Some networking fixes.

2025-12-18 22:28:03 -05:00
parent a2899d38a2
commit e6daf2c304
33 changed files with 1806 additions and 1722 deletions
--- a/nix/kubernetes/roles/containerd/default.nix
+++ b/nix/kubernetes/roles/containerd/default.nix
@@ -5,6 +5,16 @@
  ...
 }:

+let
+  my-cni-plugins = pkgs.buildEnv {
+    name = "my-cni-plugins";
+    paths = with pkgs; [
+      cni-plugins
+      cni-plugin-flannel
+    ];
+  };
+  my-cni-configs = pkgs.callPackage ./package/cni_conf/package.nix { };
+in
 {
  imports = [ ];

@@ -19,40 +29,37 @@

  config = lib.mkIf config.me.containerd.enable {
    virtualisation.containerd.enable = true;
-    virtualisation.containerd.settings =
-      let
-        my-cni-plugins = pkgs.buildEnv {
-          name = "my-cni-plugins";
-          paths = with pkgs; [
-            cni-plugins
-            cni-plugin-flannel
-          ];
-        };
-      in
-      {
-        "plugins" = {
-          "io.containerd.grpc.v1.cri" = {
-            "cni" = {
-              # "bin_dir" = "/opt/cni/bin";
-              "bin_dir" = "${my-cni-plugins}/bin";
-              # "conf_dir" = "/etc/cni/net.d";
-              "conf_dir" = "${pkgs.callPackage ./package/cni_conf/package.nix { }}";
-            };
-            "containerd" = {
-              "default_runtime_name" = "runc";
-              "runtimes" = {
-                "runc" = {
-                  "options" = {
-                    "SystemdCgroup" = true;
-                  };
-                  "runtime_type" = "io.containerd.runc.v2";
+    virtualisation.containerd.settings = {
+      "plugins" = {
+        "io.containerd.grpc.v1.cri" = {
+          "cni" = {
+            "bin_dir" = "/opt/cni/bin";
+            "conf_dir" = "/etc/cni/net.d";
+            # "bin_dir" = "${my-cni-plugins}/bin";
+            # "conf_dir" = "${my-cni-configs}";
+          };
+          "containerd" = {
+            "default_runtime_name" = "runc";
+            "runtimes" = {
+              "runc" = {
+                "options" = {
+                  "SystemdCgroup" = true;
                };
+                "runtime_type" = "io.containerd.runc.v2";
              };
-              "snapshotter" = "overlayfs";
            };
+            "snapshotter" = "overlayfs";
          };
        };
-        "version" = 2;
      };
+      "version" = 2;
+    };
+
+    systemd.services.containerd.preStart = ''
+      ${pkgs.toybox}/bin/install -d -m 0755 /opt/cni/bin /etc/cni/net.d
+      ${pkgs.toybox}/bin/install ${my-cni-plugins}/bin/* /opt/cni/bin/
+      ${pkgs.toybox}/bin/install ${my-cni-configs}/* /etc/cni/net.d/
+      echo "Copied CNI plugins/config."
+    '';
  };
 }