diff --git a/cni.Dockerfile b/cni.Dockerfile index ea21f7d69..f3f4bfb6f 100644 --- a/cni.Dockerfile +++ b/cni.Dockerfile @@ -5,27 +5,21 @@ ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirement ARG OSLO_LOCK_PATH=/var/kuryr-lock RUN yum install -y epel-release https://rdoproject.org/repos/rdo-release.rpm \ - && yum install -y --setopt=tsflags=nodocs python-pip iproute bridge-utils openvswitch sudo jq \ - && yum install -y --setopt=tsflags=nodocs gcc python-devel git \ - && pip install -U setuptools + && yum install -y --setopt=tsflags=nodocs python-pip iproute bridge-utils openvswitch sudo \ + && yum install -y --setopt=tsflags=nodocs gcc python-devel git COPY . /opt/kuryr-kubernetes -RUN cd /opt/kuryr-kubernetes \ - && pip install -c $UPPER_CONSTRAINTS_FILE . \ - && rm -fr .git \ +RUN pip install -c $UPPER_CONSTRAINTS_FILE /opt/kuryr-kubernetes \ + && cp /opt/kuryr-kubernetes/cni_ds_init /usr/bin/cni_ds_init \ + && mkdir -p /etc/kuryr-cni \ + && cp /opt/kuryr-kubernetes/etc/cni/net.d/* /etc/kuryr-cni \ && yum -y history undo last \ + && rm -rf /opt/kuryr-kubernetes \ && mkdir ${OSLO_LOCK_PATH} -COPY ./cni_ds_init /usr/bin/cni_ds_init - -ARG CNI_CONFIG_DIR_PATH=/etc/cni/net.d -ENV CNI_CONFIG_DIR_PATH ${CNI_CONFIG_DIR_PATH} -ARG CNI_BIN_DIR_PATH=/opt/cni/bin -ENV CNI_BIN_DIR_PATH ${CNI_BIN_DIR_PATH} ARG CNI_DAEMON=True ENV CNI_DAEMON ${CNI_DAEMON} ENV OSLO_LOCK_PATH=${OSLO_LOCK_PATH} -VOLUME [ "/sys/fs/cgroup" ] ENTRYPOINT [ "cni_ds_init" ] diff --git a/cni_ds_init b/cni_ds_init index a6d50dfd5..3f9c37c22 100755 --- a/cni_ds_init +++ b/cni_ds_init @@ -55,7 +55,7 @@ EOF # Copy the script into the designated location cp /kuryr-cni "/opt/cni/bin/kuryr-cni" chmod +x /opt/cni/bin/kuryr-cni - cp /opt/kuryr-kubernetes/etc/cni/net.d/* /etc/cni/net.d + cp /etc/kuryr-cni/* /etc/cni/net.d } cleanup diff --git a/cni_py3.Dockerfile b/cni_py3.Dockerfile index 7fb7e56e1..0fe31ea49 100644 --- a/cni_py3.Dockerfile +++ b/cni_py3.Dockerfile @@ -5,26 +5,21 @@ ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirement ARG OSLO_LOCK_PATH=/var/kuryr-lock RUN dnf update -y \ - && dnf install -y --setopt=tsflags=nodocs python3-pip iproute bridge-utils openvswitch sudo jq \ + && dnf install -y --setopt=tsflags=nodocs python3-pip iproute bridge-utils openvswitch sudo \ && dnf install -y --setopt=tsflags=nodocs gcc python3-devel git COPY . /opt/kuryr-kubernetes -RUN cd /opt/kuryr-kubernetes \ - && pip3 install -c $UPPER_CONSTRAINTS_FILE . \ - && rm -fr .git \ +RUN pip3 install -c $UPPER_CONSTRAINTS_FILE /opt/kuryr-kubernetes \ + && cp /opt/kuryr-kubernetes/cni_ds_init /usr/bin/cni_ds_init \ + && mkdir -p /etc/kuryr-cni \ + && cp /opt/kuryr-kubernetes/etc/cni/net.d/* /etc/kuryr-cni \ && dnf -y history undo last \ + && rm -rf /opt/kuryr-kubernetes \ && mkdir ${OSLO_LOCK_PATH} -COPY ./cni_ds_init /usr/bin/cni_ds_init - -ARG CNI_CONFIG_DIR_PATH=/etc/cni/net.d -ENV CNI_CONFIG_DIR_PATH ${CNI_CONFIG_DIR_PATH} -ARG CNI_BIN_DIR_PATH=/opt/cni/bin -ENV CNI_BIN_DIR_PATH ${CNI_BIN_DIR_PATH} ARG CNI_DAEMON=True ENV CNI_DAEMON ${CNI_DAEMON} ENV OSLO_LOCK_PATH=${OSLO_LOCK_PATH} -VOLUME [ "/sys/fs/cgroup" ] ENTRYPOINT [ "cni_ds_init" ] diff --git a/controller.Dockerfile b/controller.Dockerfile index 14f188b28..04a5803e2 100644 --- a/controller.Dockerfile +++ b/controller.Dockerfile @@ -5,22 +5,19 @@ ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirement RUN yum install -y epel-release \ && yum install -y --setopt=tsflags=nodocs python-pip \ - && yum install --setopt=tsflags=nodocs --assumeyes inet-tools gcc python-devel wget git \ - && pip install -U setuptools + && yum install -y --setopt=tsflags=nodocs gcc python-devel git COPY . /opt/kuryr-kubernetes -RUN cd /opt/kuryr-kubernetes \ - && pip install -c $UPPER_CONSTRAINTS_FILE --no-cache-dir . \ - && rm -fr .git \ +RUN pip install -c $UPPER_CONSTRAINTS_FILE --no-cache-dir /opt/kuryr-kubernetes \ && yum -y history undo last \ + && rm -rf /opt/kuryr-kubernetes \ && groupadd -r kuryr -g 711 \ && useradd -u 711 -g kuryr \ -d /opt/kuryr-kubernetes \ -s /sbin/nologin \ -c "Kuryr controller user" \ - kuryr \ - && chown kuryr:kuryr /opt/kuryr-kubernetes + kuryr USER kuryr CMD ["--config-dir", "/etc/kuryr"] diff --git a/controller_py3.Dockerfile b/controller_py3.Dockerfile index 7e9ce6c46..4025194ea 100644 --- a/controller_py3.Dockerfile +++ b/controller_py3.Dockerfile @@ -5,21 +5,19 @@ ARG UPPER_CONSTRAINTS_FILE="https://git.openstack.org/cgit/openstack/requirement RUN dnf update -y \ && dnf install -y --setopt=tsflags=nodocs python3-pip \ - && dnf install -y --setopt=tsflags=nodocs gcc python3-devel wget git + && dnf install -y --setopt=tsflags=nodocs gcc python3-devel git COPY . /opt/kuryr-kubernetes -RUN cd /opt/kuryr-kubernetes \ - && pip3 install -c $UPPER_CONSTRAINTS_FILE --no-cache-dir . \ - && rm -fr .git \ +RUN pip3 install -c $UPPER_CONSTRAINTS_FILE --no-cache-dir /opt/kuryr-kubernetes \ && dnf -y history undo last \ + && rm -rf /opt/kuryr-kubernetes \ && groupadd -r kuryr -g 711 \ && useradd -u 711 -g kuryr \ -d /opt/kuryr-kubernetes \ -s /sbin/nologin \ -c "Kuryr controller user" \ - kuryr \ - && chown kuryr:kuryr /opt/kuryr-kubernetes + kuryr USER kuryr CMD ["--config-dir", "/etc/kuryr"] diff --git a/devstack/lib/kuryr_kubernetes b/devstack/lib/kuryr_kubernetes index 17395b479..c514b349b 100644 --- a/devstack/lib/kuryr_kubernetes +++ b/devstack/lib/kuryr_kubernetes @@ -344,45 +344,36 @@ EOF # the local docker registry as kuryr/controller:latest and # kuryr/cni:latest respectively function build_kuryr_containers() { - local cni_buildtool_args + local cni_build_args local cni_daemon local build_dir local use_py3 - local controller_dockerfile + local py_suffix - cni_buildtool_args="--bin-dir ${1} --conf-dir ${2}" - cni_daemon=$3 + cni_daemon=$1 build_dir="${DEST}/kuryr-kubernetes" pushd "$build_dir" use_py3=$(trueorfalse False KURYR_CONTAINERS_USE_PY3) if [[ "$use_py3" == "True" ]]; then - cni_buildtool_args="${cni_buildtool_args} --dockerfile cni_py3.Dockerfile" - controller_dockerfile="controller_py3.Dockerfile" - else - controller_dockerfile="controller.Dockerfile" + py_suffix="_py3" fi if [[ "$cni_daemon" == "False" ]]; then - cni_buildtool_args="${cni_buildtool_args} --no-daemon" + cni_build_args="--build-arg CNI_DAEMON=False" fi - if [[ "$CONTAINER_ENGINE" == "crio" ]]; then - cni_buildtool_args="${cni_buildtool_args} --podman" - fi - - # Build controller image + # Build images # FIXME(dulek): Until https://github.com/containers/buildah/issues/1206 is # resolved instead of podman we need to use buildah directly, # hence this awful if clause. if [[ ${CONTAINER_ENGINE} == 'crio' ]]; then - sudo buildah bud -t docker.io/kuryr/controller -f "$controller_dockerfile" . + sudo buildah bud -t docker.io/kuryr/controller -f controller${py_suffix}.Dockerfile . + sudo buildah bud -t docker.io/kuryr/cni -f cni${py_suffix}.Dockerfile . else - container_runtime build -t kuryr/controller -f "$controller_dockerfile" . + container_runtime build -t kuryr/controller -f controller${py_suffix}.Dockerfile . + container_runtime build -t kuryr/cni -f cni${py_suffix}.Dockerfile ${cni_build_args} . fi - - # Build CNI image - "./tools/build_cni_daemonset_image" $cni_buildtool_args popd } diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 