starlingx/integ
Code Issues Proposed changes
integ/kubernetes/armada/debian/deb_folder/patches/0004-Add-Helm-v2-client-initialization.patch
Dan Voiculeasa 0783ec950b Debian: Upversion armada sources for container build 
Currently, we use in the playbooks [1] an armada image built upstream
[2]. We use armada from upstream helm2 branch.

Armada needs to be patched to add support for k8s >=1.22.
Proposed an upstream patch, but we don't know how long it takes until
it is merged:
https://review.opendev.org/c/airship/armada/+/845392

Instead of waiting for upstream commit to merge, and an image be
generated, we provide the code change here, so an armada image with
k8s >=1.22 support can be generated. The k8s >=1.22 support is added
by patch 0003.
Necessary StarlingX build changes to support generating an container
image and push to https://hub.docker.com/r/starlingx will be
addressed in another commit.

Note: since we always used an upstream built armada container, this
package purpose was to provide helm chart overrides. We add a new
purpose: to release to opensource the changes we are about to do to
armada, since we'll be building a container image using these changes.

To achieve this we do the following:
- upversion sources from 7ef4b8643b5ec5216a8f6726841e156c0aa54a1a
to ddbdd7256c20f138737f6cbd772312f7a19f58b8. This ensures we are
patching the image used in the playbooks[2].
- create patches 0001 and 0002 to ensure there are no helm chart
changes between upversion. This reduces testing effort related to
original purpose (provide helm chart overrides) of this package.
- create patch 0003 to add k8s >=1.22 support.
- old patches are not changed, but renamed from 0001->0005 to
0004->0008 and regenerated.

Other notes:
We don't need to port this work to CentOS. This work is supposed to be
temporary until the upstream airship/armada commit merges.

Tests on Debian:
PASS: build-pkgs -c -p armada
PASS: make images
      Upload image to controller, use it.
      Using the new armada image do an apply,remove,apply,remove,apply
      chain for a custom StarlingX app.

[1]: https://opendev.org/starlingx/ansible-playbooks/src/branch/
master/playbookconfig/src/playbooks/roles/common/
load-images-information/vars/k8s-v1.22.5/system-images.yml#L5
[2] quay.io/airshipit/armada:
ddbdd7256c20f138737f6cbd772312f7a19f58b8-ubuntu_bionic

Partial-Bug: 1978409
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Change-Id: Id51c241a3965ef462d325da4ffce37a81693a9f4
2022-06-14 21:18:06 +03:00

113 lines
4.2 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 1c73f6739eb672b330669fda5e427099c08c3490 Mon Sep 17 00:00:00 2001
From: Thiago Brito <thiago.brito@windriver.com>
Date: Thu, 22 Apr 2021 20:00:51 -0300
Subject: [PATCH 4/8] Add Helm v2 client initialization
This adds helm v2 client initialization using the tiller
container postStart exec to access helm v2 binary.
This will perform 'helm init', removes the default repos
'stable' and 'local', and add valid repos that were provided
as overrides. Note that helm will only add repos that exist.
This expects overrides in this format:
conf:
tiller:
charts_url: 'http://192.168.204.1:8080/helm_charts'
repo_names:
- 'starlingx'
- 'stx-platform'
repos:
stable: https://kubernetes-charts.storage.googleapis.com
This gives the following result:
helmv2-cli -- helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
starlingx http://192.168.204.1:8080/helm_charts/starlingx
stx-platform http://192.168.204.1:8080/helm_charts/stx-platform
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
---
charts/armada/templates/deployment-api.yaml | 33 +++++++++++++++++++++
charts/armada/values.yaml | 10 +++++++
2 files changed, 43 insertions(+)
diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml
index 562e3d0..69036c0 100644
--- a/charts/armada/templates/deployment-api.yaml
+++ b/charts/armada/templates/deployment-api.yaml
@@ -186,6 +186,39 @@ spec:
- -trace
{{- end }}
lifecycle:
+ postStart:
+ exec:
+ command:
+ - sh
+ - "-c"
+ - |
+ /bin/sh <<'EOF'
+ # Delay initialization since postStart handler runs asynchronously and there
+ # is no guarantee it is called before the Containers entrypoint.
+ sleep 5
+ # Initialize Helm v2 client.
+ export HELM_HOST=:{{ .Values.conf.tiller.port }}
+ /helm init --client-only --skip-refresh
+
+ # Moving the ln up so eventual errors on the next commands doesn't prevent
+ # having helm available
+ ln -s -f /helm /tmp/helm
+
+ # Removes all repos available so we don't get an error removing what
+ # doesn't exist anymore or error re-adding an existing repo
+ /helm repo list | awk '(NR>1){print $1}' | xargs --no-run-if-empty /helm repo rm
+{{- if .Values.conf.tiller.repos }}
+ {{- range $name, $repo := .Values.conf.tiller.repos }}
+ /helm repo add {{ $name }} {{ $repo }}
+ {{- end }}
+{{- end }}
+{{- if .Values.conf.tiller.repo_names }}
+ {{- range .Values.conf.tiller.repo_names }}
+ /helm repo add {{ . }} {{ $envAll.Values.conf.tiller.charts_url }}/{{ . }}
+ {{- end }}
+{{- end }}
+ exit 0
+ EOF
preStop:
exec:
command:
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
index 3a4427e..da45810 100644
--- a/charts/armada/values.yaml
+++ b/charts/armada/values.yaml
@@ -220,6 +220,10 @@ conf:
# Note: Defaulting to the (default) kubernetes grace period, as anything
# greater than that will have no effect.
prestop_sleep: 30
+ # Helm v2 initialization
+ charts_url: null
+ repo_names: []
+ repos: {}
monitoring:
prometheus:
@@ -325,7 +329,13 @@ pod:
volumes:
- name: kubernetes-client-cache
emptyDir: {}
+ - name: tiller-tmp
+ emptyDir: {}
volumeMounts:
+ - name: tiller-tmp
+ # /tmp is now readOnly due to the security_context on L288, so
+ # mounting an emptyDir
+ mountPath: /tmp
- name: kubernetes-client-cache
# Should be the `$HOME/.kube` of the `runAsUser` above
# as this is where tiller's kubernetes client roots its cache dir.
--
2.34.1
View Git Blame Copy Permalink