feat: KubeZero v1.28

This commit is contained in:
Stefan Reimer 2024-04-03 14:27:05 +00:00
parent f289ad4d07
commit 363ba90c3c
24 changed files with 86 additions and 77 deletions

View File

@ -21,8 +21,8 @@ RUN adduser -D $BUILDUSER && \
echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
install -d -g abuild -m 775 /var/cache/distfiles && \
install -d -g abuild -m 775 /packages && \
echo -e "$BUILDUSER:1:999\n$BUILDUSER:1001:64535" > /etc/subuid && \
echo -e "$BUILDUSER:1:999\n$BUILDUSER:1001:64535" > /etc/subgid && \
echo -e "$BUILDUSER:1001:64535" > /etc/subuid && \
echo -e "$BUILDUSER:1001:64535" > /etc/subgid && \
echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub

View File

@ -38,7 +38,7 @@ else
# If checksum is OK, build package
APKBUILD=$pkg abuild verify && rc=$? || rc=$?
if [ $rc -eq 0 ]; then
CHOST=$TARGET_ARCH APKBUILD=$pkg abuild -r
APKBUILD=$pkg abuild -r
else
APKBUILD=$pkg abuild checksum

View File

@ -1,7 +1,7 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=aws-iam-authenticator
pkgver=0.6.11
pkgver=0.6.14
pkgrel=0
pkgdesc="AWS aws-iam-authenticator"
url="https://github.com/kubernetes-sigs/aws-iam-authenticator"
@ -20,5 +20,5 @@ package() {
}
sha512sums="
6d78fbe95d6e36a7a3835b4df257e96fff3ab53fe4abd8ef525c24aebaf8727e2a6016107024bebe031b2e24295172190407ca892d1b3478329c62cdd9fe553f aws-iam-authenticator-0.6.11.tar.gz
26a6b394fbe767910f605a356032338a4ec254b81cd470796e3137e3595fef338bd213dee8d956c8d23e16f5508741e78664cd0f8b1acd97321d2fb5b7b723af aws-iam-authenticator-0.6.14.tar.gz
"

View File

@ -30,6 +30,9 @@ build() {
# Hack running the build inside a container other uname -r returns host kernel
KERNEL_VERSION=$(basename $(ls -d /lib/modules/*-virt))
unset CFLAGS CPPFLAGS CXXFLAGS
unset LDFLAGS
make KERNEL_SRC_DIR=/lib/modules/$KERNEL_VERSION/build
}

