From 605c4b66753551c9bc06114f6ca185443819e4c1 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 10:28:26 +0100 Subject: [PATCH 1/7] kubernetes: Move images for caches into separate file Will be auto-generated. Signed-off-by: Ian Campbell --- projects/kubernetes/image-cache/Makefile | 13 +------------ projects/kubernetes/image-cache/versions.mk | 12 ++++++++++++ 2 files changed, 13 insertions(+), 12 deletions(-) create mode 100644 projects/kubernetes/image-cache/versions.mk diff --git a/projects/kubernetes/image-cache/Makefile b/projects/kubernetes/image-cache/Makefile index 6f527ffaa..f698aa9ca 100644 --- a/projects/kubernetes/image-cache/Makefile +++ b/projects/kubernetes/image-cache/Makefile @@ -1,17 +1,6 @@ default: push -COMMON_IMAGES := \ - kube-proxy-amd64\:v1.7.4@sha256\:5373a1c294c9ffb2e842d74d3df8fcc5bed68c02af3fb3611c2fd71a411a68fe \ - k8s-dns-sidecar-amd64\:1.14.4@sha256\:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9 \ - k8s-dns-kube-dns-amd64\:1.14.4@sha256\:40790881bbe9ef4ae4ff7fe8b892498eecb7fe6dcc22661402f271e03f7de344 \ - k8s-dns-dnsmasq-nanny-amd64\:1.14.4@sha256\:aeeb994acbc505eabc7415187cd9edb38cbb5364dc1c2fc748154576464b3dc2 \ - pause-amd64\:3.0@sha256\:163ac025575b775d1c0f9bf0bdd0f086883171eb475b5068e7defa4ca9e76516 - -CONTROL_PLANE_IMAGES := \ - kube-apiserver-amd64\:v1.7.4@sha256\:f880371b4cee1a810d7caf4c8a2c0b8fa169879545b06a537e4ea6bcdfbbe1f6 \ - kube-controller-manager-amd64\:v1.7.4@sha256\:7e31b7f71a8c1904c8b38c1681666ef551d0598fbbb4142522b05074ae0c9fd1 \ - kube-scheduler-amd64\:v1.7.4@sha256\:3712116f370e21938e6a55e0f73dc02a4a6f4830a33304127105ed89451ee527 \ - etcd-amd64\:3.0.17@sha256\:d83d3545e06fb035db8512e33bd44afb55dea007a3abd7b17742d3ac6d235940 +include versions.mk dl/%.tar: mkdir -p $(dir $@) diff --git a/projects/kubernetes/image-cache/versions.mk b/projects/kubernetes/image-cache/versions.mk new file mode 100644 index 000000000..9774c7226 --- /dev/null +++ b/projects/kubernetes/image-cache/versions.mk @@ -0,0 +1,12 @@ +COMMON_IMAGES := \ + kube-proxy-amd64\:v1.7.4@sha256\:5373a1c294c9ffb2e842d74d3df8fcc5bed68c02af3fb3611c2fd71a411a68fe \ + k8s-dns-sidecar-amd64\:1.14.4@sha256\:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9 \ + k8s-dns-kube-dns-amd64\:1.14.4@sha256\:40790881bbe9ef4ae4ff7fe8b892498eecb7fe6dcc22661402f271e03f7de344 \ + k8s-dns-dnsmasq-nanny-amd64\:1.14.4@sha256\:aeeb994acbc505eabc7415187cd9edb38cbb5364dc1c2fc748154576464b3dc2 \ + pause-amd64\:3.0@sha256\:163ac025575b775d1c0f9bf0bdd0f086883171eb475b5068e7defa4ca9e76516 + +CONTROL_PLANE_IMAGES := \ + kube-apiserver-amd64\:v1.7.4@sha256\:f880371b4cee1a810d7caf4c8a2c0b8fa169879545b06a537e4ea6bcdfbbe1f6 \ + kube-controller-manager-amd64\:v1.7.4@sha256\:7e31b7f71a8c1904c8b38c1681666ef551d0598fbbb4142522b05074ae0c9fd1 \ + kube-scheduler-amd64\:v1.7.4@sha256\:3712116f370e21938e6a55e0f73dc02a4a6f4830a33304127105ed89451ee527 \ + etcd-amd64\:3.0.17@sha256\:d83d3545e06fb035db8512e33bd44afb55dea007a3abd7b17742d3ac6d235940 From 50ddffb1a5e7461367216421ec7ea60329ec1ec0 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 10:57:57 +0100 Subject: [PATCH 2/7] kubernetes: Autogenerate file with image cache digests Signed-off-by: Ian Campbell --- projects/kubernetes/image-cache/Makefile | 4 ++ projects/kubernetes/image-cache/mkversions | 45 +++++++++++++++++++++ projects/kubernetes/image-cache/versions.mk | 1 + 3 files changed, 50 insertions(+) create mode 100755 projects/kubernetes/image-cache/mkversions diff --git a/projects/kubernetes/image-cache/Makefile b/projects/kubernetes/image-cache/Makefile index f698aa9ca..10ace6084 100644 --- a/projects/kubernetes/image-cache/Makefile +++ b/projects/kubernetes/image-cache/Makefile @@ -33,3 +33,7 @@ dl: $(patsubst %,dl/%.tar,$(COMMON_IMAGES) $(CONTROL_PLANE_IMAGES)) .PHONY: clean clean: rm -rf dl + +.PHONY: refresh +refresh: + ./mkversions > versions.mk diff --git a/projects/kubernetes/image-cache/mkversions b/projects/kubernetes/image-cache/mkversions new file mode 100755 index 000000000..ab53dc8d5 --- /dev/null +++ b/projects/kubernetes/image-cache/mkversions @@ -0,0 +1,45 @@ +#!/bin/sh +repo=gcr.io/google_containers +kube_version=v1.7.4 +kube_dns_version=1.14.4 +pause_version=3.0 +etcd_version=3.0.17 + +common=" + kube-proxy-amd64:$kube_version + k8s-dns-sidecar-amd64:$kube_dns_version + k8s-dns-kube-dns-amd64:$kube_dns_version + k8s-dns-dnsmasq-nanny-amd64:$kube_dns_version + pause-amd64:$pause_version" + +control=" + kube-apiserver-amd64:$kube_version + kube-controller-manager-amd64:$kube_version + kube-scheduler-amd64:$kube_version + etcd-amd64:$etcd_version" + +for i in $common $control ; do + docker image pull "$repo/$i" 1>&2 +done + +oi() { + local i="$1" + digest=$(docker image inspect "$repo/$i" | jq -r '.[].RepoDigests[0]') + i=$(echo "${i}@${digest#*@}" | sed -e 's/:/\\:/g') + echo " \\" + echo -n " ${i}" +} + +rm -f $t +echo "# autogenerated by mkversions" +echo -n "COMMON_IMAGES :=" +for i in $common ; do + oi "$i" +done +echo "" +echo "" +echo -n "CONTROL_PLANE_IMAGES :=" +for i in $control ; do + oi "$i" +done +echo "" diff --git a/projects/kubernetes/image-cache/versions.mk b/projects/kubernetes/image-cache/versions.mk index 9774c7226..1c3a6e0e9 100644 --- a/projects/kubernetes/image-cache/versions.mk +++ b/projects/kubernetes/image-cache/versions.mk @@ -1,3 +1,4 @@ +# autogenerated by mkversions COMMON_IMAGES := \ kube-proxy-amd64\:v1.7.4@sha256\:5373a1c294c9ffb2e842d74d3df8fcc5bed68c02af3fb3611c2fd71a411a68fe \ k8s-dns-sidecar-amd64\:1.14.4@sha256\:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9 \ From faecbffff2420445126fde9e6f0dfac4e1fb8311 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 11:04:54 +0100 Subject: [PATCH 3/7] kubernetes: Bump to v1.7.6 Also pickup Weave 2.0.6 and CNI 0.6.0. Note that the CNI plugins have moved to a new directory. Signed-off-by: Ian Campbell --- projects/kubernetes/image-cache/mkversions | 2 +- projects/kubernetes/image-cache/versions.mk | 8 ++++---- projects/kubernetes/kubernetes/Dockerfile | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/projects/kubernetes/image-cache/mkversions b/projects/kubernetes/image-cache/mkversions index ab53dc8d5..9c5cbdc05 100755 --- a/projects/kubernetes/image-cache/mkversions +++ b/projects/kubernetes/image-cache/mkversions @@ -1,6 +1,6 @@ #!