diff --git a/.github/workflows/build-azure-sig.yaml b/.github/workflows/build-azure-sig.yaml index 1c86351907..9f85b0c83a 100644 --- a/.github/workflows/build-azure-sig.yaml +++ b/.github/workflows/build-azure-sig.yaml @@ -132,7 +132,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Configure Kubernetes version uses: ./.github/actions/configure-k8s-version @@ -287,7 +287,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download publishing info artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 @@ -646,7 +646,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download publishing info artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 @@ -799,7 +799,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Download publishing info artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 diff --git a/Makefile b/Makefile index fd8bae7288..84d8610586 100644 --- a/Makefile +++ b/Makefile @@ -34,4 +34,6 @@ update-release-docs: ## Updates the docs with reference to the latest release ve images/capi/scripts/release-update-docs.sh .DEFAULT: - $(MAKE) -C images/capi $@ + @$(if $(or $(findstring ',$@),$(findstring \,$@)),$(error Invalid target name: $@)) + @case '$@' in *[!a-zA-Z0-9_./-]*) echo 'Invalid target name' >&2; exit 1 ;; esac + @$(MAKE) -C images/capi '$@' diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES index c3c33cecda..d6f31e9ab2 100644 --- a/OWNERS_ALIASES +++ b/OWNERS_ALIASES @@ -24,8 +24,7 @@ aliases: - yadvr image-builder-scaleway-reviewers: - Tomy2e - - Mia-Cross - - remyleone + - pablo-ruth image-builder-raw-maintainers: - detiber - thebsdbox diff --git a/README.md b/README.md index 5c257f1a2d..39eedcf6ce 100644 --- a/README.md +++ b/README.md @@ -20,25 +20,26 @@ The table below shows the currently provided operating systems for each provider - ✅: Image is available for the provider - ❌: Image is not available for the provider -| OS | ami | azure | digitalocean | gce | hcloud | huaweicloud | maas | nutanix | oci | openstack | outscale | ova | powervs | proxmox | qemu | raw | scaleway | vultr | -|-------------------|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----| -| AlmaLinux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Amazon Linux 2 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Amazon Linux 2023 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Azure Linux 3 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| CentOS 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | -| Flatcar | ✅ | 💙 | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | -| Oracle Linux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Photon 4 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Photon 5 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| RHEL 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | -| Rocky Linux 9 | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ❌ | ✅ | ❌ | -| Ubuntu 22.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Ubuntu 24.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Windows 2019 | ✅ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows 2022 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows 2025 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows Annual | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| OS | ami | azure | digitalocean | gce | hcloud | huaweicloud | maas | nutanix | oci | openstack | outscale | ova | oxide | powervs | proxmox | qemu | raw | scaleway | vultr | +|-------------------|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----| +| AlmaLinux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Amazon Linux 2 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Amazon Linux 2023 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Azure Linux 3 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| CentOS 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | +| Flatcar | ✅ | 💙 | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | +| Oracle Linux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Photon 4 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Photon 5 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| RHEL 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | +| Rocky Linux 9 | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ❌ | ✅ | ✅ | ❌ | ✅ | ❌ | +| Ubuntu 22.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 💙 | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Ubuntu 24.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Ubuntu 26.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | 💙 | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Windows 2019 | ✅ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows 2022 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows 2025 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows Annual | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ## Community, discussion, contribution, and support diff --git a/RELEASE.md b/RELEASE.md index a120cce83a..751252e50a 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,11 +1,11 @@ # Image Builder Releases -The current release of Image Builder is [v0.1.50][] (April 1, 2026). The corresponding container image is `registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50`. +The current release of Image Builder is [v0.1.52][] (April 1, 2026). The corresponding container image is `registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52`. ## Release Process For more detail about image-builder project releases, see the [Image Builder Book][]. -[v0.1.50]: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.50 +[v0.1.52]: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.52 [Image Builder Book]: https://image-builder.sigs.k8s.io/capi/releasing.html diff --git a/cloudbuild.yaml b/cloudbuild.yaml index e872db977a..9ad4a1e13a 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -3,7 +3,7 @@ timeout: 3000s options: substitution_option: ALLOW_LOOSE steps: - - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud@sha256:63840f133e0dfeea0af9ef391210da7fab9d2676172e2967fccab0cd6110c4e7' # v20250513-9264efb079 + - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud@sha256:ff388e0dc16351e96f8464e2e185b74a7578a5ccb7a112cf3393468e59e6e2d2' # v20260205-38cfa9523f entrypoint: make env: - DOCKER_CLI_EXPERIMENTAL=enabled diff --git a/docs/book/src/SUMMARY.md b/docs/book/src/SUMMARY.md index d78bb1a5d0..cbef23db7f 100644 --- a/docs/book/src/SUMMARY.md +++ b/docs/book/src/SUMMARY.md @@ -16,6 +16,7 @@ - [OpenStack](./capi/providers/openstack.md) - [OpenStack remote image building](./capi/providers/openstack-remote.md) - [OCI](./capi/providers/oci.md) + - [Oxide](./capi/providers/oxide.md) - [raw](./capi/providers/raw.md) - [Scaleway](./capi/providers/scaleway.md) - [vSphere](./capi/providers/vsphere.md) diff --git a/docs/book/src/capi/container-image.md b/docs/book/src/capi/container-image.md index c843ba07e6..8032af64c7 100644 --- a/docs/book/src/capi/container-image.md +++ b/docs/book/src/capi/container-image.md @@ -18,7 +18,7 @@ Run the docker build target of Makefile The latest image-builder container image release is available here: ```commandline -docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50 +docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52 ``` ### Examples @@ -27,7 +27,7 @@ docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v - If the AWS CLI is already installed on your machine, you can simply mount the `~/.aws` folder that stores all the required credentials. ```commandline - docker run -it --rm -v /Users//.aws:/home/imagebuilder/.aws registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50 build-ami-ubuntu-2404 + docker run -it --rm -v /Users//.aws:/home/imagebuilder/.aws registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52 build-ami-ubuntu-2404 ``` - Another alternative is to use an `aws-creds.env` file to load the credentials and pass it during docker run. @@ -37,7 +37,7 @@ docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v ``` ```commandline - docker run -it --rm --env-file aws-creds.env registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50 build-ami-ubuntu-2404 + docker run -it --rm --env-file aws-creds.env registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52 build-ami-ubuntu-2404 ``` - AZURE @@ -51,7 +51,7 @@ docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v ``` ```commandline - docker run -it --rm --env-file az-creds.env registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50 build-azure-sig-ubuntu-2404 + docker run -it --rm --env-file az-creds.env registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52 build-azure-sig-ubuntu-2404 ``` - Proxmox @@ -83,7 +83,7 @@ docker pull registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v - Docker's `--net=host` option to ensure http server starts with the host IP and not the Docker container IP. This option is Linux specific and thus implies that it can be run only from a Linux machine. ```commandline - docker run -it --rm --net=host --env PACKER_VAR_FILES=/home/imagebuilder/vsphere.json -v :/home/imagebuilder/vsphere.json registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50 build-node-ova-vsphere-ubuntu-2404 + docker run -it --rm --net=host --env PACKER_VAR_FILES=/home/imagebuilder/vsphere.json -v :/home/imagebuilder/vsphere.json registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52 build-node-ova-vsphere-ubuntu-2404 ``` In addition to this, further customizations can be done as discussed [here](./capi.md#customization). diff --git a/docs/book/src/capi/containerd/customizing-containerd.md b/docs/book/src/capi/containerd/customizing-containerd.md index e6baaf9c35..ef4cb6c88a 100644 --- a/docs/book/src/capi/containerd/customizing-containerd.md +++ b/docs/book/src/capi/containerd/customizing-containerd.md @@ -84,3 +84,11 @@ You can also add further configuration by adding values for `containerd_addition end of the [`config.toml`](https://github.com/kubernetes-sigs/image-builder/blob/main/images/capi/ansible/roles/containerd/templates/etc/containerd/config.toml#L86) default template. + +## Overriding `LimitNOFILE` + +By default a `LimitNOFILE` systemd drop-in (capping the value at `1048576`) is only deployed on +Common Base Linux Mariner, Flatcar, and Microsoft Azure Linux, where the upstream `infinity` value +has been known to cause issues with some containerized software. To opt-in to deploying the same +drop-in on other operating systems, set `containerd_enable_limit_no_file` to `true`. It defaults to +`false`. diff --git a/docs/book/src/capi/providers/3dsoutscale.md b/docs/book/src/capi/providers/3dsoutscale.md index 668e58a4d4..0b64d9a8cb 100644 --- a/docs/book/src/capi/providers/3dsoutscale.md +++ b/docs/book/src/capi/providers/3dsoutscale.md @@ -28,6 +28,7 @@ the different operating systems. |------|-------------| | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | You must have your [Access Keys](https://docs.outscale.com/en/userguide/About-Access-Keys.html). You must have your [Account Id](https://docs.outscale.com/en/userguide/Getting-Information-About-Your-Account-and-Quotas.html). diff --git a/docs/book/src/capi/providers/aws.md b/docs/book/src/capi/providers/aws.md index f6f11c527e..5e44760599 100644 --- a/docs/book/src/capi/providers/aws.md +++ b/docs/book/src/capi/providers/aws.md @@ -46,6 +46,7 @@ the different operating systems. | `rockylinux.json` | The settings for the Rocky Linux image | | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | | `windows-2019.json` | The settings for the Windows 2019 image | diff --git a/docs/book/src/capi/providers/azure.md b/docs/book/src/capi/providers/azure.md index 7a00ea4a9c..0c0d19ffaa 100644 --- a/docs/book/src/capi/providers/azure.md +++ b/docs/book/src/capi/providers/azure.md @@ -7,7 +7,7 @@ These images are designed for use with [Cluster API Provider Azure](https://capz - An Azure account - The Azure CLI installed and configured - Set environment variables for `AZURE_SUBSCRIPTION_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET` -- Set optional environment variables `RESOURCE_GROUP_NAME`, `BUILD_RESOURCE_GROUP_NAME`, `STORAGE_ACCOUNT_NAME`, `AZURE_LOCATION` & `GALLERY_NAME` to override the default values +- Set optional environment variables `RESOURCE_GROUP_NAME`, `BUILD_RESOURCE_GROUP_NAME`, `AZURE_LOCATION` & `GALLERY_NAME` to override the default values ## Building Images @@ -20,11 +20,7 @@ make deps-azure ### Building Managed Images in Shared Image Galleries -From the `images/capi` directory, run `make build-azure-sig-ubuntu-1804` - -### Building VHDs - -From the `images/capi` directory, run `make build-azure-vhd-ubuntu-1804` +From the `images/capi` directory, run `make build-azure-sig-ubuntu-2204` > If building the Windows images from a Mac there is a known issue with connectivity. Please see details on running [macOS with ansible](../windows/windows.md#macos-with-ansible). @@ -34,14 +30,12 @@ Most of the images built from the `images/capi` directory for Azure will be Hype ```bash # Generation 1 image -make build-azure-sig-ubuntu-1804 +make build-azure-sig-ubuntu-2204 # Generation 2 image -make build-azure-sig-ubuntu-1804-gen2 +make build-azure-sig-ubuntu-2204-gen2 ``` -Generation 2 images may only be used with Shared Image Gallery, not VHD. - ### Confidential VM Images Confidential VMs require specific generation 2 OS images. The naming pattern of those images includes the suffix `-cvm`. For example: @@ -76,15 +70,6 @@ list, and greater explanation can be found in the If you are adding features to image builder than it is sometimes useful to work with the images directly. This section gives some tips. -### Provision a VM directly from a VHD - -After creating a VHD, create a managed image using the url output from `make build-azure-vhd-` and use it to [create the VM](https://learn.microsoft.com/azure/virtual-machines/windows/build-image-with-packer#create-a-vm-from-the-packer-image): - -```bash -az image create -n testvmimage -g cluster-api-images --os-type --source -az vm create -n testvm --image testvmimage -g cluster-api-images -``` - ### Debugging Packer scripts There are several ways to debug Packer scripts: https://developer.hashicorp.com/packer/docs/debugging diff --git a/docs/book/src/capi/providers/digitalocean.md b/docs/book/src/capi/providers/digitalocean.md index b4addae554..de2a67504e 100644 --- a/docs/book/src/capi/providers/digitalocean.md +++ b/docs/book/src/capi/providers/digitalocean.md @@ -27,3 +27,4 @@ the different operating systems. |------|-------------| | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | diff --git a/docs/book/src/capi/providers/gcp.md b/docs/book/src/capi/providers/gcp.md index 0fec5d46c2..f5ace949a3 100644 --- a/docs/book/src/capi/providers/gcp.md +++ b/docs/book/src/capi/providers/gcp.md @@ -50,6 +50,7 @@ The `gce` sub-directory inside `images/capi/packer` stores JSON configuration fi | -------- | -------- | `ubuntu-2204.json` | Settings for Ubuntu 22.04 