kubecf
kubecf copied to clipboard
cloudfoundry-incubator
PRs to fix patches in *diego-cell* upstream project
./diego-cell/garden/jobs/patch_post-start.sh ./diego-cell/cflinuxfs3-rootfs-setup/jobs/patch_pre-start.sh ./diego-cell/rep/jobs/patch_pre-start.sh ./diego-cell/rep/jobs/patch_rep_json.sh
Relevant upstream releases:
| Job | Release |
|---|---|
| garden | https://github.com/cloudfoundry/garden-runc-release/tree/develop/jobs/garden |
| cflinuxfs3-roots-setup | https://github.com/cloudfoundry/cflinuxfs3-release/tree/master/jobs/cflinuxfs3-rootfs-setup |
| rep | https://github.com/cloudfoundry/diego-release/tree/develop/jobs/rep |
Versions currently used by kubecf (cf-deployment 12.18):
| Release | Version | Hash |
|---|---|---|
| garden-runc-release | 1.19.9 | 1c678e1c7a3506c0e408860571560081c15e3c6d |
| cflinuxfs3-release | 0.150.0 | 6421766b2120009c6d422c4b1ed5a12c4290eda4 |
| diego-release | 2.41.0 | 8a183683f26ba982eda1dbeba7f55edc9a1059b0 |
Commits to branch the PRs from (Using the version tags from previous comment):
| Release | Commit | Reasons for patching |
|---|---|---|
| garden-runc-release | https://github.com/cloudfoundry/garden-runc-release/tree/e1d3a70ebfc7151cd0f38433fe0ab5ce86f2103a | post-start: curls unix socket support to variable, switched to netcat as more stable |
| cflinuxfs3-release | https://github.com/cloudfoundry/cflinuxfs3-release/tree/cc3507bdba35c720a8610d8f024ef334be9c9b74 | pre-start: Place the rootfs into the ephemeral data directory |
| diego-release | https://github.com/cloudfoundry/diego-release/tree/e75c353863b51c2428c057f26cbb7178e5930373 | pre-start: Packages not shared between containers (Was: ~~Place the rootfs into the ephemeral data directory~~) |
| rep-json: Packages not shared between containers |
I am not sure if the rep-json patch is something we can upstream. It looks to be container/kubecf specific.
Also, about the rootfs placement, we should possibly expand on why we moved it into ephemeral storage, not just that we did.
@viovanov @f0rmiga @mook-as @jandubois Opinions ?
@fargozhu This ticket about the diego-cell patches is not listing the patches
bosh/releases/pre_render_scripts/diego-cell/garden/jobs/patch_pre-start.sh
bosh/releases/pre_render_scripts/diego-cell/rep/jobs/patch_rep_ctl.sh
Was this intentional ?
- The
pre-startpatch does permission changes/fixes. - The
rep_ctlpatch removes anulimitstatement for 100K fds. Not sure what the limit is without it.
Are both container/kubecf specific to exclude from upstreaming ?
Open question:
- Should I do a PR directly on the target repos ?
- PR from personal fork ?
- PR from SUSE fork ?
Resolutions (Talked with @f0rmiga):
- Personal forks.
- Make changes, push personal, final discussion about upstreaming
-
shared-packagesvspackages- definitely not right now. - Look into new properties for most changes to make things configurable by us while allowing CF to retain the defaults for their use under BOSH.
