Add static bin dir support to k3s docker image

Static bin dir is first in search path and is on /var/lib/rancher/k3s volume, which can be persisted by users. If the volume is empty it will just fall back to the legacy /bin dir.

Add static bin dir support to k3s docker image
b2d495e1 · Brad Davidson · Brad Davidson · 6ebf72d3 · b2d495e1
Commit b2d495e1 authored Feb 13, 2025 by Brad Davidson Committed by Brad Davidson Feb 14, 2025
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

Dockerfile package/Dockerfile +4 -3

No files found.
--- a/package/Dockerfile
+++ b/package/Dockerfile
 FROM alpine:3.21 as base
 RUN apk add -U ca-certificates zstd tzdata
 COPY build/out/data-linux.tar.zst /
-RUN mkdir -p /image/etc/ssl/certs /image/run /image/var/run /image/tmp /image/lib/modules /image/lib/firmware && \
+RUN mkdir -p /image/etc/ssl/certs /image/run /image/var/run /image/tmp /image/lib/modules /image/lib/firmware /image/var/lib/rancher/k3s/data/cni && \
    zstdcat -d /data-linux.tar.zst | tar -xa -C /image && \
+    for FILE in cni $(/image/bin/find /image/bin -lname cni -printf "%f\n"); do ln -s /bin/cni /image/var/lib/rancher/k3s/data/cni/$FILE; done && \
    echo "root:x:0:0:root:/:/bin/sh" > /image/etc/passwd && \
    echo "root:x:0:" > /image/etc/group && \
    cp /etc/ssl/certs/ca-certificates.crt /image/etc/ssl/certs/ca-certificates.crt
@@ -17,12 +18,12 @@ RUN mkdir -p /etc && \
    chmod 1777 /tmp

 FROM scratch
-COPY --from=collect / /
 VOLUME /var/lib/kubelet
 VOLUME /var/lib/rancher/k3s
 VOLUME /var/lib/cni
 VOLUME /var/log
-ENV PATH="$PATH:/bin/aux"
+COPY --from=collect / /
+ENV PATH="/var/lib/rancher/k3s/data/cni:$PATH:/bin/aux"
 ENV CRI_CONFIG_FILE="/var/lib/rancher/k3s/agent/etc/crictl.yaml"
 ENTRYPOINT ["/bin/k3s"]
 CMD ["agent"]