github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Separate federation build.sh into development and deployment scripts. 

The idea behind this separation is that it provides a clear distinction
between the dev environment and the prod environment. The
deploy/deploy.sh script will be shipped to the users, but
develop/develop.sh will be purely for development purposes and won't
be part of a release distribution.

Purely for developer convenience, all the deployment functionality is
made available through the develop/develop.sh script.

This change also copies deploy/* files into the release distribution.
pull/6/head
Madhusudan.C.S 2016-08-16 22:33:06 -07:00
parent 8f0109ea21
commit 9650a84f7b
6 changed files with 362 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
build/common.sh
View File

@ -1036,10 +1036,11 @@ function kube::release::package_full_tarball() {
mkdir -p "${release_stage}/third_party"
cp -R "${KUBE_ROOT}/third_party/htpasswd" "${release_stage}/third_party/htpasswd"
# Include only federation/cluster and federation/manifests
# Include only federation/cluster, federation/manifests and federation/deploy
mkdir "${release_stage}/federation"
cp -R "${KUBE_ROOT}/federation/cluster" "${release_stage}/federation/"
cp -R "${KUBE_ROOT}/federation/manifests" "${release_stage}/federation/"
cp -R "${KUBE_ROOT}/federation/deploy" "${release_stage}/federation"
cp -R "${KUBE_ROOT}/examples" "${release_stage}/"
cp -R "${KUBE_ROOT}/docs" "${release_stage}/"

6
federation/README.md
View File

@ -53,11 +53,7 @@ make build do=destroy
12. `destroy`: destroy-federation + destroy-clusters
13. `redeploy-federation`: just redeploys the federation components.
2. Add a `release` phase to run as part of Kubernetes release process
that copies only a part of the `build.sh` script that's relevant to
the users into the release.
3. Continue with `destroy` phase even in the face of errors.
2. Continue with `destroy` phase even in the face of errors.
The bash script sets `set -e errexit` which causes the script to exit
at the very first error. This should be the default mode for deploying

