From c70971e5eacd0b9db63e3cc86e6b98639b14b0d2 Mon Sep 17 00:00:00 2001 From: Magnus Kulke Date: Tue, 19 Dec 2023 09:57:15 +0100 Subject: [PATCH] podvm: revert agent-config path to /etc The ./podvm kata-agent unit has been set to use a config file in /etc. Having the kata-agent config file in /run will break the CAA libvirt tests, since we have dependencies that rely on the config being in /etc. ./podvm-mkosi will override this path to a configuration in /run. Signed-off-by: Magnus Kulke --- cmd/process-user-data/types.go | 2 +- .../system/kata-agent.service.d/10-override.conf | 10 ++++++++++ .../process-user-data.service.d/10-override.conf | 5 +++++ podvm/files/etc/systemd/system/kata-agent.service | 4 ++-- 4 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/kata-agent.service.d/10-override.conf create mode 100644 podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/process-user-data.service.d/10-override.conf diff --git a/cmd/process-user-data/types.go b/cmd/process-user-data/types.go index 3f4805520..3b5a2a4ef 100644 --- a/cmd/process-user-data/types.go +++ b/cmd/process-user-data/types.go @@ -5,7 +5,7 @@ const ( providerAzure = "azure" providerAws = "aws" - defaultAgentConfigPath = "/run/peerpod/agent-config.toml" + defaultAgentConfigPath = "/etc/agent-config.toml" defaultAuthJsonFilePath = "/run/peerpod/auth.json" ) diff --git a/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/kata-agent.service.d/10-override.conf b/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/kata-agent.service.d/10-override.conf new file mode 100644 index 000000000..c51f5b3ab --- /dev/null +++ b/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/kata-agent.service.d/10-override.conf @@ -0,0 +1,10 @@ +# On a read-only fs the kata-agent config is created in /run/peerpod, since it contains +# a parameter that can be set at pod creation time. +[Unit] +ConditionKernelCommandLine= + +[Service] +ExecStart= +ExecStart=/usr/local/bin/kata-agent --config /run/peerpod/agent-config.toml +ExecStop= +ExecStopPost=/usr/local/bin/kata-agent-clean --config /run/peerpod/agent-config.toml diff --git a/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/process-user-data.service.d/10-override.conf b/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/process-user-data.service.d/10-override.conf new file mode 100644 index 000000000..3b66c7fa0 --- /dev/null +++ b/podvm-mkosi/mkosi.skeleton/usr/lib/systemd/system/process-user-data.service.d/10-override.conf @@ -0,0 +1,5 @@ +# On a read-only fs the kata-agent config is created in /run/peerpod, since it contains +# a parameter that can be set at pod creation time. +[Service] +ExecStart= +ExecStart=/usr/local/bin/process-user-data update-agent-config --agent-config-file /run/peerpod/agent-config.toml diff --git a/podvm/files/etc/systemd/system/kata-agent.service b/podvm/files/etc/systemd/system/kata-agent.service index 47d20c741..f3f2a27d5 100644 --- a/podvm/files/etc/systemd/system/kata-agent.service +++ b/podvm/files/etc/systemd/system/kata-agent.service @@ -6,9 +6,9 @@ After=netns@podns.service process-user-data.service [Service] ExecStartPre=mkdir -p /run/kata-containers -ExecStart=/usr/local/bin/kata-agent --config /run/peerpod/agent-config.toml +ExecStart=/usr/local/bin/kata-agent --config /etc/agent-config.toml ExecStartPre=-umount /sys/fs/cgroup/misc -ExecStopPost=/usr/local/bin/kata-agent-clean --config /run/peerpod/agent-config.toml +ExecStopPost=/usr/local/bin/kata-agent-clean --config /etc/agent-config.toml # Now specified in the agent-config.toml Environment="KATA_AGENT_SERVER_ADDR=unix:///run/kata-containers/agent.sock" SyslogIdentifier=kata-agent