Commit Graph

26 Commits

Author SHA1 Message Date
Saul Wold
83c6575d51 integ: Convert wrsroot -> sysadmin
This also changes the group wrs_protected to sys_protected
to de-brand the user and group names.

Depends-On: I887464a20fc17d66529caea03be2b445156f9426
Change-Id: Ic2ea06d3ac15c31854a604af5f4cecf9094fcaea
Story: 2004716
Task: 28748
Signed-off-by: Saul Wold <sgw@linux.intel.com>
2019-06-14 15:09:09 -07:00
Scott Little
526f115ede Add two sriov docker images to the stable docker image build.
The SRIOV network device plugin is Kubernetes device plugin for
discovering and advertising SRIOV network virtual functions (VFs) in a
Kubernetes host.

StarlingX support requires us to build the following plugin images:

starlingx/k8s-cni-sriov: derived from ...
    https://github.com/intel/sriov-cni

starlingx/k8s-plugins-sriov-network-device: derived from ...
    https://github.com/intel/sriov-network-device-plugin

Change-Id: I1ab9f642040dcacfc4e3494cbc6aef83816d3c20
Depends-on: Iea5eae32bd245557a4b02c9825297343a001e778
Story: 2005208
Task: 33485
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-05-28 13:58:00 -04:00
Jim Gauld
6bd45c96dd Create k8s-infra cgroup path before kubelet launch
This adds a kubelet ExecStartPre script to ensure cgroup is setup
prior to kubelet launch. This creates k8s-infra cgroup for a minimal
set of resource controllers, and configures cpuset attributes to span
all online cpus and nodes. This will do nothing if the k8s-infra cgroup
already exists (i.e., assume already configured).

NOTE: The creation of directories under /sys/fs/cgroup is volatile, and
does not persist reboots. The cpuset.mems and cpuset.cpus is later
updated by puppet kubernetes.pp manifest.

Tests performed:
Standard system: system install, lock/unlock controller & computes,
forced reboot: active/standby controller, computes.

Change-Id: I6a7aad5c40fe8225e9e16c8d8b40a0cffd76715d
Closes-Bug: 1828270
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
2019-05-17 00:28:04 -04:00
Zuul
e3778d017e Merge "Add support for multiple helm repositories in helm-upload" 2019-05-10 22:45:18 +00:00
Jerry Sun
d863a1e2a3 Enable Local Docker Registry Image Delete
Change config file to allow controller local Docker registry images to
be deleted.

Story: 2002840
Task: 28621

Change-Id: I636a8e26f92c50ebc2222292cd21f7e7784ed2ac
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
2019-05-09 15:26:30 -04:00
Zuul
7367da9ed0 Merge "Add Cloud-Provider-Openstack to Build" 2019-05-02 18:42:23 +00:00
Robert Church
1be7dcd3bd Add support for multiple helm repositories in helm-upload
Update the helm-upload script to require specifying a specific helm
repository to use with it's operations.

Change-Id: I4b1a3615a6bd5d0bdd834a1cdf27c05d5a1057a0
Story: 2005424
Task: 30645
Signed-off-by: Robert Church <robert.church@windriver.com>
2019-04-27 05:02:48 -04:00
Al Bailey
65ab88f214 Add spec file for building etcd 3.2.24
etcd 3.2.24 is the required version for kubernetes 1.13

There is no 3.2.24 src rpm, so the github archive is used as
the source code.

The original spec file and additional files are
from the etcd 3.2.22 src rpm in centos.

Story: 2005198
Task: 30405
Depends-On: I8f7061a9577941c257046721dbf5e957375691ab
Change-Id: Iab65a3bcd9e9d3f9968515c35675119bb06b9a54
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-04-10 12:51:55 -05:00
Jerry Sun
1f5b8375f8 Add Cloud-Provider-Openstack to Build
Cloud-Provider-Openstack is required for Keystone authentication with
Kubernetes. This commit brings in Cloud-Provider-Openstack as a
pre-built binary to shove into an RPM as part of the ISO. The source
is also downloaded, but not used at the moment.

Story: 2002843
Task: 26958
Depends-On: https://review.openstack.org/651326

Change-Id: If2a7a1d696370c8e40a11f8002c9a597406eb2db
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
2019-04-10 10:45:51 -04:00
Al Bailey
ce13ffe1f2 Upversion to kubernetes 1.13.5 and helm 2.13.1
Updated the spec file and src version.