/bin/sh repo=gcr.io/google_containers -kube_version=v1.7.4 +kube_version=v1.7.6 kube_dns_version=1.14.4 pause_version=3.0 etcd_version=3.0.17 diff --git a/projects/kubernetes/image-cache/versions.mk b/projects/kubernetes/image-cache/versions.mk index 1c3a6e0e9..02c6b0ea7 100644 --- a/projects/kubernetes/image-cache/versions.mk +++ b/projects/kubernetes/image-cache/versions.mk @@ -1,13 +1,13 @@ # autogenerated by mkversions COMMON_IMAGES := \ - kube-proxy-amd64\:v1.7.4@sha256\:5373a1c294c9ffb2e842d74d3df8fcc5bed68c02af3fb3611c2fd71a411a68fe \ + kube-proxy-amd64\:v1.7.6@sha256\:1509f2fc8a60501d604d21d983ed6f5d0ea40ccdd7cc6ba6c994389ef7db16d8 \ k8s-dns-sidecar-amd64\:1.14.4@sha256\:97074c951046e37d3cbb98b82ae85ed15704a290cce66a8314e7f846404edde9 \ k8s-dns-kube-dns-amd64\:1.14.4@sha256\:40790881bbe9ef4ae4ff7fe8b892498eecb7fe6dcc22661402f271e03f7de344 \ k8s-dns-dnsmasq-nanny-amd64\:1.14.4@sha256\:aeeb994acbc505eabc7415187cd9edb38cbb5364dc1c2fc748154576464b3dc2 \ pause-amd64\:3.0@sha256\:163ac025575b775d1c0f9bf0bdd0f086883171eb475b5068e7defa4ca9e76516 CONTROL_PLANE_IMAGES := \ - kube-apiserver-amd64\:v1.7.4@sha256\:f880371b4cee1a810d7caf4c8a2c0b8fa169879545b06a537e4ea6bcdfbbe1f6 \ - kube-controller-manager-amd64\:v1.7.4@sha256\:7e31b7f71a8c1904c8b38c1681666ef551d0598fbbb4142522b05074ae0c9fd1 \ - kube-scheduler-amd64\:v1.7.4@sha256\:3712116f370e21938e6a55e0f73dc02a4a6f4830a33304127105ed89451ee527 \ + kube-apiserver-amd64\:v1.7.6@sha256\:f3a208d30314a89952cf613e5ee671f9d2ed7b197cd6c5d91bebfe02571d7e1b \ + kube-controller-manager-amd64\:v1.7.6@sha256\:42a42e8d39fd68de7c1db6844f909bfa6bff89019ecef86e6c542354cf8ab9fb \ + kube-scheduler-amd64\:v1.7.6@sha256\:334a38ac844be07599f74876f6c923271bbd0aab48a43e7ca1ad4942e9ebdabd \ etcd-amd64\:3.0.17@sha256\:d83d3545e06fb035db8512e33bd44afb55dea007a3abd7b17742d3ac6d235940 diff --git a/projects/kubernetes/kubernetes/Dockerfile b/projects/kubernetes/kubernetes/Dockerfile index a6cafa178..fb0d293b0 100644 --- a/projects/kubernetes/kubernetes/Dockerfile +++ b/projects/kubernetes/kubernetes/Dockerfile @@ -1,8 +1,8 @@ FROM linuxkit/alpine:a120ad6aead3fe583eaa20e9b75a05ac1b3487da AS build -ENV kubernetes_version v1.7.4 -ENV weave_version v2.0.1 -ENV cni_version v0.5.2 +ENV kubernetes_version v1.7.6 +ENV weave_version v2.0.4 +ENV cni_version v0.6.0 ENV kube_release_artefacts "https://dl.k8s.io/${kubernetes_version}/bin/linux/amd64" @@ -30,7 +30,7 @@ RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache RUN rmdir /out/var/run && ln -nfs /run /out/var/run -RUN curl -fSL -o /out/root/cni.tgz https://github.com/containernetworking/cni/releases/download/v0.5.2/cni-amd64-${cni_version}.tgz +RUN curl -fSL -o /out/root/cni.tgz https://github.com/containernetworking/plugins/releases/download/${cni_version}/cni-plugins-amd64-${cni_version}.tgz RUN curl -fSL -o /out/etc/weave.yaml https://cloud.weave.works/k8s/v1.7/net?v=${weave_version} RUN curl -fSL -o /out/usr/bin/kubelet https://dl.k8s.io/${kubernetes_version}/bin/linux/amd64/kubelet && chmod 0755 /out/usr/bin/kubelet RUN curl -fSL -o /out/usr/bin/kubeadm