Revert "Install docker 17.03 via binary and configure logs rotation on all systems via daemon.json (#382)" (#437)

This reverts commit 3a51615.

Under some circumstances this results in exceeding the AWS userdata
limit. We will revisit the approach later.

Author: alvaroaleman

pkg/userdata/centos/testdata/kubelet-v1.10-aws.golden

@@ -57,17 +57,15 @@ write_files:
 
 
 
-    yum install -y ebtables \
+    yum install -y docker-1.13.1 \
+      ebtables \
       ethtool \
       nfs-utils \
       bash-completion \
       sudo \
       socat \
       wget \
       curl \
-      libtool-ltdl \
-      libseccomp \
-      libcgroup \
       ipvsadm
 
     #setup some common directories
@@ -77,16 +75,6 @@ write_files:
     mkdir -p /etc/cni/net.d
     mkdir -p /opt/cni/bin
 
-    # docker
-    if [ ! -f /opt/bin/docker ]; then
-        # TODO: Support newer versions. Make sure to validate if the newer containerd version has configuration changes
-        # Newer versions of docker use containterd with a config file - containerd from 17.03 does not support that
-        # we maybe need to manage both ways(flags & config) or wait until we deprecate Kubernetes 1.11 
-        curl -L http://download.docker.com/linux/static/stable/x86_64/docker-17.03.2-ce.tgz | tar -xvzC /opt/ -f -
-        mv /opt/docker/* /opt/bin/
-        rm -rf /opt/docker
-    fi
-    
     # cni
     if [ ! -f /opt/cni/bin/loopback ]; then
         curl -L https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz | tar -xvzC /opt/cni/bin -f -
@@ -101,15 +89,10 @@ write_files:
         curl -Lfo /opt/bin/health-monitor.sh https://raw.githubusercontent.com/kubermatic/machine-controller/8b5b66e4910a6228dfaecccaa0a3b05ec4902f8e/pkg/userdata/scripts/health-monitor.sh
         chmod +x /opt/bin/health-monitor.sh
     fi
-    
-
-        # Make sure systemd is aware of the new units in /etc/systemd/system
-    systemctl daemon-reload
     systemctl enable --now docker
     systemctl enable --now kubelet
     systemctl enable --now --no-block kubelet-healthcheck.service
     systemctl enable --now --no-block docker-healthcheck.service
-    
 
 - path: "/opt/bin/supervise.sh"
   permissions: "0755"
@@ -130,11 +113,12 @@ write_files:
     Documentation=https://kubernetes.io/docs/home/
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     Restart=always
     StartLimitInterval=0
     RestartSec=10
 
+    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
+    
     ExecStart=/opt/bin/kubelet $KUBELET_EXTRA_ARGS \
       --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \
       --kubeconfig=/etc/kubernetes/kubelet.conf \
@@ -162,6 +146,11 @@ write_files:
     [Install]
     WantedBy=multi-user.target
 
+- path: "/etc/systemd/system/kubelet.service.d/extras.conf"
+  content: |
+    [Service]
+    Environment="KUBELET_EXTRA_ARGS=--cgroup-driver=systemd"
+
 - path: "/etc/kubernetes/cloud-config"
   content: |
     {aws-config:true}
@@ -241,7 +230,6 @@ write_files:
     After=kubelet.service
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     ExecStart=/opt/bin/health-monitor.sh kubelet
 
     [Install]
@@ -256,50 +244,11 @@ write_files:
     After=docker.service
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     ExecStart=/opt/bin/health-monitor.sh container-runtime
 
     [Install]
     WantedBy=multi-user.target
 
 
-- path: /etc/systemd/system/docker.service
-  permissions: "0644"
-  content: |
-    [Unit]
-    Description=Docker Application Container Engine
-    Documentation=https://docs.docker.com
-    After=network-online.target
-    Wants=network-online.target
-    
-    [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
-    Type=notify
-    # the default is not to use systemd for cgroups because the delegate issues still
-    # exists and systemd currently does not support the cgroup feature set required
-    # for containers run by docker
-    ExecStart=/opt/bin/dockerd
-    ExecReload=/bin/kill -s HUP $MAINPID
-    LimitNOFILE=1048576
-    # Having non-zero Limit*s causes performance problems due to accounting overhead
-    # in the kernel. We recommend using cgroups to do container-local accounting.
-    LimitNPROC=infinity
-    LimitCORE=infinity
-    # Uncomment TasksMax if your systemd version supports it.
-    # Only systemd 226 and above support this version.
-    
-    TimeoutStartSec=0
-    # set delegate yes so that systemd does not reset the cgroups of docker containers
-    Delegate=yes
-    # kill only the docker process, not all processes in the cgroup
-    KillMode=process
-    # restart the docker process if it exits prematurely
-    Restart=on-failure
-    StartLimitBurst=3
-    StartLimitInterval=60s
-    
-    [Install]
-    WantedBy=multi-user.target
-
 runcmd:
 - systemctl enable --now setup.service

pkg/userdata/centos/testdata/kubelet-v1.11-aws.golden

@@ -57,17 +57,15 @@ write_files:
 
