Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

install: /usr/sbin/transactional-update (#4403)

Browse Source 
- also updated k3s-uninstall.sh on zypper and TU systems
- fix #4409 for Fedora CoreOS

new installer tests via github actions:
- fedora-coreos
- opensuse-microos

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
This commit is contained in:
Jacob Blain Christen 2021-11-08 16:26:21 -07:00 committed by GitHub
parent 7bd65047c3
commit 559c8ad94b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 150 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
.github/workflows/install.yaml vendored
View File

@ -3,11 +3,11 @@ on:
push:
paths:
- "install.sh"
- "tests/install"
- "tests/install/**"
pull_request:
paths:
- "install.sh"
- "tests/install"
- "tests/install/**"
workflow_dispatch: {}
jobs:
install-centos-7:
@ -42,6 +42,22 @@ jobs:
- name: "Vagrant::⬆"
working-directory: tests/install/centos-8
run: vagrant up
install-fedora-coreos:
name: "Fedora CoreOS"
# nested virtualization is only available on macOS hosts
runs-on: macos-10.15
timeout-minutes: 40
steps:
- name: "Checkout"
uses: actions/checkout@v2
with:
fetch-depth: 1
- name: "VagrantPlugin::K3S"
working-directory: tests/install/fedora-coreos
run: vagrant plugin install vagrant-k3s
- name: "Vagrant::⬆"
working-directory: tests/install/fedora-coreos
run: vagrant up
install-opensuse-leap:
name: "openSUSE Leap"
# nested virtualization is only available on macOS hosts
@ -58,25 +74,25 @@ jobs:
- name: "Vagrant::⬆"
working-directory: tests/install/opensuse-leap
run: vagrant up
# install-opensuse-microos:
# name: "openSUSE MicroOS"
# # nested virtualization is only available on macOS hosts
# runs-on: macos-10.15
# timeout-minutes: 40
# steps:
# - name: "Checkout"
# uses: actions/checkout@v2
# with:
# fetch-depth: 1
# - name: "VagrantPlugin::Reload"
# working-directory: tests/install/opensuse-microos
# run: vagrant plugin install vagrant-reload
# - name: "VagrantPlugin::K3S"
# working-directory: tests/install/opensuse-microos
# run: vagrant plugin install vagrant-k3s
# - name: "Vagrant::⬆"
# working-directory: tests/install/opensuse-microos
# run: vagrant up
install-opensuse-microos:
name: "openSUSE MicroOS"
# nested virtualization is only available on macOS hosts
runs-on: macos-10.15
timeout-minutes: 40
steps:
- name: "Checkout"
uses: actions/checkout@v2
with:
fetch-depth: 1
- name: "VagrantPlugin::Reload"
working-directory: tests/install/opensuse-microos
run: vagrant plugin install vagrant-reload
- name: "VagrantPlugin::K3S"
working-directory: tests/install/opensuse-microos
run: vagrant plugin install vagrant-k3s
- name: "Vagrant::⬆"
working-directory: tests/install/opensuse-microos
run: vagrant up
install-ubuntu-focal:
name: "Ubuntu Focal"
# nested virtualization is only available on macOS hosts

