diff --git a/kubezero/aws-iam-authenticator/APKBUILD b/kubezero/aws-iam-authenticator/APKBUILD
index abb7009..61417d3 100644
--- a/kubezero/aws-iam-authenticator/APKBUILD
+++ b/kubezero/aws-iam-authenticator/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Stefan Reimer <stefan@zero-downtime.net>
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 pkgname=aws-iam-authenticator
-pkgver=0.6.29
+pkgver=0.6.31
 pkgrel=0
 pkgdesc="AWS aws-iam-authenticator"
 url="https://github.com/kubernetes-sigs/aws-iam-authenticator"
@@ -40,7 +40,7 @@ server() {
 }
 
 sha512sums="
-276efbbf44228b7ef6fe45e80c19443b134664d940706f2634e7478c4e8a3d2499bd0cbe70e1b7916af47dbc66ca1b5419f4738ad1f94ef82fe88f3a06f27d65  aws-iam-authenticator-0.6.29.tar.gz
+709bf295abe3acc1aa69e6314c48f2a17872d15c34af78350820b5e1f4c5b7ca76ccee535b94446ca4537ff6c79c868e7bcc1bcbda7c05b9ef463035e3c710d9  aws-iam-authenticator-0.6.31.tar.gz
 a374448ffe7ac2079fef4a4d370b8d4b3aa10d371fff976e41a1107c17198d366f0e28f47f7313555503eaa44d358dff385f84a0000709aa6b75991a0c35f77b  aws-iam-authenticator.initd
 81454a32d898214c80fef1dda1630e6f6550180908e0b45980b25700478ee7fa4a8ef797cf0f1597fa98713b84f2ae9bd324d017e636ef965c26876147039745  aws-iam-authenticator.monit
 97fb2b255161837b1789c17dc7543644d24404ee9eeb95ace0d7c1d8ba12647cca78a8d86ff07dcb7a3eb833d9bc632b4f8511df8aedf484d61acc48929ce9be  config.yaml
diff --git a/kubezero/aws-neuron-driver/APKBUILD b/kubezero/aws-neuron-driver/APKBUILD
index 920b8fd..3864dfb 100644
--- a/kubezero/aws-neuron-driver/APKBUILD
+++ b/kubezero/aws-neuron-driver/APKBUILD
@@ -5,7 +5,7 @@
 # Todo: needs fix of https://github.com/aws-neuron/aws-neuron-sdk/issues/843
 #
 pkgname=aws-neuron-driver
-pkgver=2.19.64.0
+pkgver=2.20.28.0
 pkgrel=0
 pkgdesc="Linux Kernel module for AWS Neuron INF instances"
 url="https://awsdocs-neuron.readthedocs-hosted.com/en/latest/release-notes/index.html#"
@@ -52,5 +52,5 @@ package() {
 }
 
 sha512sums="
-91e36a6cea7494d29d8c451fb79a73665290682b93baa293d76c9fb679ad94a5d6858ee49a7c939d4e408c93f4abdd9be6a31b9ff66de4a7d63ca18e25397ab2  aws-neuron-driver-2.19.64.0.deb
+9c5c3bd1461aa4b791d46ed43c443657c6e0e5c8a57abd0b68886698999dff5f3c80725e0a0a39dc982d9e5e208a4025d7d6f19ddf77633d3f7ca14f87b68381  aws-neuron-driver-2.20.28.0.deb
 "
diff --git a/kubezero/containerd/APKBUILD b/kubezero/containerd/APKBUILD
index a421877..77dccca 100644
--- a/kubezero/containerd/APKBUILD
+++ b/kubezero/containerd/APKBUILD
@@ -4,15 +4,15 @@
 pkgname=containerd
 
 # NOTE: containerd's Makefile tries to get REVISION from git, but we're building from a tarball.
-_commit=207ad71
-pkgver=2.0.0
+_commit=fb4c30d4ede3531652d86197bf3fc9515e5276d9
+pkgver=2.0.5
 pkgrel=1337
 pkgdesc="An open and reliable container runtime"
 url="https://containerd.io/"
 arch="all"
 license="Apache-2.0"
 # we use crun
-#depends="runc"
+depends="crun"
 makedepends="btrfs-progs-dev go go-md2man libseccomp-dev log_proxy"
 subpackages="
 	$pkgname-ctr
@@ -108,6 +108,9 @@ package() {
 