image | | `ubuntu-2404.json` | Settings for Ubuntu 24.04 image | +| `ubuntu-2604.json` | Settings for Ubuntu 26.04 image | #### Common GCP options diff --git a/docs/book/src/capi/providers/hcloud.md b/docs/book/src/capi/providers/hcloud.md index e35759075b..4492e6ae4e 100644 --- a/docs/book/src/capi/providers/hcloud.md +++ b/docs/book/src/capi/providers/hcloud.md @@ -29,3 +29,4 @@ the different operating systems. | `rockylinux-9.json` | The settings for the RockyLinux 9 image | | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | diff --git a/docs/book/src/capi/providers/maas.md b/docs/book/src/capi/providers/maas.md index 2db31b0b9a..3f71d323e3 100644 --- a/docs/book/src/capi/providers/maas.md +++ b/docs/book/src/capi/providers/maas.md @@ -19,7 +19,7 @@ From the `image-builder` directory, run: make build-maas-ubuntu-xxxx-efi ``` -The image will be located in `images/capi/output/BUILD_NAME+kube-KUBERNETES_VERSION`. Replace `xxxx` with `2204` or `2404`, depending on the Ubuntu version. +The image will be located in `images/capi/output/BUILD_NAME+kube-KUBERNETES_VERSION`. Replace `xxxx` with `2204`, `2404` or `2604`, depending on the Ubuntu version. To build a Ubuntu 22.04-based CAPI image: @@ -73,7 +73,7 @@ Use the **.tar.gz** file for the upload: maas admin boot-resources create name=custom/your-image architecture=amd64/generic title=your-image subarches=generic base_image=ubuntu/jammy content@=./ubuntu-2204-efi-kube-v1.30.5.tar.gz ``` -**Note:** Set `base_image=ubuntu/jammy` for Ubuntu 22.04 or `ubuntu/noble` for 24.04. +**Note:** Set `base_image=ubuntu/jammy` for Ubuntu 22.04, `ubuntu/noble` for 24.04, or `ubuntu/resolute` for 26.04. ## Custom Curtin Scripts If you need to override the default MaaS curtin scripts, create a custom role containing the curtin hooks. The files must be copied to the `/curtin` directory diff --git a/docs/book/src/capi/providers/oxide.md b/docs/book/src/capi/providers/oxide.md new file mode 100644 index 0000000000..17c05c7796 --- /dev/null +++ b/docs/book/src/capi/providers/oxide.md @@ -0,0 +1,30 @@ +# Building Images for Oxide + +## Prerequisites for Oxide + +- Credentials for an Oxide rack, configured via either `OXIDE_PROFILE` or `OXIDE_HOST`/`OXIDE_TOKEN` in the environment. +- The following environment variables set: + + | Variable | Description | + |----------|-------------| + | `OXIDE_PROJECT` | Name or ID of the Oxide project to build the image in. | + | `OXIDE_BOOT_DISK_IMAGE_ID` | UUID of the image to use as the build source. | + +## Building Images + +The build [prerequisites](../capi.md#prerequisites) for using `image-builder` for +building Oxide images are managed by running: + +```bash +make deps-oxide +``` + +From the `images/capi` directory, run `make build-oxide-` where `` is the desired operating system. The available choices are listed via `make help`. + +### Configuration + +In addition to the configuration found in `images/capi/packer/config`, the `oxide` directory includes per-OS JSON files that define defaults for each supported image: + +| File | Description | +|------|-------------| +| `ubuntu-2404.json` | Settings for the Ubuntu 24.04 image | diff --git a/docs/book/src/capi/providers/proxmox.md b/docs/book/src/capi/providers/proxmox.md index 44ef8f4a71..f5e317023d 100644 --- a/docs/book/src/capi/providers/proxmox.md +++ b/docs/book/src/capi/providers/proxmox.md @@ -38,6 +38,7 @@ the different operating systems. |--------------------|-----------------------------------------| | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | The full list of available environment vars can be found in the `variables` section of `images/capi/packer/proxmox/packer.json`. diff --git a/docs/book/src/capi/providers/scaleway.md b/docs/book/src/capi/providers/scaleway.md index 5e3daf5175..fa2aa61f9e 100644 --- a/docs/book/src/capi/providers/scaleway.md +++ b/docs/book/src/capi/providers/scaleway.md @@ -27,3 +27,4 @@ the different operating systems. | `rockylinux-9.json` | The settings for the Rocky Linux 9 image | | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | diff --git a/docs/book/src/capi/providers/vsphere.md b/docs/book/src/capi/providers/vsphere.md index f774f4cff5..83276944ba 100644 --- a/docs/book/src/capi/providers/vsphere.md +++ b/docs/book/src/capi/providers/vsphere.md @@ -84,6 +84,8 @@ In addition to the configuration found in `images/capi/packer/config`, the `ova` | `ubuntu-2204-efi.json` | The settings for the Ubuntu 22.04 EFI image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | | `ubuntu-2404-efi.json` | The settings for the Ubuntu 24.04 EFI image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | +| `ubuntu-2604-efi.json` | The settings for the Ubuntu 26.04 EFI image | | `vsphere.json` | Additional settings needed when building on a remote vSphere | ### Photon specific options diff --git a/docs/book/src/capi/providers/vultr.md b/docs/book/src/capi/providers/vultr.md index 97cf74d071..f78254202d 100644 --- a/docs/book/src/capi/providers/vultr.md +++ b/docs/book/src/capi/providers/vultr.md @@ -26,3 +26,4 @@ for the different operating systems. |------|-------------| | `ubuntu-2204.json` | The settings for the Ubuntu 22.04 image | | `ubuntu-2404.json` | The settings for the Ubuntu 24.04 image | +| `ubuntu-2604.json` | The settings for the Ubuntu 26.04 image | diff --git a/docs/book/src/capi/releasing.md b/docs/book/src/capi/releasing.md index f9ba7fbaa3..0066bbd872 100644 --- a/docs/book/src/capi/releasing.md +++ b/docs/book/src/capi/releasing.md @@ -1,10 +1,11 @@ # Image Builder Releases -The current release of Image Builder is [v0.1.50][] (April 1, 2026). The corresponding container image is `registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.50`. +The current release of Image Builder is [v0.1.52][] (April 1, 2026). The corresponding container image is `registry.k8s.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.52`. ## Release Process Releasing image-builder is a simple process: project maintainers should be able to follow the steps below in order to create a new release. +Before proceeding, make sure the current SHA being used in [`cloudbuild.yaml`](../../../../cloudbuild.yaml) is [still valid](https://console.cloud.google.com/artifacts/docker/k8s-staging-test-infra/us/gcr.io/gcb-docker-gcloud). If it is not, then the job that runs on tag will fail. ### Create a tag @@ -22,7 +23,7 @@ Releases in image-builder follow [semantic versioning][semver] conventions. Curr - *If signing tags with GPG, makes your key available to the `git tag` command.* - Create a new tag: - `export IB_VERSION=v0.1.x` - - *Replace `x` with the next patch version. For example: `v0.1.51`.* + - *Replace `x` with the next patch version. For example: `v0.1.53`.* - `git tag -s -m "Image Builder ${IB_VERSION}" ${IB_VERSION}` - `git push upstream ${IB_VERSION}` @@ -77,11 +78,11 @@ Wait for this PR to merge before communicating the release to users, so image-bu In the [#image-builder channel][] on the Kubernetes Slack, post a message announcing the new release. Include a link to the GitHub release and a thanks to the contributors: ``` -Image-builder v0.1.51 is now available: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.51 +Image-builder v0.1.53 is now available: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.53 Thanks to all contributors! ``` -[v0.1.50]: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.50 +[v0.1.52]: https://github.com/kubernetes-sigs/image-builder/releases/tag/v0.1.52 [#image-builder channel]: https://kubernetes.slack.com/archives/C01E0Q35A8J [Personal access tokens]: https://github.com/settings/tokens [post-image-builder-push-images]: https://prow.k8s.io/?repo=kubernetes-sigs%2Fimage-builder&type=postsubmit&job=post-image-builder-push-images diff --git a/docs/book/src/capi/windows/windows.md b/docs/book/src/capi/windows/windows.md index 46b24c0224..a324ed3a93 100644 --- a/docs/book/src/capi/windows/windows.md +++ b/docs/book/src/capi/windows/windows.md @@ -71,7 +71,7 @@ The WinRM connection plugin for Ansible on macOS causes connection issues which To fix the issue on macOS is to set the no_proxy environment variable. Example: ``` -'no_proxy=* make build-azure-vhd-windows-2019' +'no_proxy=* make build-azure-sig-windows-2022-containerd' ``` ## Annual Channel diff --git a/images/capi/Makefile b/images/capi/Makefile index 47d56c5965..52f459a556 100644 --- a/images/capi/Makefile +++ b/images/capi/Makefile @@ -48,6 +48,7 @@ GET_UBUNTU_DOTTED_SEMVER=$(strip \ $(eval _UBUNTU_SEMVER:=$1) \ $(eval _UBUNTU_SEMVER:=$(subst ubuntu-2204,ubuntu-22.04,$(_UBUNTU_SEMVER))) \ $(eval _UBUNTU_SEMVER:=$(subst ubuntu-2404,ubuntu-24.04,$(_UBUNTU_SEMVER))) \ + $(eval _UBUNTU_SEMVER:=$(subst ubuntu-2604,ubuntu-26.04,$(_UBUNTU_SEMVER))) \ $(_UBUNTU_SEMVER) \ ) @@ -58,7 +59,7 @@ GET_UBUNTU_DOTTED_SEMVER=$(strip \ .PHONY: deps deps: ## Installs/checks all dependencies -deps: deps-ami deps-azure deps-do deps-gce deps-ova deps-openstack deps-qemu deps-raw deps-oci deps-osc deps-powervs deps-nutanix deps-hcloud +deps: deps-ami deps-azure deps-do deps-gce deps-ova deps-openstack deps-qemu deps-raw deps-oci deps-osc deps-powervs deps-nutanix deps-hcloud deps-oxide .PHONY: deps-common deps-common: ## Installs/checks dependencies common to most builds @@ -170,6 +171,12 @@ deps-huaweicloud: deps-common $(PACKER) init packer/config.pkr.hcl $(PACKER) init packer/huaweicloud/config.pkr.hcl +.PHONY: deps-oxide +deps-oxide: ## Installs/checks dependencies for Oxide builds +deps-oxide: deps-common + $(PACKER) init packer/config.pkr.hcl + $(PACKER) init packer/oxide/config.pkr.hcl + .PHONY: deps-proxmox deps-proxmox: ## Installs/checks dependencies for Proxmox builds deps-proxmox: deps-common @@ -342,7 +349,7 @@ PHOTON_VERSIONS := photon-4 photon-5 RHEL_VERSIONS := rhel-9 ROCKYLINUX_VERSIONS := rockylinux-9 ALMALINUX_VERSIONS := almalinux-9 -UBUNTU_VERSIONS := ubuntu-2204 ubuntu-2204-efi ubuntu-2404 ubuntu-2404-efi +UBUNTU_VERSIONS := ubuntu-2204 ubuntu-2204-efi ubuntu-2404 ubuntu-2404-efi ubuntu-2604 ubuntu-2604-efi WINDOWS_VERSIONS := windows-2019 windows-2019-efi windows-2022 windows-2022-efi # Set Flatcar Container Linux channel and version if not supplied @@ -369,47 +376,48 @@ NODE_OVA_VSPHERE_BUILD_NAMES := $(addprefix node-ova-vsphere-,$(PLATFORMS_AND_V NODE_OVA_VSPHERE_BASE_BUILD_NAMES := $(addprefix node-ova-vsphere-base-,$(PLATFORMS_AND_VERSIONS)) NODE_OVA_VSPHERE_CLONE_BUILD_NAMES := $(addprefix node-ova-vsphere-clone-,$(PLATFORMS_AND_VERSIONS)) -AMI_BUILD_NAMES ?= ami-ubuntu-2204 ami-ubuntu-2404 ami-amazon-2 ami-amazon-2023 ami-flatcar ami-flatcar-arm64 ami-windows-2019 +AMI_BUILD_NAMES ?= ami-ubuntu-2204 ami-ubuntu-2404 ami-ubuntu-2604 ami-ubuntu-2204-arm64 ami-ubuntu-2404-arm64 ami-amazon-2 ami-amazon-2023 ami-amazon-2023-arm64 ami-flatcar ami-flatcar-arm64 ami-windows-2019 HUAWEICLOUD_BUILD_NAMES ?= huaweicloud-ubuntu-2204 -GCE_BUILD_NAMES ?= gce-ubuntu-2204 gce-ubuntu-2404 +GCE_BUILD_NAMES ?= gce-ubuntu-2204 gce-ubuntu-2404 gce-ubuntu-2604 # Make needs these lists to be space delimited, no quotes -VHD_TARGETS := $(shell grep VHD_TARGETS azure_targets.sh | sed 's/VHD_TARGETS=//' | tr -d \") SIG_TARGETS := $(shell grep SIG_TARGETS azure_targets.sh | sed 's/SIG_TARGETS=//' | tr -d \") SIG_GEN2_TARGETS := $(shell grep SIG_GEN2_TARGETS azure_targets.sh | sed 's/SIG_GEN2_TARGETS=//' | tr -d \") SIG_CVM_TARGETS := $(shell grep SIG_CVM_TARGETS azure_targets.sh | sed 's/SIG_CVM_TARGETS=//' | tr -d \") -AZURE_BUILD_VHD_NAMES ?= $(addprefix azure-vhd-,$(VHD_TARGETS)) AZURE_BUILD_SIG_NAMES ?= $(addprefix azure-sig-,$(SIG_TARGETS)) AZURE_BUILD_SIG_GEN2_NAMES ?= $(addsuffix -gen2,$(addprefix azure-sig-,$(SIG_GEN2_TARGETS))) AZURE_BUILD_SIG_CVM_NAMES ?= $(addsuffix -cvm,$(addprefix azure-sig-,$(SIG_CVM_TARGETS))) OCI_BUILD_NAMES ?= oci-ubuntu-2204 oci-oracle-linux-9 oci-windows-2019 oci-windows-2022 -DO_BUILD_NAMES ?= do-ubuntu-2204 do-ubuntu-2404 +DO_BUILD_NAMES ?= do-ubuntu-2204 do-ubuntu-2404 do-ubuntu-2604 + +OXIDE_BUILD_NAMES ?= oxide-ubuntu-2404 -OPENSTACK_BUILD_NAMES ?= openstack-ubuntu-2204 openstack-ubuntu-2404 openstack-flatcar openstack-rockylinux-9 +OPENSTACK_BUILD_NAMES ?= openstack-ubuntu-2204 openstack-ubuntu-2404 openstack-ubuntu-2604 openstack-flatcar openstack-rockylinux-9 -OSC_BUILD_NAMES ?= osc-ubuntu-2204 osc-ubuntu-2404 +OSC_BUILD_NAMES ?= osc-ubuntu-2204 osc-ubuntu-2404 osc-ubuntu-2604 -QEMU_BUILD_NAMES ?= qemu-ubuntu-2204 qemu-ubuntu-2204-cloudimg qemu-ubuntu-2404 qemu-ubuntu-2404-efi qemu-ubuntu-2204-efi qemu-centos-9 qemu-rhel-9 qemu-rockylinux-9 qemu-rockylinux-9-cloudimg qemu-flatcar +QEMU_BUILD_NAMES ?= qemu-ubuntu-2204 qemu-ubuntu-2204-cloudimg qemu-ubuntu-2404 qemu-ubuntu-2404-efi qemu-ubuntu-2604 qemu-ubuntu-2604-efi qemu-ubuntu-2204-efi qemu-centos-9 qemu-rhel-9 qemu-rockylinux-9 qemu-rockylinux-9-cloudimg qemu-flatcar QEMU_KUBEVIRT_BUILD_NAMES := $(addprefix kubevirt-,$(QEMU_BUILD_NAMES)) -RAW_BUILD_NAMES ?= raw-ubuntu-2204 raw-ubuntu-2204-efi raw-ubuntu-2404 raw-ubuntu-2404-efi raw-flatcar raw-rhel-9 raw-rhel-9-efi +RAW_BUILD_NAMES ?= raw-ubuntu-2204 raw-ubuntu-2204-efi raw-ubuntu-2404 raw-ubuntu-2404-efi raw-ubuntu-2604 raw-ubuntu-2604-efi raw-flatcar raw-rhel-9 raw-rhel-9-efi -POWERVS_BUILD_NAMES ?= powervs-centos-9 +POWERVS_BUILD_NAMES ?= powervs-centos-9 powervs-centos-10 -NUTANIX_BUILD_NAMES ?= nutanix-ubuntu-2204 nutanix-ubuntu-2404 nutanix-rhel-9 nutanix-rockylinux-9 nutanix-flatcar nutanix-windows-2022 +NUTANIX_BUILD_NAMES ?= nutanix-ubuntu-2204 nutanix-ubuntu-2404 nutanix-ubuntu-2604 nutanix-rhel-9 nutanix-rockylinux-9 nutanix-flatcar nutanix-windows-2022 -HCLOUD_BUILD_NAMES ?= hcloud-ubuntu-2204 hcloud-ubuntu-2404 hcloud-rockylinux-9 hcloud-flatcar hcloud-flatcar-arm64 +HCLOUD_BUILD_NAMES ?= hcloud-ubuntu-2204 hcloud-ubuntu-2404 hcloud-ubuntu-2604 hcloud-rockylinux-9 hcloud-flatcar hcloud-flatcar-arm64 -PROXMOX_BUILD_NAMES ?= proxmox-ubuntu-2204 proxmox-ubuntu-2404 proxmox-ubuntu-2404-efi proxmox-rockylinux-9 proxmox-flatcar +PROXMOX_BUILD_NAMES ?= proxmox-ubuntu-2204 proxmox-ubuntu-2404 proxmox-ubuntu-2404-efi proxmox-ubuntu-2604 proxmox-ubuntu-2604-efi proxmox-rockylinux-9 proxmox-flatcar -VULTR_BUILD_NAMES ?= vultr-ubuntu-2204 vultr-ubuntu-2404 +VULTR_BUILD_NAMES ?= vultr-ubuntu-2204 vultr-ubuntu-2404 vultr-ubuntu-2604 -MAAS_BUILD_NAMES ?= maas-ubuntu-2204-efi maas-ubuntu-2404-efi +MAAS_BUILD_NAMES ?= maas-ubuntu-2204-efi maas-ubuntu-2404-efi maas-ubuntu-2604-efi +MAAS_ARM64_BUILD_NAMES ?= maas-ubuntu-2204-arm64 maas-ubuntu-2404-arm64 -SCALEWAY_BUILD_NAMES ?= scaleway-rockylinux-9 scaleway-ubuntu-2204 scaleway-ubuntu-2404 +SCALEWAY_BUILD_NAMES ?