Remove Armada related packages from stx build
As part of the efforts to fully deprecate Armada, this commit removes two packages from the StarlingX build: "armada" and "armada-helm-toolkit". In addition, it also removes the helmv2-cli script from the Helm package since helmv2 is also deprecated. Test Plan: PASS: build-pkgs --clean --all PASS: AIO-SX install PASS: AIO-SX upgrade from stx-8 Story: 2010560 Task: 48705 Change-Id: I9986a16ec23057d660cc1834d7f1c5b26564866f Signed-off-by: Igor Soares <Igor.PiresSoares@windriver.com>
This commit is contained in:
Igor Soares
Igor Pires Soares
parent
5ad7850d3c
commit
7471413e24
|
|
@ -1,8 +1,5 @@
|
|||
# List of packages to be included/installed in ISO
|
||||
|
||||
#armada
|
||||
armada
|
||||
|
||||
#base-passwd
|
||||
base-passwd
|
||||
|
||||
|
|
|
|||
|
|
@ -52,8 +52,6 @@ golang-github-dev/golang-github-networkplumbing-go-nft-dev
|
|||
grub/grub-efi
|
||||
grub/grub2
|
||||
grub/grubby
|
||||
kubernetes/armada
|
||||
kubernetes/armada-helm-toolkit
|
||||
kubernetes/chartmuseum
|
||||
kubernetes/cni/bond-cni
|
||||
kubernetes/cni/plugins
|
||||
|
|
|
|||
|
|
@ -1,2 +1 @@
|
|||
kubernetes/armada
|
||||
#kubernetes/plugins/intel-device-plugin
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
This repo is for https://github.com/openstack/openstack-helm-infra
|
||||
|
||||
Changes to this repo are needed for StarlingX and those changes are
|
||||
not yet merged.
|
||||
Rather than clone and diverge the repo, the repo is extracted at a particular
|
||||
git SHA, and patches are applied on top.
|
||||
|
||||
As those patches are merged, the SHA can be updated and the local patches removed.
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
%global src_name openstack-helm-infra
|
||||
%global sha c9d6676bf9a5aceb311dc31dadd07cba6a3d6392
|
||||
%global helm_folder /usr/lib/helm
|
||||
|
||||
Summary: Openstack-Helm-Infra helm-toolkit chart
|
||||
Name: armada-helm-toolkit
|
||||
Version: 1.0
|
||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
||||
License: Apache-2.0
|
||||
Group: base
|
||||
Packager: Wind River <info@windriver.com>
|
||||
URL: https://github.com/openstack/openstack-helm-infra
|
||||
|
||||
Source0: %{src_name}-%{sha}.tar.gz
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
# Note patches 0003, 0005, 0007 through 0013 do not apply to helm-toolkit
|
||||
Patch01: 0001-Allow-multiple-containers-per-daemonset-pod.patch
|
||||
Patch02: 0002-Add-imagePullSecrets-in-service-account.patch
|
||||
Patch04: 0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
||||
Patch06: 0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
||||
Patch07: 0007-Update-apiVersion-to-networking.k8s.io.patch
|
||||
Patch08: 0008-Update-apiVersion-authorization-to-v1.patch
|
||||
|
||||
BuildRequires: helm
|
||||
BuildRequires: chartmuseum
|
||||
|
||||
%description
|
||||
Openstack Helm Infra helm-toolkit chart
|
||||
|
||||
%prep
|
||||
%setup -n openstack-helm-infra
|
||||
%patch01 -p1
|
||||
%patch02 -p1
|
||||
%patch04 -p1
|
||||
%patch06 -p1
|
||||
%patch07 -p1
|
||||
%patch08 -p1
|
||||
|
||||
|
||||
%build
|
||||
# Host a server for the charts
|
||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
|
||||
sleep 2
|
||||
helm repo add local http://localhost:8879/charts
|
||||
|
||||
# Make the charts. These produce tgz files
|
||||
make helm-toolkit
|
||||
# Both armada-helm-toolkit and openstack-helm-infra provide the same
|
||||
# helm-toolkit tarball filename. Rename files with 'armada-' prefix
|
||||
# to prevent 'Transaction check error'.
|
||||
for filename in *.tgz; do mv -v "$filename" "armada-$filename"; done
|
||||
|
||||
# terminate helm server (the last backgrounded task)
|
||||
kill %1
|
||||
|
||||
%install
|
||||
install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder}
|
||||
install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder}
|
||||
|
||||
%files
|
||||
%dir %attr(0755,root,root) %{helm_folder}
|
||||
%defattr(-,root,root,-)
|
||||
%{helm_folder}/*
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
# NOTE: This package and version is identical to
|
||||
# stx/openstack-armada-app/openstack-helm-infra .
|
||||
# This decouples distro build of armada chart from flock.
|
||||
TAR_NAME=openstack-helm-infra
|
||||
SHA=c9d6676bf9a5aceb311dc31dadd07cba6a3d6392
|
||||
VERSION=1.0.0
|
||||
TAR="$TAR_NAME-$SHA.tar.gz"
|
||||
|
||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/*"
|
||||
|
||||
TIS_PATCH_VER=PKG_GITREVCOUNT
|
||||
|
|
@ -1 +0,0 @@
|
|||
armada-helm-toolkit source: file-without-copyright-information
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
armada-helm-toolkit (1.0-1) unstable; urgency=medium
|
||||
|
||||
* Initial release.
|
||||
|
||||
-- Daniel Safta <daniel.safta@windriver.com> Thu, 04 Nov 2021 14:00:42 +0000
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
Source: armada-helm-toolkit
|
||||
Section: admin
|
||||
Priority: optional
|
||||
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
||||
Build-Depends: debhelper-compat (= 13), helm, chartmuseum, procps
|
||||
Standards-Version: 4.4.1
|
||||
Homepage: https://www.starlingx.io
|
||||
|
||||
Package: armada-helm-toolkit
|
||||
Architecture: any
|
||||
Depends: ${misc:Depends}, ${shlibs:Depends}
|
||||
Description: Openstack-Helm-Infra helm-toolkit chart.
|
||||
helm-toolkit used in building armada.
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
|
||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: openstack-helm-infra
|
||||
Source: https://github.com/openstack/openstack-helm-infra
|
||||
Files: *
|
||||
Copyright: (c) 2013-2021 Wind River Systems, Inc
|
||||
License: Apache-2
|
||||
|
||||
# If you want to use GPL v2 or later for the /debian/* files use
|
||||
# the following clauses, or change it to suit. Delete these two lines
|
||||
Files: debian/*
|
||||
Copyright: 2021 Wind River Systems, Inc
|
||||
License: Apache-2
|
||||
|
||||
License: Apache-2
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
.
|
||||
https://www.apache.org/licenses/LICENSE-2.0
|
||||
.
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
.
|
||||
On Debian-based systems the full text of the Apache version 2.0 license
|
||||
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
#!/usr/bin/make -f
|
||||
|
||||
export ROOT = debian/armada-helm-toolkit
|
||||
export APP_FOLDER = $(ROOT)/usr/lib/helm
|
||||
export APP_NAME = armada-helm-toolkit
|
||||
|
||||
%:
|
||||
dh $@
|
||||
|
||||
override_dh_auto_build:
|
||||
# Host a server for the charts
|
||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
|
||||
sleep 2
|
||||
helm repo add local http://localhost:8879/charts
|
||||
# Make the charts. These produce tgz files
|
||||
make helm-toolkit
|
||||
pkill chartmuseum
|
||||
|
||||
|
||||
override_dh_auto_install:
|
||||
# Install the app tar file.
|
||||
install -d -m 755 $(APP_FOLDER)
|
||||
install -p -D -m 755 helm-toolkit-0.1.0.tgz $(APP_FOLDER)/armada-helm-toolkit-0.1.0.tgz
|
||||
|
|
@ -1 +0,0 @@
|
|||
3.0 (quilt)
|
||||
|
|
@ -1 +0,0 @@
|
|||
extend-diff-ignore = "^[^/]*[.]egg-info/"
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
debname: armada-helm-toolkit
|
||||
debver: 1.0-1
|
||||
dl_path:
|
||||
name: openstack-helm-infra-c9d6676bf9a5aceb311dc31dadd07cba6a3d6392.tar.gz
|
||||
url: https://github.com/openstack/openstack-helm-infra/archive/c9d6676bf9a5aceb311dc31dadd07cba6a3d6392.tar.gz
|
||||
md5sum: 6b4ad40b343c346ee54443337edd2be3
|
||||
sha256sum: e3c9899489b17305dd324ad1fe78df4752eb0fe5c622abba31e67f50bdca378c
|
||||
revision:
|
||||
dist: $STX_DIST
|
||||
GITREVCOUNT:
|
||||
BASE_SRCREV: db16f48a952e3c5da8b2efea7acc723107b2c0a2
|
||||
SRC_DIR: ${MY_REPO}/stx/integ/kubernetes/armada-helm-toolkit
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
From 47315e28d44cff586f6fff026dd00e61c2c77bcd Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Wed, 9 Jan 2019 20:11:33 -0500
|
||||
Subject: [PATCH 1/4] Allow multiple containers per daemonset pod
|
||||
|
||||
Remove code that restricted daemonset pods to single containers.
|
||||
Container names will default to name from helm chart template.
|
||||
Required for nova cold migrations to work.
|
||||
|
||||
Story: 2003876
|
||||
Task: 26735
|
||||
Change-Id: Icce660415d43baefbbf768a785c5dedf04ea2930
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
(cherry picked from commit 7ca30319f418cd39db5ecf44cce5fb5fe39c458e)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 7 -------
|
||||
1 file changed, 7 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index e352bc9..10ab166 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -225,13 +225,6 @@ limitations under the License.
