0783ec950b
Currently, we use in the playbooks [1] an armada image built upstream [2]. We use armada from upstream helm2 branch. Armada needs to be patched to add support for k8s >=1.22. Proposed an upstream patch, but we don't know how long it takes until it is merged: https://review.opendev.org/c/airship/armada/+/845392 Instead of waiting for upstream commit to merge, and an image be generated, we provide the code change here, so an armada image with k8s >=1.22 support can be generated. The k8s >=1.22 support is added by patch 0003. Necessary StarlingX build changes to support generating an container image and push to https://hub.docker.com/r/starlingx will be addressed in another commit. Note: since we always used an upstream built armada container, this package purpose was to provide helm chart overrides. We add a new purpose: to release to opensource the changes we are about to do to armada, since we'll be building a container image using these changes. To achieve this we do the following: - upversion sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to ddbdd7256c20f138737f6cbd772312f7a19f58b8. This ensures we are patching the image used in the playbooks[2]. - create patches 0001 and 0002 to ensure there are no helm chart changes between upversion. This reduces testing effort related to original purpose (provide helm chart overrides) of this package. - create patch 0003 to add k8s >=1.22 support. - old patches are not changed, but renamed from 0001->0005 to 0004->0008 and regenerated. Other notes: We don't need to port this work to CentOS. This work is supposed to be temporary until the upstream airship/armada commit merges. Tests on Debian: PASS: build-pkgs -c -p armada PASS: make images Upload image to controller, use it. Using the new armada image do an apply,remove,apply,remove,apply chain for a custom StarlingX app. [1]: https://opendev.org/starlingx/ansible-playbooks/src/branch/ master/playbookconfig/src/playbooks/roles/common/ load-images-information/vars/k8s-v1.22.5/system-images.yml#L5 [2] quay.io/airshipit/armada: ddbdd7256c20f138737f6cbd772312f7a19f58b8-ubuntu_bionic Partial-Bug: 1978409 Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com> Change-Id: Id51c241a3965ef462d325da4ffce37a81693a9f4
84 lines
3.4 KiB
Diff
84 lines
3.4 KiB
Diff
From bf0cfeb9efe5c021b24dcd5ef4c353507d96e307 Mon Sep 17 00:00:00 2001
|
|
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
Date: Tue, 14 Jun 2022 15:45:22 +0300
|
|
Subject: [PATCH 1/8] Revert "Tiller: listen on localhost by default"
|
|
|
|
This reverts commit a3f11e5873bc5b97de579c627d7b57e3bc9f655e.
|
|
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
|
ddbdd7256c20f138737f6cbd772312f7a19f58b8 we observe a change to default
|
|
tiller port logic.
|
|
|
|
Keep old logic.
|
|
|
|
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
---
|
|
charts/armada/templates/deployment-api.yaml | 2 +-
|
|
charts/armada/values.yaml | 6 ------
|
|
charts/tiller/templates/deployment-tiller.yaml | 2 +-
|
|
charts/tiller/values.yaml | 6 ------
|
|
4 files changed, 2 insertions(+), 14 deletions(-)
|
|
|
|
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
index b7f93d7..f1395ef 100644
|
|
--- a/charts/armada/templates/deployment-api.yaml
|
|
+++ b/charts/armada/templates/deployment-api.yaml
|
|
@@ -178,7 +178,7 @@ spec:
|
|
{{- end }}
|
|
{{- end }}
|
|
- -listen
|
|
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
+ - ":{{ .Values.conf.tiller.port }}"
|
|
- -probe-listen
|
|
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
- -logtostderr
|
|
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
index b1ed61f..3a4427e 100644
|
|
--- a/charts/armada/values.yaml
|
|
+++ b/charts/armada/values.yaml
|
|
@@ -206,12 +206,6 @@ conf:
|
|
tiller:
|
|
# If set to false then some form of Tiller needs to be provided
|
|
enabled: true
|
|
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
- # The Armada container talks directly to Tiller via 127.0.0.1, so the
|
|
- # default value is appropriate for normal operation.
|
|
- listen_on_any: false
|
|
port: 24134
|
|
probe_port: 24135
|
|
verbosity: 5
|
|
diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml
|
|
index f6df614..1f04a13 100644
|
|
--- a/charts/tiller/templates/deployment-tiller.yaml
|
|
+++ b/charts/tiller/templates/deployment-tiller.yaml
|
|
@@ -104,7 +104,7 @@ spec:
|
|
{{- end }}
|
|
{{- end }}
|
|
- -listen
|
|
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
+ - ":{{ .Values.conf.tiller.port }}"
|
|
- -probe-listen
|
|
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
- -logtostderr
|
|
diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml
|
|
index ba776bc..495e3c1 100644
|
|
--- a/charts/tiller/values.yaml
|
|
+++ b/charts/tiller/values.yaml
|
|
@@ -52,12 +52,6 @@ conf:
|
|
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
|
# greater than that will have no effect.
|
|
prestop_sleep: 30
|
|
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
- # Helm clients with Kubernetes API access dynamically set up a portforward
|
|
- # into the pod, which works with the default setting.
|
|
- listen_on_any: false
|
|
port: 44134
|
|
probe_port: 44135
|
|
|
|
--
|
|
2.34.1
|
|
|