Debian: Add kubernetes 1.24.4 package

This adds kubernetes 1.24.4 package for Debian, this is built
using golang-1.18.5.

The debian/rules has been updated to align more closely with Debian
Source Package: kubernetes (1.20.5+really1.20.2-1.1), the debian/* files
from this tarball: kubernetes_1.20.5+really1.20.2-1.1.debian.tar.xz .
Reference: https://packages.debian.org/source/bookworm/kubernetes

This has customizations to debian/* overrides (e.g. rules, control,
and kubernetes-x.*. This enables support of kubernetes upgrades with
multiple build versions of kubernetes, and has specific binaries/config
files isolated in stages, with -master, -misc, and -unit-test packages
built but not required in production. Each kubernetes version is built
with a corresponding golang compiler version.

The following patches were cleanly applied and included:
kubeadm-create-platform-pods-with-zero-CPU-resources.patch
Revert-use-subpath-for-coredns-only-for-default-repo.patch
kubernetes-make-isolcpus-allocation-SMT-aware.patch
kubelet-sort-isolcpus-allocation-when-SMT-enabled.patch

The following patches did not apply cleanly. These will be included
in a subsequent commit after porting them to kubernetes 1.24.4.
kubelet-cpumanager-disable-CFS-quota-throttling-for-.patch
kubelet-cpumanager-keep-normal-containers-off-reserv.patch
kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch
kubelet-cpumanager-introduce-concept-of-isolated-CPU.patch
enable-support-for-kubernetes-to-ignore-isolcpus.patch

Test Plan: Debian
PASS: kubernetes-1.24.4 package builds successfully
PASS: all packages build successfully
PASS: build-iso successful with multiple kubernetes versions

Story: 2010301
Task: 46312

Depends-On: https://review.opendev.org/c/starlingx/compile/+/857971

Signed-off-by: Jim Gauld <james.gauld@windriver.com>
Change-Id: I154dcb4087631c5f0d921b008917ae5485b83b15

debian_pkg_dirs

@@ -61,6 +61,7 @@ kubernetes/k8s-cni-cache-cleanup
 kubernetes/k8s-pod-recovery
 kubernetes/kubernetes-1.21.8
 kubernetes/kubernetes-1.23.1
+kubernetes/kubernetes-1.24.4
 kubernetes/kubernetes-unversioned
 kubernetes/plugins/isolcpus-device-plugin
 kubernetes/runc

