diff options
| author | Ivan Shapovalov | 2023-12-23 02:40:25 +0100 |
|---|---|---|
| committer | Ivan Shapovalov | 2023-12-23 08:40:27 +0300 |
| commit | 3b329bfdb5ae70b90e29109b7ff43c8440cb9431 (patch) | |
| tree | 032d1666f46c3a1b7cc55a0fa39bc2afcf98be5f | |
| parent | 9d4f3cc1f9f82eb71aa1e5e5bf19758aee250ef3 (diff) | |
| download | aur-3b329bfdb5ae70b90e29109b7ff43c8440cb9431.tar.gz | |
Rewrite and patch build system, update to 1.29.0+k3s1
| -rw-r--r-- | .SRCINFO | 28 | ||||
| -rw-r--r-- | 0000-Fix-issue-8293.-Remove-useless-log-init-code.patch | 38 | ||||
| -rw-r--r-- | 0001-Dockerfile.dapper-set-HOME-properly.patch | 40 | ||||
| -rw-r--r-- | 0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch | 25 | ||||
| -rw-r--r-- | 0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch | 22 | ||||
| -rw-r--r-- | 0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch | 33 | ||||
| -rw-r--r-- | 0005-Dockerfile.dapper-sanitize-cache-configuration.patch | 67 | ||||
| -rw-r--r-- | 0006-.service-update-systemd-service-files.patch | 175 | ||||
| -rw-r--r-- | 0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch | 52 | ||||
| -rw-r--r-- | PKGBUILD | 93 | ||||
| -rw-r--r-- | config.yaml | 7 | ||||
| -rw-r--r-- | k3s-agent.service.env | 11 | ||||
| -rw-r--r-- | k3s.service.env | 10 |
13 files changed, 572 insertions, 29 deletions
@@ -1,7 +1,7 @@ pkgbase = k3s-git pkgdesc = Lightweight Kubernetes - pkgver = 1.28.4+k3s2+r8+g231cb6ed20 - pkgrel = 2 + pkgver = 1.29.0+k3s1+r0+g3190a5faa2 + pkgrel = 1 url = https://k3s.io arch = x86_64 license = Apache @@ -11,9 +11,31 @@ pkgbase = k3s-git provides = k3s conflicts = k3s backup = etc/systemd/system/k3s.service.env + backup = etc/systemd/system/k3s-agent.service.env + backup = etc/rancher/k3s/config.yaml source = git+https://github.com/k3s-io/k3s source = k3s.service.env + source = k3s-agent.service.env + source = config.yaml + source = 0000-Fix-issue-8293.-Remove-useless-log-init-code.patch + source = 0001-Dockerfile.dapper-set-HOME-properly.patch + source = 0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch + source = 0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch + source = 0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch + source = 0005-Dockerfile.dapper-sanitize-cache-configuration.patch + source = 0006-.service-update-systemd-service-files.patch + source = 0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch sha256sums = SKIP - sha256sums = 667199fa6b811dde3aef3e626e2695a566ad64c9a03d19d0c94a1f104a7612d0 + sha256sums = 94b0dd21fa4f075d4db7f6efe7a775de476b278de72f99773ee3de0bb54e7f68 + sha256sums = 2f6964aed46deb38095801e124a6603f3a29e6886815d52c59c02883f7a37925 + sha256sums = 6f0500a656ed78c0bb689c12264dbcd79f579edc3b9e17d512be742c1b2c43a4 + sha256sums = fe667d538cf94bf8f9a62d9812a03bf423204f452aa11f0f2addf0dbe1b95866 + sha256sums = 9307c9dbec1bdd73a1a3186668e0f5d5c9900474f53a842a133feba62c92b0ac + sha256sums = 350438be7abe98eeee60f23e9aa566eba38df5422597ab4e7184cc7a12309ebb + sha256sums = 659ee5e6a7c7df532418032e7b115ab7804fd60593e497814cc553504545af3c + sha256sums = 6e00974e4ec3ee5999da87c7d1e43fed5b64e84ce6eec3a43ed971f24c5cb820 + sha256sums = 616063a668d510f163aa684e78fcf89d1b8cc8e1524acdc170608bfbf0e80e47 + sha256sums = bb721e8850eb736ad9aad4f0a8ef20dac0e06d7731731c3541264f138be28b74 + sha256sums = f448303dbbefef2645b8c2146d595643c0143c7300eab12a459b85a3b18b3d91 pkgname = k3s-git diff --git a/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch b/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch new file mode 100644 index 000000000000..fa275bf5d134 --- /dev/null +++ b/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch @@ -0,0 +1,38 @@ +From f349e309ed9e06c028e6f3938abbbce246235c60 Mon Sep 17 00:00:00 2001 +From: Linshen Lee <1061696872@qq.com> +Date: Fri, 15 Dec 2023 22:17:32 +0900 +Subject: [PATCH] Fix: issue #8293. Remove useless log init code Signed-off-by: + Linshen Lee 1061696872@qq.com + +--- + pkg/cli/cmds/log.go | 6 ------ + 1 file changed, 6 deletions(-) + +diff --git a/pkg/cli/cmds/log.go b/pkg/cli/cmds/log.go +index ea778ac668..7e34b10136 100644 +--- a/pkg/cli/cmds/log.go ++++ b/pkg/cli/cmds/log.go +@@ -1,9 +1,7 @@ + package cmds + + import ( +- "flag" + "fmt" +- "strconv" + "sync" + "time" + +@@ -73,10 +71,6 @@ func checkUnixTimestamp() error { + } + + func setupLogging() { +- flag.Set("v", strconv.Itoa(LogConfig.VLevel)) +- flag.Set("vmodule", LogConfig.VModule) +- flag.Set("alsologtostderr", strconv.FormatBool(Debug)) +- flag.Set("logtostderr", strconv.FormatBool(!Debug)) + if Debug { + logrus.SetLevel(logrus.DebugLevel) + } +-- +2.43.0 + diff --git a/0001-Dockerfile.dapper-set-HOME-properly.patch b/0001-Dockerfile.dapper-set-HOME-properly.patch new file mode 100644 index 000000000000..9b6db78c3130 --- /dev/null +++ b/0001-Dockerfile.dapper-set-HOME-properly.patch @@ -0,0 +1,40 @@ +From 18b1172fb9d59b50ab8473235c8954097b2a2850 Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Fri, 22 Dec 2023 22:43:56 +0100 +Subject: [PATCH 1/7] Dockerfile.dapper: set $HOME properly + +`$HOME` refers to `$DAPPER_SOURCE`, which is set in the same expression +and is thus not visible at the time of substitution. + +This problem is not immediately visible with Docker, Inc.'s docker +merely because it resets an unset `$HOME` to `/root` (but still breaking +the Go cache). Under podman, this problem is immediately visible because +an unset `$HOME` remains unset and subsequently breaks the `go generate` +invocation. + +Fixes #9089. + +Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name> +--- + Dockerfile.dapper | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/Dockerfile.dapper b/Dockerfile.dapper +index af99d3d35e..2f0cd5e64d 100644 +--- a/Dockerfile.dapper ++++ b/Dockerfile.dapper +@@ -56,9 +56,10 @@ ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.ca + DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \ + DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \ + DAPPER_DOCKER_SOCKET=true \ +- HOME=${DAPPER_SOURCE} \ + CROSS=true \ + STATIC_BUILD=true ++# Set $HOME separately because it refers to $DAPPER_SOURCE, set above ++ENV HOME=${DAPPER_SOURCE} + + WORKDIR ${DAPPER_SOURCE} + +-- +2.43.0 + diff --git a/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch b/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch new file mode 100644 index 000000000000..8675b37965e8 --- /dev/null +++ b/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch @@ -0,0 +1,25 @@ +From 447968ac1d6fc95ad71b93b400ce519ac740d8e3 Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 01:10:59 +0100 +Subject: [PATCH 2/7] main: apply go-fmt to pkg/data/zz_generated_bindata.go + +No reason other than for consistency. +--- + main.