diff --git a/build-k8s-docker.sh b/build-k8s-docker.sh new file mode 100644 index 0000000000000..579c299329238 --- /dev/null +++ b/build-k8s-docker.sh @@ -0,0 +1,68 @@ +#!/bin/bash -x +# +# Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [[ ${#} -eq 0 ]] ; then + echo "usage:" >&2 + echo " ${0} version k8s_binary_location golang_version" >&2 + exit 1 +fi + +VERSION=v${1} +BINARY_LOCATION=${2} +REGISTRY=${3:-container-registry.oracle.com/olcne} +if [[ ${4} == 9 ]] ; then + DOCKER_FILE_PATH=./olm/builds/Dockerfile.oracle.ol9 +else + DOCKER_FILE_PATH=./olm/builds/Dockerfile.oracle.ol8 +fi +export REGISTRY +export BASEIMAGE +ARCH=${5:-x86_64} +echo ARCH=${ARCH} + +mkdir -p ${BINARY_LOCATION}/oracle_docker +KUBE_BINARY="kube-apiserver kube-scheduler kube-controller-manager" +for BINARY in ${KUBE_BINARY}; do + cp ${BINARY_LOCATION}/${BINARY} . + + if [[ ${4} == 9 ]] ; then + docker build --pull=never --squash --network=host --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} --build-arg BINARY=${BINARY} -t ${REGISTRY}/${BINARY}:${VERSION} -f ${DOCKER_FILE_PATH} . + else + docker build --pull=never --squash --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} --build-arg BINARY=${BINARY} -t ${REGISTRY}/${BINARY}:${VERSION} -f ${DOCKER_FILE_PATH} . + fi + docker save -o ${BINARY_LOCATION}/oracle_docker/${BINARY}.tar ${REGISTRY}/${BINARY}:${VERSION} +done + +# TODO: remove this once OL7 is deprecated +# kube-proxy iptables hack +BINARY=kube-proxy +mkdir kube-proxy +cp buildrpm/kube-proxy/* kube-proxy/. +cp ${BINARY_LOCATION}/kube-proxy kube-proxy/. +cp LICENSE kube-proxy/. +cp THIRD_PARTY_LICENSES.txt kube-proxy/. +pushd kube-proxy/ +if [[ ${4} == 9 ]] ; then + docker build --pull=never --squash --network=host --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} -t ${REGISTRY}/${BINARY}:${VERSION} -f ./Dockerfile.kube-proxy . +else + docker build --pull=never --squash --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} -t ${REGISTRY}/${BINARY}:${VERSION} -f ./Dockerfile.kube-proxy . +fi +popd +docker save -o ${BINARY_LOCATION}/oracle_docker/${BINARY}.tar ${REGISTRY}/${BINARY}:${VERSION} diff --git a/buildrpm/10-kubeadm.conf b/buildrpm/10-kubeadm.conf new file mode 100644 index 0000000000000..69c25c8a04b55 --- /dev/null +++ b/buildrpm/10-kubeadm.conf @@ -0,0 +1,12 @@ +# Note: This dropin only works with kubeadm and kubelet v1.11+ +[Service] +Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" +Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" +Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=systemd" +# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically +EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env +# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use +# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. +EnvironmentFile=-/etc/sysconfig/kubelet +ExecStart= +ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS $KUBELET_CRIO_ARGS $KUBELET_CGROUP_ARGS diff --git a/buildrpm/10-kubectl-proxy.conf b/buildrpm/10-kubectl-proxy.conf new file mode 100644 index 0000000000000..4687728ecef1c --- /dev/null +++ b/buildrpm/10-kubectl-proxy.conf @@ -0,0 +1,2 @@ +[Service] +Environment="KUBECTL_PROXY_ARGS=--port 8001" diff --git a/buildrpm/br_netfilter.conf b/buildrpm/br_netfilter.conf new file mode 100644 index 0000000000000..a13fc1798d7fc --- /dev/null +++ b/buildrpm/br_netfilter.conf @@ -0,0 +1 @@ +br_netfilter diff --git a/buildrpm/genmanpages.sh b/buildrpm/genmanpages.sh new file mode 100644 index 0000000000000..31510b0e6986c --- /dev/null +++ b/buildrpm/genmanpages.sh @@ -0,0 +1,82 @@ +MDSFORMANPAGES="kube-apiserver.md kube-controller-manager.md kube-proxy.md kube-scheduler.md kubelet.md" + +# remove comments from man pages +for manpage in ${MDSFORMANPAGES}; do + pos=$(grep -n "<\!