Remove Armada related packages from stx build
As part of the efforts to fully deprecate Armada, this commit removes two packages from the StarlingX build: "armada" and "armada-helm-toolkit". In addition, it also removes the helmv2-cli script from the Helm package since helmv2 is also deprecated. Test Plan: PASS: build-pkgs --clean --all PASS: AIO-SX install PASS: AIO-SX upgrade from stx-8 Story: 2010560 Task: 48705 Change-Id: I9986a16ec23057d660cc1834d7f1c5b26564866f Signed-off-by: Igor Soares <Igor.PiresSoares@windriver.com>
This commit is contained in:
parent
5ad7850d3c
commit
7471413e24
@ -1,8 +1,5 @@
|
|||||||
# List of packages to be included/installed in ISO
|
# List of packages to be included/installed in ISO
|
||||||
|
|
||||||
#armada
|
|
||||||
armada
|
|
||||||
|
|
||||||
#base-passwd
|
#base-passwd
|
||||||
base-passwd
|
base-passwd
|
||||||
|
|
||||||
|
@ -52,8 +52,6 @@ golang-github-dev/golang-github-networkplumbing-go-nft-dev
|
|||||||
grub/grub-efi
|
grub/grub-efi
|
||||||
grub/grub2
|
grub/grub2
|
||||||
grub/grubby
|
grub/grubby
|
||||||
kubernetes/armada
|
|
||||||
kubernetes/armada-helm-toolkit
|
|
||||||
kubernetes/chartmuseum
|
kubernetes/chartmuseum
|
||||||
kubernetes/cni/bond-cni
|
kubernetes/cni/bond-cni
|
||||||
kubernetes/cni/plugins
|
kubernetes/cni/plugins
|
||||||
|
@ -1,2 +1 @@
|
|||||||
kubernetes/armada
|
|
||||||
#kubernetes/plugins/intel-device-plugin
|
#kubernetes/plugins/intel-device-plugin
|
||||||
|
@ -1,8 +0,0 @@
|
|||||||
This repo is for https://github.com/openstack/openstack-helm-infra
|
|
||||||
|
|
||||||
Changes to this repo are needed for StarlingX and those changes are
|
|
||||||
not yet merged.
|
|
||||||
Rather than clone and diverge the repo, the repo is extracted at a particular
|
|
||||||
git SHA, and patches are applied on top.
|
|
||||||
|
|
||||||
As those patches are merged, the SHA can be updated and the local patches removed.
|
|
@ -1,65 +0,0 @@
|
|||||||
%global src_name openstack-helm-infra
|
|
||||||
%global sha c9d6676bf9a5aceb311dc31dadd07cba6a3d6392
|
|
||||||
%global helm_folder /usr/lib/helm
|
|
||||||
|
|
||||||
Summary: Openstack-Helm-Infra helm-toolkit chart
|
|
||||||
Name: armada-helm-toolkit
|
|
||||||
Version: 1.0
|
|
||||||
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: Wind River <info@windriver.com>
|
|
||||||
URL: https://github.com/openstack/openstack-helm-infra
|
|
||||||
|
|
||||||
Source0: %{src_name}-%{sha}.tar.gz
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
|
|
||||||
# Note patches 0003, 0005, 0007 through 0013 do not apply to helm-toolkit
|
|
||||||
Patch01: 0001-Allow-multiple-containers-per-daemonset-pod.patch
|
|
||||||
Patch02: 0002-Add-imagePullSecrets-in-service-account.patch
|
|
||||||
Patch04: 0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
|
||||||
Patch06: 0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
|
||||||
Patch07: 0007-Update-apiVersion-to-networking.k8s.io.patch
|
|
||||||
Patch08: 0008-Update-apiVersion-authorization-to-v1.patch
|
|
||||||
|
|
||||||
BuildRequires: helm
|
|
||||||
BuildRequires: chartmuseum
|
|
||||||
|
|
||||||
%description
|
|
||||||
Openstack Helm Infra helm-toolkit chart
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup -n openstack-helm-infra
|
|
||||||
%patch01 -p1
|
|
||||||
%patch02 -p1
|
|
||||||
%patch04 -p1
|
|
||||||
%patch06 -p1
|
|
||||||
%patch07 -p1
|
|
||||||
%patch08 -p1
|
|
||||||
|
|
||||||
|
|
||||||
%build
|
|
||||||
# Host a server for the charts
|
|
||||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
|
|
||||||
sleep 2
|
|
||||||
helm repo add local http://localhost:8879/charts
|
|
||||||
|
|
||||||
# Make the charts. These produce tgz files
|
|
||||||
make helm-toolkit
|
|
||||||
# Both armada-helm-toolkit and openstack-helm-infra provide the same
|
|
||||||
# helm-toolkit tarball filename. Rename files with 'armada-' prefix
|
|
||||||
# to prevent 'Transaction check error'.
|
|
||||||
for filename in *.tgz; do mv -v "$filename" "armada-$filename"; done
|
|
||||||
|
|
||||||
# terminate helm server (the last backgrounded task)
|
|
||||||
kill %1
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder}
|
|
||||||
install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder}
|
|
||||||
|
|
||||||
%files
|
|
||||||
%dir %attr(0755,root,root) %{helm_folder}
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
%{helm_folder}/*
|
|
@ -1,11 +0,0 @@
|
|||||||
# NOTE: This package and version is identical to
|
|
||||||
# stx/openstack-armada-app/openstack-helm-infra .
|
|
||||||
# This decouples distro build of armada chart from flock.
|
|
||||||
TAR_NAME=openstack-helm-infra
|
|
||||||
SHA=c9d6676bf9a5aceb311dc31dadd07cba6a3d6392
|
|
||||||
VERSION=1.0.0
|
|
||||||
TAR="$TAR_NAME-$SHA.tar.gz"
|
|
||||||
|
|
||||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/*"
|
|
||||||
|
|
||||||
TIS_PATCH_VER=PKG_GITREVCOUNT
|
|
@ -1 +0,0 @@
|
|||||||
armada-helm-toolkit source: file-without-copyright-information
|
|
@ -1,5 +0,0 @@
|
|||||||
armada-helm-toolkit (1.0-1) unstable; urgency=medium
|
|
||||||
|
|
||||||
* Initial release.
|
|
||||||
|
|
||||||
-- Daniel Safta <daniel.safta@windriver.com> Thu, 04 Nov 2021 14:00:42 +0000
|
|
@ -1,13 +0,0 @@
|
|||||||
Source: armada-helm-toolkit
|
|
||||||
Section: admin
|
|
||||||
Priority: optional
|
|
||||||
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
|
||||||
Build-Depends: debhelper-compat (= 13), helm, chartmuseum, procps
|
|
||||||
Standards-Version: 4.4.1
|
|
||||||
Homepage: https://www.starlingx.io
|
|
||||||
|
|
||||||
Package: armada-helm-toolkit
|
|
||||||
Architecture: any
|
|
||||||
Depends: ${misc:Depends}, ${shlibs:Depends}
|
|
||||||
Description: Openstack-Helm-Infra helm-toolkit chart.
|
|
||||||
helm-toolkit used in building armada.
|
|
@ -1,29 +0,0 @@
|
|||||||
|
|
||||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
|
||||||
Upstream-Name: openstack-helm-infra
|
|
||||||
Source: https://github.com/openstack/openstack-helm-infra
|
|
||||||
Files: *
|
|
||||||
Copyright: (c) 2013-2021 Wind River Systems, Inc
|
|
||||||
License: Apache-2
|
|
||||||
|
|
||||||
# If you want to use GPL v2 or later for the /debian/* files use
|
|
||||||
# the following clauses, or change it to suit. Delete these two lines
|
|
||||||
Files: debian/*
|
|
||||||
Copyright: 2021 Wind River Systems, Inc
|
|
||||||
License: Apache-2
|
|
||||||
|
|
||||||
License: Apache-2
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
.
|
|
||||||
https://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
.
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
.
|
|
||||||
On Debian-based systems the full text of the Apache version 2.0 license
|
|
||||||
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
|
@ -1,23 +0,0 @@
|
|||||||
#!/usr/bin/make -f
|
|
||||||
|
|
||||||
export ROOT = debian/armada-helm-toolkit
|
|
||||||
export APP_FOLDER = $(ROOT)/usr/lib/helm
|
|
||||||
export APP_NAME = armada-helm-toolkit
|
|
||||||
|
|
||||||
%:
|
|
||||||
dh $@
|
|
||||||
|
|
||||||
override_dh_auto_build:
|
|
||||||
# Host a server for the charts
|
|
||||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
|
|
||||||
sleep 2
|
|
||||||
helm repo add local http://localhost:8879/charts
|
|
||||||
# Make the charts. These produce tgz files
|
|
||||||
make helm-toolkit
|
|
||||||
pkill chartmuseum
|
|
||||||
|
|
||||||
|
|
||||||
override_dh_auto_install:
|
|
||||||
# Install the app tar file.
|
|
||||||
install -d -m 755 $(APP_FOLDER)
|
|
||||||
install -p -D -m 755 helm-toolkit-0.1.0.tgz $(APP_FOLDER)/armada-helm-toolkit-0.1.0.tgz
|
|
@ -1 +0,0 @@
|
|||||||
3.0 (quilt)
|
|
@ -1 +0,0 @@
|
|||||||
extend-diff-ignore = "^[^/]*[.]egg-info/"
|
|
@ -1,13 +0,0 @@
|
|||||||
---
|
|
||||||
debname: armada-helm-toolkit
|
|
||||||
debver: 1.0-1
|
|
||||||
dl_path:
|
|
||||||
name: openstack-helm-infra-c9d6676bf9a5aceb311dc31dadd07cba6a3d6392.tar.gz
|
|
||||||
url: https://github.com/openstack/openstack-helm-infra/archive/c9d6676bf9a5aceb311dc31dadd07cba6a3d6392.tar.gz
|
|
||||||
md5sum: 6b4ad40b343c346ee54443337edd2be3
|
|
||||||
sha256sum: e3c9899489b17305dd324ad1fe78df4752eb0fe5c622abba31e67f50bdca378c
|
|
||||||
revision:
|
|
||||||
dist: $STX_DIST
|
|
||||||
GITREVCOUNT:
|
|
||||||
BASE_SRCREV: db16f48a952e3c5da8b2efea7acc723107b2c0a2
|
|
||||||
SRC_DIR: ${MY_REPO}/stx/integ/kubernetes/armada-helm-toolkit
|
|
@ -1,40 +0,0 @@
|
|||||||
From 47315e28d44cff586f6fff026dd00e61c2c77bcd Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
|
||||||
Date: Wed, 9 Jan 2019 20:11:33 -0500
|
|
||||||
Subject: [PATCH 1/4] Allow multiple containers per daemonset pod
|
|
||||||
|
|
||||||
Remove code that restricted daemonset pods to single containers.
|
|
||||||
Container names will default to name from helm chart template.
|
|
||||||
Required for nova cold migrations to work.
|
|
||||||
|
|
||||||
Story: 2003876
|
|
||||||
Task: 26735
|
|
||||||
Change-Id: Icce660415d43baefbbf768a785c5dedf04ea2930
|
|
||||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
|
||||||
(cherry picked from commit 7ca30319f418cd39db5ecf44cce5fb5fe39c458e)
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 7 -------
|
|
||||||
1 file changed, 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index e352bc9..10ab166 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -225,13 +225,6 @@ limitations under the License.
