From 5fa5afed5558822cefd2d2e6e617f8370d02af62 Mon Sep 17 00:00:00 2001 From: William Hubbs Date: Mon, 30 Mar 2020 16:31:18 -0500 Subject: sys-cluster/kubernetes: production-grade container orchestration Previously, Kubernetes had all of its executables packaged separately, but this will be much easier to maintain. The use flags control which parts are built and installed. Signed-off-by: William Hubbs --- sys-cluster/kubernetes/Manifest | 1 + sys-cluster/kubernetes/files/kube-apiserver.confd | 7 ++ sys-cluster/kubernetes/files/kube-apiserver.initd | 19 +++++ .../kubernetes/files/kube-apiserver.logrotated | 7 ++ .../kubernetes/files/kube-controller-manager.confd | 9 +++ .../kubernetes/files/kube-controller-manager.initd | 19 +++++ .../files/kube-controller-manager.logrotated | 7 ++ sys-cluster/kubernetes/files/kube-proxy.confd | 4 + sys-cluster/kubernetes/files/kube-proxy.initd | 19 +++++ sys-cluster/kubernetes/files/kube-proxy.logrotated | 7 ++ sys-cluster/kubernetes/files/kube-scheduler.confd | 9 +++ sys-cluster/kubernetes/files/kube-scheduler.initd | 19 +++++ .../kubernetes/files/kube-scheduler.logrotated | 7 ++ sys-cluster/kubernetes/files/kubelet.confd | 4 + sys-cluster/kubernetes/files/kubelet.env | 17 ++++ sys-cluster/kubernetes/files/kubelet.initd | 19 +++++ sys-cluster/kubernetes/files/kubelet.logrotated | 7 ++ sys-cluster/kubernetes/files/kubelet.service | 24 ++++++ sys-cluster/kubernetes/kubernetes-1.18.0.ebuild | 90 ++++++++++++++++++++++ sys-cluster/kubernetes/metadata.xml | 17 ++++ 20 files changed, 312 insertions(+) create mode 100644 sys-cluster/kubernetes/Manifest create mode 100644 sys-cluster/kubernetes/files/kube-apiserver.confd create mode 100644 sys-cluster/kubernetes/files/kube-apiserver.initd create mode 100644 sys-cluster/kubernetes/files/kube-apiserver.logrotated create mode 100644 sys-cluster/kubernetes/files/kube-controller-manager.confd create mode 100644 sys-cluster/kubernetes/files/kube-controller-manager.initd create mode 100644 sys-cluster/kubernetes/files/kube-controller-manager.logrotated create mode 100644 sys-cluster/kubernetes/files/kube-proxy.confd create mode 100644 sys-cluster/kubernetes/files/kube-proxy.initd create mode 100644 sys-cluster/kubernetes/files/kube-proxy.logrotated create mode 100644 sys-cluster/kubernetes/files/kube-scheduler.confd create mode 100644 sys-cluster/kubernetes/files/kube-scheduler.initd create mode 100644 sys-cluster/kubernetes/files/kube-scheduler.logrotated create mode 100644 sys-cluster/kubernetes/files/kubelet.confd create mode 100644 sys-cluster/kubernetes/files/kubelet.env create mode 100644 sys-cluster/kubernetes/files/kubelet.initd create mode 100644 sys-cluster/kubernetes/files/kubelet.logrotated create mode 100644 sys-cluster/kubernetes/files/kubelet.service create mode 100644 sys-cluster/kubernetes/kubernetes-1.18.0.ebuild create mode 100644 sys-cluster/kubernetes/metadata.xml (limited to 'sys-cluster') diff --git a/sys-cluster/kubernetes/Manifest b/sys-cluster/kubernetes/Manifest new file mode 100644 index 000000000000..0d914c7cff95 --- /dev/null +++ b/sys-cluster/kubernetes/Manifest @@ -0,0 +1 @@ +DIST kubernetes-1.18.0.tar.gz 32554015 BLAKE2B 24079970cc1887c6dad7b55d9f2fd80cd9f46f1b6c1240cf28abf2eb33b3809bcd858293bb800255533a13e24145fab580b0bd2eb0e06c15ca4e0feeedcf6ff2 SHA512 3298ec63a2fbcd396b415f27a581f4286317ae206c30b35457aed780baae4115059df20e40028df394984caccc8bb4ef6c879ae3c064771c8a5c045dee7998e8 diff --git a/sys-cluster/kubernetes/files/kube-apiserver.confd b/sys-cluster/kubernetes/files/kube-apiserver.confd new file mode 100644 index 000000000000..db74d27f0207 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-apiserver.confd @@ -0,0 +1,7 @@ +### +# kubernetes system config +# +# The following values are used to configure the kube-apiserver +# + +command_args="" diff --git a/sys-cluster/kubernetes/files/kube-apiserver.initd b/sys-cluster/kubernetes/files/kube-apiserver.initd new file mode 100644 index 000000000000..6f649f5a5460 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-apiserver.