Merge pull request #309904 from superherointj/k3s-format-rfc
k3s: enforce rfc 0166 format
This commit is contained in:
commit
602a9cec5b
@ -111,3 +111,6 @@ fb0e5be84331188a69b3edd31679ca6576edb75a
|
|||||||
|
|
||||||
# pkgs/os-specific/bsd: Reformat with nixfmt-rfc-style 2024-03-01
|
# pkgs/os-specific/bsd: Reformat with nixfmt-rfc-style 2024-03-01
|
||||||
3fe3b055adfc020e6a923c466b6bcd978a13069a
|
3fe3b055adfc020e6a923c466b6bcd978a13069a
|
||||||
|
|
||||||
|
# k3s: format with nixfmt-rfc-style
|
||||||
|
0b7900d5e8e0bcac89e14a52d3e840f9201e9f47
|
||||||
|
4
.github/workflows/check-nix-format.yml
vendored
4
.github/workflows/check-nix-format.yml
vendored
@ -39,6 +39,10 @@ jobs:
|
|||||||
pkgs/development/cuda-modules
|
pkgs/development/cuda-modules
|
||||||
pkgs/test/cuda
|
pkgs/test/cuda
|
||||||
pkgs/top-level/cuda-packages.nix
|
pkgs/top-level/cuda-packages.nix
|
||||||
|
NIX_FMT_PATHS_K3S: |
|
||||||
|
nixos/modules/services/cluster/k3s
|
||||||
|
nixos/tests/k3s
|
||||||
|
pkgs/applications/networking/cluster/k3s
|
||||||
NIX_FMT_PATHS_VSCODE_EXTS: pkgs/applications/editors/vscode/extensions
|
NIX_FMT_PATHS_VSCODE_EXTS: pkgs/applications/editors/vscode/extensions
|
||||||
NIX_FMT_PATHS_PHP_PACKAGES: pkgs/development/php-packages
|
NIX_FMT_PATHS_PHP_PACKAGES: pkgs/development/php-packages
|
||||||
NIX_FMT_PATHS_BUILD_SUPPORT_PHP: pkgs/build-support/php
|
NIX_FMT_PATHS_BUILD_SUPPORT_PHP: pkgs/build-support/php
|
||||||
|
@ -1,15 +1,25 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
cfg = config.services.k3s;
|
cfg = config.services.k3s;
|
||||||
removeOption = config: instruction:
|
removeOption =
|
||||||
lib.mkRemovedOptionModule ([ "services" "k3s" ] ++ config) instruction;
|
config: instruction:
|
||||||
|
lib.mkRemovedOptionModule (
|
||||||
|
[
|
||||||
|
"services"
|
||||||
|
"k3s"
|
||||||
|
]
|
||||||
|
++ config
|
||||||
|
) instruction;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [ (removeOption [ "docker" ] "k3s docker option is no longer supported.") ];
|
||||||
(removeOption [ "docker" ] "k3s docker option is no longer supported.")
|
|
||||||
];
|
|
||||||
|
|
||||||
# interface
|
# interface
|
||||||
options.services.k3s = {
|
options.services.k3s = {
|
||||||
@ -33,7 +43,10 @@ in
|
|||||||
- `serverAddr` is required.
|
- `serverAddr` is required.
|
||||||
'';
|
'';
|
||||||
default = "server";
|
default = "server";
|
||||||
type = types.enum [ "server" "agent" ];
|
type = types.enum [
|
||||||
|
"server"
|
||||||
|
"agent"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
serverAddr = mkOption {
|
serverAddr = mkOption {
|
||||||
@ -125,7 +138,8 @@ in
|
|||||||
message = "serverAddr or configPath (with 'server' key) should be set if role is 'agent'";
|
message = "serverAddr or configPath (with 'server' key) should be set if role is 'agent'";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
assertion = cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
|
assertion =
|
||||||
|
cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
|
||||||
message = "token or tokenFile or configPath (with 'token' or 'token-file' keys) should be set if role is 'agent'";
|
message = "token or tokenFile or configPath (with 'token' or 'token-file' keys) should be set if role is 'agent'";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
@ -142,8 +156,14 @@ in
|
|||||||
|
|
||||||
systemd.services.k3s = {
|
systemd.services.k3s = {
|
||||||
description = "k3s service";
|
description = "k3s service";
|
||||||
after = [ "firewall.service" "network-online.target" ];
|
after = [
|
||||||
wants = [ "firewall.service" "network-online.target" ];
|
"firewall.service"
|
||||||
|
"network-online.target"
|
||||||
|
];
|
||||||
|
wants = [
|
||||||
|
"firewall.service"
|
||||||
|
"network-online.target"
|
||||||
|
];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
path = optional config.boot.zfs.enabled config.boot.zfs.package;
|
path = optional config.boot.zfs.enabled config.boot.zfs.package;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
@ -159,9 +179,7 @@ in
|
|||||||
TasksMax = "infinity";