View File

@ -3,7 +3,7 @@
# Contributor: TBK <alpine@jjtc.eu>
# Maintainer: ungleich <foss@ungleich.ch>
pkgname=cri-o
pkgver=1.27.1
pkgver=1.28.4
pkgrel=0
pkgdesc="OCI-based implementation of Kubernetes Container Runtime Interface"
url="https://github.com/cri-o/cri-o/"
@ -103,13 +103,13 @@ package() {
}
sha512sums="
27fb79141dd60c1744df8761a4d43603256f7f06e32d2f9c76be62b95dcf62924c7501d0461efabb013ae397c16030b6a2b037eeaae7a5daec7c28943f71bc7e cri-o-1.27.1.tar.gz
8d27211a4baad86d5251faa396a23d78d2962de894124be851172d6e85fbf3c0da57ec08f70840c7d8526dc6daa93999485a8d92a1d2c33b374eff84b1e063ae cri-o-1.28.4.tar.gz
1f60719677295c9c5c615eb25d9159bde0af68a132eee67747f57fe76642d457c98c896c6189f85637d7b4ac24ba55fd9eaeb1699f43c3c5077b645f72a479fb crio.conf
e9149cc2ddd24328c5290d3aea895c01e2798e066897535384f615a556496acdd52a603a0f4ac3c4c70bd5c363592f23c8b4d1987bf738300112fc62e1def555 crio.initd
1115228546a696eeebeb6d4b3e5c3152af0c99a2559097fc5829d8b416d979c457b4b1789e0120054babf57f585d3f63cbe49949d40417ae7aab613184bf4516 crio.logrotated
0a567dfa431ab1e53f2a351689be8d588a60cc5fcdbda403ec4f8b6ab9b1c18ad425f6c47f9a5ab1491e3a61a269dc4efa6a59e91e7521fa2b6bb165074aa8e0 cni-plugins-path.patch
f9577aa7b1c90c6809010e9e406e65092251b6e82f6a0adbc3633290aa35f2a21895e1a8b6ba4b6375dcad3e02629b49a34ab16387e1c36eeb32c8f4dac74706 makefile-fix-install.patch
1c1bfa5feeb0c5ddc92271a5ef80edc38d56afa1574ffc124605d5bb227a407b55dd5268df6cebc6720768ac31245e08b7950e5ab2b7f14ba934c94f1e325f86 fix-test.patch
78c150f87027de489289596371dce0465159ced0758776b445deb58990e099de9c654406183c9da3cc909878b24d28db62121b7056cd180a6f2820e79e165cc6 remove-systemd-files.patch
b0fdaf2280968a69e05ef72288bbf6fc03787616c6b6fca1e4398f9849167f4773e5e6e72bf1738d1fff2a84e97aa00f23aabcd50898ba8ed130969f50363006 fix-test.patch
ae7e4a43f18076f19f3ae37d7302bfdf7a3befadf33e46bc9b1b14d50b605e8ba0d06d479568c24e8bf68f17c80ae48798068b2a46c3bcab565a5d225779f30e remove-systemd-files.patch
79e1a7c6183ba56f55d923e9d738be945564494042bc011d31e9195f66c268d702ee5c86711d4b46618285fc1b10b59ea55c321390feca770cfc7de334e103bd crictl.yaml
"

View File

@ -21,7 +21,7 @@ index 8beb6f06..80193413 100644
+ skip "need systemd cgroup manager"
+ fi
+
CONTAINER_CGROUP_MANAGER="systemd" CONTAINER_DROP_INFRA_CTR=false CONTAINER_MANAGE_NS_LIFECYCLE=false CONTAINER_CONMON_CGROUP="customcrioconmon.slice" start_crio
CONTAINER_CGROUP_MANAGER="systemd" CONTAINER_DROP_INFRA_CTR=false CONTAINER_CONMON_CGROUP="customcrioconmon.slice" start_crio
jq ' .linux.cgroup_parent = "Burstablecriotest123.slice"' \
@@ -77,6 +85,10 @@ EOF
@ -48,20 +48,20 @@ index 04492172..abae521e 100755
if [[ "${DEBUG_ARGS}" == "malformed-result" ]]; then
cat <<-EOF
diff --git a/test/helpers.bash b/test/helpers.bash
diff --git a/test/common.sh b/test/common.sh
index f7f8e1f2..45b7dd58 100644
--- a/test/helpers.bash
+++ b/test/helpers.bash
@@ -38,7 +38,7 @@ CONTAINER_UID_MAPPINGS=${CONTAINER_UID_MAPPINGS:-}
CONTAINER_GID_MAPPINGS=${CONTAINER_GID_MAPPINGS:-}
OVERRIDE_OPTIONS=${OVERRIDE_OPTIONS:-}
# CNI path
--- a/test/common.sh
+++ b/test/common.sh
@@ -41,7 +41,7 @@ # CNI path
if command -v host-local >/dev/null; then
CONTAINER_CNI_PLUGIN_DIR=${CONTAINER_CNI_PLUGIN_DIR:-$(dirname "$(readlink "$(command -v host-local)")")}
else
- CONTAINER_CNI_PLUGIN_DIR=${CONTAINER_CNI_PLUGIN_DIR:-/opt/cni/bin}
+ CONTAINER_CNI_PLUGIN_DIR=${CONTAINER_CNI_PLUGIN_DIR:-/usr/libexec/cni}
fi
# Runtime
CONTAINER_DEFAULT_RUNTIME=${CONTAINER_DEFAULT_RUNTIME:-runc}
RUNTIME_BINARY_PATH=$(command -v "$CONTAINER_DEFAULT_RUNTIME")
@@ -70,7 +70,7 @@ CHECKCRIU_BINARY=${CHECKCRIU_BINARY:-${CRIO_ROOT}/test/checkcriu/checkcriu}
@@ -74,7 +74,7 @@ CHECKCRIU_BINARY=${CHECKCRIU_BINARY:-${CRIO_ROOT}/test/checkcriu/checkcriu}
# The default log directory where all logs will go unless directly specified by the kubelet
DEFAULT_LOG_PATH=${DEFAULT_LOG_PATH:-/var/log/crio/pods}
# Cgroup manager to be used

