We've just hit an issue where Ceph repo added by RDO upgraded setuptools
to a version that pip cannot uninstall. This is mainly because we're
still installing all the Kuryr dependencies in system's site-packages.
This commit switches us to create and use a virtualenv to have a clean
environment in which we install all the dependencies through pip.
Change-Id: Ieb9fd5ed0251425e9fe172e4a93ad048768ce785
Due to the EOL for Centos 8, we need to go forward, and adopt to the
Stream version of Centos for container images of kuryr CNI and
controller.
There was applied modification for fixing (hopefully transient) issues
with variable usage in yum/dnf, so there is a need for replacing those
manually.
And finally, there was a switch from deprecated yum to dnf.
Change-Id: I19c16877e8ba6f401c9d76ed70b2380c4e3cfbe0
Seems like quay.io/app-sre is no longer available to public and builds
fail. This commit fixes that by using registry.centos.org to get
centos:8 container image and our own quay.io/kuryr to host the
golang:1.15 image.
Change-Id: I044092e83b1a525ffd7692971a2e3313dfa1e421
Using --no-cache-dir flag in pip install ,make sure dowloaded packages
by pip don't cached on system . This is a best practise which make sure
to fetch ftom repo instead of using local cached one . Further , in case
of Docker Containers , by restricing caching , we can reduce image size.
In term of stats , it depends upon the number of python packages
multiplied by their respective size . e.g for heavy packages with a lot
of dependencies it reduce a lot by don't caching pip packages.
Further , more detail information can be found at
https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6
Change-Id: I35b33ea50afce70b687762dba8b18f3f2be60e03
Signed-off-by: Pratik Raj <rajpratik71@gmail.com>
Turns out upgrading pip enables grpcio PyPi package to use wheels to
install binaries, avioding need to compile it every time. This saves a
ton of time when building containers.
Change-Id: I6e4a5f9fddd24b8e88c62b444e8b305ade3f7f2a
Somehow an update to centos repos and the fact that docker.io centos
containers weren't updated for a while broke us. To fix this we need to
make sure RPMs in the container are upgraded, otherwise `yum history
undo last` fails miserably with missing packages errors.
Also this commit makes sure installation dies when we're unable to build
containers.
Change-Id: I29e19e13aa22047bfa07817a7794fc18612bbc32
Seems like grpcio 1.28.1 requires C++ compiler to build. This commit
fixes our build issues by adding one to the containers.
Change-Id: I8421d066160774431f72e38d36b32870f7f56b4c
Ussuri release is the one in which we drop Python 2 support, as its EOL
is pretty close now. This commit does so in kuryr-kubernetes by
removing Python 2 unit test jobs, switching all tempest jobs to Python
3, removing specific jobs for Python 3 and updating Dockerfiles to
centos:8 that includes Python 3 from the box.
Also CentOS 7 job is removed from check queue as it seems it doesn't
play well with Python 3. A CentOS 8 job will get created soon.
Change-Id: Id9983d2fd83cef89e3198b2760816cf4a851008b
In a rather desperate try to shrink our container images this commit
adds `yum/dnf clean all` as part of the building process. This helps to
save around 100 MB in case of centos-based images.
Change-Id: I2aaadab4ffec6e0ad744e82fc9145cd86e14a224
We use git.openstack.org/cgit to fetch global upper-constraints.txt file
in our Dockerfiles. That is currently only a redirect and we should get
it switched to use opendev.org infra. This commit does so.
Change-Id: I32945c6b5426b6274c180a4a90dad09c414977b2
PodResources client could be used by sriov cni to obtain devices
allocated for container by sriov device-plugin.
KubeletPodResources service is still in alpha, so it should be
explicitly enabled in kubelet feature-gates:
kubelet --feature-gates KubeletPodResources=true
New config option 'kubelet_root_dir' added to 'sriov' section
that defaults to kubelet default root-dir '/var/lib/kulelet'.
In case kubelet started with non-default root directory passed
via '--root-dir' option, the same value should be configured
in 'kubelet_root_dir'.
Note that if sriov binding driver will be used inside container
'kubelet_root_dir'/pod-resources directory should be mounted
to this container in order to allow communication with kubelet
via gRPC protocol over the unix domain socket.
Partial-Bug: 1826865
Depends-On: https://review.openstack.org/#/c/652629
Change-Id: Icf088b839db079efe9c7647c31be4ead867ed32b
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
This commit does several cleanups to the Dockerfiles that we have:
* git is removed from the images after Kuryr packages installation
* jq and wget is removed from kuryr-cni image as those ar no longer used
* explicit setuptools installation is no longer required
* raw Kuryr code is removed from images after it's `pip install`ed
* unnecessary VOLUME line is removed from kuryr-cni Dockerfile
* CNI_CONFIG_DIR and CNI_BIN_DIR build arguments are removed from
kuryr-cni Dockerfile as they are not used anywhere. Initially we've
kept them to allow deployer to tell where host's /etc/cni/net.d and
/opt/cni/bin will be mounted, but one of the refactorings of
cni_ds_init must have stopped depending on them and we simply started
to expect the mounts to be in the same paths as on host. We can
continue to do that.
The build_cni_daemonset_image script was created back in the time when
we have had multi-stage build of the kuryr-cni image. This is no longer
the case and building the image is as easy as:
`docker build -f cni.Dockerfile .`
Given that this commit removes the script and updates documentation to
recommend using `docker build` directly.
Change-Id: Ib1807344ede11ec6845e5f09c5a87c29a779af03
This commit fixes the container creation due to centos shipping an older
version of setuptools. [1]
[1] https://github.com/openaps/openaps/issues/95
Closes-Bug: 1778048
Change-Id: Ifbce25a5a49cbc3df58850b10819843e640c8f26
This change moves COPY directive in kuryr-controller.Dockerfile to be
executed after all the required packages are installed through yum. With
it a layer with all the packages installed can be reused when rebuilding
the image with only Kuryr code changes. This makes development easier
and faster as `yum install` is the longest process during building the
docker image.
Change-Id: I94a7401e393d9c8e51ab50967de792aeae15f811
Upper constraints weren't applied to the Dockerfiles installation so
pip install deps when over it. This commit fixes it by defining a new
env var for it and passit it to pip.
Closes-Bug: #1763752
Change-Id: Id126fee033db6f150ad95c94682eb56b4b2cea03