From 9b017a83b5125b759faebf292f3615b7c3ed98f3 Mon Sep 17 00:00:00 2001 From: Renuka Manavalan <47282725+renukamanavalan@users.noreply.github.com> Date: Thu, 16 Apr 2020 21:54:45 -0700 Subject: [PATCH] [baseimage]: Install Kubernetes packages if enabled in image (#4374) (#4432) Install kubeadm, which transparently installs kubelet & kubectl As well download required Kubernetes images required to run as kubernetes node. The kubelet service is intentionally kept in disabled state, as it would otherwise continuously restart wasting resources, until join to master. --- Makefile.work | 5 +++++ build_debian.sh | 16 ++++++++++++++++ .../build_templates/sonic_debian_extension.j2 | 19 +++++++++++++++++++ files/image_config/kubernetes/kubernetes.list | 4 ++++ rules/config | 15 +++++++++++++++ slave.mk | 2 ++ 6 files changed, 61 insertions(+) create mode 100644 files/image_config/kubernetes/kubernetes.list diff --git a/Makefile.work b/Makefile.work index a1ccf87155..e4e31a1345 100644 --- a/Makefile.work +++ b/Makefile.work @@ -9,6 +9,7 @@ # through http. # * ENABLE_ZTP: Enables zero touch provisioning. # * SHUTDOWN_BGP_ON_START: Sets admin-down state for all bgp peerings after restart. +# * INSTALL_KUBERNETES: Allows including Kubernetes # * ENABLE_PFCWD_ON_START: Enable PFC Watchdog (PFCWD) on server-facing ports # * by default for TOR switch. # * ENABLE_SYNCD_RPC: Enables rpc-based syncd builds. @@ -165,6 +166,10 @@ SONIC_BUILD_INSTRUCTION := make \ ENABLE_DHCP_GRAPH_SERVICE=$(ENABLE_DHCP_GRAPH_SERVICE) \ ENABLE_ZTP=$(ENABLE_ZTP) \ SHUTDOWN_BGP_ON_START=$(SHUTDOWN_BGP_ON_START) \ + INSTALL_KUBERNETES=$(INSTALL_KUBERNETES) \ + KUBERNETES_VERSION=$(KUBERNETES_VERSION) \ + K8s_GCR_IO_PAUSE_VERSION=$(K8s_GCR_IO_PAUSE_VERSION) \ + K8s_CNI_CALICO_VERSION=$(K8s_CNI_CALICO_VERSION) \ SONIC_ENABLE_PFCWD_ON_START=$(ENABLE_PFCWD_ON_START) \ SONIC_ENABLE_SYNCD_RPC=$(ENABLE_SYNCD_RPC) \ SONIC_INSTALL_DEBUG_TOOLS=$(INSTALL_DEBUG_TOOLS) \ diff --git a/build_debian.sh b/build_debian.sh index 51154cc073..fac25f18de 100755 --- a/build_debian.sh +++ b/build_debian.sh @@ -203,6 +203,22 @@ sudo LANG=C chroot $FILESYSTEM_ROOT apt-get update sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y install docker-ce=${DOCKER_VERSION} sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y remove software-properties-common gnupg2 +if [ "$INSTALL_KUBERNETES" == "y" ] +then + ## Install Kubernetes + echo '[INFO] Install kubernetes' + sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT curl -fsSL \ + https://packages.cloud.google.com/apt/doc/apt-key.gpg | \ + sudo LANG=C chroot $FILESYSTEM_ROOT apt-key add - + ## Check out the sources list update matches current Debian version + sudo cp files/image_config/kubernetes/kubernetes.list $FILESYSTEM_ROOT/etc/apt/sources.list.d/ + sudo LANG=C chroot $FILESYSTEM_ROOT apt-get update + sudo LANG=C chroot $FILESYSTEM_ROOT apt-get -y install kubeadm=${KUBERNETES_VERSION}-00 + # kubeadm package auto install kubelet & kubectl +else + echo '[INFO] Skipping Install kubernetes' +fi + ## Add docker config drop-in to specify dockerd command line sudo mkdir -p $FILESYSTEM_ROOT/etc/systemd/system/docker.service.d/ ## Note: $_ means last argument of last command diff --git a/files/build_templates/sonic_debian_extension.j2 b/files/build_templates/sonic_debian_extension.j2 index 4b5234bc96..7a98d30b29 100644 --- a/files/build_templates/sonic_debian_extension.j2 +++ b/files/build_templates/sonic_debian_extension.j2 @@ -245,6 +245,13 @@ sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT pip install azure-s sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT pip install watchdog sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT pip install futures +{% if install_kubernetes == "y" %} +# Copy kubelet service files +# Keep it disabled until join, else it continuously restart and as