion": "0.2.0",
-    "name": "lo",
-    "type": "loopback"
-}
--- a/tox.ini
+++ b/tox.ini
@@ -1,35 +0,0 @@
-[tox]
-minversion = 3.18.0
-skipsdist = True
-envlist = bashate
-
-[testenv]
-usedevelop = False
-install_command = pip install {opts} {packages}
-
-[testenv:bashate]
-basepython = python3
-# if you want to test out some changes you have made to bashate
-# against devstack, just set BASHATE_INSTALL_PATH=/path/... to your
-# modified bashate tree
-deps =
-   {env:BASHATE_INSTALL_PATH:bashate==0.5.1}
-allowlist_externals = bash
-commands = bash -c "find {toxinidir}             \
-         -not \( -type d -name .?\* -prune \)    \
-         -not \( -type d -name doc -prune \)     \
-         -not \( -type f -name localrc -prune \) \
-         -type f                                 \
-         -not -name \*~                          \
-         -not -name \*.md                        \
-         -not -name stack-screenrc               \
-         -not -name \*.orig                      \
-         -not -name \*.rej                       \
-         \(                                      \
-          -name \*.sh -or                        \
-          -name \*rc -or                         \
-          -name functions\* -or                  \
-          -wholename \*/inc/\* -or               \
-          -wholename \*/lib/\*                   \
-         \)                                      \
-         -print0 | xargs -0 bashate -v -iE006 -eE005,E042"