|
TasksMax = "infinity";
|
||||||
EnvironmentFile = cfg.environmentFile;
|
EnvironmentFile = cfg.environmentFile;
|
||||||
ExecStart = concatStringsSep " \\\n " (
|
ExecStart = concatStringsSep " \\\n " (
|
||||||
[
|
[ "${cfg.package}/bin/k3s ${cfg.role}" ]
|
||||||
"${cfg.package}/bin/k3s ${cfg.role}"
|
|
||||||
]
|
|
||||||
++ (optional cfg.clusterInit "--cluster-init")
|
++ (optional cfg.clusterInit "--cluster-init")
|
||||||
++ (optional cfg.disableAgent "--disable-agent")
|
++ (optional cfg.disableAgent "--disable-agent")
|
||||||
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")
|
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")
|
||||||
|
@ -1,16 +1,20 @@
|
|||||||
{ system ? builtins.currentSystem
|
{
|
||||||
, pkgs ? import ../../.. { inherit system; }
|
system ? builtins.currentSystem,
|
||||||
, lib ? pkgs.lib
|
pkgs ? import ../../.. { inherit system; },
|
||||||
|
lib ? pkgs.lib,
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
allK3s = lib.filterAttrs (n: _: lib.strings.hasPrefix "k3s_" n) pkgs;
|
allK3s = lib.filterAttrs (n: _: lib.strings.hasPrefix "k3s_" n) pkgs;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# Testing K3s with Etcd backend
|
# Testing K3s with Etcd backend
|
||||||
etcd = lib.mapAttrs (_: k3s: import ./etcd.nix {
|
etcd = lib.mapAttrs (
|
||||||
inherit system pkgs k3s;
|
_: k3s:
|
||||||
inherit (pkgs) etcd;
|
import ./etcd.nix {
|
||||||
}) allK3s;
|
inherit system pkgs k3s;
|
||||||
|
inherit (pkgs) etcd;
|
||||||
|
}
|
||||||
|
) allK3s;
|
||||||
# Run a single node k3s cluster and verify a pod can run
|
# Run a single node k3s cluster and verify a pod can run
|
||||||
single-node = lib.mapAttrs (_: k3s: import ./single-node.nix { inherit system pkgs k3s; }) allK3s;
|
single-node = lib.mapAttrs (_: k3s: import ./single-node.nix { inherit system pkgs k3s; }) allK3s;
|
||||||
# Run a multi-node k3s cluster and verify pod networking works across nodes
|
# Run a multi-node k3s cluster and verify pod networking works across nodes
|
||||||
|
@ -1,100 +1,130 @@
|
|||||||
import ../make-test-python.nix ({ pkgs, lib, k3s, etcd, ... }:
|
import ../make-test-python.nix (
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
k3s,
|
||||||
|
etcd,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
{
|
{
|
||||||
name = "${k3s.name}-etcd";
|
name = "${k3s.name}-etcd";
|
||||||
|
|
||||||
nodes = {
|
nodes = {
|
||||||
|
|
||||||
etcd = { ... }: {
|
etcd =
|
||||||
services.etcd = {
|
{ ... }:
|
||||||
enable = true;
|
{
|
||||||
openFirewall = true;
|
services.etcd = {
|
||||||
listenClientUrls = [ "http://192.168.1.1:2379" "http://127.0.0.1:2379" ];
|
enable = true;
|
||||||
listenPeerUrls = [ "http://192.168.1.1:2380" ];
|
openFirewall = true;
|
||||||
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
|
listenClientUrls = [
|
||||||
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
|
"http://192.168.1.1:2379"
|
||||||
};
|
"http://127.0.0.1:2379"
|
||||||
networking = {
|
];
|
||||||
useDHCP = false;
|
listenPeerUrls = [ "http://192.168.1.1:2380" ];
|
||||||
defaultGateway = "192.168.1.1";
|
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
|
||||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
|
||||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
};
|
||||||
];
|
networking = {
|
||||||
};
|
useDHCP = false;
|
||||||
};
|
defaultGateway = "192.168.1.1";
|
||||||
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||||
k3s = { pkgs, ... }: {
|
{
|
||||||
environment.systemPackages = with pkgs; [ jq ];
|
address = "192.168.1.1";
|
||||||
# k3s uses enough resources the default vm fails.
|
prefixLength = 24;
|
||||||
virtualisation.memorySize = 1536;
|
}
|
||||||
virtualisation.diskSize = 4096;
|
];
|
||||||
|
};
|
||||||
services.k3s = {
|
};
|
||||||
enable = true;
|
|
||||||
role = "server";
|
k3s =
|
||||||
extraFlags = builtins.toString [
|
{ pkgs, ... }:
|
||||||
"--datastore-endpoint=\"http://192.168.1.1:2379\""
|
{
|
||||||
"--disable" "coredns"
|
environment.systemPackages = with pkgs; [ jq ];
|
||||||
"--disable" "local-storage"
