From 2b0b57bf8dd0fbc8a9e9ab95856a0b8cc95ebf6a Mon Sep 17 00:00:00 2001 From: Venkat Srinivasan Date: Wed, 17 Aug 2022 22:24:57 +0530 Subject: [PATCH] Added support for rke2 kubeadm and containerd packages (#4) --- packages/k8s/containerd/build.yaml | 26 ++++++++++++ packages/k8s/containerd/collection.yaml | 12 ++++++ packages/k8s/containerd/definition.yaml.old | 10 +++++ .../files/etc/containerd/config.toml | 11 +++++ packages/k8s/containerd/files/etc/crictl.yaml | 1 + .../files/etc/modules-load.d/k8s.conf | 2 + .../containerd/files/etc/sysctl.d/k8s.conf | 3 ++ .../etc/systemd/system/containerd.service | 40 +++++++++++++++++++ .../10-custom-opt-bin.conf | 6 +++ .../containerd.service.d/max-tasks.conf | 3 ++ .../containerd.service.d/memory-pressure.conf | 8 ++++ packages/k8s/containerd/templates/config.yaml | 14 +++++++ packages/k8s/kubeadm/build.yaml | 14 +++++++ packages/k8s/kubeadm/collection.yaml | 33 +++++++++++++++ packages/k8s/kubeadm/definition.yaml.old | 7 ++++ packages/k8s/kubeadm/files/etc/crictl.yaml | 1 + .../k8s/kubeadm/files/etc/default/kubelet | 1 + .../files/etc/systemd/system/kubelet.service | 14 +++++++ .../system/kubelet.service.d/10-kubeadm.conf | 11 +++++ packages/k8s/kubeadm/install-k8s.sh | 17 ++++++++ packages/k8s/rke2/build.yaml | 19 +++++++++ packages/k8s/rke2/collection.yaml | 29 ++++++++++++++ packages/k8s/rke2/values.yaml | 2 + packages/toolchain-ubuntu/build.yaml | 3 ++ packages/toolchain-ubuntu/definition.yaml | 4 ++ 25 files changed, 291 insertions(+) create mode 100644 packages/k8s/containerd/build.yaml create mode 100644 packages/k8s/containerd/collection.yaml create mode 100644 packages/k8s/containerd/definition.yaml.old create mode 100644 packages/k8s/containerd/files/etc/containerd/config.toml create mode 100644 packages/k8s/containerd/files/etc/crictl.yaml create mode 100644 packages/k8s/containerd/files/etc/modules-load.d/k8s.conf create mode 100644 packages/k8s/containerd/files/etc/sysctl.d/k8s.conf create mode 100644 packages/k8s/containerd/files/etc/systemd/system/containerd.service create mode 100644 packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/10-custom-opt-bin.conf create mode 100644 packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/max-tasks.conf create mode 100644 packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/memory-pressure.conf create mode 100644 packages/k8s/containerd/templates/config.yaml create mode 100644 packages/k8s/kubeadm/build.yaml create mode 100644 packages/k8s/kubeadm/collection.yaml create mode 100644 packages/k8s/kubeadm/definition.yaml.old create mode 100644 packages/k8s/kubeadm/files/etc/crictl.yaml create mode 100644 packages/k8s/kubeadm/files/etc/default/kubelet create mode 100644 packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service create mode 100644 packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service.d/10-kubeadm.conf create mode 100755 packages/k8s/kubeadm/install-k8s.sh create mode 100644 packages/k8s/rke2/build.yaml create mode 100644 packages/k8s/rke2/collection.yaml create mode 100644 packages/k8s/rke2/values.yaml create mode 100644 packages/toolchain-ubuntu/build.yaml create mode 100644 packages/toolchain-ubuntu/definition.yaml diff --git a/packages/k8s/containerd/build.yaml b/packages/k8s/containerd/build.yaml new file mode 100644 index 0000000..32e7000 --- /dev/null +++ b/packages/k8s/containerd/build.yaml @@ -0,0 +1,26 @@ +requires: +- name: "toolchain-ubuntu" + category: "development" + version: ">=0" +prelude: +{{$arch:=(default .Values.arch "amd64")}} +{{ if eq $arch "arm" }} +{{$arch:="arm64"}} +{{end}} +steps: +- curl -o containerd.tar.gz -L ${CONTAINERD_URL} && tar Cxzvf / containerd.tar.gz --absolute-names --transform 's@usr@opt@' --transform 's@sbin@bin@' --transform 's@opt/local@opt@' && rm containerd.tar.gz +- cp files/etc/systemd/system/containerd.service /etc/systemd/system +- mkdir /etc/systemd/system/containerd.service.d +- cp files/etc/systemd/system/containerd.service.d/*.conf /etc/systemd/system/containerd.service.d +- systemctl enable containerd +- mkdir /etc/containerd +- cp files/etc/containerd/config.toml /etc/containerd +- cp files/etc/modules-load.d/*.conf /etc/modules-load.d/ +- cp files/etc/sysctl.d/*.conf /etc/sysctl.d +env: +- DEBIAN_FRONTEND=noninteractive +- CONTAINERD_TGZ="cri-containerd-{{.Values.containerd_version }}-linux-{{$arch}}.tar.gz" +- CONTAINERD_URL="https://github.com/containerd/containerd/releases/download/v{{.Values.containerd_version}}/${CONTAINERD_TGZ}" +excludes: +- /etc/crictl.yaml +- /opt/bin/crictl diff --git a/packages/k8s/containerd/collection.yaml b/packages/k8s/containerd/collection.yaml new file mode 100644 index 0000000..279a940 --- /dev/null +++ b/packages/k8s/containerd/collection.yaml @@ -0,0 +1,12 @@ +packages: + - name: containerd + arch: amd64 + category: container-runtime + version: 1.6.4 + pause_image: "k8s.gcr.io/pause:3.6" + kubernetes_http_source: "https://dl.k8s.io/release" + crictl_version: "1.20.0" + containerd_version: "1.6.4" + runc_version: "1.1.2" + cni_version: "1.1.1" + containerd_cri_socket: "/var/run/containerd/containerd.sock" diff --git a/packages/k8s/containerd/definition.yaml.old b/packages/k8s/containerd/definition.yaml.old new file mode 100644 index 0000000..2094925 --- /dev/null +++ b/packages/k8s/containerd/definition.yaml.old @@ -0,0 +1,10 @@ +name: containerd +category: container-runtime +version: "1.6.4" +pause_image: "k8s.gcr.io/pause:3.6" +kubernetes_http_source: "https://dl.k8s.io/release" +crictl_version: "1.20.0" +containerd_version: "1.6.4" +runc_version: "1.1.2" +cni_version: "1.1.1" +containerd_cri_socket: "/var/run/containerd/containerd.sock" diff --git a/packages/k8s/containerd/files/etc/containerd/config.toml b/packages/k8s/containerd/files/etc/containerd/config.toml new file mode 100644 index 0000000..7a5d467 --- /dev/null +++ b/packages/k8s/containerd/files/etc/containerd/config.toml @@ -0,0 +1,11 @@ +version = 2 + +imports = ["/etc/containerd/conf.d/*.toml"] + +[plugins] + [plugins."io.containerd.grpc.v1.cri"] + sandbox_image = "k8s.gcr.io/pause:3.6" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + runtime_type = "io.containerd.runc.v2" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] + SystemdCgroup = true diff --git a/packages/k8s/containerd/files/etc/crictl.yaml b/packages/k8s/containerd/files/etc/crictl.yaml new file mode 100644 index 0000000..f60a186 --- /dev/null +++ b/packages/k8s/containerd/files/etc/crictl.yaml @@ -0,0 +1 @@ +runtime-endpoint: unix:///var/run/containerd/containerd.sock diff --git a/packages/k8s/containerd/files/etc/modules-load.d/k8s.conf b/packages/k8s/containerd/files/etc/modules-load.d/k8s.conf new file mode 100644 index 0000000..43dd543 --- /dev/null +++ b/packages/k8s/containerd/files/etc/modules-load.d/k8s.conf @@ -0,0 +1,2 @@ +overlay +br_netfilter diff --git a/packages/k8s/containerd/files/etc/sysctl.d/k8s.conf b/packages/k8s/containerd/files/etc/sysctl.d/k8s.conf new file mode 100644 index 0000000..8df03f1 --- /dev/null +++ b/packages/k8s/containerd/files/etc/sysctl.d/k8s.conf @@ -0,0 +1,3 @@ +net.bridge.bridge-nf-call-iptables = 1 +net.bridge.bridge-nf-call-ip6tables = 1 +net.ipv4.ip_forward = 1 diff --git a/packages/k8s/containerd/files/etc/systemd/system/containerd.service