diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d2389e0c2de..0524878ec98 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -38,7 +38,14 @@ jobs: continue-on-error: ${{ matrix.supported }} strategy: matrix: - variant: [aws-k8s-1.22, aws-k8s-1.23, aws-k8s-1.24, aws-k8s-1.25, aws-k8s-1.26, aws-ecs-1] + variant: + - aws-k8s-1.22 + - aws-k8s-1.23 + - aws-k8s-1.24 + - aws-k8s-1.25 + - aws-k8s-1.26 + - aws-k8s-1.27 + - aws-ecs-1 arch: [x86_64, aarch64] supported: [true] fetch-upstream: ["false"] @@ -75,6 +82,10 @@ jobs: arch: x86_64 supported: false fetch-upstream: "false" + - variant: metal-k8s-1.27 + arch: x86_64 + supported: false + fetch-upstream: "false" - variant: vmware-k8s-1.22 arch: x86_64 supported: true @@ -95,6 +106,10 @@ jobs: arch: x86_64 supported: true fetch-upstream: "false" + - variant: vmware-k8s-1.27 + arch: x86_64 + supported: true + fetch-upstream: "false" - variant: aws-k8s-1.22-nvidia arch: x86_64 supported: true @@ -135,6 +150,14 @@ jobs: arch: aarch64 supported: true fetch-upstream: "true" + - variant: aws-k8s-1.27-nvidia + arch: x86_64 + supported: true + fetch-upstream: "true" + - variant: aws-k8s-1.27-nvidia + arch: aarch64 + supported: true + fetch-upstream: "true" - variant: aws-ecs-1-nvidia arch: x86_64 supported: true diff --git a/README.md b/README.md index 5fbbeb796ac..e10371c76b1 100644 --- a/README.md +++ b/README.md @@ -65,11 +65,13 @@ The following variants support EKS, as described above: * `aws-k8s-1.24` * `aws-k8s-1.25` * `aws-k8s-1.26` +* `aws-k8s-1.27` * `aws-k8s-1.22-nvidia` * `aws-k8s-1.23-nvidia` * `aws-k8s-1.24-nvidia` * `aws-k8s-1.25-nvidia` * `aws-k8s-1.26-nvidia` +* `aws-k8s-1.27-nvidia` The following variants support ECS: @@ -83,6 +85,7 @@ We also have variants that are designed to be Kubernetes worker nodes in VMware: * `vmware-k8s-1.24` * `vmware-k8s-1.25` * `vmware-k8s-1.26` +* `vmware-k8s-1.27` The following variants are designed to be Kubernetes worker nodes on bare metal: @@ -91,6 +94,7 @@ The following variants are designed to be Kubernetes worker nodes on bare metal: * `metal-k8s-1.24` * `metal-k8s-1.25` * `metal-k8s-1.26` +* `metal-k8s-1.27` The following variants are no longer supported: diff --git a/packages/ecr-credential-provider-1.27/Cargo.toml b/packages/ecr-credential-provider-1.27/Cargo.toml new file mode 100644 index 00000000000..bd5c08554db --- /dev/null +++ b/packages/ecr-credential-provider-1.27/Cargo.toml @@ -0,0 +1,24 @@ +[package] +# "." is not allowed in crate names, but we want a friendlier name for the +# directory and spec file, so we override it below. +name = "ecr-credential-provider-1_27" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" + +[lib] +path = "pkg.rs" + +[package.metadata.build-package] +package-name = "ecr-credential-provider-1.27" +releases-url = "https://github.com/kubernetes/cloud-provider-aws/releases" + +[[package.metadata.build-package.external-files]] +url = "https://codeload.github.com/kubernetes/cloud-provider-aws/tar.gz/v1.27.1" +path = "cloud-provider-aws-1.27.1.tar.gz" +sha512 = "d7a28f4fb3cb2a1e7ee8d94405e3268608562af0ac509b51c32fcca19353eb68c87b023bd7dae1e84a76d9e856e4951cbc8a2260bab358d1eb492e47caedd29d" +bundle-modules = [ "go" ] + +[build-dependencies] +glibc = { path = "../glibc" } diff --git a/packages/ecr-credential-provider-1.27/build.rs b/packages/ecr-credential-provider-1.27/build.rs new file mode 100644 index 00000000000..cad8999af53 --- /dev/null +++ b/packages/ecr-credential-provider-1.27/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-package").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/packages/ecr-credential-provider-1.27/clarify.toml b/packages/ecr-credential-provider-1.27/clarify.toml new file mode 100644 index 00000000000..3fa231bd3ec --- /dev/null +++ b/packages/ecr-credential-provider-1.27/clarify.toml @@ -0,0 +1,5 @@ +[clarify."sigs.k8s.io/yaml"] +expression = "MIT AND BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xcdf3ae00 }, +] diff --git a/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec b/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec new file mode 100644 index 00000000000..4cc9ab1990a --- /dev/null +++ b/packages/ecr-credential-provider-1.27/ecr-credential-provider-1.27.spec @@ -0,0 +1,45 @@ +%global goproject github.com/kubernetes +%global gorepo cloud-provider-aws +%global goimport %{goproject}/%{gorepo} + +%global gover 1.27.1 +%global rpmver %{gover} + +%global _dwz_low_mem_die_limit 0 + +Name: %{_cross_os}ecr-credential-provider-1.27 +Version: %{rpmver} +Release: 1%{?dist} +Summary: Container image registry credential provider for AWS ECR +License: Apache-2.0 +URL: https://github.com/kubernetes/cloud-provider-aws + +Source: cloud-provider-aws-%{gover}.tar.gz +Source1: bundled-cloud-provider-aws-%{gover}.tar.gz +Source1000: clarify.toml + +BuildRequires: %{_cross_os}glibc-devel + +%description +%{summary}. + +%prep +%setup -n %{gorepo}-%{gover} -q +%setup -T -D -n %{gorepo}-%{gover} -b 1 -q + +%build +%set_cross_go_flags + +go build -buildmode=pie -ldflags="${GOLDFLAGS}" -o=ecr-credential-provider cmd/ecr-credential-provider/*.go + +%install +install -d %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins +install -p -m 0755 ecr-credential-provider %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider + +%cross_scan_attribution --clarify %{S:1000} go-vendor vendor + +%files +%license LICENSE +%{_cross_attribution_file} +%{_cross_attribution_vendor_dir} +%{_cross_libexecdir}/kubernetes/kubelet/plugins/ecr-credential-provider diff --git a/packages/ecr-credential-provider-1.27/pkg.rs b/packages/ecr-credential-provider-1.27/pkg.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/packages/ecr-credential-provider-1.27/pkg.rs @@ -0,0 +1 @@ +// not used diff --git a/packages/kubernetes-1.27/Cargo.toml b/packages/kubernetes-1.27/Cargo.toml new file mode 100644 index 00000000000..85937abea62 --- /dev/null +++ b/packages/kubernetes-1.27/Cargo.toml @@ -0,0 +1,32 @@ +[package] +# "." is not allowed in crate names, but we want a friendlier name for the +# directory and spec file, so we override it below. +name = "kubernetes-1_27" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" + +[lib] +path = "pkg.rs" + +[package.metadata.build-package] +package-name = "kubernetes-1.27" + +[[package.metadata.build-package.external-files]] +url = "https://distro.eks.amazonaws.com/kubernetes-1-27/releases/1/artifacts/kubernetes/v1.27.1/kubernetes-src.tar.gz" +sha512 = "bec6b87a1cf974feb041ac684057be42d0a9abd332371bc8a8a7311d7f23e4ecba923dc9f46d4db8a5a2818976ddf7e06baef7b9fd87ff5fda27b6665b956c07" + +# RPM BuildRequires +[build-dependencies] +glibc = { path = "../glibc" } + +# RPM Requires +[dependencies] +aws-signing-helper = { path = "../aws-signing-helper" } +ecr-credential-provider-1_27 = { path = "../ecr-credential-provider-1.27" } +# `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, +# and are pulled in by `release`. +# conntrack-tools = { path = "../conntrack-tools" } +# containerd = { path = "../containerd" } +# findutils = { path = "../findutils" } diff --git a/packages/kubernetes-1.27/build.rs b/packages/kubernetes-1.27/build.rs new file mode 100644 index 00000000000..cad8999af53 --- /dev/null +++ b/packages/kubernetes-1.27/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-package").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/packages/kubernetes-1.27/clarify.toml b/packages/kubernetes-1.27/clarify.toml new file mode 100644 index 00000000000..5b6e8b60967 --- /dev/null +++ b/packages/kubernetes-1.27/clarify.toml @@ -0,0 +1,62 @@ +[clarify."github.com/JeffAshton/win_pdh"] +expression = "BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xb221dcc9 }, +] + +[clarify."github.com/daviddengcn/go-colortext"] +expression = "BSD-3-Clause AND MIT" +license-files = [ + { path = "LICENSE", hash = 0x9769fae1 }, +] + +[clarify."github.com/ghodss/yaml"] +expression = "MIT AND BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xcdf3ae00 }, +] + +[clarify."github.com/heketi/heketi"] +# kubernetes only uses code that is under LGPLv3+/Apache 2.0, not the code that is GPLv2+/LGPLv3+ +expression = "LGPL-3.0-or-later OR Apache-2.0" +license-files = [ + { path = "LICENSE", hash = 0x3c4b96d1 }, + { path = "LICENSE-APACHE2", hash = 0x438c8616 }, + { path = "COPYING-LGPLV3", hash = 0xf0bccb3a }, +] +skip-files = [ "COPYING-GPLV2" ] + +[clarify."github.com/go-bindata/go-bindata"] +expression = "CC0-1.0" +license-files = [ + { path = "LICENSE", hash = 0x393fafd6 }, +] + +[clarify."github.com/miekg/dns"] +expression = "BSD-3-Clause" +license-files = [ + { path = "COPYRIGHT", hash = 0xe41dd36c }, + { path = "LICENSE", hash = 0xfc8f12ff }, +] + +[clarify."sigs.k8s.io/yaml"] +expression = "MIT AND BSD-3-Clause" +license-files = [ + { path = "LICENSE", hash = 0xcdf3ae00 }, +] + +[clarify."honnef.co/go/tools"] +expression = "MIT AND BSD-3-Clause AND Apache-2.0" +license-files = [ + { path = "LICENSE", hash = 0xad378ed2 }, + { path = "LICENSE-THIRD-PARTY", hash = 0x546425eb }, + { path = "lint/LICENSE", hash = 0xc6b58232 }, + { path = "ssa/LICENSE", hash = 0xe656fb62 }, +] + +[clarify."github.com/storageos/go-api"] +expression = "MIT AND BSD-2-Clause" +license-files = [ + { path = "LICENCE", hash = 0x67a6861e }, +] +skip-files = ["licence.go", "types/licence.go"] diff --git a/packages/kubernetes-1.27/credential-provider-config-yaml b/packages/kubernetes-1.27/credential-provider-config-yaml new file mode 100644 index 00000000000..03be81fb151 --- /dev/null +++ b/packages/kubernetes-1.27/credential-provider-config-yaml @@ -0,0 +1,33 @@ +apiVersion: kubelet.config.k8s.io/v1 +kind: CredentialProviderConfig +providers: +{{#if settings.kubernetes.credential-providers}} +{{#each settings.kubernetes.credential-providers}} +{{#if this.enabled}} + - name: {{@key}} + matchImages: +{{#each this.image-patterns}} + - "{{this}}" +{{/each}} + defaultCacheDuration: "{{default "12h" this.cache-duration}}" + apiVersion: credentialprovider.kubelet.k8s.io/v1 +{{#if (or (eq @key "ecr-credential-provider") this.environment)}} + env: +{{#if this.environment}} +{{#each