kubernetes/kubernetes-1.24.4/debian/deb_folder/changelog

@@ -0,0 +1,259 @@
+kubernetes-1.24.4 (1.24.4-1) unstable; urgency=medium
+
+  * Updated for stx debian packaging
+
+ -- James Gauld james.gauld@windriver.com  Wed, 14 Sep 2022 11:30:00 +0000
+
+kubernetes-1.23.1 (1.23.1-1) unstable; urgency=medium
+
+  * Updated for stx debian packaging
+
+ -- Kaustubh Dhokte <kaustubh.dhokte@opendev.org>  Tue, 22 Feb 2022 20:57:45 +0000
+
+kubernetes (1.21.8-1) unstable; urgency=medium
+
+  * Updated for stx debian packaging
+
+ -- Mihnea Saracin mihnea.saracin@opendev.org  Fri, 29 Oct 2021 12:51:12 +0000
+
+kubernetes (1.20.5+really1.20.2-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build using golang-go (Closes: #1000980)
+
+ -- Florian Ernst <florian@debian.org>  Sat, 02 Apr 2022 16:49:13 +0200
+
+kubernetes (1.20.5+really1.20.2-1) unstable; urgency=medium
+
+  * This is actually still 1.20.2
+  * Only contains the client, for the server binaries see unstable/fasttrack
+
+ -- Janos Lenart <ocsi@debian.org>  Sun, 13 Jun 2021 07:08:18 +0000
+
+kubernetes (1.20.2-1) unstable; urgency=medium
+
+  * New upstream release: 1.20.2
+
+ -- Janos Lenart <ocsi@debian.org>  Thu, 14 Jan 2021 10:55:09 +0000
+
+kubernetes (1.20.0-1) unstable; urgency=medium
+
+  * New upstream release: 1.20.0
+  * Fixes CVE-2020-8565
+
+ -- Janos Lenart <ocsi@debian.org>  Wed, 09 Dec 2020 12:33:59 +0000
+
+kubernetes (1.19.4-2) unstable; urgency=medium
+
+  * Updated README.Debian
+
+ -- Janos Lenart <ocsi@debian.org>  Sat, 21 Nov 2020 14:06:21 +0000
+
+kubernetes (1.19.4-1) unstable; urgency=medium
+
+  * New upstream release: 1.19.4
+
+ -- Janos Lenart <ocsi@debian.org>  Tue, 17 Nov 2020 09:30:59 +0000
+
+kubernetes (1.19.3-1) unstable; urgency=medium
+
+  * New upstream release: 1.19.3
+  * Building with golang-1.15
+  * Fixes CVE-2020-8564, CVE-2020-8566
+
+ -- Janos Lenart <ocsi@debian.org>  Wed, 21 Oct 2020 10:38:41 +0100
+
+kubernetes (1.18.6-1) unstable; urgency=medium
+
+  * New upstream release: 1.18.6
+  * (An earlier version, 1.17.4-1 fixes CVE-2019-9946)
+
+ -- Janos Lenart <ocsi@debian.org>  Thu, 16 Jul 2020 10:08:46 +0100
+
+kubernetes (1.18.5-1) unstable; urgency=medium
+
+  * New upstream release: 1.18.5
+  * Fixes CVE-2020-8557, CVE-2020-8558, CVE-2020-8559
+
+ -- Janos Lenart <ocsi@debian.org>  Wed, 15 Jul 2020 17:19:40 +0100
+
+kubernetes (1.18.3-1) unstable; urgency=medium
+
+  * New upstream release: 1.18.3
+  * Improved build reproducibility
+
+ -- Janos Lenart <ocsi@debian.org>  Tue, 02 Jun 2020 11:18:12 +0000
+
+kubernetes (1.18.2-3) unstable; urgency=medium
+
+  * Bumped Standards-Version
+  * Improved build reproducibility
+
+ -- Janos Lenart <ocsi@debian.org>  Fri, 15 May 2020 13:17:53 +0000
+
+kubernetes (1.18.2-2) unstable; urgency=medium
+
+  * Added i386 back
+
+ -- Janos Lenart <ocsi@debian.org>  Sun, 03 May 2020 21:13:17 +0000
+
+kubernetes (1.18.2-1) unstable; urgency=medium
+
+  * New upstream release: 1.18.2
+
+ -- Janos Lenart <ocsi@debian.org>  Sun, 03 May 2020 19:25:37 +0000
+
+kubernetes (1.18.0-1) unstable; urgency=medium
+
+  * New upstream release: 1.18.0
+
+ -- Janos Lenart <ocsi@debian.org>  Sat, 28 Mar 2020 12:58:42 +0000
+
+kubernetes (1.17.4-1) unstable; urgency=high
+
+  * New maintainer (Closes: #886739)
+  * New upstream release: 1.17.4 (Closes: #887741)
+  * New Debian packaging from scratch. See README.Debian
+  * kubernetes-node
+    - Moved docker from Depends into Recommends as kubelet can also work with
+      rkt, cri-o, etc. (Closes: #872690)
+    - Not shipping systemd units for kubelet and kube-proxy for now
+  * kubernetes-master
+    - Moved etcd from Depends into Recommends as apiserver can also connect to
+      a remote etcd/cluster.      
+    - Not shipping systemd units for kube-apiserver, kube-schedules and
+      kube-controller-manager for now
+
+ -- Janos Lenart <ocsi@debian.org>  Sun, 15 Mar 2020 21:46:45 +0000
+
+kubernetes (1.7.16+dfsg-1) unstable; urgency=medium
+
+  [ Michael Stapelberg ]
+  * Switch to XS-Go-Import-Path
+
+  [ Dmitry Smirnov ]
+  * Resurrected "mergo.patch" that has been mistakenly removed
+    (Closes: #878254).
+  * Re-enabled safeguard test for the above problem.
+  * New upstream release:
+    + CVE-2017-1002101 (Closes: #892801)
+    + CVE-2017-1002102 (Closes: #894051)
+  * Updated Vcs URLs for Salsa.
+  * Standards-Version: 4.1.4
+  * Build-Depends:
+    - golang-go
+    + golang-any
+    + golang-github-appc-cni-dev
+    + golang-github-armon-circbuf-dev
+    + golang-github-azure-azure-sdk-for-go-dev
+    + golang-github-dgrijalva-jwt-go-v3-dev
+    + golang-github-docker-distribution-dev
+    + golang-github-docker-docker-dev
+    + golang-github-emicklei-go-restful-swagger12-dev
+    + golang-github-gogo-protobuf-dev
+    + golang-github-gorilla-websocket-dev
+    + golang-github-grpc-ecosystem-go-grpc-prometheus-dev
+    + golang-github-karlseguin-ccache-dev
+    - golang-github-opencontainers-runc-dev
+    + golang-github-opencontainers-docker-runc-dev
+    + golang-github-pmezard-go-difflib-dev
+    + golang-golang-x-time-dev
+    + golang-golang-x-tools-dev
+    + golang-google-grpc-dev
+    + golang-gopkg-warnings.v0-dev
+    + golang-goprotobuf-dev
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Sun, 06 May 2018 16:20:21 +1000
+
+kubernetes (1.7.7+dfsg-3) unstable; urgency=medium
+
+  * kubernetes-master should depend on etcd (Closes: #855218).
+
+ -- Andrew Shadura <andrewsh@debian.org>  Sun, 22 Oct 2017 19:40:46 +0100
+
+kubernetes (1.7.7+dfsg-2) unstable; urgency=medium
+
+  * Use CURDIR, not PWD, unbreaks the build at buildds.
+
+ -- Andrew Shadura <andrewsh@debian.org>  Fri, 06 Oct 2017 19:25:45 +0200
+
+kubernetes (1.7.7+dfsg-1) unstable; urgency=medium
+
+  [ Tim Potter ]
+  * Open work for new release
+  * Remove unused Files-Excluded entries from d/copyright
+  * Remove Skydns B-D as no longer used
+  * Don't build on ppc64 or ppc64le architectures
+
+  [ Andrew Shadura ]
+  * New upstream release.
+  * Refresh patches.
+  * Update build dependencies.
+  * Symlink vendor packages to the build directory.
+
+ -- Andrew Shadura <andrewsh@debian.org>  Fri, 06 Oct 2017 18:54:06 +0200
+
+kubernetes (1.5.5+dfsg-2) unstable; urgency=medium
+
+  * Team upload.
+  * Don't build on ppc64le due to Go linker problems. See GitHub issue
+    https://github.com/golang/go/issues/15823.
+  * Don't build on ppc64 as it's not supported by upstream at the
+    moment. (Closes: #860505)
+
+ -- Tim Potter <tpot@hpe.com>  Sat, 03 Jun 2017 08:00:51 +1000
+
+kubernetes (1.5.5+dfsg-1) unstable; urgency=low
+
+  [ Dmitry Smirnov ]
+  * Switch to bundled "rkt".
+  * rules: remove "-p" option from build and test overrides.
+  * control: drop obsolete "golang-clockwork-dev" alternative.
+  * New patch to disable test failing on [armel].
+  * Upload to unstable.
+
+  [ Tim Potter ]
+  * New upstream version. [March 2017]
+  * Big updates to d/rules and d/copyright to update to upstream
+    changes made since the 1.2.x release.
+  * Refresh patches to bring up to date with upstream changes since
+    1.2.x.
+  * control: add lsb-base as dependency for sysvinit scripts.
+  * Suppress spelling-error-in-binary Lintian messages.
+
+ -- Tim Potter <tpot@hpe.com>  Thu, 13 Apr 2017 16:45:57 +1000
+
+kubernetes (1.2.5+dfsg-1) experimental; urgency=medium
+
+  * New upstream release [June 2016].
+  * Switch to private "github.com/golang/glog" due to log noise.
+  * Disabled failing tests; no longer ignore failures in tests.
+  * Build/test using 2 cores only.
+  * New patch to update appc/cni name space (fixes FTBFS).
+  * Removed obsolete "spf13-cobra.patch".
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Sun, 03 Jul 2016 04:12:28 +1000
+
+kubernetes (1.2.4+dfsg-2) experimental; urgency=medium
+
+  * Added new patch to fix incompatibility with "imdario/mergo" v0.2.2
+    (Closes: #825753).
+    Thanks, Florian Ernst.
+  * Enable tests but ignore failures for now.
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Fri, 17 Jun 2016 01:41:38 +1000
+
+kubernetes (1.2.4+dfsg-1) experimental; urgency=medium
+
+  * New upstream release [May 2016].
+  * New patch to print output of "uname -m" on unsupported architectures.
+  * New "docker.patch" to fix potential FTBFS.
+    + Build-Depends += "golang-github-docker-distribution-dev".
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Wed, 15 Jun 2016 21:03:01 +1000
+
+kubernetes (1.2.3+dfsg-1) experimental; urgency=low
+
+  * Initial release (Closes: #795652).
+
+ -- Dmitry Smirnov <onlyjob@debian.org>  Mon, 25 Apr 2016 22:40:12 +1000

