From 0d7efc10a835f5d62169e5fe83ac7438ed1de8db Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Tue, 15 Dec 2020 18:07:56 -0800 Subject: [PATCH 1/2] Add aws-k8s-1.19 variant with Kubernetes 1.19 --- .github/workflows/build.yml | 2 +- packages/Cargo.lock | 7 ++ packages/Cargo.toml | 1 + ...levant-variables-for-cross-compiling.patch | 77 ++++++++++++++++ ...de-SELinux-label-for-kubelet-plugins.patch | 24 +++++ packages/kubernetes-1.19/Cargo.toml | 21 +++++ packages/kubernetes-1.19/build.rs | 9 ++ packages/kubernetes-1.19/clarify.toml | 55 ++++++++++++ packages/kubernetes-1.19/kubelet-config | 34 ++++++++ packages/kubernetes-1.19/kubelet-env | 4 + packages/kubernetes-1.19/kubelet-kubeconfig | 24 +++++ packages/kubernetes-1.19/kubelet.service | 44 ++++++++++ packages/kubernetes-1.19/kubernetes-1.19.spec | 87 +++++++++++++++++++ packages/kubernetes-1.19/kubernetes-ca-crt | 1 + packages/kubernetes-1.19/pkg.rs | 1 + sources/logdog/conf/logdog.aws-k8s-1.19.conf | 1 + sources/models/README.md | 5 ++ sources/models/src/aws-k8s-1.19 | 1 + sources/models/src/lib.rs | 5 ++ variants/README.md | 7 ++ variants/aws-k8s-1.19/Cargo.lock | 5 ++ variants/aws-k8s-1.19/Cargo.toml | 22 +++++ variants/aws-k8s-1.19/build.rs | 9 ++ variants/aws-k8s-1.19/lib.rs | 1 + 24 files changed, 446 insertions(+), 1 deletion(-) create mode 100644 packages/kubernetes-1.19/0001-always-set-relevant-variables-for-cross-compiling.patch create mode 100644 packages/kubernetes-1.19/0002-override-SELinux-label-for-kubelet-plugins.patch create mode 100644 packages/kubernetes-1.19/Cargo.toml create mode 100644 packages/kubernetes-1.19/build.rs create mode 100644 packages/kubernetes-1.19/clarify.toml create mode 100644 packages/kubernetes-1.19/kubelet-config create mode 100644 packages/kubernetes-1.19/kubelet-env create mode 100644 packages/kubernetes-1.19/kubelet-kubeconfig create mode 100644 packages/kubernetes-1.19/kubelet.service create mode 100644 packages/kubernetes-1.19/kubernetes-1.19.spec create mode 100644 packages/kubernetes-1.19/kubernetes-ca-crt create mode 100644 packages/kubernetes-1.19/pkg.rs create mode 120000 sources/logdog/conf/logdog.aws-k8s-1.19.conf create mode 120000 sources/models/src/aws-k8s-1.19 create mode 100644 variants/aws-k8s-1.19/Cargo.lock create mode 100644 variants/aws-k8s-1.19/Cargo.toml create mode 100644 variants/aws-k8s-1.19/build.rs create mode 100644 variants/aws-k8s-1.19/lib.rs diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6c6503cb736..19cf86d02fa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,7 +8,7 @@ jobs: continue-on-error: ${{ matrix.supported }} strategy: matrix: - variant: [aws-k8s-1.15, aws-k8s-1.16, aws-k8s-1.17, aws-k8s-1.18, aws-ecs-1] + variant: [aws-k8s-1.15, aws-k8s-1.16, aws-k8s-1.17, aws-k8s-1.18, aws-k8s-1.19, aws-ecs-1] arch: [x86_64, aarch64] supported: [true] include: diff --git a/packages/Cargo.lock b/packages/Cargo.lock index 02cdc57d9a9..8372660430d 100644 --- a/packages/Cargo.lock +++ b/packages/Cargo.lock @@ -238,6 +238,13 @@ dependencies = [ "glibc", ] +[[package]] +name = "kubernetes-1_19" +version = "0.1.0" +dependencies = [ + "glibc", +] + [[package]] name = "libacl" version = "0.1.0" diff --git a/packages/Cargo.toml b/packages/Cargo.toml index 72ffa6fa833..a5197b6bbc4 