From 6e953886724ebaa9d2c865332a53e7a0ab2aaf44 Mon Sep 17 00:00:00 2001 From: Daniel Smith Date: Mon, 1 Jun 2015 16:59:16 -0700 Subject: [PATCH] allow kubectl to be built statically * Package kubectl in a container * Add example with a pod using kubectl as a sidecar --- examples/kubectl-container/.gitignore | 2 + examples/kubectl-container/Dockerfile | 18 +++++++++ examples/kubectl-container/Makefile | 30 +++++++++++++++ examples/kubectl-container/README.md | 21 +++++++++++ examples/kubectl-container/pod.json | 54 +++++++++++++++++++++++++++ hack/lib/golang.sh | 5 +++ 6 files changed, 130 insertions(+) create mode 100644 examples/kubectl-container/.gitignore create mode 100644 examples/kubectl-container/Dockerfile create mode 100644 examples/kubectl-container/Makefile create mode 100644 examples/kubectl-container/README.md create mode 100644 examples/kubectl-container/pod.json diff --git a/examples/kubectl-container/.gitignore b/examples/kubectl-container/.gitignore new file mode 100644 index 00000000000..50a4a06fd1d --- /dev/null +++ b/examples/kubectl-container/.gitignore @@ -0,0 +1,2 @@ +kubectl +.tag diff --git a/examples/kubectl-container/Dockerfile b/examples/kubectl-container/Dockerfile new file mode 100644 index 00000000000..d27d3573644 --- /dev/null +++ b/examples/kubectl-container/Dockerfile @@ -0,0 +1,18 @@ +# Copyright 2014 Google Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM scratch +MAINTAINER Daniel Smith +ADD kubectl kubectl +ENTRYPOINT ["/kubectl"] diff --git a/examples/kubectl-container/Makefile b/examples/kubectl-container/Makefile new file mode 100644 index 00000000000..b13b09d2ec4 --- /dev/null +++ b/examples/kubectl-container/Makefile @@ -0,0 +1,30 @@ +# Use: +# +# `make kubectl` will build kubectl. +# `make tag` will suggest a tag. +# `make container` will build a container-- you must supply a tag. +# `make push` will push the container-- you must supply a tag. + +kubectl: + KUBE_STATIC_OVERRIDES="kubectl" ../../hack/build-go.sh cmd/kubectl; cp ../../_output/local/bin/linux/amd64/kubectl . + +.tag: kubectl + ./kubectl version -c | grep -o 'GitVersion:"[^"]*"' | cut -f 2 -d '"' > .tag + +tag: .tag + @echo "Suggest using TAG=$(shell cat .tag)" + @echo "$$ make container TAG=$(shell cat .tag)" + @echo "or" + @echo "$$ make push TAG=$(shell cat .tag)" + +container: + $(if $(TAG),,$(error TAG is not defined. Use 'make tag' to see a suggestion)) + docker build -t gcr.io/google_containers/kubectl:$(TAG) . + +push: container + $(if $(TAG),,$(error TAG is not defined. Use 'make tag' to see a suggestion)) + gcloud preview docker push gcr.io/google_containers/kubectl:$(TAG) + +clean: + rm -f kubectl + rm -f .tag diff --git a/examples/kubectl-container/README.md b/examples/kubectl-container/README.md new file mode 100644 index 00000000000..1d37732af6a --- /dev/null +++ b/examples/kubectl-container/README.md @@ -0,0 +1,21 @@ +This directory contains a Dockerfile and Makefile for packaging up kubectl into +a container. + +It's not currently automated as part of a release process, so for the moment +this is an example of what to do if you want to package kubectl into a +container/your pod. + +In the future, we may release consistently versioned groups of containers when +we cut a release, in which case the source of gcr.io/google_containers/kubectl +would become that automated process. + +```pod.json``` is provided as an example of packaging kubectl as a sidecar +container, and to help you verify that kubectl works correctly in +this configuration. + +A possible reason why you would want to do this is to use ```kubectl proxy``` as +a drop-in replacement for the old no-auth KUBERNETES_RO service. The other +containers in your pod will find the proxy apparently serving on localhost. + + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/examples/kubectl-container/README.md?pixel)]() diff --git a/examples/kubectl-container/pod.json b/examples/kubectl-container/pod.json new file mode 100644 index 00000000000..756090862f2 --- /dev/null +++ b/examples/kubectl-container/pod.json @@ -0,0 +1,54 @@ +{ + "kind": "Pod", + "apiVersion": "v1beta3", + "metadata": { + "name": "kubectl-tester" + }, + "spec": { + "containers": [ + { + "name": "bb", + "image": "gcr.io/google_containers/busybox", + "command": [ + "sh", "-c", "sleep 5; wget -O - ${KUBERNETES_RO_SERVICE_HOST}:${KUBERNETES_RO_SERVICE_PORT}/api/v1beta3/pods/; sleep 10000" + ], + "ports": [ + { + "containerPort": 8080, + "protocol": "TCP" + } + ], + "env": [ + { + "name": "KUBERNETES_RO_SERVICE_HOST", + "value": "127.0.0.1" + }, + { + "name": "KUBERNETES_RO_SERVICE_PORT", + "value": "8001" + } + ], + "volumeMounts": [ + { + "name": "test-volume", + "mountPath": "/mount/test-volume" + } + ] + }, + { + "name": "kubectl", + "image": "gcr.io/google_containers/kubectl:v0.18.0-120-gaeb4ac55ad12b1-dirty", + "imagePullPolicy": "Always", + "args": [ + "proxy", "-p", "8001" + ] + } + ], + "volumes": [ + { + "name": "test-volume", + "emptyDir": {} + } + ] + } +} diff --git a/hack/lib/golang.sh b/hack/lib/golang.sh index 6283a559b1a..97aff8e394d 100644 --- a/hack/lib/golang.sh +++ b/hack/lib/golang.sh @@ -99,6 +99,11 @@ readonly KUBE_STATIC_LIBRARIES=( kube::golang::is_statically_linked_library() { local e for e in "${KUBE_STATIC_LIBRARIES[@]}"; do [[ "$1" == *"/$e" ]] && return 0; done; + # Allow individual overrides--e.g., so that you can get a static build of + # kubectl for inclusion in a container. + if [ -n "${KUBE_STATIC_OVERRIDES:+x}" ]; then + for e in "${KUBE_STATIC_OVERRIDES[@]}"; do [[ "$1" == *"/$e" ]] && return 0; done; + fi return 1; }