this.environment}} + - name: {{@key}} + value: '{{this}}' +{{/each}} +{{/if}} +{{#if (eq @key "ecr-credential-provider")}} + - name: HOME + value: '/root' +{{#if @root.settings.aws.profile}} + - name: AWS_PROFILE + value: '{{@root.settings.aws.profile}}' +{{/if}} +{{/if}} +{{/if}} +{{/if}} +{{/each}} +{{/if}} diff --git a/packages/kubernetes-1.27/dockershim-symlink.conf b/packages/kubernetes-1.27/dockershim-symlink.conf new file mode 100644 index 00000000000..d3fcda86914 --- /dev/null +++ b/packages/kubernetes-1.27/dockershim-symlink.conf @@ -0,0 +1,2 @@ +[Service] +ExecStartPre=/bin/ln -sf /run/containerd/containerd.sock /run/dockershim.sock diff --git a/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount b/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount new file mode 100644 index 00000000000..584e61475d1 --- /dev/null +++ b/packages/kubernetes-1.27/etc-kubernetes-pki-private.mount @@ -0,0 +1,16 @@ +[Unit] +Description=Kubernetes PKI private directory (/etc/kubernetes/pki/private) +DefaultDependencies=no +Conflicts=umount.target +Before=local-fs.target umount.target +After=selinux-policy-files.service +Wants=selinux-policy-files.service + +[Mount] +What=tmpfs +Where=/etc/kubernetes/pki/private +Type=tmpfs +Options=nosuid,nodev,noexec,noatime,context=system_u:object_r:secret_t:s0,mode=0700 + +[Install] +WantedBy=preconfigured.target diff --git a/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig b/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig new file mode 100644 index 00000000000..09e58523196 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-bootstrap-kubeconfig @@ -0,0 +1,22 @@ +--- +apiVersion: v1 +kind: Config +clusters: +- cluster: +{{#if settings.kubernetes.api-server}} + certificate-authority: "/etc/kubernetes/pki/ca.crt" + server: "{{settings.kubernetes.api-server}}" +{{/if}} + name: kubernetes +contexts: +- context: + cluster: kubernetes + user: kubelet + name: kubelet +current-context: kubelet +users: +- name: kubelet +{{#if settings.kubernetes.bootstrap-token}} + user: + token: "{{settings.kubernetes.bootstrap-token}}" +{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-config b/packages/kubernetes-1.27/kubelet-config new file mode 100644 index 00000000000..882c076a239 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-config @@ -0,0 +1,178 @@ +--- +kind: KubeletConfiguration +apiVersion: kubelet.config.k8s.io/v1beta1 +{{#if settings.kubernetes.standalone-mode}} +address: 127.0.0.1 +authentication: + anonymous: + enabled: true + webhook: + enabled: false +authorization: + mode: AlwaysAllow +{{else}} +address: 0.0.0.0 +authentication: + anonymous: + enabled: false + webhook: + cacheTTL: 2m0s + enabled: true + x509: + clientCAFile: "/etc/kubernetes/pki/ca.crt" +authorization: + mode: Webhook + webhook: + cacheAuthorizedTTL: 5m0s + cacheUnauthorizedTTL: 30s +{{/if}} +clusterDomain: {{settings.kubernetes.cluster-domain}} +{{#if settings.kubernetes.cluster-dns-ip}} +clusterDNS: +{{#each settings.kubernetes.cluster-dns-ip}} +- {{this}} +{{else}} +- {{settings.kubernetes.cluster-dns-ip}} +{{/each}} +{{/if}} +{{#if settings.kubernetes.eviction-hard}} +evictionHard: + {{#each settings.kubernetes.eviction-hard}} + {{@key}}: "{{this}}" + {{/each}} +{{/if}} +{{#if settings.kubernetes.eviction-soft}} +evictionSoft: + {{#each settings.kubernetes.eviction-soft}} + {{@key}}: "{{this}}" + {{/each}} +{{/if}} +{{#if settings.kubernetes.eviction-soft-grace-period}} +evictionSoftGracePeriod: + {{#each settings.kubernetes.eviction-soft-grace-period}} + {{@key}}: "{{this}}" + {{/each}} +{{/if}} +{{#if settings.kubernetes.eviction-max-pod-grace-period}} +evictionMaxPodGracePeriod: {{settings.kubernetes.eviction-max-pod-grace-period}} +{{/if}} +{{#if settings.kubernetes.allowed-unsafe-sysctls}} +allowedUnsafeSysctls: {{settings.kubernetes.allowed-unsafe-sysctls}} +{{/if}} +{{#if settings.kubernetes.registry-qps includeZero=true}} +registryPullQPS: {{settings.kubernetes.registry-qps}} +{{/if}} +{{#if settings.kubernetes.registry-burst includeZero=true}} +registryBurst: {{settings.kubernetes.registry-burst}} +{{/if}} +{{#if settings.kubernetes.event-qps includeZero=true}} +eventRecordQPS: {{settings.kubernetes.event-qps}} +{{/if}} +{{#if settings.kubernetes.event-burst includeZero=true}} +eventBurst: {{settings.kubernetes.event-burst}} +{{/if}} +kubeAPIQPS: {{default 10 settings.kubernetes.kube-api-qps}} +kubeAPIBurst: {{default 20 settings.kubernetes.kube-api-burst}} +kubeReserved: + cpu: "{{kube_reserve_cpu settings.kubernetes.kube-reserved.cpu}}" + {{#if settings.kubernetes.kube-reserved.memory}} + memory: "{{settings.kubernetes.kube-reserved.memory}}" + {{else}} + {{#if settings.kubernetes.max-pods}} + memory: "{{kube_reserve_memory settings.kubernetes.max-pods settings.kubernetes.kube-reserved.memory}}" + {{/if}} + {{/if}} + ephemeral-storage: "{{default "1Gi" settings.kubernetes.kube-reserved.ephemeral-storage}}" +kubeReservedCgroup: "/runtime" +{{#if settings.kubernetes.system-reserved}} +systemReserved: + {{#each settings.kubernetes.system-reserved}} + {{@key}}: "{{this}}" + {{/each}} +systemReservedCgroup: "/system" +{{/if}} +cpuCFSQuota: {{default true settings.kubernetes.cpu-cfs-quota-enforced}} +cpuManagerPolicy: {{default "none" settings.kubernetes.cpu-manager-policy}} +{{#if settings.kubernetes.cpu-manager-reconcile-period}} +cpuManagerReconcilePeriod: {{settings.kubernetes.cpu-manager-reconcile-period}} +{{/if}} +{{#if settings.kubernetes.cpu-manager-policy-options}} +cpuManagerPolicyOptions: +{{#each settings.kubernetes.cpu-manager-policy-options}} + {{this}}: "true" +{{/each}} +{{/if}} +{{#if settings.kubernetes.topology-manager-scope}} +topologyManagerScope: {{settings.kubernetes.topology-manager-scope}} +{{/if}} +{{#if settings.kubernetes.topology-manager-policy}} +topologyManagerPolicy: {{settings.kubernetes.topology-manager-policy}} +{{/if}} +{{#if settings.kubernetes.pod-pids-limit includeZero=true}} +podPidsLimit: {{settings.kubernetes.pod-pids-limit}} +{{/if}} +{{#if settings.kubernetes.image-gc-high-threshold-percent includeZero=true}} +imageGCHighThresholdPercent: {{settings.kubernetes.image-gc-high-threshold-percent}} +{{/if}} +{{#if settings.kubernetes.image-gc-low-threshold-percent includeZero=true}} +imageGCLowThresholdPercent: {{settings.kubernetes.image-gc-low-threshold-percent}} +{{/if}} +{{#if settings.kubernetes.provider-id}} +providerID: {{settings.kubernetes.provider-id}} +{{/if}} +resolvConf: "/etc/resolv.conf" +hairpinMode: hairpin-veth +readOnlyPort: 0 +cgroupDriver: systemd +cgroupRoot: "/" +runtimeRequestTimeout: 15m +featureGates: + RotateKubeletServerCertificate: true +protectKernelDefaults: true +serializeImagePulls: false +{{#if (and (default "" settings.kubernetes.server-certificate) (default "" settings.kubernetes.server-key))}} +tlsCertFile: "/etc/kubernetes/pki/kubelet-server.crt" +tlsPrivateKeyFile: "/etc/kubernetes/pki/private/kubelet-server.key" +{{else}} +serverTLSBootstrap: {{settings.kubernetes.server-tls-bootstrap}} +{{/if}} +tlsCipherSuites: +- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +volumePluginDir: "/var/lib/kubelet/plugins/volume/exec" +maxPods: {{default 110 settings.kubernetes.max-pods}} +staticPodPath: "/etc/kubernetes/static-pods/" +{{#if settings.kubernetes.container-log-max-size includeZero=true}} +containerLogMaxSize: {{settings.kubernetes.container-log-max-size}} +{{/if}} +{{#if settings.kubernetes.container-log-max-files includeZero=true}} +containerLogMaxFiles: {{settings.kubernetes.container-log-max-files}} +{{/if}} +{{#if settings.kubernetes.shutdown-grace-period}} +shutdownGracePeriod: {{settings.kubernetes.shutdown-grace-period}} +{{/if}} +{{#if settings.kubernetes.shutdown-grace-period-for-critical-pods}} +shutdownGracePeriodCriticalPods: {{settings.kubernetes.shutdown-grace-period-for-critical-pods}} +{{/if}} +{{#if settings.kubernetes.memory-manager-reserved-memory}} +{{#if (any_enabled settings.kubernetes.memory-manager-reserved-memory)}} +{{#if settings.kubernetes.memory-manager-policy}} +memoryManagerPolicy: {{settings.kubernetes.memory-manager-policy}} +{{/if}} +reservedMemory: +{{#each settings.kubernetes.memory-manager-reserved-memory}} +{{#if this.enabled}} + - numaNode: {{@key}} + limits: +{{#if this.memory}} + memory: {{this.memory}} +{{/if}} +{{#if this.hugepages-1Gi}} + hugepages-1Gi: {{this.hugepages-1Gi}} +{{/if}} +{{#if this.hugepages-2Mi}} + hugepages-2Mi: {{this.hugepages-2Mi}} +{{/if}} +{{/if}} +{{/each}} +{{/if}} +{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-env b/packages/kubernetes-1.27/kubelet-env new file mode 100644 index 00000000000..681726d0176 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-env @@ -0,0 +1,4 @@ +NODE_IP={{settings.kubernetes.node-ip}} +NODE_LABELS={{join_map "=" "," "no-fail-if-missing" settings.kubernetes.node-labels}} +NODE_TAINTS={{join_node_taints settings.kubernetes.node-taints}} +POD_INFRA_CONTAINER_IMAGE={{settings.kubernetes.pod-infra-container-image}} diff --git a/packages/kubernetes-1.27/kubelet-exec-start-conf b/packages/kubernetes-1.27/kubelet-exec-start-conf new file mode 100644 index 00000000000..e4608065b9d --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-exec-start-conf @@ -0,0 +1,33 @@ +[Service] +ExecStart= +ExecStart=/usr/bin/kubelet \ +{{#unless settings.kubernetes.standalone-mode}} + --cloud-provider {{default "external" settings.kubernetes.cloud-provider}} \ + --kubeconfig /etc/kubernetes/kubelet/kubeconfig \ +{{#if (eq settings.kubernetes.authentication-mode "tls")}} + --bootstrap-kubeconfig /etc/kubernetes/kubelet/bootstrap-kubeconfig \ +{{/if}} +{{else}} + --cloud-provider "" \ +{{/unless}} + --config /etc/kubernetes/kubelet/config \ + --container-runtime-endpoint=unix:///run/containerd/containerd.sock \ + --containerd=/run/containerd/containerd.sock \ + --root-dir /var/lib/kubelet \ + --cert-dir /var/lib/kubelet/pki \ +{{#if settings.kubernetes.credential-providers}} +{{#if (any_enabled settings.kubernetes.credential-providers)}} + --image-credential-provider-bin-dir /usr/libexec/kubernetes/kubelet/plugins \ + --image-credential-provider-config /etc/kubernetes/kubelet/credential-provider-config.yaml \ +{{/if}} +{{/if}} +{{#if settings.kubernetes.hostname-override}} + --hostname-override {{settings.kubernetes.hostname-override}} \ +{{/if}} + --node-ip ${NODE_IP} \ + --node-labels "${NODE_LABELS}" \ + --register-with-taints "${NODE_TAINTS}" \ +{{#if settings.kubernetes.log-level includeZero=true}} + -v {{settings.kubernetes.log-level}} \ +{{/if}} + --pod-infra-container-image ${POD_INFRA_CONTAINER_IMAGE} diff --git a/packages/kubernetes-1.27/kubelet-kubeconfig b/packages/kubernetes-1.27/kubelet-kubeconfig new file mode 100644 index 00000000000..f39de0e6a8a --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-kubeconfig @@ -0,0 +1,39 @@ +--- +apiVersion: v1 +kind: Config +clusters: +- cluster: +{{#if settings.kubernetes.api-server}} + certificate-authority: "/etc/kubernetes/pki/ca.crt" + server: "{{settings.kubernetes.api-server}}" +{{/if}} + name: kubernetes +contexts: +- context: + cluster: kubernetes + user: kubelet + name: kubelet +current-context: kubelet +users: +- name: kubelet +{{#if (eq settings.kubernetes.authentication-mode "aws")}} +{{#if settings.kubernetes.cluster-name}} + user: + exec: + apiVersion: client.authentication.k8s.io/v1beta1 + command: "/usr/bin/aws-iam-authenticator" + args: + - token + - "-i" + - "{{settings.kubernetes.cluster-name}}" + {{#if settings.aws.region}} + - "--region" + - "{{settings.aws.region}}" + {{/if}} +{{/if}} +{{/if}} +{{#if (eq settings.kubernetes.authentication-mode "tls")}} + user: + client-certificate: "/var/lib/kubelet/pki/kubelet-client-current.pem" + client-key: "/var/lib/kubelet/pki/kubelet-client-current.pem" +{{/if}} diff --git a/packages/kubernetes-1.27/kubelet-server-crt b/packages/kubernetes-1.27/kubelet-server-crt new file mode 100644 index 00000000000..21af4222ea2 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-server-crt @@ -0,0 +1,3 @@ +{{~#if settings.kubernetes.server-certificate~}} +{{base64_decode settings.kubernetes.server-certificate}} +{{~/if~}} diff --git a/packages/kubernetes-1.27/kubelet-server-key b/packages/kubernetes-1.27/kubelet-server-key new file mode 100644 index 00000000000..0310e76ddd8 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-server-key @@ -0,0 +1,3 @@ +{{~#if settings.kubernetes.server-key~}} +{{base64_decode settings.kubernetes.server-key}} +{{~/if~}} diff --git a/packages/kubernetes-1.27/kubelet-sysctl.conf b/packages/kubernetes-1.27/kubelet-sysctl.conf new file mode 100644 index 00000000000..ed68c7e197f --- /dev/null +++ b/packages/kubernetes-1.27/kubelet-sysctl.conf @@ -0,0 +1,2 @@ +# Overcommit handling mode - 1: Always overcommit +vm.overcommit_memory = 1 diff --git a/packages/kubernetes-1.27/kubelet.service b/packages/kubernetes-1.27/kubelet.service new file mode 100644 index 00000000000..1285853f2d1 --- /dev/null +++ b/packages/kubernetes-1.27/kubelet.service @@ -0,0 +1,26 @@ +[Unit] +Description=Kubelet +Documentation=https://github.com/kubernetes/kubernetes +After=containerd.service configured.target +Wants=configured.target +BindsTo=containerd.service + +[Service] +Slice=runtime.slice +Type=notify +EnvironmentFile=/etc/network/proxy.env +EnvironmentFile=/etc/kubernetes/kubelet/env +ExecStartPre=/sbin/iptables -P FORWARD ACCEPT +# Must be overridden by a drop-in file or `kubelet` won't start +ExecStart=/usr/bin/false + +Restart=always +RestartForceExitStatus=SIGPIPE +RestartSec=5 +Delegate=yes +KillMode=process +CPUAccounting=true +MemoryAccounting=true + +[Install] +WantedBy=multi-user.target diff --git a/packages/kubernetes-1.27/kubernetes-1.27.spec b/packages/kubernetes-1.27/kubernetes-1.27.spec new file mode 100644 index 00000000000..521de49b442 --- /dev/null +++ b/packages/kubernetes-1.27/kubernetes-1.27.spec @@ -0,0 +1,161 @@ +# After this upstream change, the linker flags `-s -w` are always added unless +# DBG=1 is set in the environment, which would set compiler flags to disable +# optimizations and inlining: +# https://github.com/kubernetes/kubernetes/pull/108371 +# +# For now, work around this by indicating that no debug package is expected. +%global debug_package %{nil} + +%global goproject github.com/kubernetes +%global gorepo kubernetes +%global goimport %{goproject}/%{gorepo} + +%global gover 1.27.1 +%global rpmver %{gover} + +%global _dwz_low_mem_die_limit 0 + +# The kubernetes build process expects the cross-compiler to be specified via `KUBE_*_CC` +# Here we generate that variable to use bottlerocket-specific compile aliases +# Examples of the generated variable: +# KUBE_LINUX_AMD64_CC=x86_64-bottlerocket-linux-gnu-gcc +# KUBE_LINUX_ARM64_CC=aarch64-bottlerocket-linux-gnu-gcc +%global kube_cc %{shrink: \ + %{lua: print(string.upper( \ + rpm.expand("KUBE_%{_cross_go_os}_%{_cross_go_arch}_CC=")) .. \ + rpm.expand("%{_cross_target}-gcc")) }} + +Name: %{_cross_os}%{gorepo} +Version: %{rpmver} +Release: 1%{?dist} +Summary: Container cluster management +# base Apache-2.0, third_party Apache-2.0 AND BSD-3-Clause +License: Apache-2.0 AND BSD-3-Clause +URL: https://%{goimport} +Source0: https://distro.eks.amazonaws.com/kubernetes-1-27/releases/1/artifacts/kubernetes/v%{gover}/kubernetes-src.tar.gz +Source1: kubelet.service +Source2: kubelet-env +Source3: kubelet-config +Source4: kubelet-kubeconfig +Source5: kubernetes-ca-crt +Source6: kubelet-exec-start-conf +Source7: kubelet-bootstrap-kubeconfig +Source8: kubernetes-tmpfiles.conf +Source9: kubelet-sysctl.conf +Source10: prepare-var-lib-kubelet.service +Source11: kubelet-server-crt +Source12: kubelet-server-key +Source13: etc-kubernetes-pki-private.mount +Source14: credential-provider-config-yaml + +# ExecStartPre drop-ins +Source20: prestart-pull-pause-ctr.conf +Source21: dockershim-symlink.conf +Source22: make-kubelet-dirs.conf +Source23: load-ipvs-modules.conf + +Source1000: clarify.toml + +BuildRequires: git +BuildRequires: rsync +BuildRequires: %{_cross_os}glibc-devel + +%description +%{summary}. + +%package -n %{_cross_os}kubelet-1.27 +Summary: Container cluster node agent +Requires: %{_cross_os}conntrack-tools +Requires: %{_cross_os}containerd +Requires: %{_cross_os}findutils +Requires: %{_cross_os}ecr-credential-provider-1.27 +Requires: %{_cross_os}aws-signing-helper + +%description -n %{_cross_os}kubelet-1.27 +%{summary}. + +%prep +%autosetup -Sgit -c -n %{gorepo}-%{gover} -p1 + +# third_party licenses +# multiarch/qemu-user-static ignored, we're not using it +cp third_party/forked/gonum/graph/LICENSE LICENSE.gonum.graph +cp third_party/forked/shell2junit/LICENSE LICENSE.shell2junit +cp third_party/forked/golang/LICENSE LICENSE.golang +cp third_party/forked/golang/PATENTS PATENTS.golang + +%build +# Build codegen programs with the host toolchain. +make hack/update-codegen.sh + +# Build kubelet with the target toolchain. +export KUBE_BUILD_PLATFORMS="linux/%{_cross_go_arch}" +export %{kube_cc} +export GOFLAGS='-tags=dockerless' +export GOLDFLAGS="-buildmode=pie -linkmode=external -compressdwarf=false" +make WHAT="cmd/kubelet" + +%install +output="./_output/local/bin/linux/%{_cross_go_arch}" +install -d %{buildroot}%{_cross_bindir} +install -p -m 0755 ${output}/kubelet %{buildroot}%{_cross_bindir} + +install -d %{buildroot}%{_cross_unitdir} +install -p -m 0644 %{S:1} %{S:10} %{S:13} %{buildroot}%{_cross_unitdir} + +install -d %{buildroot}%{_cross_unitdir}/kubelet.service.d +install -p -m 0644 %{S:20} %{S:21} %{S:22} %{S:23} %{buildroot}%{_cross_unitdir}/kubelet.service.d + +mkdir -p %{buildroot}%{_cross_templatedir} +install -m 0644 %{S:2} %{buildroot}%{_cross_templatedir}/kubelet-env +install -m 0644 %{S:3} %{buildroot}%{_cross_templatedir}/kubelet-config +install -m 0644 %{S:4} %{buildroot}%{_cross_templatedir}/kubelet-kubeconfig +install -m 0644 %{S:5} %{buildroot}%{_cross_templatedir}/kubernetes-ca-crt +install -m 0644 %{S:6} %{buildroot}%{_cross_templatedir}/kubelet-exec-start-conf +install -m 0644 %{S:7} %{buildroot}%{_cross_templatedir}/kubelet-bootstrap-kubeconfig +install -m 0644 %{S:11} %{buildroot}%{_cross_templatedir}/kubelet-server-crt +install -m 0644 %{S:12} %{buildroot}%{_cross_templatedir}/kubelet-server-key +install -m 0644 %{S:14} %{buildroot}%{_cross_templatedir}/credential-provider-config-yaml + +install -d %{buildroot}%{_cross_tmpfilesdir} +install -p -m 0644 %{S:8} %{buildroot}%{_cross_tmpfilesdir}/kubernetes.conf + +install -d %{buildroot}%{_cross_sysctldir} +install -p -m 0644 %{S:9} %{buildroot}%{_cross_sysctldir}/90-kubelet.conf + +install -d %{buildroot}%{_cross_libexecdir}/kubernetes +ln -rs \ + %{buildroot}%{_sharedstatedir}/kubelet/plugins \ + %{buildroot}%{_cross_libexecdir}/kubernetes/kubelet-plugins + +%cross_scan_attribution --clarify %{S:1000} go-vendor vendor + +%files -n %{_cross_os}kubelet-1.27 +%license LICENSE LICENSE.gonum.graph LICENSE.shell2junit LICENSE.golang PATENTS.golang +%{_cross_attribution_file} +%{_cross_attribution_vendor_dir} +%{_cross_bindir}/kubelet +%{_cross_unitdir}/kubelet.service +%{_cross_unitdir}/prepare-var-lib-kubelet.service +%{_cross_unitdir}/etc-kubernetes-pki-private.mount +%dir %{_cross_unitdir}/kubelet.service.d +%{_cross_unitdir}/kubelet.service.d/prestart-pull-pause-ctr.conf +%{_cross_unitdir}/kubelet.service.d/make-kubelet-dirs.conf +%{_cross_unitdir}/kubelet.service.d/load-ipvs-modules.conf +%{_cross_unitdir}/kubelet.service.d/dockershim-symlink.conf +%dir %{_cross_templatedir} +%{_cross_templatedir}/kubelet-env +%{_cross_templatedir}/kubelet-config +%{_cross_templatedir}/kubelet-kubeconfig +%{_cross_templatedir}/kubelet-bootstrap-kubeconfig +%{_cross_templatedir}/kubelet-exec-start-conf +%{_cross_templatedir}/kubernetes-ca-crt +%{_cross_templatedir}/kubelet-server-crt +%{_cross_templatedir}/kubelet-server-key +%{_cross_templatedir}/credential-provider-config-yaml +%{_cross_tmpfilesdir}/kubernetes.conf +%{_cross_sysctldir}/90-kubelet.conf +%dir %{_cross_libexecdir}/kubernetes +%{_cross_libexecdir}/kubernetes/kubelet-plugins + +%changelog diff --git a/packages/kubernetes-1.27/kubernetes-ca-crt b/packages/kubernetes-1.27/kubernetes-ca-crt new file mode 100644 index 00000000000..ab82c485f56 --- /dev/null +++ b/packages/kubernetes-1.27/kubernetes-ca-crt @@ -0,0 +1,3 @@ +{{~#if settings.kubernetes.cluster-certificate~}} +{{base64_decode settings.kubernetes.cluster-certificate}} +{{~/if~}} diff --git a/packages/kubernetes-1.27/kubernetes-tmpfiles.conf b/packages/kubernetes-1.27/kubernetes-tmpfiles.conf new file mode 100644 index 00000000000..15c1deec646 --- /dev/null +++ b/packages/kubernetes-1.27/kubernetes-tmpfiles.conf @@ -0,0 +1,5 @@ +d /etc/kubernetes/static-pods - - - - +L /etc/kubernetes/manifests - - - - static-pods +L /etc/kubernetes/secrets-store-csi-providers - - - - /var/lib/kubelet/providers/secrets-store +r! /var/lib/kubelet/cpu_manager_state +L /etc/kubernetes/node-feature-discovery/features.d - - - - /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.27/load-ipvs-modules.conf b/packages/kubernetes-1.27/load-ipvs-modules.conf new file mode 100644 index 00000000000..e895782bdfb --- /dev/null +++ b/packages/kubernetes-1.27/load-ipvs-modules.conf @@ -0,0 +1,3 @@ +[Unit] +Wants=modprobe@ip_vs_sh.service modprobe@ip_vs_rr.service modprobe@ip_vs_wrr.service +After=modprobe@ip_vs_sh.service modprobe@ip_vs_rr.service modprobe@ip_vs_wrr.service diff --git a/packages/kubernetes-1.27/make-kubelet-dirs.conf b/packages/kubernetes-1.27/make-kubelet-dirs.conf new file mode 100644 index 00000000000..a7249c9ac3f --- /dev/null +++ b/packages/kubernetes-1.27/make-kubelet-dirs.conf @@ -0,0 +1,5 @@ +[Service] +# Create the backing directories for symlinks in /etc +ExecStartPre=/usr/bin/mkdir -p \ + /var/lib/kubelet/providers/secrets-store \ + /var/lib/kubelet/node-feature-discovery/features.d diff --git a/packages/kubernetes-1.27/pkg.rs b/packages/kubernetes-1.27/pkg.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/packages/kubernetes-1.27/pkg.rs @@ -0,0 +1 @@ +// not used diff --git a/packages/kubernetes-1.27/prepare-var-lib-kubelet.service b/packages/kubernetes-1.27/prepare-var-lib-kubelet.service new file mode 100644 index 00000000000..1b8c6207aa4 --- /dev/null +++ b/packages/kubernetes-1.27/prepare-var-lib-kubelet.service @@ -0,0 +1,23 @@ +[Unit] +Description=Prepare Kubelet Directory (/var/lib/kubelet) +DefaultDependencies=no +RequiresMountsFor=/var +RefuseManualStart=true +RefuseManualStop=true + +[Service] +Type=oneshot + +# Remove an existing symlink, if present. Intentionally not recursive! +ExecStartPre=-/usr/bin/rm -f /var/lib/kubelet + +# Create /var/lib/kubelet so it is available for bind mounts. +ExecStart=/usr/bin/mkdir -p /var/lib/kubelet + +# Suppress warning if directory exists. +StandardError=null + +RemainAfterExit=true + +[Install] +WantedBy=local-fs.target diff --git a/packages/kubernetes-1.27/prestart-pull-pause-ctr.conf b/packages/kubernetes-1.27/prestart-pull-pause-ctr.conf new file mode 100644 index 00000000000..5f6d04cb28e --- /dev/null +++ b/packages/kubernetes-1.27/prestart-pull-pause-ctr.conf @@ -0,0 +1,9 @@ +[Service] +# Pull the pause container image before starting `kubelet` so `containerd/cri` wouldn't have to +ExecStartPre=/usr/bin/host-ctr \ + --containerd-socket=/run/containerd/containerd.sock \ + --namespace=k8s.io \ + pull-image \ + --source=${POD_INFRA_CONTAINER_IMAGE} \ + --registry-config=/etc/host-containers/host-ctr.toml \ + --skip-if-image-exists=true diff --git a/sources/logdog/conf/logdog.aws-k8s-1.27-nvidia.conf b/sources/logdog/conf/logdog.aws-k8s-1.27-nvidia.conf new file mode 120000 index 00000000000..63115aee60b --- /dev/null +++ b/sources/logdog/conf/logdog.aws-k8s-1.27-nvidia.conf @@ -0,0 +1 @@ +aws-k8s.conf \ No newline at end of file diff --git a/sources/logdog/conf/logdog.aws-k8s-1.27.conf b/sources/logdog/conf/logdog.aws-k8s-1.27.conf new file mode 120000 index 00000000000..63115aee60b --- /dev/null +++ b/sources/logdog/conf/logdog.aws-k8s-1.27.conf @@ -0,0 +1 @@ +aws-k8s.conf \ No newline at end of file diff --git a/sources/logdog/conf/logdog.metal-k8s-1.27.conf b/sources/logdog/conf/logdog.metal-k8s-1.27.conf new file mode 120000 index 00000000000..7134ec8b998 --- /dev/null +++ b/sources/logdog/conf/logdog.metal-k8s-1.27.conf @@ -0,0 +1 @@ +k8s.conf \ No newline at end of file diff --git a/sources/logdog/conf/logdog.vmware-k8s-1.27.conf b/sources/logdog/conf/logdog.vmware-k8s-1.27.conf new file mode 120000 index 00000000000..7134ec8b998 --- /dev/null +++ b/sources/logdog/conf/logdog.vmware-k8s-1.27.conf @@ -0,0 +1 @@ +k8s.conf \ No newline at end of file diff --git a/sources/models/README.md b/sources/models/README.md index 43886ebde06..95cec9b341d 100644 --- a/sources/models/README.md +++ b/sources/models/README.md @@ -34,33 +34,33 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ### aws-k8s-1.23: Kubernetes 1.23 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ### aws-k8s-1.23-nvidia: Kubernetes 1.23 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ### aws-k8s-1.24: Kubernetes 1.24 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ### aws-k8s-1.24-nvidia: Kubernetes 1.24 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ### aws-k8s-1.25: Kubernetes 1.25 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ### aws-k8s-1.25-nvidia: Kubernetes 1.25 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ### aws-k8s-1.26: Kubernetes 1.26 @@ -72,6 +72,16 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and * [Model](src/aws-k8s-1.26-nvidia/mod.rs) * [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +### aws-k8s-1.27: Kubernetes 1.27 + +* [Model](src/aws-k8s-1.27/mod.rs) +* [Default settings](src/aws-k8s-1.27/defaults.d/) + +### aws-k8s-1.27-nvidia: Kubernetes 1.27 NVIDIA + +* [Model](src/aws-k8s-1.27-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.27-nvidia/defaults.d/) + ### aws-ecs-1: Amazon ECS * [Model](src/aws-ecs-1/mod.rs) @@ -94,23 +104,28 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ### vmware-k8s-1.23: VMware Kubernetes 1.23 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ### vmware-k8s-1.24: VMware Kubernetes 1.24 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ### vmware-k8s-1.25: VMware Kubernetes 1.25 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ### vmware-k8s-1.26: VMware Kubernetes 1.26 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) + +### vmware-k8s-1.27: VMware Kubernetes 1.27 + +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ### metal-dev: Metal development build @@ -119,28 +134,33 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ### metal-k8s-1.22: Metal Kubernetes 1.22 -* [Model](src/metal-k8s-1.23/mod.rs) +* [Model](src/metal-k8s-1.22/mod.rs) * [Default settings](src/metal-k8s-1.22/defaults.d/) ### metal-k8s-1.23: Metal Kubernetes 1.23 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ### metal-k8s-1.24: Metal Kubernetes 1.24 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ### metal-k8s-1.25: Metal Kubernetes 1.25 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ### metal-k8s-1.26: Metal Kubernetes 1.26 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) + +### metal-k8s-1.27: Metal Kubernetes 1.27 + +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ## This directory diff --git a/sources/models/shared-defaults/kubernetes-aws-credential-provider.toml b/sources/models/shared-defaults/kubernetes-aws-credential-provider.toml new file mode 100644 index 00000000000..c38880f9619 --- /dev/null +++ b/sources/models/shared-defaults/kubernetes-aws-credential-provider.toml @@ -0,0 +1,10 @@ +[settings.kubernetes.credential-providers.ecr-credential-provider] +enabled = true +cache-duration = "12h" +image-patterns = [ + "*.dkr.ecr.*.amazonaws.com", + "*.dkr.ecr.*.amazonaws.cn", + "*.dkr.ecr-fips.*.amazonaws.com", + "*.dkr.ecr.us-iso-east-1.c2s.ic.gov", + "*.dkr.ecr.us-isob-east-1.sc2s.sgov.gov" +] diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/10-defaults.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/10-defaults.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/10-defaults.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/10-defaults.toml diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/15-aws-tuf.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/15-aws-tuf.toml new file mode 120000 index 00000000000..afcef6a617e --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/15-aws-tuf.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-tuf.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/20-aws-host-containers.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/20-aws-host-containers.toml new file mode 120000 index 00000000000..4d404d663cd --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/20-aws-host-containers.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-host-containers.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/25-cf-signal.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/25-cf-signal.toml new file mode 120000 index 00000000000..a33d541652c --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/25-cf-signal.toml @@ -0,0 +1 @@ +../../../shared-defaults/cf-signal.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/26-aws-autoscaling.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/26-aws-autoscaling.toml new file mode 120000 index 00000000000..b579c0182b6 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/26-aws-autoscaling.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-autoscaling.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/30-metrics.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/30-metrics.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/30-metrics.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/30-metrics.toml diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/31-send-metrics-aws.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/31-send-metrics-aws.toml new file mode 120000 index 00000000000..2fefefea751 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/31-send-metrics-aws.toml @@ -0,0 +1 @@ +../../../shared-defaults/send-metrics-aws.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/40-aws-creds.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/40-aws-creds.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/40-aws-creds.