= scaleway-rockylinux-9 scaleway-ubuntu-2204 scaleway-ubuntu-2404 scaleway-ubuntu-2604 ## -------------------------------------- ## Dynamic build targets @@ -425,8 +433,6 @@ AMI_BUILD_TARGETS := $(addprefix build-,$(AMI_BUILD_NAMES)) AMI_VALIDATE_TARGETS := $(addprefix validate-,$(AMI_BUILD_NAMES)) GCE_BUILD_TARGETS := $(addprefix build-,$(GCE_BUILD_NAMES)) GCE_VALIDATE_TARGETS := $(addprefix validate-,$(GCE_BUILD_NAMES)) -AZURE_BUILD_VHD_TARGETS := $(addprefix build-,$(AZURE_BUILD_VHD_NAMES)) -AZURE_VALIDATE_VHD_TARGETS := $(addprefix validate-,$(AZURE_BUILD_VHD_NAMES)) AZURE_BUILD_SIG_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_NAMES)) AZURE_BUILD_SIG_GEN2_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_GEN2_NAMES)) AZURE_BUILD_SIG_CVM_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_CVM_NAMES)) @@ -435,6 +441,8 @@ AZURE_VALIDATE_SIG_GEN2_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_GEN2_ AZURE_VALIDATE_SIG_CVM_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_CVM_NAMES)) DO_BUILD_TARGETS := $(addprefix build-,$(DO_BUILD_NAMES)) DO_VALIDATE_TARGETS := $(addprefix validate-,$(DO_BUILD_NAMES)) +OXIDE_BUILD_TARGETS := $(addprefix build-,$(OXIDE_BUILD_NAMES)) +OXIDE_VALIDATE_TARGETS := $(addprefix validate-,$(OXIDE_BUILD_NAMES)) OPENSTACK_BUILD_TARGETS := $(addprefix build-,$(OPENSTACK_BUILD_NAMES)) HUAWEICLOUD_BUILD_TARGETS := $(addprefix build-,$(HUAWEICLOUD_BUILD_NAMES)) HUAWEICLOUD_VALIDATE_TARGETS := $(addprefix validate-,$(HUAWEICLOUD_BUILD_NAMES)) @@ -461,6 +469,8 @@ VULTR_BUILD_TARGETS := $(addprefix build-,$(VULTR_BUILD_NAMES)) VULTR_VALIDATE_TARGETS := $(addprefix validate-,$(VULTR_BUILD_NAMES)) MAAS_BUILD_TARGETS := $(addprefix build-,$(MAAS_BUILD_NAMES)) MAAS_VALIDATE_TARGETS := $(addprefix validate-,$(MAAS_BUILD_NAMES)) +MAAS_ARM64_BUILD_TARGETS := $(addprefix build-,$(MAAS_ARM64_BUILD_NAMES)) +MAAS_ARM64_VALIDATE_TARGETS := $(addprefix validate-,$(MAAS_ARM64_BUILD_NAMES)) SCALEWAY_BUILD_TARGETS := $(addprefix build-,$(SCALEWAY_BUILD_NAMES)) SCALEWAY_VALIDATE_TARGETS := $(addprefix validate-,$(SCALEWAY_BUILD_NAMES)) @@ -514,14 +524,6 @@ $(GCE_BUILD_TARGETS): deps-gce $(GCE_VALIDATE_TARGETS): deps-gce $(PACKER) validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/gce/$(subst validate-gce-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/gce/packer.json -.PHONY: $(AZURE_BUILD_VHD_TARGETS) -$(AZURE_BUILD_VHD_TARGETS): deps-azure - . $(abspath packer/azure/scripts/init-vhd.sh) && $(PACKER) build $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-vhd.json)" -var-file="$(abspath packer/azure/$(subst build-azure-vhd-,,$@).json)" -only="$(subst build-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json - -.PHONY: $(AZURE_VALIDATE_VHD_TARGETS) -$(AZURE_VALIDATE_VHD_TARGETS): deps-azure - $(PACKER) validate $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-vhd.json)" -var-file="$(abspath packer/azure/$(subst validate-azure-vhd-,,$@).json)" -only="$(subst validate-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json - .PHONY: $(AZURE_BUILD_SIG_TARGETS) $(AZURE_BUILD_SIG_TARGETS): deps-azure . $(abspath packer/azure/scripts/init-sig.sh) $(subst build-azure-sig-,,$@) && $(PACKER) build $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-sig.json)" -var-file="$(abspath packer/azure/$(subst build-azure-sig-,,$@).json)" -only="$(subst build-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json @@ -554,6 +556,10 @@ $(DO_BUILD_TARGETS): deps-do $(DO_VALIDATE_TARGETS): deps-do $(PACKER) validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/digitalocean/$(subst validate-do-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/digitalocean/packer.json +.PHONY: $(OXIDE_BUILD_TARGETS) +$(OXIDE_BUILD_TARGETS): deps-oxide + $(PACKER) build $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/oxide/$(subst build-oxide-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/oxide/packer.json + .PHONY: $(HUAWEICLOUD_BUILD_TARGETS) $(HUAWEICLOUD_BUILD_TARGETS): deps-huaweicloud $(PACKER) build $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/huaweicloud/$(subst build-huaweicloud-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/huaweicloud/packer.json @@ -570,6 +576,10 @@ $(OPENSTACK_BUILD_TARGETS): deps-openstack $(OPENSTACK_VALIDATE_TARGETS): deps-openstack packer validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/openstack/$(subst validate-openstack-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/openstack/packer.json +.PHONY: $(OXIDE_VALIDATE_TARGETS) +$(OXIDE_VALIDATE_TARGETS): deps-oxide + $(PACKER) validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/oxide/$(subst validate-oxide-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/oxide/packer.json + .PHONY: $(QEMU_BUILD_TARGETS) $(QEMU_BUILD_TARGETS): deps-qemu set-ssh-password $(PACKER) build $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/qemu/$(subst build-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/qemu/packer.json @@ -666,6 +676,14 @@ $(MAAS_BUILD_TARGETS): deps-qemu set-ssh-password $(MAAS_VALIDATE_TARGETS): deps-qemu set-ssh-password $(PACKER) validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/maas/$(subst validate-,,$@).json)" --var="ansible_user_vars=provider=maas" $(ABSOLUTE_PACKER_VAR_FILES) packer/maas/packer.json +.PHONY: $(MAAS_ARM64_BUILD_TARGETS) +$(MAAS_ARM64_BUILD_TARGETS): deps-qemu set-ssh-password + $(PACKER) build $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/maas/$(subst build-,,$@).json)" --var="ansible_user_vars=provider=maas" $(ABSOLUTE_PACKER_VAR_FILES) packer/maas/packer-arm64.json + +.PHONY: $(MAAS_ARM64_VALIDATE_TARGETS) +$(MAAS_ARM64_VALIDATE_TARGETS): deps-qemu set-ssh-password + $(PACKER) validate $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/maas/$(subst validate-,,$@).json)" --var="ansible_user_vars=provider=maas" $(ABSOLUTE_PACKER_VAR_FILES) packer/maas/packer-arm64.json + .PHONY: $(SCALEWAY_BUILD_TARGETS) $(SCALEWAY_BUILD_TARGETS): deps-scaleway $(PACKER) build $(PACKER_NODE_FLAGS) -var-file="$(abspath packer/scaleway/$(subst build-scaleway-,,$@).json)" $(ABSOLUTE_PACKER_VAR_FILES) packer/scaleway/packer.json @@ -698,8 +716,12 @@ $(RAW_CLEAN_TARGETS): ##@ Builds build-ami-amazon-2: ## Builds Amazon-2 Linux AMI build-ami-amazon-2023: ## Builds Amazon-2023 Linux AMI +build-ami-amazon-2023-arm64: ## Builds Amazon-2023 Linux arm64 AMI build-ami-ubuntu-2204: ## Builds Ubuntu 22.04 AMI +build-ami-ubuntu-2204-arm64: ## Builds Ubuntu 22.04 arm64 AMI build-ami-ubuntu-2404: ## Builds Ubuntu 24.04 AMI +build-ami-ubuntu-2404-arm64: ## Builds Ubuntu 24.04 arm64 AMI +build-ami-ubuntu-2604: ## Builds Ubuntu 26.04 AMI build-ami-flatcar: ## Builds Flatcar build-ami-flatcar-arm64: ## Builds Flatcar arm64 build-ami-windows-2019: ## Build Windows Server 2019 AMI Packer config @@ -707,34 +729,33 @@ build-ami-all: $(AMI_BUILD_TARGETS) ## Builds all AMIs build-azure-sig-ubuntu-2204: ## Builds Ubuntu 22.04 Azure managed image in Shared Image Gallery build-azure-sig-ubuntu-2404: ## Builds Ubuntu 24.04 Azure managed image in Shared Image Gallery +build-azure-sig-ubuntu-2604: ## Builds Ubuntu 26.04 Azure managed image in Shared Image Gallery build-azure-sig-azurelinux-3: ## Builds Azure Linux 3 Azure managed image in Shared Image Gallery build-azure-sig-windows-2019-containerd: ## Builds Windows Server 2019 with containerd Azure managed image in Shared Image Gallery build-azure-sig-windows-2022-containerd: ## Builds Windows Server 2022 with containerd Azure managed image in Shared Image Gallery build-azure-sig-windows-2025-containerd: ## Builds Windows Server 2025 with containerd Azure managed image in Shared Image Gallery build-azure-sig-windows-2019-containerd-cvm: ## Builds Windows Server 2019 with containerd CVM Azure managed image in Shared Image Gallery build-azure-sig-windows-2022-containerd-cvm: ## Builds Windows Server 2022 with containerd CVM Azure managed image in Shared Image Gallery -build-azure-vhd-ubuntu-2204: ## Builds Ubuntu 22.04 VHD image for Azure -build-azure-vhd-ubuntu-2404: ## Builds Ubuntu 24.04 VHD image for Azure -build-azure-vhd-azurelinux-3: ## Builds Azure Linux 3 VHD image for Azure -build-azure-vhd-windows-2019-containerd: ## Builds for Windows Server 2019 with containerd -build-azure-vhd-windows-2022-containerd: ## Builds for Windows Server 2022 with containerd build-azure-sig-windows-annual-containerd: ## Builds for Windows Server Annual Channel with containerd build-azure-sig-azurelinux-3-gen2: ## Builds Azure Linux 3 Gen2 managed image in Shared Image Gallery build-azure-sig-flatcar: ## Builds Flatcar Azure managed image in Shared Image Gallery build-azure-sig-flatcar-gen2: ## Builds Flatcar Azure Gen2 managed image in Shared Image Gallery build-azure-sig-ubuntu-2204-gen2: ## Builds Ubuntu 22.04 Gen2 managed image in Shared Image Gallery build-azure-sig-ubuntu-2404-gen2: ## Builds Ubuntu 24.04 Gen2 managed image in Shared Image Gallery +build-azure-sig-ubuntu-2604-gen2: ## Builds Ubuntu 26.04 Gen2 managed image in Shared Image Gallery build-azure-sig-ubuntu-2204-cvm: ## Builds Ubuntu 22.04 CVM managed image in Shared Image Gallery build-azure-sig-ubuntu-2404-cvm: ## Builds Ubuntu 24.04 CVM managed image in Shared Image Gallery -build-azure-vhds: $(AZURE_BUILD_VHD_TARGETS) ## Builds all Azure VHDs +#build-azure-sig-ubuntu-2604-cvm: ## Builds Ubuntu 26.04 CVM managed image in Shared Image Gallery build-azure-sigs: $(AZURE_BUILD_SIG_TARGETS) $(AZURE_BUILD_SIG_GEN2_TARGETS) $(AZURE_BUILD_SIG_CVM_TARGETS) ## Builds all Azure Shared Image Gallery images build-do-ubuntu-2204: ## Builds Ubuntu 22.04 DigitalOcean Snapshot build-do-ubuntu-2404: ## Builds Ubuntu 24.04 DigitalOcean Snapshot +build-do-ubuntu-2604: ## Builds Ubuntu 26.04 DigitalOcean Snapshot build-do-all: $(DO_BUILD_TARGETS) ## Builds all DigitalOcean Snapshot build-gce-ubuntu-2204: ## Builds the GCE ubuntu-2204 image build-gce-ubuntu-2404: ## Builds the GCE ubuntu-2404 image +build-gce-ubuntu-2604: ## Builds the GCE ubuntu-2604 image build-gce-all: $(GCE_BUILD_TARGETS) ## Builds all GCE image build-huaweicloud-ubuntu-2204: ## Builds Ubuntu 22.04 HuaweiCloud image @@ -759,6 +780,8 @@ build-node-ova-vsphere-ubuntu-2204: ## Builds Ubuntu 22.04 Node OVA and template build-node-ova-vsphere-ubuntu-2204-efi: ## Builds Ubuntu 22.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-ubuntu-2404: ## Builds Ubuntu 24.04 Node OVA and template on vSphere build-node-ova-vsphere-ubuntu-2404-efi: ## Builds Ubuntu 24.04 Node OVA and template on vSphere that EFI boots +build-node-ova-vsphere-ubuntu-2604: ## Builds Ubuntu 26.04 Node OVA and template on vSphere +build-node-ova-vsphere-ubuntu-2604-efi: ## Builds Ubuntu 26.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-windows-2019: ## Builds for Windows Server 2019 and template on vSphere build-node-ova-vsphere-windows-2019-efi: ## Builds for Windows Server 2019 and template on vSphere that EFI boots build-node-ova-vsphere-windows-2022: ## Builds for Windows Server 2022 template on vSphere @@ -774,6 +797,8 @@ build-node-ova-vsphere-clone-ubuntu-2204: ## Builds Ubuntu 22.04 Node OVA and te build-node-ova-vsphere-clone-ubuntu-2204-efi: ## ## Builds Ubuntu 22.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-clone-ubuntu-2404: ## Builds Ubuntu 24.04 Node OVA and template on vSphere build-node-ova-vsphere-clone-ubuntu-2404-efi: ## ## Builds Ubuntu 24.04 Node OVA and template on vSphere that EFI boots +build-node-ova-vsphere-clone-ubuntu-2604: ## Builds Ubuntu 26.04 Node OVA and template on vSphere +build-node-ova-vsphere-clone-ubuntu-2604-efi: ## Builds Ubuntu 26.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-clone-all: $(NODE_OVA_VSPHERE_CLONE_BUILD_TARGETS) ## Builds all Node OVAs and templates on vSphere build-node-ova-vsphere-base-photon-4: ## Builds base Photon 4 Node OVA and template on vSphere @@ -785,6 +810,8 @@ build-node-ova-vsphere-base-ubuntu-2204: ## Builds base Ubuntu 22.04 Node OVA an build-node-ova-vsphere-base-ubuntu-2204-efi: ## Builds Ubuntu 22.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-base-ubuntu-2404: ## Builds base Ubuntu 24.04 Node OVA and template on vSphere build-node-ova-vsphere-base-ubuntu-2404-efi: ## Builds Ubuntu 24.04 Node OVA and template on vSphere that EFI boots +build-node-ova-vsphere-base-ubuntu-2604: ## Builds base Ubuntu 26.04 Node OVA and template on vSphere +build-node-ova-vsphere-base-ubuntu-2604-efi: ## Builds Ubuntu 26.04 Node OVA and template on vSphere that EFI boots build-node-ova-vsphere-base-all: $(NODE_OVA_VSPHERE_BASE_BUILD_TARGETS) ## Builds all base Node OVAs and templates on vSphere build-node-ova-local-vmx-photon-4: ## Builds Photon 4 Node OVA from VMX file w local hypervisor @@ -801,6 +828,7 @@ build-node-ova-local-base-almalinux-9: ## Builds base AlmaLinux 9 Base Node OVA build-openstack-ubuntu-2204: ## Builds Ubuntu 22.04 OpenStack image build-openstack-ubuntu-2404: ## Builds Ubuntu 24.04 OpenStack image +build-openstack-ubuntu-2604: ## Builds Ubuntu 26.04 OpenStack image build-openstack-rockylinux-9: ## Builds RockyLinux 9 OpenStack image build-openstack-flatcar: ## Builds Flatcar OpenStack image build-openstack-all: $(OPENSTACK_BUILD_TARGETS) @@ -811,6 +839,8 @@ build-qemu-ubuntu-2204-cloudimg: ## Builds Ubuntu 22.04 QEMU image using cloud i build-qemu-ubuntu-2204-efi: ## Builds Ubuntu 22.04 QEMU image that EFI boots build-qemu-ubuntu-2404: ## Builds Ubuntu 24.04 QEMU image build-qemu-ubuntu-2404-efi: ## Builds Ubuntu 24.04 QEMU image that EFI boots +build-qemu-ubuntu-2604: ## Builds Ubuntu 26.04 QEMU image +build-qemu-ubuntu-2604-efi: ## Builds Ubuntu 26.04 QEMU image that EFI boots build-qemu-centos-9: ## Builds CentOS 9 Stream QEMU image build-qemu-rhel-9: ## Builds RHEL 9 QEMU image build-qemu-rockylinux-9: ## Builds Rocky 9 QEMU image @@ -819,12 +849,17 @@ build-qemu-all: $(QEMU_BUILD_TARGETS) ## Builds all Qemu images build-maas-ubuntu-2204-efi: ## Builds Ubuntu 22.04 MaaS image that EFI boots build-maas-ubuntu-2404-efi: ## Builds Ubuntu 24.04 MaaS image that EFI boots +build-maas-ubuntu-2204-arm64: ## Builds Ubuntu 22.04 ARM64 MaaS image that EFI boots +build-maas-ubuntu-2404-arm64: ## Builds Ubuntu 24.04 ARM64 MaaS image that EFI boots +build-maas-ubuntu-2604-efi: ## Builds Ubuntu 26.04 MaaS image that EFI boots build-raw-flatcar: ## Builds Flatcar RAW image build-raw-ubuntu-2204: ## Builds Ubuntu 22.04 RAW image build-raw-ubuntu-2204-efi: ## Builds Ubuntu 22.04 RAW image that EFI boots build-raw-ubuntu-2404: ## Builds Ubuntu 24.04 RAW image build-raw-ubuntu-2404-efi: ## Builds Ubuntu 24.04 RAW image that EFI boots +build-raw-ubuntu-2604: ## Builds Ubuntu 26.04 RAW image +build-raw-ubuntu-2604-efi: ## Builds Ubuntu 26.04 RAW image that EFI boots build-raw-rhel-9: ## Builds RHEL 9 RAW image build-raw-rhel-9-efi: ## Builds RHEL 9 RAW image that EFI boots build-raw-all: $(RAW_BUILD_TARGETS) ## Builds all RAW images @@ -837,10 +872,12 @@ build-oci-all: $(OCI_BUILD_TARGETS) ## Builds all OCI image build-osc-ubuntu-2204: ## Builds Ubuntu 22.04 Outscale Snapshot build-osc-ubuntu-2404: ## Builds Ubuntu 24.04 Outscale Snapshot +build-osc-ubuntu-2604: ## Builds Ubuntu 26.04 Outscale Snapshot build-osc-all: $(OSC_BUILD_TARGETS) ## Builds all Outscale Snapshot build-nutanix-ubuntu-2204: ## Builds Ubuntu 22.04 Nutanix image build-nutanix-ubuntu-2404: ## Builds