kubernetes/kubernetes-1.24.4/debian/deb_folder/control

@@ -0,0 +1,92 @@
+Source: kubernetes-1.24.4
+Section: admin
+Priority: optional
+Maintainer: StarlingX Developers <StarlingX-discuss@lists.StarlingX.io>
+Build-Depends: debhelper-compat (= 13),
+               build-essential,
+               bash-completion,
+               jq,
+               rsync,
+               go-bindata,
+               go-md2man,
+               golang-1.18
+Standards-Version: 4.4.1
+Homepage: http://kubernetes.io/
+
+Package: kubernetes-1.24.4-client
+Provides: kubernetes-utils
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Recommends: ${misc:Recommends}
+Built-Using: ${misc:Built-Using}
+Description: Kubernetes Command Line Tool
+ The Kubernetes command line tool for interacting with the Kubernetes API.
+
+Package: kubernetes-1.24.4-master
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends},
+        adduser,
+        lsb-base,
+        etcd
+Recommends: ${misc:Recommends}, kubernetes-1.24.4-client
+Built-Using: ${misc:Built-Using}
+Description: Kubernetes services for master host
+ Container Cluster Manager from Google. Kubernetes is an open source system
+ for managing containerized applications across multiple hosts, providing
+ basic mechanisms for deployment, maintenance, and scaling of applications.
+ .
+ Linux kernel version 3.8 or above is required for proper operation of the
+ daemon process, and that any lower versions may have subtle and/or glaring
+ issues.
+ .
+ This package provides "kube-apiserver", "kube-controller-manager" and
+ "kube-scheduler" daemons.
+
+Package: kubernetes-1.24.4-node
+Provides: cadvisor
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends},
+        adduser,
+        conntrack,
+        conntrackd,
+        docker.io,
+        lsb-base,
+        socat,
+Recommends: ${misc:Recommends}, kubernetes-1.24.4-client
+Built-Using: ${misc:Built-Using}
+Description: Kubernetes services for node host
+ Container Cluster Manager from Google. Kubernetes is an open source system
+ for managing containerized applications across multiple hosts, providing
+ basic mechanisms for deployment, maintenance, and scaling of applications.
+ .
+ Linux kernel version 3.8 or above is required for proper operation of the
+ daemon process, and that any lower versions may have subtle and/or glaring
+ issues.
+
+Package: kubernetes-1.24.4-kubeadm
+Architecture: amd64
+Depends: ${misc:Depends}, containernetworking-plugins
+Recommends: ${misc:Recommends}, kubernetes-1.24.4-client
+Built-Using: ${misc:Built-Using}
+Description: Kubernetes Cluster Bootstrapping Tool
+ The Kubernetes command line tool for bootstrapping a Kubernetes cluster.
+
+Package: kubernetes-1.24.4-misc
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Recommends: ${misc:Recommends}
+Built-Using: ${misc:Built-Using}
+Description: dummy package
+ Kubernetes dummy package for misc stuff we don't want to install in production.
+
+Package: kubernetes-1.24.4-unit-test
+Architecture: amd64
+Depends: ${misc:Depends}, ${shlibs:Depends},
+         hostname,
+         rsync,
+         etcd (>= 2.0.9),
+         network-manager,
+Recommends: ${misc:Recommends}
+Built-Using: ${misc:Built-Using}
+Description: Kubernetes unit test
+ Kubernetes unit-test framework.

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubeadm.conf

@@ -0,0 +1,18 @@
+# Note: This dropin only works with kubeadm and kubelet v1.11+
+[Service]
+Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
+Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
+# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
+EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
+# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
+# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
+EnvironmentFile=-/etc/default/kubelet
+ExecStart=
+ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
+ExecStartPre=-/usr/local/sbin/sanitize_kubelet_reserved_cpus.sh /etc/default/kubelet
+ExecStartPre=-/usr/bin/kubelet-cgroup-setup.sh
+ExecStartPost=/bin/bash -c 'echo $MAINPID > /var/run/kubelet.pid;'
+ExecStopPost=/bin/rm -f /var/run/kubelet.pid
+Restart=always
+StartLimitInterval=0
+RestartSec=10

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubelet-cgroup-setup.sh

@@ -0,0 +1,132 @@
+#!/bin/bash
+#
+# Copyright (c) 2022 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+# This script does minimal cgroup setup for kubelet. This creates k8s-infra
+# cgroup for a minimal set of resource controllers, and configures cpuset
+# attributes to span all online cpus and nodes. This will do nothing if
+# the k8s-infra cgroup already exists (i.e., assume already configured).
+# NOTE: The creation of directories under /sys/fs/cgroup is volatile, and
+# does not persist reboots. The cpuset.mems and cpuset.cpus is later updated
+# by puppet kubernetes.pp manifest.
+#
+
+# Define minimal path
+PATH=/bin:/usr/bin:/usr/local/bin
+
+# Log info message to /var/log/daemon.log
+function LOG {
+    logger -p daemon.info "$0($$): $@"
+}
+
+# Log error message to /var/log/daemon.log
+function ERROR {
+    logger -s -p daemon.error "$0($$): ERROR: $@"
+}
+
+# Create minimal cgroup directories and configure cpuset attributes if required
+function create_cgroup {
+    local cg_name=$1
+    local cg_nodeset=$2
+    local cg_cpuset=$3
+
+    local CGROUP=/sys/fs/cgroup
+    local CONTROLLERS_AUTO_DELETED=("pids" "hugetlb")
+    local CONTROLLERS_PRESERVED=("cpuset" "memory" "cpu,cpuacct" "systemd")
+    local cnt=''
+    local CGDIR=''
+    local RC=0
+
+    # Ensure that these cgroups are created every time as they are auto deleted
+    for cnt in ${CONTROLLERS_AUTO_DELETED[@]}; do
+        CGDIR=${CGROUP}/${cnt}/${cg_name}
+        if [ -d ${CGDIR} ]; then
+            LOG "Nothing to do, already configured: ${CGDIR}."
+            continue
+        fi
+        LOG "Creating: ${CGDIR}"
+        mkdir -p ${CGDIR}
+        RC=$?
+        if [ ${RC} -ne 0 ]; then
+            ERROR "Creating: ${CGDIR}, rc=${RC}"
+            exit ${RC}
+        fi
+    done
+
+    # These cgroups are preserved so if any of these are encountered additional
+    # cgroup setup is not required
+    for cnt in ${CONTROLLERS_PRESERVED[@]}; do
+        CGDIR=${CGROUP}/${cnt}/${cg_name}
+        if [ -d ${CGDIR} ]; then
+            LOG "Nothing to do, already configured: ${CGDIR}."
+            exit ${RC}
+        fi
+        LOG "Creating: ${CGDIR}"
+        mkdir -p ${CGDIR}
+        RC=$?
+        if [ ${RC} -ne 0 ]; then
+            ERROR "Creating: ${CGDIR}, rc=${RC}"
+            exit ${RC}
+        fi
+    done
+
+    # Customize cpuset attributes
+    LOG "Configuring cgroup: ${cg_name}, nodeset: ${cg_nodeset}, cpuset: ${cg_cpuset}"
+    CGDIR=${CGROUP}/cpuset/${cg_name}
+    local CGMEMS=${CGDIR}/cpuset.mems
+    local CGCPUS=${CGDIR}/cpuset.cpus
+    local CGTASKS=${CGDIR}/tasks
+
+    # Assign cgroup memory nodeset
+    LOG "Assign nodeset ${cg_nodeset} to ${CGMEMS}"
+    /bin/echo ${cg_nodeset} > ${CGMEMS}
+    RC=$?
+    if [ ${RC} -ne 0 ]; then
+        ERROR "Unable to write to: ${CGMEMS}, rc=${RC}"
+        exit ${RC}
+    fi
+
+    # Assign cgroup cpus
+    LOG "Assign cpuset ${cg_cpuset} to ${CGCPUS}"
+    /bin/echo ${cg_cpuset} > ${CGCPUS}
+    RC=$?
+    if [ ${RC} -ne 0 ]; then
+        ERROR "Assigning: ${cg_cpuset} to ${CGCPUS}, rc=${RC}"
+        exit ${RC}
+    fi
+
+    # Set file ownership
+    chown root:root ${CGMEMS} ${CGCPUS} ${CGTASKS}
+    RC=$?
+    if [ ${RC} -ne 0 ]; then
+        ERROR "Setting owner for: ${CGMEMS}, ${CGCPUS}, ${CGTASKS}, rc=${RC}"
+        exit ${RC}
+    fi
+
+    # Set file mode permissions
+    chmod 644 ${CGMEMS} ${CGCPUS} ${CGTASKS}
+    RC=$?
+    if [ ${RC} -ne 0 ]; then
+        ERROR "Setting mode for: ${CGMEMS}, ${CGCPUS}, ${CGTASKS}, rc=${RC}"
+        exit ${RC}
+    fi
+
+    return ${RC}
+}
+
+if [ ${UID} -ne 0 ]; then
+    ERROR "Require sudo/root."
+    exit 1
+fi
+
+# Configure default kubepods cpuset to span all online cpus and nodes.
+ONLINE_NODESET=$(/bin/cat /sys/devices/system/node/online)
+ONLINE_CPUSET=$(/bin/cat /sys/devices/system/cpu/online)
+
+# Configure kubelet cgroup to match cgroupRoot.
+create_cgroup 'k8s-infra' ${ONLINE_NODESET} ${ONLINE_CPUSET}
+
+exit $?
+

