diff --git a/Dockerfile b/Dockerfile index 6a13c51..cbe19ea 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ -FROM alpine:3.19 -ARG ALPINE="v3.19" +FROM alpine:3.20 +ARG ALPINE="v3.20" ARG BUILDUSER=alpine RUN echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \ diff --git a/Makefile b/Makefile index 7ecff09..ab3f366 100644 --- a/Makefile +++ b/Makefile @@ -4,14 +4,14 @@ REGION := us-east-1 include .ci/podman.mk -BUILDER := v3.19.1 +BUILDER := v3.20.1 PKG := '*' CF_DIST := E11OFTOA3L8IVY BUILDER_RELEASE = $(shell echo $(BUILDER) | sed -e 's/-.*$$//') RELEASE := $(shell echo $(BUILDER_RELEASE) | sed -e 's/\.[0-9]$$//') -.PHONY: aarch64-toolchain packages distfiles aports apk +.PHONY: aarch64-toolchain packages distfiles aports apk init_apk_repo aarch64-toolchain: podman run -it --rm \ @@ -57,3 +57,6 @@ upload: invalidate_cdn #aws s3 sync --delete packages/kubezero/aarch64/ s3://zero-downtime-web-cdn/alpine/$(RELEASE)/kubezero/aarch64/ --exclude APKINDEX.tar.gz aws s3 cp packages/kubezero/x86_64/APKINDEX.tar.gz s3://zero-downtime-web-cdn/alpine/$(RELEASE)/kubezero/x86_64/ --cache-control max-age=1 #aws s3 cp packages/kubezero/aarch64/APKINDEX.tar.gz s3://zero-downtime-web-cdn/alpine/$(RELEASE)/kubezero/aarch64/ --cache-control max-age=1 + +init_apk_repo: + aws s3 cp s3://zero-downtime-web-cdn/alpine/v3.19/kubezero/x86_64/APKINDEX.tar.gz s3://zero-downtime-web-cdn/alpine/$(RELEASE)/kubezero/x86_64/APKINDEX.tar.gz diff --git a/kubezero/aws-iam-authenticator/APKBUILD b/kubezero/aws-iam-authenticator/APKBUILD index 5577f6a..87849ab 100644 --- a/kubezero/aws-iam-authenticator/APKBUILD +++ b/kubezero/aws-iam-authenticator/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=aws-iam-authenticator -pkgver=0.6.14 +pkgver=0.6.22 pkgrel=0 pkgdesc="AWS aws-iam-authenticator" url="https://github.com/kubernetes-sigs/aws-iam-authenticator" @@ -20,5 +20,5 @@ package() { } sha512sums=" -26a6b394fbe767910f605a356032338a4ec254b81cd470796e3137e3595fef338bd213dee8d956c8d23e16f5508741e78664cd0f8b1acd97321d2fb5b7b723af aws-iam-authenticator-0.6.14.tar.gz +5a80f9bdaad86f3ff1140e49bd7b1dc1cceaa4e8885a4f60bb638e64ce542f0177641bb47c6b2cb5e95dabede30d385bce320bb466d627760630270969cf6876 aws-iam-authenticator-0.6.22.tar.gz " diff --git a/kubezero/aws-neuron-driver/APKBUILD b/kubezero/aws-neuron-driver/APKBUILD index 3fcb2ee..ca3fdba 100644 --- a/kubezero/aws-neuron-driver/APKBUILD +++ b/kubezero/aws-neuron-driver/APKBUILD @@ -5,7 +5,7 @@ # Todo: needs fix of https://github.com/aws-neuron/aws-neuron-sdk/issues/843 # pkgname=aws-neuron-driver -pkgver=2.16.7.0 +pkgver=2.17.17.0 pkgrel=0 pkgdesc="Linux Kernel module for AWS Neuron INF instances" url="https://awsdocs-neuron.readthedocs-hosted.com/en/latest/release-notes/index.html#" @@ -47,5 +47,5 @@ package() { } sha512sums=" -968eb60bcd6826fa7dba827c29eda0033c626e016c7a57389a821f64c966d076a85da885f772e937098885853fe50765013a1368aab8b0ca85d732c34e60a26e aws-neuron-driver-2.16.7.0.deb +e14531f50bb7b4c2854a6e1c53e8a4d5a639abc2657b6f5458e5f9f4f54f4f1e55bbd240e2bf96779ec0ec52fdfe4ab4148b7fa888bbed6f3ddcb9d20c2c742f aws-neuron-driver-2.17.17.0.deb " diff --git a/kubezero/cri-o/APKBUILD b/kubezero/cri-o/APKBUILD index f8f62d9..2341a36 100644 --- a/kubezero/cri-o/APKBUILD +++ b/kubezero/cri-o/APKBUILD @@ -3,7 +3,7 @@ # Contributor: TBK # Maintainer: ungleich pkgname=cri-o -pkgver=1.28.4 +pkgver=1.29.6 pkgrel=0 pkgdesc="OCI-based implementation of Kubernetes Container Runtime Interface" url="https://github.com/cri-o/cri-o/" @@ -41,6 +41,7 @@ subpackages=" $pkgname-doc $pkgname-bash-completion $pkgname-zsh-completion + $pkgname-fish-completion $pkgname-openrc " #$pkgname-fish-completion @@ -103,12 +104,12 @@ package() { } sha512sums=" -8d27211a4baad86d5251faa396a23d78d2962de894124be851172d6e85fbf3c0da57ec08f70840c7d8526dc6daa93999485a8d92a1d2c33b374eff84b1e063ae cri-o-1.28.4.tar.gz +619478265d2fe4ef3ba8f74e755cc5618be9a578af6c9db8fdaf536c27953735a6001d9a0312ea52bb638a3e3379474dbe78ab8ff23ea20b47649a51b2c7fb71 cri-o-1.29.6.tar.gz 1f60719677295c9c5c615eb25d9159bde0af68a132eee67747f57fe76642d457c98c896c6189f85637d7b4ac24ba55fd9eaeb1699f43c3c5077b645f72a479fb crio.conf e9149cc2ddd24328c5290d3aea895c01e2798e066897535384f615a556496acdd52a603a0f4ac3c4c70bd5c363592f23c8b4d1987bf738300112fc62e1def555 crio.initd 1115228546a696eeebeb6d4b3e5c3152af0c99a2559097fc5829d8b416d979c457b4b1789e0120054babf57f585d3f63cbe49949d40417ae7aab613184bf4516 crio.logrotated 0a567dfa431ab1e53f2a351689be8d588a60cc5fcdbda403ec4f8b6ab9b1c18ad425f6c47f9a5ab1491e3a61a269dc4efa6a59e91e7521fa2b6bb165074aa8e0 cni-plugins-path.patch -f9577aa7b1c90c6809010e9e406e65092251b6e82f6a0adbc3633290aa35f2a21895e1a8b6ba4b6375dcad3e02629b49a34ab16387e1c36eeb32c8f4dac74706 makefile-fix-install.patch +09025bff1fed5004a15696cbc7c63260ae7c206ffe2c8506e6063e8889b7aa98bd5c7df2f0c109860d8432ddf5f3b6326dbfd46589d05cf87f26c38e4bdadb9c makefile-fix-install.patch b0fdaf2280968a69e05ef72288bbf6fc03787616c6b6fca1e4398f9849167f4773e5e6e72bf1738d1fff2a84e97aa00f23aabcd50898ba8ed130969f50363006 fix-test.patch ae7e4a43f18076f19f3ae37d7302bfdf7a3befadf33e46bc9b1b14d50b605e8ba0d06d479568c24e8bf68f17c80ae48798068b2a46c3bcab565a5d225779f30e remove-systemd-files.patch 79e1a7c6183ba56f55d923e9d738be945564494042bc011d31e9195f66c268d702ee5c86711d4b46618285fc1b10b59ea55c321390feca770cfc7de334e103bd crictl.yaml diff --git a/kubezero/cri-o/makefile-fix-install.patch b/kubezero/cri-o/makefile-fix-install.patch index 8b44339..82bb188 100644 --- a/kubezero/cri-o/makefile-fix-install.patch +++ b/kubezero/cri-o/makefile-fix-install.patch @@ -23,15 +23,13 @@ CONTAINER_RUNTIME ?= podman BUILD_PATH := $(shell pwd)/build BUILD_BIN_PATH := ${BUILD_PATH}/bin -@@ -420,68 +420,70 @@ - install: .gopathok install.bin install.man install.completions install.systemd install.config +@@ -420,60 +420,62 @@ + install: install.bin install.man install.completions install.systemd install.config install.bin-nobuild: - install ${SELINUXOPT} -D -m 755 bin/crio $(BINDIR)/crio -- install ${SELINUXOPT} -D -m 755 bin/crio-status $(BINDIR)/crio-status - install ${SELINUXOPT} -D -m 755 bin/pinns $(BINDIR)/pinns + install ${SELINUXOPT} -D -m 755 bin/crio ${DESTDIR}$(BINDIR)/crio -+ install ${SELINUXOPT} -D -m 755 bin/crio-status ${DESTDIR}$(BINDIR)/crio-status + install ${SELINUXOPT} -D -m 755 bin/pinns ${DESTDIR}$(BINDIR)/pinns install.bin: binaries install.bin-nobuild @@ -70,18 +68,12 @@ - install ${SELINUXOPT} -D -m 644 -t ${BASHINSTALLDIR} completions/bash/crio - install ${SELINUXOPT} -D -m 644 -t ${FISHINSTALLDIR} completions/fish/crio.fish - install ${SELINUXOPT} -D -m 644 -t ${ZSHINSTALLDIR} completions/zsh/_crio -- install ${SELINUXOPT} -D -m 644 -t ${BASHINSTALLDIR} completions/bash/crio-status -- install ${SELINUXOPT} -D -m 644 -t ${FISHINSTALLDIR} completions/fish/crio-status.fish -- install ${SELINUXOPT} -D -m 644 -t ${ZSHINSTALLDIR} completions/zsh/_crio-status + install ${SELINUXOPT} -d -m 755 ${DESTDIR}${BASHINSTALLDIR} + install ${SELINUXOPT} -d -m 755 ${DESTDIR}${FISHINSTALLDIR} + install ${SELINUXOPT} -d -m 755 ${DESTDIR}${ZSHINSTALLDIR} + install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${BASHINSTALLDIR} completions/bash/crio + install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${FISHINSTALLDIR} completions/fish/crio.fish + install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${ZSHINSTALLDIR} completions/zsh/_crio -+ install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${BASHINSTALLDIR} completions/bash/crio-status -+ install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${FISHINSTALLDIR} completions/fish/crio-status.fish -+ install ${SELINUXOPT} -D -m 644 -t ${DESTDIR}${ZSHINSTALLDIR} completions/zsh/_crio-status install.systemd: - install ${SELINUXOPT} -D -m 644 contrib/systemd/crio.service $(PREFIX)/lib/systemd/system/crio.service @@ -91,10 +83,8 @@ uninstall: - rm -f $(BINDIR)/crio -- rm -f $(BINDIR)/crio-status - rm -f $(BINDIR)/pinns + rm -f $(DESTDIR)$(BINDIR)/crio -+ rm -f $(DESTDIR)$(BINDIR)/crio-status + rm -f $(DESTDIR)$(BINDIR)/pinns for i in $(filter %.5,$(MANPAGES)); do \ - rm -f $(MANDIR)/man5/$$(basename $${i}); \ @@ -107,9 +97,6 @@ - rm -f ${BASHINSTALLDIR}/crio - rm -f ${FISHINSTALLDIR}/crio.fish - rm -f ${ZSHINSTALLDIR}/_crio -- rm -f ${BASHINSTALLDIR}/crio-status -- rm -f ${FISHINSTALLDIR}/crio-status.fish -- rm -f ${ZSHINSTALLDIR}/_crio-status - rm -f $(PREFIX)/lib/systemd/system/crio-wipe.service - rm -f $(PREFIX)/lib/systemd/system/crio.service - rm -f $(PREFIX)/lib/systemd/system/cri-o.service @@ -121,9 +108,6 @@ + rm -f $(DESTDIR)${BASHINSTALLDIR}/crio + rm -f $(DESTDIR)${FISHINSTALLDIR}/crio.fish + rm -f $(DESTDIR)${ZSHINSTALLDIR}/_crio -+ rm -f $(DESTDIR)${BASHINSTALLDIR}/crio-status -+ rm -f $(DESTDIR)${FISHINSTALLDIR}/crio-status.fish -+ rm -f $(DESTDIR)${ZSHINSTALLDIR}/_crio-status + rm -f $(DESTDIR)$(PREFIX)/lib/systemd/system/crio-wipe.service + rm -f $(DESTDIR)$(PREFIX)/lib/systemd/system/crio.service + rm -f $(DESTDIR)$(PREFIX)/lib/systemd/system/cri-o.service diff --git a/kubezero/cri-tools/APKBUILD b/kubezero/cri-tools/APKBUILD index aa24db7..bd89246 100644 --- a/kubezero/cri-tools/APKBUILD +++ b/kubezero/cri-tools/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Francesco Colista # Maintainer: Francesco Colista pkgname=cri-tools -pkgver=1.28.0 +pkgver=1.29.0 pkgrel=0 pkgdesc="CLI tool for Kubelet Container Runtime Interface (CRI)" url="https://github.com/kubernetes-sigs/cri-tools" @@ -27,5 +27,5 @@ package() { } sha512sums=" -222d3785dc7e8485538b4745766494be02d359347eb1337c9dd04839e19269d768922ff04f07d1fb72291c3554ecf91b382307253a288c9376079135a625cc0c cri-tools-1.28.0.tar.gz +8e18e21017ea3140baaae7fedc85811738f1793962d5a9494117d5d0dd7f3f01468ca4768066be0bd80760b494c0c69d426603cc0326b9f95070db2547b6b8c2 cri-tools-1.29.0.tar.gz " diff --git a/kubezero/ecr-credential-provider/APKBUILD b/kubezero/ecr-credential-provider/APKBUILD index fa1549b..675615d 100644 --- a/kubezero/ecr-credential-provider/APKBUILD +++ b/kubezero/ecr-credential-provider/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=ecr-credential-provider -pkgver=1.28.1 +pkgver=1.29.5 pkgrel=0 pkgdesc="AWS Kubernetes ecr-credential-provider" url="https://github.com/kubernetes/cloud-provider-aws" @@ -24,5 +24,5 @@ package() { } sha512sums=" -b9adc389be9301dc4be36c6bf546f354b9f2895cbad13d28d074dbab77f9aecec8d5fd02590d21c2a4acc91b559371adfe9702898c7880d92aea6657b315a539 ecr-credential-provider-1.28.1.tar.gz +4ffe2c2f4cdd42d0fb20dc1937088c89b4e7cf816493c8a89f16d95f8090faf780e9e60ffe1c38ffde2f74593f9c6b77927f38c4443aa62e44c7eb35c333017c ecr-credential-provider-1.29.5.tar.gz " diff --git a/kubezero/falco/APKBUILD b/kubezero/falco/APKBUILD index e1b7164..a522e5d 100644 --- a/kubezero/falco/APKBUILD +++ b/kubezero/falco/APKBUILD @@ -29,6 +29,7 @@ source=" $pkgname-$pkgver.tar.gz::https://github.com/falcosecurity/falco/archive/refs/tags/$pkgver.tar.gz falco.patch rules.patch + falco.initd " prepare() { @@ -69,10 +70,14 @@ package() { rm -rf $pkgdir/usr/src rm -rf $pkgdir/usr/lib rm -rf $pkgdir/usr/include + + install -Dm755 "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/$pkgname } sha512sums=" f76b228328a3cf29f5795f7239393d7d05101f488e6ff09f5434237e906ec04a0139a5c91089c36cf3d01058584773b8fe0b1742e760a3e4953237fbc49e834f falco-0.38.1.tar.gz b152fcf6cd81895efa37797ab7ff1aac7350b5f51f2648aa9e3cce9d5ece55791ddf82c396e9da216293e2379a785a294cc972f28a91162dc5bc88ab09e1ab08 falco.patch 487b8b64d2399fd7b706be29e3722983bcdfde3ab5cf0f78b2e9fe1055a4ad958976f591e739491e25a06d7cdf6894c1e153e892a87b83c7a962e23c9a104528 rules.patch +9d1292a99bab7792bfe344940fa41ccf01318d5f30f854b01457e9f53ccca27f7f334466c061a11fbe8ebf918aeeb7f723b16a233c9e3bd60dd632d831ae9f5c falco.initd " diff --git a/kubezero/falco/falco.initd b/kubezero/falco/falco.initd new file mode 100644 index 0000000..9543fb1 --- /dev/null +++ b/kubezero/falco/falco.initd @@ -0,0 +1,10 @@ +#!/sbin/openrc-run +supervisor=supervise-daemon + +name=falco +command="/usr/bin/falco" +command_args="$falco_opts" + +depend() { + need logger +} diff --git a/kubezero/kubernetes/APKBUILD b/kubezero/kubernetes/APKBUILD index 57f310c..3ae4239 100644 --- a/kubezero/kubernetes/APKBUILD +++ b/kubezero/kubernetes/APKBUILD @@ -5,7 +5,7 @@ # Contributor: Dave # Maintainer: Stefan Reimer pkgname=kubernetes -pkgver=1.28.9 +pkgver=1.29.7 pkgrel=0 pkgdesc="Container Cluster Manager" url="https://kubernetes.io/" @@ -205,7 +205,7 @@ _do_zshcomp() { } sha512sums=" -cb10da770f8bb035c98b2c02b9ff202194ae69983d7c4d5052b03f5f5522e57f70a88105039265e1892039c566cfd7d043fcb44ad958823be0f5bee352f864a0 kubernetes-1.28.9.tar.gz +bce18d12164704f4d55d7566737bdff8305c5613af7a8df4b49cfa5f90f6b51f879159c4da7fbe436fdf7c4fcf5331f3f35e63f8dbc4c833559e6e2b1a61d08f kubernetes-1.29.7.tar.gz 5427c2e653504cfd5b0bcaf195d4734ee40947ddfebc9f155cd96dddccfc27692c29d94af4ac99f1018925b52995c593b584c5d7a82df2f185ebce1a9e463c40 make-e2e_node-run-over-distro-bins.patch 94d07edfe7ca52b12e85dd9e29f4c9edcd144abc8d120fb71e2a0507f064afd4bac5dde30da7673a35bdd842b79a4770a03a1f3946bfae361c01dd4dc4903c64 make-test-cmd-run-over-hyperkube-based-kubectl.patch e690daff2adb1013c92124f32e71f8ed9a18c611ae6ae5fcb5ce9674768dbf9d911a05d7e4028488cda886e63b82e8ac0606d14389a05844c1b5538a33dd09d1 kube-apiserver.initd diff --git a/kubezero/kubezero/APKBUILD b/kubezero/kubezero/APKBUILD index ae92482..f7d0821 100644 --- a/kubezero/kubezero/APKBUILD +++ b/kubezero/kubezero/APKBUILD @@ -1,9 +1,9 @@ # Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=kubezero -pkgver=1.28.9 -_crio=1.28.4 -_ecr=1.28.1 +pkgver=1.29.7 +_crio=1.29.6 +_ecr=1.29.5 pkgrel=0 pkgdesc="KubeZero release package" @@ -18,7 +18,7 @@ depends=" kubelet~$pkgver kubectl~$pkgver ecr-credential-provider~$_ecr - aws-iam-authenticator~0.6.14 + aws-iam-authenticator~0.6.22 " options="!check" #install="$pkgname.post-install" @@ -28,7 +28,7 @@ subpackages=" " IMAGES=" - quay.io/cilium/cilium:v1.15.3 + quay.io/cilium/cilium:v1.15.7 ghcr.io/k8snetworkplumbingwg/multus-cni:v3.9.3 " @@ -74,11 +74,11 @@ package() { # Preload container images all nodes need to speed up boot time and reduce data transfer imagecache() { - mkdir -p "$subpkgdir/mnt/zdt/cache" + mkdir -p "$subpkgdir/var/cache/zdt" for i in $IMAGES; do IMAGE_NAME=$(echo $i | sed -e 's/.*\///' -e 's/:.