 	install -d "$pkgdir"/etc/containerd/conf.d
 	install -Dm644 "$srcdir"/config.toml "$pkgdir"/etc/containerd/config.toml
+
+	# Provide fake runc as there seem to be various hardcoded runc refs unfortunately
+	cd $pkgdir/usr/bin && ln -s crun runc
 }
 
 openrc() {
@@ -127,8 +130,8 @@ stress() {
 }
 
 sha512sums="
-b1a89c4c53db2c69757bc40d90d585e2662ab4fffb28acb904f9710b281a9f22273ecdbab49250b229bf95b29cf1a33a352afb81967db7580ae209a83c5fb2ea  containerd-2.0.0.tar.gz
+af89a5c9ad5f931c5fee33c75c13c296fc9ec966f2c64ec244897695eebb365bcb542f6b431e60d4ef7213f0ea11d3a8896d1b7f033ed445e6b521b7ddbffe6f  containerd-2.0.5.tar.gz
 75a882a95167578bb4f289822256e770ecf2f74d7a50181e622c15e847383120d3622100e5e5629b94b58e2082f990de1cc3daa2f69b0ee48827072c1e9dde0e  containerd.confd
 8315a8d58b4ba7e19ebed2cd82c7b5eaab45da630f9818a9e6cc8f3c8e88f159432474299798f79e6e465e843c91c0f50df04030083c8913c385ea1d73e81e6a  containerd.initd
-a10a1e1b5deea30c156a786592bfc54597bcf2d45c4e6447182b72a7d0a5e2eb058698a8830dbace95e71176aa3070d123bcf75c4c4a36d814182c5d24fe9d71  config.toml
+ca8d436ab6044fb57fb4da22b6c93893dd9492e0344552b38e732d1bc46197e3c33661cc98591e4155b65abbfbcfa0b5626397147794352256d4161a25413ca0  config.toml
 "
diff --git a/kubezero/cri-tools/APKBUILD b/kubezero/cri-tools/APKBUILD
index 1bad297..e23b4a0 100644
--- a/kubezero/cri-tools/APKBUILD
+++ b/kubezero/cri-tools/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Francesco Colista <fcolista@alpinelinux.org>
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=cri-tools
-pkgver=1.31.1
+pkgver=1.32.0
 pkgrel=0
 pkgdesc="CLI tool for Kubelet Container Runtime Interface (CRI)"
 url="https://github.com/kubernetes-sigs/cri-tools"
@@ -27,5 +27,5 @@ package() {
 }
 
 sha512sums="
-a72946944207d20f27236da12f7c2d532a1c9ebc881c3af4709494f7abc6f7b2d421934006a535a0b4a35926f09f58315ff0aaf4da870fd5a65281f547ef86a1  cri-tools-1.31.1.tar.gz
+654cfd4d546932d48c02e19071e137fa7565a5134ba1845498d61f2dfef45fca722a51dbadb7a467214f7424290c53cb79a2908684d1fbd3820836b55640f66d  cri-tools-1.32.0.tar.gz
 "
diff --git a/kubezero/ecr-credential-provider/APKBUILD b/kubezero/ecr-credential-provider/APKBUILD
index 01d2b22..93e5a8a 100644
--- a/kubezero/ecr-credential-provider/APKBUILD
+++ b/kubezero/ecr-credential-provider/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Stefan Reimer <stefan@zero-downtime.net>
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 pkgname=ecr-credential-provider
-pkgver=1.31.4
+pkgver=1.32.2
 pkgrel=0
 pkgdesc="AWS Kubernetes ecr-credential-provider"
 url="https://github.com/kubernetes/cloud-provider-aws"
@@ -24,5 +24,5 @@ package() {
 }
 
 sha512sums="
-d66898e34f2a0d4504ace6bb685897a360a315fd81371fbb2db727e65b4207cd728d07a3313f34985a0a1af26865fbbdde310aa88ee4af77d6ab02c354a6f223  ecr-credential-provider-1.31.4.tar.gz
+2ea6038125044850960207d509b779e439eb1325b2f4a260a8d2cfd9e9c7229a977681d4048bd06855ddaf21b985868d7da0242684a3b8706b6260430454a27b  ecr-credential-provider-1.32.2.tar.gz
 "
diff --git a/kubezero/kubernetes/APKBUILD b/kubezero/kubernetes/APKBUILD
index 3a0ffb4..23bb37f 100644
--- a/kubezero/kubernetes/APKBUILD
+++ b/kubezero/kubernetes/APKBUILD
@@ -5,7 +5,7 @@
 # Contributor: Dave <dj.2dixx@gmail.com>
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 pkgname=kubernetes
-pkgver=1.31.6
+pkgver=1.32.3
 pkgrel=0
 pkgdesc="Container Cluster Manager"
 url="https://kubernetes.io/"
@@ -146,7 +146,7 @@ zshcomp() {
 }
 