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-client.install

@@ -0,0 +1,2 @@
+usr/local/kubernetes/1.24.4/stage2/usr/bin/kubectl
+usr/local/kubernetes/1.24.4/stage2/usr/share/bash-completion/completions/kubectl

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-client.lintian-overrides

@@ -0,0 +1,9 @@
+## Generated man pages: TODO
+manpage-has-bad-whatis-entry usr/share/man/*
+manpage-has-errors-from-man usr/share/man/man1/*
+
+## Bash-completion script does not have to be executable:
+script-not-executable usr/share/bash-completion/completions/kubectl
+
+## Override annoying/useless messages
+kubernetes-client: spelling-error-in-binary

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-kubeadm.dirs

@@ -0,0 +1 @@
+usr/local/kubernetes/1.24.4/stage2/etc/systemd/system/kubelet.service.d/

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-kubeadm.install

@@ -0,0 +1,2 @@
+usr/local/kubernetes/1.24.4/stage1/usr/bin/kubeadm
+usr/local/kubernetes/1.24.4/stage2/etc/systemd/system/kubelet.service.d/kubeadm.conf

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-master.dirs

@@ -0,0 +1,5 @@
+etc/kubernetes-1.24.4
+etc/kubernetes-1.24.4/addons
+etc/kubernetes-1.24.4/addons/volumesnapshots
+etc/kubernetes-1.24.4/addons/volumesnapshots/crd
+etc/kubernetes-1.24.4/addons/volumesnapshots/volume-snapshot-controller

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-master.install

@@ -0,0 +1,8 @@
+usr/bin/kube-apiserver
+usr/bin/kube-controller-manager
+usr/bin/kube-scheduler
+etc/kubernetes-1.24.4/addons/volumesnapshots/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml
+etc/kubernetes-1.24.4/addons/volumesnapshots/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml
+etc/kubernetes-1.24.4/addons/volumesnapshots/crd/snapshot.storage.k8s.io_volumesnapshots.yaml
+etc/kubernetes-1.24.4/addons/volumesnapshots/volume-snapshot-controller/volume-snapshot-controller-deployment.yaml
+etc/kubernetes-1.24.4/addons/volumesnapshots/volume-snapshot-controller/rbac-volume-snapshot-controller.yaml

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-master.lintian-overrides

@@ -0,0 +1,7 @@
+## No manual page for hyperkube
+kubernetes-master: binary-without-manpage usr/bin/hyperkube
+
+## Override annoying/useless messages
+kubernetes-master: spelling-error-in-binary
+kubernetes-master: manpage-has-errors-from-man usr/share/man/man1/*
+kubernetes-master: manpage-has-bad-whatis-entry usr/share/man/man1/*

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-misc.docs

@@ -0,0 +1,3 @@
+src/k8s.io/kubernetes/README.md
+src/k8s.io/kubernetes/SUPPORT.md
+src/k8s.io/kubernetes/_output/NOTICE

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-misc.install

@@ -0,0 +1 @@
+usr/bin/kube-proxy

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-misc.manpages

@@ -0,0 +1,10 @@
+# kubernetes-client
+src/k8s.io/kubernetes/_output/man/kubeadm*
+src/k8s.io/kubernetes/_output/man/kubectl*
+# kubernetes-master
+src/k8s.io/kubernetes/_output/man/kube-apiserver*
+src/k8s.io/kubernetes/_output/man/kube-scheduler*
+src/k8s.io/kubernetes/_output/man/kube-controller-manager*
+# kubernetes-node
+src/k8s.io/kubernetes/_output/man/kubelet*
+src/k8s.io/kubernetes/_output/man/kube-proxy*

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-node.install

@@ -0,0 +1,2 @@
+usr/local/kubernetes/1.24.4/stage2/usr/bin/kubelet
+usr/local/kubernetes/1.24.4/stage2/usr/bin/kubelet-cgroup-setup.sh

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-node.lintian-overrides

@@ -0,0 +1,4 @@
+## Override annoying/useless messages
+kubernetes-node: spelling-error-in-binary
+kubernetes-node: manpage-has-errors-from-man usr/share/man/man1/*
+kubernetes-node: manpage-has-bad-whatis-entry usr/share/man/man1/*

kubernetes/kubernetes-1.24.4/debian/deb_folder/kubernetes-1.24.4-unit-test.install

@@ -0,0 +1 @@
+var/lib/kubernetes-unit-test/

kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/Revert-use-subpath-for-coredns-only-for-default-repo.patch

