Skip to content

fix: backport 1.29 update dqlite version #5305

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 13 commits into from
Closed

fix: backport 1.29 update dqlite version #5305

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
52aefe5
Initialise 1.29 branch (#4468)
bschimke95 Apr 3, 2024
d23555f
Add systemd delegate config if cpuset is missing (#4505)
berkayoz Apr 19, 2024
6896849
[1.29] Backport Add optional skip to community addons, bump upgrade p…
berkayoz May 30, 2024
c5aa75c
Stop testing on the host as this causes problems on our CI (#4625)
ktsakalozos Aug 15, 2024
7e53d77
[Backport 1.29] watch query timeout backport k8s-dqlite (#4653)
louiseschmidtgen Sep 3, 2024
bd6f0a4
Prioritize SNAP_CURRENT in containerd paths (#4710) (#4718)
berkayoz Oct 24, 2024
99b29b2
fix: ensure nf_conntrack module loaded for kubelite. (#4726)
aznashwan Oct 29, 2024
05a313a
scripts: Fix kill-host-pods (#4838)
HomayoonAlimohammadi Jan 24, 2025
a26a7c9
backport: [1.30] memory leak k8s-dqlite v1.1.12 (#4869) (#4872)
louiseschmidtgen Feb 14, 2025
7ba6e94
[Backport 1.29] CI: Fix addons CI (#4913) (#4923) (#4606) (#4928)
louiseschmidtgen Mar 10, 2025
21c9cc4
fix: Microk8s release CI by pre-install xdelta3 (#4983)
louiseschmidtgen Mar 31, 2025
7a0ebfc
update list of images used by 1.29 (#5001)
github-actions[bot] Apr 9, 2025
226bfa0
update dqlite to 1.1.13
ethandcosta Nov 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build-installer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
- name: Create installer
run: makensis.exe ${{ github.workspace }}/installer/windows/microk8s.nsi
- name: Upload installer
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: Windows installer
path: ${{ github.workspace }}/installer/windows/microk8s-installer.exe
78 changes: 20 additions & 58 deletions .github/workflows/build-snap.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
name: Build and test MicroK8s snap

on:
pull_request:
branches:
- master
- pull_request

jobs:
build:
Expand All @@ -30,7 +28,7 @@ jobs:
sg lxd -c 'snapcraft --use-lxd'
sudo mv microk8s*.snap microk8s.snap
- name: Uploading snap
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: microk8s.snap
path: microk8s.snap
Expand All @@ -52,13 +50,13 @@ jobs:
sudo apt-get -y install open-iscsi
sudo systemctl enable iscsid
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
- name: Running upgrade path test
run: |
sudo -E UPGRADE_MICROK8S_FROM=latest/edge UPGRADE_MICROK8S_TO=$PWD/build/microk8s.snap pytest -s ./tests/test-upgrade-path.py
sudo -E UPGRADE_MICROK8S_FROM=1.29/edge UPGRADE_MICROK8S_TO=$PWD/build/microk8s.snap pytest -s ./tests/test-upgrade-path.py

test-addons-core:
name: Test core addons
Expand All @@ -73,11 +71,11 @@ jobs:
set -x
sudo apt-get install python3-setuptools
sudo pip3 install --upgrade pip
sudo pip3 install -U pytest sh
sudo pip3 install -U pytest==8.3.4 sh
sudo apt-get -y install open-iscsi
sudo systemctl enable iscsid
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
Expand Down Expand Up @@ -107,7 +105,7 @@ jobs:
sudo apt-get -y install open-iscsi
sudo systemctl enable iscsid
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
Expand Down Expand Up @@ -140,15 +138,15 @@ jobs:
sudo apt-get -y install open-iscsi
sudo systemctl enable iscsid
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
- name: Running upgrade tests
run: |
set -x
export UNDER_TIME_PRESSURE="True"
sudo -E bash -c "UPGRADE_MICROK8S_FROM=latest/edge UPGRADE_MICROK8S_TO=$PWD/build/microk8s.snap pytest -s ./tests/test-upgrade.py"
sudo -E bash -c "UPGRADE_MICROK8S_FROM=1.29/edge UPGRADE_MICROK8S_TO=$PWD/build/microk8s.snap pytest -s ./tests/test-upgrade.py"