 sha512sums="
-cc27eedde442c185d9b08bbe25b1d7f189d93d0519b4d02ab47a711dc6345ac3c942cc82ede4026bd20fdabef71f8615df63d06ebd550c60acba6a595c4574b7  kubernetes-1.31.6.tar.gz
+acc412079f45b9444a260c37cdb534abfc0618c413224e1e145eaa43504282e70a6d60cf863215e65e8310592ef6f7821168c38ea6c9af84e797027aee407147  kubernetes-1.32.3.tar.gz
 5427c2e653504cfd5b0bcaf195d4734ee40947ddfebc9f155cd96dddccfc27692c29d94af4ac99f1018925b52995c593b584c5d7a82df2f185ebce1a9e463c40  make-e2e_node-run-over-distro-bins.patch
 94d07edfe7ca52b12e85dd9e29f4c9edcd144abc8d120fb71e2a0507f064afd4bac5dde30da7673a35bdd842b79a4770a03a1f3946bfae361c01dd4dc4903c64  make-test-cmd-run-over-hyperkube-based-kubectl.patch
 e690daff2adb1013c92124f32e71f8ed9a18c611ae6ae5fcb5ce9674768dbf9d911a05d7e4028488cda886e63b82e8ac0606d14389a05844c1b5538a33dd09d1  kube-apiserver.initd
diff --git a/kubezero/kubezero/APKBUILD b/kubezero/kubezero/APKBUILD
index 7976892..2a554e3 100644
--- a/kubezero/kubezero/APKBUILD
+++ b/kubezero/kubezero/APKBUILD
@@ -1,10 +1,10 @@
 # Contributor: Stefan Reimer <stefan@zero-downtime.net>
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 pkgname=kubezero
-pkgver=1.31.6
-_containerd=1.7.25-r1337
-_ecr=1.31.4
-_iam=0.6.29
+pkgver=1.32.3
+_containerd=2.0.5-r1337
+_ecr=1.32.2
+_iam=0.6.31
 
 pkgrel=0
 pkgdesc="KubeZero release package"
diff --git a/kubezero/nvidia-container-toolkit/APKBUILD b/kubezero/nvidia-container-toolkit/APKBUILD
index aed5835..dda0cad 100644
--- a/kubezero/nvidia-container-toolkit/APKBUILD
+++ b/kubezero/nvidia-container-toolkit/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 # https://github.com/NVIDIA/nvidia-container-toolkit
 pkgname=nvidia-container-toolkit
-pkgver=1.17.4
+pkgver=1.17.5
 pkgrel=0
 pkgdesc="NVIDIA Container toolkit"
 url="https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/overview.html"
@@ -66,9 +66,9 @@ package() {
 }
 