@@ -0,0 +1,113 @@
+From f9dd597f4e8c8c66f08d661efcbd29479e4e069d Mon Sep 17 00:00:00 2001
+From: Gleb Aronsky <gleb.aronsky@windriver.com>
+Date: Tue, 25 Jan 2022 13:56:30 -0500
+Subject: [PATCH] Revert "use subpath for coredns only for default  repository"
+
+This reverts commit 38a41e1557649a7cc763bf737779db9aa03ec75e.
+
+Co-authored-by: Jim Gauld <james.gauld@windriver.com>
+Signed-off-by: Gleb Aronsky <gleb.aronsky@windriver.com>
+
+diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go
+index c2b8f6e64be..b00ccea315e 100644
+--- a/cmd/kubeadm/app/constants/constants.go
++++ b/cmd/kubeadm/app/constants/constants.go
+@@ -337,7 +337,7 @@ const (
+ 	CoreDNSDeploymentName = "coredns"
+ 
+ 	// CoreDNSImageName specifies the name of the image for CoreDNS add-on
+-	CoreDNSImageName = "coredns"
++	CoreDNSImageName = "coredns/coredns"
+ 
+ 	// CoreDNSVersion is the version of CoreDNS to be deployed if it is used
+ 	CoreDNSVersion = "v1.8.6"
+diff --git a/cmd/kubeadm/app/images/images.go b/cmd/kubeadm/app/images/images.go
+index ee55eb6c995..bdb61caa373 100644
+--- a/cmd/kubeadm/app/images/images.go
++++ b/cmd/kubeadm/app/images/images.go
+@@ -22,7 +22,6 @@ import (
+ 	"k8s.io/klog/v2"
+ 
+ 	kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
+-	kubeadmapiv1beta2 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2"
+ 	"k8s.io/kubernetes/cmd/kubeadm/app/constants"
+ 	kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
+ )
+@@ -48,10 +47,6 @@ func GetDNSImage(cfg *kubeadmapi.ClusterConfiguration) string {
+ 	if cfg.DNS.ImageRepository != "" {
+ 		dnsImageRepository = cfg.DNS.ImageRepository
+ 	}
+-	// Handle the renaming of the official image from "k8s.gcr.io/coredns" to "k8s.gcr.io/coredns/coredns
+-	if dnsImageRepository == kubeadmapiv1beta2.DefaultImageRepository {
+-		dnsImageRepository = fmt.Sprintf("%s/coredns", dnsImageRepository)
+-	}
+ 	// DNS uses an imageTag that corresponds to the DNS version matching the Kubernetes version
+ 	dnsImageTag := constants.CoreDNSVersion
+ 
+diff --git a/cmd/kubeadm/app/images/images_test.go b/cmd/kubeadm/app/images/images_test.go
+index 2b8affce236..91cd4294351 100644
+--- a/cmd/kubeadm/app/images/images_test.go
++++ b/cmd/kubeadm/app/images/images_test.go
+@@ -22,7 +22,6 @@ import (
+ 	"testing"
+ 
+ 	kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
+-	kubeadmapiv1beta2 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2"
+ 	"k8s.io/kubernetes/cmd/kubeadm/app/constants"
+ )
+ 
+@@ -227,51 +226,4 @@ func TestGetAllImages(t *testing.T) {
+ 	}
+ }
+ 
+-func TestGetDNSImage(t *testing.T) {
+-	var tests = []struct {
+-		expected string
+-		cfg      *kubeadmapi.ClusterConfiguration
+-	}{
+-		{
+-			expected: "foo.io/coredns:v1.8.6",
+-			cfg: &kubeadmapi.ClusterConfiguration{
+-				ImageRepository: "foo.io",
+-				DNS: kubeadmapi.DNS{
+-					Type: kubeadmapi.CoreDNS,
+-				},
+-			},
+-		},
+-		{
+-			expected: kubeadmapiv1beta2.DefaultImageRepository + "/coredns/coredns:v1.8.6",
+-			cfg: &kubeadmapi.ClusterConfiguration{
+-				ImageRepository: kubeadmapiv1beta2.DefaultImageRepository,
+-				DNS: kubeadmapi.DNS{
+-					Type: kubeadmapi.CoreDNS,
+-				},
+-			},
+-		},
+-		{
+-			expected: "foo.io/coredns/coredns:v1.8.6",
+-			cfg: &kubeadmapi.ClusterConfiguration{
+-				ImageRepository: "foo.io",
+-				DNS: kubeadmapi.DNS{
+-					Type: kubeadmapi.CoreDNS,
+-					ImageMeta: kubeadmapi.ImageMeta{
+-						ImageRepository: "foo.io/coredns",
+-					},
+-				},
+-			},
+-		},
+-	}
+-
+-	for _, test := range tests {
+-		actual := GetDNSImage(test.cfg)
+-		if actual != test.expected {
+-			t.Errorf(
+-				"failed to GetDNSImage:\n\texpected: %s\n\t actual: %s",
+-				test.expected,
+-				actual,
+-			)
+-		}
+-	}
+ }
+-- 
+2.25.1
+

kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubeadm-create-platform-pods-with-zero-CPU-resources.patch