test-cluster-agent:
name: Cluster agent health check
Expand All @@ -165,7 +163,7 @@ jobs:
sudo pip3 install --upgrade pip
sudo pip3 install -U pytest sh requests
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
Expand All @@ -184,7 +182,7 @@ jobs:
- name: Checking out repo
uses: actions/checkout@v4
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
Expand All @@ -198,33 +196,6 @@ jobs:
run: |
sudo -E bash -x -c "./tests/libs/airgap.sh --distro ubuntu:20.04 --channel $PWD/build/microk8s.snap"

test-spread:
name: Test microk8s on multi distros
runs-on: ubuntu-20.04
needs: build
strategy:
fail-fast: false
matrix:
distro: ["images:centos/7", "images:debian/12"]
steps:
- name: Checking out repo
uses: actions/checkout@v4
- name: Fetch snap
uses: actions/[email protected]
with:
name: microk8s.snap
path: build
- name: Initialize LXD
run: |
sudo apt install apparmor apparmor-utils -y
sudo lxd init --auto
sudo lxc network set lxdbr0 ipv6.address=none
sudo usermod --append --groups lxd $USER
sg lxd -c 'lxc version'
- name: Run spread tests
run: |
sudo -E bash -x -c "./tests/libs/spread.sh --distro ${{ matrix.distro }} --channel $PWD/build/microk8s.snap"

security-scan:
name: Security scan
runs-on: ubuntu-20.04
Expand All @@ -233,39 +204,30 @@ jobs:
- name: Checking out repo
uses: actions/checkout@v4
- name: Fetch snap
uses: actions/download-artifact@v3.0.2
uses: actions/download-artifact@v4
with:
name: microk8s.snap
path: build
- name: Setup Trivy vulnerability scanner
- name: Create sarifs directory
run: |
mkdir -p sarifs
VER=$(curl --silent -qI https://github.com/aquasecurity/trivy/releases/latest | awk -F '/' '/^location/ {print substr($NF, 1, length($NF)-1)}');
wget https://github.com/aquasecurity/trivy/releases/download/${VER}/trivy_${VER#v}_Linux-64bit.tar.gz
tar -zxvf ./trivy_${VER#v}_Linux-64bit.tar.gz
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@master
with:
scan-type: "fs"
ignore-unfixed: true
format: "sarif"
output: "trivy-microk8s-repo-scan--results.sarif"
severity: "CRITICAL"
- name: Gather Trivy repo scan results
- name: Install Trivy vulnerability scanner
uses: aquasecurity/[email protected]
- name: Run Trivy vulnerability scanner on codebase
run: |
cp trivy-microk8s-repo-scan--results.sarif ./sarifs/
trivy fs . --format sarif --severity CRITICAL > sarifs/trivy-microk8s-repo-scan--results.sarif
- name: Run Trivy vulnerability scanner on images
run: |
for i in $(cat ./build-scripts/images.txt) ; do
name=$(echo $i | awk -F ':|/' '{print $(NF-1)}')
./trivy image $i --format sarif > sarifs/$name.sarif
trivy image $i --format sarif > sarifs/$name.sarif
done
- name: Run Trivy vulnerability scanner on the snap
run: |
cp build/microk8s.snap .
unsquashfs microk8s.snap
./trivy rootfs ./squashfs-root/ --format sarif > sarifs/snap.sarif
trivy rootfs ./squashfs-root/ --format sarif > sarifs/snap.sarif
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: "sarifs"
4 changes: 2 additions & 2 deletions build-scripts/addons/repositories.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
# List of addon repositories to bundle in the snap
# (name),(repository),(reference)
ADDONS_REPOS="
core,https://github.com/canonical/microk8s-core-addons,main
community,https://github.com/canonical/microk8s-community-addons,main
core,https://github.com/canonical/microk8s-core-addons,1.29
community,https://github.com/canonical/microk8s-community-addons,1.29
"

# List of addon repositories to automatically enable
Expand Down
2 changes: 1 addition & 1 deletion build-scripts/components/cluster-agent/version.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
#!/bin/bash

echo "main"
echo "1.29"
2 changes: 1 addition & 1 deletion build-scripts/components/k8s-dqlite/version.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
#!/bin/bash

echo "master"
echo "v1.1.13"
2 changes: 1 addition & 1 deletion build-scripts/components/kubernetes/version.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/bash

