ZeroDownTime
/
alpine-zdt-images
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: latest 3.18 release, first working bare-metal-nocloud image

This commit is contained in:
Stefan Reimer 2024-03-11 13:32:20 +00:00
parent a037ca3d1c
commit e534b31c74
15 changed files with 101 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Makefile
View File

@ -1,6 +1,7 @@
OVERLAY := $(shell pwd)/overlay OVERLAY := $(shell pwd)/overlay
ONLY := ONLY :=
FILTER := --only 3.17 $(ONLY) --skip aarch64 metal SKIP :=
FILTER := --only 3.18 $(ONLY) --skip aarch64 $(SKIP)
STEP := publish STEP := publish
all: build all: build
@ -34,10 +35,12 @@ age-seal:
# Just a reference how it could work, requires root though # Just a reference how it could work, requires root though
scan-image: scan-image:
modprobe nbd doas modprobe nbd
qemu-nbd -c /dev/nbd0 --read-only alpine-cloud-images/work/images/aws/3.15.4-x86_64-bios-cloudinit-aws-kubezero/image.qcow2 doas qemu-nbd -c /dev/nbd0 --read-only alpine-cloud-images/work/images/aws/*/image.qcow2
mount /dev/nbd0 /mnt/temp/ doas mount /dev/nbd0p2 /mnt/temp/
trivy rootfs /mnt/temp doas trivy rootfs /mnt/temp
doas umount /mnt/temp
doas qemu-nbd -d /dev/nbd0
pull-upstream: ## pull latest shared alpine-cloud-images pull-upstream: ## pull latest shared alpine-cloud-images
git stash && git subtree pull --prefix alpine-cloud-images git@gitlab.alpinelinux.org:alpine/cloud/alpine-cloud-images.git main --squash && git stash pop git stash && git subtree pull --prefix alpine-cloud-images git@gitlab.alpinelinux.org:alpine/cloud/alpine-cloud-images.git main --squash && git stash pop

5
cleanup_amis.sh
View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
# set -x # set -x
TAG_FILTER="Name=tag:Name,Values=*-uefi-*minimal*r1" TAG_FILTER="Name=tag:Name,Values=zdt-alpine-3.18*dev*" #-dev" #kubezero*"
# TAG_FILTER="Name=tag:Name,Values=zdt-alpine-3.16.2-x86_64-bios-tiny-kubezero-1.23.10-r0" #TAG_FILTER="Name=tag:Name,Values=zdt-alpine-*kubezero*1.26*"
# TAG_FILTER="Name=tag:Name,Values=zdt-alpine-3.16.2-x86_64-bios-tiny-minimal-r2"
echo "Are you really sure to delete AMIs matching \"$TAG_FILTER\" ?" echo "Are you really sure to delete AMIs matching \"$TAG_FILTER\" ?"
read read

25
list_running_amis.py Executable file
View File

@ -0,0 +1,25 @@
#!/usr/bin/env python3
import os
import boto3
regions = ["eu-central-1", "us-west-2", "ap-southeast-2", "ca-central-1", "us-east-1", "us-west-1"]
#regions = ["us-west-2"]
for r in regions:
session = boto3.Session(region_name=r)
ec2 = session.client('ec2')
amis = set()
try:
for reservations in ec2.describe_instances(Filters=[])["Reservations"]:
for instance in reservations["Instances"]:
amis.add(instance["ImageId"])
except KeyError:
pass
if amis:
print(f'Region: {r}')
images = ec2.describe_images(Filters=[{"Name":"image-id", "Values":list(amis)}])["Images"]
for image in images:
print(f'imageId: {image["ImageId"]} Name: {image["Name"]}')