View File

@ -6,8 +6,8 @@ index 19f8052..135385c 100644
sed -i '/# INCLUDE/q' scripts/get
cat contrib/bundle/install-paths contrib/bundle/install >> scripts/get
-install: .gopathok install.bin install.man install.completions install.systemd install.config
+install: .gopathok install.bin install.man install.completions install.config
-install: install.bin install.man install.completions install.systemd install.config
+install: install.bin install.man install.completions install.config
install.bin-nobuild:
install ${SELINUXOPT} -D -m 755 bin/crio $(BINDIR)/crio

View File

@ -1,7 +1,7 @@
# Contributor: Francesco Colista <fcolista@alpinelinux.org>
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=cri-tools
pkgver=1.27.1
pkgver=1.28.0
pkgrel=0
pkgdesc="CLI tool for Kubelet Container Runtime Interface (CRI)"
url="https://github.com/kubernetes-sigs/cri-tools"
@ -27,5 +27,5 @@ package() {
}
sha512sums="
7e4349fa9a0a16d27fbde363a26978fe6e65a326d29b344f13cd2b43009f12f8cdf14fd9557ac29beb913d4258160e0fa4108d40378dd1216ff631922e40392e cri-tools-1.27.1.tar.gz
222d3785dc7e8485538b4745766494be02d359347eb1337c9dd04839e19269d768922ff04f07d1fb72291c3554ecf91b382307253a288c9376079135a625cc0c cri-tools-1.28.0.tar.gz
"

View File

@ -1,7 +1,7 @@
# Contributor: Christian Kampka <christian@kampka.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=docker-registry
pkgver=2.8.2_git20230519
pkgver=2.8.3
pkgrel=0
pkgdesc="An implementation of the Docker Registry HTTP API V2 for use with docker 1.6+"
url="https://github.com/distribution/distribution"
@ -57,7 +57,7 @@ package() {
}
sha512sums="
8ceb8b994085bc6522e8a203785bd670977117988d391023148a4153e3c150ad7c17fb98de863c4c2300714022444dc5141a75a2899b8b0f04cbbdc17794b5c7 docker-registry-2.8.2_git20230519.tar.gz
8ceb8b994085bc6522e8a203785bd670977117988d391023148a4153e3c150ad7c17fb98de863c4c2300714022444dc5141a75a2899b8b0f04cbbdc17794b5c7 docker-registry-2.8.3.tar.gz
96100a4de311afa19d293a3b8a63105e1fcdf49258aa8b1752befd389e6b4a2b1f70711341ea011b450d4468bd37dbd07a393ffab3b9aa1b2213cf0fdd915904 docker-registry.initd
5a38f4d3f0ee5cd00c0a5ced744eb5b29b839da5921adea26c5de3eb88b6b2626a7ba29b1ab931e5f8fbfafbed8c94cb972a58737ec0c0a69cf515c32139e387 config-example.patch
"

