Add build data for v1.33.0

build-k8s-docker.sh

@@ -0,0 +1,68 @@
+#!/bin/bash -x
+#
+# Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+if [[ ${#} -eq 0 ]] ; then
+    echo "usage:" >&2
+    echo "  ${0} version k8s_binary_location golang_version" >&2
+    exit 1
+fi
+
+VERSION=v${1}
+BINARY_LOCATION=${2}
+REGISTRY=${3:-container-registry.oracle.com/olcne}
+if [[ ${4} == 9 ]] ; then
+  DOCKER_FILE_PATH=./olm/builds/Dockerfile.oracle.ol9
+else
+  DOCKER_FILE_PATH=./olm/builds/Dockerfile.oracle.ol8
+fi
+export REGISTRY
+export BASEIMAGE
+ARCH=${5:-x86_64}
+echo ARCH=${ARCH}
+
+mkdir -p ${BINARY_LOCATION}/oracle_docker
+KUBE_BINARY="kube-apiserver kube-scheduler kube-controller-manager"
+for BINARY in ${KUBE_BINARY}; do
+        cp ${BINARY_LOCATION}/${BINARY} .
+
+        if [[ ${4} == 9 ]] ; then
+          docker build --pull=never --squash --network=host --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} --build-arg BINARY=${BINARY} -t ${REGISTRY}/${BINARY}:${VERSION} -f ${DOCKER_FILE_PATH} .
+        else
+          docker build --pull=never --squash --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} --build-arg BINARY=${BINARY} -t ${REGISTRY}/${BINARY}:${VERSION} -f ${DOCKER_FILE_PATH} .
+        fi
+        docker save -o ${BINARY_LOCATION}/oracle_docker/${BINARY}.tar ${REGISTRY}/${BINARY}:${VERSION}
+done
+
+# TODO: remove this once OL7 is deprecated
+# kube-proxy iptables hack
+BINARY=kube-proxy
+mkdir kube-proxy
+cp buildrpm/kube-proxy/* kube-proxy/.
+cp ${BINARY_LOCATION}/kube-proxy kube-proxy/.
+cp LICENSE kube-proxy/.
+cp THIRD_PARTY_LICENSES.txt kube-proxy/.
+pushd kube-proxy/
+if [[ ${4} == 9 ]] ; then
+  docker build --pull=never --squash --network=host --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} -t ${REGISTRY}/${BINARY}:${VERSION} -f ./Dockerfile.kube-proxy .
+else
+  docker build --pull=never --squash --build-arg https_proxy=${https_proxy} --build-arg VERSION=${VERSION} -t ${REGISTRY}/${BINARY}:${VERSION} -f ./Dockerfile.kube-proxy .
+fi
+popd
+docker save -o ${BINARY_LOCATION}/oracle_docker/${BINARY}.tar ${REGISTRY}/${BINARY}:${VERSION}

buildrpm/10-kubeadm.conf

@@ -0,0 +1,12 @@
+# Note: This dropin only works with kubeadm and kubelet v1.11+
+[Service]
+Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
+Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
+Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=systemd"
+# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
+EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
+# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
+# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
+EnvironmentFile=-/etc/sysconfig/kubelet
+ExecStart=
+ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS $KUBELET_CRIO_ARGS $KUBELET_CGROUP_ARGS

buildrpm/10-kubectl-proxy.conf

@@ -0,0 +1,2 @@
+[Service]
+Environment="KUBECTL_PROXY_ARGS=--port 8001"

