mirror of https://github.com/k3s-io/k3s
Erik Wilson
GitHub
commit
669d0c0e31
|
|
@ -32,6 +32,9 @@ RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
|
|||
curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.30.0; \
|
||||
fi
|
||||
|
||||
ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/3.4.1/yq_linux
|
||||
RUN wget -O - ${YQ_URL}_$(go env GOARCH) > /usr/bin/yq && chmod +x /usr/bin/yq
|
||||
|
||||
ARG SELINUX=true
|
||||
ENV SELINUX $SELINUX
|
||||
|
||||
|
|
|
|||
|
|
@ -1,29 +1,41 @@
|
|||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
metadata:
|
||||
name: traefik-crd
|
||||
namespace: kube-system
|
||||
spec:
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-crd-9.14.2.tgz
|
||||
---
|
||||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
metadata:
|
||||
name: traefik
|
||||
namespace: kube-system
|
||||
spec:
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz
|
||||
chart: https://%{KUBERNETES_API}%/static/charts/traefik-9.14.2.tgz
|
||||
valuesContent: |-
|
||||
rbac:
|
||||
enabled: true
|
||||
ssl:
|
||||
enabled: true
|
||||
metrics:
|
||||
prometheus:
|
||||
enabled: true
|
||||
kubernetes:
|
||||
ingressEndpoint:
|
||||
useDefaultPublishedService: true
|
||||
ports:
|
||||
websecure:
|
||||
tls:
|
||||
enabled: true
|
||||
podAnnotations:
|
||||
prometheus.io/port: "8082"
|
||||
prometheus.io/scrape: "true"
|
||||
providers:
|
||||
kubernetesIngress:
|
||||
publishedService:
|
||||
enabled: true
|
||||
priorityClassName: "system-cluster-critical"
|
||||
image: "rancher/library-traefik"
|
||||
image:
|
||||
name: "rancher/library-traefik"
|
||||
tolerations:
|
||||
- key: "CriticalAddonsOnly"
|
||||
operator: "Exists"
|
||||
- key: "node-role.kubernetes.io/control-plane"
|
||||
operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
- key: "node-role.kubernetes.io/master"
|
||||
operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
- key: "CriticalAddonsOnly"
|
||||
operator: "Exists"
|
||||
- key: "node-role.kubernetes.io/control-plane"
|
||||
operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
- key: "node-role.kubernetes.io/master"
|
||||
operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
|
|
|
|||
|
|
@ -310,7 +310,7 @@ func rolebindingsYaml() (*asset, error) {
|
|||
return a, nil
|
||||
}
|
||||
|
||||