47d52381d..b4f9b61ee 100644 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -1032,9 +1032,9 @@ if [[ "$1" == "stack" && "$2" == "extra" ]]; then if is_service_enabled kuryr-kubernetes || [[ ${KURYR_FORCE_IMAGE_BUILD} == "True" ]]; then if [ "$KURYR_K8S_CONTAINERIZED_DEPLOYMENT" == "True" ]; then if is_service_enabled kuryr-daemon; then - build_kuryr_containers $CNI_BIN_DIR $CNI_CONF_DIR True + build_kuryr_containers True else - build_kuryr_containers $CNI_BIN_DIR $CNI_CONF_DIR False + build_kuryr_containers False fi fi fi diff --git a/doc/source/installation/containerized.rst b/doc/source/installation/containerized.rst index 5de9d85be..fce0c3cf4 100644 --- a/doc/source/installation/containerized.rst +++ b/doc/source/installation/containerized.rst @@ -13,15 +13,11 @@ For creating controller image on local machine: :: For creating cni daemonset image on local machine: :: - $ ./tools/build_cni_daemonset_image - -You can customize the build by setting some options. In order to list them run: :: - - $ ./tools/build_cni_daemonset_image -h + $ docker build -t kuryr/cni -f cni.Dockerfile . If you want to run kuryr CNI without the daemon, build theimage with: :: - $ ./tools/build_cni_daemonset_image --no-daemon + $ docker build -t kuryr/cni -f cni.Dockerfile --build-arg CNI_DAEMON=False . Alternatively, you can remove ``imagePullPolicy: Never`` from kuryr-controller Deployment and kuryr-cni DaemonSet definitions to use pre-built diff --git a/tools/build_cni_daemonset_image b/tools/build_cni_daemonset_image deleted file mode 100755 index f07df3f34..000000000 --- a/tools/build_cni_daemonset_image +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash -ex - -function print_usage() { - set +ex - echo "$0" "[options]" - if [[ -n "$1" ]]; then - echo "Option $1 not found" - fi - echo "Options -----------------------------" - echo "-h/--help Displays this help message" - echo "-f/--dockerfile Specify the Dockerfile to use for building the CNI container" - echo "-b/--bin-dir Specify the path where to place the CNI executable" - echo "-c/--conf-dir Specify the path where to place the CNI configuration" - echo "-t/--tag Specify string to use as the tag part of the container image name, i.e., kuryr/cni:tag" - echo "-D/--no-daemon Do not run CNI as a daemon" - echo "-p/--podman Use podman instead of docker to build image" -} - -for arg in "$@"; do - shift - case "$arg" in - "--help") set -- "$@" "-h" ;; - "--bin-dir") set -- "$@" "-b" ;; - "--conf-dir") set -- "$@" "-c" ;; - "--dockerfile") set -- "$@" "-f" ;; - "--tag") set -- "$@" "-t" ;; - "--no-daemon") set -- "$@" "-D" ;; - "--podman") set -- "$@" "-p" ;; - "--"*) print_usage "$arg" >&2; exit 1 ;; - *) set -- "$@" "$arg" - esac -done - -#Default value -dockerfile="cni.Dockerfile" -image_name="kuryr/cni" -daemonized="True" -build_args=() -build_cmd="docker build" - -OPTIND=1 - -while getopts "hf:b:c:t:Dp" opt; do - case "$opt" in - "h") print_usage; exit 0 ;; - "D") daemonized=False ;; - "f") dockerfile=${OPTARG} ;; - "b") build_args+=('--build-arg' "CNI_BIN_DIR_PATH=${OPTARG}") ;; - "c") build_args+=('--build-arg' "CNI_CONFIG_DIR_PATH=${OPTARG}") ;; - # Until https://github.com/containers/buildah/issues/1206 is resolved - # we need to use buildah directly. - "p") build_cmd="sudo buildah bud" && image_name="docker.io/kuryr/cni" ;; - "t") image_name=${image_name}:${OPTARG} ;; - "?") print_usage >&2; exit 1 ;; - esac -done - -shift $((OPTIND - 1)) - -# create cni daemonset image -${build_cmd} -t "$image_name" \ - --build-arg "CNI_DAEMON=$daemonized" \ - "${build_args[@]}" \ - -f "$dockerfile" .