-- END MUNGE: UNVERSIONED_WARNING -->" ${manpage} | cut -d':' -f1) + if [ -n "${pos}" ]; then + sed -i "1,${pos}{/.*/d}" ${manpage} + fi +done + +# for each man page add NAME and SYNOPSIS section +# kube-apiserver +sed -i -s "s/## kube-apiserver/# NAME\nkube-apiserver \- Provides the API for kubernetes orchestration.\n\n# SYNOPSIS\n**kube-apiserver** [OPTIONS]\n/" kube-apiserver.md + +cat << 'EOF' >> kube-apiserver.md +# EXAMPLES +``` +/usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd_servers=http://127.0.0.1:4001 --insecure_bind_address=127.0.0.1 --insecure_port=8080 --kubelet_port=10250 --service-cluster-ip-range=10.1.1.0/24 --allow_privileged=false +``` +EOF +# kube-controller-manager +sed -i -s "s/## kube-controller-manager/# NAME\nkube-controller-manager \- Enforces kubernetes services.\n\n# SYNOPSIS\n**kube-controller-manager** [OPTIONS]\n/" kube-controller-manager.md + +cat << 'EOF' >> kube-controller-manager.md +# EXAMPLES +``` +/usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=127.0.0.1:8080 +``` +EOF +# kube-proxy +sed -i -s "s/## kube-proxy/# NAME\nkube-proxy \- Provides network proxy services.\n\n# SYNOPSIS\n**kube-proxy** [OPTIONS]\n/" kube-proxy.md + +cat << 'EOF' >> kube-proxy.md +# EXAMPLES +``` +/usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080 +``` +EOF +# kube-scheduler +sed -i -s "s/## kube-scheduler/# NAME\nkube-scheduler \- Schedules containers on hosts.\n\n# SYNOPSIS\n**kube-scheduler** [OPTIONS]\n/" kube-scheduler.md + +cat << 'EOF' >> kube-scheduler.md +# EXAMPLES +``` +/usr/bin/kube-scheduler --logtostderr=true --v=0 --master=127.0.0.1:8080 +``` +EOF +# kubelet +sed -i -s "s/## kubelet/# NAME\nkubelet \- Processes a container manifest so the containers are launched according to how they are described.\n\n# SYNOPSIS\n**kubelet** [OPTIONS]\n/" kubelet.md + +cat << 'EOF' >> kubelet.md +# EXAMPLES +``` +/usr/bin/kubelet --logtostderr=true --v=0 --api_servers=http://127.0.0.1:8080 --address=127.0.0.1 --port=10250 --hostname_override=127.0.0.1 --allow-privileged=false +``` +EOF + +# for all man-pages +for md in $MDSFORMANPAGES; do + # correct section names + sed -i -s "s/### Synopsis/# DESCRIPTION/" $md + sed -i -s "s/### Options/# OPTIONS/" $md + # add header + sed -i "s/# NAME/% KUBERNETES(1) kubernetes User Manuals\n# NAME/" $md + # modify list of options + # options with no value in "" + sed -i -r 's/(^ )(-[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md + # option with value in "" + sed -i -r 's/(^ )(-[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md + # options in -s, --long + sed -i -r 's/(^ )(-[a-z], -[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md + sed -i -r 's/(^ )(-[a-z], -[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md + # remove ``` + sed -i 's/```//' $md + # remove all lines starting with ###### + sed -i 's/^######.*//' $md + # modify footer + sed -i -r "s/^\[!\[Analytics\].