@@ -0,0 +1,108 @@
+From de653bd0823b248d623a39c17a3872e85ce952b0 Mon Sep 17 00:00:00 2001
+From: Chris Friesen <chris.friesen@windriver.com>
+Date: Fri, 3 Sep 2021 18:05:15 -0400
+Subject: [PATCH 5/7] kubeadm: create platform pods with zero CPU resources
+
+We want to specify zero CPU resources when creating the manifests
+for the static platform pods, as a workaround for the lack of
+separate resource tracking for platform resources.
+
+We also specify zero CPU resources for the coredns deployment.
+manifests.go appears to be the main file for this, not sure if the
+others are used but I changed them just in case.
+
+Signed-off-by: Daniel Safta <daniel.safta@windriver.com>
+---
+ cluster/addons/dns/coredns/coredns.yaml.base     | 2 +-
+ cluster/addons/dns/coredns/coredns.yaml.in       | 2 +-
+ cluster/addons/dns/coredns/coredns.yaml.sed      | 2 +-
+ cmd/kubeadm/app/phases/addons/dns/manifests.go   | 2 +-
+ cmd/kubeadm/app/phases/controlplane/manifests.go | 6 +++---
+ 5 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/cluster/addons/dns/coredns/coredns.yaml.base b/cluster/addons/dns/coredns/coredns.yaml.base
+index 4ee054f8ba5..d2b58f4af0e 100644
+--- a/cluster/addons/dns/coredns/coredns.yaml.base
++++ b/cluster/addons/dns/coredns/coredns.yaml.base
+@@ -138,7 +138,7 @@ spec:
+           limits:
+             memory: __DNS__MEMORY__LIMIT__
+           requests:
+-            cpu: 100m
++            cpu: 0
+             memory: 70Mi
+         args: [ "-conf", "/etc/coredns/Corefile" ]
+         volumeMounts:
+diff --git a/cluster/addons/dns/coredns/coredns.yaml.in b/cluster/addons/dns/coredns/coredns.yaml.in
+index 1f791e447c9..ff03a801646 100644
+--- a/cluster/addons/dns/coredns/coredns.yaml.in
++++ b/cluster/addons/dns/coredns/coredns.yaml.in
+@@ -138,7 +138,7 @@ spec:
+           limits:
+             memory: 'dns_memory_limit'
+           requests:
+-            cpu: 100m
++            cpu: 0
+             memory: 70Mi
+         args: [ "-conf", "/etc/coredns/Corefile" ]
+         volumeMounts:
+diff --git a/cluster/addons/dns/coredns/coredns.yaml.sed b/cluster/addons/dns/coredns/coredns.yaml.sed
+index 4d64278aaa4..38fc9196b28 100644
+--- a/cluster/addons/dns/coredns/coredns.yaml.sed
++++ b/cluster/addons/dns/coredns/coredns.yaml.sed
+@@ -138,7 +138,7 @@ spec:
+           limits:
+             memory: $DNS_MEMORY_LIMIT
+           requests:
+-            cpu: 100m
++            cpu: 0
+             memory: 70Mi
+         args: [ "-conf", "/etc/coredns/Corefile" ]
+         volumeMounts:
+diff --git a/cmd/kubeadm/app/phases/addons/dns/manifests.go b/cmd/kubeadm/app/phases/addons/dns/manifests.go
+index 3ac6856bfc6..0763b4c63db 100644
+--- a/cmd/kubeadm/app/phases/addons/dns/manifests.go
++++ b/cmd/kubeadm/app/phases/addons/dns/manifests.go
+@@ -95,7 +95,7 @@ spec:
+           limits:
+             memory: 170Mi
+           requests:
+-            cpu: 100m
++            cpu: 0
+             memory: 70Mi
+         args: [ "-conf", "/etc/coredns/Corefile" ]
+         volumeMounts:
+diff --git a/cmd/kubeadm/app/phases/controlplane/manifests.go b/cmd/kubeadm/app/phases/controlplane/manifests.go
+index 8181bea63a4..4c4b4448dd4 100644
+--- a/cmd/kubeadm/app/phases/controlplane/manifests.go
++++ b/cmd/kubeadm/app/phases/controlplane/manifests.go
+@@ -60,7 +60,7 @@ func GetStaticPodSpecs(cfg *kubeadmapi.ClusterConfiguration, endpoint *kubeadmap
+ 			LivenessProbe:   staticpodutil.LivenessProbe(staticpodutil.GetAPIServerProbeAddress(endpoint), "/livez", int(endpoint.BindPort), v1.URISchemeHTTPS),
+ 			ReadinessProbe:  staticpodutil.ReadinessProbe(staticpodutil.GetAPIServerProbeAddress(endpoint), "/readyz", int(endpoint.BindPort), v1.URISchemeHTTPS),
+ 			StartupProbe:    staticpodutil.StartupProbe(staticpodutil.GetAPIServerProbeAddress(endpoint), "/livez", int(endpoint.BindPort), v1.URISchemeHTTPS, cfg.APIServer.TimeoutForControlPlane),
+-			Resources:       staticpodutil.ComponentResources("250m"),
++			Resources:       staticpodutil.ComponentResources("0"),
+ 			Env:             kubeadmutil.GetProxyEnvVars(),
+ 		}, mounts.GetVolumes(kubeadmconstants.KubeAPIServer),
+ 			map[string]string{kubeadmconstants.KubeAPIServerAdvertiseAddressEndpointAnnotationKey: endpoint.String()}),
+@@ -72,7 +72,7 @@ func GetStaticPodSpecs(cfg *kubeadmapi.ClusterConfiguration, endpoint *kubeadmap
+ 			VolumeMounts:    staticpodutil.VolumeMountMapToSlice(mounts.GetVolumeMounts(kubeadmconstants.KubeControllerManager)),
+ 			LivenessProbe:   staticpodutil.LivenessProbe(staticpodutil.GetControllerManagerProbeAddress(cfg), "/healthz", kubeadmconstants.KubeControllerManagerPort, v1.URISchemeHTTPS),
+ 			StartupProbe:    staticpodutil.StartupProbe(staticpodutil.GetControllerManagerProbeAddress(cfg), "/healthz", kubeadmconstants.KubeControllerManagerPort, v1.URISchemeHTTPS, cfg.APIServer.TimeoutForControlPlane),
+-			Resources:       staticpodutil.ComponentResources("200m"),
++			Resources:       staticpodutil.ComponentResources("0"),
+ 			Env:             kubeadmutil.GetProxyEnvVars(),
+ 		}, mounts.GetVolumes(kubeadmconstants.KubeControllerManager), nil),
+ 		kubeadmconstants.KubeScheduler: staticpodutil.ComponentPod(v1.Container{
+@@ -83,7 +83,7 @@ func GetStaticPodSpecs(cfg *kubeadmapi.ClusterConfiguration, endpoint *kubeadmap
+ 			VolumeMounts:    staticpodutil.VolumeMountMapToSlice(mounts.GetVolumeMounts(kubeadmconstants.KubeScheduler)),
+ 			LivenessProbe:   staticpodutil.LivenessProbe(staticpodutil.GetSchedulerProbeAddress(cfg), "/healthz", kubeadmconstants.KubeSchedulerPort, v1.URISchemeHTTPS),
+ 			StartupProbe:    staticpodutil.StartupProbe(staticpodutil.GetSchedulerProbeAddress(cfg), "/healthz", kubeadmconstants.KubeSchedulerPort, v1.URISchemeHTTPS, cfg.APIServer.TimeoutForControlPlane),
+-			Resources:       staticpodutil.ComponentResources("100m"),
++			Resources:       staticpodutil.ComponentResources("0"),
+ 			Env:             kubeadmutil.GetProxyEnvVars(),
+ 		}, mounts.GetVolumes(kubeadmconstants.KubeScheduler), nil),
+ 	}
+-- 
+2.17.1
+

kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-sort-isolcpus-allocation-when-SMT-enabled.patch

@@ -0,0 +1,50 @@
+From ba9ab333c8b7dca5252e604837914293dc232732 Mon Sep 17 00:00:00 2001
+From: Jim Gauld <James.Gauld@windriver.com>
+Date: Fri, 11 Feb 2022 11:06:35 -0500
+Subject: [PATCH] kubelet: sort isolcpus allocation when SMT enabled
+
+The existing device manager code returns CPUs as devices in unsorted
+order. This numerically sorts isolcpus allocations when SMT/HT is
+enabled on the host. This logs SMT pairs, singletons, and algorithm
+order details to make the algorithm understandable.
+
+Signed-off-by: Jim Gauld <James.Gauld@windriver.com>
+---
+ pkg/kubelet/cm/devicemanager/manager.go | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/pkg/kubelet/cm/devicemanager/manager.go b/pkg/kubelet/cm/devicemanager/manager.go
+index 609da8ed86b..a4b247714f7 100644
+--- a/pkg/kubelet/cm/devicemanager/manager.go
++++ b/pkg/kubelet/cm/devicemanager/manager.go
+@@ -686,7 +686,16 @@ func order_devices_by_sibling(devices sets.String, needed int) ([]string, error)
+ 			return cpu_lst[0]
+ 		}
+ 	}
++	//Make post-analysis of selection algorithm obvious by numerical sorting
++	//the available isolated cpu_id.
++	cpu_ids := make([]int, 0, int(devices.Len()))
+ 	for cpu_id := range devices {
++		cpu_id_, _ := strconv.Atoi(cpu_id)
++		cpu_ids = append(cpu_ids, cpu_id_)
++	}
++	sort.Ints(cpu_ids)
++	for _, _cpu_id := range cpu_ids {
++		cpu_id := strconv.Itoa(_cpu_id)
+ 		// If we've already found cpu_id as a sibling, skip it.
+ 		if _, ok := _iterated_cpu[cpu_id]; ok {
+ 			continue
+@@ -728,7 +737,9 @@ func order_devices_by_sibling(devices sets.String, needed int) ([]string, error)
+ 			}
+ 		}
+ 	}
+-	//klog.Infof("needed=%d ordered_cpu_list=%v", needed, dev_lst)
++	//This algorithm will get some attention. Show minimal details.
++	klog.Infof("order_devices_by_sibling: needed=%d, smtpairs=%v, singletons=%v, order=%v",
++		needed, sibling_lst, single_lst, dev_lst)
+ 	return dev_lst, nil
+ }
+ func smt_enabled() bool {
+-- 
+2.25.1
+

kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubernetes-make-isolcpus-allocation-SMT-aware.patch