Story: 2005198
Task: 30209
Depends-On: I8b6f7bf14afda36ee8c558175598f3e810506fe8
Change-Id: If9476b26b315e8c863e1ec487cbf701972a82a98
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-04-01 10:10:06 -05:00
Bin Qian
2b5e9fe31a Enable kubelet service to be monitored by pmond
Generate/clear kubelet.pid file at start/stop of kubelet service

Story: 2002843
Task: 29216

Change-Id: I41206c7ea14d79b5d0cbca945e7a6488eda9b7bb
Signed-off-by: Bin Qian <bin.qian@windriver.com>
2019-02-11 15:33:00 -05:00
Al Bailey
76989227c7 Uprev kubernetes to 1.12.3
Rather than storing a diff file of the spec file changes,
the original spec file is included for easier comparison.

Story: 2002843
Task: 28909
Change-Id: I11b327e292e9acdeee66d0869f2b159698e40706
Depends-On: Ifb2ca9f36ae2a2f69038f0aad05a4af93eaaa5ad
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-01-22 09:39:50 -06:00
Jerry Sun
7bb43963d3 Build registry-token-server without dep
This change reworks the registry-token-server package spec with
go dependencies downloaded at mirror-download time, rather than
at build time.  The dependencies (at fixed revisions) are
extracted into the package's build tree for compilation.

Story: 2002840
Task: 22783
Depends-On: https://review.openstack.org/#/c/631001/
Change-Id: Ib7d745c6469beacf029195c3e6eaa4935f398483
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
Signed-off-by: Jason McKenna <jason.mckenna@windriver.com>
2019-01-18 09:36:15 -05:00
Angie Wang
d2a4c3d012 Helm repository replication
This updates the helm-upload to stop syncing charts to standby
controller as charts are changed to store in drbd fs.

Story: 2004520
Task: 28343
Depends-On: https://review.openstack.org/#/c/630763/
Change-Id: I12f17fae6124650d878ba7a560f94b7a8ed36e56
Signed-off-by: Angie Wang <angie.wang@windriver.com>
2019-01-14 15:05:47 -05:00
Zuul
0dcd28bea1 Merge "Upversion helm spec to v2.12.1" 2019-01-08 17:18:10 +00:00
Jerry Sun
6714d6b8d7 Add Docker Registry Token Server
As part of setting up Keystone authentication with Docker registry,
a token server needs to be deployed and managed by SM. This commit
adds the source code and spec files to build the token server used by
Docker registry for authentication with Keystone. The token server is
a modified version of the example token server provided by Docker
Distribution. The changes uses the Gophercloud library to communicate
with Keystone as opposed to checking the user credentials against an
existing HTPASSWD file.

Story: 2002840
Task: 22783
Depends-On: https://review.openstack.org/#/c/625335/

Change-Id: I00f5aa1073d496aa0b08223c6fa1fcbaf9d5b89b
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
2019-01-08 11:42:04 -05:00
Joseph Richard
d3ff5a1c77 Upversion helm spec to v2.12.1
This commit upversions helm from v2.11.0 to v2.12.1.
This is necessary as support for kubernetes v1.12 support is only
introduced in helm v2.12.

Story: 2004520
Task: 28777
Depends-on: I2501cd1174f85810892e51ac8a44746302eeb120
Change-Id: I605f1ba2c7fda52d9e0bf84b6132314efad15b24
Signed-off-by: Joseph Richard <joseph.richard@windriver.com>
2019-01-08 15:55:37 +00:00
zhipengl
90f45c0c32 Remove the folder of docker-ce
Since we do not add this package to centos_pks_dirs, it can be removed.
It seems this folder was deprecated. As I see, docker-ce RPM is already
there and packaged in iso.

Story: 2004587
Task: 28461

Change-Id: Ice8ac0f8a8cdbd02f3a0f87165f5971a0aba5388
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2018-12-14 01:18:24 +00:00
Al Bailey
d29f540813 Uprev kubernetes from 1.10 to 1.12.1
This requires golang upversioned to 1.10.2 or later

The older kubernetes was a src rpm. This is a src tarball
so the files and patches from the old src rpm are included here.

