From ef546b761b797b5af4958fb64b8e170f8b03b5323b7a8c4ebcd79e915e135ee5 Mon Sep 17 00:00:00 2001 From: Richard Brown Date: Fri, 10 Mar 2023 15:57:13 +0000 Subject: [PATCH] Accepting request 1069094 from home:psaggu Initial package for kubernetes v1.25 OBS-URL: https://build.opensuse.org/request/show/1069094 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/kubernetes1.25?expand=0&rev=1 --- .gitattributes | 23 ++ .gitignore | 1 + 10-kubeadm.conf | 16 ++ 90-kubeadm.conf | 2 + _constraints | 23 ++ _service | 19 ++ _servicedata | 4 + genmanpages.sh | 84 ++++++ kubeadm-opensuse-flexvolume.patch | 11 + kubeadm-opensuse-registry.patch | 26 ++ kubeadm.conf | 2 + kubelet.service | 16 ++ kubelet.sh | 12 + kubelet.tmp.conf | 2 + kubernetes-1.25.7.tar.xz | 3 + kubernetes-rpmlintrc | 4 + kubernetes.obsinfo | 4 + kubernetes1.25.changes | 91 +++++++ kubernetes1.25.spec | 407 ++++++++++++++++++++++++++++ opensuse-version-checks.patch | 25 ++ revert-coredns-image-renaming.patch | 32 +++ sysconfig.kubelet-kubernetes | 1 + 22 files changed, 808 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 10-kubeadm.conf create mode 100644 90-kubeadm.conf create mode 100644 _constraints create mode 100644 _service create mode 100644 _servicedata create mode 100644 genmanpages.sh create mode 100644 kubeadm-opensuse-flexvolume.patch create mode 100644 kubeadm-opensuse-registry.patch create mode 100644 kubeadm.conf create mode 100644 kubelet.service create mode 100644 kubelet.sh create mode 100644 kubelet.tmp.conf create mode 100644 kubernetes-1.25.7.tar.xz create mode 100644 kubernetes-rpmlintrc create mode 100644 kubernetes.obsinfo create mode 100644 kubernetes1.25.changes create mode 100644 kubernetes1.25.spec create mode 100644 opensuse-version-checks.patch create mode 100644 revert-coredns-image-renaming.patch create mode 100644 sysconfig.kubelet-kubernetes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/10-kubeadm.conf b/10-kubeadm.conf new file mode 100644 index 0000000..e02d147 --- /dev/null +++ b/10-kubeadm.conf @@ -0,0 +1,16 @@ +# Note: This dropin only works with kubeadm and kubelet v1.11+ +[Service] +Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --volume-plugin-dir=PATH_TO_FLEXVOLUME" +Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" +# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically +EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env +# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use +# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. +EnvironmentFile=-/etc/sysconfig/kubelet +# Workaround boo#1171770 by setting required sysctl parameters on kubelet start (Toggle off and on to ensure all ethernet devices are refreshed) +ExecStartPre=/usr/sbin/sysctl net.ipv4.ip_forward=0 +ExecStartPre=/usr/sbin/sysctl net.ipv6.conf.all.forwarding=0 +ExecStartPre=/usr/sbin/sysctl net.ipv4.ip_forward=1 +ExecStartPre=/usr/sbin/sysctl net.ipv6.conf.all.forwarding=1 +ExecStart= +ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS diff --git a/90-kubeadm.conf b/90-kubeadm.conf new file mode 100644 index 0000000..d3c8e20 --- /dev/null +++ b/90-kubeadm.conf @@ -0,0 +1,2 @@ +# The file is provided as part of the kubernetes-kubeadm package +net.ipv4.ip_forward = 1 diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..ab2e45d --- /dev/null +++ b/_constraints @@ -0,0 +1,23 @@ + + + + 8 + + + 8 + + + 13 + + + + + ppc64le + + + + 9600 + + + + diff --git a/_service b/_service new file mode 100644 index 0000000..952975a --- /dev/null +++ b/_service @@ -0,0 +1,19 @@ + + + https://github.com/kubernetes/kubernetes.git + git + .git + @PARENT_TAG@ + v(.*) + v1.25.7 + enable + + + + *.tar + xz + + + kubernetes + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..c368c39 --- /dev/null +++ b/_servicedata @@ -0,0 +1,4 @@ + + + https://github.com/kubernetes/kubernetes.git + 723bcdb232300aaf5e147ff19b4df7ec8a20278d \ No newline at end of file diff --git a/genmanpages.sh b/genmanpages.sh new file mode 100644 index 0000000..cb50da3 --- /dev/null +++ b/genmanpages.sh @@ -0,0 +1,84 @@ +MDSFORMANPAGES="kube-apiserver.md kube-controller-manager.md kube-proxy.md kube-scheduler.md kubelet.md" + +# remove comments from man pages +for manpage in ${MDSFORMANPAGES}; do + pos=$(grep -n "<\!