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
|
|
||||||
{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
|
|
||||||
|
|
||||||
- {{/* set container name
|
|
||||||
- assume not more than one container is defined */}}
|
|
||||||
- {{- $container := first $context.Values.__daemonset_yaml.spec.template.spec.containers }}
|
|
||||||
- {{- $_ := set $container "name" $current_dict.dns_1123_name }}
|
|
||||||
- {{- $cont_list := list $container }}
|
|
||||||
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "containers" $cont_list }}
|
|
||||||
-
|
|
||||||
{{/* cross-reference configmap name to container volume definitions */}}
|
|
||||||
{{- $_ := set $context.Values "__volume_list" list }}
|
|
||||||
{{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,26 +0,0 @@
|
|||||||
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Angie Wang <angie.wang@windriver.com>
|
|
||||||
Date: Mon, 11 Feb 2019 11:29:03 -0500
|
|
||||||
Subject: [PATCH 2/4] Add imagePullSecrets in service account
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
index b4cf1a6..2f4113b 100644
|
|
||||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
@@ -44,6 +44,8 @@ kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: {{ $saName }}
|
|
||||||
namespace: {{ $saNamespace }}
|
|
||||||
+imagePullSecrets:
|
|
||||||
+ - name: default-registry-key
|
|
||||||
{{- range $k, $v := $deps -}}
|
|
||||||
{{- if eq $k "services" }}
|
|
||||||
{{- range $serv := $v }}
|
|
||||||
--
|
|
||||||
2.16.5
|
|
||||||
|
|
@ -1,65 +0,0 @@
|
|||||||
From b3829fef30e76fdf498fa1d0d35185f642dce5f6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Mon, 8 Apr 2019 02:12:39 -0400
|
|
||||||
Subject: [PATCH 4/4] Partial revert of
|
|
||||||
31e3469d28858d7b5eb6355e88b6f49fd62032be
|
|
||||||
|
|
||||||
Suspect that new use of mergeOverwrite vs. merge is breaking the
|
|
||||||
per-host DaemonSet overrides.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
|
|
||||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index 10ab166..ab1177a 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -49,10 +49,10 @@ limitations under the License.
|
|
||||||
{{- $override_conf_copy := $host_data.conf }}
|
|
||||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
|
||||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
|
||||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
|
||||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -89,10 +89,10 @@ limitations under the License.
|
|
||||||
{{- $override_conf_copy := $label_data.conf }}
|
|
||||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
|
||||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
|
||||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
|
||||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -187,7 +187,7 @@ limitations under the License.
|
|
||||||
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
|
|
||||||
{{- $context_values := omit $context.Values "conf" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -198,7 +198,7 @@ limitations under the License.
|
|
||||||
{{- range $current_dict := $context.Values.__daemonset_list }}
|
|
||||||
|
|
||||||
{{- $context_novalues := omit $context "Values" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
|
|
||||||
+ {{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
|
|
||||||
{{- $_ := set $current_dict "nodeData" $merged_dict }}
|
|
||||||
{{/* Deep copy original daemonset_yaml */}}
|
|
||||||
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From 326fcd76f54d7c099f4c3da6c31eefe0eef2e236 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Ovidiu Poncea <ovidiu.poncea@windriver.com>
|
|
||||||
Date: Mon, 29 Jul 2019 08:00:01 -0400
|
|
||||||
Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
|
|
||||||
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 4 ++--
|
|
||||||
helm-toolkit/templates/utils/_hash.tpl | 2 +-
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index ab1177a..e564869 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -215,7 +215,7 @@ limitations under the License.
|
|
||||||
name uniqueness */}}
|
|
||||||
{{- $_ := set $current_dict "dns_1123_name" dict }}
|
|
||||||
{{- if hasKey $current_dict "matchExpressions" }}
|
|
||||||
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
|
|
||||||
+ {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | toJson | sha256sum | trunc 8))) }}
|
|
||||||
{{- else }}
|
|
||||||
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -258,7 +258,7 @@ limitations under the License.
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
|
|
||||||
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
|
|
||||||
- {{- $values_hash := $cmap | quote | sha256sum }}
|
|
||||||
+ {{- $values_hash := $cmap | toJson | sha256sum }}
|
|
||||||
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
|
|
||||||
|
|
||||||
{{/* generate configmap */}}
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
index 1041ec0..e419e3b 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
@@ -19,5 +19,5 @@ limitations under the License.
|
|
||||||
{{- $context := index . 1 -}}
|
|
||||||
{{- $last := base $context.Template.Name }}
|
|
||||||
{{- $wtf := $context.Template.Name | replace $last $name -}}
|
|
||||||
-{{- include $wtf $context | sha256sum | quote -}}
|
|
||||||
+{{- include $wtf $context | toJson | sha256sum | quote -}}
|
|
||||||
{{- end -}}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,219 +0,0 @@
|
|||||||
From 751dff849dfcd9d68ba065571dc8251dbfc16cb2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
Date: Wed, 2 Feb 2022 12:07:18 +0000
|
|
||||||
Subject: [PATCH 1/2] Update apiVersion to networking.k8s.io/v1
|
|
||||||
|
|
||||||
These are the changes needed to upgrade
|
|
||||||
the apiVersion in the resources used by armada.
|
|
||||||
This is a subset of the upstream commit:
|
|
||||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
|
||||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/manifests/_ingress.tpl | 75 +++++++++++++------
|
|
||||||
ingress/templates/ingress.yaml | 14 +++-
|
|
||||||
2 files changed, 62 insertions(+), 27 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
index f0c37fd..5c54c34 100644
|
|
||||||
--- a/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
@@ -64,7 +64,7 @@ examples:
|
|
||||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
|
||||||
return: |
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican
|
|
||||||
@@ -78,25 +78,34 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default.svc.cluster.local
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican-namespace-fqdn
|
|
||||||
@@ -114,11 +123,14 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican-cluster-fqdn
|
|
||||||
@@ -136,9 +148,12 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- values: |
|
|
||||||
network:
|
|
||||||
api:
|
|
||||||
@@ -184,7 +199,7 @@ examples:
|
|
||||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
|
||||||
return: |
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican
|
|
||||||
@@ -204,23 +219,32 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default.svc.cluster.local
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
*/}}
|
|
||||||
|
|
||||||
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
|
||||||
@@ -231,9 +255,12 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: {{ $backendName }}
|
|
||||||
- servicePort: {{ $backendPort }}
|
|
||||||
+ service:
|
|
||||||
+ name: {{ $backendName }}
|
|
||||||
+ port:
|
|
||||||
+ name: {{ $backendPort }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "helm-toolkit.manifests.ingress" -}}
|
|
||||||
@@ -247,7 +274,7 @@ examples:
|
|
||||||
{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ $ingressName }}
|
|
||||||
@@ -282,7 +309,7 @@ spec:
|
|
||||||
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
|
||||||
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
|
|
||||||
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
|
|
||||||
index 16ebaab..10ffac7 100644
|
|
||||||
--- a/ingress/templates/ingress.yaml
|
|
||||||
+++ b/ingress/templates/ingress.yaml
|
|
||||||
@@ -21,7 +21,7 @@ limitations under the License.
|
|
||||||
{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
|
|
||||||
{{- end -}}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ .Release.Namespace }}-{{ .Release.Name }}
|
|
||||||
@@ -33,8 +33,16 @@ spec:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
|
||||||
+ service:
|
|
||||||
+ name: {{ $serviceName }}
|
|
||||||
+ port:
|
|
||||||
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
|
|
||||||
+ number: {{ $servicePort | int }}
|
|
||||||
+{{- else }}
|
|
||||||
+ name: {{ $servicePort | quote }}
|
|
||||||
+{{- end }}
|
|
||||||
+
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
|||||||
From d5d3e40baedaba10335bc2f0ea801e9118e05d1c Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
Date: Wed, 2 Feb 2022 12:07:51 +0000
|
|
||||||
Subject: [PATCH 2/2] Update apiVersion authorization to v1
|
|
||||||
|
|
||||||
These are the changes needed to upgrade
|
|
||||||
the apiVersion in the resources used by armada.
|
|
||||||
This is a subset of the upstream commit:
|
|
||||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
|
||||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
---
|
|
||||||
.../templates/snippets/_kubernetes_pod_rbac_roles.tpl | 4 ++--
|
|
||||||
podsecuritypolicy/templates/podsecuritypolicy.yaml | 2 +-
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
index f9f48ef..44a31fd 100644
|
|
||||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
@@ -21,7 +21,7 @@ limitations under the License.
|
|
||||||
{{- $saNamespace := index . 3 -}}
|
|
||||||
{{- $releaseName := $envAll.Release.Name }}
|
|
||||||
---
|
|
||||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
||||||
+apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ $releaseName }}-{{ $saName }}
|
|
||||||
@@ -35,7 +35,7 @@ subjects:
|
|
||||||
name: {{ $saName }}
|
|
||||||
namespace: {{ $saNamespace }}
|
|
||||||
---
|
|
||||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
||||||
+apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
|
|
||||||
diff --git a/podsecuritypolicy/templates/podsecuritypolicy.yaml b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
index 741c9a8..9e22c6e 100644
|
|
||||||
--- a/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
+++ b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
@@ -20,7 +20,7 @@ limitations under the License.
|
|
||||||
{{/* Create one ClusterRole and PSP per PSP definition in values */}}
|
|
||||||
{{- range $pspName, $pspDetails := .Values.data }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: policy/v1beta1
|
|
||||||
kind: PodSecurityPolicy
|
|
||||||
metadata:
|
|
||||||
name: {{ $pspName }}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,6 +0,0 @@
|
|||||||
0001-Allow-multiple-containers-per-daemonset-pod.patch
|
|
||||||
0002-Add-imagePullSecrets-in-service-account.patch
|
|
||||||
0004-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
|
||||||
0006-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
|
||||||
0007-Update-apiVersion-to-networking.k8s.io.patch
|
|
||||||
0008-Update-apiVersion-authorization-to-v1.patch
|
|
@ -1,40 +0,0 @@
|
|||||||
From 47315e28d44cff586f6fff026dd00e61c2c77bcd Mon Sep 17 00:00:00 2001
|
|
||||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
|
||||||
Date: Wed, 9 Jan 2019 20:11:33 -0500
|
|
||||||
Subject: [PATCH 1/4] Allow multiple containers per daemonset pod
|
|
||||||
|
|
||||||
Remove code that restricted daemonset pods to single containers.
|
|
||||||
Container names will default to name from helm chart template.
|
|
||||||
Required for nova cold migrations to work.
|
|
||||||
|
|
||||||
Story: 2003876
|
|
||||||
Task: 26735
|
|
||||||
Change-Id: Icce660415d43baefbbf768a785c5dedf04ea2930
|
|
||||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
|
||||||
(cherry picked from commit 7ca30319f418cd39db5ecf44cce5fb5fe39c458e)
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 7 -------
|
|
||||||
1 file changed, 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index e352bc9..10ab166 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -225,13 +225,6 @@ limitations under the License.
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
|
|
||||||
{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
|
|
||||||
|
|
||||||
- {{/* set container name
|
|
||||||
- assume not more than one container is defined */}}
|
|
||||||
- {{- $container := first $context.Values.__daemonset_yaml.spec.template.spec.containers }}
|
|
||||||
- {{- $_ := set $container "name" $current_dict.dns_1123_name }}
|
|
||||||
- {{- $cont_list := list $container }}
|
|
||||||
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "containers" $cont_list }}
|
|
||||||
-
|
|
||||||
{{/* cross-reference configmap name to container volume definitions */}}
|
|
||||||
{{- $_ := set $context.Values "__volume_list" list }}
|
|
||||||
{{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,26 +0,0 @@
|
|||||||
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Angie Wang <angie.wang@windriver.com>
|
|
||||||
Date: Mon, 11 Feb 2019 11:29:03 -0500
|
|
||||||
Subject: [PATCH 2/4] Add imagePullSecrets in service account
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
|
|
||||||
1 file changed, 2 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
index b4cf1a6..2f4113b 100644
|
|
||||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
|
||||||
@@ -44,6 +44,8 @@ kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: {{ $saName }}
|
|
||||||
namespace: {{ $saNamespace }}
|
|
||||||
+imagePullSecrets:
|
|
||||||
+ - name: default-registry-key
|
|
||||||
{{- range $k, $v := $deps -}}
|
|
||||||
{{- if eq $k "services" }}
|
|
||||||
{{- range $serv := $v }}
|
|
||||||
--
|
|
||||||
2.16.5
|
|
||||||
|
|
@ -1,65 +0,0 @@
|
|||||||
From b3829fef30e76fdf498fa1d0d35185f642dce5f6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Mon, 8 Apr 2019 02:12:39 -0400
|
|
||||||
Subject: [PATCH 4/4] Partial revert of
|
|
||||||
31e3469d28858d7b5eb6355e88b6f49fd62032be
|
|
||||||
|
|
||||||
Suspect that new use of mergeOverwrite vs. merge is breaking the
|
|
||||||
per-host DaemonSet overrides.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
|
|
||||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index 10ab166..ab1177a 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -49,10 +49,10 @@ limitations under the License.
|
|
||||||
{{- $override_conf_copy := $host_data.conf }}
|
|
||||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
|
||||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
|
||||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
|
||||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -89,10 +89,10 @@ limitations under the License.