 
 
-    yum install -y ebtables \
+    yum install -y docker-1.13.1 \
+      ebtables \
       ethtool \
       nfs-utils \
       bash-completion \
       sudo \
       socat \
       wget \
       curl \
-      libtool-ltdl \
-      libseccomp \
-      libcgroup \
       ipvsadm
 
     #setup some common directories
@@ -77,16 +75,6 @@ write_files:
     mkdir -p /etc/cni/net.d
     mkdir -p /opt/cni/bin
 
-    # docker
-    if [ ! -f /opt/bin/docker ]; then
-        # TODO: Support newer versions. Make sure to validate if the newer containerd version has configuration changes
-        # Newer versions of docker use containterd with a config file - containerd from 17.03 does not support that
-        # we maybe need to manage both ways(flags & config) or wait until we deprecate Kubernetes 1.11 
-        curl -L http://download.docker.com/linux/static/stable/x86_64/docker-17.03.2-ce.tgz | tar -xvzC /opt/ -f -
-        mv /opt/docker/* /opt/bin/
-        rm -rf /opt/docker
-    fi
-    
     # cni
     if [ ! -f /opt/cni/bin/loopback ]; then
         curl -L https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz | tar -xvzC /opt/cni/bin -f -
@@ -101,15 +89,10 @@ write_files:
         curl -Lfo /opt/bin/health-monitor.sh https://raw.githubusercontent.com/kubermatic/machine-controller/8b5b66e4910a6228dfaecccaa0a3b05ec4902f8e/pkg/userdata/scripts/health-monitor.sh
         chmod +x /opt/bin/health-monitor.sh
     fi
-    
-
-        # Make sure systemd is aware of the new units in /etc/systemd/system
-    systemctl daemon-reload
     systemctl enable --now docker
     systemctl enable --now kubelet
     systemctl enable --now --no-block kubelet-healthcheck.service
     systemctl enable --now --no-block docker-healthcheck.service
-    
 
 - path: "/opt/bin/supervise.sh"
   permissions: "0755"
@@ -130,11 +113,12 @@ write_files:
     Documentation=https://kubernetes.io/docs/home/
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     Restart=always
     StartLimitInterval=0
     RestartSec=10
 
+    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
+    
     ExecStart=/opt/bin/kubelet $KUBELET_EXTRA_ARGS \
       --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \
       --kubeconfig=/etc/kubernetes/kubelet.conf \
@@ -162,6 +146,11 @@ write_files:
     [Install]
     WantedBy=multi-user.target
 
+- path: "/etc/systemd/system/kubelet.service.d/extras.conf"
+  content: |
+    [Service]
+    Environment="KUBELET_EXTRA_ARGS=--cgroup-driver=systemd"
+
 - path: "/etc/kubernetes/cloud-config"
   content: |
     {aws-config:true}
@@ -241,7 +230,6 @@ write_files:
     After=kubelet.service
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     ExecStart=/opt/bin/health-monitor.sh kubelet
 
     [Install]
@@ -256,50 +244,11 @@ write_files:
     After=docker.service
 
     [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
     ExecStart=/opt/bin/health-monitor.sh container-runtime
 
     [Install]
     WantedBy=multi-user.target
 
 
-- path: /etc/systemd/system/docker.service
-  permissions: "0644"
-  content: |
-    [Unit]
-    Description=Docker Application Container Engine
-    Documentation=https://docs.docker.com
-    After=network-online.target
-    Wants=network-online.target
-    
-    [Service]
-    Environment="PATH=/opt/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin/"
-    Type=notify
-    # the default is not to use systemd for cgroups because the delegate issues still
-    # exists and systemd currently does not support the cgroup feature set required
-    # for containers run by docker
-    ExecStart=/opt/bin/dockerd
-    ExecReload=/bin/kill -s HUP $MAINPID
-    LimitNOFILE=1048576
-    # Having non-zero Limit*s causes performance problems due to accounting overhead
-    # in the kernel. We recommend using cgroups to do container-local accounting.
-    LimitNPROC=infinity
-    LimitCORE=infinity
-    # Uncomment TasksMax if your systemd version supports it.
-    # Only systemd 226 and above support this version.
-    
-    TimeoutStartSec=0
-    # set delegate yes so that systemd does not reset the cgroups of docker containers
-    Delegate=yes
-    # kill only the docker process, not all processes in the cgroup
-    KillMode=process
-    # restart the docker process if it exits prematurely
-    Restart=on-failure
-    StartLimitBurst=3
-    StartLimitInterval=60s
-    
-    [Install]
-    WantedBy=multi-user.target
-
 runcmd:
 - systemctl enable --now setup.service