|
# k3s uses enough resources the default vm fails.
|
||||||
"--disable" "metrics-server"
|
virtualisation.memorySize = 1536;
|
||||||
"--disable" "servicelb"
|
virtualisation.diskSize = 4096;
|
||||||
"--disable" "traefik"
|
|
||||||
"--node-ip" "192.168.1.2"
|
services.k3s = {
|
||||||
];
|
enable = true;
|
||||||
};
|
role = "server";
|
||||||
|
extraFlags = builtins.toString [
|
||||||
networking = {
|
"--datastore-endpoint=\"http://192.168.1.1:2379\""
|
||||||
firewall = {
|
"--disable"
|
||||||
allowedTCPPorts = [ 2379 2380 6443 ];
|
"coredns"
|
||||||
allowedUDPPorts = [ 8472 ];
|
"--disable"
|
||||||
|
"local-storage"
|
||||||
|
"--disable"
|
||||||
|
"metrics-server"
|
||||||
|
"--disable"
|
||||||
|
"servicelb"
|
||||||
|
"--disable"
|
||||||
|
"traefik"
|
||||||
|
"--node-ip"
|
||||||
|
"192.168.1.2"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
firewall = {
|
||||||
|
allowedTCPPorts = [
|
||||||
|
2379
|
||||||
|
2380
|
||||||
|
6443
|
||||||
|
];
|
||||||
|
allowedUDPPorts = [ 8472 ];
|
||||||
|
};
|
||||||
|
useDHCP = false;
|
||||||
|
defaultGateway = "192.168.1.2";
|
||||||
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||||
|
{
|
||||||
|
address = "192.168.1.2";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
useDHCP = false;
|
|
||||||
defaultGateway = "192.168.1.2";
|
|
||||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
|
||||||
{ address = "192.168.1.2"; prefixLength = 24; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
testScript = ''
|
||||||
|
with subtest("should start etcd"):
|
||||||
|
etcd.start()
|
||||||
|
etcd.wait_for_unit("etcd.service")
|
||||||
|
|
||||||
testScript = ''
|
with subtest("should wait for etcdctl endpoint status to succeed"):
|
||||||
with subtest("should start etcd"):
|
etcd.wait_until_succeeds("etcdctl endpoint status")
|
||||||
etcd.start()
|
|
||||||
etcd.wait_for_unit("etcd.service")
|
|
||||||
|
|
||||||
with subtest("should wait for etcdctl endpoint status to succeed"):
|
with subtest("should start k3s"):
|
||||||
etcd.wait_until_succeeds("etcdctl endpoint status")
|
k3s.start()
|
||||||
|
k3s.wait_for_unit("k3s")
|
||||||
|
|
||||||
with subtest("should start k3s"):
|
with subtest("should test if kubectl works"):
|
||||||
k3s.start()
|
k3s.wait_until_succeeds("k3s kubectl get node")
|
||||||
k3s.wait_for_unit("k3s")
|
|
||||||
|
|
||||||
with subtest("should test if kubectl works"):
|
with subtest("should wait for service account to show up; takes a sec"):
|
||||||
k3s.wait_until_succeeds("k3s kubectl get node")
|
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
|
||||||
|
|
||||||
with subtest("should wait for service account to show up; takes a sec"):
|
with subtest("should create a sample secret object"):
|
||||||
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
|
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
|
||||||
|
|
||||||
with subtest("should create a sample secret object"):
|
with subtest("should check if secret is correct"):
|
||||||
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
|
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
|
||||||
|
|
||||||
with subtest("should check if secret is correct"):
|
with subtest("should have a secret in database"):
|
||||||
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
|
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||||
|
|
||||||
with subtest("should have a secret in database"):
|
with subtest("should delete the secret"):
|
||||||
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
k3s.succeed("k3s kubectl delete secret nixossecret")
|
||||||
|
|
||||||
with subtest("should delete the secret"):
|
with subtest("should not have a secret in database"):
|
||||||
k3s.succeed("k3s kubectl delete secret nixossecret")
|
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||||
|
|
||||||
with subtest("should not have a secret in database"):
|
with subtest("should shutdown k3s and etcd"):
|
||||||
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
k3s.shutdown()
|
||||||
|
etcd.shutdown()
|
||||||
|
'';
|
||||||
|
|
||||||
with subtest("should shutdown k3s and etcd"):
|
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
|
||||||
k3s.shutdown()
|
}
|
||||||
etcd.shutdown()
|
)
|
||||||
'';
|
|
||||||
|
|
||||||
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
|
|
||||||
})
|
|
||||||
|
@ -1,14 +1,30 @@
|
|||||||
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
import ../make-test-python.nix (
