Skip to content

[WIP] Update kubernetes #92

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
+176 −78
Open

[WIP] Update kubernetes #92

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
875bed6
Update kubernetes to 1.14
bjwschaap Jul 19, 2019
f6ef3ed
Update k8s and Docker version
bjwschaap Jul 25, 2019
fa7d4d3
Refactor CI
bjwschaap Aug 1, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
*.iso
*.tar
kube-*-kernel
kube-*-cmdline
kube-*-initrd.img
kube-*-state
kube-weave.yaml
kube-calico.yaml
23 changes: 15 additions & 8 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
KUBE_RUNTIME ?= docker
KUBE_NETWORK ?= weave
KUBE_VERSION ?= 1.14
KUBE_NETWORK_WEAVE ?= v2.5.2
KUBE_NETWORK_CALICO ?= v3.8

KUBE_NETWORK_WEAVE ?= v2.2.1

ifeq ($(shell uname -s),Darwin)
KUBE_FORMATS ?= iso-efi
else
KUBE_FORMATS ?= iso-bios
endif
# ifeq ($(shell uname -s),Darwin)
# KUBE_FORMATS ?= iso-efi
# else
#KUBE_FORMATS ?= iso-bios
# endif
KUBE_FORMATS ?= tar-kernel-initrd

KUBE_FORMAT_ARGS := $(patsubst %,-format %,$(KUBE_FORMATS))

Expand All @@ -25,7 +27,12 @@ node: yml/kube.yml yml/$(KUBE_RUNTIME).yml yml/$(KUBE_NETWORK).yml $(KUBE_EXTRA_
yml/weave.yml: kube-weave.yaml

kube-weave.yaml:
curl -L -o $@ https://cloud.weave.works/k8s/v1.8/net?v=$(KUBE_NETWORK_WEAVE)
curl -L -o $@ https://cloud.weave.works/k8s/v$(KUBE_VERSION)/net?v=$(KUBE_NETWORK_WEAVE)

yml/calico.yml: kube-calico.yaml

kube-calico.yaml:
curl -L -o $@ https://docs.projectcalico.org/${KUBE_NETWORK_CALICO}/manifests/calico.yaml

.PHONY: update-hashes
update-hashes:
Expand Down
2 changes: 1 addition & 1 deletion pkg/cri-containerd/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM linuxkit/alpine:1b05307ae8152e3d38f79e297b0632697a30c65c AS build
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS build
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why lock it to amd64?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not done on purpose. I built a new linuxkit/alpine 3.10 base image (mirror), which I need to use as base. So it's just a quick copy-and-paste from my docker build output...

I guess all image hashed would need to be corrected, since there will be new ones once the upstream image gets built, signed and pushed by a Docker employee.


RUN \
apk add \
Expand Down
22 changes: 22 additions & 0 deletions pkg/eudev/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS mirror

RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/

RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \
busybox \
ca-certificates \
tini \
eudev \
&& true

# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache

FROM scratch
WORKDIR /
ENTRYPOINT []
COPY --from=mirror /out /
COPY etc/ /etc/
COPY usr/ /usr/
CMD ["/sbin/tini", "/usr/bin/udevd.sh"]
22 changes: 22 additions & 0 deletions pkg/eudev/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
org: linuxkit
image: eudev
network: true
arches:
- amd64
config:
binds:
- /dev:/dev
- /run:/run:rshared,rbind
- /var:/var:rshared,rbind
capabilities:
- all
rootfsPropagation: shared
pid: host
runtime:
mkdir:
- /run/udev
mounts:
- type: bind
source: /run/udev
destination: /run/udev
options: ["rw","bind"]
3 changes: 3 additions & 0 deletions pkg/eudev/etc/udev/udev.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# see udev.conf(5) for details

udev_log="info"
3 changes: 3 additions & 0 deletions pkg/eudev/usr/bin/udevd.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
#!/bin/sh
udevadm hwdb --update
exec /sbin/udevd
2 changes: 1 addition & 1 deletion pkg/kube-e2e-test/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM linuxkit/alpine:1b05307ae8152e3d38f79e297b0632697a30c65c AS build
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS build