https://dl.k8s.io/${kubernetes_version}/bin/linux/amd64/kubeadm && chmod 0755 /out/usr/bin/kubeadm From 3018c8add1e469be62f7ab8ef107fdb393120d24 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 11:34:18 +0100 Subject: [PATCH 4/7] kubernetes: Add force{tag,push} targets to image-cache build Signed-off-by: Ian Campbell --- projects/kubernetes/image-cache/Makefile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/projects/kubernetes/image-cache/Makefile b/projects/kubernetes/image-cache/Makefile index 10ace6084..c094bcc50 100644 --- a/projects/kubernetes/image-cache/Makefile +++ b/projects/kubernetes/image-cache/Makefile @@ -14,17 +14,19 @@ dl/%.tar: ln $(IMAGES) $${builddir} ; \ $(MAKE) -f Makefile.pkg BUILDDIR=$${builddir} CACHE=$(CACHE) $* -.PHONY: tag-common push-common show-tag-common -tag-common push-common show-tag-common: %-common: $(patsubst %,dl/%.tar,$(COMMON_IMAGES)) +.PHONY: tag-common forcetag-common push-common forcepush-common show-tag-common +tag-common forcetag-common push-common forcepush-common show-tag-common: %-common: $(patsubst %,dl/%.tar,$(COMMON_IMAGES)) @$(MAKE) CACHE=common IMAGES="$^" $*-pkg -.PHONY: tag-control-plane push-control-plane show-tag-control-plane -tag-control-plane push-control-plane show-tag-control-plane: %-control-plane: $(patsubst %,dl/%.tar,$(CONTROL_PLANE_IMAGES)) +.PHONY: tag-control-plane forcetag-control-plane push-control-plane forcepush-control-plane show-tag-control-plane +tag-control-plane forcetag-control-plane push-control-plane forcepush-control-plane show-tag-control-plane: %-control-plane: $(patsubst %,dl/%.tar,$(CONTROL_PLANE_IMAGES)) @$(MAKE) CACHE=control-plane IMAGES="$^" $*-pkg .PHONY: tag push show-tags tag: tag-common tag-control-plane +forcetag: forcetag-common forcetag-control-plane push: push-common push-control-plane +forcepush: forcepush-common forcepush-control-plane show-tags: show-tag-common show-tag-control-plane .PHONY: dl From 965635ab86cb8a44e8bf8e3284d3802ebd6e8e81 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 11:52:51 +0100 Subject: [PATCH 5/7] kubernetes: Bump to latest cri-containerd Fixes access to GCR private registries and implements mount point propagation. Signed-off-by: Ian Campbell --- projects/kubernetes/cri-containerd/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/kubernetes/cri-containerd/Dockerfile b/projects/kubernetes/cri-containerd/Dockerfile index 707642370..0387f3a3e 100644 --- a/projects/kubernetes/cri-containerd/Dockerfile +++ b/projects/kubernetes/cri-containerd/Dockerfile @@ -13,7 +13,7 @@ ENV GOPATH=/go PATH=$PATH:/go/bin ENV CRI_CONTAINERD_URL https://github.com/kubernetes-incubator/cri-containerd.git #ENV CRI_CONTAINERD_BRANCH pull/NNN/head -ENV CRI_CONTAINERD_COMMIT a8d49402859167a232b094d971e70c2f4b71b8ea +ENV CRI_CONTAINERD_COMMIT 437131299b805de9d1431300d8054af61fa54a26 RUN mkdir -p $GOPATH/src/github.com/kubernetes-incubator && \ cd $GOPATH/src/github.com/kubernetes-incubator && \ git clone $CRI_CONTAINERD_URL cri-containerd From b7721daa69a2c7574eb005dd3a62d3ebdd14b2ee Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 11:28:00 +0100 Subject: [PATCH 6/7] kubernetes: bump yml Signed-off-by: Ian Campbell --- projects/kubernetes/cri-containerd.yml | 2 +- projects/kubernetes/docker-master.yml | 2 +- projects/kubernetes/docker.yml | 2 +- projects/kubernetes/kube.