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/main.go b/main.go +index 8857094b87..c004a927bc 100644 +--- a/main.go ++++ b/main.go +@@ -1,6 +1,7 @@ + //go:generate go run pkg/codegen/cleanup/main.go + //go:generate rm -rf pkg/generated + //go:generate go run pkg/codegen/main.go ++//go:generate go fmt pkg/data/zz_generated_bindata.go + //go:generate go fmt pkg/deploy/zz_generated_bindata.go + //go:generate go fmt pkg/static/zz_generated_bindata.go + +-- +2.43.0 + diff --git a/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch b/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch new file mode 100644 index 000000000000..60084553a8f3 --- /dev/null +++ b/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch @@ -0,0 +1,22 @@ +From 53f939037c313880efcf39c7e6fcbf4cb9a713e2 Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 01:07:38 +0100 +Subject: [PATCH 3/7] .dockerignore: do not ignore parts of $GITDIR + +--- + .dockerignore | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/.dockerignore b/.dockerignore +index e1651fd70d..36131d3744 100644 +--- a/.dockerignore ++++ b/.dockerignore +@@ -5,4 +5,3 @@ + ./.cache + ./.dapper + ./.trash-cache +-./.git/objects/pack +\ No newline at end of file +-- +2.43.0 + diff --git a/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch b/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch new file mode 100644 index 000000000000..a86b1df96486 --- /dev/null +++ b/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch @@ -0,0 +1,33 @@ +From fe83fb9745c429ac6ba4bb4aa97f538762be0e11 Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 01:11:52 +0100 +Subject: [PATCH 4/7] Dockerfile.dapper: sanitize $DAPPER_OUTPUT + +Existing $DAPPER_OUTPUT is not enough to be able to run build steps +sequentially (i. e. `make download; make generate; make build; +make package`) because it misses several directories with intermediate +artifacts. The only working way to build k3s is a single `make` +invocation (which calls scripts/ci, which in turn calls all build steps +in sequence in a single Docker invocation, thus obviating the need to +extract any intermediate artifacts at all). Thus, don't bother +extracting anything other than the final artifacts. +--- + Dockerfile.dapper | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Dockerfile.dapper b/Dockerfile.dapper +index 2f0cd5e64d..5ae64df57b 100644 +--- a/Dockerfile.dapper ++++ b/Dockerfile.dapper +@@ -54,7 +54,7 @@ ENV SELINUX=${SELINUX} + ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \ + DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \ + DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \ +- DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \ ++ DAPPER_OUTPUT="./dist" \ + DAPPER_DOCKER_SOCKET=true \ + CROSS=true \ + STATIC_BUILD=true +-- +2.43.0 + diff --git a/0005-Dockerfile.dapper-sanitize-cache-configuration.patch b/0005-Dockerfile.dapper-sanitize-cache-configuration.patch new file mode 100644 index 000000000000..3c3af08dd7e4 --- /dev/null +++ b/0005-Dockerfile.dapper-sanitize-cache-configuration.patch @@ -0,0 +1,67 @@ +From 1f17fa5bf080101dddc6ff4100ad38296faa8a4a Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 01:08:37 +0100 +Subject: [PATCH 5/7] Dockerfile.dapper: sanitize cache configuration + +- set $HOME to /root because there is no good reason to keep it in $PWD +- mount volumes to /go/pkg to cache downloaded Go sources (we'd set it + to /go, but that would mask the k3s source tree at /go/src) and + /root/.cache to cache Go object files ($GOCACHE, ~/.cache/go-build) +--- + .dockerignore | 1 + + Dockerfile.dapper | 9 +++++++-- + Makefile | 1 + + 3 files changed, 9 insertions(+), 2 deletions(-) + +diff --git a/.dockerignore b/.dockerignore +index 36131d3744..c7418f3674 100644 +--- a/.dockerignore ++++ b/.dockerignore +@@ -5,3 +5,4 @@ + ./.cache + ./.dapper + ./.trash-cache ++./.dapper-cache +diff --git a/Dockerfile.dapper b/Dockerfile.dapper +index 5ae64df57b..5c49581a76 100644 +--- a/Dockerfile.dapper ++++ b/Dockerfile.dapper +@@ -50,8 +50,13 @@ RUN if [ "$(go env GOARCH)" = "amd64" ]; then \ + ARG SELINUX=true + ENV SELINUX=${SELINUX} + ++# Set to someone's $HOME to persist Go pkg cache ($GOPATH/pkg) Hand Go object cache ($GOCACHE) ++ARG DAPPER_CACHE_HOME=./.dapper-cache ++ARG DAPPER_CACHE_GOPATH=${DAPPER_CACHE_HOME}/go ++ARG DAPPER_CACHE_DOTCACHE=${DAPPER_CACHE_HOME}/cache ++ + # Set Dapper configuration variables +-ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \ ++ENV DAPPER_RUN_ARGS="--privileged -v ${DAPPER_CACHE_GOPATH}/pkg:/go/pkg -v ${DAPPER_CACHE_DOTCACHE}:/root/.cache" \ + DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \ + DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \ + DAPPER_OUTPUT="./dist" \ +@@ -59,7 +64,7 @@ ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.ca + CROSS=true \ + STATIC_BUILD=true + # Set $HOME separately because it refers to $DAPPER_SOURCE, set above +-ENV HOME=${DAPPER_SOURCE} ++ENV HOME=/root + + WORKDIR ${DAPPER_SOURCE} + +diff --git a/Makefile b/Makefile +index 620f899894..50af6aa110 100644 +--- a/Makefile ++++ b/Makefile +@@ -10,6 +10,7 @@ GO_FILES ?= $$(find . -name '*.go' | grep -v generated) + @mv .dapper.tmp .dapper + + $(TARGETS): .dapper ++ @mkdir -p .dapper-cache/{go/pkg,cache} + ./.dapper $@ + + .PHONY: deps +-- +2.43.0 + diff --git a/0006-.service-update-systemd-service-files.patch b/0006-.service-update-systemd-service-files.patch new file mode 100644 index 000000000000..c8cf9707dd48 --- /dev/null +++ b/0006-.service-update-systemd-service-files.patch @@ -0,0 +1,175 @@ +From 3399f01e871f3a87d01f94841a522b9b8aba352e Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 02:10:11 +0100 +Subject: [PATCH 6/7] *.service: update systemd service files + +--- + k3s-agent-rootless.service | 47 ++++++++++++++++++++++++++++++++++++++ + k3s-agent.service | 27 ++++++++++++++++++++++ + k3s-rootless.service | 26 +++++++++++---------- + k3s.service | 12 +++++----- + 4 files changed, 94 insertions(+), 18 deletions(-) + create mode 100644 k3s-agent-rootless.service + create mode 100644 k3s-agent.service + +diff --git a/k3s-agent-rootless.service b/k3s-agent-rootless.service +new file mode 100644 +index 0000000000..68e049b2d1 +--- /dev/null ++++ b/k3s-agent-rootless.service +@@ -0,0 +1,47 @@ ++# systemd unit file for k3s (rootless) ++# ++# Usage: ++# - [Optional] Enable cgroup v2 delegation, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ . ++# This step is optional, but highly recommended for enabling CPU and memory resource limtitation. ++# ++# - Copy this file as `~/.config/systemd/user/k3s-rootless.service`. ++# Installing this file as a system-wide service (`/etc/systemd/...