var _traefikYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x9c\x92\xcf\x8a\xdb\x4c\x10\xc4\xef\x7a\x8a\x46\xb0\x47\x49\x9f\x6f\x1f\x73\xdb\x38\x86\x84\x80\xb3\xc4\x49\xae\xa1\x35\x2a\x5b\x83\x47\x33\xa2\xbb\x65\xa2\xfc\x79\xf7\x20\xad\xe3\x0d\x21\x81\x25\xba\xa9\xe7\x57\xd5\x35\xc5\xf0\x18\x3e\x42\x34\xe4\xe4\xa8\x47\x1c\x6a\xcf\x66\x11\x75\xc8\xcd\x65\x53\x9c\x43\xea\x1c\xbd\x42\x1c\xb6\x3d\x8b\x15\x03\x8c\x3b\x36\x76\x05\x51\xe2\x01\x8e\x4c\x18\xc7\x70\xbe\xfe\xeb\xc8\x1e\x8e\xce\x53\x8b\x4a\x67\x35\x0c\x85\x8e\xf0\x0b\xee\x17\x03\x47\xbd\xd9\xa8\xae\x69\xee\xbe\xbe\xf9\xf0\x62\xf7\x6e\xbf\x7b\xbf\x3b\x7c\xba\x7f\x78\xfd\xfd\xae\x51\x63\x0b\xbe\x59\x41\x6d\xae\xc6\xd5\xa6\xfe\x7f\x53\xff\x57\xdb\xe9\x4b\x41\x74\xe1\x38\x41\xb7\x39\x19\x92\x39\xfa\x56\x15\x44\x44\xd2\xf2\xba\x62\xf9\x90\xb8\x8d\xe8\x96\x60\x13\xd6\x99\x6a\xfc\xfb\xe1\x00\x93\xe0\xf5\x27\x30\x4a\x1e\x60\x3d\xa6\xdb\xe4\x4f\xa2\xe5\x7a\x92\x60\xb8\x51\x21\x9d\x04\xaa\xbb\xd4\x8d\x39\x24\x7b\x12\x4f\x8a\x97\x38\xf2\x14\xed\x61\x6a\x63\xd0\x1e\xdd\x01\x72\x09\x1e\xbf\xf8\x8d\x12\xb2\x04\x9b\xb7\x91\x55\xf7\x6b\xad\xe5\x63\x7b\x95\x8f\x93\x1a\xa4\xf2\x12\x2c\x78\x8e\xe5\x2a\x08\x03\x9f\x16\x48\x38\xf9\x1e\xd2\xc4\xd0\x0a\xcb\x5c\x5d\x3b\x7b\x84\x2c\x47\x08\x5b\xc8\xe9\x16\xb3\xa2\x33\x66\x47\xe5\xf6\xea\x76\xdf\x75\x39\xe9\xdb\x14\xe7\xf2\x96\x38\x8f\x8b\x2a\x8b\xa3\x72\xf7\x39\xa8\x69\xf9\x9b\x38\xe5\x0e\x95\xe4\x88\xfa\xa9\x87\xe5\xb9\xf8\x9c\x4c\x72\xac\xc6\xc8\x09\xcf\xf0\x23\xc2\xf1\x08\x6f\x8e\xca\x7d\x3e\xf8\x1e\xdd\x14\xf1\xdc\x65\x03\x2f\xb5\xfc\xfb\x96\x1f\x01\x00\x00\xff\xff\x8e\x38\x58\x4b\xf7\x02\x00\x00")
|
||||
var _traefikYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xb4\x91\x5d\x8b\xdb\x3c\x10\x85\xef\xfd\x2b\x06\xc3\x5e\xca\x7e\x77\x79\x2f\xb6\xba\x4b\x43\xa0\x4b\x21\x2d\x4d\xdb\xdb\x32\x96\x27\xb1\x88\x2c\x89\x99\x71\xda\xf4\xe3\xbf\x17\xe5\x6b\x53\x58\xd8\x52\x5a\xdf\x79\x34\xe7\x99\xc3\x39\x98\xfd\x47\x62\xf1\x29\x5a\x18\x28\x8c\x8d\x43\xd5\x40\x8d\x4f\xed\xee\xb6\xda\xfa\xd8\x5b\x78\x45\x61\x9c\x0f\xc8\x5a\x8d\xa4\xd8\xa3\xa2\xad\x00\x22\x8e\x64\x41\x19\x69\xed\xb7\xc6\x71\x7f\x9a\x49\x46\x47\x16\xb6\x53\x47\x46\xf6\xa2\x34\x56\x92\xc9\x15\x89\x2b\x10\x0b\x83\x6a\x16\xdb\xb6\x37\xdf\x5e\x7f\x78\xb9\x78\xb7\x5c\xbc\x5f\xac\x3e\xcd\xde\x3e\xfc\xb8\x69\x45\x51\xbd\x6b\x0f\x8b\xd2\x5e\xc1\xcd\x8b\xe6\xf6\xff\xe6\xae\xd1\xcd\xd7\xca\x18\x53\xfd\x25\xdf\xff\xce\xf3\x95\x5f\x80\x1d\x86\x89\x64\x9e\xa2\x52\x54\x0b\xdf\x4d\x05\x00\xc0\x1d\x1e\x4e\x94\x8f\x22\x76\x81\xfa\x62\x6c\xa2\xc3\x2c\x27\x56\x39\x3f\x7f\xa6\x4e\xc8\x4d\x4c\xe7\x01\x