|
||||
{{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
|
||||
{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
|
||||
|
||||
- {{/* set container name
|
||||
- assume not more than one container is defined */}}
|
||||
- {{- $container := first $context.Values.__daemonset_yaml.spec.template.spec.containers }}
|
||||
- {{- $_ := set $container "name" $current_dict.dns_1123_name }}
|
||||
- {{- $cont_list := list $container }}
|
||||
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "containers" $cont_list }}
|
||||
-
|
||||
{{/* cross-reference configmap name to container volume definitions */}}
|
||||
{{- $_ := set $context.Values "__volume_list" list }}
|
||||
{{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
|
||||
From: Angie Wang <angie.wang@windriver.com>
|
||||
Date: Mon, 11 Feb 2019 11:29:03 -0500
|
||||
Subject: [PATCH 2/4] Add imagePullSecrets in service account
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
index b4cf1a6..2f4113b 100644
|
||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
@@ -44,6 +44,8 @@ kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
+imagePullSecrets:
|
||||
+ - name: default-registry-key
|
||||
{{- range $k, $v := $deps -}}
|
||||
{{- if eq $k "services" }}
|
||||
{{- range $serv := $v }}
|
||||
--
|
||||
2.16.5
|
||||
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
From b3829fef30e76fdf498fa1d0d35185f642dce5f6 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Mon, 8 Apr 2019 02:12:39 -0400
|
||||
Subject: [PATCH 4/4] Partial revert of
|
||||
31e3469d28858d7b5eb6355e88b6f49fd62032be
|
||||
|
||||
Suspect that new use of mergeOverwrite vs. merge is breaking the
|
||||
per-host DaemonSet overrides.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index 10ab166..ab1177a 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -49,10 +49,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $host_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -89,10 +89,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $label_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -187,7 +187,7 @@ limitations under the License.
|
||||
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
|
||||
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
|
||||
{{- $context_values := omit $context.Values "conf" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -198,7 +198,7 @@ limitations under the License.
|
||||
{{- range $current_dict := $context.Values.__daemonset_list }}
|
||||
|
||||
{{- $context_novalues := omit $context "Values" }}
|
||||
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
|
||||
+ {{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
|
||||
{{- $_ := set $current_dict "nodeData" $merged_dict }}
|
||||
{{/* Deep copy original daemonset_yaml */}}
|
||||
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,46 +0,0 @@
|
|||
From 326fcd76f54d7c099f4c3da6c31eefe0eef2e236 Mon Sep 17 00:00:00 2001
|
||||
From: Ovidiu Poncea <ovidiu.poncea@windriver.com>
|
||||
Date: Mon, 29 Jul 2019 08:00:01 -0400
|
||||
Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
|
||||
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 4 ++--
|
||||
helm-toolkit/templates/utils/_hash.tpl | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index ab1177a..e564869 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -215,7 +215,7 @@ limitations under the License.
|
||||
name uniqueness */}}
|
||||
{{- $_ := set $current_dict "dns_1123_name" dict }}
|
||||
{{- if hasKey $current_dict "matchExpressions" }}
|
||||
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
|
||||
+ {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | toJson | sha256sum | trunc 8))) }}
|
||||
{{- else }}
|
||||
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
|
||||
{{- end }}
|
||||
@@ -258,7 +258,7 @@ limitations under the License.
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
|
||||
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
|
||||
- {{- $values_hash := $cmap | quote | sha256sum }}
|
||||
+ {{- $values_hash := $cmap | toJson | sha256sum }}
|
||||
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
|
||||
|
||||
{{/* generate configmap */}}
|
||||
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
|
||||
index 1041ec0..e419e3b 100644
|
||||
--- a/helm-toolkit/templates/utils/_hash.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_hash.tpl
|
||||
@@ -19,5 +19,5 @@ limitations under the License.
|
||||
{{- $context := index . 1 -}}
|
||||
{{- $last := base $context.Template.Name }}
|
||||
{{- $wtf := $context.Template.Name | replace $last $name -}}
|
||||
-{{- include $wtf $context | sha256sum | quote -}}
|
||||
+{{- include $wtf $context | toJson | sha256sum | quote -}}
|
||||
{{- end -}}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,219 +0,0 @@
|
|||
From 751dff849dfcd9d68ba065571dc8251dbfc16cb2 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Safta <daniel.safta@windriver.com>
|
||||
Date: Wed, 2 Feb 2022 12:07:18 +0000
|
||||
Subject: [PATCH 1/2] Update apiVersion to networking.k8s.io/v1
|
||||
|
||||
These are the changes needed to upgrade
|
||||
the apiVersion in the resources used by armada.
|
||||
This is a subset of the upstream commit:
|
||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/manifests/_ingress.tpl | 75 +++++++++++++------
|
||||
ingress/templates/ingress.yaml | 14 +++-
|
||||
2 files changed, 62 insertions(+), 27 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
index f0c37fd..5c54c34 100644
|
||||
--- a/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
@@ -64,7 +64,7 @@ examples:
|
||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
||||
return: |
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican
|
||||
@@ -78,25 +78,34 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default.svc.cluster.local
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican-namespace-fqdn
|
||||
@@ -114,11 +123,14 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican-cluster-fqdn
|
||||
@@ -136,9 +148,12 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- values: |
|
||||
network:
|
||||
api:
|
||||
@@ -184,7 +199,7 @@ examples:
|
||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
||||
return: |
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican
|
||||
@@ -204,23 +219,32 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default.svc.cluster.local
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
*/}}
|
||||
|
||||
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
||||
@@ -231,9 +255,12 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: {{ $backendName }}
|
||||
- servicePort: {{ $backendPort }}
|
||||
+ service:
|
||||
+ name: {{ $backendName }}
|
||||
+ port:
|
||||
+ name: {{ $backendPort }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "helm-toolkit.manifests.ingress" -}}
|
||||
@@ -247,7 +274,7 @@ examples:
|
||||
{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $ingressName }}
|
||||
@@ -282,7 +309,7 @@ spec:
|
||||
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
||||
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
|
||||
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
|
||||
index 16ebaab..10ffac7 100644
|
||||
--- a/ingress/templates/ingress.yaml
|
||||
+++ b/ingress/templates/ingress.yaml
|
||||
@@ -21,7 +21,7 @@ limitations under the License.
|
||||
{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
|
||||
{{- end -}}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Release.Namespace }}-{{ .Release.Name }}
|
||||
@@ -33,8 +33,16 @@ spec:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
+ service:
|
||||
+ name: {{ $serviceName }}
|
||||
+ port:
|
||||
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
|
||||
+ number: {{ $servicePort | int }}
|
||||
+{{- else }}
|
||||
+ name: {{ $servicePort | quote }}
|
||||
+{{- end }}
|
||||
+
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
|
@ -1,53 +0,0 @@
|
|||
From d5d3e40baedaba10335bc2f0ea801e9118e05d1c Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Safta <daniel.safta@windriver.com>
|
||||
Date: Wed, 2 Feb 2022 12:07:51 +0000
|
||||
Subject: [PATCH 2/2] Update apiVersion authorization to v1
|
||||
|
||||
These are the changes needed to upgrade
|
||||
the apiVersion in the resources used by armada.
|
||||
This is a subset of the upstream commit:
|
||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
||||
---
|
||||
.../templates/snippets/_kubernetes_pod_rbac_roles.tpl | 4 ++--
|
||||
podsecuritypolicy/templates/podsecuritypolicy.yaml | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
index f9f48ef..44a31fd 100644
|
||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
@@ -21,7 +21,7 @@ limitations under the License.
|
||||
{{- $saNamespace := index . 3 -}}
|
||||
{{- $releaseName := $envAll.Release.Name }}
|
||||
---
|
||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
+apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ $releaseName }}-{{ $saName }}
|
||||
@@ -35,7 +35,7 @@ subjects:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
---
|
||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
+apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
|
||||
diff --git a/podsecuritypolicy/templates/podsecuritypolicy.yaml b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
index 741c9a8..9e22c6e 100644
|
||||
--- a/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
+++ b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
@@ -20,7 +20,7 @@ limitations under the License.
|
||||
{{/* Create one ClusterRole and PSP per PSP definition in values */}}
|
||||
{{- range $pspName, $pspDetails := .Values.data }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: {{ $pspName }}
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
0001-Allow-multiple-containers-per-daemonset-pod.patch
|
||||
0002-Add-imagePullSecrets-in-service-account.patch
|
||||
0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
||||
0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
||||
0007-Update-apiVersion-to-networking.k8s.io.patch
|
||||
0008-Update-apiVersion-authorization-to-v1.patch
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
From 47315e28d44cff586f6fff026dd00e61c2c77bcd Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Wed, 9 Jan 2019 20:11:33 -0500
|
||||
Subject: [PATCH 1/4] Allow multiple containers per daemonset pod
|
||||
|
||||
Remove code that restricted daemonset pods to single containers.
|
||||
Container names will default to name from helm chart template.
|
||||
Required for nova cold migrations to work.
|
||||
|
||||
Story: 2003876
|
||||
Task: 26735
|
||||
Change-Id: Icce660415d43baefbbf768a785c5dedf04ea2930
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
(cherry picked from commit 7ca30319f418cd39db5ecf44cce5fb5fe39c458e)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 7 -------
|
||||
1 file changed, 7 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index e352bc9..10ab166 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -225,13 +225,6 @@ limitations under the License.
|
||||
{{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
|
||||
{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
|
||||
|
||||
- {{/* set container name
|
||||
- assume not more than one container is defined */}}
|
||||
- {{- $container := first $context.Values.__daemonset_yaml.spec.template.spec.containers }}
|
||||
- {{- $_ := set $container "name" $current_dict.dns_1123_name }}
|
||||
- {{- $cont_list := list $container }}
|
||||
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "containers" $cont_list }}
|
||||
-
|
||||
{{/* cross-reference configmap name to container volume definitions */}}
|
||||
{{- $_ := set $context.Values "__volume_list" list }}
|
||||
{{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
|
||||
From: Angie Wang <angie.wang@windriver.com>
|
||||
Date: Mon, 11 Feb 2019 11:29:03 -0500
|
||||
Subject: [PATCH 2/4] Add imagePullSecrets in service account
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
index b4cf1a6..2f4113b 100644
|
||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
@@ -44,6 +44,8 @@ kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
+imagePullSecrets:
|
||||
+ - name: default-registry-key
|
||||
{{- range $k, $v := $deps -}}
|
||||
{{- if eq $k "services" }}
|
||||
{{- range $serv := $v }}
|
||||
--
|
||||
2.16.5
|
||||
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
From b3829fef30e76fdf498fa1d0d35185f642dce5f6 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Mon, 8 Apr 2019 02:12:39 -0400
|
||||
Subject: [PATCH 4/4] Partial revert of
|
||||
31e3469d28858d7b5eb6355e88b6f49fd62032be
|
||||
|
||||
Suspect that new use of mergeOverwrite vs. merge is breaking the
|
||||
per-host DaemonSet overrides.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index 10ab166..ab1177a 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -49,10 +49,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $host_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -89,10 +89,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $label_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -187,7 +187,7 @@ limitations under the License.
|
||||
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
|
||||
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
|
||||
{{- $context_values := omit $context.Values "conf" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -198,7 +198,7 @@ limitations under the License.
|
||||
{{- range $current_dict := $context.Values.__daemonset_list }}
|
||||
|
||||
{{- $context_novalues := omit $context "Values" }}
|
||||
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
|
||||
+ {{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
|
||||
{{- $_ := set $current_dict "nodeData" $merged_dict }}
|
||||
{{/* Deep copy original daemonset_yaml */}}
|
||||
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,46 +0,0 @@
|
|||
From 326fcd76f54d7c099f4c3da6c31eefe0eef2e236 Mon Sep 17 00:00:00 2001
|
||||
From: Ovidiu Poncea <ovidiu.poncea@windriver.com>
|
||||
Date: Mon, 29 Jul 2019 08:00:01 -0400
|
||||
Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
|
||||
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 4 ++--
|
||||
helm-toolkit/templates/utils/_hash.tpl | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index ab1177a..e564869 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -215,7 +215,7 @@ limitations under the License.
|
||||
name uniqueness */}}
|
||||
{{- $_ := set $current_dict "dns_1123_name" dict }}
|
||||
{{- if hasKey $current_dict "matchExpressions" }}
|
||||
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
|
||||
+ {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | toJson | sha256sum | trunc 8))) }}
|
||||
{{- else }}
|
||||
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
|
||||
{{- end }}
|
||||
@@ -258,7 +258,7 @@ limitations under the License.