buildrpm/br_netfilter.conf

@@ -0,0 +1 @@
+br_netfilter

buildrpm/genmanpages.sh

@@ -0,0 +1,82 @@
+MDSFORMANPAGES="kube-apiserver.md kube-controller-manager.md kube-proxy.md kube-scheduler.md kubelet.md"
+
+# remove comments from man pages
+for manpage in ${MDSFORMANPAGES}; do
+  pos=$(grep -n "<\!-- END MUNGE: UNVERSIONED_WARNING -->" ${manpage} | cut -d':' -f1)
+  if [ -n "${pos}" ]; then
+    sed -i "1,${pos}{/.*/d}" ${manpage}
+  fi
+done
+
+# for each man page add NAME and SYNOPSIS section
+# kube-apiserver
+sed -i -s "s/## kube-apiserver/# NAME\nkube-apiserver \- Provides the API for kubernetes orchestration.\n\n# SYNOPSIS\n**kube-apiserver** [OPTIONS]\n/" kube-apiserver.md
+
+cat << 'EOF' >> kube-apiserver.md
+# EXAMPLES
+```
+/usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd_servers=http://127.0.0.1:4001 --insecure_bind_address=127.0.0.1 --insecure_port=8080 --kubelet_port=10250 --service-cluster-ip-range=10.1.1.0/24 --allow_privileged=false
+```
+EOF
+# kube-controller-manager
+sed -i -s "s/## kube-controller-manager/# NAME\nkube-controller-manager \- Enforces kubernetes services.\n\n# SYNOPSIS\n**kube-controller-manager** [OPTIONS]\n/" kube-controller-manager.md
+
+cat << 'EOF' >> kube-controller-manager.md
+# EXAMPLES
+```
+/usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=127.0.0.1:8080
+```
+EOF
+# kube-proxy
+sed -i -s "s/## kube-proxy/# NAME\nkube-proxy \- Provides network proxy services.\n\n# SYNOPSIS\n**kube-proxy** [OPTIONS]\n/" kube-proxy.md
+
+cat << 'EOF' >> kube-proxy.md
+# EXAMPLES
+```
+/usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080
+```
+EOF
+# kube-scheduler
+sed -i -s "s/## kube-scheduler/# NAME\nkube-scheduler \- Schedules containers on hosts.\n\n# SYNOPSIS\n**kube-scheduler** [OPTIONS]\n/" kube-scheduler.md
+
+cat << 'EOF' >> kube-scheduler.md
+# EXAMPLES
+```
+/usr/bin/kube-scheduler --logtostderr=true --v=0 --master=127.0.0.1:8080
+```
+EOF
+# kubelet
+sed -i -s "s/## kubelet/# NAME\nkubelet \- Processes a container manifest so the containers are launched according to how they are described.\n\n# SYNOPSIS\n**kubelet** [OPTIONS]\n/" kubelet.md
+
+cat << 'EOF' >> kubelet.md
+# EXAMPLES
+```
+/usr/bin/kubelet --logtostderr=true --v=0 --api_servers=http://127.0.0.1:8080 --address=127.0.0.1 --port=10250 --hostname_override=127.0.0.1 --allow-privileged=false
+```
+EOF
+
+# for all man-pages
+for md in $MDSFORMANPAGES; do
+	# correct section names
+	sed -i -s "s/### Synopsis/# DESCRIPTION/" $md
+	sed -i -s "s/### Options/# OPTIONS/" $md
+	# add header
+	sed -i "s/# NAME/% KUBERNETES(1) kubernetes User Manuals\n# NAME/" $md
+	# modify list of options
+	# options with no value in ""
+	sed -i -r 's/(^      )(-[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md
+	# option with value in ""
+	sed -i -r 's/(^      )(-[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md
+	# options in -s, --long
+	sed -i -r 's/(^  )(-[a-z], -[^":][^":]*)(:)(.*)/\*\*\2\*\*\n\t\4\n/' $md
+	sed -i -r 's/(^  )(-[a-z], -[^":][^":]*)("[^"]*")(:)(.*)/\*\*\2\3\*\*\n\t\5\n/' $md
+	# remove ```
+	sed -i 's/```//' $md
+	# remove all lines starting with ######
+	sed -i 's/^######.*//' $md
+	# modify footer
+	sed -i -r "s/^\[!\[Analytics\].*//" $md
+	# md does not contain section => taking 1
+	name="${md%.md}"
+	pandoc -s -t man $md -o man/man1/$name.1
+done

buildrpm/k8s.conf

@@ -0,0 +1,3 @@
+net.bridge.bridge-nf-call-ip6tables = 1
+net.bridge.bridge-nf-call-iptables = 1
+net.ipv4.ip_forward = 1

buildrpm/kube-proxy/Dockerfile.kube-proxy

@@ -0,0 +1,7 @@
+FROM container-registry.oracle.com/os/oraclelinux:8
+RUN dnf install yum iptables ebtables conntrack kmod ipset tar which && dnf clean all
+ADD kube-proxy /usr/local/bin/kube-proxy
+
+RUN test -d /LICENSES || ln -s /usr/share/licenses /LICENSES
+ADD LICENSE /LICENSES/kubernetes-${VERSION}/LICENSE
+ADD THIRD_PARTY_LICENSES.txt /LICENSES/kubernetes-${VERSION}/THIRD_PARTY_LICENSES.txt

