From defa24cbaaa8d56863510346f44d2392da1a3a95 Mon Sep 17 00:00:00 2001
From: Bart Wensley <barton.wensley@windriver.com>
Date: Mon, 27 Jan 2020 13:57:36 -0600
Subject: [PATCH] Create sample scripts for generating k8s upgrade patches

Provide a make_kube_patch.sh script that will build patches
that can be used to upgrade kubernetes. Also includes sample
preapply/preremove scripts that will be included in the
patches.

Change-Id: Ifab05e9d407d9a7c3d8c519c90add1b3857ecdf2
Story: 2006781
Task: 38479
Signed-off-by: Bart Wensley <barton.wensley@windriver.com>
---
 patch-scripts/kube-upgrade/KUBE.1.preapply    | 55 ++++++++++++++++++
 patch-scripts/kube-upgrade/KUBE.1.preremove   | 56 ++++++++++++++++++
 patch-scripts/kube-upgrade/KUBE.2.preapply    | 56 ++++++++++++++++++
 patch-scripts/kube-upgrade/KUBE.2.preremove   | 57 +++++++++++++++++++
 patch-scripts/kube-upgrade/make_kube_patch.sh | 44 ++++++++++++++
 5 files changed, 268 insertions(+)
 create mode 100644 patch-scripts/kube-upgrade/KUBE.1.preapply
 create mode 100644 patch-scripts/kube-upgrade/KUBE.1.preremove
 create mode 100644 patch-scripts/kube-upgrade/KUBE.2.preapply
 create mode 100644 patch-scripts/kube-upgrade/KUBE.2.preremove
 create mode 100755 patch-scripts/kube-upgrade/make_kube_patch.sh