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
|
||||
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
|
||||
- {{- $values_hash := $cmap | quote | sha256sum }}
|
||||
+ {{- $values_hash := $cmap | toJson | sha256sum }}
|
||||
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
|
||||
|
||||
{{/* generate configmap */}}
|
||||
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
|
||||
index 1041ec0..e419e3b 100644
|
||||
--- a/helm-toolkit/templates/utils/_hash.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_hash.tpl
|
||||
@@ -19,5 +19,5 @@ limitations under the License.
|
||||
{{- $context := index . 1 -}}
|
||||
{{- $last := base $context.Template.Name }}
|
||||
{{- $wtf := $context.Template.Name | replace $last $name -}}
|
||||
-{{- include $wtf $context | sha256sum | quote -}}
|
||||
+{{- include $wtf $context | toJson | sha256sum | quote -}}
|
||||
{{- end -}}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,219 +0,0 @@
|
|||
From 751dff849dfcd9d68ba065571dc8251dbfc16cb2 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Safta <daniel.safta@windriver.com>
|
||||
Date: Wed, 2 Feb 2022 12:07:18 +0000
|
||||
Subject: [PATCH 1/2] Update apiVersion to networking.k8s.io/v1
|
||||
|
||||
These are the changes needed to upgrade
|
||||
the apiVersion in the resources used by armada.
|
||||
This is a subset of the upstream commit:
|
||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/manifests/_ingress.tpl | 75 +++++++++++++------
|
||||
ingress/templates/ingress.yaml | 14 +++-
|
||||
2 files changed, 62 insertions(+), 27 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
index f0c37fd..5c54c34 100644
|
||||
--- a/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
|
||||
@@ -64,7 +64,7 @@ examples:
|
||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
||||
return: |
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican
|
||||
@@ -78,25 +78,34 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default.svc.cluster.local
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican-namespace-fqdn
|
||||
@@ -114,11 +123,14 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican-cluster-fqdn
|
||||
@@ -136,9 +148,12 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- values: |
|
||||
network:
|
||||
api:
|
||||
@@ -184,7 +199,7 @@ examples:
|
||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
||||
return: |
|
||||
---
|
||||
- apiVersion: extensions/v1beta1
|
||||
+ apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: barbican
|
||||
@@ -204,23 +219,32 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
- host: barbican.default.svc.cluster.local
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: barbican-api
|
||||
- servicePort: b-api
|
||||
+ service:
|
||||
+ name: barbican-api
|
||||
+ port:
|
||||
+ name: b-api
|
||||
*/}}
|
||||
|
||||
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
||||
@@ -231,9 +255,12 @@ examples:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: {{ $backendName }}
|
||||
- servicePort: {{ $backendPort }}
|
||||
+ service:
|
||||
+ name: {{ $backendName }}
|
||||
+ port:
|
||||
+ name: {{ $backendPort }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "helm-toolkit.manifests.ingress" -}}
|
||||
@@ -247,7 +274,7 @@ examples:
|
||||
{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $ingressName }}
|
||||
@@ -282,7 +309,7 @@ spec:
|
||||
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
||||
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
|
||||
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
|
||||
index 16ebaab..10ffac7 100644
|
||||
--- a/ingress/templates/ingress.yaml
|
||||
+++ b/ingress/templates/ingress.yaml
|
||||
@@ -21,7 +21,7 @@ limitations under the License.
|
||||
{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
|
||||
{{- end -}}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Release.Namespace }}-{{ .Release.Name }}
|
||||
@@ -33,8 +33,16 @@ spec:
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
+ pathType: ImplementationSpecific
|
||||
backend:
|
||||
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
+ service:
|
||||
+ name: {{ $serviceName }}
|
||||
+ port:
|
||||
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
|
||||
+ number: {{ $servicePort | int }}
|
||||
+{{- else }}
|
||||
+ name: {{ $servicePort | quote }}
|
||||
+{{- end }}
|
||||
+
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
|
@ -1,53 +0,0 @@
|
|||
From d5d3e40baedaba10335bc2f0ea801e9118e05d1c Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Safta <daniel.safta@windriver.com>
|
||||
Date: Wed, 2 Feb 2022 12:07:51 +0000
|
||||
Subject: [PATCH 2/2] Update apiVersion authorization to v1
|
||||
|
||||
These are the changes needed to upgrade
|
||||
the apiVersion in the resources used by armada.
|
||||
This is a subset of the upstream commit:
|
||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
||||
---
|
||||
.../templates/snippets/_kubernetes_pod_rbac_roles.tpl | 4 ++--
|
||||
podsecuritypolicy/templates/podsecuritypolicy.yaml | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
index f9f48ef..44a31fd 100644
|
||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
||||
@@ -21,7 +21,7 @@ limitations under the License.
|
||||
{{- $saNamespace := index . 3 -}}
|
||||
{{- $releaseName := $envAll.Release.Name }}
|
||||
---
|
||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
+apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ $releaseName }}-{{ $saName }}
|
||||
@@ -35,7 +35,7 @@ subjects:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
---
|
||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
+apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
|
||||
diff --git a/podsecuritypolicy/templates/podsecuritypolicy.yaml b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
index 741c9a8..9e22c6e 100644
|
||||
--- a/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
+++ b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
||||
@@ -20,7 +20,7 @@ limitations under the License.
|
||||
{{/* Create one ClusterRole and PSP per PSP definition in values */}}
|
||||
{{- range $pspName, $pspDetails := .Values.data }}
|
||||
---
|
||||
-apiVersion: extensions/v1beta1
|
||||
+apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: {{ $pspName }}
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
|
@ -1,90 +0,0 @@
|
|||
%global git_sha 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a
|
||||
|
||||
# Build variables
|
||||
%global helm_folder /usr/lib/helm
|
||||
%global toolkit_version 0.1.0
|
||||
%global charts_staging ./charts
|
||||
|
||||
Name: armada
|
||||
Version: 0.2.0
|
||||
Release: 0%{?_tis_dist}.%{tis_patch_ver}
|
||||
Summary: An orchestrator for managing a collection of Kubernetes Helm charts
|
||||
License: Apache-2.0
|
||||
Group: base
|
||||
Packager: Wind River <info@windriver.com>
|
||||
URL: https://airship-armada.readthedocs.io/
|
||||
Source0: %{name}-%{git_sha}.tar.gz
|
||||
|
||||
Patch1: 0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch
|
||||
Patch2: 0002-Tiller-wait-for-postgres-database-ping.patch
|
||||
Patch3: 0003-Update-the-liveness-probe-to-verify-postgres-connect.patch
|
||||
Patch4: 0004-Update-postgres-liveness-check-to-support-IPv6-addre.patch
|
||||
Patch5: 0005-Add-toleration-to-armada-api.patch
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
BuildRequires: helm
|
||||
BuildRequires: armada-helm-toolkit
|
||||
BuildRequires: chartmuseum
|
||||
|
||||
%description
|
||||
%{summary}
|
||||
|
||||
%prep
|
||||
%setup -n armada
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
|
||||
%build
|
||||
# Package the armada chart tarball using methodology derived from:
|
||||
# git clone https://opendev.org/airship/armada.git && cd armada
|
||||
# make charts
|
||||
#
|
||||
# This provides the equivalent of 'make charts' and builds what is
|
||||
# minimally sufficient to generate the armada chart tarball.
|
||||
# - do not need to build helm-toolkit.
|
||||
# - do not need to build tiller (armada chart contains tiller).
|
||||
# - This does not download helm v2 or helm-toolkit as done by 'make charts',
|
||||
# and does not require external network.
|
||||
# - Everything else provided by the armada Makefile build is ignored.
|
||||
#
|
||||
# This is built using helm v3.
|
||||
# - 'helm init' and 'helm serv' have been removed in helm v3
|
||||
# - chartmuseum is drop-in replacement for 'helm serv'
|
||||
# - no initial repository exist
|
||||
# - charts self-contain helm-toolkit and pass lint; requirements.yaml
|
||||
# dependencies are safely removed from package so the cluster does
|
||||
# not have to serve 'local' repo (i.e., with ChartMuseum).
|
||||
# - helm config of setup directories and repositories is automated
|
||||
# (we don't need to create them)
|
||||
|
||||
# Stage helm-toolkit in the local repo
|
||||
cp %{helm_folder}/armada-helm-toolkit-%{toolkit_version}.tgz %{charts_staging}/helm-toolkit-%{toolkit_version}.tgz
|
||||
|
||||
# Host a local server for the charts.
|
||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="%{charts_staging}" &
|
||||
sleep 2
|
||||
helm repo add local http://localhost:8879/charts
|
||||
|
||||
cd %{charts_staging}
|
||||
helm dependency update armada
|
||||
helm lint armada
|
||||
rm -v -f ./requirements.lock ./requirements.yaml
|
||||
helm template --set pod.resources.enabled=true armada
|
||||
helm package armada
|
||||
cd -
|
||||
|
||||
# Terminate helm server (the last backgrounded task)
|
||||
kill %1
|
||||
|
||||
%install
|
||||
install -d -m 755 ${RPM_BUILD_ROOT}/opt/extracharts
|
||||
install -p -D -m 755 %{charts_staging}/armada-*.tgz ${RPM_BUILD_ROOT}/opt/extracharts
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
/opt/extracharts/*
|
||||
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
TAR_NAME=armada
|
||||
VERSION=0.2.0
|
||||
SHA=7ef4b8643b5ec5216a8f6726841e156c0aa54a1a
|
||||
TAR="$TAR_NAME-$SHA.tar.gz"
|
||||
|
||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $FILES_BASE/*"
|
||||
|
||||
TIS_PATCH_VER=PKG_GITREVCOUNT
|
||||
|
|
@ -1,114 +0,0 @@
|
|||
From 8c6cc4c0ad5569d7de3615463f7d8c4dd7429e63 Mon Sep 17 00:00:00 2001
|
||||
From: Thiago Brito <thiago.brito@windriver.com>
|
||||
Date: Thu, 22 Apr 2021 20:00:51 -0300
|
||||
Subject: [PATCH] Add Helm v2 client initialization using tiller
|
||||
postStart exec
|
||||
|
||||
This adds helm v2 client initialization using the tiller
|
||||
container postStart exec to access helm v2 binary.
