forked from metallb/metallb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
tasks.py
447 lines (386 loc) · 18.1 KB
/
tasks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
import os
import semver
import re
import shutil
import sys
import yaml
import tempfile
try:
from urllib.request import urlopen
except ImportError:
from urllib2 import urlopen
from invoke import run, task
from invoke.exceptions import Exit
all_binaries = set(["controller",
"speaker",
"mirror-server"])
all_architectures = set(["amd64",
"arm",
"arm64",
"ppc64le",
"s390x"])
def _check_architectures(architectures):
out = set()
for arch in architectures:
if arch == "all":
out |= all_architectures
elif arch not in all_architectures:
print("unknown architecture {}".format(arch))
print("Supported architectures: {}".format(", ".join(sorted(all_architectures))))
sys.exit(1)
else:
out.add(arch)
if not out:
out.add("amd64")
return list(sorted(out))
def _check_binaries(binaries):
out = set()
for binary in binaries:
if binary == "all":
out |= all_binaries
elif binary not in all_binaries:
print("Unknown binary {}".format(binary))
print("Known binaries: {}".format(", ".join(sorted(all_binaries))))
sys.exit(1)
else:
out.add(binary)
if not out:
out.add("controller")
out.add("speaker")
return list(sorted(out))
def _make_build_dirs():
for arch in all_architectures:
for binary in all_binaries:
dir = os.path.join("build", arch, binary)
if not os.path.exists(dir):
os.makedirs(dir, mode=0o750)
@task(iterable=["binaries", "architectures"],
help={
"binaries": "binaries to build. One or more of {}, or 'all'".format(", ".join(sorted(all_binaries))),
"architectures": "architectures to build. One or more of {}, or 'all'".format(", ".join(sorted(all_architectures))),
"registry": "Docker registry under which to tag the images. Default 'quay.io'.",
"repo": "Docker repository under which to tag the images. Default 'metallb'.",
"tag": "Docker image tag prefix to use. Actual tag will be <tag>-<arch>. Default 'dev'.",
})
def build(ctx, binaries, architectures, registry="quay.io", repo="metallb", tag="dev"):
"""Build MetalLB docker images."""
binaries = _check_binaries(binaries)
architectures = _check_architectures(architectures)
_make_build_dirs()
commit = run("git describe --dirty --always", hide=True).stdout.strip()
branch = run("git rev-parse --abbrev-ref HEAD", hide=True).stdout.strip()
for arch in architectures:
env = {
"CGO_ENABLED": "0",
"GOOS": "linux",
"GOARCH": arch,
"GOARM": "6",
"GO111MODULE": "on",
}
for bin in binaries:
run("go build -v -o build/{arch}/{bin}/{bin} -ldflags "
"'-X go.universe.tf/metallb/internal/version.gitCommit={commit} "
"-X go.universe.tf/metallb/internal/version.gitBranch={branch}' "
"go.universe.tf/metallb/{bin}".format(
arch=arch,
bin=bin,
commit=commit,
branch=branch),
env=env,
echo=True)
run("docker build "
"-t {registry}/{repo}/{bin}:{tag}-{arch} "
"-f {bin}/Dockerfile build/{arch}/{bin}".format(
registry=registry,
repo=repo,
bin=bin,
tag=tag,
arch=arch),
echo=True)
@task(iterable=["binaries", "architectures"],
help={
"binaries": "binaries to build. One or more of {}, or 'all'".format(", ".join(sorted(all_binaries))),
"architectures": "architectures to build. One or more of {}, or 'all'".format(", ".join(sorted(all_architectures))),
"registry": "Docker registry under which to tag the images. Default 'quay.io'.",
"repo": "Docker repository under which to tag the images. Default 'metallb'.",
"tag": "Docker image tag prefix to use. Actual tag will be <tag>-<arch>. Default 'dev'.",
})
def push(ctx, binaries, architectures, registry="quay.io", repo="metallb", tag="dev"):
"""Build and push docker images to registry."""
