diff --git a/README.md b/README.md index ae698b8adb2..4025c5fc836 100644 --- a/README.md +++ b/README.md @@ -583,7 +583,7 @@ We currently package the following major third-party components: * systemd as init ([background](https://en.wikipedia.org/wiki/Systemd), [packaging](packages/systemd/)) * wicked for networking ([background](https://github.com/openSUSE/wicked), [packaging](packages/wicked/)) * containerd ([background](https://containerd.io/), [packaging](packages/containerd/)) -* Kubernetes ([background](https://kubernetes.io/), [packaging](packages/kubernetes-1.15/)) +* Kubernetes ([background](https://kubernetes.io/), [packaging](packages/kubernetes-1.19/)) * aws-iam-authenticator ([background](https://github.com/kubernetes-sigs/aws-iam-authenticator), [packaging](packages/aws-iam-authenticator/)) * Amazon ECS agent ([background](https://github.com/aws/amazon-ecs-agent), [packaging](packages/ecs-agent/)) diff --git a/packages/Cargo.lock b/packages/Cargo.lock index edb2a97074d..21a234fef3a 100644 --- a/packages/Cargo.lock +++ b/packages/Cargo.lock @@ -210,13 +210,6 @@ dependencies = [ "glibc", ] -[[package]] -name = "kubernetes-1_15" -version = "0.1.0" -dependencies = [ - "glibc", -] - [[package]] name = "kubernetes-1_16" version = "0.1.0" diff --git a/packages/Cargo.toml b/packages/Cargo.toml index 5ee1b3e39c5..a398d4fa9e7 100644 --- a/packages/Cargo.toml +++ b/packages/Cargo.toml @@ -27,7 +27,6 @@ members = [ "iputils", "kernel", "kmod", - "kubernetes-1.15", "kubernetes-1.16", "kubernetes-1.17", "kubernetes-1.18", diff --git a/packages/kubernetes-1.15/0001-always-set-relevant-variables-for-cross-compiling.patch b/packages/kubernetes-1.15/0001-always-set-relevant-variables-for-cross-compiling.patch deleted file mode 100644 index 5c71ba154d9..00000000000 --- a/packages/kubernetes-1.15/0001-always-set-relevant-variables-for-cross-compiling.patch +++ /dev/null @@ -1,77 +0,0 @@ -From f655cc39ba3aef7792a013f765c429ede69cfd97 Mon Sep 17 00:00:00 2001 -From: Ben Cressey -Date: Sat, 18 May 2019 16:57:12 +0000 -Subject: [PATCH] always set relevant variables for cross compiling - -Signed-off-by: Ben Cressey ---- - hack/lib/golang.sh | 52 ++++++++++++++++++++++++++-------------------- - 1 file changed, 30 insertions(+), 22 deletions(-) - -diff --git a/hack/lib/golang.sh b/hack/lib/golang.sh -index e9c3b066..14c15994 100755 ---- a/hack/lib/golang.sh -+++ b/hack/lib/golang.sh -@@ -394,29 +394,37 @@ kube::golang::set_platform_envs() { - export GOOS=${platform%/*} - export GOARCH=${platform##*/} - -- # Do not set CC when building natively on a platform, only if cross-compiling from linux/amd64 -- if [[ $(kube::golang::host_platform) == "linux/amd64" ]]; then -- # Dynamic CGO linking for other server architectures than linux/amd64 goes here -- # If you want to include support for more server platforms than these, add arch-specific gcc names here -- case "${platform}" in -- "linux/arm") -- export CGO_ENABLED=1 -- export CC=arm-linux-gnueabihf-gcc -- ;; -- "linux/arm64") -- export CGO_ENABLED=1 -- export CC=aarch64-linux-gnu-gcc -- ;; -- "linux/ppc64le") -- export CGO_ENABLED=1 -- export CC=powerpc64le-linux-gnu-gcc -- ;; -- "linux/s390x") -- export CGO_ENABLED=1 -- export CC=s390x-linux-gnu-gcc -- ;; -- esac -+ # Apply standard values for CGO_ENABLED and CC unless KUBE_BUILD_PLATFORMS is set. -+ if [ -z "${KUBE_BUILD_PLATFORMS}" ] ; then -+ export CGO_ENABLED=0 -+ export CC=gcc -+ return - fi -+ -+ # Dynamic CGO linking for other server architectures goes here -+ # If you want to include support for more server platforms than these, add arch-specific gcc names here -+ case "${platform}" in -+ "linux/amd64") -+ export CGO_ENABLED=1 -+ export CC=x86_64-bottlerocket-linux-gnu-gcc -+ ;; -+ "linux/arm") -+ export CGO_ENABLED=1 -+ export CC=arm-bottlerocket-linux-gnueabihf-gcc -+ ;; -+ "linux/arm64") -+ export CGO_ENABLED=1 -+ export CC=aarch64-bottlerocket-linux-gnu-gcc -+ ;; -+ "linux/ppc64le") -+ export CGO_ENABLED=1 -+ export CC=powerpc64le-bottlerocket-linux-gnu-gcc -+ ;; -+ "linux/s390x") -+ export CGO_ENABLED=1 -+ export CC=s390x-bottlerocket-linux-gnu-gcc -+ ;; -+ esac - } - - kube::golang::unset_platform_envs() { --- -2.26.2 - diff --git a/packages/kubernetes-1.15/0002-opt-out-of-module-mode-for-builds.patch b/packages/kubernetes-1.15/0002-opt-out-of-module-mode-for-builds.patch deleted file mode 100644 index 56a981c05c9..00000000000 --- a/packages/kubernetes-1.15/0002-opt-out-of-module-mode-for-builds.patch +++ /dev/null @@ -1,73 +0,0 @@ -commit 8618c093692f753c0fad1a4ab00912e9f218872a -Author: Jordan Liggitt -Date: Wed Jun 12 13:52:50 2019 -0400 - - opt out of module mode for builds - - [tjkirch] Backported to Kubernetes 1.15. - -diff --git a/hack/jenkins/benchmark-dockerized.sh b/hack/jenkins/benchmark-dockerized.sh -index 9e817a09e39..6c38c0e00cc 100755 ---- a/hack/jenkins/benchmark-dockerized.sh -+++ b/hack/jenkins/benchmark-dockerized.sh -@@ -38,6 +38,11 @@ retry() { - - export PATH=${GOPATH}/bin:${PWD}/third_party/etcd:/usr/local/go/bin:${PATH} - -+# Until all GOPATH references are removed from all build scripts as well, -+# explicitly disable module mode to avoid picking up user-set GO111MODULE preferences. -+# As individual scripts make use of go modules, they can explicitly set GO111MODULE=on -+export GO111MODULE=off -+ - go install k8s.io/kubernetes/vendor/github.com/cespare/prettybench - go install k8s.io/kubernetes/vendor/github.com/jstemmer/go-junit-report - -diff --git a/hack/jenkins/test-dockerized.sh b/hack/jenkins/test-dockerized.sh -index c1660289750..6f7010a4a0c 100755 ---- a/hack/jenkins/test-dockerized.sh -+++ b/hack/jenkins/test-dockerized.sh -@@ -37,6 +37,11 @@ retry() { - - export PATH=${GOPATH}/bin:${PWD}/third_party/etcd:/usr/local/go/bin:${PATH} - -+# Until all GOPATH references are removed from all build scripts as well, -+# explicitly disable module mode to avoid picking up user-set GO111MODULE preferences. -+# As individual scripts make use of go modules, they can explicitly set GO111MODULE=on -+export GO111MODULE=off -+ - go install k8s.io/kubernetes/vendor/github.com/jstemmer/go-junit-report - - # Enable the Go race detector. -diff --git a/hack/lib/init.sh b/hack/lib/init.sh -index 42f34567db9..d32a90bb6cf 100755 ---- a/hack/lib/init.sh -+++ b/hack/lib/init.sh -@@ -23,10 +23,10 @@ set -o pipefail - unset CDPATH - - # Until all GOPATH references are removed from all build scripts as well, --# explicitly reset to auto mode to avoid picking up user-set GO111MODULE preferences. -+# explicitly disable module mode to avoid picking up user-set GO111MODULE preferences. - # As individual scripts (like hack/update-vendor.sh) make use of go modules, - # they can explicitly set GO111MODULE=on --export GO111MODULE=auto -+export GO111MODULE=off - - # The root of the build/dist directory - KUBE_ROOT="$(cd "$(dirname "${BASH_SOURCE}")/../.." && pwd -P)" -diff --git a/test/e2e_node/jenkins/e2e-node-jenkins.sh b/test/e2e_node/jenkins/e2e-node-jenkins.sh -index cd2f2e46836..00a8a46db0d 100755 ---- a/test/e2e_node/jenkins/e2e-node-jenkins.sh -+++ b/test/e2e_node/jenkins/e2e-node-jenkins.sh -@@ -28,6 +28,11 @@ set -x - - . "${1}" - -+# Until all GOPATH references are removed from all build scripts as well, -+# explicitly disable module mode to avoid picking up user-set GO111MODULE preferences. -+# As individual scripts make use of go modules, they can explicitly set GO111MODULE=on -+export GO111MODULE=off -+ - # indirectly generates test/e2e/generated/bindata.go too - make generated_files - diff --git a/packages/kubernetes-1.15/0003-kubelet-block-non-forwarded-packets.patch b/packages/kubernetes-1.15/0003-kubelet-block-non-forwarded-packets.patch deleted file mode 100644 index 8f6c2592ca2..00000000000 --- a/packages/kubernetes-1.15/0003-kubelet-block-non-forwarded-packets.patch +++ /dev/null @@ -1,45 +0,0 @@ -From: Casey Callendrello -Date: Fri, 29 May 2020 13:03:37 +0200 -Subject: [PATCH] kubelet: block non-forwarded packets from crossing the - localhost boundary - -We set route_localnet so that host-network processes can connect to -<127.0.0.1:NodePort> and it still works. This, however, is too -permissive. - -So, block martians that are not already in conntrack. - -See: #90259 -Signed-off-by: Casey Callendrello ---- - pkg/kubelet/kubelet_network_linux.go | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/pkg/kubelet/kubelet_network_linux.go b/pkg/kubelet/kubelet_network_linux.go -index ec7d41d9557..136c18716d8 100644 ---- a/pkg/kubelet/kubelet_network_linux.go -+++ b/pkg/kubelet/kubelet_network_linux.go -@@ -68,6 +68,20 @@ func (kl *Kubelet) syncNetworkUtil() { - klog.Errorf("Failed to ensure rule to drop packet marked by %v in %v chain %v: %v", KubeMarkDropChain, utiliptables.TableFilter, KubeFirewallChain, err) - return - } -+ -+ // drop all non-local packets to localhost if they're not part of an existing -+ // forwarded connection. See #90259 -+ if _, err := kl.iptClient.EnsureRule(utiliptables.Append, utiliptables.TableFilter, KubeFirewallChain, -+ "-m", "comment", "--comment", "block incoming localnet connections", -+ "--dst", "127.0.0.0/8", -+ "!", "--src", "127.0.0.0/8", -+ "-m", "conntrack", -+ "!", "--ctstate", "RELATED,ESTABLISHED,DNAT", -+ "-j", "DROP"); err != nil { -+ klog.Errorf("Failed to ensure rule to drop invalid localhost packets in %v chain %v: %v", utiliptables.TableFilter, KubeFirewallChain, err) -+ return -+ } -+ - if _, err := kl.iptClient.EnsureRule(utiliptables.Prepend, utiliptables.TableFilter, utiliptables.ChainOutput, "-j", string(KubeFirewallChain)); err != nil { - klog.Errorf("Failed to ensure that %s chain %s jumps to %s: %v", utiliptables.TableFilter, utiliptables.ChainOutput, KubeFirewallChain, err) - return --- -2.27.0 - diff --git a/packages/kubernetes-1.15/0004-include-etc-hosts-in-eviction-calc.patch b/packages/kubernetes-1.15/0004-include-etc-hosts-in-eviction-calc.patch deleted file mode 100644 index ffe9b3074f2..00000000000 --- a/packages/kubernetes-1.15/0004-include-etc-hosts-in-eviction-calc.patch +++ /dev/null @@ -1,163 +0,0 @@ -commit 92a1762c382b80d15d73ddb6c69d4dbfb9883590 -Author: Joel Smith -Date: Thu May 14 20:09:58 2020 -0600 - - Include pod /etc/hosts in ephemeral storage calculation for eviction - -diff --git a/pkg/kubelet/eviction/BUILD b/pkg/kubelet/eviction/BUILD -index 2e6a49bd6f0..0b1b73a626d 100644 ---- a/pkg/kubelet/eviction/BUILD -+++ b/pkg/kubelet/eviction/BUILD -@@ -66,6 +66,7 @@ go_library( - "//staging/src/k8s.io/api/core/v1:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", -+ "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/clock:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/client-go/tools/record:go_default_library", -diff --git a/pkg/kubelet/eviction/eviction_manager.go b/pkg/kubelet/eviction/eviction_manager.go -index a1ab99869ab..8248d570666 100644 ---- a/pkg/kubelet/eviction/eviction_manager.go -+++ b/pkg/kubelet/eviction/eviction_manager.go -@@ -26,6 +26,7 @@ import ( - - "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/resource" -+ "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/clock" - utilfeature "k8s.io/apiserver/pkg/util/feature" - "k8s.io/client-go/tools/record" -@@ -91,6 +92,8 @@ type managerImpl struct { - thresholdNotifiers []ThresholdNotifier - // thresholdsLastUpdated is the last time the thresholdNotifiers were updated. - thresholdsLastUpdated time.Time -+ // etcHostsPath is a function that will get the etc-hosts file's path for a pod given its UID -+ etcHostsPath func(podUID types.UID) string - } - - // ensure it implements the required interface -@@ -107,6 +110,7 @@ func NewManager( - recorder record.EventRecorder, - nodeRef *v1.ObjectReference, - clock clock.Clock, -+ etcHostsPath func(types.UID) string, - ) (Manager, lifecycle.PodAdmitHandler) { - manager := &managerImpl{ - clock: clock, -@@ -122,6 +126,7 @@ func NewManager( - thresholdsFirstObservedAt: thresholdsObservedAt{}, - dedicatedImageFs: nil, - thresholdNotifiers: []ThresholdNotifier{}, -+ etcHostsPath: etcHostsPath, - } - return manager, manager - } -@@ -505,7 +510,7 @@ func (m *managerImpl) podEphemeralStorageLimitEviction(podStats statsapi.PodStat - } else { - fsStatsSet = []fsStatsType{fsStatsRoot, fsStatsLogs, fsStatsLocalVolumeSource} - } -- podEphemeralUsage, err := podLocalEphemeralStorageUsage(podStats, pod, fsStatsSet) -+ podEphemeralUsage, err := podLocalEphemeralStorageUsage(podStats, pod, fsStatsSet, m.etcHostsPath(pod.UID)) - if err != nil { - klog.Errorf("eviction