nixos/kubernetes: actually set containerd to use systemd cgroups

The correct configuration is listed in the kubernetes documentation https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd-systemd The correct option can also be seen in `containerd config default`
2021-12-18 22:18:10 +09:00 · 2021-12-18 22:18:10 +09:00 · 97864e984d
commit 97864e984d
parent 2d356a1969
3 changed files with 1 additions and 13 deletions
--- a/nixos/modules/services/cluster/kubernetes/default.nix
+++ b/nixos/modules/services/cluster/kubernetes/default.nix
@ -26,10 +26,7 @@ let

      containerd.runtimes.runc = {
        runtime_type = "io.containerd.runc.v2";
-      };
-
-      containerd.runtimes."io.containerd.runc.v2".options = {
-        SystemdCgroup = true;
+        options.SystemdCgroup = true;
      };
    };
  };
--- a/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix
@ -264,8 +264,6 @@ in
        "net.bridge.bridge-nf-call-ip6tables" = 1;
      };

-      systemd.enableUnifiedCgroupHierarchy = false; # true breaks node memory metrics
-
      systemd.services.kubelet = {
        description = "Kubernetes Kubelet Service";
        wantedBy = [ "kubernetes.target" ];
--- a/nixos/tests/kubernetes/base.nix
+++ b/nixos/tests/kubernetes/base.nix
@ -60,13 +60,6 @@ let
                  advertiseAddress = master.ip;
                };
                masterAddress = "${masterName}.${config.networking.domain}";
-                # workaround for:
-                #   https://github.com/kubernetes/kubernetes/issues/102676
-                #   (workaround from) https://github.com/kubernetes/kubernetes/issues/95488
-                kubelet.extraOpts = ''\
-                  --cgroups-per-qos=false \
-                  --enforce-node-allocatable="" \
-                '';
              };
            }
            (optionalAttrs (any (role: role == "master") machine.roles) {