View File

@ -1,7 +1,7 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=ecr-credential-provider
pkgver=1.27.1
pkgver=1.28.1
pkgrel=0
pkgdesc="AWS Kubernetes ecr-credential-provider"
url="https://github.com/kubernetes/cloud-provider-aws"
@ -24,5 +24,5 @@ package() {
}
sha512sums="
d7a28f4fb3cb2a1e7ee8d94405e3268608562af0ac509b51c32fcca19353eb68c87b023bd7dae1e84a76d9e856e4951cbc8a2260bab358d1eb492e47caedd29d ecr-credential-provider-1.27.1.tar.gz
b9adc389be9301dc4be36c6bf546f354b9f2895cbad13d28d074dbab77f9aecec8d5fd02590d21c2a4acc91b559371adfe9702898c7880d92aea6657b315a539 ecr-credential-provider-1.28.1.tar.gz
"

View File

@ -22,5 +22,5 @@ package() {
}
sha512sums="
97abd4e5a0078112a048037512b041bcefb9e660131403e9c87bf5fc8b632eb17ab66d20a477a2ef4808f54ae29941d74bd61390143e5781058d7bbd4333dd78 etcdhelper-0.1.0.tar.gz
d1f3d239899a2392d11c45ea49b3bfc18255c00933e677f02eab1f0f59a940722fb40de1842a8a4253aabf066508be028443adb8920e82673342ba50130556ca etcdhelper-0.1.0.tar.gz
"

View File

@ -1,14 +1,13 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=falcoctl
pkgver=0.6.2
pkgver=0.7.3
pkgrel=0
pkgdesc="The official CLI tool for working with Falco and its ecosystem components."
url="https://github.com/falcosecurity/falcoctl"
arch="x86_64 aarch64"
license="AGPL-3.0"
# requires go > 1.20, we only have 1.20 in 3.18 so hack
makedepends="bash"
makedepends="bash go"
options="!check"
@ -22,8 +21,6 @@ export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
export GOBIN="$GOPATH/bin"
build() {
# Hack until go 1.21 is stable
doas apk add go@edge-community
make GOFLAGS="-buildmode=pie -v" GOLDFLAGS="-extldflags=-static -w -s" falcoctl
# cleanup 444 files
@ -36,5 +33,5 @@ package() {
}
sha512sums="
e09f1e5e08e0f47d0c90ea2c93cf911ecef8179d821ed286cc7f8af78bd0db200f847d1c963c323f24eca9a854e161af36a444962330b55e696cb8e410fb5761 falcoctl-0.6.2.tar.gz
61e539322c91125569c432ea1fc98c84b928795089829a062e6b5c74c7d1223cd71e557b7a8972ba7c6d1b534d1b87da254ee01e12c14038ced5a8f85a22a623 falcoctl-0.7.3.tar.gz
"

View File

@ -15,7 +15,7 @@ triggers="$pkgname-bin.trigger=/lib:/usr/lib:/usr/glibc-compat/lib:/lib64"
options="!check lib64"
package() {
conflicts="libc6-compat"
conflicts="gcompat"
mkdir -p "$pkgdir/lib" "$pkgdir/lib64" "$pkgdir/usr/glibc-compat/lib/locale" "$pkgdir"/usr/glibc-compat/lib64 "$pkgdir"/etc
cp -a "$srcdir"/usr "$pkgdir"
cp "$srcdir"/ld.so.conf "$pkgdir"/usr/glibc-compat/etc/ld.so.conf

