k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/jobs/e2e_node/crio/templates/crio_cgroupsv2.yaml (about) 1 --- 2 variant: fcos 3 version: 1.4.0 4 kernel_arguments: 5 should_not_exist: 6 - mitigations=auto,nosmt 7 storage: 8 files: 9 - path: /etc/zincati/config.d/90-disable-auto-updates.toml 10 contents: 11 local: 90-disable-auto-updates.toml 12 mode: 0644 13 - path: /root/kubelet-e2e.te 14 contents: 15 local: kubelet-e2e.te 16 mode: 0644 17 - path: /etc/crio/crio.conf.d/crio.conf 18 contents: 19 local: crio.conf 20 mode: 0644 21 - path: /etc/sysctl.d/99-e2e-sysctl.conf 22 contents: 23 local: 99-e2e-sysctl.conf 24 mode: 0644 25 - path: /etc/ssh-key-secret/ssh-public 26 contents: 27 # base64 encoded "GCE_SSH_PUBLIC_KEY_FILE_CONTENT" 28 source: data:text/plain;base64,R0NFX1NTSF9QVUJMSUNfS0VZX0ZJTEVfQ09OVEVOVA== 29 mode: 0644 30 systemd: 31 units: 32 - name: configure-sysctl.service 33 enabled: true 34 contents: | 35 [Unit] 36 Description=Configure required sysctls. 37 38 [Service] 39 Type=oneshot 40 ExecStart=/usr/lib/systemd/systemd-sysctl 41 42 [Install] 43 WantedBy=multi-user.target 44 - name: tools-install.service 45 enabled: true 46 contents: | 47 [Unit] 48 Description=Download and install required tools. 49 Before=crio-install.service 50 After=NetworkManager-wait-online.service 51 52 [Service] 53 Type=oneshot 54 ExecStart=rpm-ostree install \ 55 -y \ 56 --apply-live \ 57 --allow-inactive \ 58 dbus-tools \ 59 checkpolicy 60 61 [Install] 62 WantedBy=multi-user.target 63 - name: selinux-install.service 64 enabled: true 65 contents: | 66 [Unit] 67 Description=Setup SELinux policy 68 After=tools-install.service 69 70 [Service] 71 Type=oneshot 72 ExecStartPre=setenforce 1 73 ExecStartPre=checkmodule -M -m -o /root/kubelet-e2e.mod /root/kubelet-e2e.te 74 ExecStartPre=semodule_package -o /root/kubelet-e2e.pp -m /root/kubelet-e2e.mod 75 ExecStartPre=semodule -i /root/kubelet-e2e.pp 76 ExecStartPre=mkdir -p /var/lib/kubelet 77 ExecStart=chcon -R -u system_u -r object_r -t var_lib_t /var/lib/kubelet 78 79 [Install] 80 WantedBy=multi-user.target 81 - name: crio-install.service 82 enabled: true 83 contents: | 84 [Unit] 85 Description=Download and install crio binaries and configurations. 86 After=selinux-install.service 87 88 [Service] 89 Type=oneshot 90 Environment="SCRIPT_COMMIT=3e02ed6de9f516af9d8884c06ee3d709b2fa413d" 91 Environment="CRIO_COMMIT=v1.30.0" 92 93 ExecStartPre=mount /tmp /tmp -o remount,exec,suid 94 ExecStartPre=mount -o remount,rw /dev/sda4 /usr 95 ExecStartPre=bash -c '\ 96 curl --fail --retry 5 --retry-delay 3 --silent --show-error \ 97 https://raw.githubusercontent.com/cri-o/packaging/$SCRIPT_COMMIT/get |\ 98 bash -s -- -t $CRIO_COMMIT' 99 ExecStartPre=rm -f /etc/cni/net.d/87-podman-bridge.conflist 100 ExecStartPre=rm -f /etc/crio/crio.conf.d/10-crio.conf 101 ExecStart=systemctl enable --now crio.service 102 103 [Install] 104 WantedBy=multi-user.target 105 - name: authorized-key.service 106 enabled: true 107 contents: | 108 [Unit] 109 Description=Copy authorized keys 110 Before=crio-install.service 111 After=NetworkManager-wait-online.service 112 113 [Service] 114 Type=oneshot 115 ExecStart=/bin/sh -c '\ 116 /usr/bin/mkdir -m 0700 -p /home/core/.ssh && \ 117 /usr/bin/cat /etc/ssh-key-secret/ssh-public \ 118 >> /home/core/.ssh/authorized_keys && \ 119 /usr/bin/chown -R core:core /home/core/.ssh && \ 120 /usr/bin/chmod 0600 /home/core/.ssh/authorized_keys' 121 122 [Install] 123 WantedBy=multi-user.target