manager: error getting pod disk usage %v", err) - return false -diff --git a/pkg/kubelet/eviction/helpers.go b/pkg/kubelet/eviction/helpers.go -index 50279fd1977..b2bd1863c11 100644 ---- a/pkg/kubelet/eviction/helpers.go -+++ b/pkg/kubelet/eviction/helpers.go -@@ -18,6 +18,7 @@ package eviction - - import ( - "fmt" -+ "os" - "sort" - "strconv" - "strings" -@@ -408,7 +409,7 @@ func localEphemeralVolumeNames(pod *v1.Pod) []string { - } - - // podLocalEphemeralStorageUsage aggregates pod local ephemeral storage usage and inode consumption for the specified stats to measure. --func podLocalEphemeralStorageUsage(podStats statsapi.PodStats, pod *v1.Pod, statsToMeasure []fsStatsType) (v1.ResourceList, error) { -+func podLocalEphemeralStorageUsage(podStats statsapi.PodStats, pod *v1.Pod, statsToMeasure []fsStatsType, etcHostsPath string) (v1.ResourceList, error) { - disk := resource.Quantity{Format: resource.BinarySI} - inodes := resource.Quantity{Format: resource.DecimalSI} - -@@ -422,6 +423,12 @@ func podLocalEphemeralStorageUsage(podStats statsapi.PodStats, pod *v1.Pod, stat - disk.Add(podLocalVolumeUsageList[v1.ResourceEphemeralStorage]) - inodes.Add(podLocalVolumeUsageList[resourceInodes]) - } -+ if len(etcHostsPath) > 0 { -+ if stat, err := os.Stat(etcHostsPath); err == nil { -+ disk.Add(*resource.NewQuantity(int64(stat.Size()), resource.BinarySI)) -+ inodes.Add(*resource.NewQuantity(int64(1), resource.DecimalSI)) -+ } -+ } - return v1.ResourceList{ - v1.ResourceEphemeralStorage: disk, - resourceInodes: inodes, -diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go -index e9c4fc95781..53825e25efe 100644 ---- a/pkg/kubelet/kubelet.go -+++ b/pkg/kubelet/kubelet.go -@@ -825,8 +825,9 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, - klet.backOff = flowcontrol.NewBackOff(backOffPeriod, MaxContainerBackOff) - klet.podKillingCh = make(chan *kubecontainer.PodPair, podKillingChannelCapacity) - -+ etcHostsPathFunc := func(podUID types.UID) string { return getEtcHostsPath(klet.getPodDir(podUID)) } - // setup eviction manager -- evictionManager, evictionAdmitHandler := eviction.NewManager(klet.resourceAnalyzer, evictionConfig, killPodNow(klet.podWorkers, kubeDeps.Recorder), klet.podManager.GetMirrorPodByPod, klet.imageManager, klet.containerGC, kubeDeps.Recorder, nodeRef, klet.clock) -+ evictionManager, evictionAdmitHandler := eviction.NewManager(klet.resourceAnalyzer, evictionConfig, killPodNow(klet.podWorkers, kubeDeps.Recorder), klet.podManager.GetMirrorPodByPod, klet.imageManager, klet.containerGC, kubeDeps.Recorder, nodeRef, klet.clock, etcHostsPathFunc) - - klet.evictionManager = evictionManager - klet.admitHandlers.AddPodAdmitHandler(evictionAdmitHandler) -diff --git a/pkg/kubelet/kubelet_pods.go b/pkg/kubelet/kubelet_pods.go -index d5d65e4f1a8..6c91bfa114c 100644 ---- a/pkg/kubelet/kubelet_pods.go -+++ b/pkg/kubelet/kubelet_pods.go -@@ -291,10 +291,15 @@ func translateMountPropagation(mountMode *v1.MountPropagationMode) (runtimeapi.M - } - } - -+// getEtcHostsPath returns the full host-side path to a pod's generated /etc/hosts file -+func getEtcHostsPath(podDir string) string { -+ return path.Join(podDir, "etc-hosts") -+} -+ - // makeHostsMount makes the mountpoint for the hosts file that the containers - // in a pod are injected with. - func makeHostsMount(podDir, podIP, hostName, hostDomainName string, hostAliases []v1.HostAlias, useHostNetwork bool) (*kubecontainer.Mount, error) { -- hostsFilePath := path.Join(podDir, "etc-hosts") -+ hostsFilePath := getEtcHostsPath(podDir) - if err := ensureHostsFile(hostsFilePath, podIP, hostName, hostDomainName, hostAliases, useHostNetwork); err != nil { - return nil, err - } -diff --git a/pkg/kubelet/kubelet_test.go b/pkg/kubelet/kubelet_test.go -index a4c32c92740..add3539de34 100644 ---- a/pkg/kubelet/kubelet_test.go -+++ b/pkg/kubelet/kubelet_test.go -@@ -289,8 +289,9 @@ func newTestKubeletWithImageList( - UID: types.UID(kubelet.nodeName), - Namespace: "", - } -+ etcHostsPathFunc := func(podUID types.UID) string { return getEtcHostsPath(kubelet.getPodDir(podUID)) } - // setup eviction manager -- evictionManager, evictionAdmitHandler := eviction.NewManager(kubelet.resourceAnalyzer, eviction.Config{}, killPodNow(kubelet.podWorkers, fakeRecorder), kubelet.podManager.GetMirrorPodByPod, kubelet.imageManager, kubelet.containerGC, fakeRecorder, nodeRef, kubelet.clock) -+ evictionManager, evictionAdmitHandler := eviction.NewManager(kubelet.resourceAnalyzer, eviction.Config{}, killPodNow(kubelet.podWorkers, fakeRecorder), kubelet.podManager.GetMirrorPodByPod, kubelet.imageManager, kubelet.containerGC, fakeRecorder, nodeRef, kubelet.clock, etcHostsPathFunc) - - kubelet.evictionManager = evictionManager - kubelet.admitHandlers.AddPodAdmitHandler(evictionAdmitHandler) -diff --git a/pkg/kubelet/runonce_test.go b/pkg/kubelet/runonce_test.go -index 7bd35077abd..3d8594e0059 100644 ---- a/pkg/kubelet/runonce_test.go -+++ b/pkg/kubelet/runonce_test.go -@@ -121,7 +121,8 @@ func TestRunOnce(t *testing.T) { - return nil - } - fakeMirrodPodFunc := func(*v1.Pod) (*v1.Pod, bool) { return nil, false } -- evictionManager, evictionAdmitHandler := eviction.NewManager(kb.resourceAnalyzer, eviction.Config{}, fakeKillPodFunc, fakeMirrodPodFunc, nil, nil, kb.recorder, nodeRef, kb.clock) -+ etcHostsPathFunc := func(podUID types.UID) string { return getEtcHostsPath(kb.getPodDir(podUID)) } -+ evictionManager, evictionAdmitHandler := eviction.NewManager(kb.resourceAnalyzer, eviction.Config{}, fakeKillPodFunc, fakeMirrodPodFunc, nil, nil, kb.recorder, nodeRef, kb.clock, etcHostsPathFunc) - - kb.evictionManager = evictionManager - kb.admitHandlers.AddPodAdmitHandler(evictionAdmitHandler) diff --git a/packages/kubernetes-1.15/Cargo.toml b/packages/kubernetes-1.15/Cargo.toml deleted file mode 100644 index ec43f57b464..00000000000 --- a/packages/kubernetes-1.15/Cargo.toml +++ /dev/null @@ -1,21 +0,0 @@ -[package] -# "." is not allowed in crate names, but we want a friendlier name for the -# directory and spec file, so we override it below. -name = "kubernetes-1_15" -version = "0.1.0" -edition = "2018" -publish = false -build = "build.rs" - -[package.metadata.build-package] -package-name = "kubernetes-1.15" - -[lib] -path = "pkg.rs" - -[[package.metadata.build-package.external-files]] -url = "https://github.com/kubernetes/kubernetes/archive/v1.15.12/kubernetes-1.15.12.tar.gz" -sha512 = "ce356fb2cc0cfe1c761c2e59495a84292ac1fadc338c9bb8c4d4eff8efca11a5958ce1d92d0f91ff9f7557bf16283eed8eee007ee17427b3b52e209308fe8acd" - -[build-dependencies] -glibc = { path = "../glibc" } diff --git a/packages/kubernetes-1.15/build.rs b/packages/kubernetes-1.15/build.rs deleted file mode 100644 index cad8999af53..00000000000 --- a/packages/kubernetes-1.15/build.rs +++ /dev/null @@ -1,9 +0,0 @@ -use std::process::{exit, Command}; - -fn main() -> Result<(), std::io::Error> { - let ret = Command::new("buildsys").arg("build-package").status()?; - if !ret.success() { - exit(1); - } - Ok(()) -} diff --git a/packages/kubernetes-1.15/clarify.toml b/packages/kubernetes-1.15/clarify.toml deleted file mode 100644 index 91eb3032e0a..00000000000 --- a/packages/kubernetes-1.15/clarify.toml +++ /dev/null @@ -1,51 +0,0 @@ -[clarify."github.com/JeffAshton/win_pdh"] -expression = "BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xb221dcc9 }, -] - -[clarify."github.com/daviddengcn/go-colortext"] -expression = "BSD-3-Clause AND MIT" -license-files = [ - { path = "LICENSE", hash = 0x9769fae1 }, -] - -[clarify."github.com/ghodss/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] - -[clarify."github.com/heketi/heketi"] -# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ -expression = "LGPL-3.0-or-later OR Apache-2.0" -license-files = [ - { path = "LICENSE", hash = 0x3c4b96d1 }, - { path = "LICENSE-APACHE2", hash = 0x438c8616 }, - { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, -] -skip-files = [ "COPYING-GPLV2" ] - -[clarify."github.com/jteeuwen/go-bindata"] -expression = "CC0-1.0" -license-files = [ - { path = "LICENSE", hash = 0x393fafd6 }, -] - -[clarify."github.com/miekg/dns"] -expression = "BSD-3-Clause" -license-files = [ - { path = "COPYRIGHT", hash = 0xe41dd36c }, - { path = "LICENSE", hash = 0xbd510d7b }, -] - -[clarify."github.com/munnerz/goautoneg"] -# license file was added later, see