%global with_debug 0 %if 0%{?with_debug} # https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12 %global _dwz_low_mem_die_limit 0 %else %global debug_package %{nil} %endif %global provider github %global provider_tld com %global project kubernetes %global repo kubernetes # https://github.com/kubernetes/kubernetes %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo} %global import_path kubernetes.io/ # **** release metadata **** %global commit bc401b91f2782410b3fb3f9acf43a995c4de90d2 %global shortcommit %(c=%{commit}; echo ${c:0:7}) # release major.minor version (k8s_minver); patch version (k8s_patchver) %global k8s_name kubernetes %global k8s_minver 1.29 %global k8s_patchver 1 # golang 'built with' version %global golangver 1.21.6 # last release version of these rpms prior to F40 restructure # should not change once restructure goes into rawhide %global switchver 1.28.6-4 # Needed otherwise "version_ldflags=$(kube::version_ldflags)" doesn't work %global _buildshell /bin/bash %global _checkshell /bin/bash ############################################## Name: %{k8s_name} Version: %{k8s_minver}.%{k8s_patchver} Release: %autorelease Summary: Open Source Production-Grade Container Scheduling And Management Platform License: ASL 2.0 URL: https://%{import_path} ExclusiveArch: x86_64 aarch64 ppc64le s390x %{arm} Source0: https://%{provider_prefix}/archive/%{commit}/%{repo}-%{shortcommit}.tar.gz Source101: kube-proxy.service Source102: kube-apiserver.service Source103: kube-scheduler.service Source104: kube-controller-manager.service Source105: kubelet.service Source106: environ-apiserver Source107: environ-config Source108: environ-controller-manager Source109: environ-kubelet Source110: environ-kubelet.kubeconfig Source111: environ-proxy Source112: environ-scheduler Source113: kubernetes-accounting.conf Source114: kubeadm.conf Source115: kubernetes.conf Source116: %{name}.sysusers Patch3: build-with-debug-info.patch ############################################## # main package components - installs kubelet, kubeadm and necessary # configuration files. Recommends kubernetes-client. # build requirements for kubelet, kubeadm BuildRequires: golang >= %{golangver} BuildRequires: make BuildRequires: go-md2man BuildRequires: systemd BuildRequires: rsync # needed per fedora documentation - may drop as /run not used # and kube user no longer needed BuildRequires: systemd-rpm-macros %{?sysusers_requires_compat} # additonal kubelet requirements Requires: (containerd or cri-o) Recommends: cri-o = %{version}-%{release} Requires: conntrack-tools Requires(pre): shadow-utils Requires: socat Recommends: kubernetes-client = %{version}-%{release} # additional kubeadm requirements Requires: containernetworking-plugins Requires: cri-tools # require same version for kubernetes-client if installed Conflicts: kubernetes-client < %{version}-%{release} Conflicts: kubernetes-client > %{version}-%{release} # provides and obsoletes kubernetes-node and kubernetes-kubeadm Provides: kubernetes-kubeadm = %{version}-%{release} Obsoletes: kubernetes-kubeadm <= %{switchver} Provides: kubernetes-node = %{version}-%{release} Obsoletes: kubernetes-node <= %{switchver} %description %{summary} Installs kubeadm and kubelet, the two basic components needed to bootstrap, and run a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machines. ############################################## %package client Summary: Kubernetes client tools BuildRequires: golang >= %{golangver} BuildRequires: make Conflicts: kubernetes < %{version}-%{release} Conflicts: kubernetes > %{version}-%{release} %description client Installs kubectl, the Kubernetes command line client. ############################################## %package legacy-systemd Summary: Legacy systemd services for control plane and/or node BuildRequires: golang >= %{golangver} BuildRequires: systemd BuildRequires: rsync BuildRequires: make BuildRequires: go-md2man Requires(pre): shadow-utils Requires: kubernetes = %{version}-%{release} # obsoletes kubernetes-master in part Provides: kubernetes-master = %{version}-%{release} Obsoletes: kubernetes-master <= %{switchver} %description legacy-systemd Legacy systemd services needed for manual installation of Kubernetes on control plane or node machines. Not needed for most modern clusters. If kubeadm is used to bootstrap Kubernetes then this rpm is not needed as kubeadm will install these services as static pods in the cluster on nodes as needed. If these services are used, enable all services on each control plane. Enable kube-proxy on all nodes. ############################################## ############################################## %prep %setup -q -n %{repo}-%{commit} %if 0%{?with_debug} %patch3 -p1 %endif # src/k8s.io/kubernetes/pkg/util/certificates # Patch the code to remove eliptic.P224 support # For whatever reason: # https://groups.google.com/forum/#!topic/Golang-nuts/Oq4rouLEvrU for dir in vendor/github.com/google/certificate-transparency/go/x509 pkg/util/certificates; do if [ -d "${dir}" ]; then pushd ${dir} sed -i "/^[^=]*$/ s/oidNamedCurveP224/oidNamedCurveP256/g" *.go sed -i "/^[^=]*$/ s/elliptic\.P224/elliptic.P256/g" *.go popd fi done mkdir -p src/k8s.io/kubernetes mv $(ls | grep -v "^src$") src/k8s.io/kubernetes/. # mv command above skips all dot files. Move .generated_files and all #.go* files mv .generated_files src/k8s.io/kubernetes/. mv .go* src/k8s.io/kubernetes/. ############### %build # As of K8S 1.26.3/1.25.8/1.24.12 upstream now builds with an explicit # version of go and will try to fetch that version if not present. # FORCE_HOTS_GO=y overrides that specification by using the host's # version of go. This spec file continues to use build requires to # require as a minimum the 'built with' go version from upstream. # # Packagers need to ensure that the go version on the build host contains # any security patches and other critical fixes that are part of the # "built with" version. Go maintainers typically release patch updates # for both supported versions of Go that contain the same security # updates. export FORCE_HOST_GO=y pushd src/k8s.io/kubernetes/ source hack/lib/init.sh kube::golang::setup_env export KUBE_GIT_TREE_STATE="clean" export KUBE_GIT_COMMIT=%{commit} export KUBE_GIT_VERSION=v{version} export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace # Build each binary separately to generate a unique build-id. # Otherwise: Duplicate build-ids /builddir/build/BUILDROOT/.../usr/bin/kube-apiserver and /builddir/build/BUILDROOT/.../usr/bin/kubeadm make WHAT="cmd/kube-proxy" make WHAT="cmd/kube-apiserver" make WHAT="cmd/kube-controller-manager" make WHAT="cmd/kubelet" make WHAT="cmd/kubeadm" make WHAT="cmd/kube-scheduler" make WHAT="cmd/kubectl" # Gen docs make WHAT="cmd/gendocs" make WHAT="cmd/genkubedocs" make WHAT="cmd/genman" make WHAT="cmd/genyaml" kube::util::gen-docs . ############### %install pushd src/k8s.io/kubernetes/ source hack/lib/init.sh kube::golang::setup_env %ifarch ppc64le output_path="_output/local/go/bin" %else output_path="${KUBE_OUTPUT_BINPATH}/$(kube::golang::host_platform)" %endif echo "+++ INSTALLING binaries" install -m 755 -d %{buildroot}%{_bindir} install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-proxy install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-apiserver install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-controller-manager install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubelet install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubeadm install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-scheduler install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubectl echo "+++ INSTALLING kubelet service config" install -d -m 0755 %{buildroot}/%{_sysconfdir}/systemd/system/kubelet.service.d install -p -m 0644 -t %{buildroot}/%{_sysconfdir}/systemd/system/kubelet.service.d %{SOURCE114} echo "+++ INSTALLING shell completion" install -dm 0755 %{buildroot}/%{bash_completions_dir} %{buildroot}%{_bindir}/kubectl completion bash > %{buildroot}/%{bash_completions_dir}/kubectl install -dm 0755 %{buildroot}/%{fish_completions_dir} %{buildroot}%{_bindir}/kubectl completion fish > %{buildroot}/%{fish_completions_dir}/kubectl.fish install -dm 0755 %{buildroot}/%{zsh_completions_dir} %{buildroot}%{_bindir}/kubectl completion zsh > %{buildroot}/%{zsh_completions_dir}/_kubectl echo "+++ INSTALLING config files" %define remove_environ_prefix() %(echo -n %1|sed 's/.*environ-//g') install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name} install -d -m 0700 %{buildroot}%{_sysconfdir}/%{name}/manifests install -m 644 -T %{SOURCE106} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE106}} install -m 644 -T %{SOURCE107} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE107}} install -m 644 -T %{SOURCE108} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE108}} install -m 644 -T %{SOURCE109} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE109}} install -m 644 -T %{SOURCE110} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE110}} install -m 644 -T %{SOURCE111} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE111}} install -m 644 -T %{SOURCE112} %{buildroot}%{_sysconfdir}/%{name}/%{remove_environ_prefix %{SOURCE112}} # place systemd/tmpfiles.d/kubernetes.conf to /usr/lib/tmpfiles.d/kubernetes.conf install -d -m 0755 %{buildroot}%{_tmpfilesdir} install -p -m 0644 -t %{buildroot}/%{_tmpfilesdir} %{SOURCE115} echo "+++ INSTALLING sysusers.d" install -D -m 0644 -vp %{SOURCE116} %{buildroot}%{_sysusersdir}/%{name}.conf # enable CPU and Memory accounting install -d -m 0755 %{buildroot}/%{_sysconfdir}/systemd/system.conf.d install -p -m 0644 -t %{buildroot}/%{_sysconfdir}/systemd/system.conf.d %{SOURCE113} echo "+++ INSTALLING service files" install -d -m 0755 %{buildroot}%{_unitdir} install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE101} install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE102} install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE103} install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE104} install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE105} echo "+++ INSTALLING manpages" install -d %{buildroot}%{_mandir}/man1 # from k8s tarball copied docs/man/man1/*.1 install -p -m 644 docs/man/man1/*.1 %{buildroot}%{_mandir}/man1 # install the place the kubelet defaults to put volumes and default folder structure install -d %{buildroot}%{_sharedstatedir}/kubelet mkdir -p %{buildroot}/run install -d -m 0755 %{buildroot}/run/%{name}/ popd mv src/k8s.io/kubernetes/CHANGELOG/CHANGELOG-*.md . mv src/k8s.io/kubernetes/*.md . mv src/k8s.io/kubernetes/LICENSE . # CHANGELOG.md is symlink to CHANGELOG/README.md and not actual # change log. no need to include generated rpms rm CHANGELOG.md %check if [ 1 != 1 ]; then echo "******Testing the commands*****" hack/test-cmd.sh echo "******Benchmarking kube********" hack/benchmark-go.sh # In Fedora 20 and RHEL7 the go cover tools isn't available correctly echo "******Testing the go code******" hack/test-go.sh echo "******Testing integration******" hack/test-integration.sh --use_go_build fi ############################################## %files %license LICENSE %doc *.md # kubelet %{_mandir}/man1/kubelet.1* %{_bindir}/kubelet %{_unitdir}/kubelet.service %{_sysusersdir}/%{name}.conf %dir %{_sharedstatedir}/kubelet %dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}/manifests %config(noreplace) %{_sysconfdir}/%{name}/config %config(noreplace) %{_sysconfdir}/%{name}/kubelet # % config(noreplace) % {_sysconfdir}/% {name}/proxy %config(noreplace) %{_sysconfdir}/%{name}/kubelet.kubeconfig %config(noreplace) %{_sysconfdir}/systemd/system.conf.d/kubernetes-accounting.conf %{_tmpfilesdir}/kubernetes.conf %verify(not size mtime md5) %attr(755, kube,kube) %dir /run/%{name} # kubeadm %{_mandir}/man1/kubeadm.1* %{_mandir}/man1/kubeadm-* %{_bindir}/kubeadm %dir %{_sysconfdir}/systemd/system/kubelet.service.d %config(noreplace) %{_sysconfdir}/systemd/system/kubelet.service.d/kubeadm.conf ############################################## %files client %license LICENSE %doc *.md %{_mandir}/man1/kubectl.1* %{_mandir}/man1/kubectl-* %{_bindir}/kubectl %{bash_completions_dir}/kubectl %{fish_completions_dir}/kubectl.fish %{zsh_completions_dir}/_kubectl ############################################## %files legacy-systemd %license LICENSE %doc *.md %{_mandir}/man1/kube-apiserver.1* %{_mandir}/man1/kube-controller-manager.1* %{_mandir}/man1/kube-scheduler.1* %{_mandir}/man1/kube-proxy.1* %attr(754, -, kube) %caps(cap_net_bind_service=ep) %{_bindir}/kube-apiserver %{_bindir}/kube-controller-manager %{_bindir}/kube-scheduler %{_bindir}/kube-proxy %{_unitdir}/kube-proxy.service %{_unitdir}/kube-apiserver.service %{_unitdir}/kube-controller-manager.service %{_unitdir}/kube-scheduler.service %{_sysusersdir}/%{name}.conf %dir %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/%{name}/apiserver %config(noreplace) %{_sysconfdir}/%{name}/scheduler %config(noreplace) %{_sysconfdir}/%{name}/config %config(noreplace) %{_sysconfdir}/%{name}/controller-manager %config(noreplace) %{_sysconfdir}/%{name}/proxy %{_tmpfilesdir}/kubernetes.conf %verify(not size mtime md5) %attr(755, kube,kube) %dir /run/%{name} ############################################## %pre legacy-systemd %sysusers_create_compat %{SOURCE116} %post legacy-systemd %systemd_post kube-apiserver kube-scheduler kube-controller-manager kube-proxy %preun legacy-systemd %systemd_preun kube-apiserver kube-scheduler kube-controller-manager kube-proxy %postun legacy-systemd %systemd_postun kube-apiserver kube-scheduler kube-controller-manager kube-proxy %pre %sysusers_create_compat %{SOURCE116} %post %systemd_post kubelet # If accounting is not currently enabled systemd reexec if [[ `systemctl show kubelet | grep -q -e CPUAccounting=no -e MemoryAccounting=no; echo $?` -eq 0 ]]; then systemctl daemon-reexec fi %preun %systemd_preun kubelet %postun %systemd_postun kubelet ############################################ %changelog %autochangelog