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/40-aws-creds.toml diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/50-kubernetes-aws.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/50-kubernetes-aws.toml new file mode 120000 index 00000000000..7393a2dd3d1 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/50-kubernetes-aws.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/51-kubernetes-containerd-nvidia.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/51-kubernetes-containerd-nvidia.toml new file mode 120000 index 00000000000..e68ab5eaa3c --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/51-kubernetes-containerd-nvidia.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-containerd-nvidia.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/52-kubernetes-services.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/52-kubernetes-services.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/52-kubernetes-services.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/52-kubernetes-services.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/53-containerd-cri-pki.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/53-containerd-cri-pki.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/53-containerd-cri-pki.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/53-containerd-cri-pki.toml diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/54-kubernetes-aws-external-cloud-provider.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/54-kubernetes-aws-external-cloud-provider.toml new file mode 120000 index 00000000000..cb2c4be2e8e --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/54-kubernetes-aws-external-cloud-provider.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws-external-cloud-provider.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/55-kubernetes-aws-credential-provider.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/55-kubernetes-aws-credential-provider.toml new file mode 120000 index 00000000000..43773cc11ae --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/55-kubernetes-aws-credential-provider.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws-credential-provider.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/60-lockdown-none.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/60-lockdown-none.toml new file mode 120000 index 00000000000..cced543330e --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/60-lockdown-none.toml @@ -0,0 +1 @@ +../../../shared-defaults/lockdown-none.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/70-oci-hooks.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/70-oci-hooks.toml new file mode 120000 index 00000000000..d91eec45282 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/70-oci-hooks.toml @@ -0,0 +1 @@ +../../../shared-defaults/nvidia-oci-hooks-containerd-cri.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/75-oci-defaults-containerd-cri.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/75-oci-defaults-containerd-cri.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/75-oci-defaults-containerd-cri.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/75-oci-defaults-containerd-cri.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/90-boot.toml b/sources/models/src/aws-k8s-1.27-nvidia/defaults.d/90-boot.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/90-boot.toml rename to sources/models/src/aws-k8s-1.27-nvidia/defaults.d/90-boot.toml diff --git a/sources/models/src/aws-k8s-1.27-nvidia/mod.rs b/sources/models/src/aws-k8s-1.27-nvidia/mod.rs new file mode 100644 index 00000000000..c50baac00db --- /dev/null +++ b/sources/models/src/aws-k8s-1.27-nvidia/mod.rs @@ -0,0 +1,35 @@ +use crate::modeled_types::Identifier; +use crate::{ + AutoScalingSettings, AwsSettings, BootSettings, BootstrapContainer, CloudFormationSettings, + DnsSettings, HostContainer, KernelSettings, KubernetesSettings, MetricsSettings, + NetworkSettings, NtpSettings, OciDefaults, OciHooks, PemCertificate, RegistrySettings, + UpdatesSettings, +}; + +use model_derive::model; +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Note: we have to use 'rename' here because the top-level Settings structure is the only one +// that uses its name in serialization; internal structures use the field name that points to it +#[model(rename = "settings", impl_default = true)] +struct Settings { + motd: String, + kubernetes: KubernetesSettings, + updates: UpdatesSettings, + host_containers: HashMap, + bootstrap_containers: HashMap, + ntp: NtpSettings, + network: NetworkSettings, + kernel: KernelSettings, + boot: BootSettings, + aws: AwsSettings, + metrics: MetricsSettings, + pki: HashMap, + container_registry: RegistrySettings, + oci_defaults: OciDefaults, + oci_hooks: OciHooks, + cloudformation: CloudFormationSettings, + dns: DnsSettings, + autoscaling: AutoScalingSettings, +} diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/10-defaults.toml b/sources/models/src/aws-k8s-1.27/defaults.d/10-defaults.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/10-defaults.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/10-defaults.toml diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/15-aws-tuf.toml b/sources/models/src/aws-k8s-1.27/defaults.d/15-aws-tuf.toml new file mode 120000 index 00000000000..afcef6a617e --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/15-aws-tuf.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-tuf.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/20-aws-host-containers.toml b/sources/models/src/aws-k8s-1.27/defaults.d/20-aws-host-containers.toml new file mode 120000 index 00000000000..4d404d663cd --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/20-aws-host-containers.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-host-containers.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/25-cf-signal.toml b/sources/models/src/aws-k8s-1.27/defaults.d/25-cf-signal.toml new file mode 120000 index 00000000000..a33d541652c --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/25-cf-signal.toml @@ -0,0 +1 @@ +../../../shared-defaults/cf-signal.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/26-aws-autoscaling.toml b/sources/models/src/aws-k8s-1.27/defaults.d/26-aws-autoscaling.toml new file mode 120000 index 00000000000..b579c0182b6 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/26-aws-autoscaling.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-autoscaling.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/30-metrics.toml b/sources/models/src/aws-k8s-1.27/defaults.d/30-metrics.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/30-metrics.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/30-metrics.toml diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/31-send-metrics-aws.toml b/sources/models/src/aws-k8s-1.27/defaults.d/31-send-metrics-aws.toml new file mode 120000 index 00000000000..2fefefea751 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/31-send-metrics-aws.toml @@ -0,0 +1 @@ +../../../shared-defaults/send-metrics-aws.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/40-aws-creds.toml b/sources/models/src/aws-k8s-1.27/defaults.d/40-aws-creds.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/40-aws-creds.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/40-aws-creds.toml diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/50-kubernetes-aws.toml b/sources/models/src/aws-k8s-1.27/defaults.d/50-kubernetes-aws.toml new file mode 120000 index 00000000000..7393a2dd3d1 --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/50-kubernetes-aws.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/51-kubernetes-containerd.toml b/sources/models/src/aws-k8s-1.27/defaults.d/51-kubernetes-containerd.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/51-kubernetes-containerd.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/51-kubernetes-containerd.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/52-kubernetes-services.toml b/sources/models/src/aws-k8s-1.27/defaults.d/52-kubernetes-services.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/52-kubernetes-services.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/52-kubernetes-services.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/53-containerd-cri-pki.toml b/sources/models/src/aws-k8s-1.27/defaults.d/53-containerd-cri-pki.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/53-containerd-cri-pki.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/53-containerd-cri-pki.toml diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/54-kubernetes-aws-external-cloud-provider.toml b/sources/models/src/aws-k8s-1.27/defaults.d/54-kubernetes-aws-external-cloud-provider.toml new file mode 120000 index 00000000000..cb2c4be2e8e --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/54-kubernetes-aws-external-cloud-provider.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws-external-cloud-provider.toml \ No newline at end of file diff --git a/sources/models/src/aws-k8s-1.27/defaults.d/55-kubernetes-aws-credential-provider.toml b/sources/models/src/aws-k8s-1.27/defaults.d/55-kubernetes-aws-credential-provider.toml new file mode 120000 index 00000000000..43773cc11ae --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/defaults.d/55-kubernetes-aws-credential-provider.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-aws-credential-provider.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/60-lockdown-integrity.toml b/sources/models/src/aws-k8s-1.27/defaults.d/60-lockdown-integrity.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/60-lockdown-integrity.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/60-lockdown-integrity.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/80-oci-hooks.toml b/sources/models/src/aws-k8s-1.27/defaults.d/70-oci-hooks.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/80-oci-hooks.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/70-oci-hooks.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/85-oci-defaults-containerd-cri.toml b/sources/models/src/aws-k8s-1.27/defaults.d/75-oci-defaults-containerd-cri.