217
federation/build.sh
View File

@ -1,217 +0,0 @@
#!/usr/bin/env bash
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build the hyperkube image and push it to the repository
# referred to by KUBE_REGISTRY. The image will be given a version tag with
# the value from KUBE_VERSION. It also turns up/turns down Kubernetes
# clusters and federation components using the built hyperkube image.
# e.g. run as:
# KUBE_REGISTRY=localhost:5000/anushku \
# KUBE_VERSION=1.3.0-dev ./build.sh
#
# will deploy the components using
# localhost:5000/anushku/hyperkube-amd64:1.3.0-dev image.
# Everything in this script is expected to be executed from the $KUBE_ROOT
# directory.
# TODO(madhusudancs): Separate the dev functions from the deployment
# functions. A lot of code here is to make this work in dev environments.
# The script that we ship to the users as part of a release should be
# much simpler (about 80% of the code here could be removed for non-dev
# environments).
set -o errexit
set -o nounset
set -o pipefail
KUBE_ROOT=$(dirname "${BASH_SOURCE}")/..
CUR_ROOT=$(dirname "${BASH_SOURCE}")
source "${KUBE_ROOT}/build/common.sh"
source "${KUBE_ROOT}/build/util.sh"
# Provides the $KUBERNETES_PROVIDER variable and detect-project function
source "${KUBE_ROOT}/cluster/kube-util.sh"
source "${KUBE_ROOT}/cluster/lib/logging.sh"
readonly ACTION="${1:-gen}"
readonly TMP_DIR="$(mktemp -d)"
readonly FEDERATION_OUTPUT_ROOT="${LOCAL_OUTPUT_ROOT}/federation"
readonly KUBE_ANYWHERE_FEDERATION_IMAGE="gcr.io/madhusudancs-containers/kubernetes-anywhere-federation"
readonly KUBE_ANYWHERE_FEDERATION_VERSION="v0.9.0"
readonly KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE="gcr.io/madhusudancs-containers/federation-charts"
readonly KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION="v0.9.0"
readonly GOOGLE_APPLICATION_CREDENTIALS="${GOOGLE_APPLICATION_CREDENTIALS:-${HOME}/.config/gcloud/application_default_credentials.json}"
readonly KUBE_CONFIG_DIR="${KUBE_CONFIG_DIR:-${HOME}/.kube}"
readonly KUBE_CONFIG="${KUBE_CONFIG:-${HOME}/.kube/config}"
detect-project
readonly KUBE_PROJECT="${KUBE_PROJECT:-${PROJECT:-}}"
readonly KUBE_REGISTRY="${KUBE_REGISTRY:-gcr.io/${KUBE_PROJECT}}"
# In dev environments this value must be recomputed after build. See
# the build() function. Not making it readonly
KUBE_VERSION="${KUBE_VERSION:-}"
function cleanup {
rm -rf "${TMP_DIR}"
cd "${CUR_ROOT}"
}
trap cleanup EXIT
function dirty_sha() {
local -r index="${KUBE_ROOT}/.git/index"
local -r objects_dir="${KUBE_ROOT}/.git/objects"
local -r tmp_dir="${TMP_DIR}/.git"
local -r tmp_index="${tmp_dir}/index"
local -r tmp_objects_dir="${tmp_dir}/objects"
mkdir -p "${tmp_objects_dir}"
cp "${index}" "${tmp_index}"
local -r files=$(git ls-files -m -o -d --exclude-standard)
GIT_INDEX_FILE="${tmp_index}" git add ${files}
GIT_ALTERNATE_OBJECT_DIRECTORIES="${objects_dir}" GIT_OBJECT_DIRECTORY="${tmp_objects_dir}" GIT_INDEX_FILE="${tmp_index}" git write-tree
}
function update_config() {
local -r q="${1:-}"
local -r cfile="${2:-}"
local -r bname="$(basename ${cfile})"
jq "${q}" "${cfile}" > "${TMP_DIR}/${bname}"
mv "${TMP_DIR}/${bname}" "${cfile}"
}
function build() {
kube::build::verify_prereqs
kube::build::build_image