80\x06\x79\xfc\x79\x1a\xd0\xcf\x62\x4c\xc5\x5d\x8a\x97\xdd\xcc\x69\x24\x1d\x68\x92\x92\x55\x39\x62\xa1\xbe\xff\xef\xfe\xae\x7e\x72\x41\x1c\x63\x26\x0b\x75\xc1\x1e\x57\x32\xa7\x9d\xef\x89\x2f\xc8\x12\x1b\x47\x52\x92\x87\xb8\x61\x92\x2b\x5f\x79\xea\x82\x97\x81\xfa\x15\xf1\xce\x3b\x7a\xc6\x31\xfb\xc4\x5e\xf7\xf3\x80\x22\xcb\x43\x4f\xf5\xb1\x0e\xe3\xc2\x24\x4a\x6c\x1c\x7b\xf5\x0e\xc3\xd1\x8a\x1f\x71\x73\x61\x1e\x8b\xad\x19\xa3\x1b\x88\xdb\xe0\x3b\x46\xde\x9b\x53\x21\x47\x81\xa6\x40\x7c\x1d\x88\x81\x2d\xed\x2d\xd4\xf3\x13\x77\xd6\xf7\x29\xca\x9b\x18\xf6\xe7\x3c\x52\x2e\x8a\xc4\x16\xea\xc5\x17\x2f\x2a\xf5\x2f\xc2\x98\x7a\x32\x9c\x02\x35\x8f\x31\x94\xe0\x5c\x8a\xca\x29\x98\x1c\x30\xd2\x33\x2c\x00\x5a\xaf\xc9\x95\x26\x96\x69\xe5\x06\xea\xa7\x40\xbf\x77\x66\xc4\x12\xcb\x9f\xf1\x7f\x06\x00\x00\xff\xff\xd5\xb5\xd7\x89\xfc\x03\x00\x00")
|
||||
|
||||
func traefikYamlBytes() ([]byte, error) {
|
||||
return bindataRead(
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import (
|
|||
"io/ioutil"
|
||||
net2 "net"
|
||||
"os"
|
||||
"path"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
|
@ -206,7 +207,6 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control)
|
|||
if err := static.Stage(dataDir); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
dataDir = filepath.Join(controlConfig.DataDir, "manifests")
|
||||
templateVars := map[string]string{
|
||||
"%{CLUSTER_DNS}%": controlConfig.ClusterDNS.String(),
|
||||
|
|
@ -214,13 +214,35 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control)
|
|||
"%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath,
|
||||
}
|
||||
|
||||
if err := deploy.Stage(dataDir, templateVars, controlConfig.Skips); err != nil {
|
||||
skip := controlConfig.Skips
|
||||
if !skip["traefik"] && isHelmChartTraefikV1(sc) {
|
||||
logrus.Warn("Skipping Traefik v2 deployment due to existing Traefik v1 installation")
|
||||
skip["traefik"] = true
|
||||
}
|
||||
if err := deploy.Stage(dataDir, templateVars, skip); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return deploy.WatchFiles(ctx, sc.Apply, sc.K3s.K3s().V1().Addon(), controlConfig.Disables, dataDir)
|
||||
}
|
||||
|
||||
// isHelmChartTraefikV1 checks for an existing HelmChart resource with spec.chart containing traefik-1,
|
||||
// as deployed by the legacy chart (https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz)
|
||||
func isHelmChartTraefikV1(sc *Context) bool {
|
||||
prefix := "traefik-1."