@@ -0,0 +1,151 @@
+From 95b7b6e1ddb25511c67a3d4018f62df1e76ee7bc Mon Sep 17 00:00:00 2001
+From: Tao Wang <tao.wang@windriver.com>
+Date: Tue, 25 Jan 2022 19:25:45 -0500
+Subject: [PATCH] kubernetes: make isolcpus allocation SMT-aware
+
+Enhance isolcpus support in Kubernetes to allocate isolated SMT
+siblings to the same container when SMT/HT is enabled on the host.
+
+As it stands, the device manager code in Kubernetes is not SMT-aware
+(since normally it doesn't deal with CPUs).  However, StarlingX
+exposes isolated CPUs as devices and if possible we want to allocate
+all SMT siblings from a CPU core to the same container in order to
+minimize cross- container interference due to resource contention
+within the CPU core.
+
+The solution is basically to take the list of isolated CPUs and
+re-order it so that the SMT siblings are next to each other.  That
+way the existing resource selection code will allocate the siblings
+together.  As an optimization, if it is known that an odd number
+of isolated CPUs are desired, a singleton SMT sibling will be
+inserted into the list to avoid breaking up sibling pairs.
+
+Signed-off-by: Tao Wang <tao.wang@windriver.com>
+---
+ pkg/kubelet/cm/devicemanager/manager.go | 84 ++++++++++++++++++++++++-
+ 1 file changed, 83 insertions(+), 1 deletion(-)
+
+diff --git a/pkg/kubelet/cm/devicemanager/manager.go b/pkg/kubelet/cm/devicemanager/manager.go
+index 60de14a9..609da8ed 100644
+--- a/pkg/kubelet/cm/devicemanager/manager.go
++++ b/pkg/kubelet/cm/devicemanager/manager.go
+@@ -19,11 +19,14 @@ package devicemanager
+ import (
+ 	"context"
+ 	"fmt"
++	"io/ioutil"
+ 	"net"
+ 	"os"
+ 	"path/filepath"
+ 	"runtime"
+ 	"sort"
++	"strconv"
++	"strings"
+ 	"sync"
+ 	"time"
+ 
+@@ -41,6 +44,7 @@ import (
+ 	"k8s.io/kubernetes/pkg/features"
+ 	"k8s.io/kubernetes/pkg/kubelet/checkpointmanager"
+ 	"k8s.io/kubernetes/pkg/kubelet/checkpointmanager/errors"
++	"k8s.io/kubernetes/pkg/kubelet/cm/cpuset"
+ 	"k8s.io/kubernetes/pkg/kubelet/cm/devicemanager/checkpoint"
+ 	"k8s.io/kubernetes/pkg/kubelet/cm/topologymanager"
+ 	"k8s.io/kubernetes/pkg/kubelet/config"
+@@ -667,6 +671,75 @@ func (m *ManagerImpl) UpdateAllocatedDevices() {
+ 	m.allocatedDevices = m.podDevices.devices()
+ }
+ 
++//Given a list of isolated CPUs in 'devices', and the number of desired CPUs in 'needed',
++//return an ordered list of isolated CPUs such that the first 'needed' CPUs in the list
++//contain as many hyperthread sibling pairs as possible.
++func order_devices_by_sibling(devices sets.String, needed int) ([]string, error) {
++	var dev_lst []string
++	var single_lst []string
++	sibling_lst := make([]string, 0, int(devices.Len()))
++	_iterated_cpu := make(map[string]string)
++	get_sibling := func(cpu string, cpu_lst []string) string {
++		if cpu_lst[0] == cpu {
++			return cpu_lst[1]
++		} else {
++			return cpu_lst[0]
++		}
++	}
++	for cpu_id := range devices {
++		// If we've already found cpu_id as a sibling, skip it.
++		if _, ok := _iterated_cpu[cpu_id]; ok {
++			continue
++		}
++		devPath := fmt.Sprintf("/sys/devices/system/cpu/cpu%s/topology/thread_siblings_list", cpu_id)
++		dat, err := ioutil.ReadFile(devPath)
++		if err != nil {
++			return dev_lst, fmt.Errorf("Can't read cpu[%s] thread_siblings_list", cpu_id)
++		}
++		cpustring := strings.TrimSuffix(string(dat), "\n")
++		cpu_pair_set, err := cpuset.Parse(cpustring)
++		if err != nil {
++			return dev_lst, fmt.Errorf("Unable to parse thread_siblings_list[%s] string to cpuset", cpustring)
++		}
++		var cpu_pair_lst []string
++		for _, v := range cpu_pair_set.ToSlice() {
++			cpu_pair_lst = append(cpu_pair_lst, strconv.Itoa(v))
++		}
++		sibling_cpu_id := get_sibling(cpu_id, cpu_pair_lst)
++		if _, ok := devices[sibling_cpu_id]; ok {
++			sibling_lst = append(sibling_lst, cpu_id, sibling_cpu_id)
++			_iterated_cpu[sibling_cpu_id] = ""
++		} else {
++			single_lst = append(single_lst, cpu_id)
++		}
++		_iterated_cpu[cpu_id] = ""
++	}
++	if needed%2 == 0 {
++		dev_lst = append(sibling_lst, single_lst...)
++	} else {
++		if len(single_lst) > 1 {
++			_tmp_list := append(sibling_lst, single_lst[1:]...)
++			dev_lst = append(single_lst[0:1], _tmp_list...)
++		} else {
++			if len(single_lst) == 0 {
++				dev_lst = sibling_lst
++			} else {
++				dev_lst = append(single_lst, sibling_lst...)
++			}
++		}
++	}
++	//klog.Infof("needed=%d ordered_cpu_list=%v", needed, dev_lst)
++	return dev_lst, nil
++}
++func smt_enabled() bool {
++	dat, _ := ioutil.ReadFile("/sys/devices/system/cpu/smt/active")
++	state := strings.TrimSuffix(string(dat), "\n")
++	if state == "0" {
++		return false
++	}
++	return true
++}
++
+ // Returns list of device Ids we need to allocate with Allocate rpc call.
+ // Returns empty list in case we don't need to issue the Allocate rpc call.
+ func (m *ManagerImpl) devicesToAllocate(podUID, contName, resource string, required int, reusableDevices sets.String) (sets.String, error) {
+@@ -702,7 +775,16 @@ func (m *ManagerImpl) devicesToAllocate(podUID, contName, resource string, requi
+ 	// Create a closure to help with device allocation
+ 	// Returns 'true' once no more devices need to be allocated.
+ 	allocateRemainingFrom := func(devices sets.String) bool {
+-		for device := range devices.Difference(allocated) {
++		availableDevices := devices.Difference(allocated).List()
++		// If we're dealing with isolcpus and SMT is enabled, reorder to group SMT siblings together.
++		if resource == "windriver.com/isolcpus" && len(devices) > 0 && smt_enabled() {
++			var err error
++			availableDevices, err = order_devices_by_sibling(devices.Difference(allocated), needed)
++			if err != nil {
++				klog.Errorf("error in order_devices_by_sibling: %v", err)
++			}
++		}
++		for _, device := range availableDevices {
+ 			m.allocatedDevices[resource].Insert(device)
+ 			allocated.Insert(device)
+ 			needed--
+-- 
+2.22.5
+

kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series

@@ -0,0 +1,4 @@
+kubeadm-create-platform-pods-with-zero-CPU-resources.patch
+Revert-use-subpath-for-coredns-only-for-default-repo.patch
+kubernetes-make-isolcpus-allocation-SMT-aware.patch
+kubelet-sort-isolcpus-allocation-when-SMT-enabled.patch

