From 2026496ea08eb8072b5821896c41106f4c2a50bf Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 29 Apr 2021 17:13:33 -0500 Subject: [PATCH] inaugurate decent devshell --- devshell.toml | 36 ++++++ flake.nix | 8 +- .../networking/cluster/kubectl/default.nix | 30 +++++ .../networking/cluster/kubernetes/default.nix | 90 ++++++++++++++ .../fixup-addonmanager-lib-path.patch | 23 ++++ .../cluster/kubernetes/mk-docker-opts.sh | 113 ++++++++++++++++++ shell.nix | 17 +++ 7 files changed, 313 insertions(+), 4 deletions(-) create mode 100644 devshell.toml create mode 100644 pkgs/applications/networking/cluster/kubectl/default.nix create mode 100644 pkgs/applications/networking/cluster/kubernetes/default.nix create mode 100644 pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch create mode 100644 pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh create mode 100644 shell.nix diff --git a/devshell.toml b/devshell.toml new file mode 100644 index 0000000..d4bd943 --- /dev/null +++ b/devshell.toml @@ -0,0 +1,36 @@ +[devshell] +name = "kubenix" +packages = [ + "fd", + "nixpkgs-fmt", + "dive", + "kube3d", + "kubie", + "k9s", +] + +[[commands]] +name = "fmt" +help = "Check Nix formatting" +category = "checks" +command = "nixpkgs-fmt ${@} ." + +[[commands]] +name = "evalnix" +help = "Check Nix parsing" +category = "checks" +command = "fd --extension nix --exec nix-instantiate --parse --quiet {} >/dev/null" + +# K8s related tools +[[commands]] +package = "dive" +category = "k8s" + +[[commands]] +package = "kubie" +category = "k8s" + +[[commands]] +package = "k9s" +category = "k8s" + diff --git a/flake.nix b/flake.nix index 2c69694..a94efea 100644 --- a/flake.nix +++ b/flake.nix @@ -21,10 +21,7 @@ }; in rec { - devShell = with pkgs; mkShell { - buildInputs = [ - ]; - }; + devShell = import ./shell.nix { inherit system pkgs; }; packages = flake-utils.lib.flattenTree { inherit (pkgs) @@ -43,6 +40,9 @@ kubenix = prev.callPackage ./default.nix { nixosPath = "${nixpkgs}/nixos"; }; + # up to date versions of their nixpkgs equivalents + kubernetes = prev.callPackage ./pkgs/applications/networking/cluster/kubernetes { }; + kubectl = prev.callPackage ./pkgs/applications/networking/cluster/kubectl { }; }; }; } diff --git a/pkgs/applications/networking/cluster/kubectl/default.nix b/pkgs/applications/networking/cluster/kubectl/default.nix new file mode 100644 index 0000000..a4e950b --- /dev/null +++ b/pkgs/applications/networking/cluster/kubectl/default.nix @@ -0,0 +1,30 @@ +{ stdenv, kubernetes, installShellFiles }: + +stdenv.mkDerivation { + name = "kubectl-${kubernetes.version}"; + + # kubectl is currently part of the main distribution but will eventially be + # split out (see homepage) + dontUnpack = true; + + nativeBuildInputs = [ installShellFiles ]; + + outputs = [ "out" "man" ]; + + installPhase = '' + install -D ${kubernetes}/bin/kubectl -t $out/bin + + installManPage "${kubernetes.man}/share/man/man1"/kubectl* + + for shell in bash zsh; do + $out/bin/kubectl completion $shell > kubectl.$shell + installShellCompletion kubectl.$shell + done + ''; + + meta = kubernetes.meta // { + description = "Kubernetes CLI"; + homepage = "https://github.com/kubernetes/kubectl"; + }; +} + diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix new file mode 100644 index 0000000..20544c7 --- /dev/null +++ b/pkgs/applications/networking/cluster/kubernetes/default.nix @@ -0,0 +1,90 @@ +{ stdenv +, lib +, fetchFromGitHub +, removeReferencesTo +, which +, go +, makeWrapper +, rsync +, installShellFiles + +, components ? [ + "cmd/kubelet" + "cmd/kube-apiserver" + "cmd/kube-controller-manager" + "cmd/kube-proxy" + "cmd/kube-scheduler" + "test/e2e/e2e.test" + ] +}: + +stdenv.mkDerivation rec { + pname = "kubernetes"; + version = "1.20.4"; + + src = fetchFromGitHub { + owner = "kubernetes"; + repo = "kubernetes"; + rev = "v${version}"; + hash = "sha256-r9Clwr+87Ns4VXUW9F6cgks+LknY39ngbQgZ5UMZ0Vo="; + }; + + nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ]; + + outputs = [ "out" "man" "pause" ]; + + patches = [ ./fixup-addonmanager-lib-path.patch ]; + + postPatch = '' + # go env breaks the sandbox + substituteInPlace "hack/lib/golang.sh" \ + --replace 'echo "$(go env GOHOSTOS)/$(go env GOHOSTARCH)"' 'echo "${go.GOOS}/${go.GOARCH}"' + + substituteInPlace "hack/update-generated-docs.sh" --replace "make" "make SHELL=${stdenv.shell}" + # hack/update-munge-docs.sh only performs some tests on the documentation. + # They broke building k8s; disabled for now. + echo "true" > "hack/update-munge-docs.sh" + + patchShebangs ./hack + ''; + + WHAT = lib.concatStringsSep " " ([ + "cmd/kubeadm" + "cmd/kubectl" + ] ++ components); + + postBuild = '' + ./hack/update-generated-docs.sh + (cd build/pause/linux && cc pause.c -o pause) + ''; + + installPhase = '' + for p in $WHAT; do + install -D _output/local/go/bin/''${p##*/} -t $out/bin + done + + install -D build/pause/linux/pause -t $pause/bin + installManPage docs/man/man1/*.