github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Add CRI release build

Browse Source 
Add installation scripts needed to generate CRI + CNI tar package on
release.
Update Github action release script to generate CRI release tarballs for
Linux and Windows.

Signed-off-by: Derek McGowan <derek@mcg.dev>
This commit is contained in:
Derek McGowan 2020-08-06 23:11:48 -07:00
parent 1c7312e5da
commit d2472ecc59
No known key found for this signature in database
GPG Key ID: F58C5D0A4405ACDB
5 changed files with 219 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
.github/workflows/release.yml vendored
View File

@ -66,11 +66,18 @@ jobs:
- name: Set env - name: Set env
shell: bash shell: bash
env:
MOS: ${{ matrix.os }}
run: | run: |
releasever=${{ github.ref }} releasever=${{ github.ref }}
releasever="${releasever#refs/tags/}" releasever="${releasever#refs/tags/}"
os=linux
[[ "${MOS}" =~ "windows" ]] && {
os=windows
}
echo "::set-env name=RELEASE_VER::${releasever}" echo "::set-env name=RELEASE_VER::${releasever}"
echo "::set-env name=GOPATH::${{ github.workspace }}" echo "::set-env name=GOPATH::${{ github.workspace }}"
echo "::set-env name=OS::${os}"
echo "::add-path::${{ github.workspace }}/bin" echo "::add-path::${{ github.workspace }}/bin"
- name: Checkout containerd - name: Checkout containerd
@ -79,12 +86,14 @@ jobs:
repository: containerd/containerd repository: containerd/containerd
ref: ${{ github.ref }} ref: ${{ github.ref }}
path: src/github.com/containerd/containerd path: src/github.com/containerd/containerd
- name: HCS Shim commit - name: HCS Shim commit
id: hcsshim_commit id: hcsshim_commit
if: startsWith(matrix.os, 'windows') if: startsWith(matrix.os, 'windows')
shell: bash shell: bash
run: echo "::set-output name=sha::$(grep Microsoft/hcsshim vendor.conf | awk '{print $2}')" run: echo "::set-output name=sha::$(grep Microsoft/hcsshim vendor.conf | awk '{print $2}')"
working-directory: src/github.com/containerd/containerd working-directory: src/github.com/containerd/containerd
- name: Checkout hcsshim source - name: Checkout hcsshim source
if: startsWith(matrix.os, 'windows') if: startsWith(matrix.os, 'windows')
uses: actions/checkout@v2 uses: actions/checkout@v2
@ -92,16 +101,14 @@ jobs:
repository: Microsoft/hcsshim repository: Microsoft/hcsshim
ref: ${{ steps.hcsshim_commit.outputs.sha }} ref: ${{ steps.hcsshim_commit.outputs.sha }}
path: src/github.com/Microsoft/hcsshim path: src/github.com/Microsoft/hcsshim
- name: Make - name: Make
shell: bash shell: bash
env:
MOS: ${{ matrix.os }}
OS: linux
run: | run: |
make build make build
make binaries make binaries
[[ "${MOS}" =~ "windows" ]] && { rm bin/containerd-stress*
OS=windows [[ "${OS}" == "windows" ]] && {
( (
bindir="$(pwd)/bin" bindir="$(pwd)/bin"
cd ../../Microsoft/hcsshim cd ../../Microsoft/hcsshim
@ -119,6 +126,47 @@ jobs:
name: containerd-binaries-${{ matrix.os }} name: containerd-binaries-${{ matrix.os }}
path: src/github.com/containerd/containerd/*.tar.gz* path: src/github.com/containerd/containerd/*.tar.gz*
- name: Install cri-containerd dependencies
shell: bash
env:
RUNC_FLAVOR: runc
DESTDIR: ${{ github.workspace }}/cri-release
run: |
mkdir ${DESTDIR}
if [[ "${OS}" == "linux" ]]; then
sudo install -d ${DESTDIR}/usr/local/bin
sudo install -D -m 755 bin/* ${DESTDIR}/usr/local/bin
sudo install -d ${DESTDIR}/opt/containerd/cluster
sudo cp -r contrib/gce ${DESTDIR}/opt/containerd/cluster/
sudo install -d ${DESTDIR}/etc/systemd/system
sudo install -m 644 containerd.service ${DESTDIR}/etc/systemd/system
echo "CONTAINERD_VERSION: '${RELEASE_VER#v}'" | sudo tee ${DESTDIR}/opt/containerd/cluster/version
sudo PATH=$PATH script/setup/install-seccomp
USESUDO=true script/setup/install-runc
script/setup/install-cni
script/setup/install-critools
elif [[ "${OS}" == "windows" ]]; then
script/setup/install-cni-windows
cp bin/* ${DESTDIR}/
fi
working-directory: src/github.com/containerd/containerd
- name: Make cri-containerd tar
shell: bash
run: |
TARFILE="cri-containerd-cni-${RELEASE_VER#v}-${OS}-amd64.tar.gz"
[[ "${OS}" == "linux" ]] && tar czf ${TARFILE} etc usr opt
[[ "${OS}" == "windows" ]] && tar czf ${TARFILE} *
sha256sum ${TARFILE} >${TARFILE}.sha256sum
working-directory: cri-release
- name: Save cri-containerd binaries
uses: actions/upload-artifact@v2
with:
name: cri-containerd-binaries-${{ matrix.os }}
path: cri-release/cri-containerd-cni-*.tar.gz*
release: release:
name: Create containerd Release name: Create containerd Release
runs-on: ubuntu-18.04 runs-on: ubuntu-18.04
@ -135,8 +183,12 @@ jobs:
run: | run: |
_filenum=1 _filenum=1
for i in "ubuntu-18.04" "windows-2019"; do for i in "ubuntu-18.04" "windows-2019"; do
for i in `ls builds/containerd-binaries-${i}`; do for f in `ls builds/containerd-binaries-${i}`; do
echo "::set-output name=file${_filenum}::${i}" echo "::set-output name=file${_filenum}::${f}"
let "_filenum+=1"
done
for f in `ls builds/cri-containerd-binaries-${i}`; do
echo "::set-output name=file${_filenum}::${f}"
let "_filenum+=1" let "_filenum+=1"
done done
done done
@ -169,14 +221,32 @@ jobs:
asset_path: ./builds/containerd-binaries-ubuntu-18.04/${{ steps.catalog.outputs.file2 }} asset_path: ./builds/containerd-binaries-ubuntu-18.04/${{ steps.catalog.outputs.file2 }}
asset_name: ${{ steps.catalog.outputs.file2 }} asset_name: ${{ steps.catalog.outputs.file2 }}
asset_content_type: text/plain asset_content_type: text/plain
- name: Upload Linux cri containerd tarball
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/cri-containerd-binaries-ubuntu-18.04/${{ steps.catalog.outputs.file3 }}
asset_name: ${{ steps.catalog.outputs.file3 }}
asset_content_type: application/gzip
- name: Upload Linux cri sha256 sum
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/cri-containerd-binaries-ubuntu-18.04/${{ steps.catalog.outputs.file4 }}
asset_name: ${{ steps.catalog.outputs.file4 }}
asset_content_type: text/plain
- name: Upload Windows containerd tarball - name: Upload Windows containerd tarball
uses: actions/upload-release-asset@v1 uses: actions/upload-release-asset@v1
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with: with:
upload_url: ${{ steps.create_release.outputs.upload_url }} upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/containerd-binaries-windows-2019/${{ steps.catalog.outputs.file3 }} asset_path: ./builds/containerd-binaries-windows-2019/${{ steps.catalog.outputs.file5 }}
asset_name: ${{ steps.catalog.outputs.file3 }} asset_name: ${{ steps.catalog.outputs.file5 }}
asset_content_type: application/gzip asset_content_type: application/gzip
- name: Upload Windows sha256 sum - name: Upload Windows sha256 sum
uses: actions/upload-release-asset@v1 uses: actions/upload-release-asset@v1
@ -184,6 +254,24 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with: with:
upload_url: ${{ steps.create_release.outputs.upload_url }} upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/containerd-binaries-windows-2019/${{ steps.catalog.outputs.file4 }} asset_path: ./builds/containerd-binaries-windows-2019/${{ steps.catalog.outputs.file6 }}
asset_name: ${{ steps.catalog.outputs.file4 }} asset_name: ${{ steps.catalog.outputs.file6 }}
asset_content_type: text/plain
- name: Upload Windows cri containerd tarball
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/cri-containerd-binaries-windows-2019/${{ steps.catalog.outputs.file7 }}
asset_name: ${{ steps.catalog.outputs.file7 }}
asset_content_type: application/gzip
- name: Upload Windows cri sha256 sum
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./builds/cri-containerd-binaries-windows-2019/${{ steps.catalog.outputs.file8 }}
asset_name: ${{ steps.catalog.outputs.file8 }}
asset_content_type: text/plain asset_content_type: text/plain

