-
Notifications
You must be signed in to change notification settings - Fork 56
Building Calico with Kubernetes
Calico enables networking and network policy in Kubernetes clusters across the cloud. The instructions provided you the steps to integrate Calico with Kubernetes on Linux on IBM Z for following distribution:
- RHEL (7.1, 7.2, 7.3, 7.4)
- Ubuntu (16.04, 17.04)
- SLES (12, 12 SP1, 12 SP2)
General Notes:
-
When following the steps below please use a standard permission user unless otherwise specified.
-
A directory
/<source_root>/will be referred to in these instructions, this is a temporary writable directory anywhere you'd like to place it.
Instructions for building the basic Calico components, which includes calicoctl and calico/node can be found here
mkdir -p /opt/cni/bin
Build CNI plugins binaries and CNI image
export GOPATH=/<source_root>/
git clone https://github.com/projectcalico/cni-plugin.git $GOPATH/src/github.com/projectcalico/cni-plugin
cd $GOPATH/src/github.com/projectcalico/cni-plugin
git checkout v1.11.1
mkdir dist
Modify Dockerfile to change FROM busybox to FROM s390x/alpine:3.6,
Make changes to Makefile
@@ -111,7 +111,7 @@ fetch-cni-bins: dist/flannel dist/loopback dist/host-local dist/portmap
dist/flannel dist/loopback dist/host-local dist/portmap:
mkdir -p dist
- $(CURL) -L --retry 5 https://github.com/containernetworking/plugins/releases/download/$(CNI_VERSION)/cni-plugins-amd64-$(CNI_VERSION).tgz | tar -xz -C dist ./flannel ./loopback ./host-local ./portmap
+ $(CURL) -L --retry 5 https://github.com/containernetworking/plugins/releases/download/$(CNI_VERSION)/cni-plugins-s390x-$(CNI_VERSION).tgz | tar -xz -C dist ./flannel ./loopback ./host-local ./portmap
# Useful for CI but currently slow for local development because the
# .go-pkg-cache can't be used (since tests run as root)Then
make docker-image
cp dist/* /opt/cni/bin
docker tag calico/cni quay.io/calico/cni:v1.11.1
Build calico/kube-policy-controller image
git clone https://github.com/projectcalico/k8s-policy.git $GOPATH/src/github.com/projectcalico/k8s-policy
cd $GOPATH/src/github.com/projectcalico/k8s-policy
git checkout v1.0.1
Modify Makefile
@@ -2,7 +2,7 @@
# The build architecture is select by setting the ARCH variable.
# For example: When building on ppc64le you could use ARCH=ppc64le make <....>.
# When ARCH is undefined it defaults to amd64.
-ARCH?=amd64
+ARCH?=s390x
ifeq ($(ARCH),amd64)
ARCHTAG?=
endif
@@ -11,6 +11,10 @@ ifeq ($(ARCH),ppc64le)
ARCHTAG:=-ppc64le
endif
+ifeq ($(ARCH),s390x)
+ ARCHTAG:=-s390x
+endif
+
HYPERKUBE_IMAGE?=gcr.io/google_containers/hyperkube-$(ARCH):v1.8.0-beta.1
ETCD_IMAGE?=quay.io/coreos/etcd:v3.2.5$(ARCHTAG)
Copy Dockerfile to Dockerfile-s390x
cp Dockerfile Dockerfile-s390xMake changes to Dockerfile-s390x
@@ -11,8 +11,8 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-FROM alpine:3.5
+FROM s390x/alpine:3.6
MAINTAINER Casey Davenport <[email protected]>
-ADD dist/kube-controllers-linux-amd64 /usr/bin/kube-controllers
+ADD dist/kube-controllers-linux-s390x /usr/bin/kube-controllers
ENTRYPOINT ["/usr/bin/kube-controllers"]
Then build the image,
docker tag calico/go-build calico/go-build-s390x:v0.8
make docker-image
docker tag calico/kube-controllers-s390x quay.io/calico/kube-controllers:v1.0.1
Once you have all necessary components built on z systems, you can
- Run
calico/nodeby
sudo ETCD_ENDPOINTS=http://<ETCD_IP>:<ETCD_PORT> calicoctl node run --node-image=quay.io/calico/node:v2.6.3
This assumes you already have calicoctl built from the basic calico building instruction and its location is in your PATH environment variable.
-
Configure and run your Kubernetes following here
-
Install the calico policy controller following here
The demos of the simple usage of calico with Kubernetes can be found at
So far the Simple policy demo has been verified on s390x with Kubernetes v1.7.4, which was the latest stable Kubernetes version when the porting was conducted. Also note that all images (e.g., nginx, busybox) used in the demo should be s390x compatible. Images pulled directly from the Internet can be used for x86 only, using them on Linux on z will lead to errors.
The information provided in this article is accurate at the time of writing, but on-going development in the open-source projects involved may make the information incorrect or obsolete. Please open issue or contact us on IBM Z Community if you have any questions or feedback.