*//') - install -Dm644 "$srcdir"/$IMAGE_NAME.tar.xz "$subpkgdir/mnt/zdt/cache/$IMAGE_NAME.tar.xz" + install -Dm644 "$srcdir"/$IMAGE_NAME.tar.xz "$subpkgdir/var/cache/zdt/$IMAGE_NAME.tar.xz" done } diff --git a/kubezero/nvidia-container-toolkit/.gitignore b/kubezero/nvidia-container-toolkit/.gitignore new file mode 100644 index 0000000..b289cfd --- /dev/null +++ b/kubezero/nvidia-container-toolkit/.gitignore @@ -0,0 +1,2 @@ +etc +lib diff --git a/kubezero/nvidia-container-toolkit/APKBUILD b/kubezero/nvidia-container-toolkit/APKBUILD index ecaf739..0b1ec85 100644 --- a/kubezero/nvidia-container-toolkit/APKBUILD +++ b/kubezero/nvidia-container-toolkit/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Stefan Reimer # https://github.com/NVIDIA/nvidia-container-toolkit pkgname=nvidia-container-toolkit -pkgver=1.15.0 +pkgver=1.16.0 pkgrel=0 pkgdesc="NVIDIA Container toolkit incl. cri hooks" url="https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/overview.html" @@ -68,9 +68,9 @@ package() { } sha512sums=" -36adc14f49b3827ba5b86fdf75b2eb91fd2b2621e9be3a02c2f7f94b2c30e47b9f9d7482ae4f788cee804b12b359e4dc597878171f6e68f7287c18b3d3dfdf8d libnvidia-container1_1.15.0-1_amd64.deb -686a642649104379710056740dd0e9004a20809729231d88557c85844fe83ea5b279fe6ac49e890bcc8727b050c285f4d1b2cba584b12be1158c5b7af48d27a3 libnvidia-container-tools_1.15.0-1_amd64.deb -f8507ca4d5b4678c6afaa271b5930f856d33d2ab92ed70fbd2a5047eb6fe7635f55758047117119f8656270d96667ddb154bb95074d58a34ad37ffb7832ce951 nvidia-container-toolkit_1.15.0-1_amd64.deb +fbe354a472a4fe391ba2dcea0931278b4b4f1ef98737fda9e25bb44c4864542af509915276427be6fc38780563136c8fc9a3a5ef13f18f456f40172043b51e54 libnvidia-container1_1.16.0-1_amd64.deb +47955e2d9a4323158e572dc359b6009f74052897524f600aaa58f2bf8dbd952f07f61620b2b8407516fb0a64fb70e5aa648ff4a6236ce976bf29c11f6c545127 libnvidia-container-tools_1.16.0-1_amd64.deb +5928d53a4eb82da9b81ada7662b5b09c6ff2c4957c26f603c126ff8c309049ba1dfb95ecdc7b8ac14d00d133ad6b35028e865c84a0453260bd3d5a90ecd64866 nvidia-container-toolkit_1.16.0-1_amd64.deb 5a4eaa96e6e774948889909d618a8ed44a82f649cbba11622dc7b4478098bea006995d5a5a60ca026a57b76ad866d1e2c6caebd154a26eb6bd7e15291b558057 libseccomp2_2.3.3-4_amd64.deb cc9109cdcf51dc40db732e10ac3eda7e4ac73299ad51d2ec619d7f4cff3f0311be0937530d2175e5486c393bc9e91c709072094fad510573785739afaad831f1 libcap2_2.44-1_amd64.deb 040ac2e3f58549dc09e5bce0d694e4be2f6aae736014bf0ee90042646562d5f1ef1f5990eb9f2c2a2fdf504587b82f4aa0eb99d04c5d3e407670e4012e3edd4e config.toml diff --git a/kubezero/nvidia-container-toolkit/etc/nvidia-container-runtime/config.toml b/kubezero/nvidia-container-toolkit/etc/nvidia-container-runtime/config.toml deleted file mode 100644 index 225ec45..0000000 --- a/kubezero/nvidia-container-toolkit/etc/nvidia-container-runtime/config.toml +++ /dev/null @@ -1,32 +0,0 @@ -disable-require = false -#swarm-resource = "DOCKER_RESOURCE_GPU" -#accept-nvidia-visible-devices-envvar-when-unprivileged = true -#accept-nvidia-visible-devices-as-volume-mounts = false - -[nvidia-container-cli] -#root = "/run/nvidia/driver" -#path = "/usr/bin/nvidia-container-cli" -environment = [] -#debug = "/var/log/nvidia-container-toolkit.log" -#ldcache = "/etc/ld.so.cache" -load-kmods = true -#no-cgroups = false -#user = "root:video" -ldconfig = "@/sbin/ldconfig" - -[nvidia-container-runtime] -#debug = "/var/log/nvidia-container-runtime.log" -log-level = "info" - -# Specify the runtimes to consider. This list is processed in order and the PATH -# searched for matching executables unless the entry is an absolute path. -runtimes = [ - "docker-runc", - "runc", -] - -mode = "auto" - - [nvidia-container-runtime.modes.csv] - - mount-spec-path = "/etc/nvidia-container-runtime/host-files-for-container.d" diff --git a/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2 b/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2 deleted file mode 120000 index 019a2e2..0000000 --- a/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2 +++ /dev/null @@ -1 +0,0 @@ -libpsx.so.2.66 \ No newline at end of file diff --git a/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2.66 b/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2.66 deleted file mode 100644 index 89d3e12..0000000 Binary files a/kubezero/nvidia-container-toolkit/lib/x86_64-linux-gnu/libpsx.so.2.66 and /dev/null differ diff --git a/kubezero/nvidia-drivers/APKBUILD b/kubezero/nvidia-drivers/APKBUILD index 1af2541..24cfe28 100644 --- a/kubezero/nvidia-drivers/APKBUILD +++ b/kubezero/nvidia-drivers/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=nvidia-drivers -pkgver=550.76 +pkgver=555.58.02 pkgrel=0 pkgdesc="NVIDIA Driver" url="https://www.nvidia.com/download/index.aspx" @@ -55,5 +55,5 @@ package() { } sha512sums=" -a3804501b220d4acbda9633b92c4515bb14d0b5233f3ffd5e173290d310efdb1ed9a9602f727c117c1d0746d596c1125c51cc3e1fde65c79905e60e1d35f50ec NVIDIA-Linux-x86_64-550.76.run +7a8c84c15d87d2cf5f6261b12d3d683e0a7a1847d7c5461b3995f78b8dd862272fd11be07018593a8d5ef5d8274040f15b9e6fe92e9212dcd7a97be668852433 NVIDIA-Linux-x86_64-555.58.02.run " diff --git a/kubezero/nvidia-open-gpu/APKBUILD b/kubezero/nvidia-open-gpu/APKBUILD index eea8a76..b179542 100644 --- a/kubezero/nvidia-open-gpu/APKBUILD +++ b/kubezero/nvidia-open-gpu/APKBUILD @@ -7,7 +7,7 @@ # remove coreutils from makedepends pkgname=nvidia-open-gpu -pkgver=550.76 +pkgver=555.58.02 pkgrel=0 pkgdesc="NVIDIA Linux open GPU kernel modules" url="https://github.com/NVIDIA/open-gpu-kernel-modules" @@ -53,7 +53,7 @@ package() { } sha512sums=" -5126d3b8e3f0635b5b044db4faf0d483e70bb43418bbd21325bb175aaca948e19bd81038fbef9118a95387da65ff0ff3d1592fc54c0d6815a2448b32024468ac nvidia-550.76.tar.gz +5cc927d994ba5ec79333b21534dbc60904b5e1ce746d231d29764648d6f6ffd8e7646b69f32b3d28f9ef8c407df5a04e5a94ff26d503201ec8fd17028bf3ccc9 nvidia-555.58.02.tar.gz b16b86ded8601ff802477e2b191c5728290014f90bb85ad6ec0e5b7e84f8004c467f5b6c66b80dc5d205fb70a3900ac286764a3829ca3ad3b8a3a5fd0b73a702 91-nvidia.rules 8335bd69c482da1f67b5cddd31a0b40d01b5c627aeca137b40ac7776cb3e7475767bec808a972ed739c26914207aca264324c41496f6fb579d910c8477f7cc1c create-nvidia-uvm-dev-node.sh " diff --git a/kubezero/otelcol/APKBUILD b/kubezero/otelcol/APKBUILD new file mode 100644 index 0000000..0df49e4 --- /dev/null +++ b/kubezero/otelcol/APKBUILD @@ -0,0 +1,34 @@ +# Contributor: Stefan Reimer +# Maintainer: Stefan Reimer +pkgname=otelcol +pkgver=0.105.0 +pkgrel=0 +pkgdesc="The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data" +url="https://github.com/open-telemetry/opentelemetry-collector" +arch="x86_64 aarch64" +license="AGPL-3.0" +makedepends="go bash" +options="!check chmod-clean" +source="ocb::https://github.com/open-telemetry/opentelemetry-collector/releases/download/cmd%2Fbuilder%2Fv"$pkgver"/ocb_"$pkgver"_linux_amd64 + otelcol-zdt.yaml + " + +#builddir="$srcdir/etcdhelper" + +prepare() { + chmod +x ./ocb +} + +build() { + ./ocb --config otelcol-zdt.yaml --skip-compilation + bash +} + +package() { + echo +} + +sha512sums=" +6928fdd8ac2a7335b9a3446db68a9bfcb1fb2ea3d435612e83a6ff61bbb424e8828b1504ce6564825e5729e2228ceae020112fdcad01e18e1e72651ed36cbe65 ocb +660ba67bb2c034a08dd2766f4366e72587935aedf467169fda1ed1b74038479ee334b599343c0de85a65a63c33660f01b4ad18929c61b44fbdf7fc75c495c5ef