kube::build::run_build_command make WHAT="cmd/kubectl cmd/hyperkube"
# Recompute KUBE_VERSION because it might have changed after rebuild.
KUBE_VERSION="${KUBE_VERSION:-$(kube::release::semantic_image_tag_version)}"
# Also append the dirty tree SHA to keep the versions unique across
# builds.
if [[ "${KUBE_VERSION}" == *-dirty ]]; then
KUBE_VERSION+=".$(dirty_sha)"
fi
BASEIMAGE="ubuntu:16.04" \
REGISTRY="${KUBE_REGISTRY}" \
VERSION="${KUBE_VERSION}" \
make -C "${KUBE_ROOT}/cluster/images/hyperkube" build
}
function push() {
kube::log::status "Pushing hyperkube image to the registry"
gcloud docker push "${KUBE_REGISTRY}/hyperkube-amd64:${KUBE_VERSION}"
}
function pull_installer() {
kube::log::status "Pulling installer images"
docker pull "${KUBE_ANYWHERE_FEDERATION_IMAGE}:${KUBE_ANYWHERE_FEDERATION_VERSION}"
docker pull "${KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE}:${KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION}"
}
function ensure_files() {
kube::log::status "Ensure provider is supported..."
if [[ "${KUBERNETES_PROVIDER:-}" != "gce" ]]; then
echo "Supported providers: \"gce\""
exit 1
fi
kube::log::status "Ensure credential files exist..."
if [[ ! -f "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then
echo "Please ensure Google credentials file \""${GOOGLE_APPLICATION_CREDENTIALS}"\" exists."
exit 1
fi
if [[ ! -f "${KUBE_CONFIG}" ]]; then
echo "Please ensure kubeconfig file \""${KUBE_CONFIG}"\" exists."
exit 1
fi
}
function kube_action() {
kube::log::status "${ACTION} clusters"
docker run \
--user="$(id -u):$(id -g)" \
-m 12G \
-v "${GOOGLE_APPLICATION_CREDENTIALS}:/.config/gcloud/application_default_credentials.json:ro" \
-v "${KUBE_CONFIG_DIR}:/.kube" \
-v "${FEDERATION_OUTPUT_ROOT}:/_output" \
"${KUBE_ANYWHERE_FEDERATION_IMAGE}:${KUBE_ANYWHERE_FEDERATION_VERSION}" \
"${ACTION}"
}
function federation_action() {
kube::log::status "${ACTION} federation components"
docker run \
-m 12G \
-v "${KUBE_CONFIG}:/root/.kube/config:ro" \
-v "${FEDERATION_OUTPUT_ROOT}:/_output" \
"${KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE}:${KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION}" \
"${ACTION}"
}
function gen_or_update_config() {
mkdir -p "${FEDERATION_OUTPUT_ROOT}"
cp "federation/config.default.json" "${FEDERATION_OUTPUT_ROOT}/config.json"
update_config \
'[.[] | .phase1.gce.project |= "'"${KUBE_PROJECT}"'"]' \
"${FEDERATION_OUTPUT_ROOT}/config.json"
# Not chaining for readability
update_config \
'[.[] | .phase2 = { docker_registry: "'"${KUBE_REGISTRY}"'", kubernetes_version: "'"${KUBE_VERSION}"'" } ]' \
"${FEDERATION_OUTPUT_ROOT}/config.json"
cat <<EOF> "${FEDERATION_OUTPUT_ROOT}/values.yaml"
apiserverRegistry: "${KUBE_REGISTRY}"
apiserverVersion: "${KUBE_VERSION}"
controllerManagerRegistry: "${KUBE_REGISTRY}"
controllerManagerVersion: "${KUBE_VERSION}"
EOF
}
if [[ "${ACTION}" == "gen" || "${ACTION}" == "deploy" ]]; then
ensure_files
cd "${KUBE_ROOT}"
build
push
pull_installer
# Update config after build and push, but before turning up the clusters
# to ensure the config has the right image version tags.
gen_or_update_config
kube_action
federation_action
else
federation_action
kube_action
fi
kube::log::status "Successfully completed!"

