3824cae821
+ update K8s patch version to v1.28.5 + update percona-toolkit patch version to v3.5.5 + switch to secure https postgres repository A bunch of redundant third-party packages are installed inside the images, many with security vulnerabilities. Implementing best practices should solve both problems. Change-Id: I2105fe0b6058b64ae49d2977da5f1e8bad976991
Calicoctl-utility Container
This container shall allow access to the Calico pod running on every node. Operations personnel should be able to get the appropriate data from this utility container by specifying the node and respective service command within the local cluster.
Generic Docker Makefile
This is a generic make and dockerfile for the calicoctl utility container, which can be used to create docker images using different calico releases.
Make Syntax
make IMAGE_TAG=<calicoctl_version>
Example:
Create a docker image for calicoctl release v3.4.0.
make IMAGE_TAG=v3.4.0
Using the Utility Container
The utility container for calicoctl shall enable Operations to access the command set for network APIs together from within a single shell with a uniform command structure. The access to network-Calico shall be controlled through an RBAC role assigned to the user.
Usage
Get into the utility pod using kubectl exec.
Execute an operation as in the following example.
kubectl exec -it <POD_NAME> -n utility /bin/bash
Example:
utilscli calicoctl get nodes
NAME
bionic
utilscli calicoctl version
Client Version: v3.4.4
Git commit: e3ecd927