Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Have cri-tools installed and configured #1486

Closed
reegnz opened this issue Oct 26, 2023 · 5 comments
Closed

Have cri-tools installed and configured #1486

reegnz opened this issue Oct 26, 2023 · 5 comments

Comments

@reegnz
Copy link
Contributor

reegnz commented Oct 26, 2023

What would you like to be added:
Install cri-tools and configure it with /etc/crictl.yaml.

Previously there was an issue that requested this (#797) but it was closed by a change that introduced nerdctl instead.
AFAICT amazon-linux does have a cri-tools package, so installing it should be trivial.

Why is this needed:

Crictl is the officially documented tooling for kubernetes to troubleshoot nodes: https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/

Nerdctl does not have a concept of pods, while crictl does. This allows continuing to use pod semantics when troubleshooting within on a node using crictl vs using nerdctl and figuring out which containers belong to which pod (not terribly difficult, but still an extra step).

Having nerdctl on the nodes is nice and I think it belongs with any containerd installation by default, but the nodes are k8s nodes, missing capabilities that crictl does add, which is pod-aware semantics during troubleshooting.

Additional notes:

nerdctl is not properly configured on a node, nerdctl ps doesn't list anything, you have to use nerdctl --namespace="k8s.io" ps. I'll open a separate ticket to fix that as well, because on a k8s node one would expect nerdctl to default to the kubernetes pods namespace.
@reegnz reegnz mentioned this issue Oct 26, 2023
Closed
@alvaroaleman
Copy link

+1 on this

crictl is the tool recommended by upstream Kubernetes to debug node issues: https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/

It is hard to understand that EKS nodes by default have a non-working version of a non-standard tool but do not have the standard tool recommended by upstream.

@cartermckinnon
Copy link
Member

cartermckinnon commented May 17, 2024
edited
Loading

  1. This was already added:

    amazon-eks-ami/templates/al2/provisioners/install-worker.sh

    Line 152 in c5132e9

    sudo yum install -y cri-tools
  2. nerdctl works fine, its default config was improved in: Set nerdctl default namespace to k8s.io #1488

nerdctl is the official CLI for containerd with (IMO) much better ergonomics than crictl; but it can definitely be helpful to have crictl. 👍

@mihuross
Copy link

AL2023 is missing the cri-tools

@cartermckinnon cartermckinnon mentioned this issue Feb 26, 2025
Closed
@cartermckinnon
Copy link
Member

@mihuross fixing that in #2162 👍

@cartermckinnon
Copy link
Member

Opened a new tracking issue for AL2023: #2163

The package is not available in the distro repos at this time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@reegnz @alvaroaleman @cartermckinnon @mihuross