binaries = _check_binaries(binaries)
architectures = _check_architectures(architectures)
for arch in architectures:
for bin in binaries:
build(ctx, binaries=[bin], architectures=[arch], registry=registry, repo=repo, tag=tag)
run("docker push {registry}/{repo}/{bin}:{tag}-{arch}".format(
registry=registry,
repo=repo,
bin=bin,
arch=arch,
tag=tag),
echo=True)
@task(iterable=["binaries"],
help={
"binaries": "binaries to build. One or more of {}, or 'all'".format(", ".join(sorted(all_binaries))),
"registry": "Docker registry under which to tag the images. Default 'quay.io'.",
"repo": "Docker repository under which to tag the images. Default 'metallb'.",
"tag": "Docker image tag prefix to use. Actual tag will be <tag>-<arch>. Default 'dev'.",
})
def push_multiarch(ctx, binaries, registry="quay.io", repo="metallb", tag="dev"):
"""Build and push multi-architecture docker images to registry."""
binaries = _check_binaries(binaries)
architectures = _check_architectures(["all"])
push(ctx, binaries=binaries, architectures=architectures, registry=registry, repo=repo, tag=tag)
platforms = ",".join("linux/{}".format(arch) for arch in architectures)
for bin in binaries:
run("manifest-tool push from-args "
"--platforms {platforms} "
"--template {registry}/{repo}/{bin}:{tag}-ARCH "
"--target {registry}/{repo}/{bin}:{tag}".format(
platforms=platforms,
registry=registry,
repo=repo,
bin=bin,
tag=tag),
echo=True)
def validate_kind_version():
"""Validate minimum required version of kind."""
# If kind is not installed, this first command will raise an UnexpectedExit
# exception, and inv will exit at this point making it clear running "kind"
# failed.
min_version = "0.9.0"
try:
raw = run("kind version", echo=True)
except Exception as e:
raise Exit(message="Could not determine kind version (is kind installed?)")
actual_version = re.search("v(\d*\.\d*\.\d*)", raw.stdout).group(1)
delta = semver.compare(actual_version, min_version)
if delta < 0:
raise Exit(message="kind version >= {} required".format(min_version))
@task(help={
"architecture": "CPU architecture of the local machine. Default 'amd64'.",
"name": "name of the kind cluster to use.",
"protocol": "Pre-configure MetalLB with the specified protocol. "
"Unconfigured by default. Supported: 'bgp'",
})
def dev_env(ctx, architecture="amd64", name="kind", cni=None, protocol=None):
"""Build and run MetalLB in a local Kind cluster.
If the cluster specified by --name (default "kind") doesn't exist,
it is created. Then, build MetalLB docker images from the
checkout, push them into kind, and deploy manifests/metallb.yaml
to run those images.
"""
validate_kind_version()
clusters = run("kind get clusters", hide=True).stdout.strip().splitlines()
mk_cluster = name not in clusters
if mk_cluster:
config = {
"apiVersion": "kind.x-k8s.io/v1alpha4",
"kind": "Cluster",
"nodes": [{"role": "control-plane"},
{"role": "worker"},
{"role": "worker"},
],
}
if cni:
config["networking"] = {
"disableDefaultCNI": True,
}
config = yaml.dump(config).encode("utf-8")
with tempfile.NamedTemporaryFile() as tmp:
tmp.write(config)
tmp.flush()
run("kind create cluster --name={} --config={}".format(name, tmp.name), pty=True, echo=True)
if mk_cluster and cni:
run("kubectl apply -f e2etest/manifests/{}.yaml".format(cni), echo=True)
build(ctx, binaries=["controller", "speaker", "mirror-server"], architectures=[architecture])
run("kind load docker-image --name={} quay.io/metallb/controller:dev-{}".format(name, architecture), echo=True)
run("kind load docker-image --name={} quay.io/metallb/speaker:dev-{}".format(name, architecture), echo=True)
run("kind load docker-image --name={} quay.io/metallb/mirror-server:dev-{}".format(name, architecture), echo=True)
run("kubectl delete po -nmetallb-system --all", echo=True)
manifests_dir = os.getcwd() + "/manifests"
with tempfile.TemporaryDirectory() as tmpdir:
# Copy namespace manifest.
shutil.copy(manifests_dir + "/namespace.yaml", tmpdir)
with open(manifests_dir + "/metallb.yaml") as f:
manifest = f.read()
manifest = manifest.replace(":main", ":dev-{}".format(architecture))
manifest = manifest.replace("imagePullPolicy: Always", "imagePullPolicy: Never")
with open(tmpdir + "/metallb.yaml", "w") as f:
f.write(manifest)
f.flush()