KUBE_TRACK="${KUBE_TRACK:-}" # example: "1.24"
KUBE_TRACK="${KUBE_TRACK:-1.29}" # example: "1.24"
KUBE_VERSION="${KUBE_VERSION:-}" # example: "v1.24.2"

if [ -z "${KUBE_VERSION}" ]; then
Expand Down
2 changes: 1 addition & 1 deletion build-scripts/images.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@ docker.io/calico/node:v3.25.1
docker.io/cdkbot/hostpath-provisioner:1.5.0
docker.io/coredns/coredns:1.10.1
docker.io/library/busybox:1.28.4
registry.k8s.io/ingress-nginx/controller:v1.8.0
registry.k8s.io/ingress-nginx/controller:v1.11.5
registry.k8s.io/metrics-server/metrics-server:v0.6.3
registry.k8s.io/pause:3.7
2 changes: 1 addition & 1 deletion microk8s-resources/wrappers/run-containerd-with-args
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ fi
# containerd-shims need to look for runc in /snap/microk8s/current/usr/bin/runc
SNAP_CURRENT=`echo "${SNAP}" | sed -e "s,${SNAP_REVISION},current,"`
CURRENT_PATH="$SNAP_CURRENT/usr/sbin:$SNAP_CURRENT/usr/bin:$SNAP_CURRENT/sbin:$SNAP_CURRENT/bin"
export PATH="$SNAP/usr/sbin:$SNAP/usr/bin:$SNAP/sbin:$SNAP/bin:$CURRENT_PATH:$PATH"
export PATH="$CURRENT_PATH:$SNAP/usr/sbin:$SNAP/usr/bin:$SNAP/sbin:$SNAP/bin:$PATH"

if is_strict
then
Expand Down
27 changes: 27 additions & 0 deletions microk8s-resources/wrappers/run-kubelite-with-args
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,20 @@ then
fi
fi

if ! is_strict &&
(systemctl show snap.microk8s.daemon-kubelite.service -p NRestarts | grep -qv "NRestarts=0") &&
(grep -qv cpuset /sys/fs/cgroup/cgroup.subtree_control) &&
[ ! -e /etc/systemd/system/snap.microk8s.daemon-kubelite.service.d/delegate.conf ]
then
mkdir -p /etc/systemd/system/snap.microk8s.daemon-kubelite.service.d
tee /etc/systemd/system/snap.microk8s.daemon-kubelite.service.d/delegate.conf > /dev/null <<EOF
[Service]
Delegate=yes
EOF
systemctl daemon-reload || true
snap restart microk8s || true
fi

# wait for containerd socket
if grep -e "--address " $SNAP_DATA/args/containerd &> /dev/null
then
Expand Down Expand Up @@ -190,6 +204,19 @@ then
fi
fi

# kube-proxy reads some values related to the 'nf_conntrack' kernel
# module from procfs on startup, so we must ensure it is loaded:
if ! [ -f /proc/sys/net/netfilter/nf_conntrack_max ]
then
if /sbin/modprobe nf_conntrack || modprobe nf_conntrack
then
echo "Successfully loaded nf_conntrack module."
else
echo -n "Failed to load nf_conntrack kernel module. "
echo "ProxyServer will fail to start until it's loaded."
fi
fi

# on lxc containers do not try to change the conntrack configuration
# see https://github.com/canonical/microk8s/issues/1438
if grep -E lxc /proc/1/environ &&
Expand Down
2 changes: 1 addition & 1 deletion scripts/kill-host-pods.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ def post_filter_has_snap_data_mounts(pod) -> bool:
hostpath_volume = volume.get("hostPath", {})
host_path = hostpath_volume.get("path", "")
if not host_path:
return False
continue
if host_path.startswith(SNAP_DATA_CURRENT):
return True

