MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 20:59:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
da0cfbb0b4
meta-virtualization/recipes-containers/kubernetes
History
Bruce Ashfield da0cfbb0b4 kubernetes: update to v1.27.1 
Bumping kubernetes to version v1.27.1-89-g2555e0f90e8, which comprises the following commits:

    2eccb77b2c5 OpenAPI V3 invalid document checks
    642ea896178 update for feedback
    0457fbc83b3 QueryParamVerifier falls back on invalid v3 document
    4cd33af1419 QueryParamVerifierV3 resilient to minimal OpenAPI V3 documents
    ce458add6f1 kubeadm: fix a bug where file copy(backup) could not be executed correctly on Windows platform during upgrade
    3a56c1e954b Fix CHANGELOG-1.27 correct
    fa86f2dce30 benchmark test to evaluate the overhead of podMatchesScopeFunc
    4a2e6971f7d Fix incorrect calculation for ResourceQuota with PriorityClass as its scope
    c041924dd10 Update podFailurePolicy comments from alpha-level to beta
    7f9b3cb8540 Disable NewVolumeManagerReconstruction feature gate
    3324649c1c6 releng/go: Update images, dependencies and version to Go 1.20.4
    ae2f576d0b7 Bump konnectivity-client to v0.1.2
    8af1ce5863d Kube-proxy/ipvs: accept access to healthCheckNodePort on LbIP
    940b6892a1e node: device-plugin: e2e: Additional test cases
    4cf566e32e9 node: device-plugin: add node reboot test scenario
    d67481c4784 node: device-plugin: e2e: Capture pod admission failure
    6f5e29e26c4 node: device-mgr: e2e: adapt to sample device plugin refactoring
    367e3d7c471 node: device-mgr: e2e: Update the e2e test to reproduce issue:109595
    d241f58d8c8 node: device-mgr: e2e: Implement End to end test
    aac4c15e624 node: device-mgr: Handle recovery by checking if healthy devices exist
    b157e1741fb node: device-plugin: e2e: Add test case for kubelet restart
    5278e9c02cd node: device-plugin: e2e: Provide sleep intervals via constants
    b3c58acde98 node: device-plugin: e2e: Update test description to make it explicit
    0cd0fe70aa1 node: device-plugin: e2e: Isolate test to pod restart scenario
    ed8d4e1d6a5 node: device-plugin: e2e: Annotate device check with error message
    4899dc75dde node: device-plugins: e2e: s/devLen/expectedSampleDevsAmount
    c81ec1ae5b0 node: device-plugins: e2e: Refactor parse log to return string and error
    86904a7c580 Update kube-openapi to fix race
    ee1d7eb5d82 Use absolute path instead requestURI in openapiv3 discovery
    bbca939c661 proxy/ipvs: don't bind nodeips to the dummy device
    ca1e563141a proxy/ipvs: add a GetAllLocalAddressesExcept() function
    3ce0c108fe9 Refactors discovery content-type and helper functions
    574829867a9 Fix scheduler performance regression after adding plugin metrics
    192e9dae316 Update staging/src/k8s.io/apiserver/pkg/cel/common/values.go
    8d0ac2f6f8f Fix bug where CEL listOfString.join() results in unexpected error
    57e67a91e39 Fix directory mismatch for `volume.SetVolumeOwnership()`
    d0514936f3a Fix stomping os env in kubectl e2e tests
    7a6640798a7 KCCM: add providerID predicate to service controller
    8221a54e1ee Re-work logic in shouldSyncUpdatedNode
    a9d07f4e9ef add log includes pod preemption details
    9ef90afb4fb verifyVolumeNoStatusUpdateNeeded may cause flake and so only keep the last ones
    b598ea5c392 deflake: Add retry with timeout to wait for final conditions
    2eb94fa835a kubelet: Mark new terminal pods as non-finished in pod worker
    ae07535c855 test: Add node e2e to restart kubelet while pod is terminating
    861e1935e2a kubelet: Ensure pods that have not started track a pendingUpdate
    ae92fd28072 changelog: fix formatting issue with v1.27 change log
    95feac5269b Update CHANGELOG/CHANGELOG-1.27.md for v1.27.1
    4c9411232e1 Release commit for Kubernetes v1.27.1
    2c81ecc2e29 use case-insensitive header keys for http probes
    1601bb75401 fix: add the bug as a known issue o on the v1.26 release note
    fddf859d6a5 kube-aggregator: correctly use client-go TLS cache with custom dialer
    845ba3e3a23 Revert "Optimization on running prePreEnqueuePlugins before adding pods into activeQ"
    a1f97a35fcb Revert "Merge pull request #113151 from ncdc/refactor-crd-conversion"
    1da781e29b3 Revert "CR conversion: protect from converter input edits"
    f564f7a3559 api: encode NamespacedName with lower case in JSON
    e827a4b61f5 Do not look at VPC-related resources outside the cluster's network
    d662e339aa5 kubelet: Do not mutate pods in the pod manager
    d977e7e0dbf Fix azure disk e2e after migration
    e599722bc59 vendor: bump runc to 1.1.6
    25b061d8202 CVE-2023-27561: Bump runc go module v1.1.4 -> v1.1.5
    854c72766bb fix: the volume is not detached after the pod and PVC objects are deleted
    398e38784e7 Update CHANGELOG/CHANGELOG-1.27.md for v1.27.0
    1b4df30b3cd Release commit for Kubernetes v1.27.0
    2b6072ba00c Update CHANGELOG/CHANGELOG-1.27.md for v1.27.0-rc.1
    ad18954259e CHANGELOG: Update directory for v1.27.0-rc.1 release
    80bc6ffd0df Release commit for Kubernetes v1.27.0-rc.1
    951f8dcc965 Return error for localhost seccomp type with no localhost profile defined
    4e0bc2397da Update publishing-bot rules for release branches to Go 1.19.8
    1972dd10058 Do not log entire pod struct while attaching the volume
    b19c362bf52 Update distroless-iptables to v0.2.3
    2a69edb43de [go] Bump images, dependencies and versions to go 1.20.3
    b5dd5f1f3a7 Investigate and fix the handling of Succeeded pods in DaemonSet
    873127e3b04 Export WebhookHandler struct because some CCMs use Run directly
    735bbc135c3 Clean up formatting
    27ad623b3d1 Skip vendor directory when removing generated files
    63b5ca69f1f .*: update vendor dir and cleanup
    1ad7cacba59 publishing-bot rules for the new release-1.27 branch
    b83600de01e fix  nil pointer dereference panic for deprecated metrics
    5469c198e5d kmsv2: validate encrypt response at DEK generation time
    0e9dd5c51d8 Call function that validates in-place vpa resize policy