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Kubernetes API Server" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} +group=${group:-${RC_SVCNAME}} + +command="/usr/bin/kube-apiserver" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + after net +} diff --git a/sys-cluster/kubernetes/files/kube-apiserver.logrotated b/sys-cluster/kubernetes/files/kube-apiserver.logrotated new file mode 100644 index 000000000000..4ed84506231f --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-apiserver.logrotated @@ -0,0 +1,7 @@ +/var/log/kube-apiserver/*.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sys-cluster/kubernetes/files/kube-controller-manager.confd b/sys-cluster/kubernetes/files/kube-controller-manager.confd new file mode 100644 index 000000000000..155c43a07561 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-controller-manager.confd @@ -0,0 +1,9 @@ +### +# kubernetes system config +# +# The following values are used to configure the kube-controller-manager +# + +# Add your own! +command_args="" + diff --git a/sys-cluster/kubernetes/files/kube-controller-manager.initd b/sys-cluster/kubernetes/files/kube-controller-manager.initd new file mode 100644 index 000000000000..276197f06562 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-controller-manager.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Kubernetes Controller Manager service" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} +group=${group:-${RC_SVCNAME}} + +command="/usr/bin/kube-controller-manager" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + after net +} diff --git a/sys-cluster/kubernetes/files/kube-controller-manager.logrotated b/sys-cluster/kubernetes/files/kube-controller-manager.logrotated new file mode 100644 index 000000000000..06efce234069 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-controller-manager.logrotated @@ -0,0 +1,7 @@ +/var/log/kube-controller-manager/*.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sys-cluster/kubernetes/files/kube-proxy.confd b/sys-cluster/kubernetes/files/kube-proxy.confd new file mode 100644 index 000000000000..00f33f358bb9 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-proxy.confd @@ -0,0 +1,4 @@ +### +# Kubernetes kube-proxy config +# +command_args="" diff --git a/sys-cluster/kubernetes/files/kube-proxy.initd b/sys-cluster/kubernetes/files/kube-proxy.initd new file mode 100644 index 000000000000..18a75adf0b64 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-proxy.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Kubernetes Proxy service" +pidfile=${pidfile:-"/run/${SVCNAME}.pid"} +user=${user:-root} +group=${group:-root} + +command="/usr/bin/kube-proxy" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${SVCNAME}/${SVCNAME}.log \ + --stderr /var/log/${SVCNAME}/${SVCNAME}.log" + +depend() { + after net +} diff --git a/sys-cluster/kubernetes/files/kube-proxy.logrotated b/sys-cluster/kubernetes/files/kube-proxy.logrotated new file mode 100644 index 000000000000..b8d1032c1f76 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-proxy.logrotated @@ -0,0 +1,7 @@ +/var/log/kube-proxy/*.