View File

@ -5,7 +5,7 @@
# Contributor: Dave <dj.2dixx@gmail.com>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=kubernetes
pkgver=1.27.8
pkgver=1.28.8
pkgrel=0
pkgdesc="Container Cluster Manager"
url="https://kubernetes.io/"
@ -205,7 +205,7 @@ _do_zshcomp() {
}
sha512sums="
ddc14d21ba470d24d115de67cdb801c742f04124101ff0e2741170971fdf6bcf0a75ef82807d63394dd8b06dc186a86cccf93a7aab4f9e49b922b981ce5ed8aa kubernetes-1.27.8.tar.gz
2bbc48394784b34712c6b419cd07971780410223e7015c5fe6ed2c25c4e9499e81c9ea1f4269d399fd7e908971f5b8e873595d2b67332f7b49f61a5411a2aed1 kubernetes-1.28.8.tar.gz
5427c2e653504cfd5b0bcaf195d4734ee40947ddfebc9f155cd96dddccfc27692c29d94af4ac99f1018925b52995c593b584c5d7a82df2f185ebce1a9e463c40 make-e2e_node-run-over-distro-bins.patch
94d07edfe7ca52b12e85dd9e29f4c9edcd144abc8d120fb71e2a0507f064afd4bac5dde30da7673a35bdd842b79a4770a03a1f3946bfae361c01dd4dc4903c64 make-test-cmd-run-over-hyperkube-based-kubectl.patch
e690daff2adb1013c92124f32e71f8ed9a18c611ae6ae5fcb5ce9674768dbf9d911a05d7e4028488cda886e63b82e8ac0606d14389a05844c1b5538a33dd09d1 kube-apiserver.initd

View File

@ -1,7 +1,10 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=kubezero
pkgver=1.27
pkgver=1.28.8
_crio=1.28.4
_ecr=1.28.1
pkgrel=0
pkgdesc="KubeZero release package"
url="https://git.zero-downtime.net/ZeroDownTime/alpine-overlay/src/branch/master/kubezero/kubezero"
@ -11,11 +14,11 @@ depends="
podman
xz
cri-tools
cri-o~$pkgver
cri-o~$_crio
kubelet~$pkgver
kubectl~$pkgver
ecr-credential-provider~$pkgver
aws-iam-authenticator~0.6.11
ecr-credential-provider~$_ecr
aws-iam-authenticator~0.6.14
"
options="!check"
#install="$pkgname.post-install"
@ -25,7 +28,7 @@ subpackages="
"
IMAGES="
quay.io/cilium/cilium:v1.14.4
quay.io/cilium/cilium:v1.15.3
ghcr.io/k8snetworkplumbingwg/multus-cni:v3.9.3
"

