openshift · openshift-merge-bot · Sep 19, 2024 · Aug 29, 2024 · Sep 9, 2024
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,2 @@
+_output
+.github
diff --git a/okd/src/README.md b/okd/src/README.md
@@ -0,0 +1,58 @@
+## Build and Run Microshift upstream without subscription/pull-secret
+
+- building the container with podman multistage build :
+  ```bash
+  git clone https://github.com/openshift/microshift.git ~/microshift
+  cd ~/microshift && sudo podman build -f okd/src/microshift-okd-multi-build.Containerfile . -t microshift-okd
+  ```
+  - build runnable container based on current source:
+    1. replace microshift assets images to OKD  upstream images
+    1. will build microshift RPMs and repo based on current sources.
+    1. will build micrsoshift_okd bootc container based on `centos-bootc:stream9`
+    1. apply upstream customization  (see below)
+
+- running the container with ovn-kubernetes 
+  - make sure to load the openvswitch kernel module  :
+    > `sudo modprobe openvswitch`
+
+  - run the container :
+    > `sudo podman run --privileged --rm --name microshift-okd -d microshift-okd`
+
+- connect to the container
+   > `sudo podman exec -ti microshift-okd /bin/bash`
+
+- verify everything is working:
+  ```bash
+    export KUBECONFIG=/var/lib/microshift/resources/kubeadmin/kubeconfig
+    > oc get nodes  
+    NAME           STATUS   ROLES                         AGE     VERSION
+    d2877aa41787   Ready    control-plane,master,worker   7m39s   v1.30.3
+
+    > oc get pods
+    NAMESPACE                  NAME                                       READY   STATUS    RESTARTS        AGE
+    kube-system                csi-snapshot-controller-7d6c78bc58-5p7tb   1/1     Running   0               8m52s
+    kube-system                csi-snapshot-webhook-5598db6db4-rmrpx      1/1     Running   0               8m54s
+    openshift-dns              dns-default-2q89q                          2/2     Running   0               7m34s
+    openshift-dns              node-resolver-k2c5h                        1/1     Running   0               8m54s
+    openshift-ingress          router-default-db4b598b9-x8lvb             1/1     Running   0               8m52s
+    openshift-ovn-kubernetes   ovnkube-master-c75c7                       4/4     Running   1 (7m36s ago)   8m54s
+    openshift-ovn-kubernetes   ovnkube-node-jfx86                         1/1     Running   0               8m54s
+    openshift-service-ca       service-ca-68d58669f8-rns2p                1/1     Running   0               8m51s
+
+
+  ```
+
+## configuration customization
+1. storage driver disabled (there is no lvms images upstream) - will be added in the stage of the project.
+
+## current state
+- storage driver is disabled , will be added in the stage of the project.
+- TODO: create rebase automation from OKD sources
+
+## known Issues
+- when running `podman build` without sudo
+  ```
+  make: *** [/src/vendor/github.com/openshift/build-machinery-go/make/targets/golang/build.mk:16: build] Error 1
+  Error: building at STEP "RUN make build": while running runtime: exit status 2
+  ```
+
diff --git a/okd/src/configure.sh b/okd/src/configure.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+    cat > /etc/microshift/config.yaml <<EOF
+storage:
+    driver: "none"
+EOF
+
+systemctl enable microshift
diff --git a/okd/src/create_repos.sh b/okd/src/create_repos.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+
+repo_path=$1
+
+USHIFT_LOCAL_REPO_FILE=/etc/yum.repos.d/microshift-local.repo
+OCP_MIRROR_REPO_FILE=/etc/yum.repos.d/openshift-mirror-beta.repo
+
+    cat > "${USHIFT_LOCAL_REPO_FILE}" <<EOF
+[microshift-local]
+name=MicroShift Local Repository
+baseurl=${repo_path}
+enabled=1
+gpgcheck=0
+skip_if_unavailable=0
+EOF
+
+    cat > "${OCP_MIRROR_REPO_FILE}" <<EOF
+[openshift-mirror-beta]
+name=OpenShift Mirror Beta Repository
+baseurl=https://mirror.openshift.com/pub/openshift-v4/$(uname -m)/dependencies/rpms/4.18-el9-beta/
+enabled=1
+gpgcheck=0
+skip_if_unavailable=0
+EOF
+
+
diff --git a/okd/src/microshift-okd-multi-build.Containerfile b/okd/src/microshift-okd-multi-build.Containerfile
@@ -0,0 +1,55 @@
+FROM quay.io/centos-bootc/centos-bootc:stream9 as builder
+
+
+ARG OKD_REPO=quay.io/okd/scos-release
+ARG OKD_VERSION_TAG=4.17.0-0.okd-scos-2024-08-21-100712
+ARG REPO_DIR=/src/_output/rpmbuild/RPMS/
+ENV USER=microshift
+ENV HOME=/microshift
+ENV GOPATH=/microshift
+ENV GOMODCACHE=/microshift/.cache
+
+# Adding non-root user for building microshift
+RUN useradd -m -s /bin/bash microshift -d /microshift && \
+    echo 'microshift  ALL=(ALL)  NOPASSWD: ALL' >/etc/sudoers.d/microshift 