0
federation/config.default.json → federation/deploy/config.json.sample
View File

141
federation/deploy/deploy.sh Executable file
View File

@ -0,0 +1,141 @@
#!/usr/bin/env bash
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script turns up/turns down Kubernetes clusters and federation
# components using the built hyperkube image.
# e.g. run as:
# FEDERATION_OUTPUT_ROOT="./_output" ./deploy.sh deploy_clusters
#
# will deploy the kubernetes clusters using the configuration specified
# in $FEDERATION_OUTPUT_ROOT/config.json.
#
# See config.json.sample for a config.json example.
set -o errexit
set -o nounset
set -o pipefail
KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../..
# Provides the $KUBERNETES_PROVIDER variable and detect-project function
source "${KUBE_ROOT}/cluster/kube-util.sh"
# Provides logging facilities
source "${KUBE_ROOT}/cluster/lib/logging.sh"
readonly KUBE_ANYWHERE_FEDERATION_IMAGE="gcr.io/madhusudancs-containers/kubernetes-anywhere-federation"
readonly KUBE_ANYWHERE_FEDERATION_VERSION="v0.9.0"
readonly KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE="gcr.io/madhusudancs-containers/federation-charts"
readonly KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION="v0.9.0"
readonly GOOGLE_APPLICATION_CREDENTIALS="${GOOGLE_APPLICATION_CREDENTIALS:-${HOME}/.config/gcloud/application_default_credentials.json}"
readonly KUBE_CONFIG_DIR="${KUBE_CONFIG_DIR:-${HOME}/.kube}"
readonly KUBE_CONFIG="${KUBE_CONFIG:-${HOME}/.kube/config}"
function pull_installer() {
kube::log::status "Pulling installer images"
docker pull "${KUBE_ANYWHERE_FEDERATION_IMAGE}:${KUBE_ANYWHERE_FEDERATION_VERSION}"
docker pull "${KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE}:${KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION}"
}
function ensure_files() {
kube::log::status "Ensure provider is supported"
if [[ "${KUBERNETES_PROVIDER:-}" != "gce" ]]; then
echo "Supported providers: \"gce\""
exit 1
fi
kube::log::status "Ensure credential files exist"
if [[ ! -f "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then
echo "Please ensure Google credentials file \""${GOOGLE_APPLICATION_CREDENTIALS}"\" exists."
exit 1
fi
if [[ ! -f "${KUBE_CONFIG}" ]]; then
echo "Please ensure kubeconfig file \""${KUBE_CONFIG}"\" exists."
exit 1
fi
}
function kube_action() {
: "${FEDERATION_OUTPUT_ROOT:?must be set}"
local -r action="${1:-}"
kube::log::status "Action: ${action} clusters"
docker run \
--user="$(id -u):$(id -g)" \
-m 12G \
-v "${GOOGLE_APPLICATION_CREDENTIALS}:/.config/gcloud/application_default_credentials.json:ro" \
-v "${KUBE_CONFIG_DIR}:/.kube" \
-v "${FEDERATION_OUTPUT_ROOT}:/_output" \
"${KUBE_ANYWHERE_FEDERATION_IMAGE}:${KUBE_ANYWHERE_FEDERATION_VERSION}" \
"${action}"
}
function federation_action() {
: "${FEDERATION_OUTPUT_ROOT:?must be set}"
local -r action="${1:-}"
kube::log::status "Action: ${action} federation components"
docker run \
-m 12G \
-v "${KUBE_CONFIG}:/root/.kube/config:ro" \
-v "${FEDERATION_OUTPUT_ROOT}:/_output" \
"${KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE}:${KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION}" \
"${action}"
}
function redeploy_federation() {
: "${FEDERATION_OUTPUT_ROOT:?must be set}"
local -r action="${1:-}"
kube::log::status "${action} federation components"
docker run \
-m 12G \
-v "${KUBE_CONFIG}:/root/.kube/config:ro" \
-v "${FEDERATION_OUTPUT_ROOT}:/_output" \
"${KUBE_ANYWHERE_FEDERATION_CHARTS_IMAGE}:${KUBE_ANYWHERE_FEDERATION_CHARTS_VERSION}" \
"${action}"
}
readonly ACTION="${1:-}"
case "${ACTION}" in
"")
echo 'Action must be one of [init, deploy_clusters, deploy_federation, \
destroy_federation, destroy_clusters, redeploy_federation], \
got: '"${ACTION}"
exit 1
;;
"init")
pull_installer
;;
"deploy_clusters")
ensure_files
kube_action deploy
;;
"deploy_federation")
ensure_files
federation_action deploy
;;
"destroy_federation")
federation_action destroy
;;
"destroy_clusters")
kube_action destroy
;;
"redeploy_federation")
redeploy_federation
;;
esac