well spew too many +# non-required log lines wasting syslog resources. +sudo LANG=C chroot $FILESYSTEM_ROOT systemctl disable kubelet.service +{% endif %} + # Copy the buffer configuration template sudo cp $BUILD_TEMPLATES/buffers_config.j2 $FILESYSTEM_ROOT_USR_SHARE_SONIC_TEMPLATES/ @@ -399,6 +406,18 @@ sudo LANG=C chroot $FILESYSTEM_ROOT docker $SONIC_NATIVE_DOCKERD_FOR_DOCKERFS ta sudo LANG=C chroot $FILESYSTEM_ROOT docker $SONIC_NATIVE_DOCKERD_FOR_DOCKERFS tag {{imagename}}:latest {{imagebasename}}:latest {% endif %} {% endfor %} + +{% if install_kubernetes == "y" %} +## Pull in kubernetes docker images +echo "pulling universal k8s images ..." +sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT docker pull k8s.gcr.io/pause:${K8s_GCR_IO_PAUSE_VERSION} +sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT docker pull k8s.gcr.io/kube-proxy:v${KUBERNETES_VERSION} +sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT docker pull calico/node:v${K8s_CNI_CALICO_VERSION} +sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT docker pull calico/pod2daemon-flexvol:v${K8s_CNI_CALICO_VERSION} +sudo https_proxy=$https_proxy LANG=C chroot $FILESYSTEM_ROOT docker pull calico/cni:v${K8s_CNI_CALICO_VERSION} +echo "docker images pull complete" +{% endif %} + if [[ $CONFIGURED_ARCH == armhf || $CONFIGURED_ARCH == arm64 ]]; then sudo umount $FILESYSTEM_ROOT/dockerfs sudo rm -fr $FILESYSTEM_ROOT/dockerfs diff --git a/files/image_config/kubernetes/kubernetes.list b/files/image_config/kubernetes/kubernetes.list new file mode 100644 index 0000000000..5c888b8306 --- /dev/null +++ b/files/image_config/kubernetes/kubernetes.list @@ -0,0 +1,4 @@ +# The following is as recommended by https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ +# Whenever an OS update from Debian stretch is done, make sure to find the matching k8s sources list +# +deb https://apt.kubernetes.io/ kubernetes-xenial main diff --git a/rules/config b/rules/config index c168fa5a96..b3aa7bce3a 100644 --- a/rules/config +++ b/rules/config @@ -110,3 +110,18 @@ ENABLE_RESTAPI = n # ENABLE_NAT - build docker-sonic-nat for nat support ENABLE_NAT = y + +# INSTALL_KUBERNETES - if set to y kubernetes packages are installed to be able to +# run as worker node in kubernetes cluster. +INSTALL_KUBERNETES = n + +# KUBERNETES_VERSION - Set to the required version. +# K8s_GCR_IO_PAUSE_VERSION - Version of k8s universal pause container image +# K8s_CNI_CALICO_VERSION - Calico used as CNI; Appropriate version for this Kubernetes version +# These are Used *only* when INSTALL_KUBERNETES=y +# NOTE: As a worker node it has to run version compatible to kubernetes master. +# +KUBERNETES_VERSION = 1.18.0 +K8s_GCR_IO_PAUSE_VERSION = 3.2 +K8s_CNI_CALICO_VERSION = 3.12.0 + diff --git a/slave.mk b/slave.mk index 21c1176fee..0c4f2c70b3 100644 --- a/slave.mk +++ b/slave.mk @@ -187,6 +187,7 @@ $(info "USERNAME" : "$(USERNAME)") $(info "PASSWORD" : "$(PASSWORD)") $(info "ENABLE_DHCP_GRAPH_SERVICE" : "$(ENABLE_DHCP_GRAPH_SERVICE)") $(info "SHUTDOWN_BGP_ON_START" : "$(SHUTDOWN_BGP_ON_START)") +$(info "INSTALL_KUBERNETES" : "$(INSTALL_KUBERNETES)") $(info "ENABLE_PFCWD_ON_START" : "$(ENABLE_PFCWD_ON_START)") $(info "INSTALL_DEBUG_TOOLS" : "$(INSTALL_DEBUG_TOOLS)") $(info "ROUTING_STACK" : "$(SONIC_ROUTING_STACK)") @@ -658,6 +659,7 @@ $(addprefix $(TARGET_PATH)/, $(SONIC_INSTALLERS)) : $(TARGET_PATH)/% : \ export enable_ztp="$(ENABLE_ZTP)" export enable_nat="$(ENABLE_NAT)" export shutdown_bgp_on_start="$(SHUTDOWN_BGP_ON_START)" + export install_kubernetes="$(INSTALL_KUBERNETES)" export enable_pfcwd_on_start="$(ENABLE_PFCWD_ON_START)" export installer_debs="$(addprefix $(STRETCH_DEBS_PATH)/,$($*_INSTALLS))" export lazy_installer_debs="$(foreach deb, $($*_LAZY_INSTALLS),$(foreach device, $($(deb)_PLATFORM),$(addprefix $(device)@, $(STRETCH_DEBS_PATH)/$(deb))))"