From cddc292290489d988882d1294d4899ed41aefa84 Mon Sep 17 00:00:00 2001 From: Teddy Andrieux Date: Thu, 21 Sep 2023 15:19:15 +0200 Subject: [PATCH] build: Move to the new Kubernetes upstream repository Sees: https://kubernetes.io/blog/2023/08/15/pkgs-k8s-io-introduction/ (cherry picked from commit 14464faeb1bf59701bbe2a611be7e29e1125ccbe) --- buildchain/buildchain/builder.py | 6 ++++-- buildchain/buildchain/image.py | 3 ++- buildchain/buildchain/versions.py | 8 +++++++- images/metalk8s-utils/Dockerfile | 7 ++++--- images/metalk8s-utils/configure-repos.sh | 9 ++++----- packages/redhat/7/Dockerfile | 2 ++ packages/redhat/8/Dockerfile | 2 ++ packages/redhat/common/entrypoint.sh | 5 +++-- packages/redhat/common/yum_repositories/kubernetes.repo | 6 ++---- salt/metalk8s/map.jinja | 2 -- tools/get-kubeadm-manifests/Dockerfile | 9 ++++----- tools/get-kubeadm-manifests/README.md | 6 +++--- 12 files changed, 37 insertions(+), 28 deletions(-) diff --git a/buildchain/buildchain/builder.py b/buildchain/buildchain/builder.py index 29da091f16..1419358ca1 100644 --- a/buildchain/buildchain/builder.py +++ b/buildchain/buildchain/builder.py @@ -55,8 +55,9 @@ def _builder_image(name: str, dockerfile: Path, **kwargs: Any) -> LocalImage: REDHAT_REPOS_ROOT / "saltstack.repo", ], build_args={ - # Used to template the SaltStack repository definition + # Used to template the repository definition "SALT_VERSION": versions.SALT_VERSION, + "K8S_SHORT_VERSION": versions.K8S_SHORT_VERSION, }, ), "8": _builder_image( @@ -68,8 +69,9 @@ def _builder_image(name: str, dockerfile: Path, **kwargs: Any) -> LocalImage: REDHAT_REPOS_ROOT / "saltstack.repo", ], build_args={ - # Used to template the SaltStack repository definition + # Used to template the repository definition "SALT_VERSION": versions.SALT_VERSION, + "K8S_SHORT_VERSION": versions.K8S_SHORT_VERSION, }, ), } diff --git a/buildchain/buildchain/image.py b/buildchain/buildchain/image.py index e3e67ff512..124542bde9 100644 --- a/buildchain/buildchain/image.py +++ b/buildchain/buildchain/image.py @@ -294,7 +294,8 @@ def _local_image(name: str, **kwargs: Any) -> targets.LocalImage: "VCS_REF": constants.GIT_REF or "", "METALK8S_VERSION": versions.VERSION, "SALT_VERSION": versions.SALT_VERSION, - "KUBERNETES_VERSION": versions.K8S_VERSION, + "K8S_SHORT_VERSION": versions.K8S_SHORT_VERSION, + "K8S_VERSION": versions.K8S_VERSION, "ETCD_VERSION": f"v{versions.ETCD_VERSION}", }, ), diff --git a/buildchain/buildchain/versions.py b/buildchain/buildchain/versions.py index 4f953ccfc8..93adadb880 100644 --- a/buildchain/buildchain/versions.py +++ b/buildchain/buildchain/versions.py @@ -18,8 +18,14 @@ # Project-wide versions {{{ +K8S_VERSION_MAJOR: str = "1" +K8S_VERSION_MINOR: str = "25" +K8S_VERSION_PATCH: str = "9" + +K8S_SHORT_VERSION: str = f"{K8S_VERSION_MAJOR}.{K8S_VERSION_MINOR}" +K8S_VERSION: str = f"{K8S_SHORT_VERSION}.