search

bottlerocket-os / bottlerocket

An operating system designed for hosting containers
https://bottlerocket.dev
Other
8.57k stars 506 forks source link

Need API Setting to allow modify kubelet config for Json logging format #4056

Open git4example opened 2 months ago

git4example commented 2 months ago

What I'd like: We would like to have an option to modify kubelet logging format changed using toml setting. It would be nice if we can offer more kubelet config setting via API.

Any alternatives you've considered: If we modify /etc/kubernetes/kubelet/config by appending logging format setting works by SSH/SSM to the bottler rocket instance, however currently there is no toml setting which allows the same : https://bottlerocket.dev/en/os/1.19.x/api/settings/kubernetes/

cat << 'EOF' >> /etc/kubernetes/kubelet/config
logging:
  format: json
EOF

I tried updating /etc/kubernetes/kubelet/config to setup kubelet logging to json format using bootstrap-containers. However, its failing with Permission denied . Here is my setup :

Dockerfile

FROM alpine
ADD bootstrap-script /
RUN chmod +x /bootstrap-script
ENTRYPOINT ["./bootstrap-script"]

bootstrap-script:

#!/bin/sh
# We'll update kubelet logging setting to json formating
set -ex  

# Write output to stderr so it shows up in the journal.
exec 2>&1

# Test create a file
HOST_VAR_DIR=/.bottlerocket/rootfs/var
touch $HOST_VAR_DIR/hello_world

echo "starting bootstrap container"
USER_DATA_DIR=/.bottlerocket/bootstrap-containers/current

# This is the in-container view of where the host's `/var` can be accessed.
HOST_DIR=/.bottlerocket/rootfs

# The directory that'll be created by this bootstrap container
MY_HOST_DIR=$HOST_DIR/etc/kubernetes/kubelet

# Create it!
echo "creating folder"
id
ls -la $MY_HOST_DIR

echo -e "logging:\n  format: json" >> $MY_HOST_DIR/config  
# touch $MY_HOST_DIR/hello-world-1

Extra args in toml user-data (in-addition to your other args to join cluster)

[settings.host-containers.admin]
"enabled" = true
[settings.bootstrap-containers.kubeletlogging]
source="<ecr repo>/bottlerocket-kubelet-change:latest"
mode="once"
user-data="bG9nZ2luZzoKICBmb3JtYXQ6IGpzb24K"

Error: 

./bootstrap-script: line 29: can't create /.bottlerocket/rootfs/etc/kubernetes/kubelet/config: Permission denied

Its understood that, Bootstrap containers aren’t allowed to write to /etc. The content there is ephemeral and needs to be managed by the host. Bottlerocket will need to add a setting to the API to enable this.

larvacea commented 2 months ago

Thanks for opening this issue. I appreciate your summary of why, exactly, the script to write configuration into /etc will not work for Bottlerocket. It would be a reasonable approach for most general-purpose Linux systems, after all, but as you document, will not work for Bottlerocket.