-- END MUNGE: UNVERSIONED_WARNING -->" ${manpage} | cut -d':' -f1) + if [ -n ${pos} ]; then + sed -i "1,${pos}{/.*/d}" ${manpage} + fi +done + +# for each man page add NAME and SYNOPSIS section +# kube-apiserver +sed -i -s "s/## kube-apiserver/# NAME\nkube-apiserver \- Provides the API for kubernetes orchestration.\n\n# SYNOPSIS\n**kube-apiserver** [OPTIONS]\n/" kube-apiserver.md + +cat << 'EOF' >> kube-apiserver.md +# EXAMPLES +``` +/usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd_servers=http://127.0.0.1:4001 --insecure_bind_address=127.0.0.1 --insecure_port=8080 --kubelet_port=10250 --service-cluster-ip-range=10.1.1.0/24 --allow_privileged=false +``` +EOF +# kube-controller-manager +sed -i -s "s/## kube-controller-manager/# NAME\nkube-controller-manager \- Enforces kubernetes services.\n\n# SYNOPSIS\n**kube-controller-manager** [OPTIONS]\n/" kube-controller-manager.md + +cat << 'EOF' >> kube-controller-manager.md +# EXAMPLES +``` +/usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=127.0.0.1:8080 +``` +EOF +# kube-proxy +sed -i -s "s/## kube-proxy/# NAME\nkube-proxy \- Provides network proxy services.\n\n# SYNOPSIS\n**kube-proxy** [OPTIONS]\n/" kube-proxy.md + +cat << 'EOF' >> kube-proxy.md +# EXAMPLES +``` +/usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080 +``` +EOF +# kube-scheduler +sed -i -s "s/## kube-scheduler/# NAME\nkube-scheduler \- Schedules containers on hosts.\n\n# SYNOPSIS\n**kube-scheduler** [OPTIONS]\n/" kube-scheduler.md + +cat << 'EOF' >> kube-scheduler.md +# EXAMPLES +``` +/usr/bin/kube-scheduler --logtostderr=true --v=0 --master=127.0.0.1:8080 +``` +EOF +# kubelet +sed -i -s "s/## kubelet/# NAME\nkubelet \- Processes a container manifest so the containers are launched according to how they are described.\n\n# SYNOPSIS\n**kubelet** [OPTIONS]\n/" kubelet.md + +cat << 'EOF' >> kubelet.md +# EXAMPLES +``` +/usr/bin/kubelet --logtostderr=true --v=0 --api_servers=http://127.0.0.1:8080 --address=127.0.0.1 --port=10250 --hostname_override=127.0.0.1 --allow-privileged=false +``` +EOF + +# for all man-pages +for md in $MDSFORMANPAGES; do + # correct section names + sed -i -s "s/### Synopsis/# DESCRIPTION/" $md + sed -i -s "s/### Options/# OPTIONS/" $md + # add header + sed -i "s/# NAME/% KUBERNETES(1) kubernetes User Manuals\n# NAME/" $md + # modify list of options + # options with no value in "" + sed -i -r 's/(^ )(-[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md + # option with value in "" + sed -i -r 's/(^ )(-[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md + # options in -s, --long + sed -i -r 's/(^ )(-[a-z], -[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md + sed -i -r 's/(^ )(-[a-z], -[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md + # remove ``` + sed -i 's/```//' $md + # remove all lines starting with ###### + sed -i 's/^######.*//' $md + # modify footer + sed -i -r "s/^\[!\[Analytics\].*//" $md + # md does not contain section => taking 1 + name="${md%.md}" + go-md2man -in $md -out man/man1/$name.1 +done + + diff --git a/kubeadm-opensuse-flexvolume.patch b/kubeadm-opensuse-flexvolume.patch new file mode 100644 index 0000000..fd72197 --- /dev/null +++ b/kubeadm-opensuse-flexvolume.patch @@ -0,0 +1,11 @@ +--- cmd/kubeadm/app/phases/controlplane/volumes.go ++++ cmd/kubeadm/app/phases/controlplane/volumes.go 2020-01-13 16:27:04.267070673 +0100 +@@ -33,7 +33,7 @@ + caCertsVolumeName = "ca-certs" + caCertsVolumePath = "/etc/ssl/certs" + flexvolumeDirVolumeName = "flexvolume-dir" +- defaultFlexvolumeDirVolumePath = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec" ++ defaultFlexvolumeDirVolumePath = "/var/lib/kubelet/volume-plugin" + ) + + // caCertsExtraVolumePaths specifies the paths that can be conditionally mounted into the apiserver and controller-manager containers diff --git a/kubeadm-opensuse-registry.patch b/kubeadm-opensuse-registry.patch new file mode 100644 index 0000000..f599d13 --- /dev/null +++ b/kubeadm-opensuse-registry.patch @@ -0,0 +1,26 @@ +Index: kubernetes-1.24.11/cmd/kubeadm/app/apis/kubeadm/v1beta2/defaults.go +=================================================================== +--- kubernetes-1.24.11.orig/cmd/kubeadm/app/apis/kubeadm/v1beta2/defaults.go ++++ kubernetes-1.24.11/cmd/kubeadm/app/apis/kubeadm/v1beta2/defaults.go +@@ -41,7 +41,7 @@ const ( + DefaultCertificatesDir = "/etc/kubernetes/pki" + // DefaultImageRepository defines default image registry + // (previously this defaulted to k8s.gcr.io) +- DefaultImageRepository = "registry.k8s.io" ++ DefaultImageRepository = "registry.opensuse.org/kubic" + // DefaultManifestsDir defines default manifests directory + DefaultManifestsDir = "/etc/kubernetes/manifests" + // DefaultClusterName defines the default cluster name +Index: kubernetes-1.24.11/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go +=================================================================== +--- kubernetes-1.24.11.orig/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go ++++ kubernetes-1.24.11/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go +@@ -43,7 +43,7 @@ const ( + DefaultCertificatesDir = "/etc/kubernetes/pki" + // DefaultImageRepository defines default image registry + // (previously this defaulted to k8s.gcr.io) +- DefaultImageRepository = "registry.k8s.io" ++ DefaultImageRepository = "registry.opensuse.org/kubic" + // DefaultManifestsDir defines default manifests directory + DefaultManifestsDir = "/etc/kubernetes/manifests" + // DefaultClusterName defines the default cluster name diff --git a/kubeadm.conf b/kubeadm.conf new file mode 100644 index 0000000..5efd4d7 --- /dev/null +++ b/kubeadm.conf @@ -0,0 +1,2 @@ +# Load br_netfilter module at boot +br_netfilter diff --git a/kubelet.service b/kubelet.service new file mode 100644 index 0000000..72444a0 --- /dev/null +++ b/kubelet.service @@ -0,0 +1,16 @@ +[Unit] +Description=kubelet: The Kubernetes Node Agent +Documentation=https://kubernetes.io/docs/ +After=network.target network-online.target +Wants=docker.service crio.service +ConditionPathExists=/var/lib/kubelet/config.yaml + +[Service] +ExecStartPre=/bin/bash -c "findmnt -t bpf --mountpoint /sys/fs/bpf > /dev/null || mount bpffs /sys/fs/bpf -t bpf" +ExecStart=/usr/bin/kubelet +Restart=always +StartLimitInterval=0 +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/kubelet.sh b/kubelet.sh new file mode 100644 index 0000000..5f957ab --- /dev/null +++ b/kubelet.sh @@ -0,0 +1,12 @@ +#!/bin/sh +# Loader Script for Multi-Version Kubelet arrangement introduced to openSUSE in March 2020 +source /etc/sysconfig/kubelet + +if [ -z "$KUBELET_VER" ] +then + echo "ERROR: KUBELET_VER= not defined in /etc/sysconfig/kubelet" + exit 1 +else + /usr/bin/kubelet$KUBELET_VER "$@" +fi + diff --git a/kubelet.tmp.conf b/kubelet.tmp.conf new file mode 100644 index 0000000..2ec3840 --- /dev/null +++ b/kubelet.tmp.conf @@ -0,0 +1,2 @@ +d /var/lib/cni 0755 root root - +d /var/lib/kubelet 0755 root root - diff --git a/kubernetes-1.25.7.tar.xz b/kubernetes-1.25.7.tar.xz new file mode 100644 index 0000000..40e64fe --- /dev/null +++ b/kubernetes-1.25.7.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:05ad68ae152e9efd2a750703c0cd34a2e18d110359b4e2569c438eeb8efe5444 +size 22696508 diff --git a/kubernetes-rpmlintrc b/kubernetes-rpmlintrc new file mode 100644 index 0000000..25dd18f --- /dev/null +++ b/kubernetes-rpmlintrc @@ -0,0 +1,4 @@ +addFilter ("^kubernetes-unit-test.*: E: devel-file-in-non-devel-package") +addFilter ("^kubernetes-master.*: W: statically-linked-binary") +addFilter ("^kubernetes-extra.*: E: env-script-interpreter") +addFilter ("^kubernetes-extra.