|
|
||||||
{{- $override_conf_copy := $label_data.conf }}
|
|
||||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
|
||||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
|
||||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
|
||||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -187,7 +187,7 @@ limitations under the License.
|
|
||||||
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
|
|
||||||
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
|
|
||||||
{{- $context_values := omit $context.Values "conf" }}
|
|
||||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
|
||||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
|
||||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
|
||||||
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
|
|
||||||
|
|
||||||
@@ -198,7 +198,7 @@ limitations under the License.
|
|
||||||
{{- range $current_dict := $context.Values.__daemonset_list }}
|
|
||||||
|
|
||||||
{{- $context_novalues := omit $context "Values" }}
|
|
||||||
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
|
|
||||||
+ {{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
|
|
||||||
{{- $_ := set $current_dict "nodeData" $merged_dict }}
|
|
||||||
{{/* Deep copy original daemonset_yaml */}}
|
|
||||||
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,46 +0,0 @@
|
|||||||
From 326fcd76f54d7c099f4c3da6c31eefe0eef2e236 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Ovidiu Poncea <ovidiu.poncea@windriver.com>
|
|
||||||
Date: Mon, 29 Jul 2019 08:00:01 -0400
|
|
||||||
Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
|
|
||||||
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 4 ++--
|
|
||||||
helm-toolkit/templates/utils/_hash.tpl | 2 +-
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
index ab1177a..e564869 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
|
||||||
@@ -215,7 +215,7 @@ limitations under the License.
|
|
||||||
name uniqueness */}}
|
|
||||||
{{- $_ := set $current_dict "dns_1123_name" dict }}
|
|
||||||
{{- if hasKey $current_dict "matchExpressions" }}
|
|
||||||
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
|
|
||||||
+ {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | toJson | sha256sum | trunc 8))) }}
|
|
||||||
{{- else }}
|
|
||||||
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
|
|
||||||
{{- end }}
|
|
||||||
@@ -258,7 +258,7 @@ limitations under the License.
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
|
|
||||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
|
|
||||||
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
|
|
||||||
- {{- $values_hash := $cmap | quote | sha256sum }}
|
|
||||||
+ {{- $values_hash := $cmap | toJson | sha256sum }}
|
|
||||||
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
|
|
||||||
|
|
||||||
{{/* generate configmap */}}
|
|
||||||
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
index 1041ec0..e419e3b 100644
|
|
||||||
--- a/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
+++ b/helm-toolkit/templates/utils/_hash.tpl
|
|
||||||
@@ -19,5 +19,5 @@ limitations under the License.
|
|
||||||
{{- $context := index . 1 -}}
|
|
||||||
{{- $last := base $context.Template.Name }}
|
|
||||||
{{- $wtf := $context.Template.Name | replace $last $name -}}
|
|
||||||
-{{- include $wtf $context | sha256sum | quote -}}
|
|
||||||
+{{- include $wtf $context | toJson | sha256sum | quote -}}
|
|
||||||
{{- end -}}
|
|
||||||
--
|
|
||||||
2.7.4
|
|
||||||
|
|
@ -1,219 +0,0 @@
|
|||||||
From 751dff849dfcd9d68ba065571dc8251dbfc16cb2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
Date: Wed, 2 Feb 2022 12:07:18 +0000
|
|
||||||
Subject: [PATCH 1/2] Update apiVersion to networking.k8s.io/v1
|
|
||||||
|
|
||||||
These are the changes needed to upgrade
|
|
||||||
the apiVersion in the resources used by armada.
|
|
||||||
This is a subset of the upstream commit:
|
|
||||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
|
||||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
---
|
|
||||||
helm-toolkit/templates/manifests/_ingress.tpl | 75 +++++++++++++------
|
|
||||||
ingress/templates/ingress.yaml | 14 +++-
|
|
||||||
2 files changed, 62 insertions(+), 27 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
index f0c37fd..5c54c34 100644
|
|
||||||
--- a/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
|
|
||||||
@@ -64,7 +64,7 @@ examples:
|
|
||||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
|
||||||
return: |
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican
|
|
||||||
@@ -78,25 +78,34 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default.svc.cluster.local
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican-namespace-fqdn
|
|
||||||
@@ -114,11 +123,14 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican-cluster-fqdn
|
|
||||||
@@ -136,9 +148,12 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- values: |
|
|
||||||
network:
|
|
||||||
api:
|
|
||||||
@@ -184,7 +199,7 @@ examples:
|
|
||||||
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
|
|
||||||
return: |
|
|
||||||
---
|
|
||||||
- apiVersion: extensions/v1beta1
|
|
||||||
+ apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: barbican
|
|
||||||
@@ -204,23 +219,32 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
- host: barbican.default.svc.cluster.local
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: barbican-api
|
|
||||||
- servicePort: b-api
|
|
||||||
+ service:
|
|
||||||
+ name: barbican-api
|
|
||||||
+ port:
|
|
||||||
+ name: b-api
|
|
||||||
*/}}
|
|
||||||
|
|
||||||
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
|
||||||
@@ -231,9 +255,12 @@ examples:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: {{ $backendName }}
|
|
||||||
- servicePort: {{ $backendPort }}
|
|
||||||
+ service:
|
|
||||||
+ name: {{ $backendName }}
|
|
||||||
+ port:
|
|
||||||
+ name: {{ $backendPort }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "helm-toolkit.manifests.ingress" -}}
|
|
||||||
@@ -247,7 +274,7 @@ examples:
|
|
||||||
{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ $ingressName }}
|
|
||||||
@@ -282,7 +309,7 @@ spec:
|
|
||||||
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
|
||||||
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
|
|
||||||
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
|
|
||||||
index 16ebaab..10ffac7 100644
|
|
||||||
--- a/ingress/templates/ingress.yaml
|
|
||||||
+++ b/ingress/templates/ingress.yaml
|
|
||||||
@@ -21,7 +21,7 @@ limitations under the License.
|
|
||||||
{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
|
|
||||||
{{- end -}}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: {{ .Release.Namespace }}-{{ .Release.Name }}
|
|
||||||
@@ -33,8 +33,16 @@ spec:
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: /
|
|
||||||
+ pathType: ImplementationSpecific
|
|
||||||
backend:
|
|
||||||
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
||||||
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
|
||||||
+ service:
|
|
||||||
+ name: {{ $serviceName }}
|
|
||||||
+ port:
|
|
||||||
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
|
|
||||||
+ number: {{ $servicePort | int }}
|
|
||||||
+{{- else }}
|
|
||||||
+ name: {{ $servicePort | quote }}
|
|
||||||
+{{- end }}
|
|
||||||
+
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
|||||||
From d5d3e40baedaba10335bc2f0ea801e9118e05d1c Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
Date: Wed, 2 Feb 2022 12:07:51 +0000
|
|
||||||
Subject: [PATCH 2/2] Update apiVersion authorization to v1
|
|
||||||
|
|
||||||
These are the changes needed to upgrade
|
|
||||||
the apiVersion in the resources used by armada.
|
|
||||||
This is a subset of the upstream commit:
|
|
||||||
https://github.com/openstack/openstack-helm-infra/commit/f4972121bcb41c8d74748917804d2b239ab757f9
|
|
||||||
Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
|
|
||||||
---
|
|
||||||
.../templates/snippets/_kubernetes_pod_rbac_roles.tpl | 4 ++--
|
|
||||||
podsecuritypolicy/templates/podsecuritypolicy.yaml | 2 +-
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
index f9f48ef..44a31fd 100644
|
|
||||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
|
|
||||||
@@ -21,7 +21,7 @@ limitations under the License.
|
|
||||||
{{- $saNamespace := index . 3 -}}
|
|
||||||
{{- $releaseName := $envAll.Release.Name }}
|
|
||||||
---
|
|
||||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
||||||
+apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ $releaseName }}-{{ $saName }}
|
|
||||||
@@ -35,7 +35,7 @@ subjects:
|
|
||||||
name: {{ $saName }}
|
|
||||||
namespace: {{ $saNamespace }}
|
|
||||||
---
|
|
||||||
-apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
||||||
+apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
|
|
||||||
diff --git a/podsecuritypolicy/templates/podsecuritypolicy.yaml b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
index 741c9a8..9e22c6e 100644
|
|
||||||
--- a/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
+++ b/podsecuritypolicy/templates/podsecuritypolicy.yaml
|
|
||||||
@@ -20,7 +20,7 @@ limitations under the License.
|
|
||||||
{{/* Create one ClusterRole and PSP per PSP definition in values */}}
|
|
||||||
{{- range $pspName, $pspDetails := .Values.data }}
|
|
||||||
---
|
|
||||||
-apiVersion: extensions/v1beta1
|
|
||||||
+apiVersion: policy/v1beta1
|
|
||||||
kind: PodSecurityPolicy
|
|
||||||
metadata:
|
|
||||||
name: {{ $pspName }}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,90 +0,0 @@
