169a0c0ee3
This introduces k8s-container-cleanup script that will be called
when containerd.service is stopped. The script detects whether systemd
state is 'stopping' due to shutdown/reboot, then stops all running
containers before the service shuts down.
During shutdown/reboot, some containers are not receiving the
SIGTERM signal. This leads to unexpected behaviour such as
generating huge coredumps.
There is an upstream issue regarding this:
https://github.com/kubernetes/kubernetes/issues/107158
The problem seems to be systemd related but this commit
addresses the problem with a workaround.
This reverts commit f3c18b0f79.
The k8s-container-cleanup script is moved from kubelet.service
to containerd.service. The ExecStopPost that calls this script
is removed, and replaced with ExecStop in containerd.service
to call the script (in config-files repo).
The k8s-container-cleanup script requires containerd is running
in order to use crictl utility. The shutdown of kubelet and
containerd have unpredictable timing, so the cleanup must be done
in containerd.
Test Plan: On AIO-SX
PASS: Verify k8s-container-cleanup logs to daemon.log during 'stopping.
PASS: Manual change containerd/kubelet shutdown timing and verify.
k8s-container-cleanup running to completion before containerd stopped.
PASS: Reboot and verify k8s-container-cleanup running to completion.
PASS: Lock/unlock and verify k8s-container-cleanup running to completion.
PASS: Manually run spellintian tool against k8s-container-cleanup.sh.
PASS: Manually run shellcheck tool against k8s-container-cleanup.sh.
PASS: Zuul tox bashate tool against k8s-container-cleanup.sh.
Partial-Bug: 1964111
Change-Id: Ic8a9e257f861ae218a8520205eced3eaa580dd20
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
152 lines
4.7 KiB
RPMSpec
152 lines
4.7 KiB
RPMSpec
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
# Copyright (c) 2021 Wind River Systems, Inc.
|
|
#
|
|
|
|
%define debug_package %{nil}
|
|
%define local_sbindir /usr/local/sbin
|
|
|
|
%global _k8s_name kubernetes
|
|
|
|
# Used to simplify the paths for install and files
|
|
%global _curr_stage1 %{_exec_prefix}/local/kubernetes/current/stage1
|
|
%global _curr_stage2 %{_exec_prefix}/local/kubernetes/current/stage2
|
|
|
|
# https://github.com/kubernetes/contrib
|
|
%global con_provider github
|
|
%global con_provider_tld com
|
|
%global con_project kubernetes
|
|
%global con_repo kubernetes-contrib
|
|
%global con_commit 1.18.1
|
|
|
|
##############################################
|
|
Name: kubernetes-unversioned
|
|
Version: 1.0
|
|
Release: 1%{?_tis_dist}.%{tis_patch_ver}
|
|
Summary: Kubernetes unversioned common config and current version symlinks
|
|
License: Apache-2.0
|
|
Group: base
|
|
Packager: Wind River <info@windriver.com>
|
|
URL: unknown
|
|
|
|
Source0: LICENSE
|
|
Source1: %{con_repo}-v%{con_commit}.tar.gz
|
|
|
|
# systemd resource control enable CPU and Memory accounting for cgroups
|
|
Source2: kubernetes-accounting.conf
|
|
|
|
# kubelet config overrides parameters
|
|
Source3: kubelet_override.yaml
|
|
|
|
Source4: upgrade_k8s_config.sh
|
|
|
|
Source5: sanitize_kubelet_reserved_cpus.sh
|
|
|
|
Patch1: kubelet-service-remove-docker-dependency.patch
|
|
|
|
BuildArch: noarch
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
Requires: /bin/bash
|
|
Requires: systemd
|
|
|
|
%description
|
|
%{summary}
|
|
|
|
%prep
|
|
%setup -q -n %{con_repo}-%{con_commit} -T -b 1
|
|
mkdir contrib
|
|
cp -r ../%{con_repo}-%{con_commit}/init contrib/.
|
|
%patch1 -p1
|
|
|
|
cp %{SOURCE0} .