25
install.sh
View File

@ -485,13 +485,12 @@ setup_selinux() {
if [ "$INSTALL_K3S_SKIP_SELINUX_RPM" = true ] || can_skip_download || [ ! -d /usr/share/selinux ]; then
info "Skipping installation of SELinux RPM"
else
elif [ "${ID_LIKE:-}" != coreos ] && [ "${VARIANT_ID:-}" != coreos ]; then
install_selinux_rpm ${rpm_site} ${rpm_channel} ${rpm_target} ${rpm_site_infix}
fi
policy_error=fatal
# install_selinux_rpm will set INSTALL_K3S_SELINUX_WARN=true on microos
if [ "$INSTALL_K3S_SELINUX_WARN" = true ] || [ "${ID_LIKE:-}" = coreos ]; then
if [ "$INSTALL_K3S_SELINUX_WARN" = true ] || [ "${ID_LIKE:-}" = coreos ] || [ "${VARIANT_ID:-}" = coreos ]; then
policy_error=warn
fi
@ -499,8 +498,10 @@ setup_selinux() {
if $SUDO grep '^\s*SELINUX=enforcing' /etc/selinux/config >/dev/null 2>&1; then
$policy_error "Failed to apply container_runtime_exec_t to ${BIN_DIR}/k3s, ${policy_hint}"
fi
else
if [ ! -f /usr/share/selinux/packages/k3s.pp ]; then
elif [ ! -f /usr/share/selinux/packages/k3s.pp ]; then
if [ -x /usr/sbin/transactional-update ]; then
warn "Please reboot your machine to activate the changes and avoid data loss."
else
$policy_error "Failed to find the k3s-selinux policy, ${policy_hint}"
fi
fi
@ -529,21 +530,20 @@ repo_gpgcheck=0
gpgkey=https://${1}/public.key
EOF
case ${3} in
el8)
rpm_installer="dnf"
;;
sle)
rpm_installer="zypper --gpg-auto-import-keys"
if [ "${TRANSACTIONAL_UPDATE=false}" != "true" ] && [ -x /usr/sbin/transactional-update ]; then
rpm_installer="transactional-update --no-selfupdate -d run ${rpm_installer}"
: "${INSTALL_K3S_SKIP_START:=true}"
: "${INSTALL_K3S_SELINUX_WARN:=true}"
fi
;;
*)
rpm_installer="yum"
;;
esac
if [ "${rpm_installer}" = "yum" ] && [ -x /usr/bin/dnf ]; then
rpm_installer=dnf
fi
# shellcheck disable=SC2086
$SUDO ${rpm_installer} install -y "k3s-selinux"
fi
@ -728,6 +728,13 @@ rm -f ${KILLALL_K3S_SH}
if type yum >/dev/null 2>&1; then
yum remove -y k3s-selinux
rm -f /etc/yum.repos.d/rancher-k3s-common*.repo
elif type zypper >/dev/null 2>&1; then
uninstall_cmd="zypper remove -y k3s-selinux"
if [ "\${TRANSACTIONAL_UPDATE=false}" != "true" ] && [ -x /usr/sbin/transactional-update ]; then
uninstall_cmd="transactional-update --no-selfupdate -d run \$uninstall_cmd"
fi
\$uninstall_cmd
rm -f /etc/zypp/repos.d/rancher-k3s-common*.repo
fi
EOF
$SUDO chmod 755 ${UNINSTALL_K3S_SH}

2
tests/install/centos-7/Vagrantfile vendored
View File

@ -6,7 +6,7 @@ ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.2'},
'vagrant-k3s' => {:version => '~> 0.1.3'},
}
config.vm.define 'install-centos-7', primary: true do |test|

2
tests/install/centos-8/Vagrantfile vendored
View File

@ -6,7 +6,7 @@ ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.2'},
'vagrant-k3s' => {:version => '~> 0.1.3'},
}
config.vm.define 'install-centos-8', primary: true do |test|

