Skip to content

Commit 92f4809

Browse files
authored
Merge pull request #105525 from mburke5678/mco-configure-runtime
OCPBUGS Document runc to crun migration for 4.18+
2 parents f766a0e + 5dea0cc commit 92f4809

2 files changed

Lines changed: 103 additions & 0 deletions

File tree

machine_configuration/machine-configs-custom.adoc

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,14 @@ include::modules/create-a-kubeletconfig-crd-to-edit-kubelet-parameters.adoc[leve
1313

1414
include::modules/create-a-containerruntimeconfig-crd.adoc[leveloffset=+1]
1515

16+
include::modules/config-container-runtime.adoc[leveloffset=+1]
17+
1618
include::modules/set-the-default-max-container-root-partition-size-for-overlay-with-crio.adoc[leveloffset=+1]
1719

1820
include::modules/create-crio-default-capabilities.adoc[leveloffset=+1]
1921

22+
[role="_additional-resources"]
23+
[id="additional-resources_{context}"]
24+
== Additional resources
2025

26+
* xref:../nodes/containers/nodes-containers-using.adoc#nodes-containers-runtimes[About the container engine and container runtime]
Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,97 @@
1+
// Module included in the following assemblies:
2+
//
3+
// * machine_configuration/machine-configs-custom.adoc
4+
5+
:_mod-docs-content-type: PROCEDURE
6+
[id="config-container-runtime_{context}"]
7+
= Configuring the container runtime
8+
9+
[role="_abstract"]
10+
You can configure the container runtime used with new workloads on your nodes, based on which runtime you or your organization prefers. You can use either crun, which is considered a faster and more lightweight runtime, or runc, which is more widely used than crun.
11+
12+
For information on crun and runc, see "About the container engine and container runtime".
13+
14+
Starting in {product-title} 4.18, crun is the default container runtime for new installations. You can change between the runtimes by using a `ContainerRuntimeConfig` object, as described in the following procedure. Changing the container runtime affects new workloads only. Existing workloads continue to use their existing container runtime.
15+
16+
If you updated your cluster from {product-title} 4.17, the runc container runtime remains unchanged as the default. During the upgrade, two `MachineConfig` objects, one for the control plane nodes and one for the worker nodes, were created to override the new default runtime. You can migrate the container runtime to crun, on a schedule of your choosing, by removing either or both of the `MachineConfig` objects.
17+
18+
.Procedure
19+
20+
* If your cluster is updated from {product-title} 4.17, you can use the crun container runtime by deleting the following `MachineConfig` objects:
21+
22+
** Migrate your worker nodes to crun by running the following command:
23+
+
24+
[source,terminal]
25+
----
26+
$ oc delete machineconfig 00-override-worker-generated-crio-default-container-runtime
27+
----
28+
29+
** Migrate your control plane nodes to crun by running the following command:
30+
+
31+
[source,terminal]
32+
----
33+
$ oc delete machineconfig 00-override-master-generated-crio-default-container-runtime
34+
----
35+
36+
* For any {product-title} 4.18 or greater cluster, you can configure crun or runc as the container runtime for specific nodes by creating a container runtime configuration:
37+
38+
. Create a YAML file for the `ContainerRuntimeConfig` CR:
39+
+
40+
[source,yaml]
41+
----
42+
apiVersion: machineconfiguration.openshift.io/v1
43+
kind: ContainerRuntimeConfig
44+
metadata:
45+
name: configure-runc
46+
spec:
47+
machineConfigPoolSelector:
48+
matchLabels:
49+
pools.operator.machineconfiguration.openshift.io/worker: ''
50+
containerRuntimeConfig:
51+
defaultRuntime: "runc"
52+
----
53+
where:
54+
+
55+
--
56+
* `spec.machineConfigPoolSelector.matchLabels`:: Specifies a label for the machine config pool that you want you want to modify.
57+
* `spec.containerRuntimeConfig.defaultRuntime`:: Specifies the container runtime to use with new workloads on the nodes in the specified machine config pool, either `crun` or `runc`.
58+
--
59+
60+
. Create the `ContainerRuntimeConfig` CR:
61+
+
62+
[source,terminal]
63+
----
64+
$ oc create -f <file_name>.yaml
65+
----
66+
67+
.Verification
68+
69+
. After the nodes return to a ready state, open an `oc debug` session to a node by running the following command:
70+
+
71+
[source,terminal]
72+
----
73+
$ oc debug node/<node_name>
74+
----
75+
+
76+
. Set `/host` as the root directory within the debug shell by running the following command:
77+
+
78+
[source,terminal]
79+
----
80+
sh-5.1# chroot /host
81+
----
82+
83+
. Check the container runtime by using the following command:
84+
+
85+
[source,terminal]
86+
----
87+
sh-5.1# crio status config | grep default_runtime
88+
----
89+
+
90+
.Example output
91+
[source,terminal]
92+
----
93+
INFO[2026-01-27 23:09:18.413462914Z] Starting CRI-O, version: 1.30.14-6.rhaos4.17.gitfa27f6f.el9, git: unknown(clean)
94+
default_runtime = "runc"
95+
----
96+
+
97+
The `default_runtime` parameter specifies the container runtime that {product-title} uses for new workloads on this node, either `crun` or `runc`, depending on what you have configured.

0 commit comments

Comments
 (0)