feat: 更新bcs-ops (#3631)

TencentBlueKing · Dec 12, 2024 · be11f29 · be11f29
1 parent 2c0651f
commit be11f29
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 40 deletions.
diff --git a/bcs-ops/k8s/install_containerd b/bcs-ops/k8s/install_containerd
@@ -115,37 +115,43 @@ _offline_containerd() {
   else
     tar xvzf "${tar_name}" -C /usr/local/bin/ --strip-components=1 bin/
     cat <<EOF >/etc/systemd/system/containerd.service
+# Copyright The containerd Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 [Unit]
-Description=Docker Application Container Engine
-Documentation=https://docs.docker.com
-After=network-online.target docker.socket firewalld.service
-Wants=network-online.target
-Requires=docker.socket
+Description=containerd container runtime
+Documentation=https://containerd.io
+After=network.target local-fs.target
 
 [Service]
+ExecStartPre=-/sbin/modprobe overlay
+ExecStart=/usr/local/bin/containerd
+
 Type=notify
-# the default is not to use systemd for cgroups because the delegate issues still
-# exists and systemd currently does not support the cgroup feature set required
-# for containers run by docker
-ExecStart=/usr/bin/dockerd -H fd://
-ExecReload=/bin/kill -s HUP \$MAINPID
-LimitNOFILE=1048576
+Delegate=yes
+KillMode=process
+Restart=always
+RestartSec=5
 # Having non-zero Limit*s causes performance problems due to accounting overhead
 # in the kernel. We recommend using cgroups to do container-local accounting.
 LimitNPROC=infinity
 LimitCORE=infinity
-# Uncomment TasksMax if your systemd version supports it.
+LimitNOFILE=infinity
+# Comment TasksMax if your systemd version does not supports it.
 # Only systemd 226 and above support this version.
-#TasksMax=infinity
-TimeoutStartSec=0
-# set delegate yes so that systemd does not reset the cgroups of docker containers
-Delegate=yes
-# kill only the docker process, not all processes in the cgroup
-KillMode=process
-# restart the docker process if it exits prematurely
-Restart=on-failure
-StartLimitBurst=3
-StartLimitInterval=60s
+TasksMax=infinity
+OOMScoreAdjust=-999
 
 [Install]
 WantedBy=multi-user.target

diff --git a/bcs-ops/system/init_host.sh b/bcs-ops/system/init_host.sh
@@ -269,28 +269,45 @@ install_tools() {
 set_time_sync() {
     curr=$(date +'%Y-%m-%d %H:%M')
     OFFSET_TIME=$(ntpdate -q cn.pool.ntp.org | grep ntpdate | awk -F 'offset' '{print $2}' | awk '{print $1}' | cut -d '-' -f2 | awk -F "." '{print $1}')
+    if [ -z "$OFFSET_TIME" ];then
+      OFFSET_TIME=$(chronyc tracking|grep "System time"|awk ' { print $4 } '| awk -F "." '{print $1}')
+    fi
+    if [ -z "$OFFSET_TIME" ];then
+      error "│   └──[FAIL] => $1 : 当前主机时间偏移获取失败"
+      return
+    fi
+
     if [ $OFFSET_TIME -ge 3 ]; then
-        ntpdate $NTP_SEVER >/dev/null
-        mv /etc/chrony.conf /etc/chrony.conf.$BACKUPTIME
-        cat >>"/etc/chrony.conf" <<EOF
-    server $NTP_SEVER iburst
-    driftfile /var/lib/chrony/drift
-    allow 0.0.0.0/0
-    makestep 1.0 3
-    rtcsync
-    local stratum 10
-    logdir /var/log/chrony
-    EOF
-        systemctl stop chronyd >/dev/null
-        systemctl start chronyd >/dev/null
-        sleep 5
-        systemctl stop chronyd
-        systemctl start chronyd
-        chronyc -a makestep >/dev/null
-        timedatectl set-ntp yes
+        if ! ntpdate $NTP_SEVER >/dev/null;then
+          mv /etc/chrony.conf /etc/chrony.conf.$BACKUPTIME
+          cat >>"/etc/chrony.conf" <<EOF
+server $NTP_SEVER iburst
+driftfile /var/lib/chrony/drift
+allow 0.0.0.0/0
+makestep 1.0 3
+rtcsync
+local stratum 10
+logdir /var/log/chrony
 EOF
+          systemctl stop chronyd >/dev/null
+          systemctl start chronyd >/dev/null
+          sleep 5
+          systemctl stop chronyd
+          systemctl start chronyd
+          chronyc -a makestep >/dev/null
+          timedatectl set-ntp yes
+        fi
+
         nowtime=$(date +'%Y-%m-%d %H:%M')
         OFFSET_TIME=$(ntpdate -q cn.pool.ntp.org | grep ntpdate | awk -F 'offset' '{print $2}' | awk '{print $1}' | cut -d '-' -f2 | awk -F "." '{print $1}')
+        if [ -z "$OFFSET_TIME" ];then
+          OFFSET_TIME=$(chronyc tracking|grep "System time"|awk ' { print $4 } '| awk -F "." '{print $1}')
+        fi
+        if [ -z "$OFFSET_TIME" ];then
+          error "│   └──[FAIL] => $1 : 当前主机时间偏移获取失败"
+          return
+        fi
+
         if [ $OFFSET_TIME -ge 3 ]; then
             error "│   └──[FAIL] => $1 : 当前时间($nowtime).主机时间与时间服务器不一致"
         else