Page MenuHomePhabricator

Build calico
Closed, ResolvedPublic


In order to run calico as a cni component for kubernetes, we need to build it and deploy it on all kubernetes nodes (both the workers and the master).

This includes building a container called calico/node and building calicoctl.

While for calicoctl it could be feasible to be built into a debian package, doing the same for what runs inside calico/node is probably not needed at this point.

What we should make sure of anyways is that calico/node at least runs from a container built on our infrastructure and that uses our own base images.

This can be done at different levels of cleanliness as at the moment the make process for calico/node requires the following external resources:

  • Downloads the calico/felix container and extracts the binaries present under /code there
  • Downloads confd, bird, bird6, birdcl, calico-bgp-daemon from calico's releases on github
  • Downloads the calico/libnetwork-plugin container and extracts libnetwork-plugin from it
  • Downloads the calico/build container and uses it to set up and install some python binaries (under /code in there)

Depending on how much time I do have, I could get to the point of importing and regenerating all containers in this list, and find a cleaner way to get said binaries into our Docker build environment. The bare minimum is basing the calico/node container on debian jessie.

Event Timeline

Joe triaged this task as High priority.
Joe added a project: User-Joe.

Mentioned in SAL (#wikimedia-operations) [2016-11-15T18:22:49Z] <_joe_> uploading calico/node:1.0.0-beta-rc5 to the docker registry T150434

Mentioned in SAL (#wikimedia-operations) [2016-11-15T18:25:55Z] <_joe_> uploaded calicoctl_1.0.0-beta-rc5~wmf1_amd64.deb to jessie-wikimedia T150434

on kubernetes1001-1004 we currently have Icinga alerts due to puppet failures due to "E: Unable to locate package cni".

on we have the calico-cni package but not just "cni".
though class calico::cni wants both:

 8     package { 'cni':
 9         ensure => $::calico::cni_version,
10     }
12     package { 'calico-cni':
13         ensure => $::calico::calico_cni_version,
14     }

What about that "cni" package?