|
||||
helmChart, err := sc.Helm.Helm().V1().HelmChart().Get(metav1.NamespaceSystem, "traefik", metav1.GetOptions{})
|
||||
if err != nil {
|
||||
logrus.WithError(err).Info("Failed to get existing traefik HelmChart")
|
||||
return false
|
||||
}
|
||||
chart := path.Base(helmChart.Spec.Chart)
|
||||
if strings.HasPrefix(chart, prefix) {
|
||||
logrus.WithField("chart", chart).Info("Found existing traefik v1 HelmChart")
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func HomeKubeConfig(write, rootless bool) (string, error) {
|
||||
if write {
|
||||
if os.Getuid() == 0 && !rootless {
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -2,7 +2,7 @@ docker.io/rancher/coredns-coredns:1.8.0
|
|||
docker.io/rancher/klipper-helm:v0.4.3
|
||||
docker.io/rancher/klipper-lb:v0.1.2
|
||||
docker.io/rancher/library-busybox:1.32.1
|
||||
docker.io/rancher/library-traefik:1.7.19
|
||||
docker.io/rancher/library-traefik:2.4.2
|
||||
docker.io/rancher/local-path-provisioner:v0.0.19
|
||||
docker.io/rancher/metrics-server:v0.3.6
|
||||
docker.io/rancher/pause:3.1
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
apiVersion: ${api_version}
|
||||
version: ${chart_version}
|
||||
description: Installs the CRDs for ${name}.
|
||||
name: ${name}-crd
|
||||
type: application
|
||||
annotations:
|
||||
catalog.cattle.io/hidden: "true"
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
# ${name}-crd
|
||||
A Rancher chart that installs the CRDs used by [${name}](https://github.com/rancher/dev-charts/tree/master/packages/${name}).
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
|
||||
# {{- \$found := dict -}}
|
||||
${set_found_crd}
|
||||
# {{- range .Capabilities.APIVersions -}}
|
||||
# {{- if hasKey \$found (toString .) -}}
|
||||
# {{- set \$found (toString .) true -}}
|
||||
# {{- end -}}
|
||||
# {{- end -}}
|
||||
# {{- range \$_, \$exists := \$found -}}
|
||||
# {{- if (eq \$exists false) -}}
|
||||
# {{- required "Required CRDs are missing. Please install the ${name}-crd chart before installing this chart." "" -}}
|
||||
# {{- end -}}
|
||||
# {{- end -}}
|
||||
#{{- end -}}
|
||||
|
|
@ -5,23 +5,93 @@ cd $(dirname $0)/..
|
|||
. ./scripts/version.sh
|
||||
|
||||
ROOT_VERSION=v0.8.1
|
||||
TRAEFIK_VERSION=1.81.0
|
||||
TRAEFIK_VERSION=9.14.2 # appVersion: 2.4.2
|
||||
CHARTS_DIR=build/static/charts
|
||||
|
||||
mkdir -p ${CHARTS_DIR}
|
||||
|
||||
curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${ROOT_VERSION}/k3s-root-${ARCH}.tar | tar xf -
|
||||
|
||||
setup_tmp() {
|
||||
TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})
|
||||
cleanup() {
|
||||
code=$?
|
||||
set +e
|
||||
trap - EXIT
|
||||
rm -rf ${TMP_DIR}
|
||||
exit $code
|
||||
}
|
||||
trap cleanup INT EXIT
|
||||
}
|
||||
|
||||
download_and_package_traefik () {
|
||||
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
|
||||
curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}
|
||||
code=$?
|
||||
|
||||
if [ $code -ne 0 ]; then
|
||||
echo "Error: Failed to download Traefik Helm chart!"