Ubuntu 24.04 Nutanix image +build-nutanix-ubuntu-2604: ## Builds Ubuntu 26.04 Nutanix image build-nutanix-rhel-9: ## Builds the Nutanix RedHat Enterprise Linux 9 image build-nutanix-rockylinux-9: ## Builds the Nutanix Rocky Linux 9 image build-nutanix-flatcar: ## Builds the Nutanix Flatcar image @@ -849,6 +886,7 @@ build-nutanix-all: $(NUTANIX_BUILD_TARGETS) ## Builds all Nutanix image build-hcloud-ubuntu-2204: ## Builds the Hetzner Cloud Ubuntu 22.04 image build-hcloud-ubuntu-2404: ## Builds the Hetzner Cloud Ubuntu 24.04 image +build-hcloud-ubuntu-2604: ## Builds the Hetzner Cloud Ubuntu 26.04 image build-hcloud-rockylinux-9: ## Builds the Hetzner Cloud Rocky Linux 9 image build-hcloud-flatcar: ## Builds the Hetzner Cloud Flatcar image build-hcloud-flatcar-arm64: ## Builds the Hetzner Cloud Flatcar arm64 image @@ -857,17 +895,21 @@ build-hcloud-all: $(HCLOUD_BUILD_TARGETS) ## Builds all Hetzner Cloud image build-proxmox-ubuntu-2204: ## Builds Ubuntu 22.04 Proxmox image build-proxmox-ubuntu-2404: ## Builds Ubuntu 24.04 Proxmox image build-proxmox-ubuntu-2404-efi: ## Builds Ubuntu 24.04 Proxmox image that EFI boots +build-proxmox-ubuntu-2604: ## Builds Ubuntu 26.04 Proxmox image +build-proxmox-ubuntu-2604-efi: ## Builds Ubuntu 26.04 Proxmox image that EFI boots build-proxmox-rockylinux-9: ## Builds Rocky Linux 9 Proxmox image build-proxmox-flatcar: ## Builds Flatcar Proxmox image build-proxmox-all: $(PROXMOX_BUILD_TARGETS) ## Builds all Proxmox images build-vultr-ubuntu-2204: ## Builds Ubuntu 22.04 Vultr Snapshot build-vultr-ubuntu-2404: ## Builds Ubuntu 24.04 Vultr Snapshot +build-vultr-ubuntu-2604: ## Builds Ubuntu 26.04 Vultr Snapshot build-vultr-all: $(VULTR_BUILD_TARGETS) ## Builds all Vultr Snapshots build-scaleway-rockylinux-9: ## Builds Rocky Linux 9 Scaleway image build-scaleway-ubuntu-2204: ## Builds Ubuntu 22.04 Scaleway image build-scaleway-ubuntu-2404: ## Builds Ubuntu 24.04 Scaleway image +build-scaleway-ubuntu-2604: ## Builds Ubuntu 26.04 Scaleway image build-scaleway-all: $(SCALEWAY_BUILD_TARGETS) ## Builds all Scaleway images ## -------------------------------------- @@ -876,11 +918,14 @@ build-scaleway-all: $(SCALEWAY_BUILD_TARGETS) ## Builds all Scaleway images ##@ Validate packer config validate-ami-amazon-2: ## Validates Amazon-2 Linux AMI Packer config validate-ami-amazon-2023: ## Validates Amazon-2023 Linux AMI Packer config +validate-ami-amazon-2023-arm64: ## Validates Amazon-2023 Linux arm64 AMI Packer config validate-ami-flatcar: ## Validates Flatcar AMI Packer config validate-ami-flatcar-arm64: ## Validates Flatcar arm64 AMI Packer config validate-ami-ubuntu-2204: ## Validates Ubuntu 22.04 AMI Packer config - +validate-ami-ubuntu-2204-arm64: ## Validates Ubuntu 22.04 arm64 AMI Packer config validate-ami-ubuntu-2404: ## Validates Ubuntu 24.04 AMI Packer config +validate-ami-ubuntu-2404-arm64: ## Validates Ubuntu 24.04 arm64 AMI Packer config +validate-ami-ubuntu-2604: ## Validates Ubuntu 26.04 AMI Packer config validate-ami-windows-2019: ## Validates Windows Server 2019 AMI Packer config validate-ami-all: $(AMI_VALIDATE_TARGETS) ## Validates all AMIs Packer config @@ -889,34 +934,38 @@ validate-huaweicloud-ubuntu-2204: ## Validates Ubuntu 22.04 HuaweiCloud Snapshot validate-azure-sig-azurelinux-3: ## Validates Azure Linux 3 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2204: ## Validates Ubuntu 22.04 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2404: ## Validates Ubuntu 24.04 Azure managed image in Shared Image Gallery Packer config +validate-azure-sig-ubuntu-2604: ## Validates Ubuntu 26.04 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-windows-2019-containerd: ## Validate Windows Server 2019 with containerd Azure managed image in Shared Image Gallery Packer config validate-azure-sig-windows-2022-containerd: ## Validate Windows Server 2022 with containerd Azure managed image in Shared Image Gallery Packer config validate-azure-sig-windows-2025-containerd: ## Validate Windows Server 2025 with containerd Azure managed image in Shared Image Gallery Packer config validate-azure-sig-windows-annual-containerd: ## Validate Windows Server Annual Channel with containerd Azure managed image in Shared Image Gallery Packer config -validate-azure-vhd-azurelinux-3: ## Validates Azure Linux 3 VHD image Azure Packer config -validate-azure-vhd-ubuntu-2204: ## Validates Ubuntu 22.04 VHD image Azure Packer config -validate-azure-vhd-ubuntu-2404: ## Validates Ubuntu 24.04 VHD image Azure Packer config -validate-azure-vhd-windows-2019-containerd: ## Validate Windows Server 2019 VHD with containerd image Azure Packer config -validate-azure-vhd-windows-2022-containerd: ## Validate Windows Server 2022 VHD with containerd image Azure Packer config validate-azure-sig-azurelinux-3-gen2: ## Validates Azure Linux 3 Gen2 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2204-gen2: ## Validates Ubuntu 22.04 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2204-cvm: ## Validates Ubuntu 22.04 CVM Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2404-gen2: ## Validates Ubuntu 24.04 Azure managed image in Shared Image Gallery Packer config validate-azure-sig-ubuntu-2404-cvm: ## Validates Ubuntu 24.04 CVM Azure managed image in Shared Image Gallery Packer config -validate-azure-all: $(AZURE_VALIDATE_SIG_TARGETS) $(AZURE_VALIDATE_VHD_TARGETS) $(AZURE_VALIDATE_SIG_GEN2_TARGETS) $(AZURE_VALIDATE_SIG_CVM_TARGETS) ## Validates all images for Azure Packer config +validate-azure-sig-ubuntu-2604-gen2: ## Validates Ubuntu 26.04 Azure managed image in Shared Image Gallery Packer config +#validate-azure-sig-ubuntu-2604-cvm: ## Validates Ubuntu 26.04 CVM Azure managed image in Shared Image Gallery Packer config +validate-azure-all: $(AZURE_VALIDATE_SIG_TARGETS) $(AZURE_VALIDATE_SIG_GEN2_TARGETS) $(AZURE_VALIDATE_SIG_CVM_TARGETS) ## Validates all images for Azure Packer config validate-do-ubuntu-2204: ## Validates Ubuntu 22.04 DigitalOcean Snapshot Packer config validate-do-ubuntu-2404: ## Validates Ubuntu 24.04 DigitalOcean Snapshot Packer config +validate-do-ubuntu-2604: ## Validates Ubuntu 26.04 DigitalOcean Snapshot Packer config validate-do-all: $(DO_VALIDATE_TARGETS) ## Validates all DigitalOcean Snapshot Packer config validate-openstack-ubuntu-2204: ## Validates Ubuntu 22.04 Openstack Image Packer config validate-openstack-ubuntu-2404: ## Validates Ubuntu 22.04 Openstack Image Packer config +validate-openstack-ubuntu-2604: ## Validates Ubuntu 26.04 Openstack Image Packer config validate-openstack-rocky-9: ## Validates Rocky 9 Openstack Image Packer config validate-openstack-flatcar: ## Validates Flatcar Openstack Image Packer config validate-openstack-all: $(OPENSTACK_VALIDATE_TARGETS) ## Validates all Openstack Glance Image Packer config +validate-oxide-ubuntu-2404: ## Validates Ubuntu 24.04 Oxide Snapshot Packer config +validate-oxide-all: $(OXIDE_VALIDATE_TARGETS) ## Validates all Oxide Snapshot Packer config + validate-gce-ubuntu-2204: ## Validates Ubuntu 22.04 GCE Snapshot Packer config validate-gce-ubuntu-2404: ## Validates Ubuntu 24.04 GCE Snapshot Packer config +validate-gce-ubuntu-2604: ## Validates Ubuntu 26.04 GCE Snapshot Packer config validate-gce-all: $(GCE_VALIDATE_TARGETS) ## Validates all GCE Snapshot Packer config validate-node-ova-local-flatcar: ## Validates Flatcar stable Node OVA Packer config w local hypervisor @@ -927,6 +976,7 @@ validate-node-ova-local-rockylinux-9: ## Validates RockyLinux 9 Node OVA Packer validate-node-ova-local-almalinux-9: ## Validates AlmaLinux 9 Node OVA Packer config w local hypervisor validate-node-ova-local-ubuntu-2204: ## Validates Ubuntu 22.04 Node OVA Packer config w local hypervisor validate-node-ova-local-ubuntu-2404: ## Validates Ubuntu 24.04 Node OVA Packer config w local hypervisor +validate-node-ova-local-ubuntu-2604: ## Validates Ubuntu 26.04 Node OVA Packer config w local hypervisor validate-node-ova-local-windows-2019: ## Validates Windows Server 2019 Node OVA Packer config w local hypervisor validate-node-ova-local-windows-2022: ## Validates Windows Server 2022 Node OVA Packer config w local hypervisor validate-node-ova-local-all: $(NODE_OVA_LOCAL_VALIDATE_TARGETS) ## Validates all Node OVAs Packer config w local hypervisor @@ -938,6 +988,7 @@ validate-node-ova-local-vmx-rockylinux-9: ## Validates RockyLinux 9 Node OVA fro validate-node-ova-local-vmx-almalinux-9: ## Validates AlmaLinux 9 Node OVA from VMX file w local hypervisor validate-node-ova-local-vmx-ubuntu-2204: ## Validates Ubuntu 22.04 Node OVA from VMX file w local hypervisor validate-node-ova-local-vmx-ubuntu-2404: ## Validates Ubuntu 24.04 Node OVA from VMX file w local hypervisor +validate-node-ova-local-vmx-ubuntu-2604: ## Validates Ubuntu 26.04 Node OVA from VMX file w local hypervisor validate-node-ova-local-base-photon-4: ## Validates Photon 4 Base Node OVA w local hypervisor validate-node-ova-local-base-photon-5: ## Validates Photon 5 Base Node OVA w local hypervisor @@ -946,6 +997,7 @@ validate-node-ova-local-base-rockylinux-9: ## Validates RockyLinux 9 Base Node O validate-node-ova-local-base-almalinux-9: ## Validates AlmaLinux 9 Base Node OVA w local hypervisor validate-node-ova-local-base-ubuntu-2204: ## Validates Ubuntu 22.04 Base Node OVA w local hypervisor validate-node-ova-local-base-ubuntu-2404: ## Validates Ubuntu 24.04 Base Node OVA w local hypervisor +validate-node-ova-local-base-ubuntu-2604: ## Validates Ubuntu 26.04 Base Node OVA w local hypervisor validate-qemu-flatcar: ## Validates Flatcar QEMU image packer config validate-qemu-ubuntu-2204: ## Validates Ubuntu 22.04 QEMU image packer config @@ -953,6 +1005,8 @@ validate-qemu-ubuntu-2204-cloudimg: ## Validates Ubuntu 22.04 QEMU image packer validate-qemu-ubuntu-2204-efi: ## Validates Ubuntu 22.04 QEMU EFI image packer config validate-qemu-ubuntu-2404: ## Validates Ubuntu 24.04 QEMU image packer config validate-qemu-ubuntu-2404-efi: ## Validates Ubuntu 24.04 QEMU EFI image packer config +validate-qemu-ubuntu-2604: ## Validates Ubuntu 26.04 QEMU image packer config +validate-qemu-ubuntu-2604-efi: ## Validates Ubuntu 26.04 QEMU EFI image packer config validate-qemu-rhel-9: ## Validates RHEL 9 QEMU image validate-qemu-rockylinux-9: ## Validates Rocky Linux 9 QEMU image packer config validate-qemu-rockylinux-9-cloudimg: ## Validates Rocky Linux 9 QEMU image packer config using cloud image @@ -963,6 +1017,8 @@ validate-raw-ubuntu-2204: ## Validates Ubuntu 22.04 RAW image packer config validate-raw-ubuntu-2204-efi: ## Validates Ubuntu 22.04 RAW EFI image packer config validate-raw-ubuntu-2404: ## Validates Ubuntu 24.04 RAW image packer config validate-raw-ubuntu-2404-efi: ## Validates Ubuntu 24.04 RAW EFI image packer config +validate-raw-ubuntu-2604: ## Validates Ubuntu 26.04 RAW image packer config +validate-raw-ubuntu-2604-efi: ## Validates Ubuntu 26.04 RAW EFI image packer config validate-raw-rhel-9: ## Validates RHEL 9 RAW image packer config validate-raw-all: $(RAW_VALIDATE_TARGETS) ## Validates all RAW Packer config @@ -974,13 +1030,16 @@ validate-oci-all: $(OCI_VALIDATE_TARGETS) ## Validates all OCI image packer conf validate-osc-ubuntu-2204: ## Validates Ubuntu 22.04 Outscale Snapshot Packer config validate-osc-ubuntu-2404: ## Validates Ubuntu 24.04 Outscale Snapshot Packer config +validate-osc-ubuntu-2604: ## Validates Ubuntu 26.04 Outscale Snapshot Packer config validate-osc-all: $(OSC_VALIDATE_TARGETS) ## Validates all Outscale Snapshot Packer config validate-powervs-centos-9: ## Validates the PowerVS CentOS 9 image packer config +validate-powervs-centos-10: ## Validates the PowerVS CentOS 10 image packer config validate-powervs-all: $(POWERVS_VALIDATE_TARGETS) ## Validates all PowerVS Packer config validate-nutanix-ubuntu-2204: ## Validates Ubuntu 22.04 Nutanix Packer config validate-nutanix-ubuntu-2404: ## Validates Ubuntu 24.04 Nutanix Packer config +validate-nutanix-ubuntu-2604: ## Validates Ubuntu 26.04 Nutanix Packer config validate-nutanix-rhel-9: ## Validates RedHat Enterprise Linux 9 Nutanix Packer config validate-nutanix-rockylinux-9: ## Validates Rocky Linux 9 Nutanix Packer config validate-nutanix-flatcar: ## Validates the Nutanix Flatcar Nutanix Packer config @@ -989,6 +1048,7 @@ validate-nutanix-all: $(NUTANIX_VALIDATE_TARGETS) ## Validates all Nutanix Packe validate-hcloud-ubuntu-2204: ## Validates Ubuntu 22.04 Hetzner Cloud Packer config validate-hcloud-ubuntu-2404: ## Validates Ubuntu 24.04 Hetzner Cloud Packer config +validate-hcloud-ubuntu-2604: ## Validates Ubuntu 26.04 Hetzner Cloud Packer config validate-hcloud-rockylinux-9: ## Validates Rocky Linux 9 Hetzner Cloud Packer config validate-hcloud-flatcar: ## Validates the Hetzner Cloud Flatcar Packer config validate-hcloud-flatcar-arm64: ## Validates the Hetzner Cloud Flatcar arm64 Packer config @@ -997,17 +1057,21 @@ validate-hcloud-all: $(HCLOUD_VALIDATE_TARGETS) ## Validates all Hetzner Cloud P validate-proxmox-ubuntu-2204: ## Validates Ubuntu 22.04 Proxmox Packer config validate-proxmox-ubuntu-2404: ## Validates Ubuntu 24.04 Proxmox Packer config validate-proxmox-ubuntu-2404-efi: ## Validates Ubuntu 24.04 EFI Proxmox Packer config +validate-proxmox-ubuntu-2604: ## Validates Ubuntu 26.04 Proxmox Packer config +validate-proxmox-ubuntu-2604-efi: ## Validates Ubuntu 26.04 EFI Proxmox Packer config validate-proxmox-rockylinux-9: ## Validates Rocky Linux 9 Proxmox Packer config validate-proxmox-flatcar: ## Validates Flatcar Proxmox Packer config validate-proxmox-all: $(PROXMOX_VALIDATE_TARGETS) ## Validates all Proxmox Packer config validate-vultr-ubuntu-2204: ## Validates Ubuntu 22.04 Vultr Snapshot Packer config validate-vultr-ubuntu-2404: ## Validates Ubuntu 24.04 Vultr Snapshot Packer config +validate-vultr-ubuntu-2604: ## Validates Ubuntu 26.04 Vultr Snapshot Packer config validate-vultr-all: $(VULTR_VALIDATE_TARGETS) ## Validates all Vultr Snapshot Packer config validate-scaleway-rockylinux-9: ## Validates Rocky Linux 9 Scaleway image Packer config validate-scaleway-ubuntu-2204: ## Validates Ubuntu 22.04 Scaleway image Packer config validate-scaleway-ubuntu-2404: ## Validates Ubuntu 24.04 Scaleway image Packer config +validate-scaleway-ubuntu-2604: ## Validates Ubuntu 26.04 Scaleway image Packer config validate-scaleway-all: $(SCALEWAY_VALIDATE_TARGETS) ## Validates all Scaleway Cloud Packer config validate-all: validate-ami-all \ @@ -1019,6 +1083,7 @@ validate-all: validate-ami-all \ validate-raw-all \ validate-oci-all \ validate-osc-all \ + validate-oxide-all \ validate-nutanix-all \ validate-hcloud-all \ validate-scaleway-all \ diff --git a/images/capi/ansible/roles/containerd/defaults/main.yml b/images/capi/ansible/roles/containerd/defaults/main.yml index a470d15d2e..88ffdcbbff 100644 --- a/images/capi/ansible/roles/containerd/defaults/main.yml +++ b/images/capi/ansible/roles/containerd/defaults/main.yml @@ -13,11 +13,12 @@ # limitations under the License. --- containerd_config_file: etc/containerd/config.toml +containerd_enable_limit_no_file: false containerd_gvisor_runtime: false containerd_gvisor_version: latest containerd_baseurl: https://github.com/containerd/containerd/releases/download/v{{ containerd_version }} containerd_filename: "containerd-{{ containerd_version }}-{{ system }}-{{ arch }}.tar.gz" containerd_url: "{{ containerd_baseurl }}/{{ containerd_filename }}" containerd_runc_url: "https://github.com/opencontainers/runc/releases/download/v{{ runc_version }}/runc.