Expand Down
2 changes: 2 additions & 0 deletions snap/hooks/remove
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ then
# remove custom sysctl parameters
rm -f /etc/sysctl.d/10-microk8s.conf
sysctl --system

rm -rf /etc/systemd/system/snap.microk8s.daemon-kubelite.service.d || true
fi

# Clean the container location so we do not snapshot it.
Expand Down
34 changes: 4 additions & 30 deletions tests/libs/addons.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,6 @@ function setup_addons_tests() {
local PROXY=$3
local TO_CHANNEL=$4

if [[ ${TO_CHANNEL} =~ /.*/microk8s.*snap ]]
then
snap install "${TO_CHANNEL}" --dangerous --classic
else
snap install microk8s --channel="${TO_CHANNEL}" --classic
fi

microk8s status --wait-ready

create_machine "$NAME" "$DISTRO" "$PROXY"
if [[ ${TO_CHANNEL} =~ /.*/microk8s.*snap ]]
then
Expand Down Expand Up @@ -43,15 +34,6 @@ function run_community_addons_tests() {
lxc exec "$NAME" -- script -e -c "pytest -s /var/snap/microk8s/common/addons/community/tests/"
}

function run_eksd_addons_tests() {
if [ -d "/var/snap/microk8s/common/addons/eksd" ]
then
if [ -f "/var/snap/microk8s/common/addons/eksd/tests/test-addons.sh" ]; then
. /var/snap/microk8s/common/addons/eksd/tests/test-addons.sh
fi
fi
}

function run_gpu_addon_test() {
if [ -f "/var/snap/microk8s/common/addons/core/tests/test-addons.py" ] &&
grep test_gpu /var/snap/microk8s/common/addons/core/tests/test-addons.py -q
Expand All @@ -60,15 +42,6 @@ function run_gpu_addon_test() {
fi
}

function run_microceph_addon_test() {
if [ -f "/var/snap/microk8s/common/addons/core/tests/test-addons.py" ] &&
grep test_rook_ceph_integration /var/snap/microk8s/common/addons/core/tests/test-addons.py -q
then
timeout 3600 pytest -s /var/snap/microk8s/common/addons/core/tests/test-addons.py -k test_rook_ceph_integration
fi
}


function post_addons_tests() {
local NAME=$1
lxc exec "$NAME" -- microk8s reset
Expand Down Expand Up @@ -120,9 +93,10 @@ then
setup_addons_tests "$NAME" "$DISTRO" "$PROXY" "$TO_CHANNEL"
run_smoke_test "$NAME"
run_core_addons_tests "$NAME"
run_community_addons_tests "$NAME"
run_eksd_addons_tests
DISABLE_COMMUNITY_TESTS="${DISABLE_COMMUNITY_TESTS:-0}"
if [ "x${DISABLE_COMMUNITY_TESTS}" != "x1" ]; then
run_community_addons_tests "$NAME"
fi
run_gpu_addon_test
run_microceph_addon_test
post_addons_tests "$NAME"
fi
4 changes: 2 additions & 2 deletions tests/lxc/install-deps/images_almalinux-8
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ yum install fuse squashfuse -y
yum install snapd -y
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap
yum install python3-pip -y
yum install python3-pip -y
yum install docker -y
pip3 install pytest requests pyyaml sh
pip3 install pytest==8.3.4 requests pyyaml sh

# wait for the snapd seeding to take place!
n=0
Expand Down
2 changes: 1 addition & 1 deletion tests/lxc/install-deps/images_archlinux
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ pacman -S --noconfirm python
pacman -S --noconfirm docker
sudo systemctl enable --now docker.service
echo "127.0.0.1 localhost" | sudo tee -a /etc/hosts
pip3 install pytest requests pyyaml
pip3 install pytest==8.3.4 requests pyyaml

# wait for the snapd seeding to take place!
n=0
Expand Down
4 changes: 2 additions & 2 deletions tests/lxc/install-deps/images_centos-7
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@ yum install sudo -y
yum install snapd -y
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap
yum install python3-pip -y
yum install python3-pip -y
yum install docker -y
pip3 install pytest requests pyyaml sh
pip3 install pytest==8.3.4 requests pyyaml sh

# wait for the snapd seeding to take place!
n=0
Expand Down
4 changes: 2 additions & 2 deletions tests/lxc/install-deps/images_centos-8-Stream
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ yum install fuse squashfuse -y
yum install snapd -y
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap
yum install python3-pip -y
yum install python3-pip -y
yum install docker -y
pip3 install pytest requests pyyaml sh
pip3 install pytest==8.3.4 requests pyyaml sh

# wait for the snapd seeding to take place!
n=0
Expand Down
Loading