4
overlay/zdt/configs/edition/common-packages.conf
View File

@ -1,4 +1,5 @@
bash = true bash = true
coreutils = true
eudev = true eudev = true
jq = true jq = true
yq = true yq = true
@ -12,7 +13,6 @@ socat = true
ethtool = true ethtool = true
nvme-cli = true nvme-cli = true
xfsprogs = true xfsprogs = true
dhclient = true
busybox-extras = true busybox-extras = true
tcpdump = true tcpdump = true
uuidgen = true uuidgen = true
@ -21,8 +21,6 @@ apparmor-utils = true
apparmor-profiles = true apparmor-profiles = true
tiny-cloud = true tiny-cloud = true
tiny-cloud-openrc = true tiny-cloud-openrc = true
tiny-cloud-network = true
tiny-cloud-aws = true
conmon = true conmon = true
prometheus-node-exporter = true prometheus-node-exporter = true
prometheus-wireguard-exporter = true prometheus-wireguard-exporter = true

1
overlay/zdt/configs/edition/common-services.conf
View File

@ -15,6 +15,5 @@ default {
cloudbender = true cloudbender = true
local = true local = true
crond = true crond = true
node-exporter = true
# monit = true # We use inittab # monit = true # We use inittab
} }

9
overlay/zdt/configs/edition/common.conf
View File

@ -3,10 +3,10 @@
packages { include required("common-packages.conf") } packages { include required("common-packages.conf") }
services { include required("common-services.conf") } services { include required("common-services.conf") }
repos { #repos {
"https://dl-cdn.alpinelinux.org/alpine/edge/main" = edge-main # "https://dl-cdn.alpinelinux.org/alpine/edge/main" = edge-main
"https://dl-cdn.alpinelinux.org/alpine/edge/community" = edge-community # "https://dl-cdn.alpinelinux.org/alpine/edge/community" = edge-community
} #}
repo_keys = [ "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" ] repo_keys = [ "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" ]
@ -21,6 +21,7 @@ WHEN {
aws-cli = true aws-cli = true
py3-boto3 = true py3-boto3 = true
zdt-base-aws = kubezero zdt-base-aws = kubezero
tiny-cloud-aws = true
} }
} }

2
overlay/zdt/configs/edition/kubezero-packages-x86_64.conf
View File

@ -1,2 +0,0 @@
aws-neuron-driver = kubezero
nvidia-open-gpu = kubezero

4
overlay/zdt/configs/edition/kubezero-packages.conf
View File

@ -1,3 +1,3 @@
curl = true curl = true
kubezero = "kubezero=~1.25" kubezero = "kubezero=~1.27"
kubezero-imagecache = "kubezero=~1.25" kubezero-imagecache = "kubezero=~1.27"

2
overlay/zdt/configs/edition/kubezero-services.conf
View File

@ -1,4 +1,6 @@
default { default {
# Until we migrate away from DS # Until we migrate away from DS
node-exporter = null node-exporter = null
crio = true
kubelet = true
} }

11
overlay/zdt/configs/edition/kubezero.conf
View File

@ -6,11 +6,14 @@ packages { include required("kubezero-packages.conf") }
services { include required("kubezero-services.conf") } services { include required("kubezero-services.conf") }
description = [ "- https://kubezero.com" ] description = [ "- https://kubezero.com" ]
name = [ kubezero-1.25.8 ] name = [ kubezero-1.27.8 ]
size = 2G disk_size = [1024]
WHEN { WHEN {
x86_64 { aws {
packages { include required("kubezero-packages-x86_64.conf") } packages {
aws-neuron-driver = kubezero
nvidia-open-gpu = kubezero
}
} }
} }

1
overlay/zdt/configs/edition/minimal-packages.conf Normal file
View File

@ -0,0 +1 @@
falco = kubezero

2
overlay/zdt/configs/edition/minimal.conf
View File

@ -2,5 +2,7 @@
include required("common.conf") include required("common.conf")
packages { include required("minimal-packages.conf") }
description = [ "- https://zero-downtime.net/cloud" ] description = [ "- https://zero-downtime.net/cloud" ]
name = [ minimal ] name = [ minimal ]