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/85-oci-defaults-containerd-cri.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/75-oci-defaults-containerd-cri.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/86-oci-defaults-containerd-cri-capabilities.toml b/sources/models/src/aws-k8s-1.27/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/86-oci-defaults-containerd-cri-capabilities.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/87-oci-defaults-containerd-cri-resource-limits.toml b/sources/models/src/aws-k8s-1.27/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/87-oci-defaults-containerd-cri-resource-limits.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/90-boot.toml b/sources/models/src/aws-k8s-1.27/defaults.d/90-boot.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/90-boot.toml rename to sources/models/src/aws-k8s-1.27/defaults.d/90-boot.toml diff --git a/sources/models/src/aws-k8s-1.27/mod.rs b/sources/models/src/aws-k8s-1.27/mod.rs new file mode 100644 index 00000000000..07fea46166b --- /dev/null +++ b/sources/models/src/aws-k8s-1.27/mod.rs @@ -0,0 +1,36 @@ +use crate::modeled_types::Identifier; +use crate::{ + AutoScalingSettings, AwsSettings, BootSettings, BootstrapContainer, CloudFormationSettings, + ContainerRuntimeSettings, DnsSettings, HostContainer, KernelSettings, KubernetesSettings, + MetricsSettings, NetworkSettings, NtpSettings, OciDefaults, OciHooks, PemCertificate, + RegistrySettings, UpdatesSettings, +}; + +use model_derive::model; +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Note: we have to use 'rename' here because the top-level Settings structure is the only one +// that uses its name in serialization; internal structures use the field name that points to it +#[model(rename = "settings", impl_default = true)] +struct Settings { + motd: String, + kubernetes: KubernetesSettings, + updates: UpdatesSettings, + host_containers: HashMap, + bootstrap_containers: HashMap, + ntp: NtpSettings, + network: NetworkSettings, + kernel: KernelSettings, + boot: BootSettings, + aws: AwsSettings, + metrics: MetricsSettings, + pki: HashMap, + container_registry: RegistrySettings, + oci_defaults: OciDefaults, + oci_hooks: OciHooks, + cloudformation: CloudFormationSettings, + dns: DnsSettings, + container_runtime: ContainerRuntimeSettings, + autoscaling: AutoScalingSettings, +} diff --git a/sources/models/src/lib.rs b/sources/models/src/lib.rs index 03568bb600b..f9cf1d80b4d 100644 --- a/sources/models/src/lib.rs +++ b/sources/models/src/lib.rs @@ -31,33 +31,33 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ## aws-k8s-1.23: Kubernetes 1.23 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ## aws-k8s-1.23-nvidia: Kubernetes 1.23 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ## aws-k8s-1.24: Kubernetes 1.24 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ## aws-k8s-1.24-nvidia: Kubernetes 1.24 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ## aws-k8s-1.25: Kubernetes 1.25 -* [Model](src/aws-k8s-1.26/mod.rs) -* [Default settings](src/aws-k8s-1.26/defaults.d/) +* [Model](src/aws-k8s-1.25/mod.rs) +* [Default settings](src/aws-k8s-1.25/defaults.d/) ## aws-k8s-1.25-nvidia: Kubernetes 1.25 NVIDIA -* [Model](src/aws-k8s-1.26-nvidia/mod.rs) -* [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +* [Model](src/aws-k8s-1.25-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.25-nvidia/defaults.d/) ## aws-k8s-1.26: Kubernetes 1.26 @@ -69,6 +69,16 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and * [Model](src/aws-k8s-1.26-nvidia/mod.rs) * [Default settings](src/aws-k8s-1.26-nvidia/defaults.d/) +## aws-k8s-1.27: Kubernetes 1.27 + +* [Model](src/aws-k8s-1.27/mod.rs) +* [Default settings](src/aws-k8s-1.27/defaults.d/) + +## aws-k8s-1.27-nvidia: Kubernetes 1.27 NVIDIA + +* [Model](src/aws-k8s-1.27-nvidia/mod.rs) +* [Default settings](src/aws-k8s-1.27-nvidia/defaults.d/) + ## aws-ecs-1: Amazon ECS * [Model](src/aws-ecs-1/mod.rs) @@ -91,23 +101,28 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ## vmware-k8s-1.23: VMware Kubernetes 1.23 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ## vmware-k8s-1.24: VMware Kubernetes 1.24 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ## vmware-k8s-1.25: VMware Kubernetes 1.25 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ## vmware-k8s-1.26: VMware Kubernetes 1.26 -* [Model](src/vmware-k8s-1.26/mod.rs) -* [Default settings](src/vmware-k8s-1.26/defaults.d/) +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) + +## vmware-k8s-1.27: VMware Kubernetes 1.27 + +* [Model](src/vmware-k8s-1.27/mod.rs) +* [Default settings](src/vmware-k8s-1.27/defaults.d/) ## metal-dev: Metal development build @@ -116,28 +131,33 @@ The `#[model]` attribute on Settings and its sub-structs reduces duplication and ## metal-k8s-1.22: Metal Kubernetes 1.22 -* [Model](src/metal-k8s-1.23/mod.rs) +* [Model](src/metal-k8s-1.22/mod.rs) * [Default settings](src/metal-k8s-1.22/defaults.d/) ## metal-k8s-1.23: Metal Kubernetes 1.23 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ## metal-k8s-1.24: Metal Kubernetes 1.24 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ## metal-k8s-1.25: Metal Kubernetes 1.25 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) ## metal-k8s-1.26: Metal Kubernetes 1.26 -* [Model](src/metal-k8s-1.26/mod.rs) -* [Default settings](src/metal-k8s-1.26/defaults.d/) +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) + +## metal-k8s-1.27: Metal Kubernetes 1.27 + +* [Model](src/metal-k8s-1.27/mod.rs) +* [Default settings](src/metal-k8s-1.27/defaults.d/) # This directory diff --git a/sources/models/src/metal-k8s-1.26 b/sources/models/src/metal-k8s-1.26 new file mode 120000 index 00000000000..2693a4b7296 --- /dev/null +++ b/sources/models/src/metal-k8s-1.26 @@ -0,0 +1 @@ +metal-k8s-1.27 \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/10-defaults.toml b/sources/models/src/metal-k8s-1.27/defaults.d/10-defaults.toml new file mode 120000 index 00000000000..a202ba61a4c --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/10-defaults.toml @@ -0,0 +1 @@ +../../../shared-defaults/defaults.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/15-public-tuf.toml b/sources/models/src/metal-k8s-1.27/defaults.d/15-public-tuf.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/15-public-tuf.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/15-public-tuf.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/20-public-host-containers.toml b/sources/models/src/metal-k8s-1.27/defaults.d/20-public-host-containers.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/20-public-host-containers.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/20-public-host-containers.toml diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/30-metrics.toml b/sources/models/src/metal-k8s-1.27/defaults.d/30-metrics.toml new file mode 120000 index 00000000000..99f0b2b6980 --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/30-metrics.toml @@ -0,0 +1 @@ +../../../shared-defaults/metrics.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/31-send-metrics.toml b/sources/models/src/metal-k8s-1.27/defaults.d/31-send-metrics.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/31-send-metrics.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/31-send-metrics.toml diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/40-aws-creds.toml b/sources/models/src/metal-k8s-1.27/defaults.d/40-aws-creds.toml new file mode 120000 index 00000000000..a6a17e88f54 --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/40-aws-creds.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-creds.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/50-kubernetes-metal.toml b/sources/models/src/metal-k8s-1.27/defaults.d/50-kubernetes-metal.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/50-kubernetes-metal.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/50-kubernetes-metal.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/51-kubernetes-containerd.toml b/sources/models/src/metal-k8s-1.27/defaults.d/51-kubernetes-containerd.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/51-kubernetes-containerd.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/51-kubernetes-containerd.toml diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/52-kubernetes-services.toml b/sources/models/src/metal-k8s-1.27/defaults.d/52-kubernetes-services.toml new file mode 120000 index 00000000000..afab5a7f15a --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/52-kubernetes-services.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-services.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/53-containerd-cri-pki.toml b/sources/models/src/metal-k8s-1.27/defaults.d/53-containerd-cri-pki.toml new file mode 120000 index 00000000000..2dbf7db789b --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/53-containerd-cri-pki.toml @@ -0,0 +1 @@ +../../../shared-defaults/containerd-cri-pki.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/60-lockdown-integrity.toml b/sources/models/src/metal-k8s-1.27/defaults.d/60-lockdown-integrity.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/60-lockdown-integrity.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/60-lockdown-integrity.toml diff --git a/sources/models/src/metal-k8s-1.26/defaults.d/70-public-ntp.toml b/sources/models/src/metal-k8s-1.27/defaults.d/70-public-ntp.toml similarity index 100% rename from sources/models/src/metal-k8s-1.26/defaults.d/70-public-ntp.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/70-public-ntp.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/80-oci-hooks.toml b/sources/models/src/metal-k8s-1.27/defaults.d/80-oci-hooks.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/80-oci-hooks.toml rename to sources/models/src/metal-k8s-1.27/defaults.d/80-oci-hooks.toml diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/85-oci-defaults-containerd-cri.toml b/sources/models/src/metal-k8s-1.27/defaults.d/85-oci-defaults-containerd-cri.toml new file mode 120000 index 00000000000..25204d67d21 --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/85-oci-defaults-containerd-cri.