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
k3s,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
imageEnv = pkgs.buildEnv {
|
imageEnv = pkgs.buildEnv {
|
||||||
name = "k3s-pause-image-env";
|
name = "k3s-pause-image-env";
|
||||||
paths = with pkgs; [ tini bashInteractive coreutils socat ];
|
paths = with pkgs; [
|
||||||
|
tini
|
||||||
|
bashInteractive
|
||||||
|
coreutils
|
||||||
|
socat
|
||||||
|
];
|
||||||
};
|
};
|
||||||
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
||||||
name = "test.local/pause";
|
name = "test.local/pause";
|
||||||
tag = "local";
|
tag = "local";
|
||||||
contents = imageEnv;
|
contents = imageEnv;
|
||||||
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
|
config.Entrypoint = [
|
||||||
|
"/bin/tini"
|
||||||
|
"--"
|
||||||
|
"/bin/sleep"
|
||||||
|
"inf"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
# A daemonset that responds 'server' on port 8000
|
# A daemonset that responds 'server' on port 8000
|
||||||
networkTestDaemonset = pkgs.writeText "test.yml" ''
|
networkTestDaemonset = pkgs.writeText "test.yml" ''
|
||||||
@ -42,90 +58,135 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
|||||||
name = "${k3s.name}-multi-node";
|
name = "${k3s.name}-multi-node";
|
||||||
|
|
||||||
nodes = {
|
nodes = {
|
||||||
server = { pkgs, ... }: {
|
server =
|
||||||
environment.systemPackages = with pkgs; [ gzip jq ];
|
{ pkgs, ... }:
|
||||||
# k3s uses enough resources the default vm fails.
|
{
|
||||||
virtualisation.memorySize = 1536;
|
environment.systemPackages = with pkgs; [
|
||||||
virtualisation.diskSize = 4096;
|
gzip
|
||||||
|
jq
|
||||||
|
];
|
||||||
|
# k3s uses enough resources the default vm fails.
|
||||||
|
virtualisation.memorySize = 1536;
|
||||||
|
virtualisation.diskSize = 4096;
|
||||||
|
|
||||||
services.k3s = {
|
services.k3s = {
|
||||||
inherit tokenFile;
|
inherit tokenFile;
|
||||||
enable = true;
|
enable = true;
|
||||||
role = "server";
|
role = "server";
|
||||||
package = k3s;
|
package = k3s;
|
||||||
clusterInit = true;
|
clusterInit = true;
|
||||||
extraFlags = builtins.toString [
|
extraFlags = builtins.toString [
|
||||||
"--disable" "coredns"
|
"--disable"
|
||||||
"--disable" "local-storage"
|
"coredns"
|
||||||
"--disable" "metrics-server"
|
"--disable"
|
||||||
"--disable" "servicelb"
|
"local-storage"
|
||||||
"--disable" "traefik"
|
"--disable"
|
||||||
"--node-ip" "192.168.1.1"
|
"metrics-server"
|
||||||
"--pause-image" "test.local/pause:local"
|
"--disable"
|
||||||
|
"servicelb"
|
||||||
|
"--disable"
|
||||||
|
"traefik"
|
||||||
|
"--node-ip"
|
||||||
|
"192.168.1.1"
|
||||||
|
"--pause-image"
|
||||||
|
"test.local/pause:local"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
2379
|
||||||
|
2380
|
||||||
|
6443
|
||||||
|
];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||||
|
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.defaultGateway = "192.168.1.1";
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||||
|
{
|
||||||
|
address = "192.168.1.1";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
|
||||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
|
||||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
|
||||||
networking.useDHCP = false;
|
|
||||||
networking.defaultGateway = "192.168.1.1";
|
|
||||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
|
||||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
server2 = { pkgs, ... }: {
|
server2 =
|
||||||
environment.systemPackages = with pkgs; [ gzip jq ];
|
{ pkgs, ... }:
|
||||||
virtualisation.memorySize = 1536;
|
{
|
||||||
virtualisation.diskSize = 4096;
|
environment.systemPackages = with pkgs; [
|
||||||
|
gzip
|
||||||
|
jq
|
||||||
|
];
|
||||||
|
virtualisation.memorySize = 1536;
|
||||||
|
virtualisation.diskSize = 4096;
|
||||||
|
|
||||||
services.k3s = {
|
services.k3s = {
|
||||||
inherit tokenFile;
|
inherit tokenFile;
|
||||||
enable = true;
|
enable = true;
|
||||||
serverAddr = "https://192.168.1.1:6443";
|
serverAddr = "https://192.168.1.1:6443";
|
||||||
clusterInit = false;
|
clusterInit = false;
|
||||||
extraFlags = builtins.toString [
|
extraFlags = builtins.toString [
|
||||||
"--disable" "coredns"
|
"--disable"
|
||||||
"--disable" "local-storage"
|
"coredns"
|
||||||
"--disable" "metrics-server"
|
"--disable"
|
||||||
"--disable" "servicelb"
|
"local-storage"
|
||||||
"--disable" "traefik"
|
"--disable"
|
||||||
"--node-ip" "192.168.1.3"
