The extraction of the monolithic hyperkube binary from its container
image to be used as kubelet was last relevant in Kubernetes 1.16. Since
then, the hyperkube image has been deprecated, the structure of the
image has been changed, and it has ultimately been eliminated in
Kubernetes 1.19.
This change cleans up promenade accordingly.
Reverts the following commits:
* 886007b New CLI option to extract hyperkube
* 32a6c15 hyperkube image in promenade init
* 955deed New source for hyperkube binary definition
Change-Id: Ib62ecdf1af13abe8202a4ba4f86c39b9042ed13f
The addition of the log_level value [0] introduces
a requirement to call options.setup() before calling
logging.setup(). This was being done in the
Promenade service but not in the CLI. This PS adds
the necessary options.setup() call.
[0]: https://review.opendev.org/629154
Change-Id: I151893387659a4d1393144387a3378ff9b517ce7
New option --extract-hyperkube to declare the way how hyperkube
will be delivered.
By default this option is disabled which means hyperkube should be
extracted before running promenade container for the first time.
When it's enabled the appropriate env vars should be set for
promenade container to be able to extract hyperkube binary from image.
Change-Id: I2c45100e1e953d859d768ec80f268bd490ce3a81
The lower of "PROMENADE_DEBUG" never equal to "True".
Change-Id: I77b6ece23d39bfcaead764bf3790c099f28b57cb
Signed-off-by: pengdake <19921207pq@gmail.com>
This behavior can be disabled with the `leave_kubectl` query parameter
to the `join-scripts` endpoint.
Change-Id: Ia2d9d11f2e900aed0b69394de6ba30442921d5a0
Use the Deckhand engine module directly to manage local configuration
files during CLI usage.
Note: not doing document validation as DH currently requires schemas to
be sourced from the database. Simple schema validation in place.
- Layering/substitution
- Schema validation based on DataSchema documents in payload
- Add deckhand to requirements
A few tooling updates
- concatenate test & schema yaml files into a single file to avoid name
conflicts
- make nginx directory in build-scripts stage
Change-Id: I2d56244f01c58052f14331bc09fd5843d4c95292
This change includes several interconnected features:
* Migration to Deckhand-based configuration. This is integrated here,
because new configuration data were needed, so it would have been
wasted effort to either implement it in the old format or to update
the old configuration data to Dechkand format.
* Failing faster with stronger validation. Migration to Deckhand
configuration was a good opportunity to add schema validation, which
is a requirement in the near term anyway. Additionally, rendering
all templates up front adds an additional layer of "fail-fast".
* Separation of certificate generation and configuration assembly into
different commands. Combined with Deckhand substitution, this creates
a much clearer distinction between Promenade configuration and
deployable secrets.
* Migration of components to charts. This is a key step that will
enable support for dynamic node management. Additionally, this paves
the way for significant configurability in component deployment.
* Version of kubelet is configurable & controlled via download url.
* Restructuring templates to be more intuitive. Many of the templates
require changes or deletion due to the migration to charts.
* Installation of pre-configured useful tools on hosts, including calicoctl.
* DNS is now provided by coredns, which is highly configurable.
Change-Id: I9f2d8da6346f4308be5083a54764ce6035a2e10c
* remove old files
* sketch of non-bootkube genesis
* add basic chroot/bootstrap script
* cleanup kubectl/kubelet fetching
* fix cni bin asset path
* add non-pod asset loader
* add example ca
* refactor key gen/distribution
* flannel up on genesis
* refactor some code toward join
* WIP: last commit working on "self-hosted, helm-managed"
* first pass at consolidating config for vanilla deploy
* refactor cli a bit
* use provided cluster ca
* separate genesis and join scripts
* add basic etcd joining
* actually run the proxy everywhere
* update readme
* enable kubelet service
* add pki most places
* use consistent sa keypair
* use quay.io/attcomdev/promenade
* fix typo in n3
* tls everywhere in kubernetes
* tls for etcd
* remove currently unused files
Sergiy Markin