Open MaxFedotov opened 1 year ago
/triage accepted
@MaxFedotov were you able to open the PR to fix this in image builder?
@Ankitasw yes, will do it on the next week
thankyou @MaxFedotov 🙂
This issue has not been updated in over 1 year, and should be re-triaged.
You can:
/triage accepted
(org members only)/close
For more details on the triage process, see https://www.kubernetes.dev/docs/guide/issue-triage/
/remove-triage accepted
/kind bug
What steps did you take and what happened: Create a cluster using
capa-ami-amazon-2-v1.25.12
image. Control-plane node won't be started and the following error will be in control-planekubelet
logs:If you will try to run
runc
binary, the following error will be returned:This happens because CAPA is using
cri-containerd-*.tar.gz
archive to installcontainerd
andrunc
. According tocontainerd
release notes: https://github.com/containerd/containerd/blob/40f26543bdc27cbe8b058ac082e91c5832bb1c41/releases/v1.6.0.toml#L64-L76runc
, included incontainerd
distribution is built with dynamic linking tolibseccomp
.CAPA is using the following version of
containerd
:which according to release notes includes
runc v1.1.7
.runc v1.1.7
is linked to libseccomp-2.5.4, but installed version iswhich is the maximum
libseccomp
version available for epel7 repo.What did you expect to happen: User should be able to create cluster using amazon linux 2 images.
Anything else you would like to add: I was able to fix this issue in my
image-builder
fork by adding ansible steps to manually download statically-linkedrunc
from https://github.com/opencontainers/runc/releases and replacerunc
installed bycri-containerd-*.tar.gz
archive. I can create a pull request inimage-builder
repo with the fix if you are ok with this approach.Environment:
kubectl version
): v1.25.12/etc/os-release
): amazon linux 2