# When changing kubernetes_version remember to also update:
# - scripts/mk-image-cache-lst and run `make refresh-image-caches` from top-level
Expand Down
18 changes: 13 additions & 5 deletions pkg/kubelet/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
FROM linuxkit/alpine:1b05307ae8152e3d38f79e297b0632697a30c65c AS build
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS build

# When changing kubernetes_version remember to also update:
# - scripts/mk-image-cache-lst and run `make refresh-image-caches` from top-level
# - pkg/e2e-test/Dockerfile
ENV kubernetes_version v1.10.3
ENV cni_version v0.7.1
ENV critools_version v1.0.0-alpha.0
ENV kubernetes_version v1.14.4
ENV cni_version v0.8.1
ENV critools_version v1.15.0

RUN apk add -U --no-cache \
bash \
Expand All @@ -19,6 +19,7 @@ RUN apk add -U --no-cache \
linux-headers \
make \
rsync \
py-prettytable \
&& true

ENV GOPATH=/go PATH=$PATH:/go/bin
Expand Down Expand Up @@ -54,7 +55,7 @@ RUN set -e; \
git fetch origin "CNI_BRANCH"; \
fi; \
git checkout -q $CNI_COMMIT
RUN ./build.sh
RUN ./build_linux.sh

### critools

Expand Down Expand Up @@ -94,6 +95,12 @@ RUN apk add --no-cache --initdb -p /out \
socat \
util-linux \
nfs-utils \
ceph-common \
rbd-nbd \
py-prettytable \
e2fsprogs \
xfsprogs \
btrfs-progs \
&& true

RUN cp $GOPATH/src/github.com/kubernetes/kubernetes/_output/bin/kubelet /out/usr/bin/kubelet
Expand All @@ -116,4 +123,5 @@ FROM scratch
WORKDIR /
ENTRYPOINT ["/usr/bin/kubelet.sh"]
COPY --from=build /out /
COPY --from=docker:18.03.0-ce /usr/local/bin/docker /usr/local/bin/docker
ENV KUBECONFIG "/etc/kubernetes/admin.conf"
5 changes: 5 additions & 0 deletions pkg/kubelet/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ config:
- /var/lib/cni/bin
- /var/lib/kubelet-plugins
- /var/lib/nfs/statd/sm
- /run/udev
mounts:
- type: bind
source: /var/lib/cni/bin
Expand All @@ -45,3 +46,7 @@ config:
source: /var/lib/cni/conf
destination: /etc/cni/net.d
options: ["rw","bind"]
- type: bind
source: /run/udev
destination: /run/udev
options: ["rw","bind"]
19 changes: 16 additions & 3 deletions pkg/kubelet/kubelet.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
# Kubelet outputs only to stderr, so arrange for everything we do to go there too
exec 1>&2

# Need to remount the CNI plugins mount, because it's noexec when no disk
# is present in the host (tmpfs)
mount -o remount,exec /opt/cni/bin

if [ -e /etc/kubelet.sh.conf ] ; then
. /etc/kubelet.sh.conf
fi
Expand Down Expand Up @@ -79,7 +83,18 @@ else
"enforceNodeAllocatable": [],
"kubeReservedCgroup": "podruntime",
"systemReservedCgroup": "systemreserved",
"cgroupRoot": "kubepods"
"cgroupRoot": "kubepods",
"authentication": {
"x509": {
"clientCAFile": "/etc/kubernetes/pki/ca.crt"
},
"anonymous": {
"enabled": true
}
},
"authorization": {
"mode": "AlwaysAllow"
}
}
EOF
fi
Expand All @@ -98,9 +113,7 @@ exec kubelet \
--config=/run/config/kubelet-config.json \
--kubeconfig=/etc/kubernetes/kubelet.conf \
--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \
--allow-privileged=true \
--network-plugin=cni \
--cni-conf-dir=/etc/cni/net.d \
--cni-bin-dir=/opt/cni/bin \
--cadvisor-port=0 \
$KUBELET_ARGS $@
6 changes: 3 additions & 3 deletions pkg/kubernetes-docker-image-cache-common/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM linuxkit/alpine:1b05307ae8152e3d38f79e297b0632697a30c65c AS build
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS build

RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
Expand All @@ -11,7 +11,7 @@ RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
FROM scratch
WORKDIR /
COPY --from=build /out /
COPY --from=docker:17.06.0-ce /usr/local/bin/docker /usr/local/bin/docker
COPY --from=docker:18.03.0-ce /usr/local/bin/docker /usr/local/bin/docker
COPY dl/*.tar /images/
ENTRYPOINT [ "/bin/sh", "-c" ]
CMD [ "for image in /images/*.tar ; do docker image load -i $image && rm -f $image ; done" ]
CMD [ "sleep 10; for image in /images/*.tar ; do docker image load -i $image && rm -f $image ; done" ]
8 changes: 3 additions & 5 deletions pkg/kubernetes-docker-image-cache-common/images.lst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
# autogenerated by:
# ./scripts/mk-image-cache-lst common
gcr.io/google_containers/kube-proxy-amd64:v1.10.3@sha256:568df575bb2e630abfd4a4754a23a8af7b13c3f4a526796af01021eda3ff7a30
gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.8@sha256:23df717980b4aa08d2da6c4cfa327f1b730d92ec9cf740959d2d5911830d82fb
gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.8@sha256:6d8e0da4fb46e9ea2034a3f4cab0e095618a2ead78720c12e791342738e5f85d
gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.8@sha256:93c827f018cf3322f1ff2aa80324a0306048b0a69bc274e423071fb0d2d29d8b
gcr.io/google_containers/pause-amd64:3.1@sha256:59eec8837a4d942cc19a52b8c09ea75121acc38114a2c68b98983ce9356b8610
gcr.io/google_containers/kube-proxy:v1.14.4@sha256:a8d90a206f775e09927af8567b076d7a14caa1a451be16b1cf1933a972e8aad4
gcr.io/google_containers/coredns:1.3.1@sha256:02382353821b12c21b062c59184e227e001079bb13ebd01f9d3270ba0fcbf1e4
gcr.io/google_containers/pause:3.1@sha256:59eec8837a4d942cc19a52b8c09ea75121acc38114a2c68b98983ce9356b8610
6 changes: 3 additions & 3 deletions pkg/kubernetes-docker-image-cache-control-plane/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM linuxkit/alpine:1b05307ae8152e3d38f79e297b0632697a30c65c AS build
FROM linuxkit/alpine:08c8d8aa3638d035e18499a74faf50eedb8d6cf6-amd64 AS build

RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
Expand All @@ -11,7 +11,7 @@ RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
FROM scratch
WORKDIR /
COPY --from=build /out /
COPY --from=docker:17.06.0-ce /usr/local/bin/docker /usr/local/bin/docker
COPY --from=docker:18.03.0-ce /usr/local/bin/docker /usr/local/bin/docker
COPY dl/*.tar /images/
ENTRYPOINT [ "/bin/sh", "-c" ]
CMD [ "for image in /images/*.tar ; do docker image load -i $image && rm -f $image ; done" ]
CMD [ "sleep 10; for image in /images/*.tar ; do docker image load -i $image && rm -f $image ; done" ]
9 changes: 5 additions & 4 deletions pkg/kubernetes-docker-image-cache-control-plane/images.lst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# autogenerated by:
# ./scripts/mk-image-cache-lst control-plane
gcr.io/google_containers/kube-apiserver-amd64:v1.10.3@sha256:a6c4b6b2429d0a15d30a546226e01b1164118e022ad40f3ece2f95126f1580f5
gcr.io/google_containers/kube-controller-manager-amd64:v1.10.3@sha256:98a3a7dc4c6c60dbeb0273302d697edaa89bd10fceed87ad5144c0b0acc5cced
gcr.io/google_containers/kube-scheduler-amd64:v1.10.3@sha256:4770e1f1eef2229138e45a2b813c927e971da9c40256a7e2321ccf825af56916
gcr.io/google_containers/etcd-amd64:3.1.12@sha256:68235934469f3bc58917bcf7018bf0d3b72129e6303b0bef28186d96b2259317
gcr.io/google_containers/kube-apiserver:v1.14.4@sha256:be78c5871964d5f7a6716670a3e40fc0815e8a7391b31a60d261b8d40e663e34
gcr.io/google_containers/kube-proxy:v1.14.4@sha256:a8d90a206f775e09927af8567b076d7a14caa1a451be16b1cf1933a972e8aad4
gcr.io/google_containers/kube-controller-manager:v1.14.4@sha256:8c990c920d141979a35d3da73dac38415ba5946ecff48bdf1a4455271090ffaf
gcr.io/google_containers/kube-scheduler:v1.14.4@sha256:5463ae2574811dc07f8c8bf70b8ebce8c021e630d5f176ad0d0bfeebea504d8b
gcr.io/google_containers/etcd:3.3.10-1@sha256:02cd751eef4f7dcea7986e58d51903dab39baf4606f636b50891f30190abce2c
22 changes: 10 additions & 12 deletions scripts/mk-image-cache-lst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,21 @@ repo=gcr.io/google_containers
# When changing kubernetes_version remember to also update:
# - pkg/kubelet/Dockerfile
# - pkg/e2e-test/Dockerfile
kubernetes_version=v1.10.3
kube_dns_version=1.14.8
kubernetes_version=v1.14.4
coredns_version=1.3.1
pause_version=3.1
etcd_version=3.1.12
etcd_version=3.3.10-1

common="
kube-proxy-amd64:$kubernetes_version
k8s-dns-sidecar-amd64:$kube_dns_version
k8s-dns-kube-dns-amd64:$kube_dns_version
k8s-dns-dnsmasq-nanny-amd64:$kube_dns_version
pause-amd64:$pause_version"
kube-proxy:$kubernetes_version
coredns:$coredns_version
pause:$pause_version"

control="
kube-apiserver-amd64:$kubernetes_version
kube-controller-manager-amd64:$kubernetes_version
kube-scheduler-amd64:$kubernetes_version
etcd-amd64:$etcd_version"
kube-apiserver:$kubernetes_version
kube-controller-manager:$kubernetes_version
kube-scheduler:$kubernetes_version
etcd:$etcd_version"

oi() {
local i="$1"
Expand Down
3 changes: 3 additions & 0 deletions yml/calico.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
files:
- path: /etc/kubeadm/kube-system.init/50-calico.yaml
source: kube-calico.yaml
2 changes: 1 addition & 1 deletion yml/docker-master.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
services:
- name: kubernetes-docker-image-cache-control-plane
image: linuxkit/kubernetes-docker-image-cache-control-plane:698faae3de953d7fc0f009360bcfce98497afe76
image: linuxkit/kubernetes-docker-image-cache-control-plane:698faae3de953d7fc0f009360bcfce98497afe76-dirty
cgroupsPath: podruntime/control-cache
2 changes: 1 addition & 1 deletion yml/docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ services:
mkdir: ["/var/lib/kubeadm", "/var/lib/cni/conf", "/var/lib/cni/bin", "/var/lib/kubelet-plugins"]
cgroupsPath: podruntime/docker
- name: kubernetes-docker-image-cache-common
image: linuxkit/kubernetes-docker-image-cache-common:2da947148638cbbef869215cdb0e572c0402833c
image: linuxkit/kubernetes-docker-image-cache-common:2da947148638cbbef869215cdb0e572c0402833c-dirty
cgroupsPath: podruntime/common-cache
files:
- path: /etc/kubelet.sh.conf
Expand Down
Loading