|
"metrics-server"
|
||||||
"--pause-image" "test.local/pause:local"
|
"--disable"
|
||||||
|
"servicelb"
|
||||||
|
"--disable"
|
||||||
|
"traefik"
|
||||||
|
"--node-ip"
|
||||||
|
"192.168.1.3"
|
||||||
|
"--pause-image"
|
||||||
|
"test.local/pause:local"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
2379
|
||||||
|
2380
|
||||||
|
6443
|
||||||
|
];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||||
|
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.defaultGateway = "192.168.1.3";
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||||
|
{
|
||||||
|
address = "192.168.1.3";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
|
||||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
|
||||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
|
||||||
networking.useDHCP = false;
|
|
||||||
networking.defaultGateway = "192.168.1.3";
|
|
||||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
|
||||||
{ address = "192.168.1.3"; prefixLength = 24; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
agent = { pkgs, ... }: {
|
agent =
|
||||||
virtualisation.memorySize = 1024;
|
{ pkgs, ... }:
|
||||||
virtualisation.diskSize = 2048;
|
{
|
||||||
services.k3s = {
|
virtualisation.memorySize = 1024;
|
||||||
inherit tokenFile;
|
virtualisation.diskSize = 2048;
|
||||||
enable = true;
|
services.k3s = {
|
||||||
role = "agent";
|
inherit tokenFile;
|
||||||
serverAddr = "https://192.168.1.3:6443";
|
enable = true;
|
||||||
extraFlags = lib.concatStringsSep " " [
|
role = "agent";
|
||||||
"--pause-image" "test.local/pause:local"
|
serverAddr = "https://192.168.1.3:6443";
|
||||||
"--node-ip" "192.168.1.2"
|
extraFlags = lib.concatStringsSep " " [
|
||||||
|
"--pause-image"
|
||||||
|
"test.local/pause:local"
|
||||||
|
"--node-ip"
|
||||||
|
"192.168.1.2"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ 6443 ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||||
|
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.defaultGateway = "192.168.1.2";
|
||||||
|
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||||
|
{
|
||||||
|
address = "192.168.1.2";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [ 6443 ];
|
|
||||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
|
||||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
|
||||||
networking.useDHCP = false;
|
|
||||||
networking.defaultGateway = "192.168.1.2";
|
|
||||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
|
||||||
{ address = "192.168.1.2"; prefixLength = 24; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
meta.maintainers = k3s.meta.maintainers;
|
meta.maintainers = k3s.meta.maintainers;
|
||||||
@ -178,4 +239,5 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
|||||||
for m in machines:
|
for m in machines:
|
||||||
m.shutdown()
|
m.shutdown()
|
||||||
'';
|
'';
|
||||||
})
|
}
|
||||||
|
)
|
||||||
|
@ -1,14 +1,29 @@
|
|||||||
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
import ../make-test-python.nix (
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
k3s,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
imageEnv = pkgs.buildEnv {
|
imageEnv = pkgs.buildEnv {
|
||||||
name = "k3s-pause-image-env";
|
name = "k3s-pause-image-env";
|
||||||
paths = with pkgs; [ tini (hiPrio coreutils) busybox ];
|
paths = with pkgs; [
|
||||||
|
tini
|
||||||
|
(hiPrio coreutils)
|
||||||
|
busybox
|
||||||
|
];
|
||||||
};
|
};
|
||||||
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
||||||
name = "test.local/pause";
|
name = "test.local/pause";
|
||||||
tag = "local";
|
tag = "local";
|
||||||
contents = imageEnv;
|
contents = imageEnv;
|
||||||
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
|
config.Entrypoint = [
|
||||||
|
"/bin/tini"
|
||||||
|
"--"
|
||||||
|
"/bin/sleep"
|
||||||
|
"inf"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
testPodYaml = pkgs.writeText "test.yml" ''
|
testPodYaml = pkgs.writeText "test.yml" ''
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
@ -27,69 +42,83 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
|||||||
name = "${k3s.name}-single-node";
|
name = "${k3s.name}-single-node";
|
||||||
meta.maintainers = k3s.meta.maintainers;
|
meta.maintainers = k3s.meta.maintainers;
|
||||||
|
|
||||||
nodes.machine = { pkgs, ... }: {
|
nodes.machine =
|
||||||
environment.systemPackages = with pkgs; [ k3s gzip ];
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
k3s
|
||||||
|
gzip
|
||||||
|
];