|
||||
|
||||
This will perform 'helm init', removes the default repos
|
||||
'stable' and 'local', and add valid repos that were provided
|
||||
as overrides. Note that helm will only add repos that exist.
|
||||
|
||||
This expects overrides in this format:
|
||||
conf:
|
||||
tiller:
|
||||
charts_url: 'http://192.168.204.1:8080/helm_charts'
|
||||
repo_names:
|
||||
- 'starlingx'
|
||||
- 'stx-platform'
|
||||
repos:
|
||||
stable: https://kubernetes-charts.storage.googleapis.com
|
||||
|
||||
This gives the following result:
|
||||
helmv2-cli -- helm repo list
|
||||
NAME URL
|
||||
stable https://kubernetes-charts.storage.googleapis.com
|
||||
starlingx http://192.168.204.1:8080/helm_charts/starlingx
|
||||
stx-platform http://192.168.204.1:8080/helm_charts/stx-platform
|
||||
|
||||
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
|
||||
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++
|
||||
charts/armada/values.yaml | 10 +++++++
|
||||
2 files changed, 43 insertions(+)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 562e3d0..483ec0b 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -186,6 +186,39 @@ spec:
|
||||
- -trace
|
||||
{{- end }}
|
||||
lifecycle:
|
||||
+ postStart:
|
||||
+ exec:
|
||||
+ command:
|
||||
+ - sh
|
||||
+ - "-c"
|
||||
+ - |
|
||||
+ /bin/sh <<'EOF'
|
||||
+ # Delay initialization since postStart handler runs asynchronously and there
|
||||
+ # is no guarantee it is called before the Container’s entrypoint.
|
||||
+ sleep 5
|
||||
+ # Initialize Helm v2 client.
|
||||
+ export HELM_HOST=:{{ .Values.conf.tiller.port }}
|
||||
+ /helm init --client-only --skip-refresh
|
||||
+
|
||||
+ # Moving the ln up so eventual errors on the next commands doesn't prevent
|
||||
+ # having helm available
|
||||
+ ln -s -f /helm /tmp/helm
|
||||
+
|
||||
+ # Removes all repos available so we don't get an error removing what
|
||||
+ # doesn't exist anymore or error re-adding an existing repo
|
||||
+ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm
|
||||
+{{- if .Values.conf.tiller.repos }}
|
||||
+ {{- range $name, $repo := .Values.conf.tiller.repos }}
|
||||
+ /helm repo add {{ $name }} {{ $repo }}
|
||||
+ {{- end }}
|
||||
+{{- end }}
|
||||
+{{- if .Values.conf.tiller.repo_names }}
|
||||
+ {{- range .Values.conf.tiller.repo_names }}
|
||||
+ /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }}
|
||||
+ {{- end }}
|
||||
+{{- end }}
|
||||
+ exit 0
|
||||
+ EOF
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
||||
index 3a4427e..da45810 100644
|
||||
--- a/charts/armada/values.yaml
|
||||
+++ b/charts/armada/values.yaml
|
||||
@@ -220,6 +220,10 @@ conf:
|
||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
||||
# greater than that will have no effect.
|
||||
prestop_sleep: 30
|
||||
+ # Helm v2 initialization
|
||||
+ charts_url: null
|
||||
+ repo_names: []
|
||||
+ repos: {}
|
||||
|
||||
monitoring:
|
||||
prometheus:
|
||||
@@ -325,7 +329,13 @@ pod:
|
||||
volumes:
|
||||
- name: kubernetes-client-cache
|
||||
emptyDir: {}
|
||||
+ - name: tiller-tmp
|
||||
+ emptyDir: {}
|
||||
volumeMounts:
|
||||
+ - name: tiller-tmp
|
||||
+ # /tmp is now readOnly due to the security_context on L288, so
|
||||
+ # mounting an emptyDir
|
||||
+ mountPath: /tmp
|
||||
- name: kubernetes-client-cache
|
||||
# Should be the `$HOME/.kube` of the `runAsUser` above
|
||||
# as this is where tiller's kubernetes client roots its cache dir.
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
|
|
@ -1,66 +0,0 @@
|
|||
From 96e49fcc6d6b988d03a61261511abf64a0af2e2a Mon Sep 17 00:00:00 2001
|
||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
Date: Tue, 11 May 2021 21:04:18 +0300
|
||||
Subject: [PATCH] Tiller wait for postgres database ping
|
||||
|
||||
Networking might not be correctly initialized when tiller starts.
|
||||
|
||||
Modify the pod command to wait for networking to be available before
|
||||
starting up tiller.
|
||||
|
||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 31 +++++++++++++--------
|
||||
1 file changed, 19 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 69036c0..3816366 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -167,24 +167,31 @@ spec:
|
||||
- name: TILLER_HISTORY_MAX
|
||||
value: {{ .Values.conf.tiller.history_max | quote }}
|
||||
command:
|
||||
- - /tiller
|
||||
+ - sh
|
||||
+ - -c
|
||||
+ - |
|
||||
+ /bin/sh <<'EOF'
|
||||
{{- if .Values.conf.tiller.storage }}
|
||||
- - --storage={{ .Values.conf.tiller.storage }}
|
||||
{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
||||
- - --sql-dialect={{ .Values.conf.tiller.sql_dialect }}
|
||||
- - --sql-connection-string={{ .Values.conf.tiller.sql_connection }}
|
||||
+ while ! /bin/busybox nc -vz -w 1 {{ .Values.conf.tiller.sql_endpoint_ip}} 5432; do continue; done;
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- - -listen
|
||||
- - ":{{ .Values.conf.tiller.port }}"
|
||||
- - -probe-listen
|
||||
- - ":{{ .Values.conf.tiller.probe_port }}"
|
||||
- - -logtostderr
|
||||
- - -v
|
||||
- - {{ .Values.conf.tiller.verbosity | quote }}
|
||||
+ /tiller \
|
||||
+{{- if .Values.conf.tiller.storage }}
|
||||
+ --storage={{ .Values.conf.tiller.storage }} \
|
||||
+{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
||||
+ --sql-dialect={{ .Values.conf.tiller.sql_dialect }} \
|
||||
+ --sql-connection-string={{ .Values.conf.tiller.sql_connection }} \
|
||||
+{{- end }}
|
||||
+{{- end }}
|
||||
+ -listen ":{{ .Values.conf.tiller.port }}" \
|
||||
+ -probe-listen ":{{ .Values.conf.tiller.probe_port }}" \
|
||||
+ -logtostderr \
|
||||
+ -v {{ .Values.conf.tiller.verbosity | quote }} \
|
||||
{{- if .Values.conf.tiller.trace }}
|
||||
- - -trace
|
||||
+ -trace
|
||||
{{- end }}
|
||||
+ EOF
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
--
|
||||
2.30.0
|
||||
|
||||
|
|
@ -1,45 +0,0 @@
|
|||
From be3167e5342f2730ef43012d8fe4f3782c6ef468 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Wed, 12 May 2021 02:38:52 -0400
|
||||
Subject: [PATCH 3/3] Update the liveness probe to verify postgres connectivity
|
||||
|
||||
Change the tillerLivenessProbeTemplate to test the connectivity to the
|
||||
postgres backend. We will override the periodSeconds and
|
||||
failureThreshold when installing the helm chart to trigger a restart of
|
||||
the tiller pod over a swact when the postgres DB/server moves from one
|
||||
controller to the other.
|
||||
|
||||
This will help guarantee that the tiller connection is always
|
||||
reestablished if the connectivity to the postgres backend fails.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 12 ++++++++----
|
||||
1 file changed, 8 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index bf23fb2..2b65494 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -28,10 +28,14 @@ httpGet:
|
||||
{{- end }}
|
||||
|
||||
{{- define "tillerLivenessProbeTemplate" }}
|
||||
-httpGet:
|
||||
- path: /liveness
|
||||
- port: {{ .Values.conf.tiller.probe_port }}
|
||||
- scheme: HTTP
|
||||
+exec:
|
||||
+ command:
|
||||
+ - nc
|
||||
+ - -vz
|
||||
+ - -w
|
||||
+ - "1"
|
||||
+ - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
||||
+ - "5432"
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.manifests.deployment_api }}
|
||||
--
|
||||
2.16.6
|
||||
|
||||
|
|
@ -1,30 +0,0 @@
|
|||
From e13416638b103fde04feb31027c3148c9685cf7f Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Sat, 15 May 2021 16:16:41 -0400
|
||||
Subject: [PATCH 4/4] Update postgres liveness check to support IPv6 addresses
|
||||
|
||||
Templating will add square brackets for IPv6 addresses which are
|
||||
interpreted as an array vs. a string. Quote this so that it interpreted
|
||||
correctly.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 2b65494..5c4825c 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -34,7 +34,7 @@ exec:
|
||||
- -vz
|
||||
- -w
|
||||
- "1"
|
||||
- - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
||||
+ - "{{ .Values.conf.tiller.sql_endpoint_ip }}"
|
||||
- "5432"
|
||||
{{- end }}
|
||||
|
||||
--
|
||||
2.16.6
|
||||
|
||||
|
|
@ -1,57 +0,0 @@
|
|||
From 8f38dcdc7ba6448487283d14a745b8c299c47a13 Mon Sep 17 00:00:00 2001
|
||||
From: Enzo Candotti <enzo.candotti@windriver.com>
|
||||
Date: Wed, 6 Oct 2021 18:25:10 -0300
|
||||
Subject: [PATCH] Add toleration to armada-api
|
||||
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 4 ++++
|
||||
charts/armada/templates/tests/test-armada-api.yaml | 4 ++++
|
||||
charts/armada/values.yaml | 2 ++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index d4eff7a..1859d99 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -108,6 +108,10 @@ spec:
|
||||
initContainers:
|
||||
{{ tuple $envAll "api" $mounts_armada_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
{{ dict "envAll" $envAll "application" "armada" "container" "armada_api_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||
+{{- with .Values.pod.tolerations.api }}
|
||||
+ tolerations:
|
||||
+{{ toYaml . | indent 8 }}
|
||||
+{{- end }}
|
||||
containers:
|
||||
- name: armada-api
|
||||
{{ tuple $envAll "api" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
diff --git a/charts/armada/templates/tests/test-armada-api.yaml b/charts/armada/templates/tests/test-armada-api.yaml
|
||||
index a467fc9..2733cfe 100644
|
||||
--- a/charts/armada/templates/tests/test-armada-api.yaml
|
||||
+++ b/charts/armada/templates/tests/test-armada-api.yaml
|
||||
@@ -32,6 +32,10 @@ metadata:
|
||||
spec:
|
||||
{{ dict "envAll" $envAll "application" "api_test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||
restartPolicy: Never
|
||||
+{{- with .Values.pod.tolerations.api }}
|
||||
+ tolerations:
|
||||
+{{ toYaml . | indent 4 }}
|
||||
+{{- end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
||||
containers:
|
||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
||||
index e583947..247b15e 100644
|
||||
--- a/charts/armada/values.yaml
|
||||
+++ b/charts/armada/values.yaml
|
||||
@@ -206,6 +206,8 @@ monitoring:
|
||||
port: 8000
|
||||
|
||||
pod:
|
||||
+ tolerations:
|
||||
+ api: []
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
armada-api:
|
||||
--
|
||||
2.25.1
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
dir-or-file-in-opt
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
armada (0.2.0-0) unstable; urgency=medium
|
||||
|
||||
* Initial release.
