From d368bd0d7703f3c4b9dbaef71fd7a9c77e897699 Mon Sep 17 00:00:00 2001
From: Andrew Durbin <andrewd@zededa.com>
Date: Fri, 3 Jan 2025 13:50:19 -0700
Subject: [PATCH] Misc kubevirt kube container changes

- Component version bumps for perf improvements:
   longhorn 1.6.3
   cdi 1.57.1
- containerd config change required for cdi 1.57.1
	https://github.com/kubevirt/containerized-data-importer/blob/main/doc/block_cri_ownership_config.md
	https://kubernetes.io/blog/2021/11/09/non-root-containers-and-devices/
- event-ttl bump to improve ability to debug system
	Extend saved time range of kubernetes events
	from 1hr to 72hr.
- collect-info kubectl dumps for completeness to debug state

Signed-off-by: Andrew Durbin <andrewd@zededa.com>
---
 pkg/debug/scripts/collect-info.sh | 18 +++++++++++++++++-
 pkg/kube/cluster-init.sh          |  2 +-
 pkg/kube/config-k3s.toml          |  1 +
 pkg/kube/config.yaml              |  2 ++
 pkg/kube/longhorn-utils.sh        |  2 +-
 pkg/kube/nsmounter                | 14 ++++++++++----
 6 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/pkg/debug/scripts/collect-info.sh b/pkg/debug/scripts/collect-info.sh
index 1e9d670e7b..1c47a03948 100755
--- a/pkg/debug/scripts/collect-info.sh
+++ b/pkg/debug/scripts/collect-info.sh
@@ -6,7 +6,7 @@
 
 # Script version, don't forget to bump up once something is changed
 
-VERSION=32
+VERSION=33
 # Add required packages here, it will be passed to "apk add".
 # Once something added here don't forget to add the same package
 # to the Dockerfile ('ENV PKGS' line) of the debug container,
@@ -328,6 +328,14 @@ collect_kube_info()
            echo "============"
            eve exec kube kubectl describe pods -A
            echo "============"
+           echo "kubectl get rs -A"
+           echo "============"
+           eve exec kube kubectl get rs -A
+           echo "============"
+           echo "kubectl describe rs -A"
+           echo "============"
+           eve exec kube kubectl describe rs -A
+           echo "============"
            echo "kubectl get pvc -A"
            echo "============"
            eve exec kube kubectl get pvc -A
@@ -344,6 +352,14 @@ collect_kube_info()
            echo "============"
            eve exec kube kubectl describe vmi -A
            echo "============"
+           echo "kubectl get vmirs -A"
+           echo "============"
+           eve exec kube kubectl get vmirs -A
+           echo "============"
+           echo "kubectl describe vmirs -A"
+           echo "============"
+           eve exec kube kubectl describe vmirs -A
+           echo "============"
            echo "kubectl get kubevirt -n kubevirt -o yaml"
            echo "============"
            eve exec kube kubectl get kubevirt -n kubevirt -o yaml
diff --git a/pkg/kube/cluster-init.sh b/pkg/kube/cluster-init.sh
index 443bf5bcad..46a10dc254 100755
--- a/pkg/kube/cluster-init.sh
+++ b/pkg/kube/cluster-init.sh
@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 KUBEVIRT_VERSION=v1.1.0
-CDI_VERSION=v1.54.0
+CDI_VERSION=v1.57.1
 NODE_IP=""
 RESTART_COUNT=0
 K3S_LOG_DIR="/persist/kubelog"
diff --git a/pkg/kube/config-k3s.toml b/pkg/kube/config-k3s.toml
index b2db7560f9..9d76332dc5 100644
--- a/pkg/kube/config-k3s.toml
+++ b/pkg/kube/config-k3s.toml
@@ -13,6 +13,7 @@ root = "/persist/vault/containerd"
   enable_unprivileged_ports = true
   enable_unprivileged_icmp = true
   sandbox_image = "rancher/mirrored-pause:3.6"
+  device_ownership_from_security_context = true
 
 [plugins."io.containerd.grpc.v1.cri".containerd]
   snapshotter = "overlayfs"
diff --git a/pkg/kube/config.yaml b/pkg/kube/config.yaml
index ea87a62f6c..4c45d5fac3 100644
--- a/pkg/kube/config.yaml
+++ b/pkg/kube/config.yaml
@@ -11,3 +11,5 @@ etcd-expose-metrics: true
 container-runtime-endpoint: "/run/containerd-user/containerd.sock"
 disable-network-policy: true
 disable-cloud-controller: true
+kube-apiserver-arg:
+  - "event-ttl=72h"
diff --git a/pkg/kube/longhorn-utils.sh b/pkg/kube/longhorn-utils.sh
index 22f118e9a5..94fb0db8bd 100644
--- a/pkg/kube/longhorn-utils.sh
+++ b/pkg/kube/longhorn-utils.sh
@@ -3,7 +3,7 @@
 # Copyright (c) 2024 Zededa, Inc.
 # SPDX-License-Identifier: Apache-2.0
 
-LONGHORN_VERSION=v1.6.2
+LONGHORN_VERSION=v1.6.3
 
 longhorn_install() {
     node_name=$1
diff --git a/pkg/kube/nsmounter b/pkg/kube/nsmounter
index 1216b58140..ce67af3720 100755
--- a/pkg/kube/nsmounter
+++ b/pkg/kube/nsmounter
@@ -9,8 +9,14 @@
 #   mount RWX volumes for longhorn
 #
 target_pid=1
-kube_pid=$(pgrep -f "cluster-init.sh")
-if [ -n "$kube_pid" ]; then
-  target_pid=$kube_pid
-fi
+starting_pid=$$
+while [ "$starting_pid" != "1" ]; do
+  ppid=$(grep PPid "/proc/${starting_pid}/status" | cut -d ':' -f 2 | tr -d '\t')
+  echo "proc:$starting_pid has ppid:$ppid"
+  if grep -q containerd "/proc/${ppid}/cmdline"; then
+    target_pid=$ppid
+    break
+  fi
+  starting_pid=$ppid
+done
 nsenter -t "$target_pid" -m -n -u -- "$@"