View File

@ -1,7 +1,7 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=nvidia-container-toolkit
pkgver=1.13.5
pkgver=1.14.6
pkgrel=0
pkgdesc="NVIDIA Container toolkit incl. cri hooks"
url="https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/overview.html"
@ -12,14 +12,12 @@ depends="glibc-bin nvidia-drivers"
options="!check !tracedeps"
_nv_ver="$pkgver"-1
_libcap=2.25-2
_libseccomp=2.3.3-4
_libcap=2.44-1
source="https://nvidia.github.io/libnvidia-container/stable/debian10/amd64/libnvidia-container1_"$_nv_ver"_amd64.deb
https://nvidia.github.io/libnvidia-container/stable/debian10/amd64/libnvidia-container-tools_"$_nv_ver"_amd64.deb
https://nvidia.github.io/libnvidia-container/stable/debian10/amd64/nvidia-container-toolkit_"$_nv_ver"_amd64.deb
source="https://nvidia.github.io/libnvidia-container/stable/deb/amd64/libnvidia-container1_"$_nv_ver"_amd64.deb
https://nvidia.github.io/libnvidia-container/stable/deb/amd64/libnvidia-container-tools_"$_nv_ver"_amd64.deb
https://nvidia.github.io/libnvidia-container/stable/deb/amd64/nvidia-container-toolkit_"$_nv_ver"_amd64.deb
http://deb.debian.org/debian/pool/main/libc/libcap2/libcap2_"$_libcap"_amd64.deb
http://deb.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_"$_libseccomp"_amd64.deb
config.toml
oci-nvidia-hook.json
"
@ -52,11 +50,6 @@ package() {
mv lib/x86_64-linux-gnu/libcap.so.* "$pkgdir"/usr/glibc-compat/lib
rm -rf control.tar.xz data.tar.xz debian-binary usr
# libseccomp
ar -x "$srcdir"/libseccomp2_"$_libseccomp"_amd64.deb && tar xfJ data.tar.xz
mv usr/lib/x86_64-linux-gnu/libseccomp.so.* "$pkgdir"/usr/glibc-compat/lib
rm -rf control.tar.xz data.tar.xz debian-binary usr
# Now lets patch the elf binaries to fix library paths and order
doas apk add patchelf@edge-community
patchelf --remove-rpath "$pkgdir"/usr/bin/nvidia-container-cli
@ -68,11 +61,10 @@ package() {
}
sha512sums="
903155c63c7af83dbd431ba3e5bc0d8ca74cce38996bf944b80520b5838f9765bbc0cbe201122d8ccc21cbd01dd4c4e47d2b451bdab7fadc99a8d75b941fda67 libnvidia-container1_1.13.5-1_amd64.deb
2d4cbbdd80db2730b1ed9db8d4b36c5212ce5361350dcdfbc5795dac887136cecd40c13843e61350bad12b103cd1550030c76de35a2cbbca2a6df3850b6b68ca libnvidia-container-tools_1.13.5-1_amd64.deb
8614c2b436dab3886df6a2328b3753c27704dd3a78f0abe5c333c57fb4ee8deebb6fc03051931b3794bf152d947b721c160acf6614e5145b39bb7162d1ef45d8 nvidia-container-toolkit_1.13.5-1_amd64.deb
694a3ec64ef3056d5874ff03b889b868c294bccb16506468fdf1c289fe3aaadc2da25a5934de653af9633a5d993d2bb21491d84b3b2e2529e6b31d92c78a2228 libcap2_2.25-2_amd64.deb
5a4eaa96e6e774948889909d618a8ed44a82f649cbba11622dc7b4478098bea006995d5a5a60ca026a57b76ad866d1e2c6caebd154a26eb6bd7e15291b558057 libseccomp2_2.3.3-4_amd64.deb
ac73361c10498cdb15e6facbc78867c576fe7a79e6e41e85eed57a24f49d35ec4d21663777549e30b62601e463a0a62e28a219daae13cf20fa9ac7b64bbc9daa libnvidia-container1_1.14.6-1_amd64.deb
08697b2133f198b056b6b5aade64574ee1e40ddbeaa5d73aa7b42642c6ac67a99ad8cc4a24465ef226a5596ddfed30fcf790ffe57d351c433869486269ba3ea3 libnvidia-container-tools_1.14.6-1_amd64.deb
bc8aaae2f6c7f93d307a3c11fe77db2b0a4dbc59b4c4ab46d4d655ee522edc6d0b2882b08034aaf5b007d889d661e368d28a379c53605c7da788660b4eba86f4 nvidia-container-toolkit_1.14.6-1_amd64.deb
cc9109cdcf51dc40db732e10ac3eda7e4ac73299ad51d2ec619d7f4cff3f0311be0937530d2175e5486c393bc9e91c709072094fad510573785739afaad831f1 libcap2_2.44-1_amd64.deb
040ac2e3f58549dc09e5bce0d694e4be2f6aae736014bf0ee90042646562d5f1ef1f5990eb9f2c2a2fdf504587b82f4aa0eb99d04c5d3e407670e4012e3edd4e config.toml
0f150ea59b2372bf3ef60e657142b19f46500d1c70cb179d37ce117d6b03e86427dbf356873affb7639e082a07f852a922ae3aea4a8f8885640e43675c4e4add oci-nvidia-hook.json
"

