Add support for python3 containerized kuryr-kubernetes

This patch adds dockerfiles and helper scripts to build the Kuryr-Kubernetes
containers using Python3 and get it automated in devstack.

Implements: blueprint goal-python36
Change-Id: I2066aacfebc7339d5a86b717327bdad428b0e54c
Signed-off-by: Antoni Segura Puimedon <celebdor@gmail.com>
This commit is contained in:
Antoni Segura Puimedon 2018-09-03 18:37:16 +02:00 committed by Michał Dulko
parent 175bb8ef74
commit e20dcadb1f
8 changed files with 151 additions and 26 deletions

View File

@ -134,6 +134,17 @@
KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,policy
voting: false
- job:
name: kuryr-kubernetes-tempest-daemon-containerized-octavia-py36
description: |
Tempest with Octavia, CNI daemon, containers and namespace subnet driver
with Kuryr running on Python3.6 containers
parent: kuryr-kubernetes-tempest-daemon-containerized-octavia-namespace
vars:
devstack_localrc:
KURYR_CONTAINERS_USE_PY3: True
USE_PYTHON3: true
- job:
name: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia
description: Tempest with Octavia, CNI daemon enabled, containers and OpenShift

View File

@ -48,6 +48,7 @@
- kuryr-kubernetes-tempest-daemon-containerized-octavia-l2
- kuryr-kubernetes-tempest-daemon-containerized-octavia-namespace
- kuryr-kubernetes-tempest-daemon-containerized-octavia-network-policy
- kuryr-kubernetes-tempest-daemon-containerized-octavia-py36
- kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia-serial
- kuryr-kubernetes-tempest-daemon-ovn
- kuryr-kubernetes-tempest-daemon-openshift-octavia-ingress

30
cni_py3.Dockerfile Normal file
View File

@ -0,0 +1,30 @@
FROM fedora:28
LABEL authors="Antoni Segura Puimedon<toni@kuryr.org>, Michał Dulko<mdulko@redhat.com>"
ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt"
ARG OSLO_LOCK_PATH=/var/kuryr-lock
RUN dnf update -y \
&& dnf install -y --setopt=tsflags=nodocs python3-pip iproute bridge-utils openvswitch sudo jq \
&& dnf install -y --setopt=tsflags=nodocs gcc python3-devel git
COPY . /opt/kuryr-kubernetes
RUN cd /opt/kuryr-kubernetes \
&& pip3 install -c $UPPER_CONSTRAINTS_FILE . \
&& rm -fr .git \
&& dnf -y history undo last \
&& mkdir ${OSLO_LOCK_PATH}
COPY ./cni_ds_init /usr/bin/cni_ds_init
ARG CNI_CONFIG_DIR_PATH=/etc/cni/net.d
ENV CNI_CONFIG_DIR_PATH ${CNI_CONFIG_DIR_PATH}
ARG CNI_BIN_DIR_PATH=/opt/cni/bin
ENV CNI_BIN_DIR_PATH ${CNI_BIN_DIR_PATH}
ARG CNI_DAEMON=True
ENV CNI_DAEMON ${CNI_DAEMON}
ENV OSLO_LOCK_PATH=${OSLO_LOCK_PATH}
VOLUME [ "/sys/fs/cgroup" ]
ENTRYPOINT [ "cni_ds_init" ]

26
controller_py3.Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM fedora:28
LABEL authors="Antoni Segura Puimedon<toni@kuryr.org>, Michał Dulko<mdulko@redhat.com>"
ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt"
RUN dnf update -y \
&& dnf install -y --setopt=tsflags=nodocs python3-pip \
&& dnf install -y --setopt=tsflags=nodocs gcc python3-devel wget git
COPY . /opt/kuryr-kubernetes
RUN cd /opt/kuryr-kubernetes \
&& pip3 install -c $UPPER_CONSTRAINTS_FILE --no-cache-dir . \
&& rm -fr .git \
&& dnf -y history undo last \
&& groupadd -r kuryr -g 711 \
&& useradd -u 711 -g kuryr \
-d /opt/kuryr-kubernetes \
-s /sbin/nologin \
-c "Kuryr controller user" \
kuryr \
&& chown kuryr:kuryr /opt/kuryr-kubernetes
USER kuryr
CMD ["--config-dir", "/etc/kuryr"]
ENTRYPOINT [ "/usr/local/bin/kuryr-k8s-controller" ]