*: E: wrong-script-interpreter") diff --git a/kubernetes.obsinfo b/kubernetes.obsinfo new file mode 100644 index 0000000..d5e3342 --- /dev/null +++ b/kubernetes.obsinfo @@ -0,0 +1,4 @@ +name: kubernetes +version: 1.25.7 +mtime: 1677074210 +commit: 723bcdb232300aaf5e147ff19b4df7ec8a20278d diff --git a/kubernetes1.25.changes b/kubernetes1.25.changes new file mode 100644 index 0000000..a0098f7 --- /dev/null +++ b/kubernetes1.25.changes @@ -0,0 +1,91 @@ +------------------------------------------------------------------- +Fri Mar 3 04:56:17 UTC 2023 - Priyanka Saggu + +- Update to version 1.25.7: + * Release commit for Kubernetes v1.25.7 + * releng: Update images, dependencies and version to Go 1.19.6 + * Update golang.org/x/net to v0.7.0 + * Pin golang.org/x/net to v0.4.0 in 1.25 + * kubelet/client: collapse transport wiring onto standard approach + * apiserver: remove 34s from DELETECOLLECTION rest handler + * update prev succeeded indexes for indexed jobs unconditionally + * Fix nil pointer error in nodevolumelimits csi logging + * Fix panic on ClusterIP allocation for /28 subnets + * use custom dialer for http probes + * use custom dialer for tcp probes + * add custom dialer optimized for probes + * bump honnef.co/go/tools to support go1.20 + * Do not include scheduler name in the preemption event message + * Do not leak cross namespace pod metadata in preemption events + * pkg/controller/job: re-honor exponential backoff + * Explicitly call rand.Seed() method + * Exports WarningPrinter field in DeleteOptions + * Improve vendor verification works for each staging repo + * Bump konnectivity-client to v0.0.35 + * Cherry pick 114857 to release-1.25 + * Update daemonSet status even if syncDaemonSet fails + * Fix issues in volumesnapshot test for ephemeral storage + * Add pod to dsw if termination is not completed during reconstruction #issues/113979 + * Add .go-version file containing build go version + * Windows Kube-Proxy implementation for internal traffic policy. + * Fix a regression that scheduler always go through all Filter plugins + * Fix SPDY proxy authentication with special chars + * Improve error message when proxy connection fails + * Creating Ingress IP loadbalancer alone when all the endpoints are terminating. KEP1669 + * Update golang.org/x/net 1e63c2f + * image pull event include duration with waiting + * kubelet: make the image pull time more accurate in event + * use etcd 3.5.6-0 after promotion + * changelog: CVE-2022-3294 and CVE-2022-3162 were fixed in v1.23.14 + * upgrade system-validators to v1.8.0 for a bugfix of cgroupv2 io check + * Introducing LoadbalancerPortMapping flags for VipExternalIP + * egress_selector: prevent goroutines leak on connect() step. + * allow noop-ignoring transformer to be configurable + * Add CVE-2022-3162 to CHANGELOG-1.25.md + * e2e: use custom timeouts in GetSnapshotContentFromSnapshot() + * StatefulSet: Cleanup the complex defer function updating the status + * added retries to winkernel proxy rules deletion + * added backend hashing to winkernel proxier + * kubelet: fix pod log line corruption when using timestamps and long lines + * Disable expansion in SC, if driver does not support it + * Fixed (CVE-2022-27664) Bump golang.org/x/net to v0.1.1-0.20221027164007-c63010009c80 + * add GetAllocatableCPUs test in cpumanager + * fix GetAllocatableCPUs in cpumanager + * NodeLifecycleController: Remove race condition + * Merge pull request #113133 from sxllwx:automated-cherry-pick-of-#113133-upstream-release-1.25 + * kube-proxy wait for cluster cidr skip delete events + * kube-proxy handle node PodCIDR changs + * kube-proxy: gate topology correctly + * service update event should be triggered when appProtocol in port is changed. + * remove in-tree volume limits test now that CSIMigration is GA + * Fix winkernel proxier setting the wrong HNS loadbalancer ID for ingress IP + * Revert "De-duping node "update enqueuing"/sync predicates" + * Revert "Avoid re-syncing LBs for ETP=local svc" + * Revert "[CCM - service controller] Remove schedulability predicate for LB set" + * kubeadm: allow RSA and ECDSA format keys in preflight check + * kube-scheduler: add taints filtering logic consistent with TaintToleration plugin for PodTopologySpread plugin + * Fix calculating error when adding nominated pods in podTopologySpread + * Call SetupDevice only if Volume is not globally Mounted + * Add zone field to vsphere test cloudconfig + * Ensure metric 'running_managed_controllers' is registered + * Reduce default gzip compression level from 4 to 1 in apiserver + * Fix the TestRoundTripTypes by adding default to the fuzzer + * exec auth: support TLS config caching + * Call queueSet::boundNextDispatchLocked enough + * Marshal MicroTime to json and proto at the same precision + * Avoid propagating `search .