`) is not supported. ++# Depending on the path of `k3s` binary, you might need to modify the `ExecStart=/usr/local/bin/k3s ...` line of this file. ++# ++# - Run `systemctl --user daemon-reload` ++# ++# - Run `systemctl --user enable --now k3s-rootless` ++# ++# - Run `KUBECONFIG=~/.kube/k3s.yaml kubectl get pods -A`, and make sure the pods are running. ++# ++# Troubleshooting: ++# - See `systemctl --user status k3s-rootless` to check the daemon status ++# - See `journalctl --user -f -u k3s-rootless` to see the daemon log ++# - See also https://rootlesscontaine.rs/ ++ ++[Unit] ++Description=Lightweight Kubernetes (agent, rootless) ++Documentation=https://k3s.io ++Documentation=https://rootlesscontaine.rs/ ++After=network.target network-online.target ++Wants=network.target network-online.target ++ ++[Service] ++Type=notify ++EnvironmentFile=-%E/systemd/system/%n.env ++# NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation. ++# If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope. ++ExecStart=/usr/bin/k3s agent --rootless --snapshotter=fuse-overlayfs $K3S_EXEC ++ExecReload=/bin/kill -s HUP $MAINPID ++KillMode=mixed ++Delegate=yes ++LimitNOFILE=1048576 ++LimitNPROC=infinity ++LimitCORE=infinity ++TasksMax=infinity ++TimeoutStartSec=0 ++Restart=always ++RestartSec=5s ++ ++[Install] ++WantedBy=default.target +diff --git a/k3s-agent.service b/k3s-agent.service +new file mode 100644 +index 0000000000..9e8974c972 +--- /dev/null ++++ b/k3s-agent.service +@@ -0,0 +1,27 @@ ++[Unit] ++Description=Lightweight Kubernetes (agent) ++Documentation=https://k3s.io ++After=network.target network-online.target ++Wants=network.target network-online.target ++ ++[Service] ++Type=notify ++EnvironmentFile=-/etc/default/%N ++EnvironmentFile=-/etc/sysconfig/%N ++EnvironmentFile=-/etc/systemd/system/%n.env ++ExecStart=/usr/bin/k3s agent $K3S_EXEC ++ExecReload=/bin/kill -s HUP $MAINPID ++KillMode=process ++Delegate=yes ++# Having non-zero Limit*s causes performance problems due to accounting overhead ++# in the kernel. We recommend using cgroups to do container-local accounting. ++LimitNOFILE=1048576 ++LimitNPROC=infinity ++LimitCORE=infinity ++TasksMax=infinity ++TimeoutStartSec=0 ++Restart=always ++RestartSec=5s ++ ++[Install] ++WantedBy=multi-user.target +diff --git a/k3s-rootless.service b/k3s-rootless.service +index 5879e2f8f2..916af05c6d 100644 +--- a/k3s-rootless.service ++++ b/k3s-rootless.service +@@ -20,26 +20,28 @@ + # - See also https://rootlesscontaine.rs/ + + [Unit] +-Description=k3s (Rootless) ++Description=Lightweight Kubernetes (server, rootless) ++Documentation=https://k3s.io ++Documentation=https://rootlesscontaine.rs/ ++After=network.target network-online.target ++Wants=network.target network-online.target + + [Service] +-Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ++Type=notify ++EnvironmentFile=-%E/systemd/system/%n.env + # NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation. + # If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope. +-ExecStart=/usr/local/bin/k3s server --rootless --snapshotter=fuse-overlayfs ++ExecStart=/usr/bin/k3s server --rootless --snapshotter=fuse-overlayfs $K3S_EXEC + ExecReload=/bin/kill -s HUP $MAINPID +-TimeoutSec=0 +-RestartSec=2 +-Restart=always +-StartLimitBurst=3 +-StartLimitInterval=60s +-LimitNOFILE=infinity ++KillMode=mixed ++Delegate=yes ++LimitNOFILE=1048576 + LimitNPROC=infinity + LimitCORE=infinity + TasksMax=infinity +-Delegate=yes +-Type=simple +-KillMode=mixed ++TimeoutStartSec=0 ++Restart=always ++RestartSec=5s + + [Install] + WantedBy=default.target +diff --git a/k3s.service b/k3s.service +index 7f8c9ec89c..c786114ce0 100644 +--- a/k3s.service ++++ b/k3s.service +@@ -1,16 +1,16 @@ + [Unit] +-Description=Lightweight Kubernetes ++Description=Lightweight Kubernetes (server) + Documentation=https://k3s.io +-After=network-online.target +-Wants=network-online.target ++After=network.target network-online.target ++Wants=network.target network-online.target + + [Service] + Type=notify + EnvironmentFile=-/etc/default/%N + EnvironmentFile=-/etc/sysconfig/%N +-EnvironmentFile=-/etc/systemd/system/k3s.service.env +-ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service' +-ExecStart=/usr/local/bin/k3s server ++EnvironmentFile=-/etc/systemd/system/%n.env ++ExecStart=/usr/bin/k3s server $K3S_EXEC ++ExecReload=/bin/kill -s HUP $MAINPID + KillMode=process + Delegate=yes + # Having non-zero Limit*s causes performance problems due to accounting overhead +-- +2.43.0 + diff --git a/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch b/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch new file mode 100644 index 000000000000..969e1c978170 --- /dev/null +++ b/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch @@ -0,0 +1,52 @@ +From b5f0aa8933a97aef7f255b8b71bb6bc12c9d06a6 Mon Sep 17 00:00:00 2001 +From: Ivan Shapovalov <intelfx@intelfx.name> +Date: Sat, 23 Dec 2023 02:12:21 +0100 +Subject: [PATCH 7/7] scripts: moar compression, drop pigz and raw tar + +--- + scripts/package-airgap | 10 +++++----- + scripts/package-cli | 7 ++++--- + 2 files changed, 9 insertions(+), 8 deletions(-) + +diff --git a/scripts/package-airgap b/scripts/package-airgap +index 911357181a..4953a9639b 100755 +--- a/scripts/package-airgap ++++ b/scripts/package-airgap +@@ -6,11 +6,11 @@ cd $(dirname $0)/.. + . ./scripts/version.sh + + airgap_image_file='scripts/airgap/image-list.txt' +-images=$(cat "${airgap_image_file}") +-xargs -n1 docker pull <<< "${images}" +-docker save ${images} -o dist/artifacts/k3s-airgap-images-${ARCH}.tar +-zstd --no-progress -T0 -16 -f --long=25 dist/artifacts/k3s-airgap-images-${ARCH}.tar -o dist/artifacts/k3s-airgap-images-${ARCH}.tar.zst +-pigz -v -c dist/artifacts/k3s-airgap-images-${ARCH}.tar > dist/artifacts/k3s-airgap-images-${ARCH}.tar.gz ++airgap_tar_file="dist/artifacts/k3s-airgap-images-${ARCH}.tar" ++readarray -t images <"${airgap_image_file}" ++printf '%s\0' "${images[@]}" | xargs -0 -n1 -o docker pull ++docker save "${images[@]}" -o "${airgap_tar_file}" ++zstd -T0 --ultra -22 --long=25 --verbose --force --rm "${airgap_tar_file}" + if [ ${ARCH} = amd64 ]; then + cp "${airgap_image_file}" dist/artifacts/k3s-images.txt + fi +diff --git a/scripts/package-cli b/scripts/package-cli +index c790f04aab..0452d4b4fd 100755 +--- a/scripts/package-cli ++++ b/scripts/package-cli +@@ -54,9 +54,10 @@ mkdir -p ./etc + set -x + ) + +-tar cvf ./build/out/data.tar ./bin ./etc +-zstd --no-progress -T0 -16 -f --long=25 --rm ./build/out/data.tar -o ./build/out/data.tar.zst +-HASH=$(sha256sum ./build/out/data.tar.zst | awk '{print $1}') ++data_tar_file="./build/out/data.tar" ++tar cvf "${data_tar_file}" ./bin ./etc ++zstd -T0 --ultra -22 --long=25 --verbose --force --rm "${data_tar_file}" ++HASH=$(sha256sum "${data_tar_file}.zst" | awk '{print $1}') + + cp ./build/out/data.tar.zst ./build/data/${HASH}.tar.zst + +-- +2.43.0 + @@ -1,26 +1,51 @@ # Maintainer: Ivan Shapovalov <intelfx@intelfx.name> pkgname=k3s-git -pkgver=1.28.4+k3s2+r8+g231cb6ed20 -pkgrel=2 +pkgver=1.29.0+k3s1+r0+g3190a5faa2 +pkgrel=1 pkgdesc='Lightweight Kubernetes' arch=(x86_64) url='https://k3s.io' license=(Apache) -makedepends=(git go podman) +makedepends=( + git go podman + # these are (some of) the tools that are installed into the "builder" + # docker container during the officially blessed build path + # curl jq yq zstd pigz +) provides=(k3s) conflicts=(k3s) backup=( etc/systemd/system/k3s.service.env + etc/systemd/system/k3s-agent.service.env + etc/rancher/k3s/config.yaml ) source=( "git+https://github.com/k3s-io/k3s" 'k3s.service.env' + 'k3s-agent.service.env' + 'config.yaml' + '0000-Fix-issue-8293.-Remove-useless-log-init-code.patch' + '0001-Dockerfile.dapper-set-HOME-properly.patch' + '0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch' + '0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch' + '0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch' + '0005-Dockerfile.dapper-sanitize-cache-configuration.patch' + '0006-.service-update-systemd-service-files.patch' + '0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch' ) -sha256sums=( - 'SKIP' - '667199fa6b811dde3aef3e626e2695a566ad64c9a03d19d0c94a1f104a7612d0' -) +sha256sums=('SKIP' + '94b0dd21fa4f075d4db7f6efe7a775de476b278de72f99773ee3de0bb54e7f68' + '2f6964aed46deb38095801e124a6603f3a29e6886815d52c59c02883f7a37925' + '6f0500a656ed78c0bb689c12264dbcd79f579edc3b9e17d512be742c1b2c43a4' + 'fe667d538cf94bf8f9a62d9812a03bf423204f452aa11f0f2addf0dbe1b95866' + '9307c9dbec1bdd73a1a3186668e0f5d5c9900474f53a842a133feba62c92b0ac' + '350438be7abe98eeee60f23e9aa566eba38df5422597ab4e7184cc7a12309ebb' + '659ee5e6a7c7df532418032e7b115ab7804fd60593e497814cc553504545af3c' + '6e00974e4ec3ee5999da87c7d1e43fed5b64e84ce6eec3a43ed971f24c5cb820' + '616063a668d510f163aa684e78fcf89d1b8cc8e1524acdc170608bfbf0e80e47' + 'bb721e8850eb736ad9aad4f0a8ef20dac0e06d7731731c3541264f138be28b74' + 'f448303dbbefef2645b8c2146d595643c0143c7300eab12a459b85a3b18b3d91') pkgver() { cd k3s @@ -30,17 +55,12 @@ pkgver() { prepare() { cd k3s - # fix #8293 - git fetch origin refs/pull/9064/head - git cherry-pick --no-edit FETCH_HEAD - - # moar compression - sed -i -r 's|(zstd .