b/packages/k8s/containerd/files/etc/systemd/system/containerd.service new file mode 100644 index 0000000..7931aa8 --- /dev/null +++ b/packages/k8s/containerd/files/etc/systemd/system/containerd.service @@ -0,0 +1,40 @@ +# Copyright The containerd Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +[Unit] +Description=containerd container runtime +Documentation=https://containerd.io +After=network.target local-fs.target + +[Service] +ExecStartPre=-/sbin/modprobe overlay +ExecStart=/opt/bin/containerd + +Type=notify +Delegate=yes +KillMode=process +Restart=always +RestartSec=5 +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNPROC=infinity +LimitCORE=infinity +LimitNOFILE=infinity +# Comment TasksMax if your systemd version does not supports it. +# Only systemd 226 and above support this version. +TasksMax=infinity +OOMScoreAdjust=-999 + +[Install] +WantedBy=multi-user.target diff --git a/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/10-custom-opt-bin.conf b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/10-custom-opt-bin.conf new file mode 100644 index 0000000..192af7f --- /dev/null +++ b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/10-custom-opt-bin.conf @@ -0,0 +1,6 @@ +[Service] +Environment=PATH=/opt/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin +ExecStartPre=mkdir -p /run/docker/libcontainerd +ExecStartPre=ln -fs /run/containerd/containerd.sock /run/docker/libcontainerd/docker-containerd.sock +ExecStart= +ExecStart=/opt/bin/containerd --config /etc/containerd/config.toml diff --git a/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/max-tasks.conf b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/max-tasks.conf new file mode 100644 index 0000000..14aaeaa --- /dev/null +++ b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/max-tasks.conf @@ -0,0 +1,3 @@ +[Service] +# Do not limit the number of tasks that can be spawned by containerd +TasksMax=infinity diff --git a/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/memory-pressure.conf b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/memory-pressure.conf new file mode 100644 index 0000000..4345fa7 --- /dev/null +++ b/packages/k8s/containerd/files/etc/systemd/system/containerd.service.d/memory-pressure.conf @@ -0,0 +1,8 @@ +[Service] +# Decreases the likelihood that containerd is killed due to memory +# pressure. +# +# Please see the following link for more information about the +# OOMScoreAdjust configuration property: +# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#OOMScoreAdjust= +OOMScoreAdjust=-999 diff --git a/packages/k8s/containerd/templates/config.yaml b/packages/k8s/containerd/templates/config.yaml new file mode 100644 index 0000000..bf14960 --- /dev/null +++ b/packages/k8s/containerd/templates/config.yaml @@ -0,0 +1,14 @@ +{{ define "config" }} + version = 2 + +imports = ["/etc/containerd/conf.d/*.toml"] + +[plugins] + [plugins."io.containerd.grpc.v1.cri"] + sandbox_image = "{{.}}" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + runtime_type = "io.containerd.runc.v2" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] + SystemdCgroup = true + +{{ end }} diff --git a/packages/k8s/kubeadm/build.yaml b/packages/k8s/kubeadm/build.yaml new file mode 100644 index 0000000..8d86b61 --- /dev/null +++ b/packages/k8s/kubeadm/build.yaml @@ -0,0 +1,14 @@ +requires: +- name: "toolchain-ubuntu" + category: "development" + version: ">=0" + +steps: +- mkdir /opt/bin +- curl -L https://github.com/kubernetes-sigs/cri-tools/releases/download/v{{.Values.crictl_version}}/crictl-v{{.Values.crictl_version}}-linux-{{.Values.arch}}.tar.gz --output