From de4b89fac9df46e42b0e8c51915d869fecd06d5c Mon Sep 17 00:00:00 2001 From: Alex Crawford Date: Wed, 28 Sep 2016 11:25:59 -0700 Subject: [PATCH] app-admin/kubelet-wrapper: clean up wrapper This builds on the work done by Stefan Junker. --- .../kubelet-wrapper/files/kubelet-wrapper | 93 ++++++++++++++----- ...r5.ebuild => kubelet-wrapper-0.0.2.ebuild} | 4 +- 2 files changed, 70 insertions(+), 27 deletions(-) mode change 100644 => 100755 sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/files/kubelet-wrapper rename sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/{kubelet-wrapper-0.0.1-r5.ebuild => kubelet-wrapper-0.0.2.ebuild} (87%) diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/files/kubelet-wrapper b/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/files/kubelet-wrapper old mode 100644 new mode 100755 index 3526b4b9f7..94a160bb3f --- a/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/files/kubelet-wrapper +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/files/kubelet-wrapper @@ -1,39 +1,82 @@ #!/bin/bash -# Wrapper for launching kubelet via rkt-fly stage1. +# Wrapper for launching kubelet via rkt-fly. # -# Make sure to set KUBELET_VERSION to an image tag published here: +# Make sure to set KUBELET_IMAGE_TAG to an image tag published here: # https://quay.io/repository/coreos/hyperkube?tab=tags Alternatively, -# override $KUBELET_ACI to a custom location. +# override KUBELET_IMAGE to a custom image. set -e -if [ -z "${KUBELET_VERSION}" ]; then - echo "ERROR: must set KUBELET_VERSION" - exit 1 +function require_ev_all() { + for rev in $@ ; do + if [[ -z "${!rev}" ]]; then + echo "${rev}" is not set + exit 1 + fi + done +} + +function require_ev_one() { + for rev in $@ ; do + if [[ ! -z "${!rev}" ]]; then + return + fi + done + echo One of $@ must be set + exit 1 +} + +if [[ -n "${KUBELET_VERSION}" ]]; then + echo KUBELET_VERSION environment variable is deprecated, please use KUBELET_IMAGE_TAG instead fi -KUBELET_ACI="${KUBELET_ACI:-quay.io/coreos/hyperkube}" +if [[ -n "${KUBELET_ACI}" ]]; then + echo KUBELET_ACI environment variable is deprecated, please use the KUBELET_IMAGE_URL instead +fi + +if [[ -n "${RKT_OPTS}" ]]; then + echo RKT_OPTS environment variable is deprecated, please use the RKT_RUN_ARGS instead +fi + +KUBELET_IMAGE_TAG="${KUBELET_IMAGE_TAG:-${KUBELET_VERSION}}" + +require_ev_one KUBELET_IMAGE KUBELET_IMAGE_TAG + +KUBELET_IMAGE_URL="${KUBELET_IMAGE_URL:-${KUBELET_ACI:-quay.io/coreos/hyperkube}}" +KUBELET_IMAGE="${KUBELET_IMAGE:-${KUBELET_IMAGE_URL}:${KUBELET_IMAGE_TAG}}" + +RKT_RUN_ARGS="${RKT_RUN_ARGS} ${RKT_OPTS}" + +if [[ "${KUBELET_IMAGE%%/*}" == "quay.io" ]]; then + RKT_RUN_ARGS="${RKT_RUN_ARGS} --trust-keys-from-https" +fi mkdir --parents /etc/kubernetes mkdir --parents /var/lib/docker mkdir --parents /var/lib/kubelet mkdir --parents /run/kubelet -exec /usr/bin/rkt run \ - --volume etc-kubernetes,kind=host,source=/etc/kubernetes \ - --volume etc-ssl-certs,kind=host,source=/usr/share/ca-certificates \ - --volume var-lib-docker,kind=host,source=/var/lib/docker \ - --volume var-lib-kubelet,kind=host,source=/var/lib/kubelet \ - --volume os-release,kind=host,source=/usr/lib/os-release \ - --volume run,kind=host,source=/run \ - --mount volume=etc-kubernetes,target=/etc/kubernetes \ - --mount volume=etc-ssl-certs,target=/etc/ssl/certs \ - --mount volume=var-lib-docker,target=/var/lib/docker \ - --mount volume=var-lib-kubelet,target=/var/lib/kubelet \ - --mount volume=os-release,target=/etc/os-release \ - --mount volume=run,target=/run \ - --trust-keys-from-https \ - $RKT_OPTS \ - --stage1-from-dir=stage1-fly.aci \ - ${KUBELET_ACI}:${KUBELET_VERSION} --exec=/kubelet -- "$@" - +RKT="${RKT:-/usr/bin/rkt}" +RKT_STAGE1_ARG="${RKT_STAGE1_ARG:---stage1-from-dir=stage1-fly.aci}" +KUBELET_IMAGE_ARGS=${KUBELET_IMAGE_ARGS:---exec=/kubelet} +set -x +exec ${RKT} ${RKT_GLOBAL_ARGS} \ + run ${RKT_RUN_ARGS} \ + --volume etc-kubernetes,kind=host,source=/etc/kubernetes,readOnly=false \ + --volume etc-ssl-certs,kind=host,source=/etc/ssl/certs,readOnly=true \ + --volume usr-share-certs,kind=host,source=/usr/share/ca-certificates,readOnly=true \ + --volume var-lib-docker,kind=host,source=/var/lib/docker,readOnly=false \ + --volume var-lib-kubelet,kind=host,source=/var/lib/kubelet,readOnly=false \ + --volume os-release,kind=host,source=/usr/lib/os-release,readOnly=true \ + --volume run,kind=host,source=/run,readOnly=false \ + --mount volume=etc-kubernetes,target=/etc/kubernetes \ + --mount volume=etc-ssl-certs,target=/etc/ssl/certs \ + --mount volume=usr-share-certs,target=/usr/share/ca-certificates \ + --mount volume=var-lib-docker,target=/var/lib/docker \ + --mount volume=var-lib-kubelet,target=/var/lib/kubelet \ + --mount volume=os-release,target=/etc/os-release \ + --mount volume=run,target=/run \ + ${RKT_STAGE1_ARG} \ + ${KUBELET_IMAGE} \ + ${KUBELET_IMAGE_ARGS} \ + -- "$@" diff --git a/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.1-r5.ebuild b/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.2.ebuild similarity index 87% rename from sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.1-r5.ebuild rename to sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.2.ebuild index 5041ad02dc..baeaa4162d 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.1-r5.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-admin/kubelet-wrapper/kubelet-wrapper-0.0.2.ebuild @@ -4,7 +4,7 @@ # $Header:$ # -EAPI=5 +EAPI=6 DESCRIPTION="Kubernetes Container Manager" HOMEPAGE="http://kubernetes.io/" @@ -14,7 +14,7 @@ LICENSE="Apache-2.0" SLOT="0" IUSE="" -RDEPEND=app-emulation/rkt +RDEPEND=">=app-emulation/rkt-1.9.1[rkt_stage1_fly]" # work around ${WORKDIR}/${P} not existing S=${WORKDIR}