From 1dc658483af00a4141f50b540cd40a7d67a8140b Mon Sep 17 00:00:00 2001 From: Heron Vieira Date: Wed, 9 Nov 2022 10:15:50 -0300 Subject: [PATCH] Fix core_pattern and add token creation script Remove trailing double quotes from k8s-coredump-handler debian kernel.core_pattern and add a shell script that creates the k8s-coredump token that will be used by the upgrade procedure on a Standard System. Test Plan: PASS: Install and bootstrap system for a Standard configuration. PASS: Verify if kernel.core_pattern is not with a trailing double quote. PASS: Install standard 22.06, upgrade to 22.12 and verify if token is created correctly on all nodes. Regression: PASS: After bootstrap, create and crash a pod with annotations configured and verify if coredump is generated on pod namespace on each node. PASS: After bootstrap, crash a non k8s application and verify that the coredump is generated as previously (by systemd-coredump) on each node. Closes-bug: 1996054 Signed-off-by: Heron Vieira Change-Id: I8b2e8fdefe093f4c3cdf12c65910e16f0fd7a351 --- .../k8s-coredump/debian/deb_folder/rules | 1 + .../k8s-coredump/files/create-k8s-account.sh | 29 +++++++++++++++++++ .../files/coredump-sysctl-debian.conf | 2 +- 3 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 utilities/k8s-coredump/files/create-k8s-account.sh diff --git a/utilities/k8s-coredump/debian/deb_folder/rules b/utilities/k8s-coredump/debian/deb_folder/rules index eb023ba3..cb5da7f2 100755 --- a/utilities/k8s-coredump/debian/deb_folder/rules +++ b/utilities/k8s-coredump/debian/deb_folder/rules @@ -17,4 +17,5 @@ override_dh_install: install -d -m 755 $(ETC_K8S_DIR) install -p -D -m 644 files/k8s-coredump.yaml $(ETC_K8S_DIR) + install -p -D -m 644 files/create-k8s-account.sh $(ETC_K8S_DIR) dh_install diff --git a/utilities/k8s-coredump/files/create-k8s-account.sh b/utilities/k8s-coredump/files/create-k8s-account.sh new file mode 100644 index 00000000..ce29e056 --- /dev/null +++ b/utilities/k8s-coredump/files/create-k8s-account.sh @@ -0,0 +1,29 @@ +#! /bin/bash + +LOG_FILE="/var/log/k8s-account-creation-script.log" +FILE="/etc/k8s-coredump-conf.json" + +# Check if file exists and token is not empty before trying to create. +if test -f "$FILE"; then + if ! grep -q '"k8s_coredump_token": ""' $FILE; then + echo "Token already created, skiping account and token file creation." >>$LOG_FILE + exit 0 + fi +fi + +echo "Initializing k8s-coredump kubernetes ServiceAccount creation" >>$LOG_FILE + +# Create k8s-coredump account +echo "Running kubectl apply" >>$LOG_FILE +kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /etc/k8s-coredump/k8s-coredump.yaml -n kube-system >>$LOG_FILE 2>&1 + +echo "Getting token and creating config file" >>$LOG_FILE + +# Create token file +TOKEN=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system get secrets coredump-secret-token -ojsonpath='{.data.token}' | base64 -d) +echo "TOKEN='$TOKEN'" >>$LOG_FILE +/bin/cat <$FILE +{ + "k8s_coredump_token": "$TOKEN" +} +EOM diff --git a/utilities/stx-extensions/files/coredump-sysctl-debian.conf b/utilities/stx-extensions/files/coredump-sysctl-debian.conf index 929e415c..90d6262e 100644 --- a/utilities/stx-extensions/files/coredump-sysctl-debian.conf +++ b/utilities/stx-extensions/files/coredump-sysctl-debian.conf @@ -13,7 +13,7 @@ # the core dump. # # See systemd-coredump(8) and core(5). -kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e" +kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e # Allow that 16 coredumps are dispatched in parallel by the kernel. We want to # be able to collect process metadata from /proc/%P/ while processing