|
||||
|
||||
-- Daniel Safta <daniel.safta@windriver.com> Thu, 04 Nov 2021 14:00:42 +0000
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
Source: armada
|
||||
Section: admin
|
||||
Priority: optional
|
||||
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
||||
Build-Depends: debhelper-compat (= 13), helm, chartmuseum, procps,armada-helm-toolkit
|
||||
Standards-Version: 4.4.1
|
||||
Homepage: https://www.starlingx.io
|
||||
|
||||
Package: armada
|
||||
Architecture: any
|
||||
Depends: ${misc:Depends}, ${shlibs:Depends}
|
||||
Description: An orchestrator for managing a collection of Kubernetes Helm charts.
|
||||
Armada is a tool for managing multiple Helm charts with
|
||||
dependencies by centralizing all configurations in a single Armada YAML.
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
|
||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: armada
|
||||
Source: https://opendev.org/airship/armada.git
|
||||
Files: *
|
||||
Copyright: (c) 2013-2021 Wind River Systems, Inc
|
||||
License: Apache-2
|
||||
|
||||
# If you want to use GPL v2 or later for the /debian/* files use
|
||||
# the following clauses, or change it to suit. Delete these two lines
|
||||
Files: debian/*
|
||||
Copyright: 2021 Wind River Systems, Inc
|
||||
License: Apache-2
|
||||
|
||||
License: Apache-2
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
.
|
||||
https://www.apache.org/licenses/LICENSE-2.0
|
||||
.
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
.
|
||||
On Debian-based systems the full text of the Apache version 2.0 license
|
||||
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
||||
|
|
@ -1,83 +0,0 @@
|
|||
From bf0cfeb9efe5c021b24dcd5ef4c353507d96e307 Mon Sep 17 00:00:00 2001
|
||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
Date: Tue, 14 Jun 2022 15:45:22 +0300
|
||||
Subject: [PATCH 1/8] Revert "Tiller: listen on localhost by default"
|
||||
|
||||
This reverts commit a3f11e5873bc5b97de579c627d7b57e3bc9f655e.
|
||||
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
||||
ddbdd7256c20f138737f6cbd772312f7a19f58b8 we observe a change to default
|
||||
tiller port logic.
|
||||
|
||||
Keep old logic.
|
||||
|
||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
||||
charts/armada/values.yaml | 6 ------
|
||||
charts/tiller/templates/deployment-tiller.yaml | 2 +-
|
||||
charts/tiller/values.yaml | 6 ------
|
||||
4 files changed, 2 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index b7f93d7..f1395ef 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -178,7 +178,7 @@ spec:
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- -listen
|
||||
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
||||
+ - ":{{ .Values.conf.tiller.port }}"
|
||||
- -probe-listen
|
||||
- ":{{ .Values.conf.tiller.probe_port }}"
|
||||
- -logtostderr
|
||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
||||
index b1ed61f..3a4427e 100644
|
||||
--- a/charts/armada/values.yaml
|
||||
+++ b/charts/armada/values.yaml
|
||||
@@ -206,12 +206,6 @@ conf:
|
||||
tiller:
|
||||
# If set to false then some form of Tiller needs to be provided
|
||||
enabled: true
|
||||
- # To have Tiller bind to all interfaces, allowing direct connections from
|
||||
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
||||
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
||||
- # The Armada container talks directly to Tiller via 127.0.0.1, so the
|
||||
- # default value is appropriate for normal operation.
|
||||
- listen_on_any: false
|
||||
port: 24134
|
||||
probe_port: 24135
|
||||
verbosity: 5
|
||||
diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml
|
||||
index f6df614..1f04a13 100644
|
||||
--- a/charts/tiller/templates/deployment-tiller.yaml
|
||||
+++ b/charts/tiller/templates/deployment-tiller.yaml
|
||||
@@ -104,7 +104,7 @@ spec:
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- -listen
|
||||
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
||||
+ - ":{{ .Values.conf.tiller.port }}"
|
||||
- -probe-listen
|
||||
- ":{{ .Values.conf.tiller.probe_port }}"
|
||||
- -logtostderr
|
||||
diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml
|
||||
index ba776bc..495e3c1 100644
|
||||
--- a/charts/tiller/values.yaml
|
||||
+++ b/charts/tiller/values.yaml
|
||||
@@ -52,12 +52,6 @@ conf:
|
||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
||||
# greater than that will have no effect.
|
||||
prestop_sleep: 30
|
||||
- # To have Tiller bind to all interfaces, allowing direct connections from
|
||||
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
||||
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
||||
- # Helm clients with Kubernetes API access dynamically set up a portforward
|
||||
- # into the pod, which works with the default setting.
|
||||
- listen_on_any: false
|
||||
port: 44134
|
||||
probe_port: 44135
|
||||
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
From 6d63302d8e7d35c4549c49b97c8667203bc22428 Mon Sep 17 00:00:00 2001
|
||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
Date: Tue, 14 Jun 2022 16:01:56 +0300
|
||||
Subject: [PATCH 2/8] Revert "Add "labels" to Armada deployment"
|
||||
|
||||
This reverts commit eb2e87d32b2b9c9853deb70ed2e7029380ef0e16.
|
||||
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
||||
ddbdd7256c20f138737f6cbd772312f7a19f58b8.
|
||||
This revert is here just to reduce the need for testing. Keeping the
|
||||
helm charts without changes between 7ef4b8..ddbdd7.
|
||||
|
||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index f1395ef..562e3d0 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -92,8 +92,6 @@ apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: armada-api
|
||||
- labels:
|
||||
-{{ $labels | indent 4 }}
|
||||
annotations:
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 4 }}
|
||||
spec:
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,205 +0,0 @@
|
|||
From 9c37292171aa9c35fbfb8c1ee2670150b9621190 Mon Sep 17 00:00:00 2001
|
||||
From: Phil Sphicas <phil.sphicas@att.com>
|
||||
Date: Wed, 9 Feb 2022 10:04:38 -0800
|
||||
Subject: [PATCH 3/8] Create lock CRD as apiextensions.k8s.io/v1 object
|
||||
|
||||
Cherry-pick https://review.opendev.org/c/airship/armada/+/845392
|
||||
from upstream keeping the original commit message:
|
||||
|
||||
-----
|
||||
Kubernetes v1.22 stopped serving the apiextensions.k8s.io/v1beta1 API
|
||||
version of CustomResourceDefinition.
|
||||
|
||||
This change ensures that the locks.armada.process CRD is created using
|
||||
the apiextensions.k8s.io/v1 API.
|
||||
|
||||
The kubernetes client package is also updated to take advantage of the
|
||||
dynamic client.
|
||||
|
||||
(cherry picked from commit c5d39f27cacaa953be43c7d3265bb693db0939d0)
|
||||
|
||||
In addition to the clean cherry-pick add fixes for tests:
|
||||
- docs language
|
||||
- protobuf version
|
||||
- stestr missing
|
||||
|
||||
Closes-Bug: 1978409
|
||||
Change-Id: Icd518ab5cbb78e8b15f63d19c51b5f5b9a67e995
|
||||
-----
|
||||
|
||||
On top of the upstream cherry-pick we need to enchance build env to
|
||||
add missing .yaml files.
|
||||
Change setup.py and add MANIFEST.in to allow proper contents of the
|
||||
image to be generated.