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/projects/kubernetes/cri-containerd.yml b/projects/kubernetes/cri-containerd.yml index a3520ef5d..4e98b58e8 100644 --- a/projects/kubernetes/cri-containerd.yml +++ b/projects/kubernetes/cri-containerd.yml @@ -1,6 +1,6 @@ services: - name: cri-containerd - image: linuxkitprojects/cri-containerd:b8b6a48426c2165055534b06fb0119f07e24506a + image: linuxkitprojects/cri-containerd:4d159d37996954dfdc78a6d07a324fd872a019d5 files: - path: /etc/kubelet.conf contents: | diff --git a/projects/kubernetes/docker-master.yml b/projects/kubernetes/docker-master.yml index ec6298647..16acb2fce 100644 --- a/projects/kubernetes/docker-master.yml +++ b/projects/kubernetes/docker-master.yml @@ -1,3 +1,3 @@ services: - name: kubernetes-image-cache-control-plane - image: linuxkitprojects/kubernetes-image-cache-control-plane:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25 + image: linuxkitprojects/kubernetes-image-cache-control-plane:465c8781efd6664c9a744eb78bf5b90d6ce5db3e diff --git a/projects/kubernetes/docker.yml b/projects/kubernetes/docker.yml index 03388d91b..0b5dbdd3e 100644 --- a/projects/kubernetes/docker.yml +++ b/projects/kubernetes/docker.yml @@ -21,7 +21,7 @@ services: runtime: mkdir: ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"] - name: kubernetes-image-cache-common - image: linuxkitprojects/kubernetes-image-cache-common:0d818c5b1a7a0a0aa52c2a52e23de784d7fd5e25 + image: linuxkitprojects/kubernetes-image-cache-common:465c8781efd6664c9a744eb78bf5b90d6ce5db3e files: - path: /etc/kubelet.conf contents: "" diff --git a/projects/kubernetes/kube.yml b/projects/kubernetes/kube.yml index 47438e78c..87d9696a4 100644 --- a/projects/kubernetes/kube.yml +++ b/projects/kubernetes/kube.yml @@ -36,7 +36,7 @@ services: - name: sshd image: linuxkit/sshd:505a985d7bd7a90f15eca9cb4dc6ec92789d51a0 - name: kubelet - image: linuxkitprojects/kubernetes:b73aacdfaad2167f7b193d9b68f7e52186eb188a + image: linuxkitprojects/kubernetes:8f3f75005ce56b8588b669ce5d7b02c5d705bbd4 files: - path: etc/linuxkit.yml metadata: yaml From 7d7b65aa190efb62efd6c5f73b80ab2dd7acabba Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Tue, 19 Sep 2017 13:31:02 +0100 Subject: [PATCH 7/7] kubernetes: simpler rune to get image digest Signed-off-by: Ian Campbell --- projects/kubernetes/image-cache/mkversions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/kubernetes/image-cache/mkversions b/projects/kubernetes/image-cache/mkversions index 9c5cbdc05..62b2a47e5 100755 --- a/projects/kubernetes/image-cache/mkversions +++ b/projects/kubernetes/image-cache/mkversions @@ -24,7 +24,7 @@ done oi() { local i="$1" - digest=$(docker image inspect "$repo/$i" | jq -r '.[].RepoDigests[0]') + digest=$(docker image inspect --format '{{index .RepoDigests 0}}' "$repo/$i") i=$(echo "${i}@${digest#*@}" | sed -e 's/:/\\:/g') echo " \\" echo -n " ${i}"