32
overlay/zdt/configs/machine/metal.conf
View File

@ -3,13 +3,31 @@
name = ["metal"] name = ["metal"]
machine_name = "Bare Metal" machine_name = "Bare Metal"
# Kernel and firmware are 900M ! # disk_size = [1024]
size = 2G
# TODO: for now use AWS as nocloud is not merged yet EXCLUDE = ["aws"]
#EXCLUDE = ["aws"]
packages.linux-virt = null packages {
packages.linux-lts = true linux-virt = null
# TODO: other kernel_modules, kernel_options, or initfs_features? linux-lts = true
falco-kernel-lts = kubezero
# Keep the image minimal, add firmware as needed
linux-firmware-none = true
mdadm = true
pciutils = true
}
initfs_features {
xfs = true
nvme = true
raid = true
}
kernel_modules {
xfs = true
}

4
overlay/zdt/configs/machine/vm.conf
View File

@ -1,4 +1,6 @@
name = [vm] # we need a name to be able to skip name = [vm] # we need a name to be able to skip
machine_name = "Virtual" machine_name = "Virtual"
# all image defaults are for virutal machines packages {
falco-kernel-virt = kubezero
}

35
overlay/zdt/configs/zdt.conf
View File

@ -14,7 +14,8 @@ Default {
scripts = [ setup ] scripts = [ setup ]
script_dirs = [ setup.d ] script_dirs = [ setup.d ]
size = 1G # This addds up to exact 1GB overall images by default
disk_size = [1008]
login = alpine login = alpine
image_format = vhd image_format = vhd
@ -33,13 +34,13 @@ Default {
# atm we only support: # atm we only support:
# - tiny-cloud # - tiny-cloud
# - uefi boot # - uefi boot
# - latest stable Alpine 3.17 # - latest stable Alpine 3.18
Dimensions { Dimensions {
version { version {
"3.17" { include required("version/3.17.conf") "3.18" { include required("version/3.18.conf")
repos { repos {
"https://cdn.zero-downtime.net/alpine/v3.17/kubezero" = kubezero "https://cdn.zero-downtime.net/alpine/v3.18/kubezero" = kubezero
} }
} }
# edge { include required("version/edge.conf") } # edge { include required("version/edge.conf") }
@ -59,33 +60,35 @@ Dimensions {
tiny { include required("bootstrap/tiny.conf") } tiny { include required("bootstrap/tiny.conf") }
} }
machine {
vm { include required("machine/vm.conf") }
metal { include required("machine/metal.conf") }
}
cloud { cloud {
aws { include required("cloud/aws.conf") } aws { include required("cloud/aws.conf") }
aws.regions { aws.regions {
ALL = false ALL = false
ap-southeast-2 = true #ap-southeast-2 = true
ca-central-1 = true #ca-central-1 = true
eu-central-1 = true eu-central-1 = true
us-east-1 = true #us-east-1 = true
us-west-1 = true #us-west-1 = true
us-west-2 = true #us-west-2 = true
} }
nocloud { include required("cloud/nocloud.conf") }
} }
edition { edition {
minimal { include required("edition/minimal.conf") } minimal { include required("edition/minimal.conf") }
kubezero { include required("edition/kubezero.conf") } kubezero { include required("edition/kubezero.conf") }
} }
machine {
vm { include required("machine/vm.conf") }
metal { include required("machine/metal.conf") }
}
} }
# all build configs merge these at the very end # all build configs merge these at the very end
Mandatory { Mandatory {
name = [ "r{revision}" ] name = [ "dev", "r{revision}" ]
encrypted = "alias/zdt/amis" encrypted = "alias/zdt/amis"
# We use neofetch custom branding # We use neofetch custom branding
@ -96,5 +99,3 @@ Mandatory {
access { include required("access.conf") } access { include required("access.conf") }
} }