|
||||
|
||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
---
|
||||
MANIFEST.in | 2 ++
|
||||
armada/handlers/k8s.py | 7 +++----
|
||||
armada/handlers/lock.py | 42 +++++++++++++++++------------------------
|
||||
doc/source/conf.py | 2 +-
|
||||
requirements.txt | 6 +++---
|
||||
setup.py | 2 +-
|
||||
test-requirements.txt | 1 +
|
||||
7 files changed, 28 insertions(+), 34 deletions(-)
|
||||
create mode 100644 MANIFEST.in
|
||||
|
||||
diff --git a/MANIFEST.in b/MANIFEST.in
|
||||
new file mode 100644
|
||||
index 0000000..61709ba
|
||||
--- /dev/null
|
||||
+++ b/MANIFEST.in
|
||||
@@ -0,0 +1,2 @@
|
||||
+include *.yaml
|
||||
+recursive-include armada *.yaml
|
||||
diff --git a/armada/handlers/k8s.py b/armada/handlers/k8s.py
|
||||
index 31b00c7..56cbc26 100644
|
||||
--- a/armada/handlers/k8s.py
|
||||
+++ b/armada/handlers/k8s.py
|
||||
@@ -57,8 +57,7 @@ class K8s(object):
|
||||
self.batch_api = client.BatchV1Api(api_client)
|
||||
self.batch_v1beta1_api = client.BatchV1beta1Api(api_client)
|
||||
self.custom_objects = client.CustomObjectsApi(api_client)
|
||||
- self.api_extensions = client.ApiextensionsV1beta1Api(api_client)
|
||||
- self.extension_api = client.ExtensionsV1beta1Api(api_client)
|
||||
+ self.api_extensions = client.ApiextensionsV1Api(api_client)
|
||||
self.apps_v1_api = client.AppsV1Api(api_client)
|
||||
|
||||
def delete_job_action(
|
||||
@@ -359,10 +358,10 @@ class K8s(object):
|
||||
|
||||
:param crd: custom resource definition to create
|
||||
|
||||
- :type crd: kubernetes.client.V1beta1CustomResourceDefinition
|
||||
+ :type crd: kubernetes.client.V1CustomResourceDefinition
|
||||
|
||||
:return: new custom resource definition
|
||||
- :rtype: kubernetes.client.V1beta1CustomResourceDefinition
|
||||
+ :rtype: kubernetes.client.V1CustomResourceDefinition
|
||||
"""
|
||||
return self.api_extensions.create_custom_resource_definition(crd)
|
||||
|
||||
diff --git a/armada/handlers/lock.py b/armada/handlers/lock.py
|
||||
index bd99d38..54e3eb0 100644
|
||||
--- a/armada/handlers/lock.py
|
||||
+++ b/armada/handlers/lock.py
|
||||
@@ -281,40 +281,32 @@ class LockConfig:
|
||||
return lock
|
||||
|
||||
def create_definition(self):
|
||||
- names = client.V1beta1CustomResourceDefinitionNames(
|
||||
+ names = client.V1CustomResourceDefinitionNames(
|
||||
kind="Resource", plural=LOCK_PLURAL, singular=LOCK_SINGULAR)
|
||||
metadata = client.V1ObjectMeta(
|
||||
name="{}.{}".format(LOCK_PLURAL, LOCK_GROUP),
|
||||
resource_version=LOCK_VERSION)
|
||||
- status = client.V1beta1CustomResourceDefinitionStatus(
|
||||
- accepted_names=names,
|
||||
- conditions=[],
|
||||
- stored_versions=[LOCK_VERSION])
|
||||
- spec = client.V1beta1CustomResourceDefinitionSpec(
|
||||
+ spec = client.V1CustomResourceDefinitionSpec(
|
||||
group=LOCK_GROUP,
|
||||
names=names,
|
||||
scope="Namespaced",
|
||||
- version=LOCK_VERSION)
|
||||
- crd = client.V1beta1CustomResourceDefinition(
|
||||
- spec=spec,
|
||||
- status=status,
|
||||
- metadata=metadata,
|
||||
- kind="CustomResourceDefinition")
|
||||
+ versions=[
|
||||
+ {
|
||||
+ "name": LOCK_VERSION,
|
||||
+ "schema": {
|
||||
+ "openAPIV3Schema": {
|
||||
+ "type": "object",
|
||||
+ "x-kubernetes-preserve-unknown-fields": True
|
||||
+ }
|
||||
+ },
|
||||
+ "served": True,
|
||||
+ "storage": True,
|
||||
+ }
|
||||
+ ])
|
||||
+ crd = client.V1CustomResourceDefinition(
|
||||
+ spec=spec, metadata=metadata, kind="CustomResourceDefinition")
|
||||
try:
|
||||
self.k8s.create_custom_resource_definition(crd)
|
||||
- except ValueError as err:
|
||||
- # Because of an issue with the Kubernetes code, the API server
|
||||
- # may return `null` for the required field `conditions` in
|
||||
- # kubernetes.client.V1beta1CustomResourceDefinitionStatus
|
||||
- # This causes validation to fail which will raise the subsequent
|
||||
- # ValueError even though the CRD was created successfully
|
||||
- # https://github.com/kubernetes-client/gen/issues/52
|
||||
- # TODO if this is fixed upstream this should be removed
|
||||
- known_msg = "Invalid value for `conditions`, must not be `None`"
|
||||
- known_err = ValueError(known_msg)
|
||||
- if err.args != known_err.args:
|
||||
- raise
|
||||
- LOG.debug("Encountered known issue while creating CRD, continuing")
|
||||
except ApiException as err:
|
||||
# If a 409 is received then the definition already exists
|
||||
if err.status != 409:
|
||||
diff --git a/doc/source/conf.py b/doc/source/conf.py
|
||||
index 6ed6273..b4826c7 100644
|
||||
--- a/doc/source/conf.py
|
||||
+++ b/doc/source/conf.py
|
||||
@@ -78,7 +78,7 @@ author = 'The Airship Authors'
|
||||
#
|
||||
# This is also used if you do content translation via gettext catalogs.
|
||||
# Usually you set "language" from the command line for these cases.
|
||||
-language = None
|
||||
+language = 'en'
|
||||
|
||||
# List of patterns, relative to source directory, that match files and
|
||||
# directories to ignore when looking for source files.
|
||||
diff --git a/requirements.txt b/requirements.txt
|
||||
index 2d61ca3..c2f9ac2 100644
|
||||
--- a/requirements.txt
|
||||
+++ b/requirements.txt
|
||||
@@ -6,16 +6,16 @@ jsonschema>=3.0.1,<4
|
||||
keystoneauth1>=3.18.0
|
||||
keystonemiddleware==5.3.0
|
||||
kombu<4.7,>=4.6.10
|
||||
-kubernetes>=12.0.0
|
||||
+kubernetes<23,>=17.0.0
|
||||
Paste>=2.0.3
|
||||
PasteDeploy>=1.5.2
|
||||
-protobuf>=3.4.0
|
||||
+protobuf>=3.4.0,<3.21
|
||||
pylibyaml~=0.1
|
||||
pyyaml~=5.1
|
||||
requests
|
||||
retry
|
||||
setuptools>=40.4.3
|
||||
-prometheus_client>=0.7.0
|
||||
+prometheus_client<0.13.0,>=0.7.0
|
||||
|
||||
# API
|
||||
falcon
|
||||
diff --git a/setup.py b/setup.py
|
||||
index 7d9b694..8a5a815 100644
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -5,4 +5,4 @@ try:
|
||||
except ImportError:
|
||||
pass
|
||||
|
||||
-setuptools.setup(setup_requires=['pbr>=2.0.0'], pbr=True)
|
||||
+setuptools.setup(setup_requires=['pbr>=2.0.0'], pbr=True, include_package_data=True)
|
||||
diff --git a/test-requirements.txt b/test-requirements.txt
|
||||
index 3108c65..e9faa28 100644
|
||||
--- a/test-requirements.txt
|
||||
+++ b/test-requirements.txt
|
||||
@@ -16,6 +16,7 @@ mock
|
||||
responses>=0.8.1
|
||||
yapf==0.27.0
|
||||
flake8-import-order==0.18.1
|
||||
+stestr>=1.0.0 # Apache-2.0
|
||||
|
||||
grpcio-tools==1.16.0
|
||||
typing-extensions==3.7.2
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,112 +0,0 @@
|
|||
From 1c73f6739eb672b330669fda5e427099c08c3490 Mon Sep 17 00:00:00 2001
|
||||
From: Thiago Brito <thiago.brito@windriver.com>
|
||||
Date: Thu, 22 Apr 2021 20:00:51 -0300
|
||||
Subject: [PATCH 4/8] Add Helm v2 client initialization
|
||||
|
||||
This adds helm v2 client initialization using the tiller
|
||||
container postStart exec to access helm v2 binary.
|
||||
|
||||
This will perform 'helm init', removes the default repos
|
||||
'stable' and 'local', and add valid repos that were provided
|
||||
as overrides. Note that helm will only add repos that exist.
|
||||
|
||||
This expects overrides in this format:
|
||||
conf:
|
||||
tiller:
|
||||
charts_url: 'http://192.168.204.1:8080/helm_charts'
|
||||
repo_names:
|
||||
- 'starlingx'
|
||||
- 'stx-platform'
|
||||
repos:
|
||||
stable: https://kubernetes-charts.storage.googleapis.com
|
||||
|
||||
This gives the following result:
|
||||
helmv2-cli -- helm repo list
|
||||
NAME URL
|
||||
stable https://kubernetes-charts.storage.googleapis.com
|
||||
starlingx http://192.168.204.1:8080/helm_charts/starlingx
|
||||
stx-platform http://192.168.204.1:8080/helm_charts/stx-platform
|
||||
|
||||
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
|
||||
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++
|
||||
charts/armada/values.yaml | 10 +++++++
|
||||
2 files changed, 43 insertions(+)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 562e3d0..69036c0 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -186,6 +186,39 @@ spec:
|
||||
- -trace
|
||||
{{- end }}
|
||||
lifecycle:
|
||||
+ postStart:
|
||||
+ exec:
|
||||
+ command:
|
||||
+ - sh
|
||||
+ - "-c"
|
||||
+ - |
|
||||
+ /bin/sh <<'EOF'
|
||||
+ # Delay initialization since postStart handler runs asynchronously and there
|
||||
+ # is no guarantee it is called before the Container’s entrypoint.
|
||||
+ sleep 5
|
||||
+ # Initialize Helm v2 client.
|
||||
+ export HELM_HOST=:{{ .Values.conf.tiller.port }}
|
||||
+ /helm init --client-only --skip-refresh
|
||||
+
|
||||
+ # Moving the ln up so eventual errors on the next commands doesn't prevent
|
||||
+ # having helm available
|
||||
+ ln -s -f /helm /tmp/helm
|
||||
+
|
||||
+ # Removes all repos available so we don't get an error removing what
|
||||
+ # doesn't exist anymore or error re-adding an existing repo
|
||||
+ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm
|
||||
+{{- if .Values.conf.tiller.repos }}
|
||||
+ {{- range $name, $repo := .Values.conf.tiller.repos }}
|
||||
+ /helm repo add {{ $name }} {{ $repo }}
|
||||
+ {{- end }}
|
||||
+{{- end }}
|
||||
+{{- if .Values.conf.tiller.repo_names }}
|
||||
+ {{- range .Values.conf.tiller.repo_names }}
|
||||
+ /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }}
|
||||
+ {{- end }}
|
||||
+{{- end }}
|
||||
+ exit 0
|
||||
+ EOF
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
||||
index 3a4427e..da45810 100644
|
||||
--- a/charts/armada/values.yaml
|
||||
+++ b/charts/armada/values.yaml
|
||||
@@ -220,6 +220,10 @@ conf:
|
||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
||||
# greater than that will have no effect.
|
||||
prestop_sleep: 30
|
||||
+ # Helm v2 initialization
|
||||
+ charts_url: null
|
||||
+ repo_names: []
|
||||
+ repos: {}
|
||||
|
||||
monitoring:
|
||||
prometheus:
|
||||
@@ -325,7 +329,13 @@ pod:
|
||||
volumes:
|
||||
- name: kubernetes-client-cache
|
||||
emptyDir: {}
|
||||
+ - name: tiller-tmp
|
||||
+ emptyDir: {}
|
||||
volumeMounts:
|
||||
+ - name: tiller-tmp
|
||||
+ # /tmp is now readOnly due to the security_context on L288, so
|
||||
+ # mounting an emptyDir
|
||||
+ mountPath: /tmp
|
||||
- name: kubernetes-client-cache
|
||||
# Should be the `$HOME/.kube` of the `runAsUser` above
|
||||
# as this is where tiller's kubernetes client roots its cache dir.
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,66 +0,0 @@
|
|||
From 0cd23c208587d86ce8b2083bf4f42dadf03e28e2 Mon Sep 17 00:00:00 2001
|
||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
Date: Tue, 11 May 2021 21:04:18 +0300
|
||||
Subject: [PATCH 5/8] Tiller wait for postgres database ping
|
||||
|
||||
Networking might not be correctly initialized when tiller starts.