{K8S_VERSION_PATCH}" + CALICO_VERSION: str = "3.25.0" -K8S_VERSION: str = "1.25.9" SALT_VERSION: str = "3002.9" CONTAINERD_VERSION: str = "1.6.19" diff --git a/images/metalk8s-utils/Dockerfile b/images/metalk8s-utils/Dockerfile index 10aa74efb1..8ecd2ce2fb 100644 --- a/images/metalk8s-utils/Dockerfile +++ b/images/metalk8s-utils/Dockerfile @@ -5,14 +5,15 @@ ARG BASE_IMAGE=docker.io/rockylinux FROM $BASE_IMAGE@sha256:$BASE_IMAGE_SHA256 # Kubernetes version -ARG KUBERNETES_VERSION +ARG K8S_SHORT_VERSION +ARG K8S_VERSION # Salt version ARG SALT_VERSION # Etcd version ARG ETCD_VERSION COPY configure-repos.sh / -RUN /configure-repos.sh $SALT_VERSION && rm /configure-repos.sh +RUN /configure-repos.sh "$K8S_SHORT_VERSION" "$SALT_VERSION" && rm /configure-repos.sh # Timestamp of the build, formatted as RFC3339 ARG BUILD_DATE @@ -80,7 +81,7 @@ RUN dnf clean expire-cache && \ iptables \ ipvsadm \ jq \ - "kubectl-${KUBERNETES_VERSION}" \ + "kubectl-${K8S_VERSION}" \ less \ lsof \ ltrace \ diff --git a/images/metalk8s-utils/configure-repos.sh b/images/metalk8s-utils/configure-repos.sh index ac833c1e6c..c44a299603 100755 --- a/images/metalk8s-utils/configure-repos.sh +++ b/images/metalk8s-utils/configure-repos.sh @@ -2,17 +2,16 @@ set -xue -o pipefail -SALT_VERSION=$1 +K8S_SHORT_VERSION=$1 +SALT_VERSION=$2 cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes -baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 +baseurl=https://pkgs.k8s.io/core:/stable:/v$K8S_SHORT_VERSION/rpm/ enabled=1 gpgcheck=1 -repo_gpgcheck=0 -gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg +gpgkey=https://pkgs.k8s.io/core:/stable:/v$K8S_SHORT_VERSION/rpm/repodata/repomd.xml.key EOF cat > /etc/yum.repos.d/saltstack.repo << EOF diff --git a/packages/redhat/7/Dockerfile b/packages/redhat/7/Dockerfile index ad85470a3d..2878005f36 100644 --- a/packages/redhat/7/Dockerfile +++ b/packages/redhat/7/Dockerfile @@ -5,10 +5,12 @@ ARG BUILD_IMAGE=docker.io/centos FROM ${BUILD_IMAGE}@sha256:${BUILD_IMAGE_SHA256} as build ARG SALT_VERSION +ARG K8S_SHORT_VERSION ARG GO_VERSION=1.16.14 ADD common/yum_repositories/*.repo /etc/yum.repos.d/ RUN sed -i s/@SALT_VERSION@/$SALT_VERSION/ /etc/yum.repos.d/saltstack.repo +RUN sed -i s/@K8S_SHORT_VERSION@/$K8S_SHORT_VERSION/ /etc/yum.repos.d/kubernetes.repo ENV GOROOT /usr/local/go diff --git a/packages/redhat/8/Dockerfile b/packages/redhat/8/Dockerfile index 7c023568e1..4e72cc691e 100644 --- a/packages/redhat/8/Dockerfile +++ b/packages/redhat/8/Dockerfile @@ -7,10 +7,12 @@ FROM ${BUILD_IMAGE}@sha256:${BUILD_IMAGE_SHA256} as build RUN useradd -m build ARG SALT_VERSION +ARG K8S_SHORT_VERSION ARG GO_VERSION=1.16.14 ADD common/yum_repositories/*.repo /etc/yum.repos.d/ RUN sed -i s/@SALT_VERSION@/$SALT_VERSION/ /etc/yum.repos.d/saltstack.repo +RUN sed -i s/@K8S_SHORT_VERSION@/$K8S_SHORT_VERSION/ /etc/yum.repos.d/kubernetes.repo ENV GOPATH /go ENV GOROOT /usr/local/go diff --git a/packages/redhat/common/entrypoint.sh b/packages/redhat/common/entrypoint.sh index c6ce07f7d4..c6b93cd83f 100755 --- a/packages/redhat/common/entrypoint.sh +++ b/packages/redhat/common/entrypoint.sh @@ -116,7 +116,7 @@ download_repository_gpg_keys() { for key_id in "${!gpg_keys[@]}"; do gpg_key=RPM-GPG-KEY-metalk8s-$repo_name-${releasever}_$(( key_id + 1 )) - curl -s "${gpg_keys[$key_id]}" > "$gpg_key" + curl -Ls "${gpg_keys[$key_id]}" > "$gpg_key" chown "$TARGET_UID:$TARGET_GID" "$gpg_key" done fi @@ -205,7 +205,8 @@ download_packages() { ;; esac - yumdownloader --disablerepo="*" \ + yumdownloader --arch="x86_64,noarch" \ + --disablerepo="*" \ --enablerepo="$repo" "${dependencies[@]}" done diff --git a/packages/redhat/common/yum_repositories/kubernetes.repo b/packages/redhat/common/yum_repositories/kubernetes.repo index e45474d3b3..8de5ba1c98 100644 --- a/packages/redhat/common/yum_repositories/kubernetes.repo +++ b/packages/redhat/common/yum_repositories/kubernetes.repo @@ -1,8 +1,6 @@ [kubernetes] name=Kubernetes -baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 +baseurl=https://pkgs.k8s.io/core:/stable:/v@K8S_SHORT_VERSION@/rpm/ enabled=1 gpgcheck=1 -repo_gpgcheck=0 -gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg +gpgkey=https://pkgs.k8s.io/core:/stable:/v@K8S_SHORT_VERSION@/rpm/repodata/repomd.xml.key diff --git a/salt/metalk8s/map.jinja b/salt/metalk8s/map.jinja index bd17833314..a8a064d17c 100644 --- a/salt/metalk8s/map.jinja +++ b/salt/metalk8s/map.jinja @@ -104,7 +104,6 @@ 'gpgcheck': 1, 'gpgkeys': [ 'RPM-GPG-KEY-metalk8s-kubernetes-7_1', - 'RPM-GPG-KEY-metalk8s-kubernetes-7_2', ], 'repo_gpg_check': 0, 'enabled': 1, @@ -143,7 +142,6 @@ 'gpgcheck': 1, 'gpgkeys': [ 'RPM-GPG-KEY-metalk8s-kubernetes-8_1', - 'RPM-GPG-KEY-metalk8s-kubernetes-8_2', ], 'repo_gpg_check': 0, 'enabled': 1, diff --git a/tools/get-kubeadm-manifests/Dockerfile b/tools/get-kubeadm-manifests/Dockerfile index 7f95c04a93..67a1ab20dd 100644 --- a/tools/get-kubeadm-manifests/Dockerfile +++ b/tools/get-kubeadm-manifests/Dockerfile @@ -1,16 +1,15 @@ FROM centos:7 -ARG K8S_VERSION +ARG K8S_SHORT_VERSION RUN printf "[kubernetes]\n\ name=Kubernetes\n\ -baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64\n\ +baseurl=https://pkgs.k8s.io/core:/stable:/v${K8S_SHORT_VERSION}/rpm/\n\ enabled=1\n\ gpgcheck=1\n\ -gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg\n\ - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg\n" \ +gpgkey=https://pkgs.k8s.io/core:/stable:/v${K8S_SHORT_VERSION}/rpm/repodata/repomd.xml.key\n" \ > /etc/yum.repos.d/kubernetes.repo \ - && yum install -y "kubeadm-${K8S_VERSION}" --disableexcludes=kubernetes \ + && yum install -y kubeadm --disableexcludes=kubernetes \ && yum clean all RUN kubeadm init phase control-plane all \ diff --git a/tools/get-kubeadm-manifests/README.md b/tools/get-kubeadm-manifests/README.md index df0534e29f..18124b5323 100644 --- a/tools/get-kubeadm-manifests/README.md +++ b/tools/get-kubeadm-manifests/README.md @@ -6,8 +6,8 @@ specific version Build the docker container for the Kubernetes version you want ```shell -K8S_VERSION=$(grep 'K8S_VERSION.*=' "$(git rev-parse --show-toplevel)/buildchain/buildchain/versions.py" | cut -d '"' -f 2) -docker build "$(git rev-parse --show-toplevel)/tools/get-kubeadm-manifests" --build-arg "K8S_VERSION=$K8S_VERSION" -t "metalk8s-kubeadm:$K8S_VERSION" +K8S_SHORT_VERSION= +docker build "$(git rev-parse --show-toplevel)/tools/get-kubeadm-manifests" --build-arg "K8S_SHORT_VERSION=$K8S_SHORT_VERSION" -t "metalk8s-kubeadm:$K8S_SHORT_VERSION" ``` ## Get Kubernetes control plane manifests @@ -16,5 +16,5 @@ To retrieve the various Kubernetes control plane manifests, you must run the previously built container. ```shell -docker run -it --rm "metalk8s-kubeadm:$K8S_VERSION" +docker run -it --rm "metalk8s-kubeadm:$K8S_SHORT_VERSION" ```