otelcol-zdt.yaml +" diff --git a/kubezero/otelcol/otelcol-zdt.yaml b/kubezero/otelcol/otelcol-zdt.yaml new file mode 100644 index 0000000..f5eb64e --- /dev/null +++ b/kubezero/otelcol/otelcol-zdt.yaml @@ -0,0 +1,22 @@ +dist: + name: otelcol-zdt + description: ZeroDownTime OpenTelemetry Collector + output_path: . +extensions: + # Contrib + - gomod: github.com/open-telemetry/opentelemetry-collector-contrib/extension/basicauthextension v0.105.0 + - gomod: github.com/open-telemetry/opentelemetry-collector-contrib/extension/jaegerremotesampling v0.105.0 + - gomod: github.com/open-telemetry/opentelemetry-collector-contrib/extension/oauth2clientauthextension v0.105.0 + - gomod: github.com/open-telemetry/opentelemetry-collector-contrib/extension/storage v0.105.0 + +exporters: + - gomod: go.opentelemetry.io/collector/exporter/debugexporter v0.105.0 + - gomod: go.opentelemetry.io/collector/exporter/otlpexporter v0.105.0 + - gomod: go.opentelemetry.io/collector/exporter/otlphttpexporter v0.105.0 + +receivers: + - gomod: go.opentelemetry.io/collector/receiver/otlpreceiver v0.105.0 + +processors: + - gomod: go.opentelemetry.io/collector/processor/batchprocessor v0.105.0 + - gomod: go.opentelemetry.io/collector/processor/memorylimiterprocessor v0.105.0 diff --git a/kubezero/zdt-base/APKBUILD b/kubezero/zdt-base/APKBUILD index 0d5d955..4217ddd 100644 --- a/kubezero/zdt-base/APKBUILD +++ b/kubezero/zdt-base/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=zdt-base -pkgver=0.3.19 +pkgver=0.3.20 pkgrel=0 pkgdesc="ZeroDownTime Alpine additions and customizations" url="https://git.zero-downtime.net/ZeroDownTime/alpine-overlay/src/branch/master/kubezero/zdt-base" @@ -31,7 +31,6 @@ source=" monit_alert.sh.aws neofetch.conf zdt-ascii.txt - profile route53.py get_iam_sshkeys.py uniq_hostname.py @@ -47,10 +46,6 @@ package() { install -Dm755 "$srcdir/boot.sh" "$pkgdir/usr/lib/cloudbender/boot.sh" install -Dm755 "$srcdir/common.sh" "$pkgdir/usr/lib/cloudbender/common.sh" - # convienience - mkdir -p "$pkgdir/home/alpine" - install -Dm644 "$srcdir/profile" "$pkgdir/home/alpine/.profile" - # set mtu on interface via dhcpcd install -Dm644 "$srcdir/dhcpcd-mtu.hook" "$pkgdir/usr/lib/dhcpcd/dhcpcd-hooks/10-mtu" @@ -119,7 +114,7 @@ cac71c605324ad8e60b72f54b8c39ee0924205fcd1f072af9df92b0e8216bcde887ffec677eb2f0e 3a84b728d4169b92356f1da52922c6110efd5bdc2df90b64abe59f89a5de57cc85a81936bdead0cae5071c1ba1735bda1bd866018b5c3f7fd4ef155d0606ac2d cloud-nocloud.sh 06102e56c847637f705d0b29b05b07fbbb2bda9ba69f0a7fe1d716126d3b1c7922fb0df159199809908fa0dc143209775edb1dd5976faa84244dbcaa45f00364 zdt-sysctl.conf 76e6a4f309f31bfa07de2d3b1faebe5670722752e18157b69d6e868cbe9e85eda393aed0728b0347a01a810eee442844c78259f86ff71e3136a013f4cbfaaea4 ps_mem.py -b86dec8c059642309b2f583191457b7fac7264b75dc5f4a06ad641de6b76589c0571b8b72b51519516ba7e68a128fe2da29b4a2a6dc77c252204675c51b2d128 syslog-ng.conf +74727352a8ac334964c6cca9d52b3dfc8165d6f9c25e7dd589dda91dfe2d00c32ea0e9b4c37100525703c730a0d48eec3d244aa4626b6ad6b52d3707d776c52b syslog-ng.conf 484bdcf001b71ce5feed26935db437c613c059790b99f3f5a3e788b129f3e22ba096843585309993446a88c0ab5d60fd0fa530ef3cfb6de1fd34ffc828172329 syslog-ng.logrotate.conf e86eed7dd2f4507b04050b869927b471e8de26bc7d97e7064850478323380a0580a92de302509901ea531d6e3fa79afcbf24997ef13cd0496bb3ee719ad674ee syslog-ng.apparmor cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e cloudbender.stop @@ -129,7 +124,6 @@ e00a8f296c76446fe1241bf804c0108f47a2676f377a413ee9fede0943362a6582cad30fe13edd93 