https://github.com/munnerz/goautoneg/commit/69886a7167b7b3d629d0e3db7c3a78dc8dc1e248 -expression = "BSD-3-Clause" -license-files = [] - -[clarify."sigs.k8s.io/yaml"] -expression = "MIT AND BSD-3-Clause" -license-files = [ - { path = "LICENSE", hash = 0xcdf3ae00 }, -] diff --git a/packages/kubernetes-1.15/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.15/kubelet-bootstrap-kubeconfig deleted file mode 100644 index 27bb33e95fc..00000000000 --- a/packages/kubernetes-1.15/kubelet-bootstrap-kubeconfig +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{~#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{~/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{~#if settings.kubernetes.bootstrap-token}} - user: - token: "{{settings.kubernetes.bootstrap-token}}" -{{~/if}} diff --git a/packages/kubernetes-1.15/kubelet-config b/packages/kubernetes-1.15/kubelet-config deleted file mode 100644 index c3afef3a5a0..00000000000 --- a/packages/kubernetes-1.15/kubelet-config +++ /dev/null @@ -1,68 +0,0 @@ ---- -kind: KubeletConfiguration -apiVersion: kubelet.config.k8s.io/v1beta1 -{{~#if settings.kubernetes.standalone-mode}} -address: 127.0.0.1 -authentication: - anonymous: - enabled: true - webhook: - enabled: false -authorization: - mode: AlwaysAllow -{{~else}} -address: 0.0.0.0 -authentication: - anonymous: - enabled: false - webhook: - cacheTTL: 2m0s - enabled: true - x509: - clientCAFile: "/etc/kubernetes/pki/ca.crt" -authorization: - mode: Webhook - webhook: - cacheAuthorizedTTL: 5m0s - cacheUnauthorizedTTL: 30s -{{~/if}} -clusterDomain: {{settings.kubernetes.cluster-domain}} -{{~#if settings.kubernetes.cluster-dns-ip}} -clusterDNS: -- {{settings.kubernetes.cluster-dns-ip}} -{{~/if}} -{{~#if settings.kubernetes.eviction-hard}} -evictionHard: - {{~#each settings.kubernetes.eviction-hard}} - {{@key}}: "{{this}}" - {{~/each}} -{{~/if}} -{{~#if settings.kubernetes.allowed-unsafe-sysctls}} -allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} -{{~/if}} -kubeReserved: - cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" - {{~#if settings.kubernetes.kube-reserved.memory}} - memory: "{{settings.kubernetes.kube-reserved.memory}}" - {{~else}} - {{~#if settings.kubernetes.max-pods}} - memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" - {{~/if}} - {{~/if}} - ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" -resolvConf: "/etc/resolv.conf" -hairpinMode: hairpin-veth -readOnlyPort: 0 -cgroupDriver: systemd -cgroupRoot: "/" -runtimeRequestTimeout: 15m -featureGates: - RotateKubeletServerCertificate: true -protectKernelDefaults: true -serializeImagePulls: false -serverTLSBootstrap: true -configMapAndSecretChangeDetectionStrategy: Cache -tlsCipherSuites: -- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 -maxPods: {{default 110 settings.kubernetes.max-pods}} -staticPodPath: "/etc/kubernetes/static-pods/" diff --git a/packages/kubernetes-1.15/kubelet-env b/packages/kubernetes-1.15/kubelet-env deleted file mode 100644 index e4eb941b1c2..00000000000 --- a/packages/kubernetes-1.15/kubelet-env +++ /dev/null @@ -1,4 +0,0 @@ -NODE_IP={{settings.kubernetes.node-ip}} -NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} -NODE_TAINTS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-taints}} -POD_INFRA_CONTAINER_IMAGE={{settings.kubernetes.pod-infra-container-image}} diff --git a/packages/kubernetes-1.15/kubelet-exec-start-conf b/packages/kubernetes-1.15/kubelet-exec-start-conf deleted file mode 100644 index 1cc4d9cf246..00000000000 --- a/packages/kubernetes-1.15/kubelet-exec-start-conf +++ /dev/null @@ -1,24 +0,0 @@ -[Service] -ExecStart= -ExecStart=/usr/bin/kubelet \ -{{~#unless settings.kubernetes.standalone-mode}} - --cloud-provider aws \ - --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ -{{~#if (eq settings.kubernetes.authentication-mode "tls")}} - --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ -{{~/if}} -{{~else}} - --cloud-provider "" \ -{{~/unless}} - --config /etc/kubernetes/kubelet/config \ - --container-runtime=remote \ - --container-runtime-endpoint=unix:///run/dockershim.sock \ - --containerd=/run/dockershim.sock \ - --network-plugin cni \ - --root-dir /var/lib/kubelet \ - --cert-dir /var/lib/kubelet/pki \ - --volume-plugin-dir /var/lib/kubelet/plugins/volume/exec \ - --node-ip ${NODE_IP} \ - --node-labels "${NODE_LABELS}" \ - --register-with-taints "${NODE_TAINTS}" \ - --pod-infra-container-image ${POD_INFRA_CONTAINER_IMAGE} diff --git a/packages/kubernetes-1.15/kubelet-kubeconfig b/packages/kubernetes-1.15/kubelet-kubeconfig deleted file mode 100644 index e5309e732e4..00000000000 --- a/packages/kubernetes-1.15/kubelet-kubeconfig +++ /dev/null @@ -1,35 +0,0 @@ ---- -apiVersion: v1 -kind: Config -clusters: -- cluster: -{{~#if settings.kubernetes.api-server}} - certificate-authority: "/etc/kubernetes/pki/ca.crt" - server: "{{settings.kubernetes.api-server}}" -{{~/if}} - name: kubernetes -contexts: -- context: - cluster: kubernetes - user: kubelet - name: kubelet -current-context: kubelet -users: -- name: kubelet -{{~#if (eq settings.kubernetes.authentication-mode "aws")}} -{{~#if settings.kubernetes.cluster-name}} - user: - exec: - apiVersion: client.authentication.k8s.io/v1alpha1 - command: "/usr/bin/aws-iam-authenticator" - args: - - token - - "-i" - - "{{settings.kubernetes.cluster-name}}" -{{~/if}} -{{~/if}} -{{~#if (eq settings.kubernetes.authentication-mode "tls")}} - user: - client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" - client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" -{{~/if}} diff --git a/packages/kubernetes-1.15/kubelet-sysctl.conf b/packages/kubernetes-1.15/kubelet-sysctl.conf deleted file mode 100644 index ed68c7e197f..00000000000 --- a/packages/kubernetes-1.15/kubelet-sysctl.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Overcommit handling mode - 1: Always overcommit -vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.15/kubelet.service b/packages/kubernetes-1.15/kubelet.service deleted file mode 100644 index d9716943d78..00000000000 --- a/packages/kubernetes-1.15/kubelet.service +++ /dev/null @@ -1,31 +0,0 @@ -[Unit] -Description=Kubelet -Documentation=https://github.com/kubernetes/kubernetes -After=containerd.service configured.target -Wants=configured.target -BindsTo=containerd.service - -[Service] -Type=notify -EnvironmentFile=/etc/network/proxy.env -EnvironmentFile=/etc/kubernetes/kubelet/env -ExecStartPre=/sbin/iptables -P FORWARD ACCEPT -# Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to -ExecStartPre=/usr/bin/host-ctr \ - --containerd-socket=/run/dockershim.sock \ - --namespace=k8s.io \ - pull-image \ - --source=${POD_INFRA_CONTAINER_IMAGE} -# Must be overridden by a drop-in file or `kubelet` won't start -ExecStart=/usr/bin/false - -Restart=on-failure -RestartForceExitStatus=SIGPIPE -RestartSec=5 -Delegate=yes -KillMode=process -CPUAccounting=true -MemoryAccounting=true - -[Install] -WantedBy=multi-user.target diff --git a/packages/kubernetes-1.15/kubernetes-1.15.spec b/packages/kubernetes-1.15/kubernetes-1.15.spec deleted file mode 100644 index f9e555bc591..00000000000 --- a/packages/kubernetes-1.15/kubernetes-1.15.spec +++ /dev/null @@ -1,119 +0,0 @@ -%global goproject github.com/kubernetes -%global gorepo kubernetes -%global goimport %{goproject}/%{gorepo} - -%global gover 1.15.12 -%global rpmver %{gover} - -%global _dwz_low_mem_die_limit 0 - -Name: %{_cross_os}%{gorepo} -Version: %{rpmver} -Release: 1%{?dist} -Summary: Container cluster management -# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause -License: Apache-2.0 AND BSD-3-Clause -URL: https://%{goimport} -Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz -Source1: kubelet.service -Source2: kubelet-env -Source3: kubelet-config -Source4: kubelet-kubeconfig -Source5: kubernetes-ca-crt -Source6: kubelet-exec-start-conf -Source7: kubelet-bootstrap-kubeconfig -Source8: kubernetes-tmpfiles.conf -Source9: kubelet-sysctl.conf -Source1000: clarify.toml -Patch1: 0001-always-set-relevant-variables-for-cross-compiling.patch - -# Fix builds in $GOPATH when using Go 1.13 - drop when we catch up in v1.17.0 -# https://github.com/kubernetes/kubernetes/commit/8618c09 -Patch2: 0002-opt-out-of-module-mode-for-builds.patch - -Patch3: 0003-kubelet-block-non-forwarded-packets.patch -Patch4: 0004-include-etc-hosts-in-eviction-calc.patch - -BuildRequires: git -BuildRequires: rsync -BuildRequires: %{_cross_os}glibc-devel - -%description -%{summary}. - -%package -n %{_cross_os}kubelet-1.15 -Summary: Container cluster node agent -Requires: %{_cross_os}conntrack-tools -Requires: %{_cross_os}containerd -Requires: %{_cross_os}findutils - -%description -n %{_cross_os}kubelet-1.15 -%{summary}. - -%prep -%autosetup -Sgit -n %{gorepo}-%{gover} -p1 -%cross_go_setup %{gorepo}-%{gover} %{goproject} %{goimport} - -# third_party licenses -# multiarch/qemu-user-static ignored, we're not using it -cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph -cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit -cp third_party/forked/golang/LICENSE LICENSE.golang -cp third_party/forked/golang/PATENTS PATENTS.golang -cp third_party/go-srcimporter/LICENSE LICENSE.go-srcimporter -cp third_party/intemp/LICENSE LICENSE.intemp - -%build -%cross_go_configure %{goimport} -export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" -export GOLDFLAGS="-buildmode=pie -linkmode=external" -make WHAT="cmd/kubelet" - -%install -output="./_output/local/bin/linux/%{_cross_go_arch}" -install -d %{buildroot}%{_cross_bindir} -install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} - -install -d %{buildroot}%{_cross_unitdir} -install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir}/kubelet.service - -mkdir -p %{buildroot}%{_cross_templatedir} -install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env -install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config -install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig -install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt -install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf -install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig - -install -d %{buildroot}%{_cross_tmpfilesdir} -install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf - -install -d %{buildroot}%{_cross_libexecdir}/kubernetes -ln -rs \ - %{buildroot}%{_sharedstatedir}/kubelet/plugins \ - %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins - -mkdir -p %{buildroot}%{_cross_sysctldir} -install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf - -%cross_scan_attribution --clarify %{S:1000} go-vendor vendor - -%files -n %{_cross_os}kubelet-1.15 -%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang LICENSE.go-srcimporter LICENSE.intemp -%{_cross_attribution_file} -%{_cross_attribution_vendor_dir} -%{_cross_bindir}/kubelet -%{_cross_unitdir}/kubelet.service -%dir %{_cross_templatedir} -%{_cross_templatedir}/kubelet-env -%{_cross_templatedir}/kubelet-config -%{_cross_templatedir}/kubelet-kubeconfig -%{_cross_templatedir}/kubelet-bootstrap-kubeconfig -%{_cross_templatedir}/kubelet-exec-start-conf -%{_cross_templatedir}/kubernetes-ca-crt -%{_cross_tmpfilesdir}/kubernetes.conf -%dir %{_cross_libexecdir}/kubernetes -%{_cross_libexecdir}/kubernetes/kubelet-plugins -%{_cross_sysctldir}/90-kubelet.conf - -%changelog diff --git a/packages/kubernetes-1.15/kubernetes-ca-crt b/packages/kubernetes-1.15/kubernetes-ca-crt deleted file mode 100644 index ab82c485f56..00000000000 --- a/packages/kubernetes-1.15/kubernetes-ca-crt +++ /dev/null @@ -1,3 +0,0 @@ -{{~#if settings.kubernetes.cluster-certificate~}} -{{base64_decode settings.kubernetes.cluster-certificate}} -{{~/if~}} diff --git a/packages/kubernetes-1.15/kubernetes-tmpfiles.conf b/packages/kubernetes-1.15/kubernetes-tmpfiles.conf deleted file mode 100644 index 7673fd892f3..00000000000 --- a/packages/kubernetes-1.15/kubernetes-tmpfiles.conf +++ /dev/null @@ -1,2 +0,0 @@ -d /etc/kubernetes/static-pods - - - - -L /etc/kubernetes/manifests - - - - static-pods diff --git a/packages/kubernetes-1.15/pkg.rs b/packages/kubernetes-1.15/pkg.rs deleted file mode 100644 index d799fb2d44c..00000000000 --- a/packages/kubernetes-1.15/pkg.rs +++ /dev/null @@ -1 +0,0 @@ -// not used diff --git a/sources/logdog/conf/logdog.aws-k8s-1.15.conf b/sources/logdog/conf/logdog.aws-k8s-1.15.conf deleted file mode 120000 index 63115aee60b..00000000000 --- a/sources/logdog/conf/logdog.aws-k8s-1.15.conf +++ /dev/null @@ -1 +0,0 @@ -aws-k8s.conf \ No newline at end of file