{{ arch }}" -runc_version: "1.3.4" +runc_version: "1.4.2" containerd_runc_checksum_url: "https://github.com/opencontainers/runc/releases/download/v{{ runc_version }}/runc.sha256sum" diff --git a/images/capi/ansible/roles/containerd/tasks/main.yml b/images/capi/ansible/roles/containerd/tasks/main.yml index b76ae006db..a6df889ce3 100644 --- a/images/capi/ansible/roles/containerd/tasks/main.yml +++ b/images/capi/ansible/roles/containerd/tasks/main.yml @@ -157,7 +157,7 @@ dest: /etc/systemd/system/containerd.service.d/limit-nofile.conf src: etc/systemd/system/containerd.service.d/limit-nofile.conf mode: "0644" - when: ansible_facts['os_family'] in ["Common Base Linux Mariner", "Flatcar", "Microsoft Azure Linux"] + when: ansible_facts['os_family'] in ["Common Base Linux Mariner", "Flatcar", "Microsoft Azure Linux"] or containerd_enable_limit_no_file | bool - name: Create containerd http proxy conf file if needed ansible.builtin.template: diff --git a/images/capi/ansible/roles/firstboot/meta/main.yml b/images/capi/ansible/roles/firstboot/meta/main.yml index 004bdd1dc4..92442b55fe 100644 --- a/images/capi/ansible/roles/firstboot/meta/main.yml +++ b/images/capi/ansible/roles/firstboot/meta/main.yml @@ -19,9 +19,20 @@ dependencies: debs: "" when: ansible_facts['os_family'] == "VMware Photon OS" + - role: setup + vars: + rpms: >- + {{ ( common_rpms + rh8_rpms + lookup('vars', 'common_' + build_target + '_rpms') ) }} + debs: "{{ common_debs + lookup('vars', 'common_' + build_target + '_debs_arm64') }}" + when: > + packer_builder_type is search('qemu') + and ansible_facts['architecture'] == "aarch64" + - role: setup vars: rpms: >- {{ ( common_rpms + rh8_rpms + lookup('vars', 'common_' + build_target + '_rpms') ) }} debs: "{{ common_debs + lookup('vars', 'common_' + build_target + '_debs') }}" - when: packer_builder_type is search('qemu') + when: > + packer_builder_type is search('qemu') + and ansible_facts['architecture'] != "aarch64" diff --git a/images/capi/ansible/roles/gpu/tasks/nvidia.yml b/images/capi/ansible/roles/gpu/tasks/nvidia.yml index 7629ca9182..faf88bd992 100644 --- a/images/capi/ansible/roles/gpu/tasks/nvidia.yml +++ b/images/capi/ansible/roles/gpu/tasks/nvidia.yml @@ -13,9 +13,26 @@ # limitations under the License. --- -- name: Add NVIDIA package signing key - ansible.builtin.apt_key: +- name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + when: ansible_facts['os_family'] == "Debian" + +- name: Download NVIDIA package signing key (armored) + ansible.builtin.get_url: url: https://nvidia.github.io/libnvidia-container/gpgkey + dest: /etc/apt/keyrings/nvidia.asc + mode: "0644" + when: ansible_facts['os_family'] == "Debian" + +- name: Dearmor NVIDIA package signing key + ansible.builtin.shell: > + gpg --dearmor < /etc/apt/keyrings/nvidia.asc + > /etc/apt/keyrings/nvidia.gpg + args: + creates: /etc/apt/keyrings/nvidia.gpg when: ansible_facts['os_family'] == "Debian" - name: Perform a cache update diff --git a/images/capi/ansible/roles/kubernetes/files/usr/libexec/kubernetes/kubelet-resource-sizing.sh b/images/capi/ansible/roles/kubernetes/files/usr/libexec/kubernetes/kubelet-resource-sizing.sh index 864b0aa76d..3c0b840353 100755 --- a/images/capi/ansible/roles/kubernetes/files/usr/libexec/kubernetes/kubelet-resource-sizing.sh +++ b/images/capi/ansible/roles/kubernetes/files/usr/libexec/kubernetes/kubelet-resource-sizing.sh @@ -3,19 +3,23 @@ # This script is used to calculate the resource sizing for the kubelet based on values used by GKE and repeated # in https://github.com/awslabs/amazon-eks-ami/pull/367/files -#RPM and DEB systems kubelet sysconfig PATH -KUBELET_SYSCONFIG_FILES=( "/etc/sysconfig/kubelet" "/etc/default/kubelet" ) - -for KUBELET_SYSCONFIG in "${KUBELET_SYSCONFIG_FILES[@]}" -do - # Check if the file exists - if [ -f "${KUBELET_SYSCONFIG}" ]; then - # shellcheck source=/dev/null - . "${KUBELET_SYSCONFIG}" - # If system-reserved is already set by user, ignore - if grep -q 'KUBELET_EXTRA_ARGS=.*--system-reserved' "${KUBELET_SYSCONFIG}"; then - exit 0 - fi + +# If the user has already configured systemReserved (in the main kubelet +# config or any other drop-in), don't overwrite their value. +KUBELET_CONFIG="/var/lib/kubelet/kubelet.conf.d/kubelet-resource-sizing.conf" +USER_KUBELET_CONFIGS=( "/var/lib/kubelet/config.yaml" ) +if [ -d /var/lib/kubelet/kubelet.conf.d ]; then + while IFS= read -r -d '' f; do + [ "$f" = "$KUBELET_CONFIG" ] && continue + USER_KUBELET_CONFIGS+=( "$f" ) + done < <(find /var/lib/kubelet/kubelet.conf.d -maxdepth 1 -type f -print0) +fi + +for cfg in "${USER_KUBELET_CONFIGS[@]}"; do + [ -f "$cfg" ] || continue + if grep -Eq '^[[:space:]]*systemReserved[[:space:]]*:' "$cfg" \ + || grep -q '"systemReserved"' "$cfg"; then + exit 0 fi done @@ -98,7 +102,7 @@ CPU_CORE_RESERVATION_MICROCORES=( ) # Calculate the CPU reservation -cpu_milicores_to_reserve() { +cpu_millicores_to_reserve() { local cpu_microcores_reserved=0 for ((i = 0; i < schedulable_cores_no; i++)); do @@ -113,13 +117,18 @@ cpu_milicores_to_reserve() { echo "$cpu_microcores_reserved" | awk '{result = $1 / 10; if (result != int(result)) result++; printf "%d\n", result}' } -mkdir -p /run/kubelet -# Check if system-reserved already exists -if grep '.*--system-reserved' <<< "${KUBELET_EXTRA_ARGS}"; then - # If system-reserved is already set by a previous run, replace old value with new one and write to /run/kubelet/extra-args.env - system_reserved=$(sed -E "s|--system-reserved=cpu=[0-9]+m,memory=[0-9]+Mi|--system-reserved=cpu=$(cpu_milicores_to_reserve)m,memory=$(memory_reservation_mebibytes)Mi|" <<< "${KUBELET_EXTRA_ARGS}") - echo "KUBELET_EXTRA_ARGS=${system_reserved} >/run/kubelet/extra-args.env" -else - # If not append system-reserved to KUBELET_EXTRA_ARGS and write to /run/kubelet/extra-args.env - echo "KUBELET_EXTRA_ARGS=${KUBELET_EXTRA_ARGS} --system-reserved=cpu=$(cpu_milicores_to_reserve)m,memory=$(memory_reservation_mebibytes)Mi" >/run/kubelet/extra-args.env +mkdir -p /var/lib/kubelet/kubelet.conf.d + +# Initialize config file if it doesn't exist +if [ ! -f "$KUBELET_CONFIG" ]; then + echo "{}" > "$KUBELET_CONFIG" fi + +# Get the computed values from the functions +memory_reservation_mebibytes=$(memory_reservation_mebibytes) +cpu_millicores_to_reserve=$(cpu_millicores_to_reserve) + +tmp=$(mktemp) && \ +jq --arg memory_reservation_mebibytes "${memory_reservation_mebibytes}Mi" --arg cpu_millicores_to_reserve "${cpu_millicores_to_reserve}m" \ + '. += {"apiVersion": "kubelet.config.k8s.io/v1beta1","kind": "KubeletConfiguration", "systemReserved": {"cpu": $cpu_millicores_to_reserve, "memory": $memory_reservation_mebibytes}}' "$KUBELET_CONFIG" > "$tmp" && \ +mv "$tmp" "$KUBELET_CONFIG" diff --git a/images/capi/ansible/roles/kubernetes/tasks/debian.yml b/images/capi/ansible/roles/kubernetes/tasks/debian.yml index 9a2089466c..8bc1b7bb5e 100644 --- a/images/capi/ansible/roles/kubernetes/tasks/debian.yml +++ b/images/capi/ansible/roles/kubernetes/tasks/debian.yml @@ -12,14 +12,29 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: Add the Kubernetes repo key - ansible.builtin.apt_key: +# apt-key was removed in Ubuntu 26.04+. Use signed-by keyring instead. +- name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + +- name: Download the Kubernetes repo GPG key (armored) + ansible.builtin.get_url: url: "{{ kubernetes_deb_gpg_key }}" - state: present + dest: /etc/apt/keyrings/kubernetes-apt-keyring.gpg.asc + mode: "0644" + +- name: Dearmor the Kubernetes repo GPG key + ansible.builtin.shell: > + gpg --dearmor < /etc/apt/keyrings/kubernetes-apt-keyring.gpg.asc + > /etc/apt/keyrings/kubernetes-apt-keyring.gpg + args: + creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg - name: Add the Kubernetes repo ansible.builtin.apt_repository: - repo: deb {{ kubernetes_deb_repo }} / + repo: deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] {{ kubernetes_deb_repo }} / update_cache: true state: present mode: "0644" diff --git a/images/capi/ansible/roles/kubernetes/tasks/main.yml b/images/capi/ansible/roles/kubernetes/tasks/main.yml index c2e563d0fe..e85ad96671 100644 --- a/images/capi/ansible/roles/kubernetes/tasks/main.yml +++ b/images/capi/ansible/roles/kubernetes/tasks/main.yml @@ -84,6 +84,19 @@ mode: "0644" when: kubernetes_enable_automatic_resource_sizing | bool +- name: Set Kubelet Configuration Drop-in Directory argument + ansible.builtin.lineinfile: + path: "{{ systemd_prefix }}/system/kubelet.service.d/10-kubeadm.conf" + regexp: '^Environment="KUBELET_CONFIG_ARGS=' + line: Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml --config-dir /var/lib/kubelet/kubelet.conf.d" + when: kubernetes_semver is version('v1.28.0', '>=') and kubernetes_enable_automatic_resource_sizing | bool + +- name: Add KUBELET_CONFIG_DROPIN_DIR_ALPHA environment variable for Kubernetes v1.29 and below + ansible.builtin.lineinfile: + path: "{{ systemd_prefix }}/system/kubelet.service.d/10-kubeadm.conf" + line: Environment="KUBELET_CONFIG_DROPIN_DIR_ALPHA" + when: kubernetes_semver is version('v1.28.0', '>=') and kubernetes_semver is version('v1.30.0', '<') and kubernetes_enable_automatic_resource_sizing | bool + - name: Generate kubectl bash completion ansible.builtin.shell: cmd: "{{ sysusr_prefix }}/bin/kubectl completion bash > {{ sysusr_prefix }}/share/bash-completion/completions/kubectl" diff --git a/images/capi/ansible/roles/node/defaults/main.yml b/images/capi/ansible/roles/node/defaults/main.yml index 789af2027e..9c4a1b4047 100644 --- a/images/capi/ansible/roles/node/defaults/main.yml +++ b/images/capi/ansible/roles/node/defaults/main.yml @@ -102,6 +102,10 @@ photon_5_rpms: common_virt_rpms: - open-vm-tools +common_virt_debs_arm64: + - linux-tools-virtual + - open-vm-tools + common_virt_debs: - linux-cloud-tools-virtual - linux-tools-virtual @@ -120,6 +124,7 @@ common_raw_photon_rpms: [] # as it uses systemd-sysctl. set this var so we can use for sysctl conf file value. sysctl_conf_file: >- {{ '/etc/sysctl.d/99-sysctl.conf' if ansible_facts['os_family'] in ['Common Base Linux Mariner', 'Flatcar', 'Microsoft Azure Linux', 'VMware Photon OS'] + or (ansible_facts['distribution'] == 'Ubuntu' and (ansible_facts['distribution_major_version'] | int) >= 26) else '/etc/sysctl.conf' }} pause_image: registry.k8s.io/pause:3.10.2 diff --git a/images/capi/ansible/roles/node/meta/main.yml b/images/capi/ansible/roles/node/meta/main.yml index 573e70fb39..2920518bf3 100644 --- a/images/capi/ansible/roles/node/meta/main.yml +++ b/images/capi/ansible/roles/node/meta/main.yml @@ -29,7 +29,9 @@ dependencies: vars: rpms: "{{ common_rpms }}" debs: "{{ common_debs }}" - when: packer_builder_type == "oracle-oci" and ansible_facts['architecture'] == "aarch64" + when: > + ansible_facts['architecture'] == "aarch64" + and ansible_facts['distribution'] not in ["VMware Photon OS", "Amazon"] - role: setup vars: @@ -45,7 +47,7 @@ dependencies: debs: "{{ common_debs + lookup('vars', 'common_' + build_target + '_debs') }}" when: > ansible_facts['distribution'] not in ["VMware Photon OS", "Amazon"] - and not (packer_builder_type == "oracle-oci" and ansible_facts['architecture'] == "aarch64") + and ansible_facts['architecture'] != "aarch64" and not packer_builder_type is search('qemu') - role: setup diff --git a/images/capi/ansible/roles/node/tasks/debian.yml b/images/capi/ansible/roles/node/tasks/debian.yml new file mode 100644 index 0000000000..e731e81eb3 --- /dev/null +++ b/images/capi/ansible/roles/node/tasks/debian.yml @@ -0,0 +1,46 @@ +# Copyright 2026 The Kubernetes Authors. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# The apt-daily and unattended-upgrades systemd timers fire shortly after first +# boot and intermittently hold the dpkg/apt frontend lock while later roles +# (containerd, kubernetes, sysprep) install packages, causing flaky build +# failures. Stop and mask them this early, before any package installs, so they +# cannot race the build. sysprep also disables them, but that runs too late to +# protect the install steps. +- name: Stop and mask apt-daily and unattended-upgrades units + ansible.builtin.systemd: + name: "{{ item }}" + state: stopped + masked: true + failed_when: false + loop: + - apt-daily.timer + - apt-daily-upgrade.timer + - apt-daily.service + - apt-daily-upgrade.service + - unattended-upgrades.service + +- name: Wait for any in-flight apt/dpkg process to release the lock + ansible.builtin.shell: | + set -o pipefail + command -v fuser >/dev/null 2>&1 || exit 0 + for _ in $(seq 1 60); do + fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1 || exit 0 + sleep 5 + done + echo "timed out waiting for dpkg frontend lock to be released" >&2 + exit 1 + args: + executable: /bin/bash + changed_when: false diff --git a/images/capi/ansible/roles/node/tasks/main.yml b/images/capi/ansible/roles/node/tasks/main.yml index 64e085f40e..132cf0d988 100644 --- a/images/capi/ansible/roles/node/tasks/main.yml +++ b/images/capi/ansible/roles/node/tasks/main.yml @@ -20,6 +20,10 @@ ansible.builtin.import_tasks: amazonLinux.yml when: ansible_facts['distribution'] == "Amazon" +- name: Import Debian node tasks + ansible.builtin.import_tasks: debian.yml + when: ansible_facts['os_family'] == "Debian" + # This is required until https://github.com/ansible/ansible/issues/77537 is fixed and used. - name: Override Flatcar's OS family ansible.builtin.set_fact: diff --git a/images/capi/ansible/roles/providers/tasks/aws.yml b/images/capi/ansible/roles/providers/tasks/aws.yml index fabe8bf813..aa0c17ce4f 100644 --- a/images/capi/ansible/roles/providers/tasks/aws.yml +++ b/images/capi/ansible/roles/providers/tasks/aws.yml @@ -51,6 +51,11 @@ name: hv-kvp-daemon state: stopped enabled: false + register: disable_hypervisor + ignore_errors: true + failed_when: + - disable_hypervisor.failed + - '"Could not find" not in (disable_hypervisor.msg | default(""))' when: ansible_facts['os_family'] == "Debian" - name: Create cloud-init custom data source list diff --git a/images/capi/ansible/roles/providers/tasks/azure.yml b/images/capi/ansible/roles/providers/tasks/azure.yml index 3aa146ea94..dbeda049a9 100644 --- a/images/capi/ansible/roles/providers/tasks/azure.yml +++ b/images/capi/ansible/roles/providers/tasks/azure.yml @@ -12,6 +12,34 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +# The Canonical Ubuntu 26.04 (resolute) Azure Marketplace image ships a legacy +# Microsoft "prod" apt source pinned to ubuntu/18.04 whose signing key is not in +# the keyring. Ubuntu 26.04 removed apt-key and enforces signed-by, so the first +# `apt update` of the build fails with: +# NO_PUBKEY EB3E94ADBE1229CF ... 