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sys-cluster/kubernetes/files/kube-scheduler.confd b/sys-cluster/kubernetes/files/kube-scheduler.confd new file mode 100644 index 000000000000..8442e0348d23 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-scheduler.confd @@ -0,0 +1,9 @@ +### +# kubernetes system config +# +# The following values are used to configure the kube-scheduler +# + +# Add your own! +command_args="" + diff --git a/sys-cluster/kubernetes/files/kube-scheduler.initd b/sys-cluster/kubernetes/files/kube-scheduler.initd new file mode 100644 index 000000000000..2c49bce3ec80 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-scheduler.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Kubernetes Scheduler service" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} +group=${group:-${RC_SVCNAME}} + +command="/usr/bin/kube-scheduler" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + after net +} diff --git a/sys-cluster/kubernetes/files/kube-scheduler.logrotated b/sys-cluster/kubernetes/files/kube-scheduler.logrotated new file mode 100644 index 000000000000..6cce6c6f5be7 --- /dev/null +++ b/sys-cluster/kubernetes/files/kube-scheduler.logrotated @@ -0,0 +1,7 @@ +/var/log/kube-scheduler/*.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sys-cluster/kubernetes/files/kubelet.confd b/sys-cluster/kubernetes/files/kubelet.confd new file mode 100644 index 000000000000..24f424877eb8 --- /dev/null +++ b/sys-cluster/kubernetes/files/kubelet.confd @@ -0,0 +1,4 @@ +### +# Kubernetes Kubelet (worker) config + +command_args="" diff --git a/sys-cluster/kubernetes/files/kubelet.env b/sys-cluster/kubernetes/files/kubelet.env new file mode 100644 index 000000000000..a623673960ff --- /dev/null +++ b/sys-cluster/kubernetes/files/kubelet.env @@ -0,0 +1,17 @@ +### +# kubernetes kubelet (minion) config + +# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) +KUBELET_ADDRESS="--address=127.0.0.1" + +# The port for the info server to serve on +# KUBELET_PORT="--port=10250" + +# You may leave this blank to use the actual hostname +KUBELET_HOSTNAME="--hostname-override=127.0.0.1" + +# Edit the kubelet.kubeconfig to have correct cluster server address +KUBELET_KUBECONFIG=/etc/kubernetes/kubelet.kubeconfig + +# Add your own! +KUBELET_ARGS="--cgroup-driver=systemd --fail-swap-on=false" diff --git a/sys-cluster/kubernetes/files/kubelet.initd b/sys-cluster/kubernetes/files/kubelet.initd new file mode 100644 index 000000000000..363f635b5863 --- /dev/null +++ b/sys-cluster/kubernetes/files/kubelet.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2016-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Kubelet, a Kubernetes node agent" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-root} +group=${group:-root} + +command="/usr/bin/kubelet" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/kubelet/${RC_SVCNAME}.log \ + --stderr /var/log/kubelet/${RC_SVCNAME}.log" + +depend() { + after net +} diff --git a/sys-cluster/kubernetes/files/kubelet.logrotated b/sys-cluster/kubernetes/files/kubelet.logrotated new file mode 100644 index 000000000000..ddf8c1dd80f6 --- /dev/null +++ b/sys-cluster/kubernetes/files/kubelet.logrotated @@ -0,0 +1,7 @@ +/var/log/kubernetes/*.