|
|||||||
%global git_sha 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a
|
|
||||||
|
|
||||||
# Build variables
|
|
||||||
%global helm_folder /usr/lib/helm
|
|
||||||
%global toolkit_version 0.1.0
|
|
||||||
%global charts_staging ./charts
|
|
||||||
|
|
||||||
Name: armada
|
|
||||||
Version: 0.2.0
|
|
||||||
Release: 0%{?_tis_dist}.%{tis_patch_ver}
|
|
||||||
Summary: An orchestrator for managing a collection of Kubernetes Helm charts
|
|
||||||
License: Apache-2.0
|
|
||||||
Group: base
|
|
||||||
Packager: Wind River <info@windriver.com>
|
|
||||||
URL: https://airship-armada.readthedocs.io/
|
|
||||||
Source0: %{name}-%{git_sha}.tar.gz
|
|
||||||
|
|
||||||
Patch1: 0001-Add-Helm-v2-client-initialization-using-tiller-postS.patch
|
|
||||||
Patch2: 0002-Tiller-wait-for-postgres-database-ping.patch
|
|
||||||
Patch3: 0003-Update-the-liveness-probe-to-verify-postgres-connect.patch
|
|
||||||
Patch4: 0004-Update-postgres-liveness-check-to-support-IPv6-addre.patch
|
|
||||||
Patch5: 0005-Add-toleration-to-armada-api.patch
|
|
||||||
|
|
||||||
BuildArch: noarch
|
|
||||||
|
|
||||||
BuildRequires: helm
|
|
||||||
BuildRequires: armada-helm-toolkit
|
|
||||||
BuildRequires: chartmuseum
|
|
||||||
|
|
||||||
%description
|
|
||||||
%{summary}
|
|
||||||
|
|
||||||
%prep
|
|
||||||
%setup -n armada
|
|
||||||
%patch1 -p1
|
|
||||||
%patch2 -p1
|
|
||||||
%patch3 -p1
|
|
||||||
%patch4 -p1
|
|
||||||
%patch5 -p1
|
|
||||||
|
|
||||||
%build
|
|
||||||
# Package the armada chart tarball using methodology derived from:
|
|
||||||
# git clone https://opendev.org/airship/armada.git && cd armada
|
|
||||||
# make charts
|
|
||||||
#
|
|
||||||
# This provides the equivalent of 'make charts' and builds what is
|
|
||||||
# minimally sufficient to generate the armada chart tarball.
|
|
||||||
# - do not need to build helm-toolkit.
|
|
||||||
# - do not need to build tiller (armada chart contains tiller).
|
|
||||||
# - This does not download helm v2 or helm-toolkit as done by 'make charts',
|
|
||||||
# and does not require external network.
|
|
||||||
# - Everything else provided by the armada Makefile build is ignored.
|
|
||||||
#
|
|
||||||
# This is built using helm v3.
|
|
||||||
# - 'helm init' and 'helm serv' have been removed in helm v3
|
|
||||||
# - chartmuseum is drop-in replacement for 'helm serv'
|
|
||||||
# - no initial repository exist
|
|
||||||
# - charts self-contain helm-toolkit and pass lint; requirements.yaml
|
|
||||||
# dependencies are safely removed from package so the cluster does
|
|
||||||
# not have to serve 'local' repo (i.e., with ChartMuseum).
|
|
||||||
# - helm config of setup directories and repositories is automated
|
|
||||||
# (we don't need to create them)
|
|
||||||
|
|
||||||
# Stage helm-toolkit in the local repo
|
|
||||||
cp %{helm_folder}/armada-helm-toolkit-%{toolkit_version}.tgz %{charts_staging}/helm-toolkit-%{toolkit_version}.tgz
|
|
||||||
|
|
||||||
# Host a local server for the charts.
|
|
||||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="%{charts_staging}" &
|
|
||||||
sleep 2
|
|
||||||
helm repo add local http://localhost:8879/charts
|
|
||||||
|
|
||||||
cd %{charts_staging}
|
|
||||||
helm dependency update armada
|
|
||||||
helm lint armada
|
|
||||||
rm -v -f ./requirements.lock ./requirements.yaml
|
|
||||||
helm template --set pod.resources.enabled=true armada
|
|
||||||
helm package armada
|
|
||||||
cd -
|
|
||||||
|
|
||||||
# Terminate helm server (the last backgrounded task)
|
|
||||||
kill %1
|
|
||||||
|
|
||||||
%install
|
|
||||||
install -d -m 755 ${RPM_BUILD_ROOT}/opt/extracharts
|
|
||||||
install -p -D -m 755 %{charts_staging}/armada-*.tgz ${RPM_BUILD_ROOT}/opt/extracharts
|
|
||||||
|
|
||||||
%files
|
|
||||||
%defattr(-,root,root,-)
|
|
||||||
/opt/extracharts/*
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
|||||||
TAR_NAME=armada
|
|
||||||
VERSION=0.2.0
|
|
||||||
SHA=7ef4b8643b5ec5216a8f6726841e156c0aa54a1a
|
|
||||||
TAR="$TAR_NAME-$SHA.tar.gz"
|
|
||||||
|
|
||||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $FILES_BASE/*"
|
|
||||||
|
|
||||||
TIS_PATCH_VER=PKG_GITREVCOUNT
|
|
@ -1,114 +0,0 @@
|
|||||||
From 8c6cc4c0ad5569d7de3615463f7d8c4dd7429e63 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thiago Brito <thiago.brito@windriver.com>
|
|
||||||
Date: Thu, 22 Apr 2021 20:00:51 -0300
|
|
||||||
Subject: [PATCH] Add Helm v2 client initialization using tiller
|
|
||||||
postStart exec
|
|
||||||
|
|
||||||
This adds helm v2 client initialization using the tiller
|
|
||||||
container postStart exec to access helm v2 binary.
|
|
||||||
|
|
||||||
This will perform 'helm init', removes the default repos
|
|
||||||
'stable' and 'local', and add valid repos that were provided
|
|
||||||
as overrides. Note that helm will only add repos that exist.
|
|
||||||
|
|
||||||
This expects overrides in this format:
|
|
||||||
conf:
|
|
||||||
tiller:
|
|
||||||
charts_url: 'http://192.168.204.1:8080/helm_charts'
|
|
||||||
repo_names:
|
|
||||||
- 'starlingx'
|
|
||||||
- 'stx-platform'
|
|
||||||
repos:
|
|
||||||
stable: https://kubernetes-charts.storage.googleapis.com
|
|
||||||
|
|
||||||
This gives the following result:
|
|
||||||
helmv2-cli -- helm repo list
|
|
||||||
NAME URL
|
|
||||||
stable https://kubernetes-charts.storage.googleapis.com
|
|
||||||
starlingx http://192.168.204.1:8080/helm_charts/starlingx
|
|
||||||
stx-platform http://192.168.204.1:8080/helm_charts/stx-platform
|
|
||||||
|
|
||||||
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
|
|
||||||
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++
|
|
||||||
charts/armada/values.yaml | 10 +++++++
|
|
||||||
2 files changed, 43 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 562e3d0..483ec0b 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -186,6 +186,39 @@ spec:
|
|
||||||
- -trace
|
|
||||||
{{- end }}
|
|
||||||
lifecycle:
|
|
||||||
+ postStart:
|
|
||||||
+ exec:
|
|
||||||
+ command:
|
|
||||||
+ - sh
|
|
||||||
+ - "-c"
|
|
||||||
+ - |
|
|
||||||
+ /bin/sh <<'EOF'
|
|
||||||
+ # Delay initialization since postStart handler runs asynchronously and there
|
|
||||||
+ # is no guarantee it is called before the Container’s entrypoint.
|
|
||||||
+ sleep 5
|
|
||||||
+ # Initialize Helm v2 client.
|
|
||||||
+ export HELM_HOST=:{{ .Values.conf.tiller.port }}
|
|
||||||
+ /helm init --client-only --skip-refresh
|
|
||||||
+
|
|
||||||
+ # Moving the ln up so eventual errors on the next commands doesn't prevent
|
|
||||||
+ # having helm available
|
|
||||||
+ ln -s -f /helm /tmp/helm
|
|
||||||
+
|
|
||||||
+ # Removes all repos available so we don't get an error removing what
|
|
||||||
+ # doesn't exist anymore or error re-adding an existing repo
|
|
||||||
+ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm
|
|
||||||
+{{- if .Values.conf.tiller.repos }}
|
|
||||||
+ {{- range $name, $repo := .Values.conf.tiller.repos }}
|
|
||||||
+ /helm repo add {{ $name }} {{ $repo }}
|
|
||||||
+ {{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+{{- if .Values.conf.tiller.repo_names }}
|
|
||||||
+ {{- range .Values.conf.tiller.repo_names }}
|
|
||||||
+ /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }}
|
|
||||||
+ {{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+ exit 0
|
|
||||||
+ EOF
|
|
||||||
preStop:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
||||||
index 3a4427e..da45810 100644
|
|
||||||
--- a/charts/armada/values.yaml
|
|
||||||
+++ b/charts/armada/values.yaml
|
|
||||||
@@ -220,6 +220,10 @@ conf:
|
|
||||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
|
||||||
# greater than that will have no effect.
|
|
||||||
prestop_sleep: 30
|
|
||||||
+ # Helm v2 initialization
|
|
||||||
+ charts_url: null
|
|
||||||
+ repo_names: []
|
|
||||||
+ repos: {}
|
|
||||||
|
|
||||||
monitoring:
|
|
||||||
prometheus:
|
|
||||||
@@ -325,7 +329,13 @@ pod:
|
|
||||||
volumes:
|
|
||||||
- name: kubernetes-client-cache
|
|
||||||
emptyDir: {}
|
|
||||||
+ - name: tiller-tmp
|
|
||||||
+ emptyDir: {}
|
|
||||||
volumeMounts:
|
|
||||||
+ - name: tiller-tmp
|
|
||||||
+ # /tmp is now readOnly due to the security_context on L288, so
|
|
||||||
+ # mounting an emptyDir
|
|
||||||
+ mountPath: /tmp
|
|
||||||
- name: kubernetes-client-cache
|
|
||||||
# Should be the `$HOME/.kube` of the `runAsUser` above
|
|
||||||
# as this is where tiller's kubernetes client roots its cache dir.
|
|
||||||
--
|
|
||||||
2.17.1
|
|
||||||
|
|
||||||
|
|
@ -1,66 +0,0 @@
|
|||||||
From 96e49fcc6d6b988d03a61261511abf64a0af2e2a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
Date: Tue, 11 May 2021 21:04:18 +0300
|
|
||||||
Subject: [PATCH] Tiller wait for postgres database ping
|
|
||||||
|
|
||||||
Networking might not be correctly initialized when tiller starts.
|
|
||||||
|
|
||||||
Modify the pod command to wait for networking to be available before
|
|
||||||
starting up tiller.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 31 +++++++++++++--------
|
|
||||||
1 file changed, 19 insertions(+), 12 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 69036c0..3816366 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -167,24 +167,31 @@ spec:
|
|
||||||
- name: TILLER_HISTORY_MAX
|
|
||||||
value: {{ .Values.conf.tiller.history_max | quote }}
|
|
||||||
command:
|
|
||||||
- - /tiller
|
|
||||||
+ - sh
|
|
||||||
+ - -c
|
|
||||||
+ - |
|
|
||||||
+ /bin/sh <<'EOF'
|
|
||||||
{{- if .Values.conf.tiller.storage }}
|
|
||||||
- - --storage={{ .Values.conf.tiller.storage }}
|
|
||||||
{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
|
||||||
- - --sql-dialect={{ .Values.conf.tiller.sql_dialect }}
|
|
||||||
- - --sql-connection-string={{ .Values.conf.tiller.sql_connection }}
|
|
||||||
+ while ! /bin/busybox nc -vz -w 1 {{ .Values.conf.tiller.sql_endpoint_ip}} 5432; do continue; done;
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
- - -listen
|
|
||||||
- - ":{{ .Values.conf.tiller.port }}"
|
|
||||||
- - -probe-listen
|
|
||||||
- - ":{{ .Values.conf.tiller.probe_port }}"
|
|
||||||
- - -logtostderr
|
|
||||||
- - -v
|
|
||||||
- - {{ .Values.conf.tiller.verbosity | quote }}
|
|
||||||
+ /tiller \
|
|
||||||
+{{- if .Values.conf.tiller.storage }}
|
|
||||||
+ --storage={{ .Values.conf.tiller.storage }} \
|
|
||||||
+{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
|
||||||
+ --sql-dialect={{ .Values.conf.tiller.sql_dialect }} \
|
|
||||||
+ --sql-connection-string={{ .Values.conf.tiller.sql_connection }} \
|
|
||||||
+{{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+ -listen ":{{ .Values.conf.tiller.port }}" \
|
|
||||||
+ -probe-listen ":{{ .Values.conf.tiller.probe_port }}" \
|
|
||||||
+ -logtostderr \
|
|
||||||
+ -v {{ .Values.conf.tiller.verbosity | quote }} \
|
|
||||||
{{- if .Values.conf.tiller.trace }}
|
|
||||||
- - -trace
|
|
||||||
+ -trace
|
|
||||||
{{- end }}
|
|
||||||
+ EOF
|
|
||||||
lifecycle:
|
|
||||||
postStart:
|
|
||||||
exec:
|
|
||||||
--
|
|
||||||
2.30.0
|
|
||||||
|
|
@ -1,45 +0,0 @@
|
|||||||
From be3167e5342f2730ef43012d8fe4f3782c6ef468 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Wed, 12 May 2021 02:38:52 -0400
|
|
||||||
Subject: [PATCH 3/3] Update the liveness probe to verify postgres connectivity
|
|
||||||
|
|
||||||
Change the tillerLivenessProbeTemplate to test the connectivity to the
|
|
||||||
postgres backend. We will override the periodSeconds and
|
|
||||||
failureThreshold when installing the helm chart to trigger a restart of
|
|
||||||
the tiller pod over a swact when the postgres DB/server moves from one
|
|
||||||
controller to the other.