|
|
|
|
%build
|
|
|
|
%install
|
|
stage1_link() {
|
|
ln -v -sf %{_curr_stage1}$1/$2 %{buildroot}$1/$2
|
|
}
|
|
stage2_link() {
|
|
ln -v -sf %{_curr_stage2}$1/$2 %{buildroot}$1/$2
|
|
}
|
|
|
|
# Current staged directories
|
|
install -v -m 755 -d %{buildroot}%{_curr_stage1}
|
|
install -v -m 755 -d %{buildroot}%{_curr_stage2}
|
|
|
|
# Symlink targets
|
|
install -v -m 755 -d %{buildroot}%{_bindir}
|
|
install -v -m 755 -d %{buildroot}%{_sysconfdir}/systemd/system/kubelet.service.d
|
|
install -v -m 755 -d %{buildroot}%{_datadir}/bash-completion/completions
|
|
stage1_link %{_bindir} kubeadm
|
|
stage2_link %{_sysconfdir}/systemd/system/kubelet.service.d kubeadm.conf
|
|
stage2_link %{_datadir}/bash-completion/completions kubectl
|
|
stage2_link %{_bindir} kubelet-cgroup-setup.sh
|
|
stage2_link %{_bindir} kubelet
|
|
stage2_link %{_bindir} kubectl
|
|
|
|
# install environment files
|
|
install -v -d -m 0755 %{buildroot}%{_sysconfdir}/%{_k8s_name}
|
|
install -v -m 644 -t %{buildroot}%{_sysconfdir}/%{_k8s_name} contrib/init/systemd/environ/{config,kubelet,kubelet.kubeconfig,proxy}
|
|
|
|
# install config files
|
|
install -v -d -m 0755 %{buildroot}%{_tmpfilesdir}
|
|
install -v -p -m 0644 -t %{buildroot}/%{_tmpfilesdir} contrib/init/systemd/tmpfiles.d/kubernetes.conf
|
|
mkdir -p %{buildroot}/run
|
|
install -v -d -m 0755 %{buildroot}/run/%{_k8s_name}/
|
|
install -p -D -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{_k8s_name}/kubelet_override.yaml
|
|
|
|
install -d %{buildroot}%{local_sbindir}
|
|
# install execution scripts
|
|
install -m 700 %{SOURCE4} %{buildroot}/%{local_sbindir}/upgrade_k8s_config.sh
|
|
|
|
install -m 700 %{SOURCE5} %{buildroot}/%{local_sbindir}/sanitize_kubelet_reserved_cpus.sh
|
|
|
|
# install service files
|
|
install -v -d -m 0755 %{buildroot}%{_unitdir}
|
|
install -v -m 0644 -t %{buildroot}%{_unitdir} contrib/init/systemd/kubelet.service
|
|
|
|
# install the place the kubelet defaults to put volumes (/var/lib/kubelet)
|
|
install -v -d %{buildroot}%{_sharedstatedir}/kubelet
|
|
|
|
# enable CPU and Memory accounting
|
|
install -v -d -m 0755 %{buildroot}/%{_sysconfdir}/systemd/system.conf.d
|
|
install -v -p -m 0644 -t %{buildroot}/%{_sysconfdir}/systemd/system.conf.d %{SOURCE2}
|
|
|
|
%files
|
|
%defattr(-,root,root,-)
|
|
%license LICENSE
|
|
%dir %{_curr_stage1}
|
|
%dir %{_curr_stage2}
|
|
|
|
# the following are execution scripts
|
|
%{local_sbindir}/upgrade_k8s_config.sh
|
|
%{local_sbindir}/sanitize_kubelet_reserved_cpus.sh
|
|
|
|
# the following are symlinks
|
|
%{_bindir}/kubeadm
|
|
%{_bindir}/kubelet
|
|
%{_bindir}/kubelet-cgroup-setup.sh
|
|
%{_bindir}/kubectl
|
|
%dir %{_sysconfdir}/systemd/system/kubelet.service.d
|
|
%{_sysconfdir}/systemd/system/kubelet.service.d/kubeadm.conf
|
|
%{_datadir}/bash-completion/completions/kubectl
|
|
|
|
# the following are common config, environment, service
|
|
%{_unitdir}/kubelet.service
|
|
%dir %{_sharedstatedir}/kubelet
|
|
%dir %{_sysconfdir}/%{_k8s_name}
|
|
%config(noreplace) %{_sysconfdir}/%{_k8s_name}/config
|
|
%config(noreplace) %{_sysconfdir}/%{_k8s_name}/kubelet
|
|
%config(noreplace) %{_sysconfdir}/%{_k8s_name}/kubelet.kubeconfig
|
|
%config(noreplace) %{_sysconfdir}/%{_k8s_name}/kubelet_override.yaml
|
|
%config(noreplace) %{_sysconfdir}/%{_k8s_name}/proxy
|
|
%config(noreplace) %{_sysconfdir}/systemd/system.conf.d/kubernetes-accounting.conf
|
|
%{_tmpfilesdir}/kubernetes.conf
|
|
%verify(not size mtime md5) %attr(755, root,root) %dir /run/%{_k8s_name}
|
|
|
|
%changelog
|