c955dabe692c0a4a2fa2b09ab9096f6b14e83064b34ae8d22697096daf6551f00b590d837787d66ea1d0030a7cc30bef583cc4c936c980465663e73aec5fa2dc monit_alert.sh.aws 2c02a1d454881dd7197548286c6cf24c1453dd9d726f3e5445703c12414853b0e12205e5b6a0c3ae09b76097d2bdfcfd6e1bc9a122dd9f66c6d6d03ab41f748a neofetch.conf 532b8e2eb04942ab20bdc36b5dea1c60239fcbfcb85706123f3e05c18d65c938b85e9072d964ae5793177625a8db47b532db1f5bd5ed5ecbb70d5a331666ff54 zdt-ascii.txt -c3e72cd92936b03f2b9eab5e97e9a12fcddcdf2c943342e42e7702e2d2407e00859c62dc9b4de3378688d2f05458aa5c104272af7ab13e53a62f1676d1a9a1b4 profile 816049360aa442f9e9aa4d6525795913cfe3dc7c6c14dc4ccad59c0880500f9d42f198edc442fe036bc84ba2690d9c5bc8ae622341d8276b3f14947db6b879b1 route53.py 7da28446762a36a6737c5b30becbce78775bd943b4d0c5ef938a50f49b4f51f66708434aa79004c19d16c56c83f54c8d6d68e1502ebc250c73f8aae12bed83c0 get_iam_sshkeys.py ae1941fc45e61fa8d211f5ef7eff2dd01510a6d364c4302cab267812321a10e7434ecc8d8c9263d8671ce5604d04d6531601bf42886a55fb6aec7f321651e1dc uniq_hostname.py diff --git a/kubezero/zdt-base/common.sh b/kubezero/zdt-base/common.sh index 64ba744..17ad80d 100644 --- a/kubezero/zdt-base/common.sh +++ b/kubezero/zdt-base/common.sh @@ -417,7 +417,6 @@ enable_ip_forwarding() { net.ipv4.ip_forward=1 net.ipv4.ip_local_port_range = 1024 65535 net.ipv4.conf.all.send_redirects=0 -net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.forwarding = 1 diff --git a/kubezero/zdt-base/profile b/kubezero/zdt-base/profile deleted file mode 100644 index 5f256e8..0000000 --- a/kubezero/zdt-base/profile +++ /dev/null @@ -1,4 +0,0 @@ -alias sudo='doas' -alias cu='doas cat /var/log/user-data.log' -alias cl="doas cat /var/log/messages | jq -r '\"\(.time): \(.message)\"'" -alias tl="doas tail -f /var/log/messages | jq -r '\"\(.time): \(.message)\"'" diff --git a/kubezero/zdt-base/syslog-ng.conf b/kubezero/zdt-base/syslog-ng.conf index d9c2e0e..0551ece 100644 --- a/kubezero/zdt-base/syslog-ng.conf +++ b/kubezero/zdt-base/syslog-ng.conf @@ -20,4 +20,8 @@ destination d_mesg { file("/var/log/messages" template("$(format-json time=\"$UN # filter f_drop_ipvs_ratelimit { not (facility(kern) and match("net_ratelimit:.*callbacks suppressed" value("MESSAGE"))); }; # log { source(s_sys); filter(f_drop_ipvs); filter(f_drop_ipvs_ratelimit); destination(d_mesg); }; -log { source(s_sys); destination(d_mesg); }; +log { + source(s_sys); + + destination(d_mesg); +}; diff --git a/kubezero/zdt-base/zdt-base.post-install b/kubezero/zdt-base/zdt-base.post-install index f7cda20..2d3a709 100644 --- a/kubezero/zdt-base/zdt-base.post-install +++ b/kubezero/zdt-base/zdt-base.post-install @@ -35,4 +35,10 @@ echo 'Enable monit via inittab' [ -f /etc/profile.d/color_prompt.sh.disabled ] && mv /etc/profile.d/color_prompt.sh.disabled /etc/profile.d/color_prompt.sh ln -sf /etc/profile.d/color_prompt.sh /etc/bash/color_prompt.sh -echo 'alias rs="doas bash"' > /etc/profile.d/alias.sh +cat < /etc/profile.d/zdt-alias.sh +alias rs='doas bash' +alias sudo='doas' +alias cu='doas cat /var/log/user-data.log' +alias cl="doas cat /var/log/messages | jq -r '\"\(.time): \(.message)\"'" +alias tl="doas tail -f /var/log/messages | jq -r '\"\(.time): \(.message)\"'" +EOF diff --git a/kubezero/zdt-base/zdt-sysctl.conf b/kubezero/zdt-base/zdt-sysctl.conf index 78d208d..0c201ab 100644 --- a/kubezero/zdt-base/zdt-sysctl.conf +++ b/kubezero/zdt-base/zdt-sysctl.conf @@ -10,6 +10,7 @@ net.ipv4.tcp_retries2 = 9 net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_forward_use_pmtu = 0 +net.ipv4.conf.all.rp_filter = 0 kernel.panic = 10 kernel.panic_on_oops = 1 vm.oom_dump_tasks = 0