218
federation/develop/develop.sh Executable file
View File

@ -0,0 +1,218 @@
#!/usr/bin/env bash
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build the hyperkube image and push it to the repository
# referred to by KUBE_REGISTRY. The image will be given a version tag with
# the value from KUBE_VERSION.
# e.g. run as:
# KUBE_REGISTRY=localhost:5000/anushku \
# KUBE_VERSION=1.3.0-dev ./build.sh build_image
#
# will build the Docker images with the specified repository name and the
# image version tag.
set -o errexit
set -o nounset
set -o pipefail
KUBE_ROOT="$(dirname "${BASH_SOURCE}")/../.."
DEPLOY_ROOT="${KUBE_ROOT}/federation/deploy"
CUR_ROOT="$(pwd)"
source "${KUBE_ROOT}/build/common.sh"
source "${KUBE_ROOT}/build/util.sh"
# Provides the detect-project function
source "${KUBE_ROOT}/cluster/kube-util.sh"
# Provides logging facilities
source "${KUBE_ROOT}/cluster/lib/logging.sh"
readonly TMP_DIR="$(mktemp -d)"
readonly FEDERATION_OUTPUT_ROOT="${LOCAL_OUTPUT_ROOT}/federation"
readonly VERSIONS_FILE="${FEDERATION_OUTPUT_ROOT}/versions"
detect-project
readonly KUBE_PROJECT="${KUBE_PROJECT:-${PROJECT:-}}"
readonly KUBE_REGISTRY="${KUBE_REGISTRY:-gcr.io/${KUBE_PROJECT}}"
# In dev environments this value must be recomputed after build. See
# the build_image() function. So not making it readonly
KUBE_VERSION="${KUBE_VERSION:-}"
function cleanup {
rm -rf "${TMP_DIR}"
cd "${CUR_ROOT}"
}
trap cleanup EXIT
function dirty_sha() {
local -r index="${KUBE_ROOT}/.git/index"
local -r objects_dir="${KUBE_ROOT}/.git/objects"
local -r tmp_dir="${TMP_DIR}/.git"
local -r tmp_index="${tmp_dir}/index"
local -r tmp_objects_dir="${tmp_dir}/objects"
mkdir -p "${tmp_objects_dir}"
cp "${index}" "${tmp_index}"
local -r files=$(git ls-files -m -o -d --exclude-standard)
GIT_INDEX_FILE="${tmp_index}" git add ${files}
GIT_ALTERNATE_OBJECT_DIRECTORIES="${objects_dir}" GIT_OBJECT_DIRECTORY="${tmp_objects_dir}" GIT_INDEX_FILE="${tmp_index}" git write-tree
}
function update_config() {
local -r q="${1:-}"
local -r cfile="${2:-}"
local -r bname="$(basename ${cfile})"
jq "${q}" "${cfile}" > "${TMP_DIR}/${bname}"
mv "${TMP_DIR}/${bname}" "${cfile}"
}
function build_binaries() {
cd "${KUBE_ROOT}"
kube::build::verify_prereqs
kube::build::build_image
kube::build::run_build_command make WHAT="cmd/kubectl cmd/hyperkube"
}
function build_image() {
# Recompute KUBE_VERSION because it might have changed after rebuild.
local kube_version=""
if [[ -n "${KUBE_VERSION:-}" ]]; then
kube_version="${KUBE_VERSION}"
else
kube_version="$(kube::release::semantic_image_tag_version)"
# Also append the dirty tree SHA to keep the versions unique across
# builds.
if [[ "${kube_version}" == *-dirty ]]; then
kube_version+=".$(dirty_sha)"
fi
fi
# Write the generated version to the output versions file so that we can
# reuse it.
mkdir -p "${FEDERATION_OUTPUT_ROOT}"
jq -n --arg ver "${kube_version}" \
'{"KUBE_VERSION": $ver}' > "${VERSIONS_FILE}"
kube::log::status "Wrote to version file ${VERSIONS_FILE}: ${kube_version}"
BASEIMAGE="ubuntu:16.04" \
REGISTRY="${KUBE_REGISTRY}" \
VERSION="${kube_version}" \
make -C "${KUBE_ROOT}/cluster/images/hyperkube" build
}
function push() {
local kube_version=""
if [[ -n "${KUBE_VERSION:-}" ]]; then
kube_version="${KUBE_VERSION}"
else
# Read the version back from the versions file if no version is given.
kube_version="$(jq -r '.KUBE_VERSION' ${VERSIONS_FILE})"
fi
kube::log::status "Pushing hyperkube image to the registry"
gcloud docker push "${KUBE_REGISTRY}/hyperkube-amd64:${kube_version}"
# Update config after build and push, but before turning up the clusters
# to ensure the config has the right image version tags.
gen_or_update_config "${kube_version}"
}
function gen_or_update_config() {
local -r kube_version="${1:-}"
mkdir -p "${FEDERATION_OUTPUT_ROOT}"
cp "${DEPLOY_ROOT}/config.json.sample" "${FEDERATION_OUTPUT_ROOT}/config.json"
update_config \
'[.[] | .phase1.gce.project |= "'"${KUBE_PROJECT}"'"]' \
"${FEDERATION_OUTPUT_ROOT}/config.json"
# Not chaining for readability
update_config \
'[.[] | .phase2 = { docker_registry: "'"${KUBE_REGISTRY}"'", kubernetes_version: "'"${kube_version}"'" } ]' \
"${FEDERATION_OUTPUT_ROOT}/config.json"
cat <<EOF> "${FEDERATION_OUTPUT_ROOT}/values.yaml"
apiserverRegistry: "${KUBE_REGISTRY}"
apiserverVersion: "${kube_version}"
controllerManagerRegistry: "${KUBE_REGISTRY}"
controllerManagerVersion: "${kube_version}"
EOF
}
readonly ACTION="${1:-}"
case "${ACTION}" in
"")
echo 'Action must be one of [init, build_binaries, build_image, push, \
deploy_clusters, deploy_federation, destroy_federation, destroy_clusters \
redeploy_federation], \
got: '"${ACTION}"
exit 1
;;
"build_binaries")
build_binaries
;;
"build_image")
build_image
;;
"push")
push
;;
# Following functions belong to deploy.sh, they are driven from here
# convenience during development because FEDERATION_OUTPUT_ROOT is
# already defined during development here in this script. Also, we
# execute the following commands in their own subshells to avoid them
# messing with variables in this script.
"init")
(
"${DEPLOY_ROOT}/deploy.sh" init
)
;;
"deploy_clusters")
(
export FEDERATION_OUTPUT_ROOT
"${DEPLOY_ROOT}/deploy.sh" deploy_clusters
)
;;
"deploy_federation")
(
export FEDERATION_OUTPUT_ROOT
"${DEPLOY_ROOT}/deploy.sh" deploy_federation
)
;;
"destroy_federation")
(
export FEDERATION_OUTPUT_ROOT
"${DEPLOY_ROOT}/deploy.sh" destroy_federation
)
;;
"destroy_clusters")
(
export FEDERATION_OUTPUT_ROOT
"${DEPLOY_ROOT}/deploy.sh" destroy_clusters
)
;;
"redeploy_federation")
(
export FEDERATION_OUTPUT_ROOT
"${DEPLOY_ROOT}/deploy.sh" redeploy_federation
)
;;
esac