View File

@ -0,0 +1 @@
libpsx.so.2.66

View File

@ -1,8 +1,7 @@
# Contributor: Stefan Reimer <stefan@zero-downtime.net>
# Maintainer: Stefan Reimer <stefan@zero-downtime.net>
pkgname=nvidia-drivers
#pkgver=535.54.03
pkgver=525.125.06
pkgver=550.54.14
pkgrel=0
pkgdesc="NVIDIA Driver"
url="https://www.nvidia.com/download/index.aspx"
@ -56,5 +55,5 @@ package() {
}
sha512sums="
a5f13b633d111d9dc928e8522cd916a2b756fccbf2dc532649762a3f9bdc5503bd57c9c698da8205c49e82720b45789413a1afc26be77d741f823b49ae2f333d NVIDIA-Linux-x86_64-525.125.06.run
65fe0a3498e1b46368cfc7995fea720e4ba6373b0a74f4fc6280fbf75b2697948adf5b52b7d068b8df5ddbd347df7c0361db7e1a1fdc0d9fcfc6f478888936be NVIDIA-Linux-x86_64-550.54.14.run
"

View File

@ -26,7 +26,10 @@ build() {
# Hack running the build inside a container other uname -r returns host kernel
KERNEL_VERSION=$(basename $(ls -d /lib/modules/*-virt))
make KERNEL_UNAME=$KERNEL_VERSION || bash
unset CFLAGS CPPFLAGS CXXFLAGS
unset LDFLAGS
make KERNEL_UNAME=$KERNEL_VERSION
}
package() {

View File

@ -24,6 +24,8 @@ source="
syslog-ng.conf
syslog-ng.logrotate.conf
syslog-ng.apparmor
cloudbender.stop
cloudbender.start
dhcpcd-mtu.hook
monitrc
monit_alert.sh.aws
@ -58,9 +60,14 @@ package() {
# early init script to eg. mount var, cannot use any network !
install -Dm755 "$srcdir/cloudbender-early.init" "$pkgdir/etc/init.d/cloudbender-early"
# various tasks during boot
# various tasks during first boot
install -Dm755 "$srcdir/cloudbender.init" "$pkgdir/etc/init.d/cloudbender"
# local boot & shutdown
install -Dm755 "$srcdir/cloudbender.start" "$pkgdir/etc/local.d/cloudbender.start"
install -Dm755 "$srcdir/cloudbender.stop" "$pkgdir/etc/local.d/cloudbender.stop"
# syslog-ng configs, json all into messages
install -Dm644 "$srcdir"/syslog-ng.conf "$pkgdir"/lib/zdt/syslog-ng.conf
install -Dm644 "$srcdir"/syslog-ng.logrotate.conf "$pkgdir"/lib/zdt/syslog-ng.logrotate.conf
@ -104,7 +111,7 @@ nocloud() {
}
sha512sums="
c73970604c225199596f932fee3093d0cc9364f90b12f5490eac17643d12e65b4f662aae994ad9e3ebdbd4ee691e41a068fc988513377d6def0697fcd76285e2 common.sh
c1808572d074e1a91e0efc3c31462f6035159338843e51fbccca5102b2923506ce60ba9e1ef00b2fbb134da7a33f55af364e1bff15c272eb7f4ebc6035f33887 common.sh
cf8b75a81bb35e853761d21b15b5b109f15350c54daaf66d2912541a20f758c3ca237d58932e5608d2d3867fe15a07ebd694fd1c313a8290d15afc2b27a575dd boot.sh
eb7d5b6f92f500dbaba04a915cdd8d66e90456ca86bed86b3a9243f0c25577a9aa42c2ba28c3cad9dda6e6f2d14363411d78eff35656c7c60a6a8646f43dcba5 cloudbender-early.init
cac71c605324ad8e60b72f54b8c39ee0924205fcd1f072af9df92b0e8216bcde887ffec677eb2f0eacce3df430f31d5b5609e997d85f14389ee099fbde3c478f cloudbender.init
@ -115,6 +122,8 @@ cac71c605324ad8e60b72f54b8c39ee0924205fcd1f072af9df92b0e8216bcde887ffec677eb2f0e
b86dec8c059642309b2f583191457b7fac7264b75dc5f4a06ad641de6b76589c0571b8b72b51519516ba7e68a128fe2da29b4a2a6dc77c252204675c51b2d128 syslog-ng.conf
484bdcf001b71ce5feed26935db437c613c059790b99f3f5a3e788b129f3e22ba096843585309993446a88c0ab5d60fd0fa530ef3cfb6de1fd34ffc828172329 syslog-ng.logrotate.conf
e86eed7dd2f4507b04050b869927b471e8de26bc7d97e7064850478323380a0580a92de302509901ea531d6e3fa79afcbf24997ef13cd0496bb3ee719ad674ee syslog-ng.apparmor
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e cloudbender.stop
b93cec571afe5128ab4d7c3998b3dc48753897f37169a111f606a48d1982e6ffce52a4ac9568a6a062f621148fb652049b84926a40a62d89be3786e6836261e6 cloudbender.start
f8c052c7ec12c71937c7b8bc05d8374c588f345e303b30eda9c8612dff8f8f34a87a433648a3e9b85b278196ece198533b29680a303ff6478171d43f8e095189 dhcpcd-mtu.hook
e00a8f296c76446fe1241bf804c0108f47a2676f377a413ee9fede0943362a6582cad30fe13edd93f3d0daab0e2d7696553fb9458dca62adc05572dce339021a monitrc
c955dabe692c0a4a2fa2b09ab9096f6b14e83064b34ae8d22697096daf6551f00b590d837787d66ea1d0030a7cc30bef583cc4c936c980465663e73aec5fa2dc monit_alert.sh.aws