diff --git a/patch-scripts/kube-upgrade/KUBE.1.preapply b/patch-scripts/kube-upgrade/KUBE.1.preapply
new file mode 100644
index 00000000..75af7df6
--- /dev/null
+++ b/patch-scripts/kube-upgrade/KUBE.1.preapply
@@ -0,0 +1,55 @@
+#!/usr/bin/python
+"""
+Copyright (c) 2020 Wind River Systems, Inc.
+
+SPDX-License-Identifier: Apache-2.0
+
+"""
+
+from kubernetes import client, config
+
+from distutils.version import LooseVersion
+
+import sys
+
+patch_states = {}
+
+
+def fatal_error(message):
+    print(message)
+    sys.exit(1)
+
+
+def get_kube_apiserver_versions():
+    config.load_kube_config('/etc/kubernetes/admin.conf')
+
+    versions = []
+    v1 = client.CoreV1Api()
+    ret = v1.list_pod_for_all_namespaces(watch=False)
+    for item in ret.items:
+        if item.metadata.labels.get('component') == 'kube-apiserver':
+            for c in item.spec.containers:
+                if c.name == 'kube-apiserver':
+                    versions.append(c.image.split(':')[-1])
+
+    return versions
+
+
+def main():
+    running_versions = get_kube_apiserver_versions()
+    if len(running_versions) is 0:
+        fatal_error("Could not determine kube-apiserver version")
+
+    # Running version must be at least v1.16.1
+    test_version = 'v1.16.1'
+    for running_version in running_versions:
+        if LooseVersion(running_version) < LooseVersion(test_version):
+            fatal_error("A kube-apiserver is running %s, but must be at least %s" %
+                        (running_version, test_version))
+
+    # Success
+    sys.exit(0)
+
+if __name__ == '__main__':
+    main()
+
diff --git a/patch-scripts/kube-upgrade/KUBE.1.preremove b/patch-scripts/kube-upgrade/KUBE.1.preremove
new file mode 100644
index 00000000..64409e45
--- /dev/null
+++ b/patch-scripts/kube-upgrade/KUBE.1.preremove
@@ -0,0 +1,56 @@
+#!/usr/bin/python
+"""
+Copyright (c) 2020 Wind River Systems, Inc.
+
+SPDX-License-Identifier: Apache-2.0
+
+"""
+
+from kubernetes import client, config
+
+from distutils.version import LooseVersion
+
+import sys
+
+patch_states = {}
+
+
+def fatal_error(message):
+    print(message)
+    sys.exit(1)
+
+
+def get_kube_apiserver_versions():
+    config.load_kube_config('/etc/kubernetes/admin.conf')
+
+    versions = []
+    v1 = client.CoreV1Api()
+    ret = v1.list_pod_for_all_namespaces(watch=False)
+    for item in ret.items:
+        if item.metadata.labels.get('component') == 'kube-apiserver':
+            for c in item.spec.containers:
+                if c.name == 'kube-apiserver':
+                    versions.append(c.image.split(':')[-1])
+
+    return versions
+
+
+def main():
+    running_versions = get_kube_apiserver_versions()
+    if len(running_versions) is 0:
+        fatal_error("Could not determine kube-apiserver version")
+
+    # Running version must be no higher than v1.16.1
+    test_version = 'v1.16.1'
+    for running_version in running_versions:
+        if LooseVersion(running_version) > LooseVersion(test_version):
+            fatal_error("A kube-apiserver is running %s, but must be no higher than %s" %
+                        (running_version, test_version))
+
+    # Success
+    sys.exit(0)
+
+if __name__ == '__main__':
+    main()
+
+
diff --git a/patch-scripts/kube-upgrade/KUBE.2.preapply b/patch-scripts/kube-upgrade/KUBE.2.preapply
new file mode 100644
index 00000000..03bb264d
--- /dev/null
+++ b/patch-scripts/kube-upgrade/KUBE.2.preapply
@@ -0,0 +1,56 @@
+#!/usr/bin/python
+"""
+Copyright (c) 2020 Wind River Systems, Inc.
+
+SPDX-License-Identifier: Apache-2.0
+
+"""
+
+from kubernetes import client, config
+
+from distutils.version import LooseVersion
+
+import sys
+
+patch_states = {}
+
+
+def fatal_error(message):
+    print(message)
+    sys.exit(1)
+
+
+def get_kube_apiserver_versions():
+    config.load_kube_config('/etc/kubernetes/admin.conf')
+
+    versions = []
+    v1 = client.CoreV1Api()
+    ret = v1.list_pod_for_all_namespaces(watch=False)
+    for item in ret.items:
+        if item.metadata.labels.get('component') == 'kube-apiserver':
+            for c in item.spec.containers:
+                if c.name == 'kube-apiserver':
+                    versions.append(c.image.split(':')[-1])
+
+    return versions
+
+
+def main():
+    running_versions = get_kube_apiserver_versions()
+    if len(running_versions) is 0:
+        fatal_error("Could not determine kube-apiserver version")
+
+    # Running version must be at least v1.16.2
+    test_version = 'v1.16.2'
+    for running_version in running_versions:
+        if LooseVersion(running_version) < LooseVersion(test_version):
+            fatal_error("A kube-apiserver is running %s, but must be at least %s" %
+                        (running_version, test_version))
+
+    # Success
+    sys.exit(0)
+
+if __name__ == '__main__':
+    main()
+
+
diff --git a/patch-scripts/kube-upgrade/KUBE.2.preremove b/patch-scripts/kube-upgrade/KUBE.2.preremove
new file mode 100644
index 00000000..a68e4561
--- /dev/null
+++ b/patch-scripts/kube-upgrade/KUBE.2.preremove
@@ -0,0 +1,57 @@
+#!/usr/bin/python
+"""
+Copyright (c) 2020 Wind River Systems, Inc.
+
+SPDX-License-Identifier: Apache-2.0
+
+"""
+
+from kubernetes import client, config
+
+from distutils.version import LooseVersion
+
+import sys
+
+patch_states = {}
+
+
+def fatal_error(message):
+    print(message)
+    sys.exit(1)
+
+
+def get_kube_apiserver_versions():
+    config.load_kube_config('/etc/kubernetes/admin.conf')
+
+    versions = []
+    v1 = client.CoreV1Api()
+    ret = v1.list_pod_for_all_namespaces(watch=False)
+    for item in ret.items:
+        if item.metadata.labels.get('component') == 'kube-apiserver':
+            for c in item.spec.containers:
+                if c.name == 'kube-apiserver':
+                    versions.append(c.image.split(':')[-1])
+
+    return versions
+
+
+def main():
+    running_versions = get_kube_apiserver_versions()
+    if len(running_versions) is 0:
+        fatal_error("Could not determine kube-apiserver version")
+
+    # Running version must be no higher than v1.16.2
+    test_version = 'v1.16.2'
+    for running_version in running_versions:
+        if LooseVersion(running_version) > LooseVersion(test_version):
+            fatal_error("A kube-apiserver is running %s, but must be no higher than %s" %
+                        (running_version, test_version))
+
+    # Success
+    sys.exit(0)
+
+if __name__ == '__main__':
+    main()
+
+
+
diff --git a/patch-scripts/kube-upgrade/make_kube_patch.sh b/patch-scripts/kube-upgrade/make_kube_patch.sh
new file mode 100755
index 00000000..17908575
--- /dev/null
+++ b/patch-scripts/kube-upgrade/make_kube_patch.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+#
+# Copyright (c) 2020 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# This builds 3 patches:
+# SYSINV.1 contains sysinv components
+# KUBE.1 contains kubeadm
+# KUBE.2 contains the remainder (node, client, master, etc..)
+
+PATH=$MY_REPO/stx/stx-update/extras/scripts:$PATH
+SYSINV_PATCH_1=SYSINV.1
+KUBE_PATCH_1=KUBE.1
+KUBE_PATCH_2=KUBE.2
+SEMANTIC_PATH=`dirname "$0"`
+DIR=${MY_WORKSPACE}/std/rpmbuild/RPMS
+SYSINV_SUFFIX=1.0-342.tis.x86_64.rpm
+KUBE_SUFFIX=1.16.2-1.tis.1.x86_64.rpm
+
+patch_build.sh \
+    --id ${SYSINV_PATCH_1} \
+    --reboot-required=N \
+    ${DIR}/sysinv-${SYSINV_SUFFIX}
+
+patch_build.sh \
+    --id ${KUBE_PATCH_1} \
+    --reboot-required=N \
+    --pre-apply ${SEMANTIC_PATH}/KUBE.1.preapply   \
+    --pre-remove ${SEMANTIC_PATH}/KUBE.1.preremove \
+    --req ${SYSINV_PATCH_1} \
+    ${DIR}/kubernetes-kubeadm-${KUBE_SUFFIX}
+
+patch_build.sh \
+    --id ${KUBE_PATCH_2} \
+    --reboot-required=N \
+    --pre-apply ${SEMANTIC_PATH}/KUBE.2.preapply   \
+    --pre-remove ${SEMANTIC_PATH}/KUBE.2.preremove \
+    --req ${KUBE_PATCH_1} \
+    ${DIR}/kubernetes-node-${KUBE_SUFFIX}    \
+    ${DIR}/kubernetes-client-${KUBE_SUFFIX}  \
+    ${DIR}/kubernetes-${KUBE_SUFFIX} \
+    ${DIR}/kubernetes-master-${KUBE_SUFFIX}