|
|
||||||
|
|
||||||
This will help guarantee that the tiller connection is always
|
|
||||||
reestablished if the connectivity to the postgres backend fails.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 12 ++++++++----
|
|
||||||
1 file changed, 8 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index bf23fb2..2b65494 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -28,10 +28,14 @@ httpGet:
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "tillerLivenessProbeTemplate" }}
|
|
||||||
-httpGet:
|
|
||||||
- path: /liveness
|
|
||||||
- port: {{ .Values.conf.tiller.probe_port }}
|
|
||||||
- scheme: HTTP
|
|
||||||
+exec:
|
|
||||||
+ command:
|
|
||||||
+ - nc
|
|
||||||
+ - -vz
|
|
||||||
+ - -w
|
|
||||||
+ - "1"
|
|
||||||
+ - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
|
||||||
+ - "5432"
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.manifests.deployment_api }}
|
|
||||||
--
|
|
||||||
2.16.6
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
|||||||
From e13416638b103fde04feb31027c3148c9685cf7f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Sat, 15 May 2021 16:16:41 -0400
|
|
||||||
Subject: [PATCH 4/4] Update postgres liveness check to support IPv6 addresses
|
|
||||||
|
|
||||||
Templating will add square brackets for IPv6 addresses which are
|
|
||||||
interpreted as an array vs. a string. Quote this so that it interpreted
|
|
||||||
correctly.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 2b65494..5c4825c 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -34,7 +34,7 @@ exec:
|
|
||||||
- -vz
|
|
||||||
- -w
|
|
||||||
- "1"
|
|
||||||
- - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
|
||||||
+ - "{{ .Values.conf.tiller.sql_endpoint_ip }}"
|
|
||||||
- "5432"
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.16.6
|
|
||||||
|
|
@ -1,57 +0,0 @@
|
|||||||
From 8f38dcdc7ba6448487283d14a745b8c299c47a13 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Enzo Candotti <enzo.candotti@windriver.com>
|
|
||||||
Date: Wed, 6 Oct 2021 18:25:10 -0300
|
|
||||||
Subject: [PATCH] Add toleration to armada-api
|
|
||||||
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 4 ++++
|
|
||||||
charts/armada/templates/tests/test-armada-api.yaml | 4 ++++
|
|
||||||
charts/armada/values.yaml | 2 ++
|
|
||||||
3 files changed, 10 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index d4eff7a..1859d99 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -108,6 +108,10 @@ spec:
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll "api" $mounts_armada_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
{{ dict "envAll" $envAll "application" "armada" "container" "armada_api_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
||||||
+{{- with .Values.pod.tolerations.api }}
|
|
||||||
+ tolerations:
|
|
||||||
+{{ toYaml . | indent 8 }}
|
|
||||||
+{{- end }}
|
|
||||||
containers:
|
|
||||||
- name: armada-api
|
|
||||||
{{ tuple $envAll "api" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
||||||
diff --git a/charts/armada/templates/tests/test-armada-api.yaml b/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
index a467fc9..2733cfe 100644
|
|
||||||
--- a/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
+++ b/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
@@ -32,6 +32,10 @@ metadata:
|
|
||||||
spec:
|
|
||||||
{{ dict "envAll" $envAll "application" "api_test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
|
||||||
restartPolicy: Never
|
|
||||||
+{{- with .Values.pod.tolerations.api }}
|
|
||||||
+ tolerations:
|
|
||||||
+{{ toYaml . | indent 4 }}
|
|
||||||
+{{- end }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
|
||||||
containers:
|
|
||||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
||||||
index e583947..247b15e 100644
|
|
||||||
--- a/charts/armada/values.yaml
|
|
||||||
+++ b/charts/armada/values.yaml
|
|
||||||
@@ -206,6 +206,8 @@ monitoring:
|
|
||||||
port: 8000
|
|
||||||
|
|
||||||
pod:
|
|
||||||
+ tolerations:
|
|
||||||
+ api: []
|
|
||||||
mandatory_access_control:
|
|
||||||
type: apparmor
|
|
||||||
armada-api:
|
|
||||||
--
|
|
||||||
2.25.1
|
|
||||||
|
|
@ -1 +0,0 @@
|
|||||||
dir-or-file-in-opt
|
|
@ -1,5 +0,0 @@
|
|||||||
armada (0.2.0-0) unstable; urgency=medium
|
|
||||||
|
|
||||||
* Initial release.
|
|
||||||
|
|
||||||
-- Daniel Safta <daniel.safta@windriver.com> Thu, 04 Nov 2021 14:00:42 +0000
|
|
@ -1,14 +0,0 @@
|
|||||||
Source: armada
|
|
||||||
Section: admin
|
|
||||||
Priority: optional
|
|
||||||
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
|
|
||||||
Build-Depends: debhelper-compat (= 13), helm, chartmuseum, procps,armada-helm-toolkit
|
|
||||||
Standards-Version: 4.4.1
|
|
||||||
Homepage: https://www.starlingx.io
|
|
||||||
|
|
||||||
Package: armada
|
|
||||||
Architecture: any
|
|
||||||
Depends: ${misc:Depends}, ${shlibs:Depends}
|
|
||||||
Description: An orchestrator for managing a collection of Kubernetes Helm charts.
|
|
||||||
Armada is a tool for managing multiple Helm charts with
|
|
||||||
dependencies by centralizing all configurations in a single Armada YAML.
|
|
@ -1,29 +0,0 @@
|
|||||||
|
|
||||||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
|
||||||
Upstream-Name: armada
|
|
||||||
Source: https://opendev.org/airship/armada.git
|
|
||||||
Files: *
|
|
||||||
Copyright: (c) 2013-2021 Wind River Systems, Inc
|
|
||||||
License: Apache-2
|
|
||||||
|
|
||||||
# If you want to use GPL v2 or later for the /debian/* files use
|
|
||||||
# the following clauses, or change it to suit. Delete these two lines
|
|
||||||
Files: debian/*
|
|
||||||
Copyright: 2021 Wind River Systems, Inc
|
|
||||||
License: Apache-2
|
|
||||||
|
|
||||||
License: Apache-2
|
|
||||||
Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
you may not use this file except in compliance with the License.
|
|
||||||
You may obtain a copy of the License at
|
|
||||||
.
|
|
||||||
https://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
.
|
|
||||||
Unless required by applicable law or agreed to in writing, software
|
|
||||||
distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
See the License for the specific language governing permissions and
|
|
||||||
limitations under the License.
|
|
||||||
.
|
|
||||||
On Debian-based systems the full text of the Apache version 2.0 license
|
|
||||||
can be found in `/usr/share/common-licenses/Apache-2.0'.
|
|
@ -1,83 +0,0 @@
|
|||||||
From bf0cfeb9efe5c021b24dcd5ef4c353507d96e307 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
Date: Tue, 14 Jun 2022 15:45:22 +0300
|
|
||||||
Subject: [PATCH 1/8] Revert "Tiller: listen on localhost by default"
|
|
||||||
|
|
||||||
This reverts commit a3f11e5873bc5b97de579c627d7b57e3bc9f655e.
|
|
||||||
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
|
||||||
ddbdd7256c20f138737f6cbd772312f7a19f58b8 we observe a change to default
|
|
||||||
tiller port logic.
|
|
||||||
|
|
||||||
Keep old logic.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
|
||||||
charts/armada/values.yaml | 6 ------
|
|
||||||
charts/tiller/templates/deployment-tiller.yaml | 2 +-
|
|
||||||
charts/tiller/values.yaml | 6 ------
|
|
||||||
4 files changed, 2 insertions(+), 14 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index b7f93d7..f1395ef 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -178,7 +178,7 @@ spec:
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
- -listen
|
|
||||||
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
||||||
+ - ":{{ .Values.conf.tiller.port }}"
|
|
||||||
- -probe-listen
|
|
||||||
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
||||||
- -logtostderr
|
|
||||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
||||||
index b1ed61f..3a4427e 100644
|
|
||||||
--- a/charts/armada/values.yaml
|
|
||||||
+++ b/charts/armada/values.yaml
|
|
||||||
@@ -206,12 +206,6 @@ conf:
|
|
||||||
tiller:
|
|
||||||
# If set to false then some form of Tiller needs to be provided
|
|
||||||
enabled: true
|
|
||||||
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
||||||
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
||||||
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
||||||
- # The Armada container talks directly to Tiller via 127.0.0.1, so the
|
|
||||||
- # default value is appropriate for normal operation.
|
|
||||||
- listen_on_any: false
|
|
||||||
port: 24134
|
|
||||||
probe_port: 24135
|
|
||||||
verbosity: 5
|
|
||||||
diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml
|
|
||||||
index f6df614..1f04a13 100644
|
|
||||||
--- a/charts/tiller/templates/deployment-tiller.yaml
|
|
||||||
+++ b/charts/tiller/templates/deployment-tiller.yaml
|
|
||||||
@@ -104,7 +104,7 @@ spec:
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
- -listen
|
|
||||||
- - "{{ if not .Values.conf.tiller.listen_on_any }}127.0.0.1{{ end }}:{{ .Values.conf.tiller.port }}"
|
|
||||||
+ - ":{{ .Values.conf.tiller.port }}"
|
|
||||||
- -probe-listen
|
|
||||||
- ":{{ .Values.conf.tiller.probe_port }}"
|
|
||||||
- -logtostderr
|
|
||||||
diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml
|
|
||||||
index ba776bc..495e3c1 100644
|
|
||||||
--- a/charts/tiller/values.yaml
|
|
||||||
+++ b/charts/tiller/values.yaml
|
|
||||||
@@ -52,12 +52,6 @@ conf:
|
|
||||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
|
||||||
# greater than that will have no effect.
|
|
||||||
prestop_sleep: 30
|
|
||||||
- # To have Tiller bind to all interfaces, allowing direct connections from
|
|
||||||
- # the Helm client to pod_ip:port, set 'listen_on_any: true'.
|
|
||||||
- # The default setting 'listen_on_any: false' binds Tiller to 127.0.0.1.
|
|
||||||
- # Helm clients with Kubernetes API access dynamically set up a portforward
|
|
||||||
- # into the pod, which works with the default setting.
|
|
||||||
- listen_on_any: false
|
|
||||||
port: 44134
|
|
||||||
probe_port: 44135
|
|
||||||
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,32 +0,0 @@
|
|||||||
From 6d63302d8e7d35c4549c49b97c8667203bc22428 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
Date: Tue, 14 Jun 2022 16:01:56 +0300
|
|
||||||
Subject: [PATCH 2/8] Revert "Add "labels" to Armada deployment"
|
|
||||||
|
|
||||||
This reverts commit eb2e87d32b2b9c9853deb70ed2e7029380ef0e16.
|
|
||||||
Updating the sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a to
|
|
||||||
ddbdd7256c20f138737f6cbd772312f7a19f58b8.
|
|
||||||
This revert is here just to reduce the need for testing. Keeping the
|
|
||||||
helm charts without changes between 7ef4b8..ddbdd7.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 2 --
|
|
||||||
1 file changed, 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index f1395ef..562e3d0 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -92,8 +92,6 @@ apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: armada-api
|
|
||||||
- labels:
|
|
||||||
-{{ $labels | indent 4 }}
|
|
||||||
annotations:
|
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 4 }}
|
|
||||||
spec:
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,205 +0,0 @@
|
|||||||
From 9c37292171aa9c35fbfb8c1ee2670150b9621190 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Phil Sphicas <phil.sphicas@att.com>
|
|
||||||
Date: Wed, 9 Feb 2022 10:04:38 -0800
|
|
||||||
Subject: [PATCH 3/8] Create lock CRD as apiextensions.k8s.io/v1 object
|
|
||||||
|
|
||||||
Cherry-pick https://review.opendev.org/c/airship/armada/+/845392
|
|
||||||
from upstream keeping the original commit message:
|
|
||||||
|
|
||||||
-----
|
|
||||||
Kubernetes v1.22 stopped serving the apiextensions.k8s.io/v1beta1 API
|
|
||||||
version of CustomResourceDefinition.
|
|
||||||
|
|
||||||
This change ensures that the locks.armada.process CRD is created using
|
|
||||||
the apiextensions.k8s.io/v1 API.
|
|
||||||
|
|
||||||
The kubernetes client package is also updated to take advantage of the
|
|
||||||
dynamic client.
|
|
||||||
|
|
||||||
(cherry picked from commit c5d39f27cacaa953be43c7d3265bb693db0939d0)
|
|
||||||
|
|
||||||
In addition to the clean cherry-pick add fixes for tests:
|
|
||||||
- docs language
|
|
||||||
- protobuf version
|
|
||||||
- stestr missing
|
|
||||||
|
|
||||||
Closes-Bug: 1978409
|
|
||||||
Change-Id: Icd518ab5cbb78e8b15f63d19c51b5f5b9a67e995
|
|
||||||
-----
|
|
||||||
|
|
||||||
On top of the upstream cherry-pick we need to enchance build env to
|
|
||||||
add missing .yaml files.