 sha512sums="
-f72c9f816b58855126e5acf597371332b8d44fcb51098cd7625a9f760c9071c7c0979ff0c503eb9c4253bdb51e9dcc7453772ea53f8610eba86b2ceef70310a2  libnvidia-container1_1.17.4-1_amd64.deb
-6f21dc07dcf018f75db4f64503baa94e4f6c9ccf0c43b734640db9beda988180bfeef466e05c996550b9cd764b80bb71a1abd4212ba7b76c707ce661ccdf7ea5  libnvidia-container-tools_1.17.4-1_amd64.deb
-172b06a7651b4fa8f6ae398b20f767d33d271f430e7079618d8efd0f7821e6f77999a7229466bd2cd442737f3e2da3c82aae7679d25a0e07c32a4525b71e3a6b  nvidia-container-toolkit-base_1.17.4-1_amd64.deb
+4b9c5e5a50f9781e39066eb4c4c9e06810f35ef2874599acf5cea7167ff264b66bdbb8512df4c6d2f6e8853e4bc92e70fca3f222ff098e0d8f3ebf0b5ac5d1a0  libnvidia-container1_1.17.5-1_amd64.deb
+b805263a6ef661c246eb1d106923e0ffe99a4545a3676b2c81f7ada40449dbb8e7ec650e9f5b2997794a85b3240959eec589070f91ff14d4e2d285b820a365bf  libnvidia-container-tools_1.17.5-1_amd64.deb
+174d6c882530b3028c666cf34cbffd671385baa557fd460c1d1237e383064a6ee9294e759c770e6a74e2b35593ccdde6584eb701c78cc0ba83336e0138dffdd2  nvidia-container-toolkit-base_1.17.5-1_amd64.deb
 5a4eaa96e6e774948889909d618a8ed44a82f649cbba11622dc7b4478098bea006995d5a5a60ca026a57b76ad866d1e2c6caebd154a26eb6bd7e15291b558057  libseccomp2_2.3.3-4_amd64.deb
 cc9109cdcf51dc40db732e10ac3eda7e4ac73299ad51d2ec619d7f4cff3f0311be0937530d2175e5486c393bc9e91c709072094fad510573785739afaad831f1  libcap2_2.44-1_amd64.deb
 355880f5a865d9245c1d353b3c97a71037cf9880afb16e52ff94998b8a0a0cd9d0a6a28175afd85224e4ff3e4a783c60e994ca0bac8196ea8ce05ed61ed463ef  config.toml
diff --git a/kubezero/nvidia-drivers/APKBUILD b/kubezero/nvidia-drivers/APKBUILD
index 1828d90..ed2a176 100644
--- a/kubezero/nvidia-drivers/APKBUILD
+++ b/kubezero/nvidia-drivers/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Stefan Reimer <stefan@zero-downtime.net>
 # Maintainer: Stefan Reimer <stefan@zero-downtime.net>
 pkgname=nvidia-drivers
-pkgver=570.86.15
+pkgver=570.133.20
 pkgrel=0
 pkgdesc="NVIDIA Driver"
 url="https://www.nvidia.com/download/index.aspx"
@@ -55,5 +55,5 @@ package() {
 }
 
 sha512sums="
-9726e5cf25e03a0e1b99d55aec7f58d86faa108707ad375d6959edb1b1e80437a965a7903cd600f6d7949ebd8a6e883a57a7536470195a702364094a3a1ef323  NVIDIA-Linux-x86_64-570.86.15.run
+c6f443791b14e71273929e6e97660cceeb46e9fbd10a3df624236a2433a99b0c905f89ada7c490f2a6009ff37a715c8585a4e82df75adf0afed5236da39ae5b6  NVIDIA-Linux-x86_64-570.133.20.run
 "
diff --git a/kubezero/nvidia-open-gpu/APKBUILD b/kubezero/nvidia-open-gpu/APKBUILD
index 2a9f7c7..956d8aa 100644
--- a/kubezero/nvidia-open-gpu/APKBUILD
+++ b/kubezero/nvidia-open-gpu/APKBUILD
@@ -7,7 +7,7 @@
 #   remove coreutils from makedepends
 
 pkgname=nvidia-open-gpu
-pkgver=570.86.15
+pkgver=570.133.20
 pkgrel=0
 pkgdesc="NVIDIA Linux open GPU kernel modules"
 url="https://github.com/NVIDIA/open-gpu-kernel-modules"
@@ -53,7 +53,7 @@ package() {
 }
 
 sha512sums="
-2b2cb1cb80ae5297d85117091e21e75a25fd9ee56f8261f4a5714c6471d31c5bf5bb47c81b26ac66a41915f569ed81a8754a55a45f41fa88f7a9bf9c31d2259c  nvidia-570.86.15.tar.gz
+76f8f7c9fa93af33b71071320f5370c5d827e73e60680f3de3899b972a422467efe63518c7c4edcc9e8044419cbd71715c5d5867b774651f031d4a3994e00b37  nvidia-570.133.20.tar.gz
 b16b86ded8601ff802477e2b191c5728290014f90bb85ad6ec0e5b7e84f8004c467f5b6c66b80dc5d205fb70a3900ac286764a3829ca3ad3b8a3a5fd0b73a702  91-nvidia.rules
 8335bd69c482da1f67b5cddd31a0b40d01b5c627aeca137b40ac7776cb3e7475767bec808a972ed739c26914207aca264324c41496f6fb579d910c8477f7cc1c  create-nvidia-uvm-dev-node.sh
 "
diff --git a/kubezero/zdt-base/APKBUILD b/kubezero/zdt-base/APKBUILD
index e208fd5..75113dd 100644
--- a/kubezero/zdt-base/APKBUILD
+++ b/kubezero/zdt-base/APKBUILD
@@ -9,7 +9,7 @@ arch="noarch"
 license="AGPL-3.0"
 depends="logrotate syslog-ng fastfetch monit file tiny-cloud dhcpcd starship"
 options="!check"
-subpackages="$pkgname-openrc $pkgname-aws $pkgname-nocloud"
+subpackages="$pkgname-openrc $pkgname-aws $pkgname-nocloud $pkgname-gcp"
 install="$pkgname.post-install"
 
