Fix kernel.core_pattern and add script for token creation

Remove trailing double quotes from k8s-coredump-handler debian kernel.core_pattern and add a shell script that creates the k8s-coredump token that will be used by the upgrade procedure on a Standard System. Test Plan: PASS: Install and bootstrap system for a Standard configuration. PASS: Verify if kernel.core_pattern is not with a trailing double quote. PASS: Install standard 22.06, upgrade to 22.12 and verify if token is created correctly on all nodes. Regression: PASS: After bootstrap, create and crash a pod with annotations configured and verify if coredump is generated on pod namespace on each node. PASS: After bootstrap, crash a non k8s application and verify that the coredump is generated as previously (by systemd-coredump) on each node. Closes-bug: 1996054 Signed-off-by: Heron Vieira <heron.vieira@windriver.com> Change-Id: I8b2e8fdefe093f4c3cdf12c65910e16f0fd7a351
2022-11-09 10:15:50 -03:00 · 2022-11-09 10:15:50 -03:00 · b546241086
parent 5a653a9e4b
commit b546241086
3 changed files with 23 additions and 1 deletions
--- a/utilities/k8s-coredump/debian/deb_folder/rules
+++ b/utilities/k8s-coredump/debian/deb_folder/rules
@ -17,4 +17,5 @@ override_dh_install:

 	install -d -m 755 $(ETC_K8S_DIR)
 	install -p -D -m 644 files/k8s-coredump.yaml $(ETC_K8S_DIR)
+	install -p -D -m 644 files/create-k8s-account.sh $(ETC_K8S_DIR)
 	dh_install
--- a/utilities/k8s-coredump/files/create-k8s-account.sh
+++ b/utilities/k8s-coredump/files/create-k8s-account.sh
@ -0,0 +1,21 @@
+#! /bin/bash
+
+LOG_FILE="/var/log/k8s-account-creation-script.log"
+FILE="/etc/k8s-coredump-conf.json"
+
+echo "Initializing k8s-coredump kubernetes ServiceAccount creation" >$LOG_FILE
+
+# Create k8s-coredump account
+echo "Running kubectl apply" >$LOG_FILE
+kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /etc/k8s-coredump/k8s-coredump.yaml -n kube-system >$LOG_FILE 2>&1
+
+echo "Getting token and creating config file" >$LOG_FILE
+
+# Create token file
+TOKEN=$(kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system get secrets coredump-secret-token -ojsonpath='{.data.token}' | base64 -d)
+echo "TOKEN='$TOKEN'" >$LOG_FILE
+/bin/cat <<EOM >$FILE
+{
+    "k8s_coredump_token": "$TOKEN"
+}
+EOM
--- a/utilities/stx-extensions/files/coredump-sysctl-debian.conf
+++ b/utilities/stx-extensions/files/coredump-sysctl-debian.conf
@ -13,7 +13,7 @@
 # the core dump.
 #
 # See systemd-coredump(8) and core(5).
-kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e"
+kernel.core_pattern=|/usr/bin/k8s-coredump %P %u %g %s %t 9223372036854775808 %h %e

 # Allow that 16 coredumps are dispatched in parallel by the kernel. We want to
 # be able to collect process metadata from /proc/%P/ while processing