|
|
||||||
Change setup.py and add MANIFEST.in to allow proper contents of the
|
|
||||||
image to be generated.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
---
|
|
||||||
MANIFEST.in | 2 ++
|
|
||||||
armada/handlers/k8s.py | 7 +++----
|
|
||||||
armada/handlers/lock.py | 42 +++++++++++++++++------------------------
|
|
||||||
doc/source/conf.py | 2 +-
|
|
||||||
requirements.txt | 6 +++---
|
|
||||||
setup.py | 2 +-
|
|
||||||
test-requirements.txt | 1 +
|
|
||||||
7 files changed, 28 insertions(+), 34 deletions(-)
|
|
||||||
create mode 100644 MANIFEST.in
|
|
||||||
|
|
||||||
diff --git a/MANIFEST.in b/MANIFEST.in
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..61709ba
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/MANIFEST.in
|
|
||||||
@@ -0,0 +1,2 @@
|
|
||||||
+include *.yaml
|
|
||||||
+recursive-include armada *.yaml
|
|
||||||
diff --git a/armada/handlers/k8s.py b/armada/handlers/k8s.py
|
|
||||||
index 31b00c7..56cbc26 100644
|
|
||||||
--- a/armada/handlers/k8s.py
|
|
||||||
+++ b/armada/handlers/k8s.py
|
|
||||||
@@ -57,8 +57,7 @@ class K8s(object):
|
|
||||||
self.batch_api = client.BatchV1Api(api_client)
|
|
||||||
self.batch_v1beta1_api = client.BatchV1beta1Api(api_client)
|
|
||||||
self.custom_objects = client.CustomObjectsApi(api_client)
|
|
||||||
- self.api_extensions = client.ApiextensionsV1beta1Api(api_client)
|
|
||||||
- self.extension_api = client.ExtensionsV1beta1Api(api_client)
|
|
||||||
+ self.api_extensions = client.ApiextensionsV1Api(api_client)
|
|
||||||
self.apps_v1_api = client.AppsV1Api(api_client)
|
|
||||||
|
|
||||||
def delete_job_action(
|
|
||||||
@@ -359,10 +358,10 @@ class K8s(object):
|
|
||||||
|
|
||||||
:param crd: custom resource definition to create
|
|
||||||
|
|
||||||
- :type crd: kubernetes.client.V1beta1CustomResourceDefinition
|
|
||||||
+ :type crd: kubernetes.client.V1CustomResourceDefinition
|
|
||||||
|
|
||||||
:return: new custom resource definition
|
|
||||||
- :rtype: kubernetes.client.V1beta1CustomResourceDefinition
|
|
||||||
+ :rtype: kubernetes.client.V1CustomResourceDefinition
|
|
||||||
"""
|
|
||||||
return self.api_extensions.create_custom_resource_definition(crd)
|
|
||||||
|
|
||||||
diff --git a/armada/handlers/lock.py b/armada/handlers/lock.py
|
|
||||||
index bd99d38..54e3eb0 100644
|
|
||||||
--- a/armada/handlers/lock.py
|
|
||||||
+++ b/armada/handlers/lock.py
|
|
||||||
@@ -281,40 +281,32 @@ class LockConfig:
|
|
||||||
return lock
|
|
||||||
|
|
||||||
def create_definition(self):
|
|
||||||
- names = client.V1beta1CustomResourceDefinitionNames(
|
|
||||||
+ names = client.V1CustomResourceDefinitionNames(
|
|
||||||
kind="Resource", plural=LOCK_PLURAL, singular=LOCK_SINGULAR)
|
|
||||||
metadata = client.V1ObjectMeta(
|
|
||||||
name="{}.{}".format(LOCK_PLURAL, LOCK_GROUP),
|
|
||||||
resource_version=LOCK_VERSION)
|
|
||||||
- status = client.V1beta1CustomResourceDefinitionStatus(
|
|
||||||
- accepted_names=names,
|
|
||||||
- conditions=[],
|
|
||||||
- stored_versions=[LOCK_VERSION])
|
|
||||||
- spec = client.V1beta1CustomResourceDefinitionSpec(
|
|
||||||
+ spec = client.V1CustomResourceDefinitionSpec(
|
|
||||||
group=LOCK_GROUP,
|
|
||||||
names=names,
|
|
||||||
scope="Namespaced",
|
|
||||||
- version=LOCK_VERSION)
|
|
||||||
- crd = client.V1beta1CustomResourceDefinition(
|
|
||||||
- spec=spec,
|
|
||||||
- status=status,
|
|
||||||
- metadata=metadata,
|
|
||||||
- kind="CustomResourceDefinition")
|
|
||||||
+ versions=[
|
|
||||||
+ {
|
|
||||||
+ "name": LOCK_VERSION,
|
|
||||||
+ "schema": {
|
|
||||||
+ "openAPIV3Schema": {
|
|
||||||
+ "type": "object",
|
|
||||||
+ "x-kubernetes-preserve-unknown-fields": True
|
|
||||||
+ }
|
|
||||||
+ },
|
|
||||||
+ "served": True,
|
|
||||||
+ "storage": True,
|
|
||||||
+ }
|
|
||||||
+ ])
|
|
||||||
+ crd = client.V1CustomResourceDefinition(
|
|
||||||
+ spec=spec, metadata=metadata, kind="CustomResourceDefinition")
|
|
||||||
try:
|
|
||||||
self.k8s.create_custom_resource_definition(crd)
|
|
||||||
- except ValueError as err:
|
|
||||||
- # Because of an issue with the Kubernetes code, the API server
|
|
||||||
- # may return `null` for the required field `conditions` in
|
|
||||||
- # kubernetes.client.V1beta1CustomResourceDefinitionStatus
|
|
||||||
- # This causes validation to fail which will raise the subsequent
|
|
||||||
- # ValueError even though the CRD was created successfully
|
|
||||||
- # https://github.com/kubernetes-client/gen/issues/52
|
|
||||||
- # TODO if this is fixed upstream this should be removed
|
|
||||||
- known_msg = "Invalid value for `conditions`, must not be `None`"
|
|
||||||
- known_err = ValueError(known_msg)
|
|
||||||
- if err.args != known_err.args:
|
|
||||||
- raise
|
|
||||||
- LOG.debug("Encountered known issue while creating CRD, continuing")
|
|
||||||
except ApiException as err:
|
|
||||||
# If a 409 is received then the definition already exists
|
|
||||||
if err.status != 409:
|
|
||||||
diff --git a/doc/source/conf.py b/doc/source/conf.py
|
|
||||||
index 6ed6273..b4826c7 100644
|
|
||||||
--- a/doc/source/conf.py
|
|
||||||
+++ b/doc/source/conf.py
|
|
||||||
@@ -78,7 +78,7 @@ author = 'The Airship Authors'
|
|
||||||
#
|
|
||||||
# This is also used if you do content translation via gettext catalogs.
|
|
||||||
# Usually you set "language" from the command line for these cases.
|
|
||||||
-language = None
|
|
||||||
+language = 'en'
|
|
||||||
|
|
||||||
# List of patterns, relative to source directory, that match files and
|
|
||||||
# directories to ignore when looking for source files.
|
|
||||||
diff --git a/requirements.txt b/requirements.txt
|
|
||||||
index 2d61ca3..c2f9ac2 100644
|
|
||||||
--- a/requirements.txt
|
|
||||||
+++ b/requirements.txt
|
|
||||||
@@ -6,16 +6,16 @@ jsonschema>=3.0.1,<4
|
|
||||||
keystoneauth1>=3.18.0
|
|
||||||
keystonemiddleware==5.3.0
|
|
||||||
kombu<4.7,>=4.6.10
|
|
||||||
-kubernetes>=12.0.0
|
|
||||||
+kubernetes<23,>=17.0.0
|
|
||||||
Paste>=2.0.3
|
|
||||||
PasteDeploy>=1.5.2
|
|
||||||
-protobuf>=3.4.0
|
|
||||||
+protobuf>=3.4.0,<3.21
|
|
||||||
pylibyaml~=0.1
|
|
||||||
pyyaml~=5.1
|
|
||||||
requests
|
|
||||||
retry
|
|
||||||
setuptools>=40.4.3
|
|
||||||
-prometheus_client>=0.7.0
|
|
||||||
+prometheus_client<0.13.0,>=0.7.0
|
|
||||||
|
|
||||||
# API
|
|
||||||
falcon
|
|
||||||
diff --git a/setup.py b/setup.py
|
|
||||||
index 7d9b694..8a5a815 100644
|
|
||||||
--- a/setup.py
|
|
||||||
+++ b/setup.py
|
|
||||||
@@ -5,4 +5,4 @@ try:
|
|
||||||
except ImportError:
|
|
||||||
pass
|
|
||||||
|
|
||||||
-setuptools.setup(setup_requires=['pbr>=2.0.0'], pbr=True)
|
|
||||||
+setuptools.setup(setup_requires=['pbr>=2.0.0'], pbr=True, include_package_data=True)
|
|
||||||
diff --git a/test-requirements.txt b/test-requirements.txt
|
|
||||||
index 3108c65..e9faa28 100644
|
|
||||||
--- a/test-requirements.txt
|
|
||||||
+++ b/test-requirements.txt
|
|
||||||
@@ -16,6 +16,7 @@ mock
|
|
||||||
responses>=0.8.1
|
|
||||||
yapf==0.27.0
|
|
||||||
flake8-import-order==0.18.1
|
|
||||||
+stestr>=1.0.0 # Apache-2.0
|
|
||||||
|
|
||||||
grpcio-tools==1.16.0
|
|
||||||
typing-extensions==3.7.2
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,112 +0,0 @@
|
|||||||
From 1c73f6739eb672b330669fda5e427099c08c3490 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thiago Brito <thiago.brito@windriver.com>
|
|
||||||
Date: Thu, 22 Apr 2021 20:00:51 -0300
|
|
||||||
Subject: [PATCH 4/8] Add Helm v2 client initialization
|
|
||||||
|
|
||||||
This adds helm v2 client initialization using the tiller
|
|
||||||
container postStart exec to access helm v2 binary.
|
|
||||||
|
|
||||||
This will perform 'helm init', removes the default repos
|
|
||||||
'stable' and 'local', and add valid repos that were provided
|
|
||||||
as overrides. Note that helm will only add repos that exist.
|
|
||||||
|
|
||||||
This expects overrides in this format:
|
|
||||||
conf:
|
|
||||||
tiller:
|
|
||||||
charts_url: 'http://192.168.204.1:8080/helm_charts'
|
|
||||||
repo_names:
|
|
||||||
- 'starlingx'
|
|
||||||
- 'stx-platform'
|
|
||||||
repos:
|
|
||||||
stable: https://kubernetes-charts.storage.googleapis.com
|
|
||||||
|
|
||||||
This gives the following result:
|
|
||||||
helmv2-cli -- helm repo list
|
|
||||||
NAME URL
|
|
||||||
stable https://kubernetes-charts.storage.googleapis.com
|
|
||||||
starlingx http://192.168.204.1:8080/helm_charts/starlingx
|
|
||||||
stx-platform http://192.168.204.1:8080/helm_charts/stx-platform
|
|
||||||
|
|
||||||
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
|
|
||||||
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++
|
|
||||||
charts/armada/values.yaml | 10 +++++++
|
|
||||||
2 files changed, 43 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 562e3d0..69036c0 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -186,6 +186,39 @@ spec:
|
|
||||||
- -trace
|
|
||||||
{{- end }}
|
|
||||||
lifecycle:
|
|
||||||
+ postStart:
|
|
||||||
+ exec:
|
|
||||||
+ command:
|
|
||||||
+ - sh
|
|
||||||
+ - "-c"
|
|
||||||
+ - |
|
|
||||||
+ /bin/sh <<'EOF'
|
|
||||||
+ # Delay initialization since postStart handler runs asynchronously and there
|
|
||||||
+ # is no guarantee it is called before the Container’s entrypoint.
|
|
||||||
+ sleep 5
|
|
||||||
+ # Initialize Helm v2 client.