` into containers /etc/resolv.conf + * Tolerate sub-microsecond eventTime changes on update + * e2e: suppress progress messages for custom progress reporter + * dependencies: update to ginkgo v2.1.6 and gomega v1.20.1 + * Run lint-dependencies.sh/pin-dependency.sh/update-vendor.sh. + * regression test for exponential recursion bug on CRDs + * fix nestedPendingOperations mount and umount parallel bug + * Revert "promote LocalStorageCapacityIsolationFSQuotaMonitoring to beta" + * client-go/rest: check if url is nil to prevent nil pointer dereference + * Revert "client-go: remove no longer used finalURLTemplate" + + +------------------------------------------------------------------- +Thu Mar 2 13:32:23 UTC 2023 - Priyanka Saggu + +- Initial package diff --git a/kubernetes1.25.spec b/kubernetes1.25.spec new file mode 100644 index 0000000..cc9a6ff --- /dev/null +++ b/kubernetes1.25.spec @@ -0,0 +1,407 @@ +# +# spec file +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{!?tmpfiles_create:%global tmpfiles_create systemd-tmpfiles --create} +# baseversion - version of kubernetes for this package +%define baseversion 1.25 +%define baseversionminus1 1.24 + +Name: kubernetes%{baseversion} +Version: 1.25.7 +Release: 0 +Summary: Container Scheduling and Management +License: Apache-2.0 +Group: System/Management +URL: https://kubernetes.io/ +Source: kubernetes-%{version}.tar.xz +Source2: genmanpages.sh +Source3: kubelet.sh +#systemd services +Source10: kubelet.service +#config files +Source22: sysconfig.kubelet-kubernetes +Source23: kubeadm.conf +Source24: 90-kubeadm.conf +Source25: 10-kubeadm.conf +Source27: kubelet.tmp.conf +Source28: kubernetes-rpmlintrc +Source29: kubernetes.obsinfo +# Patch to change the default registry to registry.opensuse.org/kubic +Patch2: kubeadm-opensuse-registry.patch +# Patch to change the version check server to kubic.opensuse.org +Patch3: opensuse-version-checks.patch +# Patch to change the default flexvolume path in kubeadm to match that used by our kubelet, else kubeadm tries to write to /usr when kubelet is already looking at a path on /var thanks to the fix to bsc#1084766 +Patch4: kubeadm-opensuse-flexvolume.patch +# Patch to revert renaming of coredns image location to match how it's done on download.opensuse.org +Patch5: revert-coredns-image-renaming.patch +BuildRequires: bash-completion +BuildRequires: fdupes +BuildRequires: git +BuildRequires: go-go-md2man +BuildRequires: golang-packaging +BuildRequires: rsync +BuildRequires: systemd-rpm-macros +BuildRequires: golang(API) = 1.19 +BuildRequires: golang(github.com/jteeuwen/go-bindata) +ExcludeArch: %{ix86} s390 ppc64 + +%description +Kubernetes is a system for automating deployment, scaling, and +management of containerized applications. + +It groups containers that make up an application into logical units +for management and discovery. + + + +# packages to build containerized control plane +%package apiserver +Summary: Kubernetes apiserver for container image +Group: System/Management +Provides: kubernetes-apiserver-provider = %{version} +Conflicts: kubernetes-apiserver-provider + +%description apiserver +This subpackage contains the kube-apiserver binary for Kubic images + +%package controller-manager +Summary: Kubernetes controller-manager for container image +Group: System/Management +Provides: kubernetes-controller-manager-provider = %{version} +Conflicts: kubernetes-controller-manager-provider + +%description controller-manager +This subpackage contains the kube-controller-manager binary for Kubic images + +%package scheduler +Summary: Kubernetes scheduler for container image +Group: System/Management +Provides: kubernetes-scheduler-provider = %{version} +Conflicts: kubernetes-scheduler-provider + +%description scheduler +This subpackage contains the kube-scheduler binary for Kubic images + +%package proxy +Summary: Kubernetes proxy for container image +Group: System/Management +Provides: kubernetes-proxy-provider = %{version} +Conflicts: kubernetes-proxy-provider +Requires: conntrack-tools +Requires: ebtables +Requires: ipset +Requires: iptables + +%description proxy +This subpackage contains the kube-proxy binary for Kubic images + +%package kubelet +Summary: Kubernetes kubelet daemon +Group: System/Management +Requires: cri-runtime +Requires: kubernetes-kubelet-common +Provides: kubernetes-kubelet%{baseversion} = %{version} +Obsoletes: kubernetes-kubelet%{baseversion} < %{version} +%{?systemd_requires} + +%description kubelet +Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops. +kubelet daemon (current version) + +%package kubelet-common +Summary: Kubernetes kubelet daemon +Group: System/Management +Requires: cri-runtime +Requires: kubernetes-kubelet%{baseversion} +Provides: kubernetes-kubelet-common = %{version} +Conflicts: kubernetes-kubelet-common + +%description kubelet-common +Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops. +kubelet daemon + +%package kubeadm +Summary: Kubernetes kubeadm bootstrapping tool +Group: System/Management +Provides: kubernetes-kubeadm-provider = %{version} +Conflicts: kubernetes-kubeadm-provider +Obsoletes: kubernetes%{baseversionminus1}-kubeadm +Requires: cri-runtime +Requires: cri-tools +Requires: ebtables +Requires: ethtool +Requires: kubernetes-kubeadm-criconfig +Requires: socat +Requires(pre): shadow +Requires: (kubernetes%{baseversion}-kubelet or kubernetes%{baseversionminus1}-kubelet) + +%description kubeadm +Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops. +kubeadm bootstrapping tool + +%package client +Summary: Kubernetes client tools +Group: System/Management +Provides: kubernetes-client-provider = %{version} +Requires: kubernetes-client-common >= %{version} +Requires(post): update-alternatives +Requires(postun):update-alternatives + +%description client +Kubernetes client tools like kubectl. + +%package client-common +Summary: Kubernetes client tools common files +Group: System/Management +Requires: kubernetes%{baseversion}-client +Provides: kubernetes-client-common = %{version} +Conflicts: kubernetes-client-common +Obsoletes: kubernetes%{baseversionminus1}-client-common +Recommends: bash-completion + +%description client-common +Kubernetes client tools common files + +%prep +%setup -q -n kubernetes-%{version} +%patch2 -p1 +%patch3 -p1 +%patch4 -p0 +%patch5 -p1 + +%build +# This is fixing bug bsc#1065972 +export KUBE_GIT_COMMIT=$(grep "commit:" %{SOURCE29} | cut -d ":" -f2 | tr -d " ") +# KUBE_GIT_TREE_STATE="clean" indicates no changes since the git commit id +# KUBE_GIT_TREE_STATE="dirty" indicates source code changes after the git commit id +export KUBE_GIT_TREE_STATE="clean" +export KUBE_GIT_VERSION=v%{version} + +# https://bugzilla.redhat.com/show_bug.cgi?id=1392922#c1 +%ifarch ppc64le +export GOLDFLAGS='-linkmode=external' +%endif + +#TEST +make WHAT="cmd/kube-apiserver cmd/kube-controller-manager cmd/kube-scheduler cmd/kube-proxy cmd/kubelet cmd/kubectl cmd/kubeadm" GOFLAGS="-buildmode=pie" + +# The majority of the documentation has already been moved into +# http://kubernetes.io/docs/admin, and most of the files stored in the `docs` +# directory simply point there. That being said, some of the files are actual +# man pages, but they have to be generated with `hack/generate-docs.sh`. So, +# let's do that and run `genmanpages.sh`. +./hack/generate-docs.sh || true +pushd docs +pushd admin +cp kube-apiserver.md kube-controller-manager.md kube-proxy.md kube-scheduler.md kubelet.md .. +popd +cp %{SOURCE2} genmanpages.sh +bash genmanpages.sh +popd + +%install + +%ifarch ppc64le aarch64 +output_path="_output/local/go/bin" +%else +output_path="_output/local/bin/linux/%{go_arch}" +%endif + +install -m 755 -d %{buildroot}%{_bindir} + +echo "+++ INSTALLING kubeadm" +install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubeadm + +binaries=(kube-apiserver kube-controller-manager kube-scheduler kube-proxy) +for bin in "${binaries[@]}"; do + echo "+++ INSTALLING ${bin}" + install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/${bin} +done + +for bin in kubelet kubectl; do + echo "+++ INSTALLING ${bin} with %{baseversion} suffix" + install -p -m 755 ${output_path}/${bin} %{buildroot}%{_bindir}/${bin}%{baseversion} +done + +echo "+++ INSTALLING kubelet multi-version loader" +install -p -m 755 %{SOURCE3} %{buildroot}%{_bindir}/kubelet + +# create sysconfig.kubelet-kubernetes in fullupdir +sed -i -e 's|BASE_VERSION|%{baseversion}|g' %{SOURCE22} +install -D -m 0644 %{SOURCE22} %{buildroot}%{_fillupdir}/sysconfig.kubelet-kubernetes%{baseversion} + +# install the bash completion +install -d -m 0755 %{buildroot}%{_datadir}/bash-completion/completions/ +%{buildroot}%{_bindir}/kubectl%{baseversion} completion bash > %{buildroot}%{_datadir}/bash-completion/completions/kubectl + +# move CHANGELOG-%{baseversion}.md to old location +mv CHANGELOG/CHANGELOG-%{baseversion}.md . + +# cleanup before copying dirs... +rm -f hack/.linted_packages +find . -name '.gitignore' -type f -delete +find hack -name '*.sh.orig' -type f -delete +find hack -name '.golint_*' -type f -delete + +# systemd service +install -d -m 0755 %{buildroot}%{_unitdir} +install -m 0644 -t %{buildroot}%{_unitdir}/ %{SOURCE10} + +# make symlinks to rc files +install -d -m 0755 %{buildroot}%{_sbindir} +ln -sf service "%{buildroot}%{_sbindir}/rckubelet" + +# install manpages +install -d %{buildroot}%{_mandir}/man1 +install -p -m 644 docs/man/man1/* %{buildroot}%{_mandir}/man1 + +# create config folder +install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name} + +# manifests file for the kubelet +install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/manifests + +# place kubernetes.tmp.conf to /usr/lib/tmpfiles.d/kubernetes.conf +install -d -m 0755 %{buildroot}%{_tmpfilesdir} +install -D -m 0644 %{SOURCE27} %{buildroot}/%{_tmpfilesdir}/kubelet.conf + +# install the place the kubelet defaults to put volumes +install -d %{buildroot}%{_localstatedir}/lib/kubelet + +%define volume_plugin_dir %{_localstatedir}/lib/kubelet/volume-plugin +install -d %{buildroot}/%{volume_plugin_dir} + +# Add kubeadm modprobe.d and sysctl.d drop-in configs +mkdir -p %{buildroot}%{_prefix}/lib/modules-load.d +mkdir -p %{buildroot}%{_sysctldir} +install -m 0644 -t %{buildroot}%{_prefix}/lib/modules-load.d/ %{SOURCE23} +install -m 0644 -t %{buildroot}%{_sysctldir} %{SOURCE24} + +# Create kubeadm systemd unit drop-in +install -d -m 0755 %{buildroot}%{_unitdir}/kubelet.service.d +sed -i -e 's|PATH_TO_FLEXVOLUME|%{volume_plugin_dir}|g' %{SOURCE25} +install -m 0644 -t %{buildroot}%{_unitdir}/kubelet.service.d/ %{SOURCE25} + +# alternatives +ln -s -f %{_sysconfdir}/alternatives/kubectl %{buildroot}%{_bindir}/kubectl + +%fdupes -s %{buildroot} + +%post client-common +%{_sbindir}/update-alternatives \ + --install %{_bindir}/kubectl kubectl %{_bindir}/kubectl%{baseversion} %(echo %{baseversion} | tr -d .) + +%postun client-common +if [ ! -f %{_bindir}/kubectl%{baseversion} ] ; then + update-alternatives --remove kubectl %{_bindir}/kubectl%{baseversion} +fi + +%pre kubelet-common +%service_add_pre kubelet.service + +%post kubelet-common +%fillup_only -an kubelet +%service_add_post kubelet.service +%if 0%{?suse_version} < 1500 +# create some subvolumes needed by CNI +if [ ! -e %{_localstatedir}/lib/cni ]; then + if [ "`findmnt -o FSTYPE -l /|grep -v FSTYPE`" = "btrfs" ]; then + %{_sbindir}/mksubvolume %{_localstatedir}/lib/cni + fi +fi +%endif +%tmpfiles_create %{_tmpfilesdir}/kubelet.conf + +%preun kubelet-common +%service_del_preun kubelet.service + +%postun kubelet-common +%service_del_postun kubelet.service + +%files kubelet-common +%doc README.md CONTRIBUTING.md CHANGELOG-%{baseversion}.md +%license LICENSE +%{_mandir}/man1/kubelet.1%{?ext_man} +%{_bindir}/kubelet +%{_unitdir}/kubelet.service +%dir %{_unitdir}/kubelet.service.d +%{_sbindir}/rckubelet +%dir %{_localstatedir}/lib/kubelet +%dir %{_sysconfdir}/%{name} +%dir %{_sysconfdir}/%{name}/manifests +%{_tmpfilesdir}/kubelet.conf +%attr(0750,root,root) %dir %ghost %{_rundir}/%{name} +%dir %{volume_plugin_dir} +%{_fillupdir}/sysconfig.kubelet-kubernetes%{baseversion} + +# openSUSE is using kubeadm with containerizied control plane, we +# only need the binaries + +%files apiserver +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_mandir}/man1/kube-apiserver.1%{?ext_man} +%{_bindir}/kube-apiserver + +%files controller-manager +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_mandir}/man1/kube-controller-manager.1%{?ext_man} +%{_bindir}/kube-controller-manager + +%files scheduler +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_mandir}/man1/kube-scheduler.1%{?ext_man} +%{_bindir}/kube-scheduler + +%files proxy +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_mandir}/man1/kube-proxy.1%{?ext_man} +%{_bindir}/kube-proxy + +%files kubelet +%license LICENSE +%{_bindir}/kubelet%{baseversion} + +%files kubeadm +%doc README.md CONTRIBUTING.md CHANGELOG-%{baseversion}.md +%{_unitdir}/kubelet.service.d/10-kubeadm.conf +%dir %{_prefix}/lib/modules-load.d +%{_prefix}/lib/modules-load.d/kubeadm.conf +%{_sysctldir}/90-kubeadm.conf +%license LICENSE +%{_bindir}/kubeadm +%{_mandir}/man1/kubeadm* + +%files client +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_bindir}/kubectl +%{_bindir}/kubectl%{baseversion} +%ghost %_sysconfdir/alternatives/kubectl + +%files client-common +%doc README.md CONTRIBUTING.md +%license LICENSE +%{_mandir}/man1/kubectl.1%{?ext_man} +%{_mandir}/man1/kubectl-* +%{_datadir}/bash-completion/completions/kubectl + +%changelog diff --git a/opensuse-version-checks.patch b/opensuse-version-checks.patch new file mode 100644 index 0000000..a8d332d --- /dev/null +++ b/opensuse-version-checks.patch @@ -0,0 +1,25 @@ +From 16e70f84cf9c5a72607efe86f0e030ac05fdd7f9 Mon Sep 17 00:00:00 2001 +From: Richard Brown +Date: Wed, 14 Apr 2021 17:04:02 +0200 +Subject: [PATCH] Use kubic.opensuse.org for kubeadm version checks + +--- + cmd/kubeadm/app/util/version.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cmd/kubeadm/app/util/version.go b/cmd/kubeadm/app/util/version.go +index a0e9b08bf2b..c693b11ed18 100644 +--- a/cmd/kubeadm/app/util/version.go ++++ b/cmd/kubeadm/app/util/version.go +@@ -38,7 +38,7 @@ const ( + ) + + var ( +- kubeReleaseBucketURL = "https://dl.k8s.io" ++ kubeReleaseBucketURL = "https://kubic.opensuse.org" + kubeCIBucketURL = "https://storage.googleapis.com/k8s-release-dev" + kubeReleaseRegex = regexp.MustCompile(`^v?(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)([-0-9a-zA-Z_\.+]*)?$`) + kubeReleaseLabelRegex = regexp.MustCompile(`^((latest|stable)+(-[1-9](\.[1-9]([0-9])?)?)?)\z`) +-- +2.31.1 + diff --git a/revert-coredns-image-renaming.patch b/revert-coredns-image-renaming.patch new file mode 100644 index 0000000..4c3ef89 --- /dev/null +++ b/revert-coredns-image-renaming.patch @@ -0,0 +1,32 @@ +From d30667d8b6e96a4e50c0eb6b4cf6d4a615041f74 Mon Sep 17 00:00:00 2001 +From: Richard Brown +Date: Thu, 16 Dec 2021 10:07:03 +0100 +Subject: [PATCH] Patch openSUSE revert coredns image renaming + +--- + cmd/kubeadm/app/images/images.go | 5 ----- + 1 file changed, 5 deletions(-) + +Index: kubernetes-1.24.11/cmd/kubeadm/app/images/images.go +=================================================================== +--- kubernetes-1.24.11.orig/cmd/kubeadm/app/images/images.go ++++ kubernetes-1.24.11/cmd/kubeadm/app/images/images.go +@@ -22,7 +22,6 @@ import ( + "k8s.io/klog/v2" + + kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" +- kubeadmapiv1beta2 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2" + "k8s.io/kubernetes/cmd/kubeadm/app/constants" + kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" + ) +@@ -48,10 +47,6 @@ func GetDNSImage(cfg *kubeadmapi.Cluster + if cfg.DNS.ImageRepository != "" { + dnsImageRepository = cfg.DNS.ImageRepository + } +- // Handle the renaming of the official image from "registry.k8s.io/coredns" to "registry.k8s.io/coredns/coredns +- if dnsImageRepository == kubeadmapiv1beta2.DefaultImageRepository { +- dnsImageRepository = fmt.Sprintf("%s/coredns", dnsImageRepository) +- } + // DNS uses an imageTag that corresponds to the DNS version matching the Kubernetes version + dnsImageTag := constants.CoreDNSVersion + diff --git a/sysconfig.kubelet-kubernetes b/sysconfig.kubelet-kubernetes new file mode 100644 index 0000000..923a402 --- /dev/null +++ b/sysconfig.kubelet-kubernetes @@ -0,0 +1 @@ +KUBELET_VER=BASE_VERSION