'https://packages.microsoft.com/ubuntu/18.04/prod +# bionic InRelease' is not signed +# image-builder does not rely on this repo for node images (azure-cli is only +# installed when debug_tools is set, from its own signed-by repo), so drop the +# stale source before any apt cache update. No-op on images that don't ship it. +- name: Find stale Microsoft prod apt sources shipped on the base image + ansible.builtin.find: + paths: /etc/apt/sources.list.d + patterns: + - "*.list" + - "*.sources" + contains: ".*packages\\.microsoft\\.com/ubuntu/18\\.04.*" + register: stale_ms_apt_sources + when: ansible_facts['os_family'] == "Debian" + +- name: Remove stale Microsoft prod apt sources shipped on the base image + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ stale_ms_apt_sources.files | default([]) }}" + loop_control: + label: "{{ item.path }}" + when: ansible_facts['os_family'] == "Debian" + - name: Import Azure CLI tasks ansible.builtin.import_tasks: azurecli.yml when: debug_tools | bool diff --git a/images/capi/ansible/roles/providers/tasks/azurecli.yml b/images/capi/ansible/roles/providers/tasks/azurecli.yml index a83e682362..2c23bac5ee 100644 --- a/images/capi/ansible/roles/providers/tasks/azurecli.yml +++ b/images/capi/ansible/roles/providers/tasks/azurecli.yml @@ -15,10 +15,24 @@ - name: Install Azure CLI when: ansible_facts['os_family'] == "Debian" block: - - name: Add Microsoft Package Repository Key - ansible.builtin.apt_key: + - name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + + - name: Download Microsoft Package Repository Key (armored) + ansible.builtin.get_url: url: https://packages.microsoft.com/keys/microsoft.asc - state: present + dest: /etc/apt/keyrings/microsoft.asc + mode: "0644" + + - name: Dearmor Microsoft Package Repository Key + ansible.builtin.shell: > + gpg --dearmor < /etc/apt/keyrings/microsoft.asc + > /etc/apt/keyrings/microsoft.gpg + args: + creates: /etc/apt/keyrings/microsoft.gpg - name: Find Ubuntu Version ansible.builtin.command: @@ -32,9 +46,17 @@ register: host_arch changed_when: false + # TODO: drop once packages.microsoft.com publishes a resolute repo + - name: Map unsupported codenames to nearest supported codename + ansible.builtin.set_fact: + azure_cli_codename: "{{ 'noble' if ubuntu_version.stdout == 'resolute' else ubuntu_version.stdout }}" + - name: Add Microsoft Package Repository ansible.builtin.apt_repository: - repo: 'deb [arch={{ host_arch.stdout }}] https://packages.microsoft.com/repos/azure-cli/ {{ ubuntu_version.stdout }} main' + repo: >- + deb [arch={{ host_arch.stdout }} signed-by=/etc/apt/keyrings/microsoft.gpg] + https://packages.microsoft.com/repos/azure-cli/ + {{ azure_cli_codename }} main state: present update_cache: true diff --git a/images/capi/ansible/roles/providers/tasks/main.yml b/images/capi/ansible/roles/providers/tasks/main.yml index 38b651856b..bcdfd28c1e 100644 --- a/images/capi/ansible/roles/providers/tasks/main.yml +++ b/images/capi/ansible/roles/providers/tasks/main.yml @@ -113,7 +113,27 @@ # Some OS might disable cloud-final service on boot (rhel 7). # Enable all cloud-init services on boot. -- name: Make sure all cloud init services are enabled +# Since cloud-init 24.3, cloud-init.service was renamed to cloud-init-network.service +# https://discourse.ubuntu.com/t/upstream-release-of-cloud-init-24-3/48004 +# (Single Process Optimization). Ubuntu 26.04+ ships with this change. +- name: Gather service facts to detect cloud-init service names + ansible.builtin.service_facts: + when: ansible_facts['os_family'] != "Flatcar" + +- name: Make sure all cloud init services are enabled (cloud-init >= 24.3) + ansible.builtin.service: + name: "{{ item }}" + enabled: true + with_items: + - cloud-final + - cloud-config + - cloud-init-network + - cloud-init-local + when: + - ansible_facts['os_family'] != "Flatcar" + - "'cloud-init-network.service' in ansible_facts.services" + +- name: Make sure all cloud init services are enabled (cloud-init < 24.3) ansible.builtin.service: name: "{{ item }}" enabled: true @@ -122,7 +142,9 @@ - cloud-config - cloud-init - cloud-init-local - when: ansible_facts['os_family'] != "Flatcar" + when: + - ansible_facts['os_family'] != "Flatcar" + - "'cloud-init-network.service' not in ansible_facts.services" - name: Create cloud-init config file ansible.builtin.copy: @@ -143,15 +165,6 @@ mode: "0644" when: ansible_facts['os_family'] == "Debian" -- name: Set cloudinit feature flags for redhat 8 - ansible.builtin.copy: - src: usr/lib/python3/site-packages/cloudinit/feature_overrides.py - dest: /usr/lib/python3.6/site-packages/cloudinit/feature_overrides.py - owner: root - group: root - mode: "0644" - when: ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution'] == "RedHat" and ansible_facts['distribution_major_version'] == "8" - - name: Set cloudinit feature flags for redhat 9 ansible.builtin.copy: src: usr/lib/python3/site-packages/cloudinit/feature_overrides.py diff --git a/images/capi/ansible/roles/providers/tasks/qemu.yml b/images/capi/ansible/roles/providers/tasks/qemu.yml index 173d64a16a..e3ce4b1501 100644 --- a/images/capi/ansible/roles/providers/tasks/qemu.yml +++ b/images/capi/ansible/roles/providers/tasks/qemu.yml @@ -40,7 +40,7 @@ name: hv-kvp-daemon state: stopped enabled: false - when: ansible_facts['os_family'] == "Debian" + when: ansible_facts['os_family'] == "Debian" and ansible_facts['architecture'] != "aarch64" - name: Create directory for DHCP chrony server files ansible.builtin.file: diff --git a/images/capi/ansible/roles/providers/tasks/vmware-photon.yml b/images/capi/ansible/roles/providers/tasks/vmware-photon.yml index 57ba6871a7..96b279adc9 100644 --- a/images/capi/ansible/roles/providers/tasks/vmware-photon.yml +++ b/images/capi/ansible/roles/providers/tasks/vmware-photon.yml @@ -13,6 +13,11 @@ # limitations under the License. --- +- name: Replace chkconfig with alternatives to satisfy iptables dependency + ansible.builtin.command: tdnf install -y alternatives --allowerasing + register: install_alternatives + changed_when: '"Nothing to do" not in install_alternatives.stderr' + - name: Install cloud-init and tools for VMware Photon OS ansible.builtin.command: tdnf install {{ packages }} -y vars: diff --git a/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml b/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml index 1757c6f5ca..419db14754 100644 --- a/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml +++ b/images/capi/ansible/roles/providers/tasks/vmware-redhat.yml @@ -30,23 +30,6 @@ ansible.builtin.set_fact: cloud_init_version: "{{ ansible_facts.packages['cloud-init'][0].version }}" -- name: Install python2 pip - ansible.builtin.dnf: - name: "{{ packages }}" - state: present - vars: - packages: - - python2-pip - when: ansible_facts['distribution_major_version']|int <= 8 - -# pip on CentOS needs to be upgraded, but since it's still -# Python 2.7, need < 21.0 -- name: Upgrade pip - ansible.builtin.pip: - name: pip<21.0 - state: forcereinstall - when: ansible_facts['distribution_major_version'] == '7' - # Directly installing Guestinfo datasource is needed so long as # cloud-init is < 21.3 - name: Directly install Guestinfo diff --git a/images/capi/ansible/roles/security/tasks/falco.yml b/images/capi/ansible/roles/security/tasks/falco.yml index b3c129b6e2..02f3c1e84c 100644 --- a/images/capi/ansible/roles/security/tasks/falco.yml +++ b/images/capi/ansible/roles/security/tasks/falco.yml @@ -17,14 +17,28 @@ - name: Install Falco on Debian based systems when: ansible_facts['os_family'] == "Debian" block: - - name: Add Falco package signing key - ansible.builtin.apt_key: + - name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + + - name: Download Falco package signing key (armored) + ansible.builtin.get_url: url: https://falco.org/repo/falcosecurity-packages.asc - state: present + dest: /etc/apt/keyrings/falcosecurity.asc + mode: "0644" + + - name: Dearmor Falco package signing key + ansible.builtin.shell: > + gpg --dearmor < /etc/apt/keyrings/falcosecurity.asc + > /etc/apt/keyrings/falcosecurity.gpg + args: + creates: /etc/apt/keyrings/falcosecurity.gpg - name: Add Falco apt repo ansible.builtin.apt_repository: - repo: deb https://download.falco.org/packages/deb stable main + repo: deb [signed-by=/etc/apt/keyrings/falcosecurity.gpg] https://download.falco.org/packages/deb stable main state: present filename: falcosecurity diff --git a/images/capi/ansible/roles/security/tasks/trivy.yml b/images/capi/ansible/roles/security/tasks/trivy.yml index 28ae28037e..6a077ddba0 100644 --- a/images/capi/ansible/roles/security/tasks/trivy.yml +++ b/images/capi/ansible/roles/security/tasks/trivy.yml @@ -17,14 +17,28 @@ - name: Install Trivy on Debian based systems when: ansible_facts['os_family'] == "Debian" block: - - name: Add Trivy package signing key - ansible.builtin.apt_key: + - name: Ensure /etc/apt/keyrings directory exists + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: "0755" + + - name: Download Trivy package signing key (armored) + ansible.builtin.get_url: url: https://aquasecurity.github.io/trivy-repo/deb/public.key - state: present + dest: /etc/apt/keyrings/trivy.asc + mode: "0644" + + - name: Dearmor Trivy package signing key + ansible.builtin.shell: > + gpg --dearmor < /etc/apt/keyrings/trivy.asc + > /etc/apt/keyrings/trivy.gpg + args: + creates: /etc/apt/keyrings/trivy.gpg - name: Add Trivy apt repo ansible.builtin.apt_repository: - repo: "deb https://aquasecurity.github.io/trivy-repo/deb {{ ansible_facts['distribution_release'] }} main" + repo: "deb [signed-by=/etc/apt/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb {{ ansible_facts['distribution_release'] }} main" state: present filename: trivy diff --git a/images/capi/ansible/roles/setup/tasks/debian.yml b/images/capi/ansible/roles/setup/tasks/debian.yml index f860fd09d4..8ae23482c0 100644 --- a/images/capi/ansible/roles/setup/tasks/debian.yml +++ b/images/capi/ansible/roles/setup/tasks/debian.yml @@ -59,7 +59,9 @@ paths: - /etc/apt - /etc/apt/sources.list.d - patterns: "*.list" + patterns: + - "*.list" + - "*.sources" register: repo_files when: disable_public_repos|bool diff --git a/images/capi/ansible/roles/setup/tasks/photon.yml b/images/capi/ansible/roles/setup/tasks/photon.yml index 095b01cc2b..f1f86b698d 100644 --- a/images/capi/ansible/roles/setup/tasks/photon.yml +++ b/images/capi/ansible/roles/setup/tasks/photon.yml @@ -36,6 +36,11 @@ changed_when: '"Nothing to do" not in distro.stderr' when: not disable_public_repos|default(false)|bool +- name: Replace chkconfig with alternatives to satisfy iptables dependency + ansible.builtin.command: tdnf install -y alternatives --allowerasing + register: install_alternatives + changed_when: '"Nothing to do" not in install_alternatives.stderr' + - name: Perform a tdnf distro-sync ansible.builtin.command: tdnf distro-sync -y --refresh register: distro diff --git a/images/capi/ansible/roles/setup/tasks/redhat.yml b/images/capi/ansible/roles/setup/tasks/redhat.yml index 6bf171aa2b..73ffecdeeb 100644 --- a/images/capi/ansible/roles/setup/tasks/redhat.yml +++ b/images/capi/ansible/roles/setup/tasks/redhat.yml @@ -59,6 +59,7 @@ name: "*" state: latest lock_timeout: 60 + exclude: "{{ 'lsvpd*' if ansible_facts['distribution_major_version'] | int == 10 else omit }}" - name: Install baseline dependencies ansible.builtin.dnf: diff --git a/images/capi/ansible/roles/sysprep/tasks/debian.yml b/images/capi/ansible/roles/sysprep/tasks/debian.yml index fd3c4163e6..8da81602cd 100644 --- a/images/capi/ansible/roles/sysprep/tasks/debian.yml +++ b/images/capi/ansible/roles/sysprep/tasks/debian.yml @@ -17,6 +17,28 @@ last_log_mode: "0664" machine_id_mode: "0644" +- name: Get installed packages + ansible.builtin.package_facts: + +- name: Disable apt-daily services + ansible.builtin.systemd: + name: "{{ item }}" + state: stopped + enabled: false + loop: + - apt-daily.timer + - apt-daily-upgrade.timer + +- name: Disable unattended upgrades if installed + ansible.builtin.systemd: + name: unattended-upgrades + state: stopped + enabled: false + when: "'unattended-upgrades' in ansible_facts.packages" + +# The apt-daily/unattended-upgrades services may still be running from before +# they were disabled above. Retry the apt-mark calls until the dpkg frontend +# lock is released to avoid a flaky race with concurrent apt activity. - name: Pin all installed packages with apt-mark ansible.builtin.shell: | set -o pipefail @@ -24,6 +46,10 @@ args: executable: /bin/bash + register: sysprep_apt_mark_hold + until: sysprep_apt_mark_hold.rc == 0 + retries: 30 + delay: 10 - name: Unpin grub packages with apt-mark for MaaS ansible.builtin.shell: | @@ -32,6 +58,10 @@ args: executable: /bin/bash + register: sysprep_apt_mark_unhold_grub + until: sysprep_apt_mark_unhold_grub.rc == 0 + retries: 30 + delay: 10 when: provider is defined and provider is search('maas') - name: Remove extra repos @@ -90,25 +120,6 @@ - { path: /var/lib/apt/lists, state: absent, mode: "0755" } - { path: /var/lib/apt/lists, state: directory, mode: "0755" } -- name: Disable apt-daily services - ansible.builtin.systemd: - name: "{{ item }}" - state: stopped - enabled: false - loop: - - apt-daily.timer - - apt-daily-upgrade.timer - -- name: Get installed packages - ansible.builtin.package_facts: - -- name: Disable unattended upgrades if installed - ansible.builtin.systemd: - name: unattended-upgrades - state: stopped - enabled: false - when: "'unattended-upgrades' in ansible_facts.packages" - - name: Reset network interface IDs ansible.builtin.file: state: absent diff --git a/images/capi/ansible/roles/sysprep/tasks/main.yml b/images/capi/ansible/roles/sysprep/tasks/main.yml index 1c7402a1a8..92ce7db64d 100644 --- a/images/capi/ansible/roles/sysprep/tasks/main.yml +++ b/images/capi/ansible/roles/sysprep/tasks/main.yml @@ -239,7 +239,6 @@ ansible.builtin.shell: cmd: | journalctl --rotate - when: not ( ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version']|int <= 7 ) - name: Remove archived journalctl logs ansible.builtin.shell: diff --git a/images/capi/ansible/roles/sysprep/tasks/redhat.yml b/images/capi/ansible/roles/sysprep/tasks/redhat.yml index 78ab8670c4..f7d038d560 100644 --- a/images/capi/ansible/roles/sysprep/tasks/redhat.yml +++ b/images/capi/ansible/roles/sysprep/tasks/redhat.yml @@ -72,7 +72,7 @@ ansible.builtin.shell: | set -o pipefail sed -i '/^\(HWADDR\|UUID\)=/d' /etc/sysconfig/network-scripts/ifcfg-* - when: packer_builder_type != "googlecompute" and ansible_facts['distribution_major_version']|int != 9 + when: packer_builder_type != "googlecompute" and ansible_facts['distribution_major_version']|int not in [9, 10] - name: Migrate interface configuration files to NetworkManager keyfiles ansible.builtin.command: nmcli connection migrate @@ -80,7 +80,7 @@ - name: Reset network interface IDs ansible.builtin.shell: sed -i '/^\(uuid\)=/d' /etc/NetworkManager/system-connections/*.nmconnection - when: packer_builder_type != "googlecompute" and ansible_facts['distribution_major_version']|int == 9 + when: packer_builder_type != "googlecompute" and ansible_facts['distribution_major_version']|int in [9, 10] - name: Remove the kickstart log ansible.builtin.file: diff --git a/images/capi/ansible/windows/roles/kubernetes/templates/StartKubelet.ps1 b/images/capi/ansible/windows/roles/kubernetes/templates/StartKubelet.ps1 index fbe93fa504..629c471d3b 100644 --- a/images/capi/ansible/windows/roles/kubernetes/templates/StartKubelet.ps1 +++ b/images/capi/ansible/windows/roles/kubernetes/templates/StartKubelet.ps1 @@ -13,18 +13,30 @@ # limitations under the License. # From https://github.com/kubernetes-sigs/sig-windows-tools/blob/master/kubeadm/scripts/PrepareNode.ps1 -$FileContent = Get-Content -Path "/var/lib/kubelet/kubeadm-flags.env" -$kubeAdmArgs = $FileContent.TrimStart('KUBELET_KUBEADM_ARGS=').Trim('"') +$FileContent = Get-Content -Path "/var/lib/kubelet/kubeadm-flags.env" -Raw +# Substring strip (not char-set) of the KUBELET_KUBEADM_ARGS="..." wrapper. +$kubeAdmArgs = ($FileContent -replace '(?s)^\s*KUBELET_KUBEADM_ARGS=("?)