The upstream socket is under /run/containerd/containerd.sock which many
tools like crictl will use by default and diverging causes users to
always have to configure a non-default location.
Switch to the upstream default while still keeping a symlink so that
users are not forced to update their configurations they had to do for
the non-default location. This also keeps Docker using the old socket
location as an assertion that the symlink works. The state directory
is also switch to the default location.
Using only 127.0.0.53 for /etc/resolv.conf causes problems for
Kubernetes which is not systemd-resolved aware yet (the kubelet passes
on /etc/resolv.conf contents to containers).
Switch back for now to merging all DNS servers into /etc/resolv.conf
which breaks split DNS and we need to document how to make split DNS
work for those that want it.
When the metadata server is unavailable for some time the service did
not retry. Also, the service was triggered possibly multiple times
each time another service pulled it in which can cause problems if,
e.g., the service experiences a failure and corrupts the existing file
which could have been kept because rerunning wasn't needed.
Fixes https://github.com/kinvolk/Flatcar/issues/311
The patches were not taking effect because they did not set
net.ipv4.conf.default.rp_filter for new interfaces. Also, they got
overwritten by the baselayout configuration which takes precedence
and is the place for Flatcar-specific sysctl settings.
The desired configuration was enfored there:
https://github.com/kinvolk/baselayout/pull/13
The build_image script invokes the create_dev_container function, and
passes the `FLAGS_group` as param. Use the param, to generate the
binhost URL instead of using the DEFAULT_GROUP which stays as developer
always.
Fixes: kinvolk/Flatcar#298
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
The [repo v2.10](https://groups.google.com/g/repo-discuss/c/rpSfMCl83Sk)
was released dropping python2 support. As a result, every `repo init`
failed to run. To unblock CI builds, we released mantle
[v0.15.2](https://github.com/kinvolk/mantle/releases/tag/v0.15.2),
including a workaround to set the target branch to
[`maint`](https://gerrit.googlesource.com/git-repo/+/refs/heads/maint),
which still supports python2. Now with cork v0.15.2, `cork create` or
`cork update` will work well for now.
However, the current state is quite fragile. It will get broken again
when the upstream `maint` branch changes. We should update
`dev-vcs/repo` in coreos-overlay to 2.x with python3, and get it
included in Flatcar SDK, so we could later set the target branch in
mantle back to `stable`.
At the moment, none of the source repos has the tarball for repo 2.10,
neither GCS nor Gentoo distfiles. So for now we update it to 2.8.
It will be linked to python 3.6 in Flatcar SDK.
Also note that we do not have to keep `files/repo-1.25` script in the
coreos-overlay repo, because the script is simply identical to the
upstream `repo` script. I am not sure why the third-party script was
there in the first place. So simply remove the script.