# Create memberlist secret.
secret = """---
apiVersion: v1
kind: Secret
metadata:
name: memberlist
namespace: metallb-system
stringData:
secretkey: verysecurelol"""
with open(tmpdir + "/secret.yaml", "w") as f:
f.write(secret)
f.flush()
run("kubectl apply -f {}/namespace.yaml".format(tmpdir), echo=True)
run("kubectl apply -f {}/secret.yaml".format(tmpdir), echo=True)
run("kubectl apply -f {}/metallb.yaml".format(tmpdir), echo=True)
with open("e2etest/manifests/mirror-server.yaml") as f:
manifest = f.read()
manifest = manifest.replace(":main", ":dev-{}".format(architecture))
with tempfile.NamedTemporaryFile() as tmp:
tmp.write(manifest.encode("utf-8"))
tmp.flush()
run("kubectl apply -f {}".format(tmp.name), echo=True)
if protocol == "bgp":
print("Configuring MetalLB with a BGP test environment")
bgp_dev_env()
else:
print("Leaving MetalLB unconfigured")
# Configure MetalLB in the dev-env for BGP testing. Start an frr based BGP
# router in a container and configure MetalLB to peer with it.
# See dev-env/bgp/README.md for some more information.
def bgp_dev_env():
dev_env_dir = os.getcwd() + "/dev-env/bgp"
frr_volume_dir = dev_env_dir + "/frr-volume"
# TODO -- The IP address handling will need updates to add support for IPv6
# We need the IPs for each Node in the cluster to place them in the BGP
# router configuration file (bgpd.conf). Each Node will peer with this
# router.
node_ips = run("kubectl get nodes -o jsonpath='{.items[*].status.addresses"
"[?(@.type==\"InternalIP\")].address}{\"\\n\"}'", echo=True)
node_ips = node_ips.stdout.strip().split()
if len(node_ips) != 3:
raise Exit(message='Expected 3 nodes, got %d' % len(node_ips))
# Create a new directory that will be used as the config volume for frr.
try:
# sudo because past docker runs will have changed ownership of this dir
run('sudo rm -rf "%s"' % frr_volume_dir)
os.mkdir(frr_volume_dir)
except FileExistsError:
pass
except Exception as e:
raise Exit(message='Failed to create frr-volume directory: %s'
% str(e))
# These two config files are static, so we just copy them straight in.
shutil.copyfile("%s/frr/zebra.conf" % dev_env_dir,
"%s/zebra.conf" % frr_volume_dir)
shutil.copyfile("%s/frr/daemons" % dev_env_dir,
"%s/daemons" % frr_volume_dir)
# bgpd.conf is created from a template so that we can include the current
# Node IPs.
with open("%s/frr/bgpd.conf.tmpl" % dev_env_dir, 'r') as f:
bgpd_config = "! THIS FILE IS AUTOGENERATED\n" + f.read()
for n in range(0, len(node_ips)):
bgpd_config = bgpd_config.replace("NODE%d_IP" % n, node_ips[n])
with open("%s/bgpd.conf" % frr_volume_dir, 'w') as f:
f.write(bgpd_config)
# Run a BGP router in a container for all of the speakers to peer with.
run('for frr in $(docker ps -a -f name=frr --format {{.Names}}) ; do '
' docker rm -f $frr ; '
'done', echo=True)
run("docker run -d --privileged --network kind --rm --name frr --volume %s:/etc/frr "
"frrouting/frr:latest" % frr_volume_dir, echo=True)
peer_address = run('docker inspect -f "{{ '
'range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}" frr', echo=True)
with open("%s/config.yaml.tmpl" % dev_env_dir, 'r') as f:
mlb_config = "# THIS FILE IS AUTOGENERATED\n" + f.read()
mlb_config = mlb_config.replace("PEER_ADDRESS", peer_address.stdout.strip())
with open("%s/config.yaml" % dev_env_dir, 'w') as f:
f.write(mlb_config)
# Apply the MetalLB ConfigMap
run("kubectl apply -f %s/config.yaml" % dev_env_dir)
@task
def dev_env_cleanup(ctx):
"""Remove traces of the dev env."""
