diff --git a/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch b/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch new file mode 100644 index 0000000000..f8655f7b46 --- /dev/null +++ b/projects/kubernetes-sigs/cluster-api/patches/0036-disable-cgroupns-private-to-fix-AL2.patch @@ -0,0 +1,39 @@ +From fca4856d6763778b0e3880cdd04a96e1af134e30 Mon Sep 17 00:00:00 2001 +From: Jackson West +Date: Sat, 19 Aug 2023 09:35:39 -0500 +Subject: [PATCH] disable cgroupns=private to fix AL2 + +--- + test/infrastructure/container/docker.go | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/test/infrastructure/container/docker.go b/test/infrastructure/container/docker.go +index 225a0e5b9..57bedee24 100644 +--- a/test/infrastructure/container/docker.go ++++ b/test/infrastructure/container/docker.go +@@ -39,7 +39,6 @@ import ( + "k8s.io/utils/pointer" + + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" +- "sigs.k8s.io/cluster-api/test/infrastructure/kind" + ) + + const ( +@@ -404,9 +403,11 @@ func (d *dockerRuntime) RunContainer(ctx context.Context, runConfig *RunContaine + networkConfig := network.NetworkingConfig{} + + // NOTE: starting from Kind 0.20 kind requires CgroupnsMode to be set to private. +- if runConfig.KindMode != kind.ModeNone && runConfig.KindMode != kind.Mode0_19 { +- hostConfig.CgroupnsMode = "private" +- } ++ // AWS: groupns = private breaks on AL2 nodes, kind 0.20 still "supports" non-private mode ++ // but it is deprecated it. For now we revert to the previous behavior. ++ // if runConfig.KindMode != kind.ModeNone && runConfig.KindMode != kind.Mode0_19 { ++ // hostConfig.CgroupnsMode = "private" ++ // } + + if runConfig.IPFamily == clusterv1.IPv6IPFamily { + hostConfig.Sysctls = map[string]string{ +-- +2.40.1 + diff --git a/projects/kubernetes-sigs/kind/CHECKSUMS b/projects/kubernetes-sigs/kind/CHECKSUMS index 6c27ae6092..c7468c5a18 100644 --- a/projects/kubernetes-sigs/kind/CHECKSUMS +++ b/projects/kubernetes-sigs/kind/CHECKSUMS @@ -1,4 +1,4 @@ -3201b5e1d3199dd1271ffde0f272a42eef76826ff84a18ac1ab98f58d0d9fdf3 _output/bin/kind/linux-amd64/kind -5ac16b95376ffbd6a5af04d238616050bf3ea6bc2c78b99a32d60fa110363def _output/bin/kind/linux-amd64/kindnetd -0f694a8dc8886e23e4b73b5bc7d18e0b0d7ab0e00ab37100fef12acda0ee2aa1 _output/bin/kind/linux-arm64/kind -20a4aaeea684463d2518ecc8cfe6722975eed72cc3aac7557e107396732d0273 _output/bin/kind/linux-arm64/kindnetd +db163b2116096b8d6436a42ad407a16a04a59fc6542bcb558c79c53618e67e41 _output/bin/kind/linux-amd64/kind +c807016bbe5def6f0b920267e6123a085e5f608e0cb337a63a6799acbe731f63 _output/bin/kind/linux-amd64/kindnetd +1e2a77547992291bc261d396c30fd1330e3225dd7e22345f8cf8db0731627764 _output/bin/kind/linux-arm64/kind +bcf95c615cd881259c4ddb21642098255606aff520e94f4403e112efb2c7080d _output/bin/kind/linux-arm64/kindnetd diff --git a/projects/kubernetes-sigs/kind/patches/0004-Disable-cgroupns-private-to-fix-cluster-creation-on-.patch b/projects/kubernetes-sigs/kind/patches/0004-Disable-cgroupns-private-to-fix-cluster-creation-on-.patch new file mode 100644 index 0000000000..8b80fc1d7a --- /dev/null +++ b/projects/kubernetes-sigs/kind/patches/0004-Disable-cgroupns-private-to-fix-cluster-creation-on-.patch @@ -0,0 +1,26 @@ +From 00cfd713adb67782d7d0a013b4be5a4a61232425 Mon Sep 17 00:00:00 2001 +From: Jackson West +Date: Sat, 19 Aug 2023 09:21:55 -0500 +Subject: [PATCH] Disable cgroupns=private to fix cluster creation on AL2 + +--- + pkg/cluster/internal/providers/docker/provision.go | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go +index 6c644a36..351c023b 100644 +--- a/pkg/cluster/internal/providers/docker/provision.go ++++ b/pkg/cluster/internal/providers/docker/provision.go +@@ -171,7 +171,8 @@ func commonArgs(cluster string, cfg *config.Cluster, networkName string, nodeNam + // this is the default with cgroups v2 but not with cgroups v1, unless + // overridden in the daemon --default-cgroupns-mode + // https://github.com/docker/cli/pull/3699#issuecomment-1191675788 +- "--cgroupns=private", ++ // AWS: Seems to cause issues on AL2 nodes ++ //"--cgroupns=private", + } + + // enable IPv6 if necessary +-- +2.40.1 +