Consider switch to Gardener OperatingSystemConfig extension.

[ppalucki]

Iinitial approach was based on how gvisor extension works (installation daemon set).

But there is another approach - we can try https://gardener.cloud/docs/gardener/extensions/operatingsystemconfig/

According the docs, we could just replace "installation DaemonSet" with OSC that will containt nesseary unit & files for running CRI-RM.

There is whole infrastructre already in place here: it is just enough to provide "generator" that will preapre files & units:

like in this gardener-extension OSC for garden linux: https://github.com/gardener/gardener-extension-os-gardenlinux/blob/master/cmd/gardener-extension-os-gardenlinux/app/app.go#L45
and then just prepare cloud-init template:

as examples for

• ubuntu: https://github.com/gardener/gardener-extension-os-ubuntu/blob/master/pkg/generator/templates/cloud-init-ubuntu.template
• garden-linux https://github.com/gardener/gardener-extension-os-gardenlinux/blob/master/pkg/generator/templates/cloud-init.gardenlinux.template

those templates could be just replacement for our installation-script (only installation part)

Advantages:

• it is setup during OS provisioning (passsed as userData to VM) so seems more natural for critical units configuration

Downsides:

• if we want "uninstallation" feature - we still need "uninstallation daemonset" that will restore kubelet configuration to original version
• userData will be quiet big: cri-rm exectuable is 64mb but gardener work arounded this by using "downloader script"