Fix core_pattern and add token creation script

Remove trailing double quotes from k8s-coredump-handler debian kernel.core_pattern and add a shell script that creates the k8s-coredump token that will be used by the upgrade procedure on a Standard System. Test Plan: PASS: Install and bootstrap system for a Standard configuration. PASS: Verify if kernel.core_pattern is not with a trailing double quote. PASS: Install standard 22.06, upgrade to 22.12 and verify if token is created correctly on all nodes. Regression: PASS: After bootstrap, create and crash a pod with annotations configured and verify if coredump is generated on pod namespace on each node. PASS: After bootstrap, crash a non k8s application and verify that the coredump is generated as previously (by systemd-coredump) on each node. Closes-bug: 1996054 Signed-off-by: Heron Vieira <heron.vieira@windriver.com> Change-Id: I8b2e8fdefe093f4c3cdf12c65910e16f0fd7a351
2022-11-09 10:15:50 -03:00 · 2022-11-09 10:15:50 -03:00 · 1dc658483a
parent 5a653a9e4b
commit 1dc658483a
3 changed files with 31 additions and 1 deletions
--- a/utilities/k8s-coredump/debian/deb_folder/rules
+++ b/utilities/k8s-coredump/debian/deb_folder/rules
@ -17,4 +17,5 @@ override_dh_install:

 	install -d -m 755 $(ETC_K8S_DIR)
 	install -p -D -m 644 files/k8s-coredump.yaml $(ETC_K8S_DIR)
+	install -p -D -m 644 files/create-k8s-account.sh $(ETC_K8S_DIR)
 	dh_install
--- a/utilities/k8s-coredump/files/create-k8s-account.sh
+++ b/utilities/k8s-coredump/files/create-k8s-account.sh
@ -0,0 +1,29 @@
+#! /bin/bash
+
+LOG_FILE="/var/log/k8s-account-creation-script.log"
+FILE="/etc/k8s-coredump-conf.json"
+
+# Check if file exists and token is not empty before trying to create.
+if test -f "$FILE"; then
+    if ! grep -q '"k8s_coredump_token": ""' $FILE; then
+        echo "Token already created, skiping account and token file creation." >>$LOG_FILE
+        exit 0
+    fi
+fi
+
+echo "Initializing k8s-coredump kubernetes ServiceAccount creation" >>$LOG_FILE
+
+# Create k8s-coredump account
+echo "Running kubectl apply" >>$LOG_FILE
+kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /etc/k8s-coredump/k8s-coredump.yaml -n kube-system >>$LOG_FILE 2>&1
+
+echo "Getting token and creating config file" >>$LOG_FILE
+
+# Create token file
+TOKEN=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system get secrets coredump-secret-token -ojsonpath='{.data.token}' | base64 -d)
+echo "TOKEN='$TOKEN'" >>$LOG_FILE
+/bin/cat <<EOM >$FILE
+{
+    "k8s_coredump_token": "$TOKEN"
+}
+EOM
--- a/utilities/stx-extensions/files/coredump-sysctl-debian.conf
+++ b/utilities/stx-extensions/files/coredump-sysctl-debian.conf
@ -13,7 +13,7 @@
 # the core dump.
 #
 # See systemd-coredump(8) and core(5).
-kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e"
+kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e

 # Allow that 16 coredumps are dispatched in parallel by the kernel. We want to
 # be able to collect process metadata from /proc/%P/ while processing