From 7fa037a5a3b39ffb1c050a85a29c9b3a64299ab5 Mon Sep 17 00:00:00 2001 From: Carter Date: Thu, 1 Feb 2024 11:32:44 -0800 Subject: [PATCH] Use crictl to pull sandbox image (#1605) --- files/pull-sandbox-image.sh | 24 +++++++++++++++++++++++- scripts/install-worker.sh | 3 +++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/files/pull-sandbox-image.sh b/files/pull-sandbox-image.sh index e6484a962..b123b50aa 100644 --- a/files/pull-sandbox-image.sh +++ b/files/pull-sandbox-image.sh @@ -8,4 +8,26 @@ if [[ "$(sudo ctr --namespace k8s.io image ls | grep $sandbox_image)" != "" ]]; exit 0 fi -/etc/eks/containerd/pull-image.sh "${sandbox_image}" +MAX_RETRIES=3 + +function retry() { + local rc=0 + for attempt in $(seq 0 $MAX_RETRIES); do + rc=0 + [[ $attempt -gt 0 ]] && echo "Attempt $attempt of $MAX_RETRIES" 1>&2 + "$@" + rc=$? + [[ $rc -eq 0 ]] && break + [[ $attempt -eq $MAX_RETRIES ]] && exit $rc + local jitter=$((1 + RANDOM % 10)) + local sleep_sec="$(($((5 << $((1 + $attempt)))) + $jitter))" + sleep $sleep_sec + done +} + +ecr_password=$(retry aws ecr get-login-password) +if [[ -z ${ecr_password} ]]; then + echo >&2 "Unable to retrieve the ECR password." + exit 1 +fi +retry sudo crictl pull --creds "AWS:${ecr_password}" "${sandbox_image}" diff --git a/scripts/install-worker.sh b/scripts/install-worker.sh index e61ca9d21..8d93409de 100644 --- a/scripts/install-worker.sh +++ b/scripts/install-worker.sh @@ -174,6 +174,9 @@ sudo yum versionlock runc-* sudo yum install -y containerd-${CONTAINERD_VERSION} sudo yum versionlock containerd-* +# install cri-tools for crictl, needed to interact with containerd's CRI server +sudo yum install -y cri-tools + sudo mkdir -p /etc/eks/containerd if [ -f "/etc/eks/containerd/containerd-config.toml" ]; then ## this means we are building a gpu ami and have already placed a containerd configuration file in /etc/eks