crictl-v{{.Values.crictl_version}}-linux-{{.Values.arch}}.tar.gz +- tar zxvf crictl-v{{.Values.crictl_version}}-linux-{{.Values.arch}}.tar.gz -C /opt/bin && rm -f crictl-v{{.Values.crictl_version}}-linux-{{.Values.arch}}.tar.gz +- cp files/etc/crictl.yaml /etc/crictl.yaml +- ./install-k8s.sh v{{ .Values.version }} {{ .Values.kubernetes_install_bin}} {{.Values.arch}} +env: +- DEBIAN_FRONTEND=noninteractive +- CNI_URL="https://github.com/containernetworking/plugins/releases/download/v{{.Values.cni_version}}/cni-plugins-linux-{{.Values.arch}}-v{{.Values.cni_version}}.tgz" diff --git a/packages/k8s/kubeadm/collection.yaml b/packages/k8s/kubeadm/collection.yaml new file mode 100644 index 0000000..4a4a5c9 --- /dev/null +++ b/packages/k8s/kubeadm/collection.yaml @@ -0,0 +1,33 @@ +packages: + - name: kubeadm + arch: amd64 + category: k8s + version: 1.23.8 + kubernetes_http_source: "https://dl.k8s.io/release" + crictl_version: "1.22.0" + cni_version: "1.1.1" + kubernetes_install_bin : "/usr/bin" + - name: kubeadm + arch: amd64 + category: k8s + version: 1.22.11 + kubernetes_http_source: "https://dl.k8s.io/release" + crictl_version: "1.22.0" + cni_version: "1.1.1" + kubernetes_install_bin : "/usr/bin" + - name: kubeadm + arch: amd64 + category: k8s + version: 1.22.9 + kubernetes_http_source: "https://dl.k8s.io/release" + crictl_version: "1.22.0" + cni_version: "1.1.1" + kubernetes_install_bin : "/usr/bin" + - name: kubeadm + arch: amd64 + category: k8s + version: 1.21.12 + kubernetes_http_source: "https://dl.k8s.io/release" + crictl_version: "1.22.0" + cni_version: "1.1.1" + kubernetes_install_bin : "/usr/bin" diff --git a/packages/k8s/kubeadm/definition.yaml.old b/packages/k8s/kubeadm/definition.yaml.old new file mode 100644 index 0000000..c4d9f07 --- /dev/null +++ b/packages/k8s/kubeadm/definition.yaml.old @@ -0,0 +1,7 @@ +name: kubeadm +category: k8s +version: 1.22.9 +kubernetes_http_source: "https://dl.k8s.io/release" +crictl_version: "1.22.0" +cni_version: "1.1.1" +kubernetes_install_bin : "/usr/bin" diff --git a/packages/k8s/kubeadm/files/etc/crictl.yaml b/packages/k8s/kubeadm/files/etc/crictl.yaml new file mode 100644 index 0000000..f60a186 --- /dev/null +++ b/packages/k8s/kubeadm/files/etc/crictl.yaml @@ -0,0 +1 @@ +runtime-endpoint: unix:///var/run/containerd/containerd.sock diff --git a/packages/k8s/kubeadm/files/etc/default/kubelet b/packages/k8s/kubeadm/files/etc/default/kubelet new file mode 100644 index 0000000..43c3f6b --- /dev/null +++ b/packages/k8s/kubeadm/files/etc/default/kubelet @@ -0,0 +1 @@ +KUBELET_EXTRA_ARGS="--pod-infra-container-image=k8s.gcr.io/pause:3.6" diff --git a/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service b/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service new file mode 100644 index 0000000..15d3e91 --- /dev/null +++ b/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service @@ -0,0 +1,14 @@ +[Unit] +Description=kubelet: The Kubernetes Node Agent +Documentation=https://kubernetes.io/docs/home/ +Wants=network-online.target +After=network-online.target + +[Service] +ExecStart=/usr/bin/kubelet +Restart=always +StartLimitInterval=0 +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service.d/10-kubeadm.conf b/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service.d/10-kubeadm.conf new file mode 100644 index 0000000..bd1b077 --- /dev/null +++ b/packages/k8s/kubeadm/files/etc/systemd/system/kubelet.service.d/10-kubeadm.conf @@ -0,0 +1,11 @@ +# Note: This dropin only works with kubeadm and kubelet v1.11+ +[Service] +Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" +Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" +# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically +EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env +# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use +# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. +EnvironmentFile=-/etc/default/kubelet +ExecStart= +ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS diff --git a/packages/k8s/kubeadm/install-k8s.sh b/packages/k8s/kubeadm/install-k8s.sh new file mode 100755 index 0000000..0acb098 --- /dev/null +++ b/packages/k8s/kubeadm/install-k8s.sh @@ -0,0 +1,17 @@ +#!/bin/bash +set -euxo pipefail + +RELEASE=$1 +DOWNLOAD_DIR=$2 +ARCH=$3 +cd $DOWNLOAD_DIR +sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet,kubectl} +sudo chmod +x {kubeadm,kubelet,kubectl} +cd - + +cat files/etc/systemd/system/kubelet.service | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service +sudo mkdir -p /etc/systemd/system/kubelet.service.d +cat files/etc/systemd/system/kubelet.service.d/10-kubeadm.conf | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf +mkdir -p /etc/default +cp files/etc/default/kubelet /etc/default +systemctl enable kubelet diff --git a/packages/k8s/rke2/build.yaml b/packages/k8s/rke2/build.yaml new file mode 100644 index 0000000..84c0217 --- /dev/null +++ b/packages/k8s/rke2/build.yaml @@ -0,0 +1,19 @@ +requires: +- name: "toolchain-ubuntu" + category: "development" + version: ">=0" + +env: +- INSTALL_RKE2_VERSION=v{{.Values.version}}+{{.Values.rke2_release}} +- INSTALL_RKE2_TAR_PREFIX={{.Values.rke2_install_dir}} +- DEBIAN_FRONTEND=noninteractive +prelude: +- apt-get update && apt-get install -y curl systemd sudo + +steps: +- curl -sfL {{.Values.rke2_http_source}} > installer.sh +- sed -i 's/systemctl daemon-reload//g' installer.sh +- sh installer.sh +- rm -rf installer.sh +- systemctl disable rke2-server rke2-agent +- curl -LO https://dl.k8s.io/release/v{{.Values.version}}/bin/linux/{{.Values.arch}}/kubectl && chmod +x kubectl && mv kubectl /usr/bin diff --git a/packages/k8s/rke2/collection.yaml b/packages/k8s/rke2/collection.yaml new file mode 100644 index 0000000..baa1554 --- /dev/null +++ b/packages/k8s/rke2/collection.yaml @@ -0,0 +1,29 @@ +packages: + - name: rke2 + arch: amd64 + category: k8s + version: 1.23.8 + rke2_http_source: "https://get.rke2.io" + rke2_install_dir : "/opt/rke2" + rke2_release : "rke2r1" + - name: rke2 + arch: amd64 + category: k8s + version: 1.22.11 + rke2_http_source: "https://get.rke2.io" + rke2_install_dir : "/opt/rke2" + rke2_release : "rke2r1" + - name: rke2 + arch: amd64 + category: k8s + version: 1.22.9 + rke2_http_source: "https://get.rke2.io" + rke2_install_dir : "/opt/rke2" + rke2_release : "rke2r2" + - name: rke2 + arch: amd64 + category: k8s + version: 1.21.12 + rke2_http_source: "https://get.rke2.io" + rke2_install_dir : "/opt/rke2" + rke2_release : "rke2r2" diff --git a/packages/k8s/rke2/values.yaml b/packages/k8s/rke2/values.yaml new file mode 100644 index 0000000..2e7b7ef --- /dev/null +++ b/packages/k8s/rke2/values.yaml @@ -0,0 +1,2 @@ +mylist: + - 1.21.12-5 diff --git a/packages/toolchain-ubuntu/build.yaml b/packages/toolchain-ubuntu/build.yaml new file mode 100644 index 0000000..5ef2393 --- /dev/null +++ b/packages/toolchain-ubuntu/build.yaml @@ -0,0 +1,3 @@ +image: "ubuntu:20.04" +prelude: +- apt-get update && apt-get install -y curl systemd sudo diff --git a/packages/toolchain-ubuntu/definition.yaml b/packages/toolchain-ubuntu/definition.yaml new file mode 100644 index 0000000..a1c951b --- /dev/null +++ b/packages/toolchain-ubuntu/definition.yaml @@ -0,0 +1,4 @@ +name: toolchain-ubuntu +category: development +version: "0.1" +hidden: true