Some of the files from the 1.10 src rpm failed lint checks, so
they have been updated.

ppc patch from 1.10 was removed.
golang debug patch for ELF removed.

The kubeadm.conf originates  from:
 kubernetes/build/rpms/10-kubeadm.conf

Story: 2002843
Task: 26751
Change-Id: Ib5602a4a57c0e8998430b0774375853cdd2bca01
Depends-On: I1ea17cc89d839e0ffa90459965c521e504695294
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2018-10-18 10:36:39 -05:00
Jerry Sun
58cb1190e0 Docker Registry PID file missing
The missing PID file was spamming SM logs. This commit creates the
missing PID file for Docker Registry which fixes the issue.

Task: 22782
Story: 2002840

Change-Id: I10438e034165de88649a0228ffa9840768f6a1d6
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
2018-10-15 10:02:27 -04:00
Al Bailey
4d3140627a Up-version Helm from 2.9.1 to 2.11.0
Point the spec and data file to the newer version.
Reset the TIS patch version from 3 to 1

Story: 2002843
Task: 26751
Depends-On: Ic6a75a2c89d6992433fe78407ff4464da339e776
Change-Id: I5afb5847204c62214689f9e246a4c9c0ddaf02b7
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2018-10-11 15:14:22 -05:00
Robert Church
98aa0d5f2b Enable helm repository and chart upload tool
There's a lot going on here but conceptually we're just enabling a
local helm repo along with a helper script to install helm charts into
the repo.

The first item is to configure lighttpd to serve up helm charts as
static information (so no proxying) at http://127.0.0.1/helm_charts".
This is fairly straightforward, but the files are served out of
/www which isn't a replicated filesystem and which is owned by the www
user.

The helm puppet manifest is modified to create the "helm_charts"
directory for the webserver, to generate the initial index file,
and to tell helm to add the new repo for the "wrsroot" user.  The
various commands are run as specific users with specific environment
variables, this is key to making everything work as planned.

To allow the wrsroot user to upload charts into /www the helm-upload
script will re-run itself as the www user.  /etc/sudoers.d is modified
to allow this without asking for a password.  The upload script will
copy the specified charts in to /www/pages/helm_charts, and will then
regenerate the index.yaml file. The upload script will then try to
sync the files over to the other node.  To enable this without
prompting for a password we modify /etc/rsyncd.conf to allow
passwordless syncing into /www/helm_charts.

In a future commit we'll need to sync charts with the other
controller when booting up, and also configure the local starlingx
helm repo on the second controller.

Change-Id: I86a7795decb7833cb22c04e34e298c8d24ed7fa3
Signed-off-by: David Sullivan <david.sullivan@windriver.com>
Story: 2002876
Task: 22831
Depends-On: https://review.openstack.org/596802
2018-08-27 13:25:56 -04:00
Don Penney
2b2aede21f Remove tiller image tarball from helm package
This update removes the tiller-2.9.1-docker-image.tgz tarball from
the helm package until it can be properly gernerated within the
build framework.

Story: 2002876
Task: 22831

Change-Id: Ie54187b0462be22af5e8935fd4fd25c6ff913332
Signed-off-by: Jack Ding <jack.ding@windriver.com>
2018-07-31 08:59:40 -04:00
Chris Friesen
53d3777a35 Add helm package for kubernetes
Story: 2002876
Task: 22831
Depends-On: https://review.openstack.org/587279

Change-Id: I4d376cf3adc3b95d51c78f1a2aa47017fb022aa9
Signed-off-by: Jack Ding <jack.ding@windriver.com>
2018-07-31 08:59:40 -04:00
Jerry Sun
28cb9d1436 Add docker-distribution package for kubernetes
Story: 2002840
Task: 22781
Depends-On: https://review.openstack.org/587279

Change-Id: I7459920837a41bdf8733414415878299c02ce768
Signed-off-by: Jack Ding <jack.ding@windriver.com>
2018-07-31 08:59:40 -04:00
Shoaib Nasir
37ef9a2f9e Adding Kubernetes packages
Change-Id: I13aeef0bbb019055d51e43c63fdf3ba0bb0d8775
Signed-off-by: Bart Wensley <barton.wensley@windriver.com>
2018-06-25 13:15:22 -05:00