github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #69238 from BenTheElder/nsswitch 

add /etc/nsswitch.conf to control plane images
pull/58/head
k8s-ci-robot 2018-09-28 20:50:55 -07:00 committed by GitHub
parent 72dd54ec48 4274c426ce
commit b1e15b4d98
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
build/BUILD
View File

@ -1,6 +1,7 @@
package(default_visibility = ["//visibility:public"]) package(default_visibility = ["//visibility:public"])
load("@io_bazel_rules_docker//docker:docker.bzl", "docker_build", "docker_bundle") load("@io_bazel_rules_docker//docker:docker.bzl", "docker_build", "docker_bundle")
load("@io_bazel_rules_docker//container:container.bzl", "container_image")
load("@io_kubernetes_build//defs:build.bzl", "release_filegroup") load("@io_kubernetes_build//defs:build.bzl", "release_filegroup")
filegroup( filegroup(
@ -21,23 +22,32 @@ filegroup(
tags = ["automanaged"], tags = ["automanaged"],
) )
# ensure /etc/nsswitch.conf exists so go's resolver respects /etc/hosts
container_image(
name = "busybox-with-nsswitch",
base = "@official_busybox//image",
directory = "/etc",
files = ["nsswitch.conf"],
mode = "0644",
)
# This list should roughly match kube::build::get_docker_wrapped_binaries() # This list should roughly match kube::build::get_docker_wrapped_binaries()
# in build/common.sh. # in build/common.sh.
DOCKERIZED_BINARIES = { DOCKERIZED_BINARIES = {
"cloud-controller-manager": { "cloud-controller-manager": {
"base": "@official_busybox//image", "base": ":busybox-with-nsswitch",
"target": "//cmd/cloud-controller-manager:cloud-controller-manager", "target": "//cmd/cloud-controller-manager:cloud-controller-manager",
}, },
"kube-apiserver": { "kube-apiserver": {
"base": "@official_busybox//image", "base": ":busybox-with-nsswitch",
"target": "//cmd/kube-apiserver:kube-apiserver", "target": "//cmd/kube-apiserver:kube-apiserver",
}, },
"kube-controller-manager": { "kube-controller-manager": {
"base": "@official_busybox//image", "base": ":busybox-with-nsswitch",
"target": "//cmd/kube-controller-manager:kube-controller-manager", "target": "//cmd/kube-controller-manager:kube-controller-manager",
}, },
"kube-scheduler": { "kube-scheduler": {
"base": "@official_busybox//image", "base": ":busybox-with-nsswitch",
"target": "//cmd/kube-scheduler:kube-scheduler", "target": "//cmd/kube-scheduler:kube-scheduler",
}, },
"kube-proxy": { "kube-proxy": {

12
build/lib/release.sh
View File

@ -355,8 +355,16 @@ function kube::release::create_docker_images_for_server() {
rm -rf "${docker_build_path}" rm -rf "${docker_build_path}"
mkdir -p "${docker_build_path}" mkdir -p "${docker_build_path}"
ln "${binary_dir}/${binary_name}" "${docker_build_path}/${binary_name}" ln "${binary_dir}/${binary_name}" "${docker_build_path}/${binary_name}"
printf " FROM ${base_image} \n ADD ${binary_name} /usr/local/bin/${binary_name}\n" > "${docker_file_path}" ln "${KUBE_ROOT}/build/nsswitch.conf" "${docker_build_path}/nsswitch.conf"
chmod 0644 "${docker_build_path}/nsswitch.conf"
cat <<EOF > "${docker_file_path}"
FROM ${base_image}
COPY ${binary_name} /usr/local/bin/${binary_name}
EOF
# ensure /etc/nsswitch.conf exists so go's resolver respects /etc/hosts
if [[ "${base_image}" =~ busybox ]]; then
echo "COPY nsswitch.conf /etc/" >> "${docker_file_path}"
fi
"${DOCKER[@]}" build --pull -q -t "${docker_image_tag}" "${docker_build_path}" >/dev/null "${DOCKER[@]}" build --pull -q -t "${docker_image_tag}" "${docker_build_path}" >/dev/null
"${DOCKER[@]}" tag "${docker_image_tag}" "${deprecated_image_tag}" >/dev/null "${DOCKER[@]}" tag "${docker_image_tag}" "${deprecated_image_tag}" >/dev/null
"${DOCKER[@]}" save "${docker_image_tag}" "${deprecated_image_tag}" > "${binary_dir}/${binary_name}.tar" "${DOCKER[@]}" save "${docker_image_tag}" "${deprecated_image_tag}" > "${binary_dir}/${binary_name}.tar"

2
build/nsswitch.conf Normal file
View File

@ -0,0 +1,2 @@
# ensure go's non-cgo resolver respects /etc/hosts
hosts: files dns