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/sys-cluster/kubernetes/files/kubelet.service b/sys-cluster/kubernetes/files/kubelet.service new file mode 100644 index 000000000000..1082bbac1d0b --- /dev/null +++ b/sys-cluster/kubernetes/files/kubelet.service @@ -0,0 +1,24 @@ +[Unit] +Description=Kubernetes Kubelet Server +Documentation=https://kubernetes.io/docs/concepts/overview/components/#kubelet https://kubernetes.io/docs/reference/generated/kubelet/ +After=docker.service +Requires=docker.service + +[Service] +WorkingDirectory=/var/lib/kubelet +EnvironmentFile=-/etc/kubernetes/config +EnvironmentFile=-/etc/kubernetes/kubelet +ExecStart=/usr/bin/kubelet \ + $KUBE_LOGTOSTDERR \ + $KUBE_LOG_LEVEL \ + $KUBELET_KUBECONFIG \ + $KUBELET_ADDRESS \ + $KUBELET_PORT \ + $KUBELET_HOSTNAME \ + $KUBE_ALLOW_PRIV \ + $KUBELET_ARGS +Restart=on-failure +KillMode=process + +[Install] +WantedBy=multi-user.target diff --git a/sys-cluster/kubernetes/kubernetes-1.18.0.ebuild b/sys-cluster/kubernetes/kubernetes-1.18.0.ebuild new file mode 100644 index 000000000000..50827671959d --- /dev/null +++ b/sys-cluster/kubernetes/kubernetes-1.18.0.ebuild @@ -0,0 +1,90 @@ +# Copyright 2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit bash-completion-r1 go-module systemd + +DESCRIPTION="production-grade container orchestration" +HOMEPAGE="https://kubernetes.io" +SRC_URI="https://github.com/kubernetes/kubernetes/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +AGENT="kubelet" +CLI="kubeadm kubectl" +SERVICES="kube-apiserver kube-controller-manager kube-proxy kube-scheduler" +IUSE="hardened" +for x in ${AGENT} ${CLI} ${SERVICES}; do + IUSE+=" +${x}" +done + +BDEPEND=">=dev-lang/go-1.13" +COMMON_DEPEND=" + kube-apiserver? ( + acct-group/kube-apiserver + acct-user/kube-apiserver + ) + kube-controller-manager? ( + acct-group/kube-controller-manager + acct-user/kube-controller-manager + ) + kube-scheduler? ( + acct-group/kube-scheduler + acct-user/kube-scheduler + )" +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND} + kube-proxy? ( net-firewall/conntrack-tools ) + !sys-cluster/kubeadm + !sys-cluster/kubectl + !sys-cluster/kubelet + !sys-cluster/kube-apiserver + !sys-cluster/kube-controller-manager + !sys-cluster/kube-proxy + !sys-cluster/kube-scheduler" + +RESTRICT+=" test" + +src_compile() { + local x + for x in ${AGENT} ${CLI} ${SERVICES}; do + use $x || continue + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" \ + emake -j1 GOFLAGS=-v GOLDFLAGS="" LDFLAGS="" WHAT=cmd/${x} + done +} + +src_install() { + local x + for x in ${AGENT} ${CLI} ${SERVICES}; do + use $x || continue + dobin _output/bin/${x} + if has ${x} ${CLI}; then + _output/bin/${x} completion bash > ${x}.bash || die + _output/bin/${x} completion zsh > ${x}.zsh || die + newbashcomp ${x}.bash ${x} + insinto /usr/share/zsh/site-functions + newins ${x}.zsh _${x} + continue + fi + newinitd "${FILESDIR}"/${x}.initd ${x} + newconfd "${FILESDIR}"/${x}.confd ${x} + insinto /etc/logrotate.d + newins "${FILESDIR}"/${x}.logrotated ${x} + keepdir /var/log/${x} + if [[ "$x" =~ kubelet ]]; then + systemd_dounit "${FILESDIR}"/${x}.service + insinto /etc/kubernetes + newins "${FILESDIR}"/${x}.env ${x}.env + keepdir /etc/kubernetes/manifests + fi + if [[ $x =~ kubelet|kube-proxy ]]; then + keepdir /var/lib/${x} + fi +# if [[ $x =~ .*apiserver|.*controller-manager|.*scheduler ]]; then +# fowners ${x}:${x} /var/log/${x} +# fi + done +} diff --git a/sys-cluster/kubernetes/metadata.xml b/sys-cluster/kubernetes/metadata.xml new file mode 100644 index 000000000000..abf38f229729 --- /dev/null +++ b/sys-cluster/kubernetes/metadata.xml @@ -0,0 +1,17 @@ + + + + + williamh@gentoo.org + William Hubbs + + + CLI to bootstrap a secure Kubernetes cluster + CLI to run commands against Kubernetes clusters + Kubernetes node agent + Kubernetes API server + Kubernetes controller manager + Kubernetes proxy service + Kubernetes scheduler + + -- cgit v1.2.3-65-gdbad