[1-9] + + cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh + + for tool in kubeadm kubectl; do + for shell in bash zsh; do + $out/bin/$tool completion $shell > $tool.$shell + installShellCompletion $tool.$shell + done + done + ''; + + preFixup = '' + find $out/bin $pause/bin -type f -exec remove-references-to -t ${go} '{}' + + ''; + + meta = with lib; { + description = "Production-Grade Container Scheduling and Management"; + license = licenses.asl20; + homepage = "https://kubernetes.io"; + maintainers = with maintainers; [ johanot offline saschagrunert ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch new file mode 100644 index 0000000..ef2904b --- /dev/null +++ b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch @@ -0,0 +1,23 @@ +diff --git a/cluster/addons/addon-manager/kube-addons-main.sh b/cluster/addons/addon-manager/kube-addons-main.sh +index 849973470d1..e4fef30eaea 100755 +--- a/cluster/addons/addon-manager/kube-addons-main.sh ++++ b/cluster/addons/addon-manager/kube-addons-main.sh +@@ -17,17 +17,7 @@ + # Import required functions. The addon manager is installed to /opt in + # production use (see the Dockerfile) + # Disabling shellcheck following files as the full path would be required. +-if [ -f "kube-addons.sh" ]; then +- # shellcheck disable=SC1091 +- source "kube-addons.sh" +-elif [ -f "/opt/kube-addons.sh" ]; then +- # shellcheck disable=SC1091 +- source "/opt/kube-addons.sh" +-else +- # If the required source is missing, we have to fail. +- log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) ==" +- exit 1 +-fi ++source "@out@/bin/kube-addons-lib.sh" + + # The business logic for whether a given object should be created + # was already enforced by salt, and /etc/kubernetes/addons is the diff --git a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh new file mode 100644 index 0000000..4650d09 --- /dev/null +++ b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh @@ -0,0 +1,113 @@ +#!/usr/bin/env bash + +# Copyright 2014 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Generate Docker daemon options based on flannel env file. + +# exit on any error +set -e + +usage() { + echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY] + +Generate Docker daemon options based on flannel env file +OPTIONS: + -f Path to flannel env file. Defaults to /run/flannel/subnet.env + -d Path to Docker env file to write to. Defaults to /run/docker_opts.env + -i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500 + -c Output combined Docker options into DOCKER_OPTS var + -k Set the combined options key to this value (default DOCKER_OPTS=) + -m Do not output --ip-masq (useful for older Docker version) +" >/dev/stderr + exit 1 +} + +flannel_env="/run/flannel/subnet.env" +docker_env="/run/docker_opts.env" +combined_opts_key="DOCKER_OPTS" +indiv_opts=false +combined_opts=false +ipmasq=true +val="" + +while getopts "f:d:icmk:" opt; do + case $opt in + f) + flannel_env=$OPTARG + ;; + d) + docker_env=$OPTARG + ;; + i) + indiv_opts=true + ;; + c) + combined_opts=true + ;; + m) + ipmasq=false + ;; + k) + combined_opts_key=$OPTARG + ;; + \?) + usage + ;; + esac +done + +if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then + indiv_opts=true + combined_opts=true +fi + +if [[ -f "${flannel_env}" ]]; then + source "${flannel_env}" +fi + +if [[ -n "$FLANNEL_SUBNET" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET" +fi + +if [[ -n "$FLANNEL_MTU" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU" +fi + +if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below + DOCKER_OPT_IPMASQ="--ip-masq=false" +fi + +eval docker_opts="\$${combined_opts_key}" +docker_opts+=" " + +echo -n "" >"${docker_env}" + +# OPT_LOOP +for opt in $(compgen -v DOCKER_OPT_); do + eval val=\$"${opt}" + + if [[ "$indiv_opts" = true ]]; then + echo "$opt=\"$val\"" >>"${docker_env}" + fi + + docker_opts+="$val " +done + +if [[ "$combined_opts" = true ]]; then + echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}" +fi diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..dc1f54c --- /dev/null +++ b/shell.nix @@ -0,0 +1,17 @@ +{ + system ? builtins.currentSystem, + pkgs, +}: +let + devshellGitRev = "709fe4d04a9101c9d224ad83f73416dce71baf21"; + + devshellSrc = fetchTarball { + url = "https://github.com/numtide/devshell/archive/${devshellGitRev}.tar.gz"; + sha256 = "1px9cqfshfqs1b7ypyxch3s3ymr4xgycy1krrcg7b97rmmszvsqr"; + }; + + devshell = import devshellSrc { inherit system pkgs; }; + +in +devshell.fromTOML ./devshell.toml +