 source="
@@ -19,8 +19,8 @@ source="
         cloudbender.init
         cloud-aws.sh
         cloud-nocloud.sh
+        cloud-gcp.sh
         zdt-sysctl.conf
-        https://raw.githubusercontent.com/pixelb/ps_mem/v3.14/ps_mem.py
         syslog-ng.conf
         syslog-ng.logrotate.conf
         syslog-ng.apparmor
@@ -41,7 +41,7 @@ source="
         "
 
 build() {
-  sed -i -e 's,#!/usr/bin/env python,#!/usr/bin/env python3,' ps_mem.py
+  echo
 }
 
 package() {
@@ -74,9 +74,6 @@ package() {
   mkdir -p "$pkgdir"/etc/monit.d
   install -Dm644 "$srcdir"/monitd.conf "$pkgdir"/etc/monit.d/zdt-base.conf
 
-  # ps_mem
-  install -Dm755 "$srcdir"/ps_mem.py "$pkgdir"/usr/sbin/ps_mem
-
   # fastfetch
   install -Dm644 "$srcdir"/fastfetch.jsonc "$pkgdir"/etc/fastfetch.jsonc
   install -Dm644 "$srcdir"/zdt-ascii.txt "$pkgdir"/etc/zdt-ascii.txt
@@ -112,15 +109,22 @@ nocloud() {
   install -Dm755 "$srcdir/cloud-nocloud.sh" "$pkgdir/usr/lib/cloudbender/cloud/nocloud.sh"
 }
 