buildrpm/kubectl-proxy.service

@@ -0,0 +1,13 @@
+[Unit]
+ConditionPathExists=/etc/kubernetes/admin.conf
+Description=kubectl proxy Service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/kubectl --kubeconfig=/etc/kubernetes/admin.conf proxy $KUBECTL_PROXY_ARGS
+Restart=always
+StartLimitInterval=0
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target

buildrpm/kubelet

@@ -0,0 +1,2 @@
+KUBELET_EXTRA_ARGS="--fail-swap-on=false"
+KUBELET_CRIO_ARGS="--container-runtime-endpoint=unix:///var/run/crio/crio.sock --runtime-request-timeout=10m"

buildrpm/kubelet.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=kubelet: The Kubernetes Node Agent
+Documentation=http://kubernetes.io/docs/
+
+[Service]
+User=root
+ExecStart=/usr/bin/kubelet
+Restart=always
+StartLimitInterval=0
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target

buildrpm/kubernetes-container-image.spec

@@ -0,0 +1,86 @@
+
+%global debug_package   %{nil}
+%global _find_debuginfo_dwz_opts %{nil}
+%global _dwz_low_mem_die_limit 0
+%global _buildhost build-ol%{?oraclelinux}-%{?_arch}.oracle.com
+
+#I really need this, otherwise "version_ldflags=$(kube::version_ldflags)"
+# does not work
+%global _buildshell /bin/bash
+%global _checkshell /bin/bash
+
+# k8s release version major.minor
+%global major          1
+%global minor          33
+%global patch          0
+%global image_registry container-registry.oracle.com/olcne
+
+%global image_version %{version}
+
+Name:          kubernetes-container-image
+Version:       1.33.0
+Release:       1%{?dist}
+Summary:       Container cluster management
+License:       ASL 2.0
+Group:         System/Management
+URL:           https://kubernetes.io
+Vendor:        Oracle America
+ExclusiveArch: x86_64 ppc64le %{arm} aarch64
+Source:        %{name}-%{version}.tar.bz2
+
+%description
+Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
+
+%package -n kubeadm-container-images
+Summary: Contains Oracle built k8s docker images
+
+%description -n kubeadm-container-images
+Contains Oracle built k8s docker images
+
+%prep
+%setup -q -n %{name}-%{version}
+
+%build
+export KUBE_GIT_TREE_STATE=clean
+export KUBE_GIT_VERSION=v%{version}+%{release}
+export KUBE_GIT_MAJOR=%{major}
+export KUBE_GIT_MINOR=%{minor}
+
+export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace
+export GOPATH=$(pwd)/Godeps/_workspace
+
+make WHAT='cmd/kube-proxy cmd/kube-apiserver cmd/kube-controller-manager cmd/kube-scheduler'
+
+%ifarch %{arm} arm64 aarch64
+arch=aarch64
+%else
+arch=x86_64
+%endif
+
+chmod +x build-k8s-docker.sh
+./build-k8s-docker.sh \
+    %{image_version} \
+    _output/bin \
+    %{image_registry} \
+    %{oraclelinux} \
+    ${arch}
+
+%install
+mkdir -p %{buildroot}/usr/local/share/olcne
+install -m 755 -d %{buildroot}/usr/local/share/olcne
+images=(kube-apiserver.tar kube-controller-manager.tar kube-scheduler.tar kube-proxy.tar)
+for bin in "${images[@]}"; do
+  echo "+++ INSTALLING DOCKER IMAGES ${bin}"
+  install -p -m 755 -t %{buildroot}/usr/local/share/olcne _output/bin/oracle_docker/${bin}
+done
+
+%files -n kubeadm-container-images
+%license LICENSE THIRD_PARTY_LICENSES.txt
+/usr/local/share/olcne/kube-apiserver.tar
+/usr/local/share/olcne/kube-controller-manager.tar
+/usr/local/share/olcne/kube-scheduler.tar
+/usr/local/share/olcne/kube-proxy.tar
+
+%changelog
+* Fri Sep 19 2025 Olcne-Builder Jenkins <[email protected]> - 1.33.0-1
+- Added Oracle specific build files for Kubernetes