garden-runc = commit https://github.com/andreas-kupries/garden-runc-release/commit/34807fd91b2a6c1f1cd0f3b57e9b3c58aa50f9bb
Original patch: https://github.com/cloudfoundry-incubator/kubecf/blob/master/bosh/releases/pre_render_scripts/diego-cell/garden/jobs/patch_post-start.sh
cflinuxfs3 = commit https://github.com/andreas-kupries/cflinuxfs3-release/commit/f61fc8368ca6c767044e9756cb14e0ee565c36d1
Original patch: https://github.com/cloudfoundry-incubator/kubecf/blob/master/bosh/releases/pre_render_scripts/diego-cell/cflinuxfs3-rootfs-setup/jobs/patch_pre-start.sh
diego-release = commit https://github.com/andreas-kupries/diego-release/commit/d298466c6bd64f8ae49b1d6a1e50d78546dbc2e9
Original patch: https://github.com/cloudfoundry-incubator/kubecf/blob/master/bosh/releases/pre_render_scripts/diego-cell/rep/jobs/patch_rep_ctl.sh
@viovanov @f0rmiga @mook-as @jandubois @fargozhu @prabalsharma @jimmykarily @thardeck @svollath @viccuad Ping. Below the final table listing our local patches in the diego-cell area and the commits proposed to become the equivalent upstream PRs.
- Two changes (garden) as-is.
- Two changes make the place we patch configurable via job properties.
- Three patches excluded from upstreaming as SUSE specific (1), and not fully baked (2).
Please review the changes themselves, and the commit messages. The latter are intended to become the PR description (including the back link to this ticket). Please add your comments to this ticket.
All original patches are in kubecf, under the directory bosh/releases/pre_render_scripts/diego-cell. Links are to their github locations.
| Patch | Notes | Upstream Change, Proposed | Upstream PR |
|---|---|---|---|
| cflinuxfs3-rootfs-setup/jobs/patch_pre-start.sh | Make destination configurable. | https://github.com/andreas-kupries/cflinuxfs3-release/commit/f61fc8368ca6c767044e9756cb14e0ee565c36d1 | https://github.com/cloudfoundry/cflinuxfs3-release/pull/12 |
| garden/jobs/patch_post-start.sh | curl/netcat for unix sockets. Upstream as-is. | https://github.com/andreas-kupries/garden-runc-release/commit/34807fd91b2a6c1f1cd0f3b57e9b3c58aa50f9bb | https://github.com/cloudfoundry/garden-runc-release/pull/158 |
| garden/jobs/patch_pre-start.sh | Clear grootfs playground, make accessible. Upstream as-is. | https://github.com/andreas-kupries/garden-runc-release/commit/0c7b7d96027c9a0f735e02491d116460d2ce40f8 | https://github.com/cloudfoundry/garden-runc-release/pull/159 |
| rep/jobs/patch_rep_ctl.sh | Make application of fd ulimits configurable, analogous to set_kernel_parameters. See also #504 (cc_uploader, file_server, ...) |
https://github.com/cloudfoundry/diego-release/compare/develop...andreas-kupries:kubecf-505-suse-patch-upstreaming | https://github.com/cloudfoundry/diego-release/pull/512 |
| rep/jobs/patch_pre-start.sh | Hack solution to co-location issues in containerized environs. | Do not upstream | |
| rep/jobs/patch_rep_json.sh | Ditto. | Do not upstream | |
| sle15-rootfs-setup/jobs/patch_pre-start.sh | SLE specific. | Do not upstream |
All the ulimit patches were found superfluous. PR #1040 removed them. The PR cloudfoundry/diego-release#512 has been retracted and closed.
The remaining patches for this ticket will be re-checked regarding necessity, and different solutions.
The PR https://github.com/cloudfoundry/garden-runc-release/pull/158 was essentially accepted and merged by upstream, but not directly. See https://github.com/cloudfoundry/garden-runc-release/commit/7098cdca7f3e665defe7228f5e01749660846637 Closed the PR.
The PR https://github.com/cloudfoundry/garden-runc-release/pull/159 is still pending upstream after addressing their comments.
The PR https://github.com/cloudfoundry/cflinuxfs3-release/pull/12 is still pending upstream, without any comments, or actions.
Based on https://github.com/cloudfoundry-incubator/kubecf/issues/520#issuecomment-648407686
Since this is filed upstream now, will close. Will track the upstream PR so hopefully, when it's done, we can somehow track it to what we need to consume next.