(.*?)\1\s*$', '$2').Trim() -$args = "--cert-dir=$env:SYSTEMDRIVE/var/lib/kubelet/pki", - "--config=$env:SYSTEMDRIVE/var/lib/kubelet/config.yaml", - "--bootstrap-kubeconfig=$env:SYSTEMDRIVE/etc/kubernetes/bootstrap-kubelet.conf", - "--kubeconfig=$env:SYSTEMDRIVE/etc/kubernetes/kubelet.conf", - "--hostname-override=$(hostname)", - "--enable-debugging-handlers", - "--cgroups-per-qos=false", - "--enforce-node-allocatable=`"`"", - "--resolv-conf=`"`"" +$argList = @( + "--cert-dir=$env:SYSTEMDRIVE/var/lib/kubelet/pki", + "--config=$env:SYSTEMDRIVE/var/lib/kubelet/config.yaml", + "--bootstrap-kubeconfig=$env:SYSTEMDRIVE/etc/kubernetes/bootstrap-kubelet.conf", + "--kubeconfig=$env:SYSTEMDRIVE/etc/kubernetes/kubelet.conf", + "--hostname-override=$(hostname)", + "--enable-debugging-handlers", + "--cgroups-per-qos=false", + '--enforce-node-allocatable=""', + '--resolv-conf=""' +) +if ($kubeAdmArgs) { + $argList += $kubeAdmArgs -split '\s+' +} -$kubeletCommandLine = "{{ kubernetes_install_path }}\kubelet.exe " + ($args -join " ") + " $kubeAdmArgs" -Invoke-Expression $kubeletCommandLine +# Log the resolved command line so failures are diagnosable from the kubelet log dir. +$kubeletExe = "{{ kubernetes_install_path }}\kubelet.exe" +$logDir = "$env:SYSTEMDRIVE\var\log\kubelet" +New-Item -ItemType Directory -Force -Path $logDir | Out-Null +"$(Get-Date -Format o) $kubeletExe $($argList -join ' ')" | Out-File -Append -FilePath "$logDir\start-kubelet.log" + +# Splat the args so PowerShell does not re-interpret values containing `=`, `:`, `$`, etc. +& $kubeletExe @argList diff --git a/images/capi/azure_targets.sh b/images/capi/azure_targets.sh index 2f03cbe7bc..b4aa531979 100644 --- a/images/capi/azure_targets.sh +++ b/images/capi/azure_targets.sh @@ -1,4 +1,3 @@ -VHD_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 windows-2022-containerd" -SIG_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 windows-2022-containerd windows-2025-containerd flatcar" -SIG_GEN2_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 flatcar" +SIG_TARGETS="ubuntu-2204 ubuntu-2404 ubuntu-2604 azurelinux-3 windows-2022-containerd windows-2025-containerd flatcar" +SIG_GEN2_TARGETS="ubuntu-2204 ubuntu-2404 ubuntu-2604 azurelinux-3 flatcar" SIG_CVM_TARGETS="ubuntu-2204 ubuntu-2404 windows-2022-containerd" diff --git a/images/capi/hack/image-grok-latest-flatcar-version.sh b/images/capi/hack/image-grok-latest-flatcar-version.sh index 2658949cf9..3fc8b5feda 100755 --- a/images/capi/hack/image-grok-latest-flatcar-version.sh +++ b/images/capi/hack/image-grok-latest-flatcar-version.sh @@ -5,8 +5,6 @@ channel="$1" curl -L -s \ - "https://www.flatcar.org/releases-json/releases-$channel.json" \ - | jq -r 'to_entries[] | "\(.key)"' \ - | grep -v "current" \ - | sort --version-sort \ - | tail -n1 + "https://$channel.release.flatcar-linux.net/amd64-usr/current/version.txt" \ + | grep '^FLATCAR_VERSION=' \ + | cut -d= -f2 diff --git a/images/capi/hack/utils.sh b/images/capi/hack/utils.sh index 090133cf9f..d5bd4418fa 100755 --- a/images/capi/hack/utils.sh +++ b/images/capi/hack/utils.sh @@ -15,7 +15,7 @@ # limitations under the License. # Note: ansible-core v2.18 supports Python 3.11-3.13. -_version_ansible_core="2.18.15" +_version_ansible_core="2.18.16" case "${OSTYPE}" in linux*) diff --git a/images/capi/packer/ami/amazon-2023-arm64.json b/images/capi/packer/ami/amazon-2023-arm64.json new file mode 100644 index 0000000000..8ecb4de583 --- /dev/null +++ b/images/capi/packer/ami/amazon-2023-arm64.json @@ -0,0 +1,19 @@ +{ + "amazon_ssm_agent_rpm": "https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm", + "ami_filter_arch": "arm64", + "ami_filter_name": "al2023-ami-minimal-2023.*-kernel-6.1*", + "ami_filter_owners": "amazon", + "arch": "arm64", + "build_name": "amazon-2023-arm64", + "builder_instance_type": "t4g.small", + "distribution": "Amazon Linux", + "distribution_release": "Amazon Linux 2023", + "distribution_version": "2023", + "distro_version": "2023", + "epel_rpm_gpg_key": "", + "goss_arch": "arm64", + "redhat_epel_rpm": "", + "root_device_name": "/dev/xvda", + "source_ami": "", + "ssh_username": "ec2-user" +} diff --git a/images/capi/packer/ami/packer.json b/images/capi/packer/ami/packer.json index 1ca76fe352..4d3507497e 100644 --- a/images/capi/packer/ami/packer.json +++ b/images/capi/packer/ami/packer.json @@ -71,6 +71,7 @@ "post-processors": [ { "custom_data": { + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_version": "{{user `containerd_version`}}", @@ -125,10 +126,11 @@ "use_sudo": true, "vars_file": "{{user `goss_vars_file`}}", "vars_inline": { - "ARCH": "amd64", + "ARCH": "{{user `arch`}}", "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "amazon", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -163,6 +165,7 @@ "aws_session_token": "", "build_timestamp": "{{timestamp}}", "builder_instance_type": "t3.small", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/ami/ubuntu-2204-arm64.json b/images/capi/packer/ami/ubuntu-2204-arm64.json new file mode 100644 index 0000000000..e58a0c5a5f --- /dev/null +++ b/images/capi/packer/ami/ubuntu-2204-arm64.json @@ -0,0 +1,18 @@ +{ + "ami_filter_arch": "arm64", + "ami_filter_name": "ubuntu/images/*ubuntu-jammy-22.04-arm64-server-*", + "ami_filter_owners": "099720109477", + "ansible_extra_vars": "", + "arch": "arm64", + "build_name": "ubuntu-22.04-arm64", + "builder_instance_type": "t4g.small", + "distribution": "Ubuntu", + "distribution_release": "jammy", + "distribution_version": "22.04", + "goss_arch": "arm64", + "root_device_name": "/dev/sda1", + "source_ami": "", + "ssh_username": "ubuntu", + "ubuntu_repo": "http://ports.ubuntu.com/ubuntu-ports", + "ubuntu_security_repo": "http://ports.ubuntu.com/ubuntu-ports" +} diff --git a/images/capi/packer/ami/ubuntu-2404-arm64.json b/images/capi/packer/ami/ubuntu-2404-arm64.json new file mode 100644 index 0000000000..adbbe07e8c --- /dev/null +++ b/images/capi/packer/ami/ubuntu-2404-arm64.json @@ -0,0 +1,18 @@ +{ + "ami_filter_arch": "arm64", + "ami_filter_name": "ubuntu/images/*ubuntu-noble-24.04-arm64-server-*", + "ami_filter_owners": "099720109477", + "ansible_extra_vars": "", + "arch": "arm64", + "build_name": "ubuntu-24.04-arm64", + "builder_instance_type": "t4g.small", + "distribution": "Ubuntu", + "distribution_release": "noble", + "distribution_version": "24.04", + "goss_arch": "arm64", + "root_device_name": "/dev/sda1", + "source_ami": "", + "ssh_username": "ubuntu", + "ubuntu_repo": "http://ports.ubuntu.com/ubuntu-ports", + "ubuntu_security_repo": "http://ports.ubuntu.com/ubuntu-ports" +} diff --git a/images/capi/packer/ami/ubuntu-2604.json b/images/capi/packer/ami/ubuntu-2604.json new file mode 100644 index 0000000000..2879798599 --- /dev/null +++ b/images/capi/packer/ami/ubuntu-2604.json @@ -0,0 +1,14 @@ +{ + "ami_filter_arch": "x86_64", + "ami_filter_name": "ubuntu/images/*ubuntu-resolute-26.04-amd64-server-*", + "ami_filter_owners": "099720109477", + "ansible_extra_vars": "", + "arch": "amd64", + "build_name": "ubuntu-26.04", + "distribution": "Ubuntu", + "distribution_release": "resolute", + "distribution_version": "26.04", + "root_device_name": "/dev/sda1", + "source_ami": "", + "ssh_username": "ubuntu" +} diff --git a/images/capi/packer/azure/azure-vhd.json b/images/capi/packer/azure/azure-vhd.json deleted file mode 100644 index 20296cb2cc..0000000000 --- a/images/capi/packer/azure/azure-vhd.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "capture_container_name": "cluster-api-vhds", - "resource_group_name": "{{env `RESOURCE_GROUP_NAME`}}", - "storage_account_name": "{{env `STORAGE_ACCOUNT_NAME`}}" -} diff --git a/images/capi/packer/azure/packer-windows.json b/images/capi/packer/azure/packer-windows.json index 2acc35d04c..f48218af3c 100644 --- a/images/capi/packer/azure/packer-windows.json +++ b/images/capi/packer/azure/packer-windows.json @@ -1,42 +1,5 @@ { "builders": [ - { - "azure_tags": { - "build_date": "{{isotime}}", - "build_timestamp": "{{user `build_timestamp`}}", - "creationTimestamp": "{{isotime \"2006-01-02T15:04:05Z\"}}", - "image_builder_version": "{{user `ib_version`}}", - "kubernetes_version": "{{user `kubernetes_semver`}}", - "os_version": "{{user `image_sku`}}" - }, - "capture_container_name": "{{user `capture_container_name`}}", - "capture_name_prefix": "capi-{{user `build_timestamp`}}", - "client_id": "{{user `client_id`}}", - "client_secret": "{{user `client_secret`}}", - "communicator": "winrm", - "image_offer": "{{user `image_offer` }}", - "image_publisher": "{{user `image_publisher` }}", - "image_sku": "{{user `image_sku`}}", - "image_version": "{{user `image_version`}}", - "location": "{{user `azure_location`}}", - "name": "vhd-{{user `build_name`}}", - "os_disk_size_gb": "{{user `os_disk_size_gb`}}", - "os_type": "Windows", - "private_virtual_network_with_public_ip": "{{user `private_virtual_network_with_public_ip`}}", - "resource_group_name": "{{user `resource_group_name`}}", - "storage_account": "{{user `storage_account_name`}}", - "subscription_id": "{{user `subscription_id`}}", - "type": "azure-arm", - "use_azure_cli_auth": "{{user `use_azure_cli_auth`}}", - "virtual_network_name": "{{user `virtual_network_name`}}", - "virtual_network_resource_group_name": "{{user `virtual_network_resource_group_name`}}", - "virtual_network_subnet_name": "{{user `virtual_network_subnet_name`}}", - "vm_size": "{{user `vm_size`}}", - "winrm_insecure": true, - "winrm_timeout": "10m", - "winrm_use_ssl": true, - "winrm_username": "packer" - }, { "azure_tags": { "build_date": "{{isotime}}", @@ -109,8 +72,7 @@ "kubernetes_semver": "{{user `kubernetes_semver`}}", "kubernetes_source_type": "{{user `kubernetes_source_type`}}", "os_name": "{{user `distro_name`}}", - "resource_group_name": "{{user `resource_group_name`}}", - "storage_account_name": "{{user `storage_account_name`}}" + "resource_group_name": "{{user `resource_group_name`}}" }, "output": "{{user `manifest_output`}}", "strip_path": true, diff --git a/images/capi/packer/azure/packer.json b/images/capi/packer/azure/packer.json index 84c55d70b8..386e8cc612 100644 --- a/images/capi/packer/azure/packer.json +++ b/images/capi/packer/azure/packer.json @@ -1,41 +1,5 @@ { "builders": [ - { - "azure_tags": { - "build_date": "{{isotime}}", - "build_timestamp": "{{user `build_timestamp`}}", - "creationTimestamp": "{{isotime \"2006-01-02T15:04:05Z\"}}", - "distribution": "{{user `distribution`}}", - "distribution_release": "{{user `distribution_release`}}", - "distribution_version": "{{user `distribution_version`}}", - "image_builder_version": "{{user `ib_version`}}", - "kubernetes_version": "{{user `kubernetes_semver`}}" - }, - "capture_container_name": "{{user `capture_container_name`}}", - "capture_name_prefix": "capi-{{user `build_timestamp`}}", - "client_id": "{{user `client_id`}}", - "client_secret": "{{user `client_secret`}}", - "cloud_environment_name": "{{user `cloud_environment_name`}}", - "image_offer": "{{user `image_offer` }}", - "image_publisher": "{{user `image_publisher` }}", - "image_sku": "{{user `image_sku`}}", - "image_version": "{{user `image_version`}}", - "location": "{{user `azure_location`}}", - "name": "vhd-{{user `build_name`}}", - "os_disk_size_gb": "{{user `os_disk_size_gb`}}", - "os_type": "Linux", - "private_virtual_network_with_public_ip": "{{user `private_virtual_network_with_public_ip`}}", - "resource_group_name": "{{user `resource_group_name`}}", - "ssh_username": "packer", - "storage_account": "{{user `storage_account_name`}}", - "subscription_id": "{{user `subscription_id`}}", - "type": "azure-arm", - "use_azure_cli_auth": "{{user `use_azure_cli_auth`}}", - "virtual_network_name": "{{user `virtual_network_name`}}", - "virtual_network_resource_group_name": "{{user `virtual_network_resource_group_name`}}", - "virtual_network_subnet_name": "{{user `virtual_network_subnet_name`}}", - "vm_size": "{{user `vm_size`}}" - }, { "azure_tags": { "build_date": "{{isotime}}", @@ -104,6 +68,7 @@ "build_name": "{{user `build_name`}}", "build_timestamp": "{{user `build_timestamp`}}", "build_type": "node", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_version": "{{user `containerd_version`}}", @@ -111,8 +76,7 @@ "kubernetes_semver": "{{user `kubernetes_semver`}}", "kubernetes_source_type": "{{user `kubernetes_source_type`}}", "os_name": "{{user `distro_name`}}", - "resource_group_name": "{{user `resource_group_name`}}", - "storage_account_name": "{{user `storage_account_name`}}" + "resource_group_name": "{{user `resource_group_name`}}" }, "output": "{{user `manifest_output`}}", "strip_path": true, @@ -178,6 +142,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "azure", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -220,6 +185,7 @@ "client_secret": null, "cloud_environment_name": "public", "community_gallery_image_id": "", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/azure/scripts/init-sig.sh b/images/capi/packer/azure/scripts/init-sig.sh index 4fde65c3d7..c62430ee05 100755 --- a/images/capi/packer/azure/scripts/init-sig.sh +++ b/images/capi/packer/azure/scripts/init-sig.sh @@ -81,6 +81,9 @@ case ${SIG_TARGET} in ubuntu-2404) create_image_definition ${SIG_TARGET} "24_04-lts" "V1" "Linux" ;; + ubuntu-2604) + create_image_definition ${SIG_TARGET} "26_04-lts" "V1" "Linux" + ;; azurelinux-3) create_image_definition ${SIG_TARGET} "azurelinux-3" "V1" "Linux" ;; @@ -120,6 +123,12 @@ case ${SIG_TARGET} in ubuntu-2404-cvm) create_image_definition ${SIG_TARGET} "24_04-lts-cvm" "V2" "Linux" ${SECURITY_TYPE_CVM_SUPPORTED_FEATURE} ;; + ubuntu-2604-gen2) + create_image_definition ${SIG_TARGET} "26_04-lts-gen2" "V2" "Linux" + ;; + ubuntu-2604-cvm) + create_image_definition ${SIG_TARGET} "26_04-lts-cvm" "V2" "Linux" ${SECURITY_TYPE_CVM_SUPPORTED_FEATURE} + ;; azurelinux-3-gen2) create_image_definition ${SIG_TARGET} "azurelinux-3-gen2" "V2" "Linux" ;; diff --git a/images/capi/packer/azure/scripts/init-vhd.sh b/images/capi/packer/azure/scripts/init-vhd.sh deleted file mode 100755 index a88c17b896..0000000000 --- a/images/capi/packer/azure/scripts/init-vhd.