+gcp() {
+  mkdir -p "$subpkgdir"
+
+  # gcp libs
+  install -Dm755 "$srcdir/cloud-gcp.sh" "$pkgdir/usr/lib/cloudbender/cloud/gcp.sh"
+}
+
 sha512sums="
-d1656d36d48b58102e3b1aee581801c8c94aa7a52a5a441bd44a59ed09e8c041eb8fa44b1fd5b6bde758c72826bbe563ecbfbac078a27840b88920c6eaf27fd7  common.sh
-d494e3b65de86a49f84a6c5adf4a9425ab3f7dfa87719954f45e2e3883cf82a27e2c4a88038a69bbdf1568aa1b519f5bcdd5fdc7d5f783abe0883b0a301c7f81  boot.sh
+d163587077ba5a4485c81635e88a54bd45824878eddb66ebd1c4c6089a9f28d6cd73750c93504ed51297cbb279eb8cff38e0bbe5d4245c4209a1430317461d54  common.sh
+a14edaef7b95212e68a762d7549b96a1bebf0605ad33d2db3a96f56c9561f8a95c2dbb4b971b921bb5ab1fb9fc08803d3013b10bd1e16f546e5954cef94c6ba2  boot.sh
 eb7d5b6f92f500dbaba04a915cdd8d66e90456ca86bed86b3a9243f0c25577a9aa42c2ba28c3cad9dda6e6f2d14363411d78eff35656c7c60a6a8646f43dcba5  cloudbender-early.init
 cac71c605324ad8e60b72f54b8c39ee0924205fcd1f072af9df92b0e8216bcde887ffec677eb2f0eacce3df430f31d5b5609e997d85f14389ee099fbde3c478f  cloudbender.init
 f4f1b1f67e6b368f61482f4dfcc48a32ccf75cf12349f82680b93f572534bef97ed1b4c0273e4e57fe89289f4383b15c2dafb39ae20416fc6dab96e92b8d678d  cloud-aws.sh
 3a84b728d4169b92356f1da52922c6110efd5bdc2df90b64abe59f89a5de57cc85a81936bdead0cae5071c1ba1735bda1bd866018b5c3f7fd4ef155d0606ac2d  cloud-nocloud.sh
-8e749ecc9bcb79094b9869682d998c48724b9bcd024f2dd0c75569387171092fcca569652bd43e12df79366b9942d2362c0c1f018f5f6e9e2b9f33e87df5d06d  zdt-sysctl.conf
-76e6a4f309f31bfa07de2d3b1faebe5670722752e18157b69d6e868cbe9e85eda393aed0728b0347a01a810eee442844c78259f86ff71e3136a013f4cbfaaea4  ps_mem.py
+3a84b728d4169b92356f1da52922c6110efd5bdc2df90b64abe59f89a5de57cc85a81936bdead0cae5071c1ba1735bda1bd866018b5c3f7fd4ef155d0606ac2d  cloud-gcp.sh
+beb92c38a5ae4153dd4d520754fbff60a967414e32afcaab5a466393c0dcd84262151733460a0b6c539925cf4fb52afa212fec6508f13f56f40f2ce8179d53c4  zdt-sysctl.conf
 74727352a8ac334964c6cca9d52b3dfc8165d6f9c25e7dd589dda91dfe2d00c32ea0e9b4c37100525703c730a0d48eec3d244aa4626b6ad6b52d3707d776c52b  syslog-ng.conf
 484bdcf001b71ce5feed26935db437c613c059790b99f3f5a3e788b129f3e22ba096843585309993446a88c0ab5d60fd0fa530ef3cfb6de1fd34ffc828172329  syslog-ng.logrotate.conf
 e86eed7dd2f4507b04050b869927b471e8de26bc7d97e7064850478323380a0580a92de302509901ea531d6e3fa79afcbf24997ef13cd0496bb3ee719ad674ee  syslog-ng.apparmor
diff --git a/kubezero/zdt-base/boot.sh b/kubezero/zdt-base/boot.sh
index c088e50..fdd13ad 100644
--- a/kubezero/zdt-base/boot.sh
+++ b/kubezero/zdt-base/boot.sh
@@ -47,6 +47,10 @@ setup_var() {
         # Todo: should we try to mount a special tagged block device as /var ?
         return 0
         ;;
+      gcp)
+        # Todo: test how addtional volumes show up on boot
+        return 0
+        ;;
       *)
         ewarn "Unsupported cloud: $CLOUD"
         return 1
diff --git a/kubezero/zdt-base/cloud-gcp.sh b/kubezero/zdt-base/cloud-gcp.sh
new file mode 100644
index 0000000..e978858
--- /dev/null
+++ b/kubezero/zdt-base/cloud-gcp.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+get_meta_data() {
+  SSHPORT=$(imds meta-data/cloudbender/sshPort)
+}
+
+import_meta_data() {
+  echo Noop
+}
diff --git a/kubezero/zdt-base/common.sh b/kubezero/zdt-base/common.sh
index db6dc39..b7f2927 100644
--- a/kubezero/zdt-base/common.sh
+++ b/kubezero/zdt-base/common.sh
@@ -16,7 +16,7 @@ is_enabled() {
 
 # setup_instance, various OS tweaks impossible to do via AMI baking
 setup_instance() {
-    # create machine-id to emulate systemd
+  # create machine-id to emulate systemd
   [ -f /etc/machine-id ] || uuidgen > /etc/machine-id
 
   # add and mount bpf file system
diff --git a/kubezero/zdt-base/zdt-sysctl.conf b/kubezero/zdt-base/zdt-sysctl.conf
index a7c495b..f903fb6 100644
--- a/kubezero/zdt-base/zdt-sysctl.conf
+++ b/kubezero/zdt-base/zdt-sysctl.conf
@@ -8,6 +8,7 @@ net.core.wmem_max = 16777216
 net.ipv4.conf.all.rp_filter = 0
 net.ipv4.ip_forward_use_pmtu = 0
 net.ipv4.ip_no_pmtu_disc = 0
+net.ipv4.neigh.default.gc_thresh1 = 0
 net.ipv4.tcp_max_syn_backlog = 8192
 net.ipv4.tcp_retries2 = 9
 net.ipv4.tcp_rmem = 4096 12582912 16777216
diff --git a/scripts/rebuild_new_kernel.sh b/scripts/rebuild_new_kernel.sh
index e2e85f9..394dbb0 100755
--- a/scripts/rebuild_new_kernel.sh
+++ b/scripts/rebuild_new_kernel.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+set -e
 
 PACKETS="nvidia-open-gpu aws-neuron-driver"