Update support for RHEL 8 #8164
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
Hi @hakman. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
size/S
|
This is great! do you think we could add an e2e job for this? It should be as easy as copying the centos7 one and changing the ami id that it uses. |
k8s-ci-robot
added
ok-to-test
|
@rifelpet was thinking the same thing about the e2e job. |
|
For e2e tests the best we can do is kops' See these here: kops/cmd/kops/create_cluster.go Lines 367 to 369 in 4621df3 each field needs to explicitly get added to this string->field mapping function: kops/pkg/commands/set_cluster.go Line 75 in 4621df3 and we'd set it in a test with this Though if that field is required for centos8 to work, should kops just automatically set it somehow? I know that can be tricky to make an addon manifest's contents depend on an AMI (of which there can be many in a given cluster). maybe its worth discussing at office hours today. |
|
@rifelpet good news. Not sure why I thought tests would run with Calico. Just did a quick test with Kubenet (default) and seems to work without any issue. So the test can be added without any extra changes. |
|
/assign @granular-ryanbonham |
hakman
force-pushed
the
update-rhel-8
branch
from
90acad5
to
e90474d
Compare
| @@ -57,7 +57,7 @@ func (b *MiscUtilsBuilder) Build(c *fi.ModelBuilderContext) error { | |||
| packages = append(packages, "apt-transport-https") | |||
| } else if b.Distribution.IsRHELFamily() { | |||
| packages = append(packages, "curl") | |||
| packages = append(packages, "python") | |||
| packages = append(packages, "python2") | |||
There was a problem hiding this comment.
Is this not python for Centos7? Or is python an alias for python2?
There was a problem hiding this comment.
On CenOS 7 python2 is an alias for python.
| @@ -87,7 +87,7 @@ iptables -A FORWARD -w -p ICMP -j ACCEPT | |||
| fi | |||
| ` | |||
| return &nodetasks.File{ | |||
| Path: "/home/kubernetes/bin/iptables-setup", | |||
| Path: "/opt/kops/helpers/iptables-setup", | |||
There was a problem hiding this comment.
We might have to create this directory explicitly, but I think it's a good idea to pick a more reasonable directory.
For immutable OSes, we might have to bind-mount these also, if we're seeing failures there.
I think we could also do /opt/kops/bin/iptables-setup
There was a problem hiding this comment.
I chose the "helpers" dir because that was the dir chosen for the Docker healthcheck.
Will give this a try with CoreOS also when this is merged and check again.
Changing to /opt/kops/bin/iptables-setup sounds good to me.
|
I guess we should get this in, and then double check if we broke centos7 and other immutable OSes like COS. /approve |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hakman, justinsb The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
RHEL/CentOS 8 support is broken for various reasons:
iptables-setupcannot be run from home dir (probably some extra security)pythonpackage needs to be more explicit (python2orpython3)ntpdfails to install because it has been replaced withchronny