View File

@ -0,0 +1,10 @@
# mounts are shared to run containers later, eg. cilium, falco
# should be handled in openrc, see: https://github.com/OpenRC/openrc/pull/526/files
mount --make-rshared /
# Enable THP incl. defrag but very conservatively
# see: https://go.dev/doc/gc-guide#Linux_transparent_huge_pages
echo "madvise" > /sys/kernel/mm/transparent_hugepage/enabled
echo "defer+madvise" > /sys/kernel/mm/transparent_hugepage/defrag
echo "0" > /sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none

View File

View File

@ -23,11 +23,6 @@ setup_instance() {
add_once /etc/fstab "bpffs /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0"
mount -a
# Ensure certain mounts are shared to run containers later, eg. cilium, falco
mount --make-shared /sys/fs/cgroup
mount --make-shared /sys/fs/bpf
mount --make-shared /sys
add_once /etc/hosts "${IP_ADDRESS} ${_META_HOSTNAME} ${HOSTNAME}"
# workaround for dhcpcd / openresolv to omit search domain if equal to domain breaking DNS resolution of shortnames for eg. etcd and kube-apiserver
@ -444,11 +439,8 @@ register_service_dns() {
route53.py --fqdn "${SERVICENAME}.${DNSZONE}" --record $_IP
# Register shutdown hook to remove DNS entry on terminate
cat <<EOF >> /etc/local.d/route53.stop
echo "Deleting Route53 record for ${SERVICENAME}.${DNSZONE}" >> /tmp/shutdown.log
route53.py --delete --fqdn "${SERVICENAME}.${DNSZONE}" --record ${PUBLIC_IP_ADDRESS:-$IP_ADDRESS}
EOF
chmod +x /etc/local.d/route53.stop
add_once /etc/local.d/cloudbender.stop "echo \"Deleting Route53 record for ${SERVICENAME}.${DNSZONE}\" >> /tmp/shutdown.log"
add_once /etc/local.d/cloudbender.stop "route53.py --delete --fqdn \"${SERVICENAME}.${DNSZONE}\" --record ${PUBLIC_IP_ADDRESS:-$IP_ADDRESS}"
# Short cut our public IP to private one to allow talking to our own service name
add_once /etc/hosts "${IP_ADDRESS} ${SERVICENAME}.${DNSZONE}"