|
||||||
|
|
||||||
# k3s uses enough resources the default vm fails.
|
# k3s uses enough resources the default vm fails.
|
||||||
virtualisation.memorySize = 1536;
|
virtualisation.memorySize = 1536;
|
||||||
virtualisation.diskSize = 4096;
|
virtualisation.diskSize = 4096;
|
||||||
|
|
||||||
services.k3s.enable = true;
|
services.k3s.enable = true;
|
||||||
services.k3s.role = "server";
|
services.k3s.role = "server";
|
||||||
services.k3s.package = k3s;
|
services.k3s.package = k3s;
|
||||||
# Slightly reduce resource usage
|
# Slightly reduce resource usage
|
||||||
services.k3s.extraFlags = builtins.toString [
|
services.k3s.extraFlags = builtins.toString [
|
||||||
"--disable" "coredns"
|
"--disable"
|
||||||
"--disable" "local-storage"
|
"coredns"
|
||||||
"--disable" "metrics-server"
|
"--disable"
|
||||||
"--disable" "servicelb"
|
"local-storage"
|
||||||
"--disable" "traefik"
|
"--disable"
|
||||||
"--pause-image" "test.local/pause:local"
|
"metrics-server"
|
||||||
];
|
"--disable"
|
||||||
|
"servicelb"
|
||||||
|
"--disable"
|
||||||
|
"traefik"
|
||||||
|
"--pause-image"
|
||||||
|
"test.local/pause:local"
|
||||||
|
];
|
||||||
|
|
||||||
users.users = {
|
users.users = {
|
||||||
noprivs = {
|
noprivs = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
description = "Can't access k3s by default";
|
description = "Can't access k3s by default";
|
||||||
password = "*";
|
password = "*";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
testScript = ''
|
testScript =
|
||||||
start_all()
|
''
|
||||||
|
start_all()
|
||||||
|
|
||||||
machine.wait_for_unit("k3s")
|
machine.wait_for_unit("k3s")
|
||||||
machine.succeed("kubectl cluster-info")
|
machine.succeed("kubectl cluster-info")
|
||||||
machine.fail("sudo -u noprivs kubectl cluster-info")
|
machine.fail("sudo -u noprivs kubectl cluster-info")
|
||||||
'' # Fix-Me: Tests fail for 'aarch64-linux' as: "CONFIG_CGROUP_FREEZER: missing (fail)"
|
'' # Fix-Me: Tests fail for 'aarch64-linux' as: "CONFIG_CGROUP_FREEZER: missing (fail)"
|
||||||
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")'' + ''
|
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")''
|
||||||
|
+ ''
|
||||||
|
|
||||||
machine.succeed(
|
machine.succeed(
|
||||||
"${pauseImage} | ctr image import -"
|
"${pauseImage} | ctr image import -"
|
||||||
)
|
)
|
||||||
|
|
||||||
# Also wait for our service account to show up; it takes a sec
|
# Also wait for our service account to show up; it takes a sec
|
||||||
machine.wait_until_succeeds("kubectl get serviceaccount default")
|
machine.wait_until_succeeds("kubectl get serviceaccount default")
|
||||||
machine.succeed("kubectl apply -f ${testPodYaml}")
|
machine.succeed("kubectl apply -f ${testPodYaml}")
|
||||||
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
|
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
|
||||||
machine.succeed("kubectl delete -f ${testPodYaml}")
|
machine.succeed("kubectl delete -f ${testPodYaml}")
|
||||||
|
|
||||||
# regression test for #176445
|
# regression test for #176445
|
||||||
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
|
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
|
||||||
|
|
||||||
with subtest("Run k3s-killall"):
|
with subtest("Run k3s-killall"):
|
||||||
# Call the killall script with a clean path to assert that
|
# Call the killall script with a clean path to assert that
|
||||||
# all required commands are wrapped
|
# all required commands are wrapped
|
||||||
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
|
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
|
||||||
assert "command not found" not in output, "killall script contains unknown command"
|
assert "command not found" not in output, "killall script contains unknown command"
|
||||||
|
|
||||||
# Check that killall cleaned up properly
|
# Check that killall cleaned up properly
|
||||||
machine.fail("systemctl is-active k3s.service")
|
machine.fail("systemctl is-active k3s.service")
|
||||||
machine.fail("systemctl list-units | grep containerd")
|
machine.fail("systemctl list-units | grep containerd")
|
||||||
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
|
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
|
||||||
machine.fail("ip netns show | grep cni-")
|
machine.fail("ip netns show | grep cni-")
|
||||||
|
|
||||||
machine.shutdown()
|
machine.shutdown()
|
||||||
'';
|
'';
|
||||||
})
|
}
|
||||||
|
)
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{
|
{
|
||||||
traefik-crd = {
|
traefik-crd = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
|
||||||
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
|
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
|
||||||
};
|
};
|
||||||
traefik = {
|
traefik = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
|
||||||
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
|
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{
|
{
|
||||||
traefik-crd = {
|
traefik-crd = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||||
};
|
};
|
||||||
traefik = {
|
traefik = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{
|
{
|
||||||
traefik-crd = {
|
traefik-crd = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||||
};
|
};
|
||||||
traefik = {
|
traefik = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{
|
{
|
||||||
traefik-crd = {
|
traefik-crd = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||||
};
|
};
|
||||||
traefik = {
|
traefik = {
|
||||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -29,41 +29,42 @@ lib:
|
|||||||
# currently.
|
# currently.
|
||||||
# It is likely we will have to split out additional builders for additional
|
# It is likely we will have to split out additional builders for additional
|
||||||
# versions in the future, or customize this one further.
|
# versions in the future, or customize this one further.
|
||||||
{ lib
|
{
|
||||||
, makeWrapper
|
lib,
|
||||||
, socat
|
makeWrapper,
|
||||||
, iptables
|
socat,
|
||||||
, iproute2
|
iptables,
|
||||||
, ipset
|
iproute2,
|
||||||
, bridge-utils
|
ipset,
|
||||||
, btrfs-progs
|
bridge-utils,
|
||||||
, conntrack-tools
|
btrfs-progs,
|
||||||
, buildGoModule
|
conntrack-tools,
|
||||||
, runc
|
buildGoModule,
|
||||||
, rsync
|
runc,
|
||||||
, kmod
|
rsync,
|
||||||
, libseccomp
|
kmod,
|
||||||
, pkg-config
|
libseccomp,
|
||||||
, ethtool
|
pkg-config,
|
||||||
, util-linux
|
ethtool,
|
||||||
, fetchFromGitHub
|
util-linux,
|
||||||
, fetchurl
|
fetchFromGitHub,
|
||||||
, fetchzip
|
fetchurl,
|
||||||
, fetchgit
|
fetchzip,
|
||||||
, zstd
|
fetchgit,
|
||||||
, yq-go
|
zstd,
|
||||||
, sqlite
|
yq-go,
|
||||||
, nixosTests
|
sqlite,
|
||||||
, pkgsBuildBuild
|
nixosTests,
|
||||||
, go
|
pkgsBuildBuild,
|
||||||
, runCommand
|
go,
|
||||||
, bash
|
runCommand,
|
||||||
, procps
|
bash,
|
||||||
, coreutils
|
procps,
|
||||||
, gnugrep
|
coreutils,
|
||||||
, findutils
|
gnugrep,
|
||||||
, gnused
|
findutils,
|
||||||
, systemd
|
gnused,
|
||||||
|
systemd,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
# k3s is a kinda weird derivation. One of the main points of k3s is the
|
# k3s is a kinda weird derivation. One of the main points of k3s is the
|
||||||
@ -91,7 +92,13 @@ let
|
|||||||
description = "A lightweight Kubernetes distribution";
|
description = "A lightweight Kubernetes distribution";
|
||||||
license = licenses.asl20;
|
license = licenses.asl20;
|
||||||
homepage = "https://k3s.io";
|
homepage = "https://k3s.io";
|
||||||
maintainers = with maintainers; [ euank mic92 superherointj wrmilling yajo ];
|
maintainers = with maintainers; [
|
||||||
|
euank
|
||||||
|
mic92
|
||||||
|
superherointj
|
||||||
|
wrmilling
|
||||||
|
yajo
|
||||||
|
];
|
||||||
platforms = platforms.linux;
|
platforms = platforms.linux;
|
||||||
|
|
||||||
# resolves collisions with other installations of kubectl, crictl, ctr
|
# resolves collisions with other installations of kubectl, crictl, ctr
|
||||||
@ -231,12 +238,19 @@ let
|
|||||||
vendorHash = k3sVendorHash;
|
vendorHash = k3sVendorHash;
|
||||||
|
|
||||||
nativeBuildInputs = [ pkg-config ];
|
nativeBuildInputs = [ pkg-config ];
|
||||||
buildInputs = [ libseccomp sqlite.dev ];
|
buildInputs = [
|
||||||
|
libseccomp
|
||||||
|
sqlite.dev
|
||||||
|
];
|
||||||
|
|
||||||
subPackages = [ "cmd/server" ];
|
subPackages = [ "cmd/server" ];
|
||||||
ldflags = versionldflags;
|
ldflags = versionldflags;
|
||||||
|
|
||||||
tags = [ "ctrd" "libsqlite3" "linux" ];
|
tags = [
|
||||||
|
"ctrd"
|
||||||
|
"libsqlite3"
|
||||||
|
"linux"
|
||||||
|
];
|
||||||
|
|
||||||
# create the multicall symlinks for k3s
|
# create the multicall symlinks for k3s
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
@ -282,7 +296,11 @@ buildGoModule rec {
|
|||||||
pname = "k3s";
|
pname = "k3s";
|
||||||
version = k3sVersion;
|
version = k3sVersion;
|
||||||
|
|
||||||
tags = [ "libsqlite3" "linux" "ctrd" ];
|
tags = [
|
||||||
|
"libsqlite3"
|
||||||
|
"linux"
|
||||||
|
"ctrd"
|
||||||
|
];
|
||||||
src = k3sRepo;
|
src = k3sRepo;
|
||||||
vendorHash = k3sVendorHash;
|
vendorHash = k3sVendorHash;
|
||||||
|
|
||||||
@ -400,15 +418,17 @@ buildGoModule rec {
|
|||||||
|
|
||||||
passthru.updateScript = updateScript;
|
passthru.updateScript = updateScript;
|
||||||
|
|
||||||