100644 --- a/packages/Cargo.toml +++ b/packages/Cargo.toml @@ -31,6 +31,7 @@ members = [ "kubernetes-1.16", "kubernetes-1.17", "kubernetes-1.18", + "kubernetes-1.19", "libacl", "libattr", "libaudit", diff --git a/packages/kubernetes-1.19/0001-always-set-relevant-variables-for-cross-compiling.patch b/packages/kubernetes-1.19/0001-always-set-relevant-variables-for-cross-compiling.patch new file mode 100644 index 00000000000..1cefc4603c5 --- /dev/null +++ b/packages/kubernetes-1.19/0001-always-set-relevant-variables-for-cross-compiling.patch @@ -0,0 +1,77 @@ +From 43460991812f41748d2ebbb846e3d956b40b26ae Mon Sep 17 00:00:00 2001 +From: Ben Cressey +Date: Sat, 18 May 2019 16:57:12 +0000 +Subject: [PATCH 1/4] always set relevant variables for cross compiling + +Signed-off-by: Ben Cressey +--- + hack/lib/golang.sh | 52 ++++++++++++++++++++++++++-------------------- + 1 file changed, 30 insertions(+), 22 deletions(-) + +diff --git a/hack/lib/golang.sh b/hack/lib/golang.sh +index e9c3b066..14c15994 100755 +--- a/hack/lib/golang.sh ++++ b/hack/lib/golang.sh +@@ -394,29 +394,37 @@ kube::golang::set_platform_envs() { + export GOOS=${platform%/*} + export GOARCH=${platform##*/} + +- # Do not set CC when building natively on a platform, only if cross-compiling from linux/amd64 +- if [[ $(kube::golang::host_platform) == "linux/amd64" ]]; then +- # Dynamic CGO linking for other server architectures than linux/amd64 goes here +- # If you want to include support for more server platforms than these, add arch-specific gcc names here +- case "${platform}" in +- "linux/arm") +- export CGO_ENABLED=1 +- export CC=arm-linux-gnueabihf-gcc +- ;; +- "linux/arm64") +- export CGO_ENABLED=1 +- export CC=aarch64-linux-gnu-gcc +- ;; +- "linux/ppc64le") +- export CGO_ENABLED=1 +- export CC=powerpc64le-linux-gnu-gcc +- ;; +- "linux/s390x") +- export CGO_ENABLED=1 +- export CC=s390x-linux-gnu-gcc +- ;; +- esac ++ # Apply standard values for CGO_ENABLED and CC unless KUBE_BUILD_PLATFORMS is set. ++ if [ -z "${KUBE_BUILD_PLATFORMS}" ] ; then ++ export CGO_ENABLED=0 ++ export CC=gcc ++ return + fi ++ ++ # Dynamic CGO linking for other server architectures goes here ++ # If you want to include support for more server platforms than these, add arch-specific gcc names here ++ case "${platform}" in ++ "linux/amd64") ++ export CGO_ENABLED=1 ++ export CC=x86_64-bottlerocket-linux-gnu-gcc ++ ;; ++ "linux/arm") ++ export CGO_ENABLED=1 ++ export CC=arm-bottlerocket-linux-gnueabihf-gcc ++ ;; ++ "linux/arm64") ++ export CGO_ENABLED=1 ++ export CC=aarch64-bottlerocket-linux-gnu-gcc ++ ;; ++ "linux/ppc64le") ++ export CGO_ENABLED=1 ++ export CC=powerpc64le-bottlerocket-linux-gnu-gcc ++ ;; ++ "linux/s390x") ++ export CGO_ENABLED=1 ++ export CC=s390x-bottlerocket-linux-gnu-gcc ++ ;; ++ esac + } + + kube::golang::unset_platform_envs() { +-- +2.21.0 + diff --git a/packages/kubernetes-1.19/0002-override-SELinux-label-for-kubelet-plugins.patch b/packages/kubernetes-1.19/0002-override-SELinux-label-for-kubelet-plugins.patch new file mode 100644 index 00000000000..a175fdbcd60 --- /dev/null +++ b/packages/kubernetes-1.19/0002-override-SELinux-label-for-kubelet-plugins.patch @@ -0,0 +1,24 @@ +From 03c21553cbd554761302f49f4e3e5c1d78a209cc Mon Sep 17 00:00:00 2001 +From: Ben Cressey +Date: Tue, 17 Mar 2020 20:14:31 +0000 +Subject: [PATCH 4/4] override SELinux label for kubelet plugins + +Signed-off-by: Ben Cressey +--- + pkg/kubelet/config/defaults.