91
tests/install/fedora-coreos/Vagrantfile vendored Normal file
View File

@ -0,0 +1,91 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.3'},
}
config.vm.define 'install-fedora-coreos', primary: true do |test|
test.vm.box = 'dhml/fedora-coreos-34.20210725.3.0-20210813'
test.vm.hostname = 'install'
test.vm.provision 'selinux-status', type: 'shell', run: 'once', inline: 'sestatus'
test.vm.provision 'k3s-upload', type: 'file', run: 'always', source: ENV['TEST_INSTALL_SH'], destination: 'install.sh'
test.vm.provision 'k3s-install', type: 'k3s', run: 'once' do |k3s|
k3s.installer_url = 'file:///var/home/core/install.sh'
k3s.args = %w[server]
k3s.env = %w[INSTALL_K3S_NAME=server]
k3s.config = {
:selinux => true,
:token => 'vagrant',
}
k3s.config_mode = '0644' # side-step https://github.com/k3s-io/k3s/issues/4321
end
test.vm.provision "k3s-wait-for-node", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eu -o pipefail
echo 'Waiting for node to be ready ...'
time timeout 120 bash -c 'while ! (kubectl wait --for condition=ready node/$(hostname) 2>/dev/null); do sleep 5; done'
kubectl get node,all -A -o wide
SHELL
end
test.vm.provision "k3s-wait-for-coredns", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eu -o pipefail
time timeout 180 bash -c 'while ! (kubectl --namespace kube-system rollout status --timeout 10s deploy/coredns 2>/dev/null); do sleep 5; done'
SHELL
end
test.vm.provision "k3s-wait-for-local-storage", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eu -o pipefail
time timeout 180 bash -c 'while ! (kubectl --namespace kube-system rollout status --timeout 10s deploy/local-path-provisioner 2>/dev/null); do sleep 5; done'
SHELL
end
test.vm.provision "k3s-wait-for-metrics-server", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eu -o pipefail
time timeout 180 bash -c 'while ! (kubectl --namespace kube-system rollout status --timeout 10s deploy/metrics-server 2>/dev/null); do sleep 5; done'
SHELL
end
test.vm.provision "k3s-wait-for-traefik", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eu -o pipefail
time timeout 180 bash -c 'while ! (kubectl --namespace kube-system rollout status --timeout 10s deploy/traefik 2>/dev/null); do sleep 5; done'
SHELL
end
test.vm.provision "k3s-status", type: "shell", run: "once" do |sh|
sh.env = { :PATH => "/usr/local/bin:/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin" }
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eux -o pipefail
kubectl get node,all -A -o wide
SHELL
end
end
%w[hyperv libvirt virtualbox vmware_desktop].each do |p|
config.vm.provider p do |v|
v.cpus = ENV['TEST_VM_CPUS'] || 2
v.memory = ENV['TEST_VM_MEMORY'] || 2048
end
end
config.vm.provider :virtualbox do |v,o|
v.gui = false
v.check_guest_additions = false
end
config.vm.synced_folder '.', '/vagrant', disabled: true
end

2
tests/install/opensuse-leap/Vagrantfile vendored
View File

@ -6,7 +6,7 @@ ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.2'},
'vagrant-k3s' => {:version => '~> 0.1.3'},
}
config.vm.define 'install-opensuse-leap', primary: true do |test|

14
tests/install/opensuse-microos/Vagrantfile vendored
View File

@ -6,23 +6,13 @@ ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.2'},
'vagrant-k3s' => {:version => '~> 0.1.3'},
'vagrant-reload' => {},
}
config.vm.define 'install-microos', primary: true do |test|
test.vm.box = 'opensuse/MicroOS.x86_64'
test.vm.box = 'dweomer/microos.amd64'
test.vm.hostname = 'install'
# microos does not ship selinux-enabled but such is just an update + reboot away
test.vm.provision 'selinux-setup', type: 'shell', run: 'once' do |sh|
sh.inline = <<~EOF
transactional-update -n \
setup-selinux \
pkg install -y apparmor-parser
EOF
end
# reboot to have the snapshot from the previous step as the rootfs
test.vm.provision 'selinux-reload', type: 'reload', run: 'once'
test.vm.provision 'selinux-status', type: 'shell', run: 'once', inline: 'sestatus'
test.vm.provision 'k3s-upload', type: 'file', run: 'always', source: ENV['TEST_INSTALL_SH'], destination: 'install.sh'
test.vm.provision 'k3s-install', type: 'k3s', run: 'once' do |k3s|

2
tests/install/ubuntu-focal/Vagrantfile vendored
View File

@ -6,7 +6,7 @@ ENV['TEST_INSTALL_SH'] ||= '../../../install.sh'
Vagrant.configure("2") do |config|
config.vagrant.plugins = {
'vagrant-k3s' => {:version => '~> 0.1.2'},
'vagrant-k3s' => {:version => '~> 0.1.3'},
}
config.vm.define 'install-ubuntu-focal', primary: true do |test|