passthru.mkTests = version:
|
passthru.mkTests =
|
||||||
let k3s_version = "k3s_" + lib.replaceStrings ["."] ["_"] (lib.versions.majorMinor version);
|
version:
|
||||||
in {
|
let
|
||||||
|
k3s_version = "k3s_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor version);
|
||||||
|
in
|
||||||
|
{
|
||||||
etcd = nixosTests.k3s.etcd.${k3s_version};
|
etcd = nixosTests.k3s.etcd.${k3s_version};
|
||||||
single-node = nixosTests.k3s.single-node.${k3s_version};
|
single-node = nixosTests.k3s.single-node.${k3s_version};
|
||||||
multi-node = nixosTests.k3s.multi-node.${k3s_version};
|
multi-node = nixosTests.k3s.multi-node.${k3s_version};
|
||||||
};
|
};
|
||||||
passthru.tests = passthru.mkTests k3sVersion;
|
passthru.tests = passthru.mkTests k3sVersion;
|
||||||
|
|
||||||
|
|
||||||
meta = baseMeta;
|
meta = baseMeta;
|
||||||
}
|
}
|
||||||
|
@ -12,22 +12,46 @@ let
|
|||||||
extraArgs = builtins.removeAttrs args [ "callPackage" ];
|
extraArgs = builtins.removeAttrs args [ "callPackage" ];
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
k3s_1_26 = common ((import ./1_26/versions.nix) // {
|
k3s_1_26 = common (
|
||||||
updateScript = [ ./update-script.sh "26" ];
|
(import ./1_26/versions.nix)
|
||||||
}) extraArgs;
|
// {
|
||||||
|
updateScript = [
|
||||||
|
./update-script.sh
|
||||||
|
"26"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
) extraArgs;
|
||||||
|
|
||||||
# 1_27 can be built with the same builder as 1_26
|
# 1_27 can be built with the same builder as 1_26
|
||||||
k3s_1_27 = common ((import ./1_27/versions.nix) // {
|
k3s_1_27 = common (
|
||||||
updateScript = [ ./update-script.sh "27" ];
|
(import ./1_27/versions.nix)
|
||||||
}) extraArgs;
|
// {
|
||||||
|
updateScript = [
|
||||||
|
./update-script.sh
|
||||||
|
"27"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
) extraArgs;
|
||||||
|
|
||||||
# 1_28 can be built with the same builder as 1_26
|
# 1_28 can be built with the same builder as 1_26
|
||||||
k3s_1_28 = common ((import ./1_28/versions.nix) // {
|
k3s_1_28 = common (
|
||||||
updateScript = [ ./update-script.sh "28" ];
|
(import ./1_28/versions.nix)
|
||||||
}) extraArgs;
|
// {
|
||||||
|
updateScript = [
|
||||||
|
./update-script.sh
|
||||||
|
"28"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
) extraArgs;
|
||||||
|
|
||||||
# 1_29 can be built with the same builder as 1_26
|
# 1_29 can be built with the same builder as 1_26
|
||||||
k3s_1_29 = common ((import ./1_29/versions.nix) // {
|
k3s_1_29 = common (
|
||||||
updateScript = [ ./update-script.sh "29" ];
|
(import ./1_29/versions.nix)
|
||||||
}) extraArgs;
|
// {
|
||||||
|
updateScript = [
|
||||||
|
./update-script.sh
|
||||||
|
"29"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
) extraArgs;
|
||||||
}
|
}
|
||||||
|
@ -57,14 +57,14 @@ CHARTS_URL=https://k3s.io/k3s-charts/assets
|
|||||||
rm -f chart-versions.nix.update
|
rm -f chart-versions.nix.update
|
||||||
cat > chart-versions.nix.update <<EOF
|
cat > chart-versions.nix.update <<EOF
|
||||||
{
|
{
|
||||||
traefik-crd = {
|
traefik-crd = {
|
||||||
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
|
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
|
||||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
|
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
|
||||||
};
|
};
|
||||||
traefik = {
|
traefik = {
|
||||||
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
|
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
|
||||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
|
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
mv chart-versions.nix.update chart-versions.nix
|
mv chart-versions.nix.update chart-versions.nix
|
||||||
|
Loading…
Reference in New Issue
Block a user