|
||||
|
||||
Modify the pod command to wait for networking to be available before
|
||||
starting up tiller.
|
||||
|
||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 31 +++++++++++++--------
|
||||
1 file changed, 19 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 69036c0..bf23fb2 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -167,24 +167,31 @@ spec:
|
||||
- name: TILLER_HISTORY_MAX
|
||||
value: {{ .Values.conf.tiller.history_max | quote }}
|
||||
command:
|
||||
- - /tiller
|
||||
+ - sh
|
||||
+ - -c
|
||||
+ - |
|
||||
+ /bin/sh <<'EOF'
|
||||
{{- if .Values.conf.tiller.storage }}
|
||||
- - --storage={{ .Values.conf.tiller.storage }}
|
||||
{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
||||
- - --sql-dialect={{ .Values.conf.tiller.sql_dialect }}
|
||||
- - --sql-connection-string={{ .Values.conf.tiller.sql_connection }}
|
||||
+ while ! /bin/busybox nc -vz -w 1 {{ .Values.conf.tiller.sql_endpoint_ip}} 5432; do continue; done;
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- - -listen
|
||||
- - ":{{ .Values.conf.tiller.port }}"
|
||||
- - -probe-listen
|
||||
- - ":{{ .Values.conf.tiller.probe_port }}"
|
||||
- - -logtostderr
|
||||
- - -v
|
||||
- - {{ .Values.conf.tiller.verbosity | quote }}
|
||||
+ /tiller \
|
||||
+{{- if .Values.conf.tiller.storage }}
|
||||
+ --storage={{ .Values.conf.tiller.storage }} \
|
||||
+{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
||||
+ --sql-dialect={{ .Values.conf.tiller.sql_dialect }} \
|
||||
+ --sql-connection-string={{ .Values.conf.tiller.sql_connection }} \
|
||||
+{{- end }}
|
||||
+{{- end }}
|
||||
+ -listen ":{{ .Values.conf.tiller.port }}" \
|
||||
+ -probe-listen ":{{ .Values.conf.tiller.probe_port }}" \
|
||||
+ -logtostderr \
|
||||
+ -v {{ .Values.conf.tiller.verbosity | quote }} \
|
||||
{{- if .Values.conf.tiller.trace }}
|
||||
- - -trace
|
||||
+ -trace
|
||||
{{- end }}
|
||||
+ EOF
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,45 +0,0 @@
|
|||
From 3e34ec8c87ec5cbac79f6299e63fa1c06a75692e Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Wed, 12 May 2021 02:38:52 -0400
|
||||
Subject: [PATCH 6/8] Update the liveness probe to verify postgres connectivity
|
||||
|
||||
Change the tillerLivenessProbeTemplate to test the connectivity to the
|
||||
postgres backend. We will override the periodSeconds and
|
||||
failureThreshold when installing the helm chart to trigger a restart of
|
||||
the tiller pod over a swact when the postgres DB/server moves from one
|
||||
controller to the other.
|
||||
|
||||
This will help guarantee that the tiller connection is always
|
||||
reestablished if the connectivity to the postgres backend fails.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 12 ++++++++----
|
||||
1 file changed, 8 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index bf23fb2..2b65494 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -28,10 +28,14 @@ httpGet:
|
||||
{{- end }}
|
||||
|
||||
{{- define "tillerLivenessProbeTemplate" }}
|
||||
-httpGet:
|
||||
- path: /liveness
|
||||
- port: {{ .Values.conf.tiller.probe_port }}
|
||||
- scheme: HTTP
|
||||
+exec:
|
||||
+ command:
|
||||
+ - nc
|
||||
+ - -vz
|
||||
+ - -w
|
||||
+ - "1"
|
||||
+ - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
||||
+ - "5432"
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.manifests.deployment_api }}
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,30 +0,0 @@
|
|||
From c5a117faafbe1cc6de4200315ba400bdc0c83e40 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Sat, 15 May 2021 16:16:41 -0400
|
||||
Subject: [PATCH 7/8] Update postgres liveness check to support IPv6 addresses
|
||||
|
||||
Templating will add square brackets for IPv6 addresses which are
|
||||
interpreted as an array vs. a string. Quote this so that it interpreted
|
||||
correctly.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 2b65494..5c4825c 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -34,7 +34,7 @@ exec:
|
||||
- -vz
|
||||
- -w
|
||||
- "1"
|
||||
- - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
||||
+ - "{{ .Values.conf.tiller.sql_endpoint_ip }}"
|
||||
- "5432"
|
||||
{{- end }}
|
||||
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,58 +0,0 @@
|
|||
From 9a5b91d35923272c55e998f21ff096b5c0268ad2 Mon Sep 17 00:00:00 2001
|
||||
From: Enzo Candotti <enzo.candotti@windriver.com>
|
||||
Date: Wed, 6 Oct 2021 18:25:10 -0300
|
||||
Subject: [PATCH 8/8] Add toleration to armada-api
|
||||
|
||||
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
|
||||
---
|
||||
charts/armada/templates/deployment-api.yaml | 4 ++++
|
||||
charts/armada/templates/tests/test-armada-api.yaml | 4 ++++
|
||||
charts/armada/values.yaml | 2 ++
|
||||
3 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
||||
index 5c4825c..3ee086a 100644
|
||||
--- a/charts/armada/templates/deployment-api.yaml
|
||||
+++ b/charts/armada/templates/deployment-api.yaml
|
||||
@@ -125,6 +125,10 @@ spec:
|
||||
initContainers:
|
||||
{{ tuple $envAll "api" $mounts_armada_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
{{ dict "envAll" $envAll "application" "armada" "container" "armada_api_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||
+{{- with .Values.pod.tolerations.api }}
|
||||
+ tolerations:
|
||||
+{{ toYaml . | indent 8 }}
|
||||
+{{- end }}
|
||||
containers:
|
||||
- name: armada-api
|
||||
{{ tuple $envAll "api" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
diff --git a/charts/armada/templates/tests/test-armada-api.yaml b/charts/armada/templates/tests/test-armada-api.yaml
|
||||
index 895353a..aa9e37a 100644
|
||||
--- a/charts/armada/templates/tests/test-armada-api.yaml
|
||||
+++ b/charts/armada/templates/tests/test-armada-api.yaml
|
||||
@@ -32,6 +32,10 @@ metadata:
|
||||
spec:
|
||||
{{ dict "envAll" $envAll "application" "api_test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||
restartPolicy: Never
|
||||
+{{- with .Values.pod.tolerations.api }}
|
||||
+ tolerations:
|
||||
+{{ toYaml . | indent 4 }}
|
||||
+{{- end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
||||
containers:
|
||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
||||
index da45810..3644706 100644
|
||||
--- a/charts/armada/values.yaml
|
||||
+++ b/charts/armada/values.yaml
|
||||
@@ -233,6 +233,8 @@ monitoring:
|
||||
port: 8000
|
||||
|
||||
pod:
|
||||
+ tolerations:
|
||||
+ api: []
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
armada-api:
|
||||
--
|
||||
2.34.1
|
||||
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
0001-Revert-Tiller-listen-on-localhost-by-default.patch
|
||||
0002-Revert-Add-labels-to-Armada-deployment.patch
|
||||
0003-Create-lock-CRD-as-apiextensions.k8s.io-v1-object.patch
|
||||
0004-Add-Helm-v2-client-initialization.patch
|
||||
0005-Tiller-wait-for-postgres-database-ping.patch
|
||||
0006-Update-the-liveness-probe-to-verify-postgres-connect.patch
|
||||
0007-Update-postgres-liveness-check-to-support-IPv6-addre.patch
|
||||
0008-Add-toleration-to-armada-api.patch
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
#!/usr/bin/make -f
|
||||
|
||||
export ROOT = debian/armada
|
||||
export APP_FOLDER = $(ROOT)/opt/extracharts
|
||||
export CHARTS_STAGING = charts
|
||||
export APP_NAME = armada
|
||||
export APP_NAME_FULL = $(CHARTS_STAGING)/$(APP_NAME)
|
||||
|
||||
%:
|
||||
dh $@
|
||||
|
||||
override_dh_auto_build:
|
||||
# Host a server for the charts
|
||||
cp /usr/lib/helm/armada-helm-toolkit-0.1.0.tgz ./charts
|
||||
|
||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="./charts" &
|
||||
sleep 2
|
||||
helm repo add local http://localhost:8879/charts
|
||||
|
||||
helm dependency update $(APP_NAME_FULL)
|
||||
helm lint $(APP_NAME_FULL)
|
||||
rm -v -f ./requirements.lock ./requirements.yaml
|
||||
helm template --set pod.resources.enabled=true $(APP_NAME_FULL)
|
||||
helm package $(APP_NAME_FULL)
|
||||
|
||||
pkill chartmuseum
|
||||
|
||||
|
||||
override_dh_auto_install:
|
||||
# Install the app tar file.
|
||||
install -d -m 755 $(APP_FOLDER)
|
||||
install -p -D -m 755 armada-0.1.0.tgz $(APP_FOLDER)
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
debname: armada
|
||||
debver: 0.2.0-0
|
||||
dl_path:
|
||||
name: armada-ddbdd7256c20f138737f6cbd772312f7a19f58b8.tar.gz
|
||||
url: https://github.com/airshipit/armada/tarball/ddbdd7256c20f138737f6cbd772312f7a19f58b8
|
||||
md5sum: fd8563e106a48b912b56ac82e8a5d4ee
|
||||
sha256sum: 4f4db518837f7e89e3d65e024353f49ea341c530533cb986ff50d0781f39bee6
|
||||
revision:
|
||||
dist: $STX_DIST
|
||||
GITREVCOUNT:
|
||||
BASE_SRCREV: db16f48a952e3c5da8b2efea7acc723107b2c0a2
|
||||
SRC_DIR: ${MY_REPO}/stx/integ/kubernetes/armada
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
BUILDER=script
|
||||
LABEL=armada-image
|
||||
SOURCE_REPO=https://github.com/airshipit/armada
|
||||
SOURCE_REF=ddbdd7256c20f138737f6cbd772312f7a19f58b8
|
||||
COMMAND=bash
|
||||
SCRIPT=build-armada-image.sh
|
||||
ARGS="armada-image"
|
||||
|
|
@ -1,54 +0,0 @@
|
|||
#!/bin/bash
|
||||
################################################################################
|
||||
# Copyright (c) 2022 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
################################################################################
|
||||
|
||||
PROJECT=$1
|
||||
IMAGE_TAG=$2
|
||||
|
||||
if [ -z "${IMAGE_TAG}" ]; then
|
||||
echo "image tag must be specified. build ${PROJECT} Aborting..." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Copy patches from:
|
||||
# https://opendev.org/starlingx/integ/src/branch/master/kubernetes/armada/debian/deb_folder/patches
|
||||
tmp_dir=$(mktemp -d -t armada-XXXXXXXXXX --tmpdir=/tmp)
|
||||
pushd ${tmp_dir}
|
||||
git clone https://opendev.org/starlingx/integ/
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to clone patches for ${PROJECT}. Aborting..." >&2
|
||||
exit 1
|
||||
fi
|
||||
popd
|
||||
cp -r ${tmp_dir}/integ/kubernetes/armada/debian/deb_folder/patches .
|
||||
rm -rf ${tmp_dir}
|
||||
|
||||
# Apply patches
|
||||
pushd patches
|
||||
cat series | xargs -n 1 git am
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to apply patches for ${PROJECT}. Aborting..." >&2
|
||||
exit 1
|
||||
fi
|
||||
popd
|
||||
|
||||
# Use Makefile to build images
|
||||
make images
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to make ${PROJECT} image. Aborting..." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
RETVAL=0
|
||||
docker tag quay.io/airshipit/armada:latest-ubuntu_bionic "${IMAGE_TAG}"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to tag ${PROJECT} with ${IMAGE_TAG}. Aborting..." >&2
|
||||
RETVAL=1
|
||||
fi
|
||||
|
||||
docker rmi quay.io/airshipit/armada:latest-ubuntu_bionic
|
||||
exit ${RETVAL}
|
||||
|
|
@ -1,141 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Copyright (c) 2020 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
# This script is wrapper to Helm v2 client, providing access to containerized
|
||||
# armada/tiller managed charts.
|
||||
|
||||
# There are two modes of operation:
|
||||
# - no command specified: this is an interactive BusyBox shell
|
||||
# - command and options specified: this executes a single helm v2 command
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Define minimal path
|
||||
PATH=/bin:/usr/bin:/usr/local/bin
|
||||
|
||||
# Process input options
|
||||
SCRIPT=$(basename $0)
|
||||
OPTS=$(getopt -o dh --long debug,help -n ${SCRIPT} -- "$@")
|
||||
if [ $? != 0 ]; then
|
||||
echo "Failed parsing options." >&2
|
||||
exit 1
|
||||
fi
|
||||
eval set -- "$OPTS"
|
||||
|
||||
DEBUG=false
|
||||
HELP=false
|
||||
while true; do
|
||||
case "$1" in
|
||||
-d | --debug ) DEBUG=true; shift ;;
|
||||
-h | --help ) HELP=true; shift ;;
|
||||
-- ) shift; break ;;
|
||||
* ) break ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Treat remaining arguments as commands + options
|
||||
shift $((OPTIND-1))
|
||||
OTHERARGS="$@"
|
||||
|
||||
if [ ${HELP} == 'true' ]; then
|
||||
echo "Usage: ${SCRIPT} [-d|--debug] [-h|--help] -- [command] [options]"
|
||||
echo "Options:"
|
||||
echo " -d | --debug : display initialization information"
|
||||
echo " -h | --help : this help"
|
||||
echo
|
||||
echo "Command option examples:"
|
||||
echo " helmv2-cli -- helm search"
|
||||
echo " helmv2-cli -- helm list"
|
||||
echo " helmv2-cli -- helm list --namespace openstack --pending"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Logger setup
|
||||
LOG_FACILITY=user
|
||||
LOG_PRIORITY=info
|
||||
function LOG {
|
||||
logger -t "${0##*/}[$$]" -p ${LOG_FACILITY}.${LOG_PRIORITY} "$@"
|
||||
echo "${0##*/}[$$]" "$@"
|
||||
}
|
||||
function ERROR {
|
||||
MSG="ERROR"
|
||||
echo "${MSG} $@" >&2
|
||||
LOG "${MSG} $@"
|
||||
}
|
||||
|
||||
# Determine running armada pods, including list of status conditions
|
||||
# This jsonpath gives the following output format per pod:
|
||||
# armada-api-bc77f956d-jwl4n::Initialized=True:Ready=True:ContainersReady=True:PodScheduled=True
|
||||
JSONPATH='{range .items[*]}{"\n"}{@.metadata.name}:{@.metadata.deletionTimestamp}{range @.status.conditions[*]}{":"}{@.type}={@.status}{end}{end}'
|
||||
ARMADA_PODS=( $(kubectl get pods -n armada \
|
||||
--selector=application=armada,component=api \
|
||||
--field-selector status.phase=Running \
|
||||
--output=jsonpath="${JSONPATH}") )
|
||||
if [ ${#ARMADA_PODS[@]} -eq 0 ]; then
|
||||
ERROR "Could not find armada pod."
|
||||
exit 1
|
||||
fi
|
||||
if [ ${DEBUG} == 'true' ]; then
|
||||
LOG "Found armada pods: ${ARMADA_PODS[@]}"
|
||||
fi
|
||||
|
||||
# Get first available Running and Ready armada pod, with tiller container we can exec
|
||||
POD=""
|
||||
for LINE in "${ARMADA_PODS[@]}"; do
|
||||
# match only Ready pods with nil deletionTimestamp
|
||||
if [[ $LINE =~ ::.*Ready=True ]]; then
|
||||
# extract pod name, it is first element delimited by :
|
||||
A=( ${LINE/:/ } )
|
||||
P=${A[0]}
|
||||
else
|
||||
continue
|
||||
fi
|
||||
|
||||
kubectl exec -it -n armada ${P} -c tiller -- pwd 1>/dev/null 2>/dev/null
|
||||
RC=$?
|
||||
if [ ${RC} -eq 0 ]; then
|
||||
POD=${P}
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [ -z "${POD}" ]; then
|
||||
ERROR "Could not find armada pod."
|
||||
exit 1
|
||||
fi
|
||||
if [ ${DEBUG} == 'true' ]; then
|
||||
LOG "Found armada pod: ${POD}"
|
||||
fi
|
||||
|
||||
# Determine tiller listen port (configured by armada chart)
|
||||
# armada-api is container index 0, tiller is container index 1
|
||||
TILLER_PORT=$(kubectl get pod -n armada ${POD} \
|
||||
--output=jsonpath={.spec.containers[1].ports[0].containerPort})
|
||||
if [ -z "${TILLER_PORT}" ]; then
|
||||
ERROR "Could not find tiller listen port."
|
||||
exit 1
|
||||
fi
|
||||
if [ ${DEBUG} == 'true' ]; then
|
||||
LOG "Found tiller listen port: ${TILLER_PORT}"
|
||||
fi
|
||||
|
||||
# Launch BusyBox shell with access to local tiller.
|
||||
# Can execute helm v2 commands as '/helm' or 'helm'.
|
||||
if [ ${DEBUG} == 'true' ]; then
|
||||
LOG "Launching Helm-v2 client"
|
||||
fi
|
||||
HELM_HOST=":${TILLER_PORT}"
|
||||
if [ -z "${OTHERARGS}" ]; then
|
||||
# Interactive BusyBox shell
|
||||
kubectl exec -it -n armada ${POD} -c tiller -- \
|
||||
/bin/sh -c "PATH=${PATH}:/tmp PS1='Helm-v2 \h:\w $ ' HELM_HOST=${HELM_HOST} /bin/sh"
|
||||
else
|
||||
# Execute single helm v2 command in BusyBox shell
|
||||
kubectl exec -n armada ${POD} -c tiller -- \
|
||||
/bin/sh -c "PATH=${PATH}:/tmp HELM_HOST=${HELM_HOST} /bin/sh -c '$OTHERARGS'"
|
||||
fi
|
||||
|
||||
exit 0
|
||||
|
|
@ -52,7 +52,6 @@ cp -R mapkubeapis %{buildroot}/usr/local/share/helm/plugins/
|
|||
%defattr(-,root,root,-)
|
||||
%{_sbindir}/helm
|
||||
/usr/local/sbin/helm-upload
|
||||
/usr/local/sbin/helmv2-cli
|
||||
%{_sysconfdir}/sudoers.d/helm
|
||||
/usr/local/share/helm/plugins/2to3/*
|
||||
/usr/local/share/helm/plugins/mapkubeapis/*
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
etc/sudoers.d/helm
|
||||
usr/sbin/helm
|
||||
usr/local/sbin/helm-upload
|
||||
usr/local/sbin/helmv2-cli
|
||||
usr/local/share/helm
|
||||
usr/local/share/helm/plugins
|
||||
usr/local/share/helm/plugins/mapkubeapis
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ override_dh_auto_install:
|
|||
install -d -m 755 $(ROOT)/usr/local/sbin
|
||||
install -p -D -m 755 $(HELM_EXECUTABLE) $(SBINDIR)
|
||||
install -p -D -m 755 helm-upload $(ROOT)/usr/local/sbin
|
||||
install -p -D -m 755 helmv2-cli.sh $(ROOT)/usr/local/sbin/helmv2-cli
|
||||
install -d -m 755 $(SUDOERDIR)
|
||||
install -p -D -m 440 helm.sudo $(SUDOERDIR)/helm
|
||||
install -d -m 755 $(ROOT)/usr/local/share/helm
|
||||
|
|
|
|||
Loading…
Reference in New Issue