From 18010eb1d637c8ea3c9fdd9be5684f1b5ee8b23c Mon Sep 17 00:00:00 2001 From: Thiago Brito Date: Thu, 25 Mar 2021 14:55:11 -0400 Subject: [PATCH] Upversioning armada tarball to 7ef4b86 A fix landed upstream to deal with armada waiting indefinitely for evicted pods, which intermittently fails stx-openstack application. This commit upversions the tarball version to the one containing that change. Removing patches 0002 and 0003 since the commits are already on the armada code at this version. Story: 2008645 Task: 41906 Signed-off-by: Thiago Brito Change-Id: I62caf0a403a054c30b5bbfc1a3c5bc4cf73b60a6 --- centos_tarball-dl.lst | 2 +- kubernetes/armada/centos/armada.spec | 6 +-- kubernetes/armada/centos/build_srpm.data | 2 +- ...nt-initialization-using-tiller-postS.patch | 52 +++++++++++++------ ...rations-for-Helm-SQL-storage-backend.patch | 41 --------------- ...3-Adjust-security-context-armada-api.patch | 25 --------- 6 files changed, 40 insertions(+), 88 deletions(-) delete mode 100644 kubernetes/armada/centos/files/0002-Add-configurations-for-Helm-SQL-storage-backend.patch delete mode 100644 kubernetes/armada/centos/files/0003-Adjust-security-context-armada-api.patch diff --git a/centos_tarball-dl.lst b/centos_tarball-dl.lst index 7aabbc23d..ff97a3bfc 100644 --- a/centos_tarball-dl.lst +++ b/centos_tarball-dl.lst @@ -1,4 +1,4 @@ -armada-6cc6346cde888c683fec4df910ebefdf6dccb310.tar.gz#armada#https://github.com/airshipit/armada/tarball/6cc6346cde888c683fec4df910ebefdf6dccb310#http## +armada-7ef4b8643b5ec5216a8f6726841e156c0aa54a1a.tar.gz#armada#https://github.com/airshipit/armada/tarball/7ef4b8643b5ec5216a8f6726841e156c0aa54a1a#http## blkin-f24ceec055ea236a093988237a9821d145f5f7c8.tar.gz#blkin#https://api.github.com/repos/ceph/blkin/tarball/f24ceec055ea236a093988237a9821d145f5f7c8#https## boost_1_67_0.tar.bz2#boost_1_67_0#https://dl.bintray.com/boostorg/release/1.67.0/source/boost_1_67_0.tar.bz2#https## ceph-erasure-code-corpus-2d7d78b9cc52e8a9529d8cc2d2954c7d375d5dd7.tar.gz#ceph-erasure-code-corpus#https://api.github.com/repos/ceph/ceph-erasure-code-corpus/tarball/2d7d78b9cc52e8a9529d8cc2d2954c7d375d5dd7#https## diff --git a/kubernetes/armada/centos/armada.spec b/kubernetes/armada/centos/armada.spec index 7d46c5db4..d524ec7e5 100644 --- a/kubernetes/armada/centos/armada.spec +++ b/kubernetes/armada/centos/armada.spec @@ -1,4 +1,4 @@ -%global git_sha 6cc6346cde888c683fec4df910ebefdf6dccb310 +%global git_sha 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a # Build variables %global helm_folder /usr/lib/helm @@ -16,8 +16,6 @@ URL: https://airship-armada.readthedocs.io/ Source0: %{name}-%{git_sha}.tar.gz Patch1: 0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch -Patch2: 0002-Add-configurations-for-Helm-SQL-storage-backend.patch -Patch3: 0003-Adjust-security-context-armada-api.patch BuildArch: noarch @@ -31,8 +29,6 @@ BuildRequires: chartmuseum %prep %setup -n armada %patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build # Package the armada chart tarball using methodology derived from: diff --git a/kubernetes/armada/centos/build_srpm.data b/kubernetes/armada/centos/build_srpm.data index ca923cb8b..5fdb639cb 100644 --- a/kubernetes/armada/centos/build_srpm.data +++ b/kubernetes/armada/centos/build_srpm.data @@ -1,6 +1,6 @@ TAR_NAME=armada VERSION=0.2.0 -SHA=6cc6346cde888c683fec4df910ebefdf6dccb310 +SHA=7ef4b8643b5ec5216a8f6726841e156c0aa54a1a TAR="$TAR_NAME-$SHA.tar.gz" COPY_LIST="${CGCS_BASE}/downloads/$TAR $FILES_BASE/*" diff --git a/kubernetes/armada/centos/files/0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch b/kubernetes/armada/centos/files/0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch index 43fd42310..a6955e460 100644 --- a/kubernetes/armada/centos/files/0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch +++ b/kubernetes/armada/centos/files/0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch @@ -1,7 +1,8 @@ -From 6e464edeadab3b2631775326fb12e6d6e6eb1e2a Mon Sep 17 00:00:00 2001 -From: Jim Gauld -Date: Mon, 1 Jun 2020 11:36:46 -0400 -Subject: [PATCH] Add Helm v2 client initialization using tiller postStart exec +From 8c6cc4c0ad5569d7de3615463f7d8c4dd7429e63 Mon Sep 17 00:00:00 2001 +From: Thiago Brito +Date: Thu, 22 Apr 2021 20:00:51 -0300 +Subject: [PATCH] Add Helm v2 client initialization using tiller + postStart exec This adds helm v2 client initialization using the tiller container postStart exec to access helm v2 binary. @@ -28,16 +29,17 @@ starlingx http://192.168.204.1:8080/helm_charts/starlingx stx-platform http://192.168.204.1:8080/helm_charts/stx-platform Signed-off-by: Jim Gauld +Signed-off-by: Thiago Brito --- - charts/armada/templates/deployment-api.yaml | 28 ++++++++++++++++++++++++++++ - charts/armada/values.yaml | 4 ++++ - 2 files changed, 32 