*//" $md + # md does not contain section => taking 1 + name="${md%.md}" + pandoc -s -t man $md -o man/man1/$name.1 +done diff --git a/buildrpm/k8s.conf b/buildrpm/k8s.conf new file mode 100644 index 0000000000000..d46bab8570fc5 --- /dev/null +++ b/buildrpm/k8s.conf @@ -0,0 +1,3 @@ +net.bridge.bridge-nf-call-ip6tables = 1 +net.bridge.bridge-nf-call-iptables = 1 +net.ipv4.ip_forward = 1 diff --git a/buildrpm/kube-proxy/Dockerfile.kube-proxy b/buildrpm/kube-proxy/Dockerfile.kube-proxy new file mode 100644 index 0000000000000..78d73c7defdef --- /dev/null +++ b/buildrpm/kube-proxy/Dockerfile.kube-proxy @@ -0,0 +1,7 @@ +FROM container-registry.oracle.com/os/oraclelinux:8 +RUN dnf install yum iptables ebtables conntrack kmod ipset tar which && dnf clean all +ADD kube-proxy /usr/local/bin/kube-proxy + +RUN test -d /LICENSES || ln -s /usr/share/licenses /LICENSES +ADD LICENSE /LICENSES/kubernetes-${VERSION}/LICENSE +ADD THIRD_PARTY_LICENSES.txt /LICENSES/kubernetes-${VERSION}/THIRD_PARTY_LICENSES.txt diff --git a/buildrpm/kubectl-proxy.service b/buildrpm/kubectl-proxy.service new file mode 100644 index 0000000000000..7b44a0a00da07 --- /dev/null +++ b/buildrpm/kubectl-proxy.service @@ -0,0 +1,13 @@ +[Unit] +ConditionPathExists=/etc/kubernetes/admin.conf +Description=kubectl proxy Service +After=network.target + +[Service] +ExecStart=/usr/bin/kubectl --kubeconfig=/etc/kubernetes/admin.conf proxy $KUBECTL_PROXY_ARGS +Restart=always +StartLimitInterval=0 +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/buildrpm/kubelet b/buildrpm/kubelet new file mode 100644 index 0000000000000..9832a630e96b0 --- /dev/null +++ b/buildrpm/kubelet @@ -0,0 +1,2 @@ +KUBELET_EXTRA_ARGS="--fail-swap-on=false" +KUBELET_CRIO_ARGS="--container-runtime-endpoint=unix:///var/run/crio/crio.sock --runtime-request-timeout=10m" diff --git a/buildrpm/kubelet.service b/buildrpm/kubelet.service new file mode 100644 index 0000000000000..e4b5156a0f238 --- /dev/null +++ b/buildrpm/kubelet.service @@ -0,0 +1,13 @@ +[Unit] +Description=kubelet: The Kubernetes Node Agent +Documentation=http://kubernetes.io/docs/ + +[Service] +User=root +ExecStart=/usr/bin/kubelet +Restart=always +StartLimitInterval=0 +RestartSec=10 + +[Install] +WantedBy=multi-user.target diff --git a/buildrpm/kubernetes-container-image.spec b/buildrpm/kubernetes-container-image.spec new file mode 100644 index 0000000000000..4f151acb49b45 --- /dev/null +++ b/buildrpm/kubernetes-container-image.spec @@ -0,0 +1,86 @@ + +%global debug_package %{nil} +%global _find_debuginfo_dwz_opts %{nil} +%global _dwz_low_mem_die_limit 0 +%global _buildhost build-ol%{?oraclelinux}-%{?_arch}.oracle.com + +#I really need this, otherwise "version_ldflags=$(kube::version_ldflags)" +# does not work +%global _buildshell /bin/bash +%global _checkshell /bin/bash + +# k8s release version major.minor +%global major 1 +%global minor 33 +%global patch 0 +%global image_registry container-registry.oracle.com/olcne + +%global image_version %{version} + +Name: kubernetes-container-image +Version: 1.33.0 +Release: 1%{?dist} +Summary: Container cluster management +License: ASL 2.0 +Group: System/Management +URL: https://kubernetes.io +Vendor: Oracle America +ExclusiveArch: x86_64 ppc64le %{arm} aarch64 +Source: %{name}-%{version}.tar.bz2 + +%description +Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. + +%package -n kubeadm-container-images +Summary: Contains Oracle built k8s docker images + +%description -n kubeadm-container-images +Contains Oracle built k8s docker images + +%prep +%setup -q -n %{name}-%{version} + +%build +export KUBE_GIT_TREE_STATE=clean +export KUBE_GIT_VERSION=v%{version}+%{release} +export KUBE_GIT_MAJOR=%{major} +export KUBE_GIT_MINOR=%{minor} + +export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace +export GOPATH=$(pwd)/Godeps/_workspace + +make WHAT='cmd/kube-proxy cmd/kube-apiserver cmd/kube-controller-manager cmd/kube-scheduler' + +%ifarch %{arm} arm64 aarch64 +arch=aarch64 +%else +arch=x86_64 +%endif + +chmod +x build-k8s-docker.sh +./build-k8s-docker.sh \ + %{image_version} \ + _output/bin \ + %{image_registry} \ + %{oraclelinux} \ + ${arch} + +%install +mkdir -p %{buildroot}/usr/local/share/olcne +install -m 755 -d %{buildroot}/usr/local/share/olcne +images=(kube-apiserver.tar kube-controller-manager.tar kube-scheduler.tar kube-proxy.tar) +for bin in "${images[@]}"; do + echo "+++ INSTALLING DOCKER IMAGES ${bin}" + install -p -m 755 -t %{buildroot}/usr/local/share/olcne _output/bin/oracle_docker/${bin} +done + +%files -n kubeadm-container-images +%license LICENSE THIRD_PARTY_LICENSES.txt +/usr/local/share/olcne/kube-apiserver.tar +/usr/local/share/olcne/kube-controller-manager.tar +/usr/local/share/olcne/kube-scheduler.tar +/usr/local/share/olcne/kube-proxy.tar + +%changelog +* Fri Sep 19 2025 Olcne-Builder Jenkins - 1.33.0-1 +- Added Oracle specific build files for Kubernetes diff --git a/buildrpm/kubernetes.spec b/buildrpm/kubernetes.spec new file mode 100644 index 0000000000000..ff2a473acd1ef --- /dev/null +++ b/buildrpm/kubernetes.spec @@ -0,0 +1,238 @@ + +%global debug_package %{nil} +%global _find_debuginfo_dwz_opts %{nil} +%global _dwz_low_mem_die_limit 0 +%global _buildhost build-ol%{?oraclelinux}-%{?_arch}.oracle.com + +#I really need this, otherwise "version_ldflags=$(kube::version_ldflags)" +# does not work +%global _buildshell /bin/bash +%global _checkshell /bin/bash + +# k8s release version major.minor +%global major 1 +%global minor 33 +%global patch 0 +%global k8s_repo kubernetes + +Name: kubernetes +Version: 1.33.0 +Release: 1%{?dist} +Summary: Container cluster management +License: ASL 2.0 +Group: System/Management +URL: https://kubernetes.io +Vendor: Oracle America +ExclusiveArch: x86_64 ppc64le %{arm} aarch64 +Source: %{name}-%{version}.tar.bz2 +Source31: genmanpages.sh +Source40: 10-kubeadm.conf +Source41: kubelet.service +Source43: k8s.conf +Source44: br_netfilter.conf +Source46: kubectl-proxy.service +Source47: 10-kubectl-proxy.conf +Source51: kubelet +BuildRequires: golang +BuildRequires: systemd +BuildRequires: rsync +BuildRequires: pandoc +BuildRequires: git + +%description +Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. + +%package -n kubelet +Summary: Container cluster management +BuildRequires: golang +BuildRequires: systemd +BuildRequires: curl +BuildRequires: gcc +BuildRequires: glibc +BuildRequires: glibc-static +BuildRequires: binutils + +Requires: iptables >= 1.4.21 +Requires: socat +Requires: util-linux +Requires: ethtool +Requires: iproute +Requires: iproute-tc +Requires: ebtables +Requires: conntrack +Requires: kubernetes-cni >= 1.1.2 +Requires: openssl +Requires: kata-containers +Requires: %{_sysconfdir}/crio/1.33 + +%description -n kubelet +The node agent of Kubernetes, the container cluster manager. + +%package -n kubectl +Summary: Command-line utility for interacting with a Kubernetes cluster. + +%description -n kubectl +Command-line utility for interacting with a Kubernetes cluster. + +%package -n kubeadm +Summary: Command-line utility for administering a Kubernetes cluster. + +%description -n kubeadm +Command-line utility for administering a Kubernetes cluster. + +%prep +%setup -q -n %{k8s_repo}-%{version} + +dirs=$(ls | grep -v "^Godeps") + +# Move all the code under src/k8s.io/kubernetes directory +mkdir -p src/k8s.io/kubernetes +mv $(ls | grep -v "^src$") src/k8s.io/kubernetes/ +mv .go-version src/k8s.io/kubernetes/ + +%build +pushd src/k8s.io/kubernetes/ +export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace + +export GOPATH=$(pwd)/Godeps/_workspace +export KUBE_GIT_TREE_STATE=clean +export KUBE_GIT_VERSION=v%{version}+%{release} +export KUBE_GIT_MAJOR=%{major} +export KUBE_GIT_MINOR=%{minor} + +go version + +make WHAT='cmd/kubelet cmd/kubectl cmd/kubeadm' + +bash hack/update-generated-docs.sh + +# convert md to man +pushd docs +pushd admin +cp kube-apiserver.md kube-controller-manager.md kube-proxy.md kube-scheduler.md kubelet.md .. +popd +cp %{SOURCE31} genmanpages.sh +bash genmanpages.sh +popd +popd + +%install +pushd src/k8s.io/kubernetes/ +. hack/lib/init.sh + +%ifarch %{arm} arm64 aarch64 +output_path="${KUBE_OUTPUT_BIN}/linux/arm64" +%else +output_path="${KUBE_OUTPUT_BIN}/linux/amd64" +%endif + +binaries=(kubelet kubectl kubeadm) +install -m 755 -d %{buildroot}%{_bindir} +for bin in "${binaries[@]}"; do + echo "+++ INSTALLING ${bin}" + install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/${bin} +done + +# install the bash completion +install -d -m 0755 %{buildroot}%{_datadir}/bash-completion/completions/ +%{buildroot}%{_bindir}/kubectl completion bash > %{buildroot}%{_datadir}/bash-completion/completions/kubectl + +# install manpages +install -d %{buildroot}%{_mandir}/man1 +install -p -m 644 docs/man/man1/kubectl* %{buildroot}%{_mandir}/man1 +install -p -m 644 docs/man/man1/kubelet* %{buildroot}%{_mandir}/man1 +install -p -m 644 docs/man/man1/kubeadm* %{buildroot}%{_mandir}/man1 +# from k8s tarball copied docs/man/man1/*.1 + +# EXTRA FOR KUBEADM/KUBELET +install -m 755 -d %{buildroot}%{_sysconfdir}/systemd/system/kubelet.service.d/ +install -p -m 644 -t %{buildroot}%{_sysconfdir}/systemd/system/kubelet.service.d %{SOURCE40} +install -m 755 -d %{buildroot}%{_sysconfdir}/systemd/system/kubectl-proxy.service.d/ +install -p -m 644 -t %{buildroot}%{_sysconfdir}/systemd/system/kubectl-proxy.service.d %{SOURCE47} + +install -m 755 -d %{buildroot}%{_sysconfdir}/kubernetes/manifests/ +install -m 755 -d %{buildroot}%{_sysconfdir}/systemd/system/ +install -m 755 -d %{buildroot}/usr/libexec/kubernetes/kubelet-plugins/volume/exec/ + +install -p -m 644 -t %{buildroot}%{_sysconfdir}/systemd/system/ %{SOURCE41} +install -p -m 644 -t %{buildroot}%{_sysconfdir}/systemd/system/ %{SOURCE46} +install -d -m 755 %{buildroot}/etc/sysctl.d +install -p -m 644 -t %{buildroot}/etc/sysctl.d %{SOURCE43} +install -d -m 755 %{buildroot}/etc/modules-load.d +install -p -m 644 -t %{buildroot}/etc/modules-load.d %{SOURCE44} + +install -d -m 755 %{buildroot}/etc/sysconfig +install -p -m 755 -t %{buildroot}/etc/sysconfig %{SOURCE51} + +popd +mv src/k8s.io/kubernetes/*.md . +mv src/k8s.io/kubernetes/LICENSE . +mv src/k8s.io/kubernetes/THIRD_PARTY_LICENSES.txt . + +%check +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files -n kubelet +%license LICENSE THIRD_PARTY_LICENSES.txt +%{_bindir}/kubelet +%{_sysconfdir}/sysconfig/kubelet +%{_sysconfdir}/systemd/system/kubelet.service +%config(noreplace) %{_sysconfdir}/systemd/system/kubelet.service.d/10-kubeadm.conf +%{_sysconfdir}/kubernetes/manifests/ +/usr/libexec/kubernetes/kubelet-plugins/volume/exec +%doc *.md +%{_mandir}/man1/kubelet* +/etc/sysctl.d/k8s.conf +/etc/modules-load.d/br_netfilter.conf + +%files -n kubeadm +%license LICENSE THIRD_PARTY_LICENSES.txt +%doc *.md +%{_mandir}/man1/kubeadm* +%{_bindir}/kubeadm + +%files -n kubectl +%license LICENSE THIRD_PARTY_LICENSES.txt +%{_bindir}/kubectl +%{_sysconfdir}/systemd/system/kubectl-proxy.service.d/10-kubectl-proxy.conf +%{_sysconfdir}/systemd/system/kubectl-proxy.service +%doc *.md +%{_mandir}/man1/kubectl* +%{_datadir}/bash-completion/completions/kubectl + +%pre -n kubeadm +# check if this is an upgrade +if [ "$1" == "2" ]; then + #check if we are upgrading from earlier than 1.11 + # upgrade + RPM_VERSION=`/bin/rpm -q --queryformat='%{VERSION}' kubeadm 2>&1` + _major_version=`echo $RPM_VERSION | /bin/awk -F '.' '{print $2}'` + # any version prior to 1.11 are not compatible + if [ "${_major_version}" -lt "11" ]; then + if [ -z "${FORCE_UPDATE_12_FROM_9}" ]; then + echo 'Can not upgrade kubeadm from version prior to 1.11 due to upgrade compatibility' + exit 1 + fi + echo "Upgrading kubeadm forcefully from version earlier that 1.11" + fi +fi + +%post -n kubelet +modprobe br_netfilter +sysctl -p /etc/sysctl.d/k8s.conf +%systemd_post kubelet +if [ $1 -gt 1 ] ; then + systemctl daemon-reload >/dev/null 2>&1 + systemctl try-restart kubelet >/dev/null 2>&1 +fi + +%preun -n kubelet +%systemd_preun kubelet + +%postun -n kubelet +%systemd_postun_with_restart kubelet + +%changelog +* Fri Sep 19 2025 Olcne-Builder Jenkins - 1.33.0-1 +- Added Oracle specific build files for Kubernetes diff --git a/olm/builds/Dockerfile.oracle.ol8 b/olm/builds/Dockerfile.oracle.ol8 new file mode 100644 index 0000000000000..d52e53e44ea05 --- /dev/null +++ b/olm/builds/Dockerfile.oracle.ol8 @@ -0,0 +1,13 @@ +FROM container-registry.oracle.com/os/oraclelinux:8 +ARG BINARY +ARG VERSION + +RUN dnf install -y tar which &&\ + dnf clean all &&\ + rm -rf /var/cache/yum/* + +ADD ${BINARY} /usr/local/bin/${BINARY} + +RUN test -d /LICENSES || ln -s /usr/share/licenses /LICENSES +ADD LICENSE /LICENSES/kubernetes-${VERSION}/LICENSE +ADD THIRD_PARTY_LICENSES.txt /LICENSES/kubernetes-${VERSION}/THIRD_PARTY_LICENSES.txt diff --git a/olm/jenkins/ci/Jenkinsfile b/olm/jenkins/ci/Jenkinsfile new file mode 100644 index 0000000000000..d8ea1a76d07ff --- /dev/null +++ b/olm/jenkins/ci/Jenkinsfile @@ -0,0 +1,31 @@ + +@Library('olcne-pipeline') _ +import com.oracle.olcne.pipeline.BranchPattern + +String kubernetes_version = "1.33.0"; +String kubernetes_image_tag = "v" + kubernetes_version; +String registry = "container-registry.oracle.com/" + container_registry_namespace; + +olcnePipeline( + branchPattern: new BranchPattern(master: "oracle/release/" + kubernetes_version, feature: '(?!^release/.*$)(^.*$)'), + containers: [ + (registry + '/kube-proxy:' + kubernetes_image_tag) : container_registry_namespace + '/kube-proxy:' + kubernetes_image_tag, + (registry + '/kube-apiserver:' + kubernetes_image_tag) : container_registry_namespace + '/kube-apiserver:' + kubernetes_image_tag, + (registry + '/kube-scheduler:' + kubernetes_image_tag) : container_registry_namespace + '/kube-scheduler:' + kubernetes_image_tag, + (registry + '/kube-controller-manager:' + kubernetes_image_tag) : container_registry_namespace + '/kube-controller-manager:' + kubernetes_image_tag, + ], + platforms: ['ol8', 'ol9'], + yumOL9Repos: ['ol9_appstream', 'ol9_codeready_builder', 'ol9_developer_EPEL'], + yumOL8Repos: ['ol8_appstream', 'ol8_codeready_builder'], + customPlatformStages: [ + customPlatformSteps: [ + ol8: [container: [enabled: true ], buildContainerRpms: [enabled: true ]], + ol9: [container: [enabled: false ], buildContainerRpms: [enabled: false ]], + ], + ], + architectures: ['x86_64', 'aarch64'], + preBuildCommands: [ + 'podman pull container-registry.oracle.com/olcne/base:latest', + 'podman tag container-registry.oracle.com/olcne/base:latest container-registry.oracle.com/os/oraclelinux:8', + ], +)