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/86-oci-defaults-containerd-cri-capabilities.toml b/sources/models/src/metal-k8s-1.27/defaults.d/86-oci-defaults-containerd-cri-capabilities.toml new file mode 120000 index 00000000000..2e5d1c32f8d --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/86-oci-defaults-containerd-cri-capabilities.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri-capabilities.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/87-oci-defaults-containerd-cri-resource-limits.toml b/sources/models/src/metal-k8s-1.27/defaults.d/87-oci-defaults-containerd-cri-resource-limits.toml new file mode 120000 index 00000000000..7f06213572a --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/87-oci-defaults-containerd-cri-resource-limits.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri-resource-limits.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.27/defaults.d/90-boot.toml b/sources/models/src/metal-k8s-1.27/defaults.d/90-boot.toml new file mode 120000 index 00000000000..7778447459a --- /dev/null +++ b/sources/models/src/metal-k8s-1.27/defaults.d/90-boot.toml @@ -0,0 +1 @@ +../../../shared-defaults/boot.toml \ No newline at end of file diff --git a/sources/models/src/metal-k8s-1.26/mod.rs b/sources/models/src/metal-k8s-1.27/mod.rs similarity index 100% rename from sources/models/src/metal-k8s-1.26/mod.rs rename to sources/models/src/metal-k8s-1.27/mod.rs diff --git a/sources/models/src/vmware-k8s-1.26 b/sources/models/src/vmware-k8s-1.26 new file mode 120000 index 00000000000..4a27a58abc5 --- /dev/null +++ b/sources/models/src/vmware-k8s-1.26 @@ -0,0 +1 @@ +vmware-k8s-1.27 \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/10-defaults.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/10-defaults.toml new file mode 120000 index 00000000000..a202ba61a4c --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/10-defaults.toml @@ -0,0 +1 @@ +../../../shared-defaults/defaults.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/15-public-tuf.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/15-public-tuf.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/15-public-tuf.toml rename to sources/models/src/vmware-k8s-1.27/defaults.d/15-public-tuf.toml diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/20-public-host-containers.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/20-public-host-containers.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/20-public-host-containers.toml rename to sources/models/src/vmware-k8s-1.27/defaults.d/20-public-host-containers.toml diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/30-metrics.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/30-metrics.toml new file mode 120000 index 00000000000..99f0b2b6980 --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/30-metrics.toml @@ -0,0 +1 @@ +../../../shared-defaults/metrics.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/31-send-metrics.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/31-send-metrics.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/31-send-metrics.toml rename to sources/models/src/vmware-k8s-1.27/defaults.d/31-send-metrics.toml diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/40-aws-creds.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/40-aws-creds.toml new file mode 120000 index 00000000000..a6a17e88f54 --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/40-aws-creds.toml @@ -0,0 +1 @@ +../../../shared-defaults/aws-creds.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/50-kubernetes-vmware.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/50-kubernetes-vmware.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/50-kubernetes-vmware.toml rename to sources/models/src/vmware-k8s-1.27/defaults.d/50-kubernetes-vmware.toml diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/51-kubernetes-containerd.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/51-kubernetes-containerd.toml new file mode 120000 index 00000000000..08196a5edef --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/51-kubernetes-containerd.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-containerd.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/52-kubernetes-services.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/52-kubernetes-services.toml new file mode 120000 index 00000000000..afab5a7f15a --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/52-kubernetes-services.toml @@ -0,0 +1 @@ +../../../shared-defaults/kubernetes-services.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/53-containerd-cri-pki.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/53-containerd-cri-pki.toml new file mode 120000 index 00000000000..2dbf7db789b --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/53-containerd-cri-pki.toml @@ -0,0 +1 @@ +../../../shared-defaults/containerd-cri-pki.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/60-lockdown-integrity.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/60-lockdown-integrity.toml new file mode 120000 index 00000000000..8b4de873a39 --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/60-lockdown-integrity.toml @@ -0,0 +1 @@ +../../../shared-defaults/lockdown-integrity.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/defaults.d/70-public-ntp.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/70-public-ntp.toml similarity index 100% rename from sources/models/src/vmware-k8s-1.26/defaults.d/70-public-ntp.toml rename to sources/models/src/vmware-k8s-1.27/defaults.d/70-public-ntp.toml diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/75-oci-defaults-containerd-cri.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/75-oci-defaults-containerd-cri.toml new file mode 120000 index 00000000000..25204d67d21 --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/75-oci-defaults-containerd-cri.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml new file mode 120000 index 00000000000..2e5d1c32f8d --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/76-oci-defaults-containerd-cri-capabilities.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri-capabilities.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml new file mode 120000 index 00000000000..7f06213572a --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/77-oci-defaults-containerd-cri-resource-limits.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-defaults-containerd-cri-resource-limits.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/80-oci-hooks.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/80-oci-hooks.toml new file mode 120000 index 00000000000..e7b73c620dd --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/80-oci-hooks.toml @@ -0,0 +1 @@ +../../../shared-defaults/oci-hooks.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.27/defaults.d/90-boot.toml b/sources/models/src/vmware-k8s-1.27/defaults.d/90-boot.toml new file mode 120000 index 00000000000..7778447459a --- /dev/null +++ b/sources/models/src/vmware-k8s-1.27/defaults.d/90-boot.toml @@ -0,0 +1 @@ +../../../shared-defaults/boot.toml \ No newline at end of file diff --git a/sources/models/src/vmware-k8s-1.26/mod.rs b/sources/models/src/vmware-k8s-1.27/mod.rs similarity index 100% rename from sources/models/src/vmware-k8s-1.26/mod.rs rename to sources/models/src/vmware-k8s-1.27/mod.rs diff --git a/variants/Cargo.lock b/variants/Cargo.lock index 4364383cbe1..f04b349d6a2 100644 --- a/variants/Cargo.lock +++ b/variants/Cargo.lock @@ -197,6 +197,33 @@ dependencies = [ "release", ] +[[package]] +name = "aws-k8s-1_27" +version = "0.1.0" +dependencies = [ + "aws-iam-authenticator", + "cni", + "cni-plugins", + "kernel-5_15", + "kubernetes-1_27", + "release", +] + +[[package]] +name = "aws-k8s-1_27-nvidia" +version = "0.1.0" +dependencies = [ + "aws-iam-authenticator", + "cni", + "cni-plugins", + "kernel-5_15", + "kmod-5_15-nvidia", + "kubernetes-1_27", + "nvidia-container-toolkit", + "nvidia-k8s-device-plugin", + "release", +] + [[package]] name = "aws-signing-helper" version = "0.1.0" @@ -339,6 +366,13 @@ dependencies = [ "glibc", ] +[[package]] +name = "ecr-credential-provider-1_27" +version = "0.1.0" +dependencies = [ + "glibc", +] + [[package]] name = "ecs-agent" version = "0.1.0" @@ -531,6 +565,15 @@ dependencies = [ "glibc", ] +[[package]] +name = "kubernetes-1_27" +version = "0.1.0" +dependencies = [ + "aws-signing-helper", + "ecr-credential-provider-1_27", + "glibc", +] + [[package]] name = "libacl" version = "0.1.0" @@ -885,6 +928,17 @@ dependencies = [ "release", ] +[[package]] +name = "metal-k8s-1_27" +version = "0.1.0" +dependencies = [ + "cni", + "cni-plugins", + "kernel-5_15", + "kubernetes-1_27", + "release", +] + [[package]] name = "microcode" version = "0.1.0" @@ -1133,6 +1187,18 @@ dependencies = [ "release", ] +[[package]] +name = "vmware-k8s-1_27" +version = "0.1.0" +dependencies = [ + "cni", + "cni-plugins", + "kernel-5_15", + "kubernetes-1_27", + "open-vm-tools", + "release", +] + [[package]] name = "wicked" version = "0.1.0" diff --git a/variants/Cargo.toml b/variants/Cargo.toml index 1741edd4f3b..bbdf890c835 100644 --- a/variants/Cargo.toml +++ b/variants/Cargo.toml @@ -13,18 +13,22 @@ members = [ "aws-k8s-1.25-nvidia", "aws-k8s-1.26", "aws-k8s-1.26-nvidia", + "aws-k8s-1.27", + "aws-k8s-1.27-nvidia", "metal-dev", "metal-k8s-1.22", "metal-k8s-1.23", "metal-k8s-1.24", "metal-k8s-1.25", "metal-k8s-1.26", + "metal-k8s-1.27", "vmware-dev", "vmware-k8s-1.22", "vmware-k8s-1.23", "vmware-k8s-1.24", "vmware-k8s-1.25", "vmware-k8s-1.26", + "vmware-k8s-1.27", ] [profile.dev] diff --git a/variants/README.md b/variants/README.md index bed322cb64b..762934bd990 100644 --- a/variants/README.md +++ b/variants/README.md @@ -103,6 +103,20 @@ It also includes the required packages to configure containers to leverage NVIDI It supports self-hosted clusters and clusters managed by [EKS](https://aws.amazon.com/eks/). This variant is compatible with Kubernetes 1.26, 1.27, and 1.28 clusters. +### aws-k8s-1.27: Kubernetes 1.27 node + +The [aws-k8s-1.27](aws-k8s-1.27/Cargo.toml) variant includes the packages needed to run a Kubernetes node in AWS. +It supports self-hosted clusters and clusters managed by [EKS](https://aws.amazon.com/eks/). + +This variant is compatible with Kubernetes 1.27, 1.28, and 1.29 clusters. + +### aws-k8s-1.27-nvidia: Kubernetes 1.27 NVIDIA node + +The [aws-k8s-1.27-nvidia](aws-k8s-1.27-nvidia/Cargo.toml) variant includes the packages needed to run a Kubernetes node in AWS. +It also includes the required packages to configure containers to leverage NVIDIA GPUs. +It supports self-hosted clusters and clusters managed by [EKS](https://aws.amazon.com/eks/). +This variant is compatible with Kubernetes 1.27, 1.28, and 1.29 clusters. + ### aws-ecs-1: Amazon ECS container instance The [aws-ecs-1](aws-ecs-1/Cargo.toml) variant includes the packages needed to run an [Amazon ECS](https://ecs.aws) @@ -160,6 +174,13 @@ It supports self-hosted clusters. This variant is compatible with Kubernetes 1.26, 1.27, and 1.28 clusters. +## vmware-k8s-1.27: VMware Kubernetes 1.26 7ode + +The [vmware-k8s-1.27](vmware-k8s-1.27/Cargo.toml) variant includes the packages needed to run a Kubernetes worker node as a VMware guest. +It supports self-hosted clusters. + +This variant is compatible with Kubernetes 1.27, 1.28, and 1.29 clusters. + ### metal-dev: Metal development build The [metal-dev](metal-dev/Cargo.toml) variant has useful packages for local development of the OS and is intended to run bare metal. @@ -200,6 +221,13 @@ It supports self-hosted clusters. This variant is compatible with Kubernetes 1.26, 1.27, and 1.28 clusters. +### metal-k8s-1.27: Metal Kubernetes 1.27 node + +The [metal-k8s-1.27](metal-k8s-1.27/Cargo.toml) variant includes the packages needed to run a Kubernetes node on bare metal. +It supports self-hosted clusters. + +This variant is compatible with Kubernetes 1.27, 1.28, and 1.29 clusters. + ### Deprecated variants #### aws-k8s-1.15: Kubernetes 1.15 node diff --git a/variants/aws-k8s-1.27-nvidia/Cargo.toml b/variants/aws-k8s-1.27-nvidia/Cargo.toml new file mode 100644 index 00000000000..d7f55481d6d --- /dev/null +++ b/variants/aws-k8s-1.27-nvidia/Cargo.toml @@ -0,0 +1,51 @@ +[package] +# This is the aws-k8s-1.27-nvidia variant. "." is not allowed in crate names, but we +# don't use this crate name anywhere. +name = "aws-k8s-1_27-nvidia" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" +# Don't rebuild crate just because of changes to README. +exclude = ["README.md"] + +[package.metadata.build-variant.image-layout] +os-image-size-gib = 4 + +[package.metadata.build-variant.image-features] +grub-set-private-var = true +unified-cgroup-hierarchy = true + +[package.metadata.build-variant] +included-packages = [ + "aws-iam-authenticator", + "cni", + "cni-plugins", + "kernel-5.15", + "kubelet-1.27", + "release", + "nvidia-container-toolkit", + "nvidia-k8s-device-plugin", + "kmod-5.15-nvidia-tesla-515", +] +kernel-parameters = [ + "console=tty0", + "console=ttyS0,115200n8", + "net.ifnames=0", + "netdog.default-interface=eth0:dhcp4,dhcp6?", + "quiet", +] + +[lib] +path = "lib.rs" + +[build-dependencies] +aws-iam-authenticator = { path = "../../packages/aws-iam-authenticator" } +cni = { path = "../../packages/cni" } +cni-plugins = { path = "../../packages/cni-plugins" } +kernel-5_15 = { path = "../../packages/kernel-5.15" } +kubernetes-1_27 = { path = "../../packages/kubernetes-1.27" } +release = { path = "../../packages/release" } +nvidia-container-toolkit = { path = "../../packages/nvidia-container-toolkit" } +nvidia-k8s-device-plugin = { path = "../../packages/nvidia-k8s-device-plugin" } +kmod-5_15-nvidia = { path = "../../packages/kmod-5.15-nvidia" } diff --git a/variants/aws-k8s-1.27-nvidia/build.rs b/variants/aws-k8s-1.27-nvidia/build.rs new file mode 100644 index 00000000000..d6a90e4df44 --- /dev/null +++ b/variants/aws-k8s-1.27-nvidia/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-variant").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/variants/aws-k8s-1.27-nvidia/lib.rs b/variants/aws-k8s-1.27-nvidia/lib.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/variants/aws-k8s-1.27-nvidia/lib.rs @@ -0,0 +1 @@ +// not used diff --git a/variants/aws-k8s-1.27/Cargo.toml b/variants/aws-k8s-1.27/Cargo.toml new file mode 100644 index 00000000000..b7ad3d87c31 --- /dev/null +++ b/variants/aws-k8s-1.27/Cargo.toml @@ -0,0 +1,42 @@ +[package] +# This is the aws-k8s-1.27 variant. "." is not allowed in crate names, but we +# don't use this crate name anywhere. +name = "aws-k8s-1_27" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" +# Don't rebuild crate just because of changes to README. +exclude = ["README.md"] + +[package.metadata.build-variant.image-features] +grub-set-private-var = true +unified-cgroup-hierarchy = true + +[package.metadata.build-variant] +included-packages = [ + "aws-iam-authenticator", + "cni", + "cni-plugins", + "kernel-5.15", + "kubelet-1.27", + "release", +] +kernel-parameters = [ + "console=tty0", + "console=ttyS0,115200n8", + "net.ifnames=0", + "netdog.default-interface=eth0:dhcp4,dhcp6?", + "quiet", +] + +[lib] +path = "lib.rs" + +[build-dependencies] +aws-iam-authenticator = { path = "../../packages/aws-iam-authenticator" } +cni = { path = "../../packages/cni" } +cni-plugins = { path = "../../packages/cni-plugins" } +kernel-5_15 = { path = "../../packages/kernel-5.15" } +kubernetes-1_27 = { path = "../../packages/kubernetes-1.27" } +release = { path = "../../packages/release" } diff --git a/variants/aws-k8s-1.27/build.rs b/variants/aws-k8s-1.27/build.rs new file mode 100644 index 00000000000..d6a90e4df44 --- /dev/null +++ b/variants/aws-k8s-1.27/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-variant").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/variants/aws-k8s-1.27/lib.rs b/variants/aws-k8s-1.27/lib.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/variants/aws-k8s-1.27/lib.rs @@ -0,0 +1 @@ +// not used diff --git a/variants/metal-k8s-1.27/Cargo.toml b/variants/metal-k8s-1.27/Cargo.toml new file mode 100644 index 00000000000..d2f59168e1a --- /dev/null +++ b/variants/metal-k8s-1.27/Cargo.toml @@ -0,0 +1,43 @@ +[package] +# This is the metal-k8s-1.27 variant. "." is not allowed in crate names, but +# we don't use this crate name anywhere. +name = "metal-k8s-1_27" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" +# Don't rebuild crate just because of changes to README. +exclude = ["README.md"] + +[package.metadata.build-variant.image-layout] +os-image-size-gib = 4 +partition-plan = "unified" + +[package.metadata.build-variant.image-features] +grub-set-private-var = true +unified-cgroup-hierarchy = true + +[package.metadata.build-variant] +image-format = "raw" +supported-arches = ["x86_64"] +kernel-parameters = [ + # Only reserve if there are at least 2GB + "crashkernel=2G-:256M" +] +included-packages = [ + "cni", + "cni-plugins", + "kernel-5.15", + "kubelet-1.27", + "release", +] + +[lib] +path = "lib.rs" + +[build-dependencies] +cni = { path = "../../packages/cni" } +cni-plugins = { path = "../../packages/cni-plugins" } +kernel-5_15 = { path = "../../packages/kernel-5.15" } +kubernetes-1_27 = { path = "../../packages/kubernetes-1.27" } +release = { path = "../../packages/release" } diff --git a/variants/metal-k8s-1.27/build.rs b/variants/metal-k8s-1.27/build.rs new file mode 100644 index 00000000000..d6a90e4df44 --- /dev/null +++ b/variants/metal-k8s-1.27/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-variant").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/variants/metal-k8s-1.27/lib.rs b/variants/metal-k8s-1.27/lib.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/variants/metal-k8s-1.27/lib.rs @@ -0,0 +1 @@ +// not used diff --git a/variants/vmware-k8s-1.27/Cargo.toml b/variants/vmware-k8s-1.27/Cargo.toml new file mode 100644 index 00000000000..77fd0238aee --- /dev/null +++ b/variants/vmware-k8s-1.27/Cargo.toml @@ -0,0 +1,48 @@ +[package] +# This is the vmware-k8s-1.27 variant. "." is not allowed in crate names, but +# we don't use this crate name anywhere. +name = "vmware-k8s-1_27" +version = "0.1.0" +edition = "2021" +publish = false +build = "build.rs" +# Don't rebuild crate just because of changes to README. +exclude = ["README.md"] + +[package.metadata.build-variant.image-layout] +partition-plan = "unified" + +[package.metadata.build-variant.image-features] +grub-set-private-var = true +unified-cgroup-hierarchy = true + +[package.metadata.build-variant] +image-format = "vmdk" +supported-arches = ["x86_64"] +kernel-parameters = [ + "console=tty1", + # Only reserve if there are at least 2GB + "crashkernel=2G-:256M", + "net.ifnames=0", + "netdog.default-interface=eth0:dhcp4,dhcp6?", + "quiet", +] +included-packages = [ + "cni", + "cni-plugins", + "kernel-5.15", + "kubelet-1.27", + "open-vm-tools", + "release", +] + +[lib] +path = "lib.rs" + +[build-dependencies] +cni = { path = "../../packages/cni" } +cni-plugins = { path = "../../packages/cni-plugins" } +kernel-5_15 = { path = "../../packages/kernel-5.15" } +kubernetes-1_27 = { path = "../../packages/kubernetes-1.27" } +open-vm-tools = { path = "../../packages/open-vm-tools" } +release = { path = "../../packages/release" } diff --git a/variants/vmware-k8s-1.27/build.rs b/variants/vmware-k8s-1.27/build.rs new file mode 100644 index 00000000000..d6a90e4df44 --- /dev/null +++ b/variants/vmware-k8s-1.27/build.rs @@ -0,0 +1,9 @@ +use std::process::{exit, Command}; + +fn main() -> Result<(), std::io::Error> { + let ret = Command::new("buildsys").arg("build-variant").status()?; + if !ret.success() { + exit(1); + } + Ok(()) +} diff --git a/variants/vmware-k8s-1.27/lib.rs b/variants/vmware-k8s-1.27/lib.rs new file mode 100644 index 00000000000..d799fb2d44c --- /dev/null +++ b/variants/vmware-k8s-1.27/lib.rs @@ -0,0 +1 @@ +// not used diff --git a/variants/vmware-k8s-1.27/template.ovf b/variants/vmware-k8s-1.27/template.ovf new file mode 120000 index 00000000000..e301e3bb05d --- /dev/null +++ b/variants/vmware-k8s-1.27/template.ovf @@ -0,0 +1 @@ +../shared/template-unified.ovf \ No newline at end of file