+COPY . /src 
+RUN chown -R microshift:microshift /microshift /src
+
+USER 1000:1000
+WORKDIR /src
+# Preparing for the build
+RUN echo '{"auths":{"fake":{"auth":"aWQ6cGFzcwo="}}}' > /tmp/.pull-secret && \
+   /src/scripts/devenv-builder/configure-vm.sh --no-build --no-set-release-version --skip-dnf-update /tmp/.pull-secret && \
+   /src/okd/src/use_okd_assets.sh --replace ${OKD_REPO} ${OKD_VERSION_TAG}
+
+# Building Microshift RPMs and local repo
+RUN make build && \
+    make rpm && \
+    createrepo ${REPO_DIR}
+
+# Building microshift container from local rpms
+FROM quay.io/centos-bootc/centos-bootc:stream9 
+ARG REPO_CONFIG_SCRIPT=/tmp/create_repos.sh
+ARG OKD_CONFIG_SCRIPT=/tmp/configure.sh
+ARG USHIFT_RPM_REPO_NAME=microshift-local
+ARG USHIFT_RPM_REPO_PATH=/tmp/rpm-repo
+
+ENV KUBECONFIG=/var/lib/microshift/resources/kubeadmin/kubeconfig
+COPY --chmod=755 ./okd/src/create_repos.sh ${REPO_CONFIG_SCRIPT}
+COPY --chmod=755 ./okd/src/configure.sh ${OKD_CONFIG_SCRIPT}
+COPY --from=builder /src/_output/rpmbuild/RPMS ${USHIFT_RPM_REPO_PATH}
+
+# Installing MicroShift and cleanup
+RUN ${REPO_CONFIG_SCRIPT} ${USHIFT_RPM_REPO_PATH} && \
+    dnf install -y microshift && \
+    ${REPO_CONFIG_SCRIPT} -delete && \
+    rm -f ${REPO_CONFIG_SCRIPT} && \
+    rm -rf $USHIFT_RPM_REPO_PATH && \
+    dnf clean all
+
+RUN ${OKD_CONFIG_SCRIPT} && rm -rf ${OKD_CONFIG_SCRIPT}
+
+# Create a systemd unit to recursively make the root filesystem subtree
+# shared as required by OVN images
+COPY ./packaging/imagemode/systemd/microshift-make-rshared.service /etc/systemd/system/microshift-make-rshared.service
+RUN systemctl enable microshift-make-rshared.service
diff --git a/okd/src/use_okd_assets.sh b/okd/src/use_okd_assets.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+
+set -eo pipefail
+
+SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+MICROSHIFT_ROOT="${SCRIPTDIR}/../.."
+
+declare -A UNAME_TO_GOARCH_MAP=( ["x86_64"]="amd64" ["aarch64"]="arm64" )
+
+
+verify(){
+    local -r okd_url=$1
+    local -r okd_releaseTag=$2
+
+    #stdout=$(oc adm release info "${okd_url}:${okd_releaseTag}" 2>&1)
+    if ! stdout=$(oc adm release info "${okd_url}:${okd_releaseTag}" 2>&1)  ; then
+        echo -e "error verifying okd release (URL: ${okd_url} , TAG: ${okd_releaseTag}) \nERROR: ${stdout}"
+        exit 1
+    fi
+}
+
+replace_assets(){
+    local -r okd_url=$1
+    local -r okd_releaseTag=$2
+    local -r arch=$(uname -m)
+    local -r temp_release_json=$(mktemp "/tmp/release-${arch}.XXXXX.json")
+
+    oc adm release info --image-for="${op}" "${okd_url}:${okd_releaseTag}"
+
+    # replace Microshift images with upstream (from OKD release)
+    for op in $(jq -e -r  '.images | keys []' "${MICROSHIFT_ROOT}/assets/release/release-${arch}.json") 
+    do
+        local image
+        image=$(oc adm release info --image-for="${op}" "${okd_url}:${okd_releaseTag}" || true) 
+        if [ -n "${image}" ] ; then
+            echo "${op} ${image}"
+            jq --arg a "${op}" --arg b "${image}"  '.images[$a] = $b' "${MICROSHIFT_ROOT}/assets/release/release-${arch}.json" >"${temp_release_json}"
+            mv "${temp_release_json}" "${MICROSHIFT_ROOT}/assets/release/release-${arch}.json"
+        fi
+    done
+
+    pod_image=$(oc adm release info --image-for=pod "${okd_url}:${okd_releaseTag}" || true) 
+    # update the infra pods for crio
+    sed -i 's,pause_image .*,pause_image = '"\"${pod_image}\""',' "packaging/crio.conf.d/10-microshift_${UNAME_TO_GOARCH_MAP[${arch}]}.conf"
+
+}
+
+usage() {
+    echo "Usage:"
+    echo "$(basename "$0") --verify OKD_URL RELEASE_TAG         verify upstream release"
+    echo "$(basename "$0") --replace OKD_URL RELEASE_TAG         replace microshift assets with upstream images"
+    exit 1
+}
+
+if [ $# -eq 3 ] ; then
+    case "$1" in
+    --replace)
+        verify "$2" "$3"
+        replace_assets "$2" "$3"
+        ;;
+    --verify)
+        verify "$2" "$3"
+        ;;        
+    *)
+        usage
+        ;;
+    esac
+else
+    usage
+fi
+
+
diff --git a/scripts/devenv-builder/configure-vm.sh b/scripts/devenv-builder/configure-vm.sh
@@ -137,7 +137,9 @@ if ${INSTALL_BUILD_DEPS} || ${BUILD_AND_RUN}; then
         "${DNF_RETRY}" "update"
     fi
     "${DNF_RETRY}" "install" "gcc git golang cockpit make jq selinux-policy-devel rpm-build jq bash-completion avahi-tools createrepo"
-    sudo systemctl enable --now cockpit.socket
+
+    # run only if booted with systemd
+    [[ -d /run/systemd/system ]] &&  sudo systemctl enable --now cockpit.socket
 fi
 
 GO_VER=1.21.3  # released 2023-10-10 (matches CI images)