|
|
||||||
+ export HELM_HOST=:{{ .Values.conf.tiller.port }}
|
|
||||||
+ /helm init --client-only --skip-refresh
|
|
||||||
+
|
|
||||||
+ # Moving the ln up so eventual errors on the next commands doesn't prevent
|
|
||||||
+ # having helm available
|
|
||||||
+ ln -s -f /helm /tmp/helm
|
|
||||||
+
|
|
||||||
+ # Removes all repos available so we don't get an error removing what
|
|
||||||
+ # doesn't exist anymore or error re-adding an existing repo
|
|
||||||
+ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm
|
|
||||||
+{{- if .Values.conf.tiller.repos }}
|
|
||||||
+ {{- range $name, $repo := .Values.conf.tiller.repos }}
|
|
||||||
+ /helm repo add {{ $name }} {{ $repo }}
|
|
||||||
+ {{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+{{- if .Values.conf.tiller.repo_names }}
|
|
||||||
+ {{- range .Values.conf.tiller.repo_names }}
|
|
||||||
+ /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }}
|
|
||||||
+ {{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+ exit 0
|
|
||||||
+ EOF
|
|
||||||
preStop:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
||||||
index 3a4427e..da45810 100644
|
|
||||||
--- a/charts/armada/values.yaml
|
|
||||||
+++ b/charts/armada/values.yaml
|
|
||||||
@@ -220,6 +220,10 @@ conf:
|
|
||||||
# Note: Defaulting to the (default) kubernetes grace period, as anything
|
|
||||||
# greater than that will have no effect.
|
|
||||||
prestop_sleep: 30
|
|
||||||
+ # Helm v2 initialization
|
|
||||||
+ charts_url: null
|
|
||||||
+ repo_names: []
|
|
||||||
+ repos: {}
|
|
||||||
|
|
||||||
monitoring:
|
|
||||||
prometheus:
|
|
||||||
@@ -325,7 +329,13 @@ pod:
|
|
||||||
volumes:
|
|
||||||
- name: kubernetes-client-cache
|
|
||||||
emptyDir: {}
|
|
||||||
+ - name: tiller-tmp
|
|
||||||
+ emptyDir: {}
|
|
||||||
volumeMounts:
|
|
||||||
+ - name: tiller-tmp
|
|
||||||
+ # /tmp is now readOnly due to the security_context on L288, so
|
|
||||||
+ # mounting an emptyDir
|
|
||||||
+ mountPath: /tmp
|
|
||||||
- name: kubernetes-client-cache
|
|
||||||
# Should be the `$HOME/.kube` of the `runAsUser` above
|
|
||||||
# as this is where tiller's kubernetes client roots its cache dir.
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,66 +0,0 @@
|
|||||||
From 0cd23c208587d86ce8b2083bf4f42dadf03e28e2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
Date: Tue, 11 May 2021 21:04:18 +0300
|
|
||||||
Subject: [PATCH 5/8] Tiller wait for postgres database ping
|
|
||||||
|
|
||||||
Networking might not be correctly initialized when tiller starts.
|
|
||||||
|
|
||||||
Modify the pod command to wait for networking to be available before
|
|
||||||
starting up tiller.
|
|
||||||
|
|
||||||
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 31 +++++++++++++--------
|
|
||||||
1 file changed, 19 insertions(+), 12 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 69036c0..bf23fb2 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -167,24 +167,31 @@ spec:
|
|
||||||
- name: TILLER_HISTORY_MAX
|
|
||||||
value: {{ .Values.conf.tiller.history_max | quote }}
|
|
||||||
command:
|
|
||||||
- - /tiller
|
|
||||||
+ - sh
|
|
||||||
+ - -c
|
|
||||||
+ - |
|
|
||||||
+ /bin/sh <<'EOF'
|
|
||||||
{{- if .Values.conf.tiller.storage }}
|
|
||||||
- - --storage={{ .Values.conf.tiller.storage }}
|
|
||||||
{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
|
||||||
- - --sql-dialect={{ .Values.conf.tiller.sql_dialect }}
|
|
||||||
- - --sql-connection-string={{ .Values.conf.tiller.sql_connection }}
|
|
||||||
+ while ! /bin/busybox nc -vz -w 1 {{ .Values.conf.tiller.sql_endpoint_ip}} 5432; do continue; done;
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
- - -listen
|
|
||||||
- - ":{{ .Values.conf.tiller.port }}"
|
|
||||||
- - -probe-listen
|
|
||||||
- - ":{{ .Values.conf.tiller.probe_port }}"
|
|
||||||
- - -logtostderr
|
|
||||||
- - -v
|
|
||||||
- - {{ .Values.conf.tiller.verbosity | quote }}
|
|
||||||
+ /tiller \
|
|
||||||
+{{- if .Values.conf.tiller.storage }}
|
|
||||||
+ --storage={{ .Values.conf.tiller.storage }} \
|
|
||||||
+{{- if and (eq .Values.conf.tiller.storage "sql") (.Values.conf.tiller.sql_dialect) (.Values.conf.tiller.sql_connection) }}
|
|
||||||
+ --sql-dialect={{ .Values.conf.tiller.sql_dialect }} \
|
|
||||||
+ --sql-connection-string={{ .Values.conf.tiller.sql_connection }} \
|
|
||||||
+{{- end }}
|
|
||||||
+{{- end }}
|
|
||||||
+ -listen ":{{ .Values.conf.tiller.port }}" \
|
|
||||||
+ -probe-listen ":{{ .Values.conf.tiller.probe_port }}" \
|
|
||||||
+ -logtostderr \
|
|
||||||
+ -v {{ .Values.conf.tiller.verbosity | quote }} \
|
|
||||||
{{- if .Values.conf.tiller.trace }}
|
|
||||||
- - -trace
|
|
||||||
+ -trace
|
|
||||||
{{- end }}
|
|
||||||
+ EOF
|
|
||||||
lifecycle:
|
|
||||||
postStart:
|
|
||||||
exec:
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,45 +0,0 @@
|
|||||||
From 3e34ec8c87ec5cbac79f6299e63fa1c06a75692e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Wed, 12 May 2021 02:38:52 -0400
|
|
||||||
Subject: [PATCH 6/8] Update the liveness probe to verify postgres connectivity
|
|
||||||
|
|
||||||
Change the tillerLivenessProbeTemplate to test the connectivity to the
|
|
||||||
postgres backend. We will override the periodSeconds and
|
|
||||||
failureThreshold when installing the helm chart to trigger a restart of
|
|
||||||
the tiller pod over a swact when the postgres DB/server moves from one
|
|
||||||
controller to the other.
|
|
||||||
|
|
||||||
This will help guarantee that the tiller connection is always
|
|
||||||
reestablished if the connectivity to the postgres backend fails.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 12 ++++++++----
|
|
||||||
1 file changed, 8 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index bf23fb2..2b65494 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -28,10 +28,14 @@ httpGet:
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "tillerLivenessProbeTemplate" }}
|
|
||||||
-httpGet:
|
|
||||||
- path: /liveness
|
|
||||||
- port: {{ .Values.conf.tiller.probe_port }}
|
|
||||||
- scheme: HTTP
|
|
||||||
+exec:
|
|
||||||
+ command:
|
|
||||||
+ - nc
|
|
||||||
+ - -vz
|
|
||||||
+ - -w
|
|
||||||
+ - "1"
|
|
||||||
+ - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
|
||||||
+ - "5432"
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.manifests.deployment_api }}
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
|||||||
From c5a117faafbe1cc6de4200315ba400bdc0c83e40 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Robert Church <robert.church@windriver.com>
|
|
||||||
Date: Sat, 15 May 2021 16:16:41 -0400
|
|
||||||
Subject: [PATCH 7/8] Update postgres liveness check to support IPv6 addresses
|
|
||||||
|
|
||||||
Templating will add square brackets for IPv6 addresses which are
|
|
||||||
interpreted as an array vs. a string. Quote this so that it interpreted
|
|
||||||
correctly.
|
|
||||||
|
|
||||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 2b65494..5c4825c 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -34,7 +34,7 @@ exec:
|
|
||||||
- -vz
|
|
||||||
- -w
|
|
||||||
- "1"
|
|
||||||
- - {{ .Values.conf.tiller.sql_endpoint_ip}}
|
|
||||||
+ - "{{ .Values.conf.tiller.sql_endpoint_ip }}"
|
|
||||||
- "5432"
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,58 +0,0 @@
|
|||||||
From 9a5b91d35923272c55e998f21ff096b5c0268ad2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Enzo Candotti <enzo.candotti@windriver.com>
|
|
||||||
Date: Wed, 6 Oct 2021 18:25:10 -0300
|
|
||||||
Subject: [PATCH 8/8] Add toleration to armada-api
|
|
||||||
|
|
||||||
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
|
|
||||||
---
|
|
||||||
charts/armada/templates/deployment-api.yaml | 4 ++++
|
|
||||||
charts/armada/templates/tests/test-armada-api.yaml | 4 ++++
|
|
||||||
charts/armada/values.yaml | 2 ++
|
|
||||||
3 files changed, 10 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
|
|
||||||
index 5c4825c..3ee086a 100644
|
|
||||||
--- a/charts/armada/templates/deployment-api.yaml
|
|
||||||
+++ b/charts/armada/templates/deployment-api.yaml
|
|
||||||
@@ -125,6 +125,10 @@ spec:
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll "api" $mounts_armada_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
{{ dict "envAll" $envAll "application" "armada" "container" "armada_api_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
||||||
+{{- with .Values.pod.tolerations.api }}
|
|
||||||
+ tolerations:
|
|
||||||
+{{ toYaml . | indent 8 }}
|
|
||||||
+{{- end }}
|
|
||||||
containers:
|
|
||||||
- name: armada-api
|
|
||||||
{{ tuple $envAll "api" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
||||||
diff --git a/charts/armada/templates/tests/test-armada-api.yaml b/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
index 895353a..aa9e37a 100644
|
|
||||||
--- a/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
+++ b/charts/armada/templates/tests/test-armada-api.yaml
|
|
||||||
@@ -32,6 +32,10 @@ metadata:
|
|
||||||
spec:
|
|
||||||
{{ dict "envAll" $envAll "application" "api_test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
|
||||||
restartPolicy: Never
|
|
||||||
+{{- with .Values.pod.tolerations.api }}
|
|
||||||
+ tolerations:
|
|
||||||
+{{ toYaml . | indent 4 }}
|
|
||||||
+{{- end }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
|
||||||
containers:
|
|
||||||
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
|
|
||||||
index da45810..3644706 100644
|
|
||||||
--- a/charts/armada/values.yaml
|
|
||||||
+++ b/charts/armada/values.yaml
|
|
||||||
@@ -233,6 +233,8 @@ monitoring:
|
|
||||||
port: 8000
|
|
||||||
|
|
||||||
pod:
|
|
||||||
+ tolerations:
|
|
||||||
+ api: []
|
|
||||||
mandatory_access_control:
|
|
||||||
type: apparmor
|
|
||||||
armada-api:
|
|
||||||
--
|
|
||||||
2.34.1
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
|||||||
0001-Revert-Tiller-listen-on-localhost-by-default.patch
|
|
||||||
0002-Revert-Add-labels-to-Armada-deployment.patch
|
|
||||||
0003-Create-lock-CRD-as-apiextensions.k8s.io-v1-object.patch
|
|
||||||
0004-Add-Helm-v2-client-initialization.patch
|
|
||||||
0005-Tiller-wait-for-postgres-database-ping.patch
|
|
||||||
0006-Update-the-liveness-probe-to-verify-postgres-connect.patch
|
|
||||||
0007-Update-postgres-liveness-check-to-support-IPv6-addre.patch
|
|
||||||
0008-Add-toleration-to-armada-api.patch
|
|
@ -1,32 +0,0 @@
|
|||||||
#!/usr/bin/make -f
|
|
||||||
|
|
||||||
export ROOT = debian/armada
|
|
||||||
export APP_FOLDER = $(ROOT)/opt/extracharts
|
|
||||||
export CHARTS_STAGING = charts
|
|
||||||
export APP_NAME = armada
|
|
||||||
export APP_NAME_FULL = $(CHARTS_STAGING)/$(APP_NAME)
|
|
||||||
|
|
||||||
%:
|
|
||||||
dh $@
|
|
||||||
|
|
||||||
override_dh_auto_build:
|
|
||||||
# Host a server for the charts
|
|
||||||
cp /usr/lib/helm/armada-helm-toolkit-0.1.0.tgz ./charts
|
|
||||||
|
|
||||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="./charts" &
|
|
||||||
sleep 2
|
|
||||||
helm repo add local http://localhost:8879/charts
|
|
||||||
|
|
||||||
helm dependency update $(APP_NAME_FULL)
|
|
||||||
helm lint $(APP_NAME_FULL)
|
|
||||||
rm -v -f ./requirements.lock ./requirements.yaml
|
|
||||||
helm template --set pod.resources.enabled=true $(APP_NAME_FULL)
|
|
||||||
helm package $(APP_NAME_FULL)
|
|
||||||
|
|
||||||
pkill chartmuseum
|
|
||||||
|
|
||||||
|
|
||||||
override_dh_auto_install:
|
|
||||||
# Install the app tar file.
|
|
||||||
install -d -m 755 $(APP_FOLDER)
|
|
||||||
install -p -D -m 755 armada-0.1.0.tgz $(APP_FOLDER)
|
|
@ -1,13 +0,0 @@
|
|||||||
---
|
|
||||||
debname: armada
|
|
||||||
debver: 0.2.0-0
|
|
||||||
dl_path:
|
|
||||||
name: armada-ddbdd7256c20f138737f6cbd772312f7a19f58b8.tar.gz
|
|
||||||
url: https://github.com/airshipit/armada/tarball/ddbdd7256c20f138737f6cbd772312f7a19f58b8
|
|
||||||
md5sum: fd8563e106a48b912b56ac82e8a5d4ee
|
|
||||||
sha256sum: 4f4db518837f7e89e3d65e024353f49ea341c530533cb986ff50d0781f39bee6
|
|
||||||
revision:
|
|
||||||
dist: $STX_DIST
|
|
||||||
GITREVCOUNT:
|
|
||||||
BASE_SRCREV: db16f48a952e3c5da8b2efea7acc723107b2c0a2
|
|
||||||
SRC_DIR: ${MY_REPO}/stx/integ/kubernetes/armada
|
|
@ -1,7 +0,0 @@
|
|||||||
BUILDER=script
|
|
||||||
LABEL=armada-image
|
|
||||||
SOURCE_REPO=https://github.com/airshipit/armada
|
|
||||||
SOURCE_REF=ddbdd7256c20f138737f6cbd772312f7a19f58b8
|
|
||||||
COMMAND=bash
|
|
||||||
SCRIPT=build-armada-image.sh
|
|
||||||
ARGS="armada-image"
|
|
@ -1,54 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
################################################################################
|
|
||||||
# Copyright (c) 2022 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
PROJECT=$1
|
|
||||||
IMAGE_TAG=$2
|
|
||||||
|
|
||||||
if [ -z "${IMAGE_TAG}" ]; then
|
|
||||||
echo "image tag must be specified. build ${PROJECT} Aborting..." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Copy patches from:
|
|
||||||
# https://opendev.org/starlingx/integ/src/branch/master/kubernetes/armada/debian/deb_folder/patches
|
|
||||||
tmp_dir=$(mktemp -d -t armada-XXXXXXXXXX --tmpdir=/tmp)
|
|
||||||
pushd ${tmp_dir}
|
|
||||||
git clone https://opendev.org/starlingx/integ/
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "Failed to clone patches for ${PROJECT}. Aborting..." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
popd
|
|
||||||
cp -r ${tmp_dir}/integ/kubernetes/armada/debian/deb_folder/patches .
|
|
||||||
rm -rf ${tmp_dir}
|
|
||||||
|
|
||||||
# Apply patches
|
|
||||||
pushd patches
|
|
||||||
cat series | xargs -n 1 git am
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "Failed to apply patches for ${PROJECT}. Aborting..." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
popd
|
|
||||||
|
|
||||||
# Use Makefile to build images
|
|
||||||
make images
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "Failed to make ${PROJECT} image. Aborting..." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
RETVAL=0
|
|
||||||
docker tag quay.io/airshipit/armada:latest-ubuntu_bionic "${IMAGE_TAG}"
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
echo "Failed to tag ${PROJECT} with ${IMAGE_TAG}. Aborting..." >&2
|
|
||||||
RETVAL=1
|
|
||||||
fi
|
|
||||||
|
|
||||||
docker rmi quay.io/airshipit/armada:latest-ubuntu_bionic
|
|
||||||
exit ${RETVAL}
|
|
@ -1,141 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Copyright (c) 2020 Wind River Systems, Inc.
|
|
||||||
#
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
#
|
|
||||||
|
|
||||||
# This script is wrapper to Helm v2 client, providing access to containerized
|
|
||||||
# armada/tiller managed charts.
|
|
||||||
|
|
||||||
# There are two modes of operation:
|
|
||||||
# - no command specified: this is an interactive BusyBox shell
|
|
||||||
# - command and options specified: this executes a single helm v2 command
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
# Define minimal path
|
|
||||||
PATH=/bin:/usr/bin:/usr/local/bin
|
|
||||||
|
|
||||||
# Process input options
|
|
||||||
SCRIPT=$(basename $0)
|
|
||||||
OPTS=$(getopt -o dh --long debug,help -n ${SCRIPT} -- "$@")
|
|
||||||
if [ $? != 0 ]; then
|
|
||||||
echo "Failed parsing options." >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
eval set -- "$OPTS"
|
|
||||||
|
|
||||||
DEBUG=false
|
|
||||||
HELP=false
|
|
||||||
while true; do
|
|
||||||
case "$1" in
|
|
||||||
-d | --debug ) DEBUG=true; shift ;;
|
|
||||||
-h | --help ) HELP=true; shift ;;
|
|
||||||
-- ) shift; break ;;
|
|
||||||
* ) break ;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
# Treat remaining arguments as commands + options
|
|
||||||
shift $((OPTIND-1))
|
|
||||||
OTHERARGS="$@"
|
|
||||||
|
|
||||||
if [ ${HELP} == 'true' ]; then
|
|
||||||
echo "Usage: ${SCRIPT} [-d|--debug] [-h|--help] -- [command] [options]"
|
|
||||||
echo "Options:"
|
|
||||||
echo " -d | --debug : display initialization information"
|
|
||||||
echo " -h | --help : this help"
|
|
||||||
echo
|
|
||||||
echo "Command option examples:"
|
|
||||||
echo " helmv2-cli -- helm search"
|
|
||||||
echo " helmv2-cli -- helm list"
|
|
||||||
echo " helmv2-cli -- helm list --namespace openstack --pending"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Logger setup
|
|
||||||
LOG_FACILITY=user
|
|
||||||
LOG_PRIORITY=info
|
|
||||||
function LOG {
|
|
||||||
logger -t "${0##*/}[$$]" -p ${LOG_FACILITY}.${LOG_PRIORITY} "$@"
|
|
||||||
echo "${0##*/}[$$]" "$@"
|
|
||||||
}
|
|
||||||
function ERROR {
|
|
||||||
MSG="ERROR"
|
|
||||||
echo "${MSG} $@" >&2
|
|
||||||
LOG "${MSG} $@"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Determine running armada pods, including list of status conditions
|
|
||||||
# This jsonpath gives the following output format per pod:
|
|
||||||
# armada-api-bc77f956d-jwl4n::Initialized=True:Ready=True:ContainersReady=True:PodScheduled=True
|
|
||||||
JSONPATH='{range .items[*]}{"\n"}{@.metadata.name}:{@.metadata.deletionTimestamp}{range @.status.conditions[*]}{":"}{@.type}={@.status}{end}{end}'
|
|
||||||
ARMADA_PODS=( $(kubectl get pods -n armada \
|
|
||||||
--selector=application=armada,component=api \
|
|
||||||
--field-selector status.phase=Running \
|
|
||||||
--output=jsonpath="${JSONPATH}") )
|
|
||||||
if [ ${#ARMADA_PODS[@]} -eq 0 ]; then
|
|
||||||
ERROR "Could not find armada pod."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ ${DEBUG} == 'true' ]; then
|
|
||||||
LOG "Found armada pods: ${ARMADA_PODS[@]}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Get first available Running and Ready armada pod, with tiller container we can exec
|
|
||||||
POD=""
|
|
||||||
for LINE in "${ARMADA_PODS[@]}"; do
|
|
||||||
# match only Ready pods with nil deletionTimestamp
|
|
||||||
if [[ $LINE =~ ::.*Ready=True ]]; then
|
|
||||||
# extract pod name, it is first element delimited by :
|
|
||||||
A=( ${LINE/:/ } )
|
|
||||||
P=${A[0]}
|
|
||||||
else
|
|
||||||
continue
|
|
||||||
fi
|
|
||||||
|
|
||||||
kubectl exec -it -n armada ${P} -c tiller -- pwd 1>/dev/null 2>/dev/null
|
|
||||||
RC=$?
|
|
||||||
if [ ${RC} -eq 0 ]; then
|
|
||||||
POD=${P}
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
if [ -z "${POD}" ]; then
|
|
||||||
ERROR "Could not find armada pod."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ ${DEBUG} == 'true' ]; then
|
|
||||||
LOG "Found armada pod: ${POD}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Determine tiller listen port (configured by armada chart)
|
|
||||||
# armada-api is container index 0, tiller is container index 1
|
|
||||||
TILLER_PORT=$(kubectl get pod -n armada ${POD} \
|
|
||||||
--output=jsonpath={.spec.containers[1].ports[0].containerPort})
|
|
||||||
if [ -z "${TILLER_PORT}" ]; then
|
|
||||||
ERROR "Could not find tiller listen port."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ ${DEBUG} == 'true' ]; then
|
|
||||||
LOG "Found tiller listen port: ${TILLER_PORT}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Launch BusyBox shell with access to local tiller.
|
|
||||||
# Can execute helm v2 commands as '/helm' or 'helm'.
|
|
||||||
if [ ${DEBUG} == 'true' ]; then
|
|
||||||
LOG "Launching Helm-v2 client"
|
|
||||||
fi
|
|
||||||
HELM_HOST=":${TILLER_PORT}"
|
|
||||||
if [ -z "${OTHERARGS}" ]; then
|
|
||||||
# Interactive BusyBox shell
|
|
||||||
kubectl exec -it -n armada ${POD} -c tiller -- \
|
|
||||||
/bin/sh -c "PATH=${PATH}:/tmp PS1='Helm-v2 \h:\w $ ' HELM_HOST=${HELM_HOST} /bin/sh"
|
|
||||||
else
|
|
||||||
# Execute single helm v2 command in BusyBox shell
|
|
||||||
kubectl exec -n armada ${POD} -c tiller -- \
|
|
||||||
/bin/sh -c "PATH=${PATH}:/tmp HELM_HOST=${HELM_HOST} /bin/sh -c '$OTHERARGS'"
|
|
||||||
fi
|
|
||||||
|
|
||||||
exit 0
|
|
@ -52,7 +52,6 @@ cp -R mapkubeapis %{buildroot}/usr/local/share/helm/plugins/
|
|||||||
%defattr(-,root,root,-)
|
%defattr(-,root,root,-)
|
||||||
%{_sbindir}/helm
|
%{_sbindir}/helm
|
||||||
/usr/local/sbin/helm-upload
|
/usr/local/sbin/helm-upload
|
||||||
/usr/local/sbin/helmv2-cli
|
|
||||||
%{_sysconfdir}/sudoers.d/helm
|
%{_sysconfdir}/sudoers.d/helm
|
||||||
/usr/local/share/helm/plugins/2to3/*
|
/usr/local/share/helm/plugins/2to3/*
|
||||||
/usr/local/share/helm/plugins/mapkubeapis/*
|
/usr/local/share/helm/plugins/mapkubeapis/*
|
||||||
|
@ -1,7 +1,6 @@
|
|||||||
etc/sudoers.d/helm
|
etc/sudoers.d/helm
|
||||||
usr/sbin/helm
|
usr/sbin/helm
|
||||||
usr/local/sbin/helm-upload
|
usr/local/sbin/helm-upload
|
||||||
usr/local/sbin/helmv2-cli
|
|
||||||
usr/local/share/helm
|
usr/local/share/helm
|
||||||
usr/local/share/helm/plugins
|
usr/local/share/helm/plugins
|
||||||
usr/local/share/helm/plugins/mapkubeapis
|
usr/local/share/helm/plugins/mapkubeapis
|
||||||
|
@ -26,7 +26,6 @@ override_dh_auto_install:
|
|||||||
install -d -m 755 $(ROOT)/usr/local/sbin
|
install -d -m 755 $(ROOT)/usr/local/sbin
|
||||||
install -p -D -m 755 $(HELM_EXECUTABLE) $(SBINDIR)
|
install -p -D -m 755 $(HELM_EXECUTABLE) $(SBINDIR)
|
||||||
install -p -D -m 755 helm-upload $(ROOT)/usr/local/sbin
|
install -p -D -m 755 helm-upload $(ROOT)/usr/local/sbin
|
||||||
install -p -D -m 755 helmv2-cli.sh $(ROOT)/usr/local/sbin/helmv2-cli
|
|
||||||
install -d -m 755 $(SUDOERDIR)
|
install -d -m 755 $(SUDOERDIR)
|
||||||
install -p -D -m 440 helm.sudo $(SUDOERDIR)/helm
|
install -p -D -m 440 helm.sudo $(SUDOERDIR)/helm
|
||||||
install -d -m 755 $(ROOT)/usr/local/share/helm
|
install -d -m 755 $(ROOT)/usr/local/share/helm
|
||||||
|
Loading…
Reference in New Issue
Block a user