*)-[0-9]+|\1 --ultra -22|' \ - scripts/package-cli \ - scripts/package-airgap \ - - sed -i -r 's|/usr/local/bin/k3s|/usr/bin/k3s|' \ - *.service + # fix #8293, #9089, sanitize buildsystem, moar compression + for p in "${source[@]}"; do + if [[ $p == *.patch ]]; then + git apply -3 "$srcdir/$p" + fi + done } build() { @@ -76,17 +96,31 @@ EOF # 4. Run podman-system-service to create a dockerd-compatible control socket # and point every broken tool in existence towards it. - export DOCKER_HOST="unix:///tmp/docker.sock" - podman --log-level=info system service --time 0 "$DOCKER_HOST" & + export DOCKER_HOST="unix://$PWD/docker.sock" + podman system service --time 0 "$DOCKER_HOST" >&2 & podman_pid="$!" - # 5. Hopefully run the build inside of this Rube-Goldbergian contraption. + # 5. Set $DAPPER_CACHE_HOME to hopefully persist (some) caches + # FIXME: point this to $HOME after we make sure this works + export DAPPER_CACHE_HOME="$BUILDDIR/dapper-cache" + # dapper/podman won't create those subdirs for us + mkdir -pv "$DAPPER_CACHE_HOME"/{cache,go/pkg} + + # 6. create a build script with only the steps we want + cat <<"EOF" | install -m755 /dev/stdin k3s/scripts/archpkg +#!/bin/bash -ex + +scripts/download +scripts/build +scripts/package-cli +#REPO=... IMAGE_NAME=... scripts/package-image +scripts/package-airgap +EOF + + # 7. Hopefully run the build inside of this Rube-Goldbergian contraption. cd k3s - mkdir -p build/data - make download - make generate - make build - make package + #scripts/archpkg + make archpkg kill "$podman_pid" wait "$podman_pid" @@ -101,16 +135,23 @@ package() { install -Dm644 \ k3s.service \ + k3s-agent.service \ -t "$pkgdir/usr/lib/systemd/system" install -Dm644 \ k3s-rootless.service \ + k3s-agent-rootless.service \ -t "$pkgdir/usr/lib/systemd/user" install -Dm600 \ "$srcdir/k3s.service.env" \ + "$srcdir/k3s-agent.service.env" \ -t "$pkgdir/etc/systemd/system" + install -Dm600 \ + "$srcdir/config.yaml" \ + -t "$pkgdir/etc/rancher/k3s" + # air-gapped images install -Dm644 \ dist/artifacts/k3s-airgap-images-amd64.tar.zst \ diff --git a/config.yaml b/config.yaml new file mode 100644 index 000000000000..1514b43db97a --- /dev/null +++ b/config.yaml @@ -0,0 +1,7 @@ +#write-kubeconfig-mode: "0644" +#tls-san: +# - "foo.local" +#node-label: +# - "foo=bar" +# - "something=amazing" +#cluster-init: true diff --git a/k3s-agent.service.env b/k3s-agent.service.env new file mode 100644 index 000000000000..969a44453f78 --- /dev/null +++ b/k3s-agent.service.env @@ -0,0 +1,11 @@ +# K3S_EXEC= +# K3S_URL= +# K3S_TOKEN= +# K3S_AGENT_TOKEN= +# K3S_CONFIG_FILE=/etc/rancher/k3s/config.yaml +# K3S_TOKEN_FILE=/var/lib/rancher/k3s/server/token +# K3S_AGENT_TOKEN_FILE=/var/lib/rancher/k3s/server/agent-token + +# HTTP_PROXY=http://your-proxy.example.com:8888 +# HTTPS_PROXY=http://your-proxy.example.com:8888 +# NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 diff --git a/k3s.service.env b/k3s.service.env new file mode 100644 index 000000000000..03c45fbaa2d5 --- /dev/null +++ b/k3s.service.env @@ -0,0 +1,10 @@ +# K3S_EXEC= +# K3S_TOKEN= +# K3S_AGENT_TOKEN= +# K3S_CONFIG_FILE=/etc/rancher/k3s/config.yaml +# K3S_TOKEN_FILE=/var/lib/rancher/k3s/server/token +# K3S_AGENT_TOKEN_FILE=/var/lib/rancher/k3s/server/agent-token + +# HTTP_PROXY=http://your-proxy.example.com:8888 +# HTTPS_PROXY=http://your-proxy.example.com:8888 +# NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 |