16
script/setup/install-cni
View File

@ -22,8 +22,8 @@
set -eu -o pipefail set -eu -o pipefail
CNI_COMMIT=$(grep containernetworking/plugins "$GOPATH"/src/github.com/containerd/containerd/vendor.conf | awk '{print $2}') CNI_COMMIT=$(grep containernetworking/plugins "$GOPATH"/src/github.com/containerd/containerd/vendor.conf | awk '{print $2}')
CNI_DIR=/opt/cni CNI_DIR=${DESTDIR:=''}/opt/cni
CNI_CONFIG_DIR=/etc/cni/net.d CNI_CONFIG_DIR=${DESTDIR}/etc/cni/net.d
go get -d github.com/containernetworking/plugins/... go get -d github.com/containernetworking/plugins/...
cd "$GOPATH"/src/github.com/containernetworking/plugins cd "$GOPATH"/src/github.com/containernetworking/plugins
@ -45,9 +45,17 @@ cat <<EOF | sudo tee $CNI_CONFIG_DIR/10-containerd-net.conflist
"promiscMode": true, "promiscMode": true,
"ipam": { "ipam": {
"type": "host-local", "type": "host-local",
"subnet": "10.88.0.0/16", "ranges": [
[{
"subnet": "10.88.0.0/16"
}],
[{
"subnet": "2001:4860:4860::8888/32"
}]
],
"routes": [ "routes": [
{ "dst": "0.0.0.0/0" } { "dst": "0.0.0.0/0" },
{ "dst": "::/0" }
] ]
} }
}, },