|
||||
exit $code
|
||||
fi
|
||||
|
||||
echo "Uncompress ${TMP_DIR}/${TRAEFIK_FILE}"
|
||||
tar xf ${TMP_DIR}/${TRAEFIK_FILE} -C ${TMP_DIR}
|
||||
|
||||
echo "Prepare traefik CRD"
|
||||
TRAEFIK_TMP_CHART=${TMP_DIR}/traefik
|
||||
TRAEFIK_TMP_CRD=${TRAEFIK_TMP_CHART}-crd
|
||||
|
||||
# Collect information on chart
|
||||
name=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'name')
|
||||
api_version=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'apiVersion')
|
||||
chart_version=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'version')
|
||||
|
||||
# Collect information on CRDs
|
||||
crd_apis=()
|
||||
for crd_yaml in ${TRAEFIK_TMP_CHART}/crds/*; do
|
||||
crd_group=$(yq r ${crd_yaml} 'spec.group')
|
||||
crd_kind=$(yq r ${crd_yaml} 'spec.names.kind')
|
||||
crd_version=$(yq r ${crd_yaml} 'spec.version')
|
||||
if [[ -z "$crd_version" ]]; then
|
||||
crd_version=$(yq r ${crd_yaml} 'spec.versions[0].name')
|
||||
fi
|
||||
crd_apis+=("${crd_group}/${crd_version}/${crd_kind}")
|
||||
done
|
||||
|
||||
set_found_crd=$(
|
||||
for crd in ${crd_apis[@]}; do
|
||||
echo "# {{- set \$found \"${crd}\" false -}}"
|
||||
done
|
||||
)
|
||||
|
||||
# Copy base template and apply variables to the template
|
||||
mkdir -p ${TRAEFIK_TMP_CRD}
|
||||
cp -R ./scripts/chart-templates/crd-base/* ${TRAEFIK_TMP_CRD}
|
||||
for template_file in $(find ${TRAEFIK_TMP_CRD} -type f); do
|
||||
# Applies any environment variables currently set onto your template file
|
||||
eval "echo \"$(sed 's/"/\\"/g' ${template_file})\"" > ${template_file}
|
||||
done
|
||||
|
||||
# Move anything from ${f}/charts-crd/overlay-upstream to the main chart
|
||||
cp -R ${TRAEFIK_TMP_CRD}/overlay-upstream/* ${TRAEFIK_TMP_CHART}
|
||||
rm -rf ${TRAEFIK_TMP_CRD}/overlay-upstream
|
||||
|
||||
# Move CRDs from main chart to CRD chart
|
||||
mkdir -p ${TRAEFIK_TMP_CRD}/templates
|
||||
mv ${TRAEFIK_TMP_CHART}/crds/* ${TRAEFIK_TMP_CRD}/templates
|
||||
rm -rf ${TRAEFIK_TMP_CHART}/crds
|
||||
|
||||
# Package charts
|
||||
OPTS="--format gnu --sort=name --owner=0 --group=0 --numeric-owner"
|
||||
GZIP=-n tar ${OPTS} --mtime='UTC 2021-01-01' -cz -f ${CHARTS_DIR}/${TRAEFIK_FILE} -C ${TMP_DIR} $(basename ${TRAEFIK_TMP_CHART})
|
||||
GZIP=-n tar ${OPTS} --mtime='UTC 2021-01-01' -cz -f ${CHARTS_DIR}/${TRAEFIK_CRD_FILE} -C ${TMP_DIR} $(basename ${TRAEFIK_TMP_CRD})
|
||||
}
|
||||
|
||||
TRAEFIK_FILE=traefik-${TRAEFIK_VERSION}.tgz
|
||||
TRAEFIK_URL=https://charts.helm.sh/stable/packages/${TRAEFIK_FILE}
|
||||
TRAEFIK_CRD_FILE=traefik-crd-${TRAEFIK_VERSION}.tgz
|
||||
TRAEFIK_URL=https://helm.traefik.io/traefik/${TRAEFIK_FILE}
|
||||
|
||||
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
|
||||
curl -sfL ${TRAEFIK_URL} -o ${CHARTS_DIR}/${TRAEFIK_FILE}
|
||||
code=$?
|
||||
|
||||
if [ $code -ne 0 ]; then
|
||||
echo "Error: Failed to download Traefik Helm chart!"
|
||||
exit $code
|
||||
fi
|
||||
setup_tmp
|
||||
download_and_package_traefik
|
||||
|
||||
cp scripts/wg-add.sh bin/aux/
|
||||
|
|
|
|||
Loading…
Reference in New Issue