kubernetes/kubernetes-1.24.4/debian/deb_folder/rules

@@ -0,0 +1,117 @@
+#!/usr/bin/make -f
+
+#
+# Copyright (c) 2022 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# This debian/rules file is based on:
+# https://packages.debian.org/source/bookworm/kubernetes
+# http://deb.debian.org/debian/pool/main/k/kubernetes/kubernetes_1.20.5+really1.20.2-1.1.debian.tar.xz
+
+# Customizations support kubernetes upgrades:
+# - specific directory locations with kubernetes version, upgrades stage,
+#   and version specific golang compiler
+# - build output not required on the production host is moved to
+#   kubernetes-misc package
+
+kube_version := 1.24.4
+kube_git_version := v${kube_version}
+name := kubernetes-${kube_version}
+go_version := 1.18.5
+_stage1 := /usr/local/kubernetes/${kube_version}/stage1
+_stage2 := /usr/local/kubernetes/${kube_version}/stage2
+_bindir := /usr/bin
+kube_dir := src/k8s.io/kubernetes
+output_dir := ${kube_dir}/_output
+output_bindir := ${output_dir}/bin
+output_mandir := ${output_dir}/man
+DEBIAN_DESTDIR := $(CURDIR)/debian/tmp
+export DH_VERBOSE = 1
+export PATH := /usr/lib/go-1.18/bin:$(PATH)
+export KUBE_GIT_TREE_STATE="clean"
+export KUBE_GIT_COMMIT=${kube_version}
+export KUBE_GIT_VERSION=${kube_git_version}
+export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace
+export PBR_VERSION=${kube_git_version}
+
+bins = kube-proxy kube-apiserver kube-controller-manager kubelet kubeadm kube-scheduler kubectl
+
+%:
+	dh $@ --with=bash-completion --builddirectory=src --without=build-stamp
+
+override_dh_auto_build:
+	# we support multiple go compilers; indicate the version we are using
+	go version
+	which go
+
+	mkdir -pv ${kube_dir}
+	mv -v $$(ls | grep -v "^src$$" | grep -v "^debian$$") ${kube_dir}/.
+	cd ${kube_dir} && make WHAT="$(addprefix cmd/,$(bins) genman)"
+
+	# manpages
+	mkdir -p ${output_mandir}
+	echo $(bins) | xargs --max-args=1 ${output_bindir}/genman ${output_mandir}
+
+	# NOTICE files
+	find ${kube_dir}/vendor -name '*NOTICE*' -print0 | xargs -0 head -n1000 > ${output_dir}/NOTICE
+
+override_dh_install:
+	# kube_version stage1
+	install -m 755 -d ${DEBIAN_DESTDIR}${_stage1}${_bindir}
+	install -p -m 755 -t ${DEBIAN_DESTDIR}${_stage1}${_bindir} ${output_bindir}/kubeadm
+
+	# kube_version stage2
+	install -m 755 -d ${DEBIAN_DESTDIR}${_stage2}${_bindir}
+	install -d -m 0755 ${DEBIAN_DESTDIR}${_stage2}/etc/systemd/system/kubelet.service.d
+	install -p -m 0644 -t ${DEBIAN_DESTDIR}${_stage2}/etc/systemd/system/kubelet.service.d debian/kubeadm.conf
+	install -p -m 0700 -t ${DEBIAN_DESTDIR}${_stage2}${_bindir} debian/kubelet-cgroup-setup.sh
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_stage2}${_bindir} ${output_bindir}/kubelet
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_stage2}${_bindir} ${output_bindir}/kubectl
+	# bash completions
+	install -d -m 0755 ${DEBIAN_DESTDIR}${_stage2}/usr/share/bash-completion/completions/
+	${DEBIAN_DESTDIR}${_stage2}${_bindir}/kubectl completion bash > ${DEBIAN_DESTDIR}${_stage2}/usr/share/bash-completion/completions/kubectl
+
+	# remaining are not kube_version staged, i.e., kubernetes-master, kubernetes-misc
+	install -m 755 -d ${DEBIAN_DESTDIR}${_bindir}
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_bindir} ${output_bindir}/kube-apiserver
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_bindir} ${output_bindir}/kube-controller-manager
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_bindir} ${output_bindir}/kube-scheduler
+	install -p -m 754 -t ${DEBIAN_DESTDIR}${_bindir} ${output_bindir}/kube-proxy
+
+	# specific cluster addons for optional use
+	install -d -m 0755 ${DEBIAN_DESTDIR}/etc/${name}/addons
+
+	# Addon: volumesnapshots
+	install -d -m 0755 ${DEBIAN_DESTDIR}/etc/${name}/addons/volumesnapshots
+	install -d -m 0755 ${DEBIAN_DESTDIR}/etc/${name}/addons/volumesnapshots/crd
+	install -m 0644 -t ${DEBIAN_DESTDIR}/etc/${name}/addons/volumesnapshots/crd ${kube_dir}/cluster/addons/volumesnapshots/crd/*
+	install -d -m 0755 ${DEBIAN_DESTDIR}/etc/${name}/addons/volumesnapshots/volume-snapshot-controller
+	install -m 0644 -t ${DEBIAN_DESTDIR}/etc/${name}/addons/volumesnapshots/volume-snapshot-controller ${kube_dir}/cluster/addons/volumesnapshots/volume-snapshot-controller/*
+
+	# unit-test
+	# - everything from the root directory is needed
+	# - unit-tests needs source code
+	# - integration tests needs docs and other files
+	# - test-cmd.sh atm needs cluster, examples and other
+	install -d -m 0755 ${DEBIAN_DESTDIR}/var/lib/kubernetes-unit-test/
+	cp -a src ${DEBIAN_DESTDIR}/var/lib/kubernetes-unit-test/
+	# remove generated output, i.e., binaries, go cache, man pages, violations report
+	rm -rf ${DEBIAN_DESTDIR}/var/lib/kubernetes-unit-test/${output_dir}
+
+	dh_install
+
+override_dh_auto_test:
+	${kube_dir}/hack/test-cmd.sh
+	${kube_dir}/hack/benchmark-go.sh
+	${kube_dir}/hack/test-go.sh
+	${kube_dir}/hack/test-integration.sh --use_go_build
+
+override_dh_fixperms:
+	dh_fixperms -Xkube-apiserver -Xkubeadm -Xkubeadm.conf \
+		-Xkubelet-cgroup-setup.sh -Xkube-apiserver \
+		-Xkube-controller-manager -Xkube-scheduler \
+		-Xkube-proxy -Xkubelet -Xkubectl
+
+override_dh_usrlocal:

kubernetes/kubernetes-1.24.4/debian/deb_folder/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

kubernetes/kubernetes-1.24.4/debian/meta_data.yaml

@@ -0,0 +1,9 @@
+debver: 1.24.4
+dl_path:
+  name: kubernetes-1.24.4.tar.gz
+  url: https://github.com/kubernetes/kubernetes/archive/refs/tags/v1.24.4.tar.gz
+  md5sum: 4798c96475ce89c6354317f7b4ec08ca
+  sha256sum: 16e7112d8efa46c0a36976b001efe335eea4b9e1dd721824c9c2c064ae7f6bbe
+revision:
+  dist: $STX_DIST
+  PKG_GITREVCOUNT: true