97
script/setup/install-cni-windows Executable file
View File

@ -0,0 +1,97 @@
#!/bin/bash
# Copyright The containerd Authors.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -eu -o pipefail
destdir="${destdir:-"C:\\Program Files\\containerd"}"
WINCNI_BIN_DIR="${destdir}/cni"
WINCNI_PKG=github.com/Microsoft/windows-container-networking
WINCNI_VERSION=aa10a0b31e9f72937063436454def1760b858ee2
go get -d "${WINCNI_PKG}/..."
cd "${GOPATH}/src/${WINCNI_PKG}"
git checkout "${WINCNI_VERSION}"
make all
install -D -m 755 "out/nat.exe" "${WINCNI_BIN_DIR}/nat.exe"
install -D -m 755 "out/sdnbridge.exe" "${WINCNI_BIN_DIR}/sdnbridge.exe"
install -D -m 755 "out/sdnoverlay.exe" "${WINCNI_BIN_DIR}/sdnoverlay.exe"
CNI_CONFIG_DIR="${destdir}/cni/conf"
mkdir -p "${CNI_CONFIG_DIR}"
# split_ip splits ip into a 4-element array.
split_ip() {
local -r varname="$1"
local -r ip="$2"
for i in {0..3}; do
eval "$varname"[$i]=$( echo "$ip" | cut -d '.' -f $((i + 1)) )
done
}
# subnet gets subnet for a gateway, e.g. 192.168.100.0/24.
calculate_subnet() {
local -r gateway="$1"
local -r prefix_len="$2"
split_ip gateway_array "$gateway"
local len=$prefix_len
for i in {0..3}; do
if (( len >= 8 )); then
mask=255
elif (( len > 0 )); then
mask=$(( 256 - 2 ** ( 8 - len ) ))
else
mask=0
fi
(( len -= 8 ))
result_array[i]=$(( gateway_array[i] & mask ))
done
result="$(printf ".%s" "${result_array[@]}")"
result="${result:1}"
echo "$result/$((32 - prefix_len))"
}
# nat already exists on the Windows VM, the subnet and gateway
# we specify should match that.
gateway="$(powershell -c "(Get-NetIPAddress -InterfaceAlias 'vEthernet (nat)' -AddressFamily IPv4).IPAddress")"
prefix_len="$(powershell -c "(Get-NetIPAddress -InterfaceAlias 'vEthernet (nat)' -AddressFamily IPv4).PrefixLength")"
subnet="$(calculate_subnet "$gateway" "$prefix_len")"
# The "name" field in the config is used as the underlying
# network type right now (see
# https://github.com/microsoft/windows-container-networking/pull/45),
# so it must match a network type in:
# https://docs.microsoft.com/en-us/windows-server/networking/technologies/hcn/hcn-json-document-schemas
bash -c 'cat >"'"${CNI_CONFIG_DIR}"'"/0-containerd-nat.conf <<EOF
{
"cniVersion": "0.2.0",
"name": "nat",
"type": "nat",
"master": "Ethernet",
"ipam": {
"subnet": "'$subnet'",
"routes": [
{
"GW": "'$gateway'"
}
]
},
"capabilities": {
"portMappings": true,
"dns": true
}
}
EOF'

4
script/setup/install-critools
View File

@ -26,7 +26,7 @@ go get -d github.com/kubernetes-sigs/cri-tools/...
cd "$GOPATH"/src/github.com/kubernetes-sigs/cri-tools cd "$GOPATH"/src/github.com/kubernetes-sigs/cri-tools
git checkout $CRITEST_COMMIT git checkout $CRITEST_COMMIT
make make
sudo make install sudo make install -e BINDIR=${DESTDIR:=''}/usr/local/bin
cat << EOF | sudo tee /etc/crictl.yaml cat << EOF | sudo tee ${DESTDIR}/etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock runtime-endpoint: unix:///run/containerd/containerd.sock
EOF EOF

9
script/setup/install-runc
View File

@ -27,7 +27,14 @@ function install_runc() {
cd "$GOPATH"/src/github.com/opencontainers/runc cd "$GOPATH"/src/github.com/opencontainers/runc
git checkout $RUNC_COMMIT git checkout $RUNC_COMMIT
make BUILDTAGS='apparmor seccomp selinux' runc make BUILDTAGS='apparmor seccomp selinux' runc
make install
USESUDO=${USESUDO:-false}
if ${USESUDO}; then
SUDO='sudo -E'
else
SUDO=''
fi
${SUDO} make install
} }
function install_crun() { function install_crun() {