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2023-06-07 16:40:21 -04:00
..
kubernetes k3s, kubernetes, nagios-nrpe: fix Upstream-Status formatting 2023-05-08 18:41:38 -04:00
kubernetes_git.bb kubernetes: update to v1.27.1 2023-06-07 16:40:21 -04:00
README.md kubernetes: add README 2021-12-15 12:55:28 -05:00

README.md

k8s: Kubernetes

meta-virtualization provides the recipes and packages suitable for a k8s cluster instance.

For a kubernetes controller:

  • packagegroup-k8s-host

For a kubernetes worker/node:

  • packagegroup-k8s-node

If kernel issues or missing features are detected, consider adding the "kernel-modules" package to your image (Since the configuration and RDEPENDS may not be correct for your kernel + k8s version).

CNI

The CNI base packages provide core support and are installed by default as dependencies of the kubernetes packages. Minimal configuration and startup are provided, but you will need to apply the CNI configuration of your choice after boot (see below fo an example)

Configure and initialize the host

A convenience script "k8s-init" is provided to do basic setup on the controller node. After the contoller boots, run it for kubeadm setup and other basic configuration.

Once the node is ready ('kubectl get nodes' to check), follow the instructions for copying the token to your home directory, and apply the networking configuration of choice (flannel in the example):

  % mkdir -p $HOME/.kube
  % cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  % chown $(id -u):$(id -g) $HOME/.kube/config

  % kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

Configuration and initialize the node/worker

Once the kubernetes node has booted, it is ready to join the cluster. Some basica configuration is done via the packages and a systctl.d configuration snippet.

Join the cluster (substitute your controller ip and token information):

kubeadm join <controller ip>:6443 --token cq8ngi.6m6mgqi9zf08ypc4 --discovery-token-ca-cert-hash sha256:6064ae531c8dad824f9eadff030f83ec84d00796fac75f1adbd343255eb34fd2

Notes:

Memory:

if running under qemu, the default of 256M of memory is not enough, k3s will OOM and exit.

Boot with qemuparams="-m 2048" to boot with 2G of memory (or choose the appropriate amount for your configuration)

CPUs:

Kubernetes needs at least two cpus, so ensure your qemuboot is smp of at least 2, and/or that your hardware has the required capabilties.

Disk:

if using qemu and core-image* you'll need to add extra space in your disks to ensure containers can start. The following in your image recipe, or local.conf would add 2G of extra space to the rootfs:

IMAGE_ROOTFS_EXTRA_SPACE = "2097152"

Example qemux86-64 boot line:

runqemu qemux86-64 nographic kvm slirp qemuparams="-m 2048"

k8s logs can be seen via:

% journalctl -u kubelet

or

% journalctl -xe

Example output from qemux86-64:

If you've lost the join token, you can create a new one, or list existing ones:

root@qemux86-64-7b:~# kubeadm token create --print-join-command
kubeadm join 10.10.10.117:6443 --token dr71zq.y5vi3s2n2antvcej --discovery-token-ca-cert-hash sha256:6064ae531c8dad824f9eadff030f83ec84d00796fac75f1adbd343255eb34fd2

root@qemux86-64-7b:~# kubeadm token list
TOKEN                     TTL         EXPIRES                USAGES                   DESCRIPTION                                                EXTRA GROUPS
cq8ngi.6m6mgqi9zf08ypc4   23h         2021-12-16T16:58:02Z   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token
dr71zq.y5vi3s2n2antvcej   23h         2021-12-16T17:46:28Z   authentication,signing   <none>                                                     system:bootstrappers:kubeadm:default-node-token

root@qemux86-64:~# kubectl get nodes
NAME            STATUS   ROLES                  AGE   VERSION
qemux86-64-7b   Ready    control-plane,master   51m   v1.23.1-rc.0.1+dd1b0a12471310-dirty
qemux86-64-9d   Ready    <none>                 49m   v1.23.1-rc.0.1+dd1b0a12471310-dirty