insertions(+) + charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++ + charts/armada/values.yaml | 10 +++++++ + 2 files changed, 43 insertions(+) diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml -index a48c8b6..ccbdb4d 100644 +index 562e3d0..483ec0b 100644 --- a/charts/armada/templates/deployment-api.yaml +++ b/charts/armada/templates/deployment-api.yaml -@@ -179,6 +179,34 @@ spec: +@@ -186,6 +186,39 @@ spec: - -trace {{- end }} lifecycle: @@ -54,8 +56,14 @@ index a48c8b6..ccbdb4d 100644 + # Initialize Helm v2 client. + export HELM_HOST=:{{ .Values.conf.tiller.port }} + /helm init --client-only --skip-refresh -+ /helm repo rm stable -+ /helm repo rm local ++ ++ # Moving the ln up so eventual errors on the next commands doesn't prevent ++ # having helm available ++ ln -s -f /helm /tmp/helm ++ ++ # Removes all repos available so we don't get an error removing what ++ # doesn't exist anymore or error re-adding an existing repo ++ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm +{{- if .Values.conf.tiller.repos }} + {{- range $name, $repo := .Values.conf.tiller.repos }} + /helm repo add {{ $name }} {{ $repo }} @@ -66,17 +74,16 @@ index a48c8b6..ccbdb4d 100644 + /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }} + {{- end }} +{{- end }} -+ ln -s -f /helm /tmp/helm + exit 0 + EOF preStop: exec: command: diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml -index 4c1e603..fb3e5c2 100644 +index 3a4427e..da45810 100644 --- a/charts/armada/values.yaml +++ b/charts/armada/values.yaml -@@ -217,6 +217,10 @@ conf: +@@ -220,6 +220,10 @@ conf: # Note: Defaulting to the (default) kubernetes grace period, as anything # greater than that will have no effect. prestop_sleep: 30 @@ -87,6 +94,21 @@ index 4c1e603..fb3e5c2 100644 monitoring: prometheus: +@@ -325,7 +329,13 @@ pod: + volumes: + - name: kubernetes-client-cache + emptyDir: {} ++ - name: tiller-tmp ++ emptyDir: {} + volumeMounts: ++ - name: tiller-tmp ++ # /tmp is now readOnly due to the security_context on L288, so ++ # mounting an emptyDir ++ mountPath: /tmp + - name: kubernetes-client-cache + # Should be the `$HOME/.kube` of the `runAsUser` above + # as this is where tiller's kubernetes client roots its cache dir. -- -1.8.3.1 +2.17.1 + diff --git a/kubernetes/armada/centos/files/0002-Add-configurations-for-Helm-SQL-storage-backend.patch b/kubernetes/armada/centos/files/0002-Add-configurations-for-Helm-SQL-storage-backend.patch deleted file mode 100644 index 94e9884c4..000000000 --- a/kubernetes/armada/centos/files/0002-Add-configurations-for-Helm-SQL-storage-backend.patch +++ /dev/null @@ -1,41 +0,0 @@ -From fa1ab71ca74d7b77cac6228ae6ab8d8d310e997e Mon Sep 17 00:00:00 2001 -From: Angie Wang -Date: Mon, 28 Sep 2020 11:19:46 -0400 -Subject: [PATCH 1/1] Add configurations for Helm SQL storage backend - ---- - charts/armada/templates/deployment-api.yaml | 4 ++++ - charts/armada/values.yaml | 2 ++ - 2 files changed, 6 insertions(+) - -diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml -index ccbdb4d..eca4543 100644 ---- a/charts/armada/templates/deployment-api.yaml -+++ b/charts/armada/templates/deployment-api.yaml -@@ -167,6 +167,10 @@ spec: - - /tiller - {{- if .Values.conf.tiller.storage }} - - --storage={{ .Values.conf.tiller.storage }} -+{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }} -+ - --sql-dialect={{ .Values.conf.tiller.sql_dialect }} -+ - --sql-connection-string={{ .Values.conf.tiller.sql_connection }} -+{{- end }} - {{- end }} - - -listen - - ":{{ .Values.conf.tiller.port }}" -diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml -index fb3e5c2..5a61c96 100644 ---- a/charts/armada/values.yaml -+++ b/charts/armada/values.yaml -@@ -211,6 +211,8 @@ conf: - verbosity: 5 - trace: false - storage: null -+ sql_dialect: postgres -+ sql_connection: null - namespace: kube-system - # Limit the maximum number of revisions saved per release. 0 for no limit. - history_max: 0 --- -1.8.3.1 - diff --git a/kubernetes/armada/centos/files/0003-Adjust-security-context-armada-api.patch b/kubernetes/armada/centos/files/0003-Adjust-security-context-armada-api.patch deleted file mode 100644 index ec520afd3..000000000 --- a/kubernetes/armada/centos/files/0003-Adjust-security-context-armada-api.patch +++ /dev/null @@ -1,25 +0,0 @@ -From b6245bf904a6efbd2096de9d6530f84a6c9eb914 Mon Sep 17 00:00:00 2001 -From: Marcus Secato -Date: Wed, 7 Apr 2021 16:20:17 -0400 -Subject: [PATCH] Add security context to pod and containers - ---- - charts/armada/values.yaml | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml -index 5a61c96..e4dc801 100644 ---- a/charts/armada/values.yaml -+++ b/charts/armada/values.yaml -@@ -269,7 +269,7 @@ pod: - security_context: - armada: - pod: -- runAsUser: 65534 -+ runAsUser: 1000 - container: - armada_api_init: - readOnlyRootFilesystem: true --- -2.29.2 -