View File

@ -378,22 +378,35 @@ EOF
# the local docker registry as kuryr/controller:latest and
# kuryr/cni:latest respectively
function build_kuryr_containers() {
local cni_bin_dir
local cni_conf_dir
local cni_buildtool_args
local cni_daemon
local build_dir
local use_py3
local controller_dockerfile
cni_bin_dir=$1
cni_conf_dir=$2
cni_buildtool_args="--bin-dir ${1} --conf-dir ${2}"
cni_daemon=$3
build_dir="${DEST}/kuryr-kubernetes"
pushd "$build_dir"
use_py3=$(trueorfalse False KURYR_CONTAINERS_USE_PY3)
if [[ "$use_py3" == "True" ]]; then
cni_buildtool_args="${cni_buildtool_args} --dockerfile cni_py3.Dockerfile"
controller_dockerfile="controller_py3.Dockerfile"
else
controller_dockerfile="controller.Dockerfile"
fi
if [[ "$cni_daemon" == "False" ]]; then
cni_buildtool_args="${cni_buildtool_args} --no-daemon"
fi
# Build controller image
sudo docker build -t kuryr/controller -f "controller.Dockerfile" .
sudo docker build \
-t kuryr/controller -f "$controller_dockerfile" .
# Build CNI image
sudo ./tools/build_cni_daemonset_image $cni_bin_dir $cni_conf_dir $cni_daemon
sudo "./tools/build_cni_daemonset_image" $cni_buildtool_args
popd
}

View File

@ -101,3 +101,6 @@ KURYR_ENABLE_INGRESS=${KURYR_ENABLE_INGRESS:-False}
# Kuryr L7 router's name
KURYR_L7_ROUTER_NAME=${KURYR_L7_ROUTER_NAME:-kuryr-l7-router}
# Whether to use Python3
KURYR_CONTAINERS_USE_PY3=${KURYR_CONTAINERS_USE_PY3:-False}

View File

@ -13,19 +13,15 @@ For creating controller image on local machine: ::
For creating cni daemonset image on local machine: ::
$ ./tools/build_cni_daemonset_image [<cni_bin_dir>] [<cni_conf_dir>] [<enable_cni_daemon>]
$ ./tools/build_cni_daemonset_image
* ``cni_bin_dir`` - host directory where CNI binaries are located, defaults to
``/opt/cni/bin``.
* ``cni_conf_dir`` - host directory where CNI configuration is located,
defaults to ``/etc/cni/net.d``.
* ``enable_cni_daemon`` - Set to ``True`` if you want CNI Docker image to run
CNI daemon by default. Defaults to ``False``.
You can customize the build by setting some options. In order to list them run: ::
.. note::
You can override those build variables by passing env variables when running
the Docker image. Supported variables are ``CNI_CONFIG_DIR_PATH``,
``CNI_BIN_DIR_PATH`` and ``CNI_DAEMON``.
$ ./tools/build_cni_daemonset_image -h
If you want to run kuryr CNI without the daemon, build theimage with: ::
$ ./tools/build_cni_daemonset_image --no-daemon
Alternatively, you can remove ``imagePullPolicy: Never`` from kuryr-controller
Deployment and kuryr-cni DaemonSet definitions to use pre-built

View File

@ -1,13 +1,58 @@
#!/bin/bash -ex
CNI_BIN_DIR=$1
CNI_CONF_DIR=$2
CNI_DAEMON=${3:-"True"}
CNI_TAG="kuryr/cni"
function print_usage() {
set +ex
echo "$0" "[options]"
if [[ -n "$1" ]]; then
echo "Option $1 not found"
fi
echo "Options -----------------------------"
echo "-h/--help Displays this help message"
echo "-f/--dockerfile Specify the Dockerfile to use for building the CNI container"
echo "-b/--bin-dir Specify the path where to place the CNI executable"
echo "-c/--conf-dir Specify the path where to place the CNI configuration"
echo "-t/--tag Specify string to use as the tag part of the container image name, i.e., kuryr/cni:tag"
echo "-D/--no-daemon Do not run CNI as a daemon"
}
for arg in "$@"; do
shift
case "$arg" in
"--help") set -- "$@" "-h" ;;
"--bin-dir") set -- "$@" "-b" ;;
"--conf-dir") set -- "$@" "-c" ;;
"--dockerfile") set -- "$@" "-f" ;;
"--tag") set -- "$@" "-t" ;;
"--no-daemon") set -- "$@" "-D" ;;
"--"*) print_usage "$arg" >&2; exit 1 ;;
*) set -- "$@" "$arg"
esac
done
#Default value
dockerfile="cni.Dockerfile"
image_name="kuryr/cni"
daemonized="True"
build_args=()
OPTIND=1
while getopts "hf:b:c:t:D" opt; do
case "$opt" in
"h") print_usage; exit 0 ;;
"D") daemonized=False ;;
"f") dockerfile=${OPTARG} ;;
"b") build_args+=('--build-arg' "CNI_BIN_DIR_PATH=${OPTARG}") ;;
"c") build_args+=('--build-arg' "CNI_CONFIG_DIR_PATH=${OPTARG}") ;;
"t") image_name=${image_name}:${OPTARG} ;;
"?") print_usage >&2; exit 1 ;;
esac
done
shift $((OPTIND - 1))
# create cni daemonset image
docker build -t "$CNI_TAG" \
--build-arg "CNI_BIN_DIR_PATH=$CNI_BIN_DIR" \
--build-arg "CNI_CONFIG_DIR_PATH=$CNI_CONF_DIR" \
--build-arg "CNI_DAEMON=$CNI_DAEMON" \
-f cni.Dockerfile .
docker build -t "$image_name" \
--build-arg "CNI_DAEMON=$daemonized" \
"${build_args[@]}" \
-f "$dockerfile" .