try:
run("kind delete cluster")
except Exception:
# This will fail if there's no cluster.
pass
run('for frr in $(docker ps -a -f name=frr --format {{.Names}}) ; do '
' docker rm -f $frr ; '
'done', echo=True)
dev_env_dir = os.getcwd() + "/dev-env/bgp"
frr_volume_dir = dev_env_dir + "/frr-volume"
# sudo because past docker runs will have changed ownership of this dir
run('sudo rm -rf "%s"' % frr_volume_dir)
run('rm -f "%s"/config.yaml' % dev_env_dir)
@task
def test_cni_manifests(ctx):
"""Update CNI manifests for e2e tests."""
def _fetch(url):
bs = urlopen(url).read()
return list(m for m in yaml.safe_load_all(bs) if m)
def _write(file, manifest):
with open(file, "w") as f:
f.write(yaml.dump_all(manifest))
calico = _fetch("https://docs.projectcalico.org/v3.6/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml")
for manifest in calico:
if manifest["kind"] != "DaemonSet":
continue
manifest["spec"]["template"]["spec"]["containers"][0]["env"].append({
"name": "FELIX_IGNORELOOSERPF",
"value": "true",
})
_write("e2etest/manifests/calico.yaml", calico)
weave = _fetch("https://cloud.weave.works/k8s/net?k8s-version=1.15&env.NO_MASQ_LOCAL=1")
_write("e2etest/manifests/weave.yaml", weave)
flannel = _fetch("https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml")
_write("e2etest/manifests/flannel.yaml", flannel)
@task(help={
"version": "version of MetalLB to release.",
"skip-release-notes": "make the release even if there are no release notes.",
})
def release(ctx, version, skip_release_notes=False):
"""Tag a new release."""
status = run("git status --porcelain", hide=True).stdout.strip()
if status != "":
raise Exit(message="git checkout not clean, cannot release")
version = semver.parse_version_info(version)
is_patch_release = version.patch != 0
# Check that we have release notes for the desired version.
run("git checkout main", echo=True)
if not skip_release_notes:
with open("website/content/release-notes/_index.md") as release_notes:
if "## Version {}".format(version) not in release_notes.read():
raise Exit(message="no release notes for v{}".format(version))
# Move HEAD to the correct release branch - either a new one, or
# an existing one.
if is_patch_release:
run("git checkout v{}.{}".format(version.major, version.minor), echo=True)
else:
run("git checkout -b v{}.{}".format(version.major, version.minor), echo=True)
# Copy over release notes from main.
if not skip_release_notes:
run("git checkout main -- website/content/release-notes/_index.md", echo=True)
# Update links on the website to point to files at the version
# we're creating.
if is_patch_release:
previous_version = "v{}.{}.{}".format(version.major, version.minor, version.patch-1)
else:
previous_version = "main"
def _replace(pattern):
oldpat = pattern.format(previous_version)
newpat = pattern.format("v{}").format(version)
run("perl -pi -e 's#{}#{}#g' website/content/*.md website/content/*/*.md".format(oldpat, newpat),
echo=True)
_replace("/metallb/metallb/{}")
_replace("/metallb/metallb/tree/{}")
_replace("/metallb/metallb/blob/{}")
# Update the version listed on the website sidebar
run("perl -pi -e 's/MetalLB .*/MetalLB v{}/g' website/content/_header.md".format(version), echo=True)
# Update the manifests with the new version
run("perl -pi -e 's,image: metallb/speaker:.*,image: metallb/speaker:v{},g' manifests/metallb.yaml".format(version), echo=True)
run("perl -pi -e 's,image: metallb/controller:.*,image: metallb/controller:v{},g' manifests/metallb.yaml".format(version), echo=True)
# Update the version in kustomize instructions
#
# TODO: Check if kustomize instructions really need the version in the
# website or if there is a simpler way. For now, though, we just replace the
# only page that mentions the version on release.
run("perl -pi -e 's,github.com/metallb/metallb//manifests\?ref=.*,github.com/metallb/metallb//manifests\?ref=v{},g' website/content/installation/_index.md".format(version), echo=True)
# Update the version embedded in the binary
run("perl -pi -e 's/version\s+=.*/version = \"{}\"/g' internal/version/version.go".format(version), echo=True)
run("gofmt -w internal/version/version.go", echo=True)
run("git commit -a -m 'Automated update for release v{}'".format(version), echo=True)
run("git tag v{} -m 'See the release notes for details:\n\nhttps://metallb.universe.tf/release-notes/#version-{}-{}-{}'".format(version, version.major, version.minor, version.patch), echo=True)
run("git checkout main", echo=True)