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/pkg/kubelet/config/defaults.go b/pkg/kubelet/config/defaults.go +index 6c1e4ebf..1bce6b86 100644 +--- a/pkg/kubelet/config/defaults.go ++++ b/pkg/kubelet/config/defaults.go +@@ -26,5 +26,5 @@ const ( + DefaultKubeletContainersDirName = "containers" + DefaultKubeletPluginContainersDirName = "plugin-containers" + DefaultKubeletPodResourcesDirName = "pod-resources" +- KubeletPluginsDirSELinuxLabel = "system_u:object_r:container_file_t:s0" ++ KubeletPluginsDirSELinuxLabel = "system_u:object_r:local_t:s0" + ) +-- +2.21.0 + diff --git a/packages/kubernetes-1.19/Cargo.toml b/packages/kubernetes-1.19/Cargo.toml new file mode 100644 index 00000000000..dcb1410b660 --- /dev/null +++ b/packages/kubernetes-1.19/Cargo.toml @@ -0,0 +1,21 @@ +[package] +# "." is not allowed in crate names, but we want a friendlier name for the +# directory and spec file, so we override it below. +name = "kubernetes-1_19" +version = "0.1.0" +edition = "2018" +publish = false +build = "build.rs" + +[package.metadata.build-package] +package-name = "kubernetes-1.19" + +[lib] +path = "pkg.rs" + +[[package.metadata.build-package.external-files]] +url = "https://github.com/kubernetes/kubernetes/archive/v1.19.6/kubernetes-1.19.6.tar.gz" +sha512 = "d7c6db2fa399b04a3acae792546fa0384e6b3a3e5eaa2c1ba6c49d656da0197f5be3d009756313436816f3839825c66ce23a06a1ec35c37f1c3fcfba79f9ac32" + +[build-dependencies] +glibc = { path = "../glibc" } diff --git a/packages/kubernetes-1.19/build.rs b/packages/kubernetes-1.19/build.rs new file mode 100644 index 00000000000..cad8999af53 --- /dev/null +++ b/packages/kubernetes-1.19/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-package").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/packages/kubernetes-1.19/clarify.toml b/packages/kubernetes-1.19/clarify.toml new file mode 100644 index 00000000000..9c19f36ac18 --- /dev/null +++ b/packages/kubernetes-1.19/clarify.toml @@ -0,0 +1,55 @@ +[clarify."github.com/JeffAshton/win_pdh"] +expression = "BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xb221dcc9 }, +] + +[clarify."github.com/daviddengcn/go-colortext"] +expression = "BSD-3-Clause AND MIT" +license-files = [ + { path = "LICENSE", hash = 0x9769fae1 }, +] + +[clarify."github.com/ghodss/yaml"] +expression = "MIT AND BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xcdf3ae00 }, +] + +[clarify."github.com/heketi/heketi"] +# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ +expression = "LGPL-3.0-or-later OR Apache-2.0" +license-files = [ + { path = "LICENSE", hash = 0x3c4b96d1 }, + { path = "LICENSE-APACHE2", hash = 0x438c8616 }, + { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, +] +skip-files = [ "COPYING-GPLV2" ] + +[clarify."github.com/go-bindata/go-bindata"] +expression = "CC0-1.0" +license-files = [ + { path = "LICENSE", hash = 0x393fafd6 }, +] + +[clarify."github.com/miekg/dns"] +expression = "BSD-3-Clause" +license-files = [ + { path = "COPYRIGHT", hash = 0xe41dd36c }, + { path = "LICENSE", hash = 0xbd510d7b }, +] + +[clarify."sigs.k8s.io/yaml"] +expression = "MIT AND BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xcdf3ae00 }, +] + +[clarify."honnef.co/go/tools"] +expression = "MIT AND BSD-3-Clause AND Apache-2.0" +license-files = [ + { path = "LICENSE", hash = 0xad378ed2 }, + { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, + { path = "lint/LICENSE", hash = 0xc6b58232 }, + { path = "ssa/LICENSE", hash = 0xe656fb62 }, +] diff --git a/packages/kubernetes-1.19/kubelet-config b/packages/kubernetes-1.19/kubelet-config new file mode 100644 index 00000000000..78e295c1c13 --- /dev/null +++ b/packages/kubernetes-1.19/kubelet-config @@ -0,0 +1,34 @@ +--- +kind: KubeletConfiguration +apiVersion: kubelet.config.k8s.io/v1beta1 +address: 0.0.0.0 +authentication: + anonymous: + enabled: false + webhook: + cacheTTL: 2m0s + enabled: true + x509: + clientCAFile: "/etc/kubernetes/pki/ca.crt" +authorization: + mode: Webhook + webhook: + cacheAuthorizedTTL: 5m0s + cacheUnauthorizedTTL: 30s +clusterDomain: {{settings.kubernetes.cluster-domain}} +clusterDNS: +- {{settings.kubernetes.cluster-dns-ip}} +resolvConf: "/etc/resolv.conf" +hairpinMode: hairpin-veth +cgroupDriver: systemd +cgroupRoot: "/" +runtimeRequestTimeout: 15m +featureGates: + RotateKubeletServerCertificate: true + CSIMigration: false +serializeImagePulls: false +serverTLSBootstrap: true +configMapAndSecretChangeDetectionStrategy: Cache +tlsCipherSuites: +- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +maxPods: {{default 110 settings.kubernetes.max-pods}} diff --git a/packages/kubernetes-1.19/kubelet-env b/packages/kubernetes-1.19/kubelet-env new file mode 100644 index 00000000000..e4eb941b1c2 --- /dev/null +++ b/packages/kubernetes-1.19/kubelet-env @@ -0,0 +1,4 @@ +NODE_IP={{settings.kubernetes.node-ip}} +NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} +NODE_TAINTS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-taints}} +POD_INFRA_CONTAINER_IMAGE={{settings.kubernetes.pod-infra-container-image}} diff --git a/packages/kubernetes-1.19/kubelet-kubeconfig b/packages/kubernetes-1.19/kubelet-kubeconfig new file mode 100644 index 00000000000..775e7a576c7 --- /dev/null +++ b/packages/kubernetes-1.19/kubelet-kubeconfig @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: Config +clusters: +- cluster: + certificate-authority: "/etc/kubernetes/pki/ca.crt" + server: "{{settings.kubernetes.api-server}}" + name: kubernetes +contexts: +- context: + cluster: kubernetes + user: kubelet + name: kubelet +current-context: kubelet +users: +- name: kubelet + user: + exec: + apiVersion: client.authentication.k8s.io/v1alpha1 + command: "/usr/bin/aws-iam-authenticator" + args: + - token + - "-i" + - "{{settings.kubernetes.cluster-name}}" diff --git a/packages/kubernetes-1.19/kubelet.service b/packages/kubernetes-1.19/kubelet.service new file mode 100644 index 00000000000..bb6376d2cc9 --- /dev/null +++ b/packages/kubernetes-1.19/kubelet.service @@ -0,0 +1,44 @@ +[Unit] +Description=Kubelet +Documentation=https://github.com/kubernetes/kubernetes +After=containerd.service configured.target +Wants=configured.target +BindsTo=containerd.service + +[Service] +Type=notify +EnvironmentFile=/etc/kubernetes/kubelet/env +ExecStartPre=/sbin/iptables -P FORWARD ACCEPT +# Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to +ExecStartPre=/usr/bin/host-ctr \ + --containerd-socket=/run/dockershim.sock \ + --namespace=k8s.io \ + pull-image \ + --source=${POD_INFRA_CONTAINER_IMAGE} +ExecStart=/usr/bin/kubelet \ + --cloud-provider aws \ + --config /etc/kubernetes/kubelet/config \ + --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ + --container-runtime=remote \ + --container-runtime-endpoint=unix:///run/dockershim.sock \ + --containerd=/run/dockershim.sock \ + --network-plugin cni \ + --root-dir /var/lib/kubelet \ + --cert-dir /var/lib/kubelet/pki \ + --volume-plugin-dir /var/lib/kubelet/plugins/volume/exec \ + --node-ip ${NODE_IP} \ + --node-labels "${NODE_LABELS}" \ + --register-with-taints "${NODE_TAINTS}" \ + --pod-infra-container-image ${POD_INFRA_CONTAINER_IMAGE} + +Restart=on-failure +RestartForceExitStatus=SIGPIPE +RestartSec=5 +Delegate=yes +KillMode=process +CPUAccounting=true +MemoryAccounting=true + +[Install] +WantedBy=multi-user.target +RequiredBy=mark-successful-boot.service diff --git a/packages/kubernetes-1.19/kubernetes-1.19.spec b/packages/kubernetes-1.19/kubernetes-1.19.spec new file mode 100644 index 00000000000..5803b588708 --- /dev/null +++ b/packages/kubernetes-1.19/kubernetes-1.19.spec @@ -0,0 +1,87 @@ +%global goproject github.com/kubernetes +%global gorepo kubernetes +%global goimport %{goproject}/%{gorepo} + +%global gover 1.19.6 +%global rpmver %{gover} + +%global _dwz_low_mem_die_limit 0 + +Name: %{_cross_os}%{gorepo} +Version: %{rpmver} +Release: 1%{?dist} +Summary: Container cluster management +# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause +License: Apache-2.0 AND BSD-3-Clause +URL: https://%{goimport} +Source0: https://%{goimport}/archive/v%{gover}/%{gorepo}-%{gover}.tar.gz +Source1: kubelet.service +Source2: kubelet-env +Source3: kubelet-config +Source4: kubelet-kubeconfig +Source5: kubernetes-ca-crt +Source1000: clarify.toml +Patch1: 0001-always-set-relevant-variables-for-cross-compiling.patch +Patch2: 0002-override-SELinux-label-for-kubelet-plugins.patch + +BuildRequires: git +BuildRequires: rsync +BuildRequires: %{_cross_os}glibc-devel + +%description +%{summary}. + +%package -n %{_cross_os}kubelet-1.19 +Summary: Container cluster node agent +Requires: %{_cross_os}conntrack-tools +Requires: %{_cross_os}containerd +Requires: %{_cross_os}findutils + +%description -n %{_cross_os}kubelet-1.19 +%{summary}. + +%prep +%autosetup -Sgit -n %{gorepo}-%{gover} -p1 + +# third_party licenses +# multiarch/qemu-user-static ignored, we're not using it +cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph +cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit +cp third_party/forked/golang/LICENSE LICENSE.golang +cp third_party/forked/golang/PATENTS PATENTS.golang +cp third_party/intemp/LICENSE LICENSE.intemp + +%build +export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" +export GOLDFLAGS="-buildmode=pie -linkmode=external" +make WHAT="cmd/kubelet" + +%install +output="./_output/local/bin/linux/%{_cross_go_arch}" +install -d %{buildroot}%{_cross_bindir} +install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} + +install -d %{buildroot}%{_cross_unitdir} +install -p -m 0644 %{S:1} %{buildroot}%{_cross_unitdir}/kubelet.service + +mkdir -p %{buildroot}%{_cross_templatedir} +install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env +install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config +install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig +install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt + +%cross_scan_attribution --clarify %{S:1000} go-vendor vendor + +%files -n %{_cross_os}kubelet-1.19 +%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang LICENSE.intemp +%{_cross_attribution_file} +%{_cross_attribution_vendor_dir} +%{_cross_bindir}/kubelet +%{_cross_unitdir}/kubelet.service +%dir %{_cross_templatedir} +%{_cross_templatedir}/kubelet-env +%{_cross_templatedir}/kubelet-config +%{_cross_templatedir}/kubelet-kubeconfig +%{_cross_templatedir}/kubernetes-ca-crt + +%changelog diff --git a/packages/kubernetes-1.19/kubernetes-ca-crt b/packages/kubernetes-1.19/kubernetes-ca-crt new file mode 100644 index 00000000000..0a726ad63df --- /dev/null +++ b/packages/kubernetes-1.19/kubernetes-ca-crt @@ -0,0 +1 @@ +{{base64_decode settings.kubernetes.cluster-certificate}} diff --git a/packages/kubernetes-1.19/pkg.rs b/packages/kubernetes-1.19/pkg.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/packages/kubernetes-1.19/pkg.rs @@ -0,0 +1 @@ +// not used diff --git a/sources/logdog/conf/logdog.aws-k8s-1.19.conf b/sources/logdog/conf/logdog.aws-k8s-1.19.conf new file mode 120000 index 00000000000..63115aee60b --- /dev/null +++ b/sources/logdog/conf/logdog.aws-k8s-1.19.conf @@ -0,0 +1 @@ +aws-k8s.conf \ No newline at end of file diff --git a/sources/models/README.md b/sources/models/README.md index 8af5f550ef5..15ad5ad127b 100644 --- a/sources/models/README.md +++ b/sources/models/README.md @@ -40,6 +40,11 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and * [Model](src/aws-k8s-1.18/mod.rs) * [Overridden defaults](src/aws-k8s-1.18/override-defaults.toml) +### aws-k8s-1.19: Kubernetes 1.19 + +* [Model](src/aws-k8s-1.19/mod.rs) +* [Overridden defaults](src/aws-k8s-1.19/override-defaults.toml) + ### aws-ecs-1: Amazon ECS * [Model](src/aws-ecs-1/mod.rs) diff --git a/sources/models/src/aws-k8s-1.19 b/sources/models/src/aws-k8s-1.19 new file mode 120000 index 00000000000..fdd52e86856 --- /dev/null +++ b/sources/models/src/aws-k8s-1.19 @@ -0,0 +1 @@ +aws-k8s-1.18 \ No newline at end of file diff --git a/sources/models/src/lib.rs b/sources/models/src/lib.rs index 41deb4ecd36..8b16c2b1b71 100644 --- a/sources/models/src/lib.rs +++ b/sources/models/src/lib.rs @@ -37,6 +37,11 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and * [Model](src/aws-k8s-1.18/mod.rs) * [Overridden defaults](src/aws-k8s-1.18/override-defaults.toml) +## aws-k8s-1.19: Kubernetes 1.19 + +* [Model](src/aws-k8s-1.19/mod.rs) +* [Overridden defaults](src/aws-k8s-1.19/override-defaults.toml) + ## aws-ecs-1: Amazon ECS * [Model](src/aws-ecs-1/mod.rs) diff --git a/variants/README.md b/variants/README.md index 5f04670c617..f0ffd2bd1a6 100644 --- a/variants/README.md +++ b/variants/README.md @@ -52,6 +52,13 @@ It supports self-hosted clusters and clusters managed by [EKS](https://aws.amazo This variant is compatible with Kubernetes 1.18, 1.19, and 1.20 clusters. +### aws-k8s-1.19: Kubernetes 1.19 node + +The [aws-k8s-1.19](aws-k8s-1.19/Cargo.toml) variant includes the packages needed to run a Kubernetes node in AWS. +It supports self-hosted clusters and clusters managed by [EKS](https://aws.amazon.com/eks/). + +This variant is compatible with Kubernetes 1.19, 1.20, and 1.21 clusters. + ### aws-ecs-1: Amazon ECS container instance The [aws-ecs-1](aws-ecs-1/Cargo.toml) variant includes the packages needed to run an [Amazon ECS](https://ecs.aws) diff --git a/variants/aws-k8s-1.19/Cargo.lock b/variants/aws-k8s-1.19/Cargo.lock new file mode 100644 index 00000000000..d3f0ad3eb74 --- /dev/null +++ b/variants/aws-k8s-1.19/Cargo.lock @@ -0,0 +1,5 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "aws-k8s-1_19" +version = "0.1.0" diff --git a/variants/aws-k8s-1.19/Cargo.toml b/variants/aws-k8s-1.19/Cargo.toml new file mode 100644 index 00000000000..6de2c309bc0 --- /dev/null +++ b/variants/aws-k8s-1.19/Cargo.toml @@ -0,0 +1,22 @@ +[package] +# This is the aws-k8s-1.19 variant. "." is not allowed in crate names, but we +# don't use this crate name anywhere. +name = "aws-k8s-1_19" +version = "0.1.0" +edition = "2018" +publish = false +build = "build.rs" +# Don't rebuild crate just because of changes to README. +exclude = ["README.md"] + +[package.metadata.build-variant] +included-packages = [ + "aws-iam-authenticator", + "cni", + "cni-plugins", + "kubelet-1.19", + "release", +] + +[lib] +path = "lib.rs" diff --git a/variants/aws-k8s-1.19/build.rs b/variants/aws-k8s-1.19/build.rs new file mode 100644 index 00000000000..d6a90e4df44 --- /dev/null +++ b/variants/aws-k8s-1.19/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-variant").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/variants/aws-k8s-1.19/lib.rs b/variants/aws-k8s-1.19/lib.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/variants/aws-k8s-1.19/lib.rs @@ -0,0 +1 @@ +// not used From dee158ab19b80dd48d8c52358c5c5a41eb505e37 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Tue, 5 Jan 2021 11:14:45 -0800 Subject: [PATCH 2/2] kubelet-1.19: remove '--volume-plugin-dir', specify in config instead '--volume-plugin-dir' has been deprecated. Now specifying volumePluginDir via kubelet's config file. --- packages/kubernetes-1.19/kubelet-config | 1 + packages/kubernetes-1.19/kubelet.service | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/kubernetes-1.19/kubelet-config b/packages/kubernetes-1.19/kubelet-config index 78e295c1c13..3b390066daf 100644 --- a/packages/kubernetes-1.19/kubelet-config +++ b/packages/kubernetes-1.19/kubelet-config @@ -31,4 +31,5 @@ serverTLSBootstrap: true configMapAndSecretChangeDetectionStrategy: Cache tlsCipherSuites: - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" maxPods: {{default 110 settings.kubernetes.max-pods}} diff --git a/packages/kubernetes-1.19/kubelet.service b/packages/kubernetes-1.19/kubelet.service index bb6376d2cc9..42c109a67e0 100644 --- a/packages/kubernetes-1.19/kubelet.service +++ b/packages/kubernetes-1.19/kubelet.service @@ -25,7 +25,6 @@ ExecStart=/usr/bin/kubelet \ --network-plugin cni \ --root-dir /var/lib/kubelet \ --cert-dir /var/lib/kubelet/pki \ - --volume-plugin-dir /var/lib/kubelet/plugins/volume/exec \ --node-ip ${NODE_IP} \ --node-labels "${NODE_LABELS}" \ --register-with-taints "${NODE_TAINTS}" \