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -[[ -n ${DEBUG:-} ]] && set -o xtrace - -echo "Sign into Azure" -tracestate="$(shopt -po xtrace)" -set +o xtrace - -if [[ -n "${AZURE_FEDERATED_TOKEN_FILE:-}" ]]; then - az login --service-principal -u "${AZURE_CLIENT_ID}" -t "${AZURE_TENANT_ID}" --federated-token "$(cat "${AZURE_FEDERATED_TOKEN_FILE}")" > /dev/null 2>&1 - export AZURE_STORAGE_AUTH_MODE="login" # Use auth mode "login" in az storage commands. -else - az login --service-principal -u "${AZURE_CLIENT_ID}" -t "${AZURE_TENANT_ID}" -p ${AZURE_CLIENT_SECRET} >/dev/null 2>&1 -fi -az account set -s ${AZURE_SUBSCRIPTION_ID} >/dev/null 2>&1 -eval "$tracestate" - -echo "Create storage account" -export RESOURCE_GROUP_NAME="${RESOURCE_GROUP_NAME:-cluster-api-images}" -export AZURE_LOCATION="${AZURE_LOCATION:-northcentralus}" -if ! az group show -n ${RESOURCE_GROUP_NAME} -o none 2>/dev/null; then - az group create -n ${RESOURCE_GROUP_NAME} -l ${AZURE_LOCATION} --tags ${TAGS:-} -fi -CREATE_TIME="$(date +%s)" -RANDOM_SUFFIX="$(head /dev/urandom | LC_ALL=C tr -dc a-z | head -c 4 ; echo '')" -get_random_region() { - local REGIONS=("canadacentral" "eastus" "eastus2" "northeurope" "uksouth" "westeurope" "westus2" "westus3") - echo "${REGIONS[${RANDOM} % ${#REGIONS[@]}]}" -} -RANDOMIZE_STORAGE_ACCOUNT="${RANDOMIZE_STORAGE_ACCOUNT:-"false"}" -if [ "$RANDOMIZE_STORAGE_ACCOUNT" == "true" ]; then - export AZURE_LOCATION="$(get_random_region)" -fi -export STORAGE_ACCOUNT_NAME="${STORAGE_ACCOUNT_NAME:-capi${CREATE_TIME}${RANDOM_SUFFIX}}" -az storage account check-name --name ${STORAGE_ACCOUNT_NAME} -az storage account create -n ${STORAGE_ACCOUNT_NAME} -g ${RESOURCE_GROUP_NAME} -l ${AZURE_LOCATION} --allow-blob-public-access false - -echo "done" diff --git a/images/capi/packer/azure/ubuntu-2604-cvm.json b/images/capi/packer/azure/ubuntu-2604-cvm.json new file mode 100644 index 0000000000..361fca37ea --- /dev/null +++ b/images/capi/packer/azure/ubuntu-2604-cvm.json @@ -0,0 +1,9 @@ +{ + "build_name": "ubuntu-2604-cvm", + "distribution": "ubuntu", + "distribution_release": "resolute", + "distribution_version": "2604", + "image_offer": "ubuntu-26_04-lts", + "image_publisher": "Canonical", + "image_sku": "cvm" +} diff --git a/images/capi/packer/azure/ubuntu-2604-gen2.json b/images/capi/packer/azure/ubuntu-2604-gen2.json new file mode 100644 index 0000000000..da9d695f1c --- /dev/null +++ b/images/capi/packer/azure/ubuntu-2604-gen2.json @@ -0,0 +1,9 @@ +{ + "build_name": "ubuntu-2604-gen2", + "distribution": "ubuntu", + "distribution_release": "resolute", + "distribution_version": "2604", + "image_offer": "ubuntu-26_04-lts", + "image_publisher": "Canonical", + "image_sku": "server" +} diff --git a/images/capi/packer/azure/ubuntu-2604.json b/images/capi/packer/azure/ubuntu-2604.json new file mode 100644 index 0000000000..722be40b59 --- /dev/null +++ b/images/capi/packer/azure/ubuntu-2604.json @@ -0,0 +1,9 @@ +{ + "build_name": "ubuntu-2604", + "distribution": "ubuntu", + "distribution_release": "resolute", + "distribution_version": "2604", + "image_offer": "ubuntu-26_04-lts", + "image_publisher": "Canonical", + "image_sku": "server-gen1" +} diff --git a/images/capi/packer/azure/windows-2019-containerd-cvm.json b/images/capi/packer/azure/windows-2019-containerd-cvm.json index add3275f06..53dd3a834d 100644 --- a/images/capi/packer/azure/windows-2019-containerd-cvm.json +++ b/images/capi/packer/azure/windows-2019-containerd-cvm.json @@ -4,9 +4,9 @@ "build_name": "windows-2019-containerd-cvm", "distribution": "windows", "distribution_version": "2019", - "image_offer": "windows-cvm", + "image_offer": "WindowsServer", "image_publisher": "MicrosoftWindowsServer", - "image_sku": "2019-datacenter-cvm", + "image_sku": "2019-datacenter-gensecond", "image_version": "latest", "load_additional_components": "false", "runtime": "containerd", diff --git a/images/capi/packer/azure/windows-2022-containerd-cvm.json b/images/capi/packer/azure/windows-2022-containerd-cvm.json index 6e770db638..1d545ab830 100644 --- a/images/capi/packer/azure/windows-2022-containerd-cvm.json +++ b/images/capi/packer/azure/windows-2022-containerd-cvm.json @@ -4,9 +4,9 @@ "build_name": "windows-2022-containerd-cvm", "distribution": "windows", "distribution_version": "2022", - "image_offer": "windows-cvm", + "image_offer": "windowsserver2022", "image_publisher": "MicrosoftWindowsServer", - "image_sku": "2022-datacenter-cvm", + "image_sku": "2022-datacenter-g2", "image_version": "latest", "load_additional_components": "false", "runtime": "containerd", diff --git a/images/capi/packer/azure/windows-2022-containerd.json b/images/capi/packer/azure/windows-2022-containerd.json index a0404974d2..6b67335876 100644 --- a/images/capi/packer/azure/windows-2022-containerd.json +++ b/images/capi/packer/azure/windows-2022-containerd.json @@ -4,7 +4,7 @@ "build_name": "windows-2022-containerd", "distribution": "windows", "distribution_version": "2022", - "image_offer": "WindowsServer", + "image_offer": "windowsserver2022", "image_publisher": "MicrosoftWindowsServer", "image_sku": "2022-Datacenter-Core-smalldisk", "image_version": "latest", diff --git a/images/capi/packer/config/ansible-args.json b/images/capi/packer/config/ansible-args.json index b4f74f877f..a875a0ad47 100644 --- a/images/capi/packer/config/ansible-args.json +++ b/images/capi/packer/config/ansible-args.json @@ -1,5 +1,5 @@ { "ansible_common_ssh_args": "-o IdentitiesOnly=yes", - "ansible_common_vars": "containerd_gvisor_runtime={{user `containerd_gvisor_runtime`}} containerd_gvisor_version={{user `containerd_gvisor_version`}} containerd_sha256={{user `containerd_sha256`}} pause_image={{user `pause_image`}} containerd_additional_settings={{user `containerd_additional_settings`}} containerd_cri_socket={{user `containerd_cri_socket`}} containerd_version={{user `containerd_version`}} containerd_image_pull_progress_timeout={{user `containerd_image_pull_progress_timeout`}} containerd_wasm_shims_url={{user `containerd_wasm_shims_url`}} containerd_wasm_shims_version={{user `containerd_wasm_shims_version`}} containerd_wasm_shims_sha256={{user `containerd_wasm_shims_sha256`}} containerd_wasm_shims_runtimes=\"{{user `containerd_wasm_shims_runtimes`}}\" containerd_wasm_shims_runtime_versions=\"{{user `containerd_wasm_shims_runtime_versions`}}\" crictl_version={{user `crictl_version`}} custom_role_names=\"{{user `custom_role_names`}}\" firstboot_custom_roles_pre=\"{{user `firstboot_custom_roles_pre`}}\" firstboot_custom_roles_post=\"{{user `firstboot_custom_roles_post`}}\" node_custom_roles_pre=\"{{user `node_custom_roles_pre`}}\" node_custom_roles_post=\"{{user `node_custom_roles_post`}}\" node_custom_roles_post_sysprep=\"{{user `node_custom_roles_post_sysprep`}}\" disable_public_repos={{user `disable_public_repos`}} extra_debs=\"{{user `extra_debs`}}\" extra_kernel_boot_params=\"{{user `extra_kernel_boot_params`}}\" extra_repos=\"{{user `extra_repos`}}\" extra_rpms=\"{{user `extra_rpms`}}\" http_proxy={{user `http_proxy`}} https_proxy={{user `https_proxy`}} kubeadm_template={{user `kubeadm_template`}} kubernetes_apiserver_port={{user `kubernetes_apiserver_port`}} kubernetes_cni_http_source={{user `kubernetes_cni_http_source`}} kubernetes_http_source={{user `kubernetes_http_source`}} kubernetes_container_registry={{user `kubernetes_container_registry`}} kubernetes_rpm_repo={{user `kubernetes_rpm_repo`}} kubernetes_rpm_gpg_key={{user `kubernetes_rpm_gpg_key`}} kubernetes_rpm_gpg_check={{user `kubernetes_rpm_gpg_check`}} kubernetes_deb_repo={{user `kubernetes_deb_repo`}} kubernetes_deb_gpg_key={{user `kubernetes_deb_gpg_key`}} kubernetes_cni_deb_version={{user `kubernetes_cni_deb_version`}} kubernetes_cni_rpm_version={{user `kubernetes_cni_rpm_version`}} kubernetes_cni_semver={{user `kubernetes_cni_semver`}} kubernetes_cni_source_type={{user `kubernetes_cni_source_type`}} kubernetes_semver={{user `kubernetes_semver`}} kubernetes_source_type={{user `kubernetes_source_type`}} kubernetes_load_additional_imgs={{user `kubernetes_load_additional_imgs`}} kubernetes_deb_version={{user `kubernetes_deb_version`}} kubernetes_rpm_version={{user `kubernetes_rpm_version`}} no_proxy={{user `no_proxy`}} pip_conf_file={{user `pip_conf_file`}} python_path={{user `python_path`}} redhat_epel_rpm={{user `redhat_epel_rpm`}} epel_rpm_gpg_key={{user `epel_rpm_gpg_key`}} reenable_public_repos={{user `reenable_public_repos`}} remove_extra_repos={{user `remove_extra_repos`}} systemd_prefix={{user `systemd_prefix`}} sysusr_prefix={{user `sysusr_prefix`}} sysusrlocal_prefix={{user `sysusrlocal_prefix`}} load_additional_components={{ user `load_additional_components`}} additional_registry_images={{ user `additional_registry_images`}} additional_registry_images_list={{ user `additional_registry_images_list`}} ecr_credential_provider={{ user `ecr_credential_provider` }} additional_url_images={{ user `additional_url_images`}} additional_url_images_list={{ user `additional_url_images_list`}} additional_executables={{ user `additional_executables`}} additional_executables_list={{ user `additional_executables_list`}} additional_executables_destination_path={{ user `additional_executables_destination_path`}} additional_s3={{ user `additional_s3`}} build_target={{ user `build_target`}} amazon_ssm_agent_rpm={{ user `amazon_ssm_agent_rpm` }} enable_containerd_audit={{ user `enable_containerd_audit` }} kubernetes_enable_automatic_resource_sizing={{ user `kubernetes_enable_automatic_resource_sizing` }} debug_tools={{user `debug_tools`}} ubuntu_repo={{user `ubuntu_repo`}} ubuntu_security_repo={{user `ubuntu_security_repo`}} gpu_block_nouveau_loading={{user `block_nouveau_loading`}} runc_version={{user `runc_version`}} containerd_service_url={{user `containerd_service_url`}} netplan_removal_excludes=\"{{user `netplan_removal_excludes`}}\"", + "ansible_common_vars": "containerd_gvisor_runtime={{user `containerd_gvisor_runtime`}} containerd_gvisor_version={{user `containerd_gvisor_version`}} containerd_sha256={{user `containerd_sha256`}} pause_image={{user `pause_image`}} containerd_additional_settings={{user `containerd_additional_settings`}} containerd_cri_socket={{user `containerd_cri_socket`}} containerd_version={{user `containerd_version`}} containerd_image_pull_progress_timeout={{user `containerd_image_pull_progress_timeout`}} containerd_enable_limit_no_file={{user `containerd_enable_limit_no_file`}} containerd_wasm_shims_url={{user `containerd_wasm_shims_url`}} containerd_wasm_shims_version={{user `containerd_wasm_shims_version`}} containerd_wasm_shims_sha256={{user `containerd_wasm_shims_sha256`}} containerd_wasm_shims_runtimes=\"{{user `containerd_wasm_shims_runtimes`}}\" containerd_wasm_shims_runtime_versions=\"{{user `containerd_wasm_shims_runtime_versions`}}\" crictl_version={{user `crictl_version`}} custom_role_names=\"{{user `custom_role_names`}}\" firstboot_custom_roles_pre=\"{{user `firstboot_custom_roles_pre`}}\" firstboot_custom_roles_post=\"{{user `firstboot_custom_roles_post`}}\" node_custom_roles_pre=\"{{user `node_custom_roles_pre`}}\" node_custom_roles_post=\"{{user `node_custom_roles_post`}}\" node_custom_roles_post_sysprep=\"{{user `node_custom_roles_post_sysprep`}}\" disable_public_repos={{user `disable_public_repos`}} extra_debs=\"{{user `extra_debs`}}\" extra_kernel_boot_params=\"{{user `extra_kernel_boot_params`}}\" extra_repos=\"{{user `extra_repos`}}\" extra_rpms=\"{{user `extra_rpms`}}\" http_proxy={{user `http_proxy`}} https_proxy={{user `https_proxy`}} kubeadm_template={{user `kubeadm_template`}} kubernetes_apiserver_port={{user `kubernetes_apiserver_port`}} kubernetes_cni_http_source={{user `kubernetes_cni_http_source`}} kubernetes_http_source={{user `kubernetes_http_source`}} kubernetes_container_registry={{user `kubernetes_container_registry`}} kubernetes_rpm_repo={{user `kubernetes_rpm_repo`}} kubernetes_rpm_gpg_key={{user `kubernetes_rpm_gpg_key`}} kubernetes_rpm_gpg_check={{user `kubernetes_rpm_gpg_check`}} kubernetes_deb_repo={{user `kubernetes_deb_repo`}} kubernetes_deb_gpg_key={{user `kubernetes_deb_gpg_key`}} kubernetes_cni_deb_version={{user `kubernetes_cni_deb_version`}} kubernetes_cni_rpm_version={{user `kubernetes_cni_rpm_version`}} kubernetes_cni_semver={{user `kubernetes_cni_semver`}} kubernetes_cni_source_type={{user `kubernetes_cni_source_type`}} kubernetes_semver={{user `kubernetes_semver`}} kubernetes_source_type={{user `kubernetes_source_type`}} kubernetes_load_additional_imgs={{user `kubernetes_load_additional_imgs`}} kubernetes_deb_version={{user `kubernetes_deb_version`}} kubernetes_rpm_version={{user `kubernetes_rpm_version`}} no_proxy={{user `no_proxy`}} pip_conf_file={{user `pip_conf_file`}} python_path={{user `python_path`}} redhat_epel_rpm={{user `redhat_epel_rpm`}} epel_rpm_gpg_key={{user `epel_rpm_gpg_key`}} reenable_public_repos={{user `reenable_public_repos`}} remove_extra_repos={{user `remove_extra_repos`}} systemd_prefix={{user `systemd_prefix`}} sysusr_prefix={{user `sysusr_prefix`}} sysusrlocal_prefix={{user `sysusrlocal_prefix`}} load_additional_components={{ user `load_additional_components`}} additional_registry_images={{ user `additional_registry_images`}} additional_registry_images_list={{ user `additional_registry_images_list`}} ecr_credential_provider={{ user `ecr_credential_provider` }} additional_url_images={{ user `additional_url_images`}} additional_url_images_list={{ user `additional_url_images_list`}} additional_executables={{ user `additional_executables`}} additional_executables_list={{ user `additional_executables_list`}} additional_executables_destination_path={{ user `additional_executables_destination_path`}} additional_s3={{ user `additional_s3`}} build_target={{ user `build_target`}} amazon_ssm_agent_rpm={{ user `amazon_ssm_agent_rpm` }} enable_containerd_audit={{ user `enable_containerd_audit` }} kubernetes_enable_automatic_resource_sizing={{ user `kubernetes_enable_automatic_resource_sizing` }} debug_tools={{user `debug_tools`}} ubuntu_repo={{user `ubuntu_repo`}} ubuntu_security_repo={{user `ubuntu_security_repo`}} gpu_block_nouveau_loading={{user `block_nouveau_loading`}} runc_version={{user `runc_version`}} containerd_service_url={{user `containerd_service_url`}} netplan_removal_excludes=\"{{user `netplan_removal_excludes`}}\"", "ansible_scp_extra_args": "{{env `ANSIBLE_SCP_EXTRA_ARGS`}}" } diff --git a/images/capi/packer/config/containerd.json b/images/capi/packer/config/containerd.json index 08b1d789da..45bd91215e 100644 --- a/images/capi/packer/config/containerd.json +++ b/images/capi/packer/config/containerd.json @@ -1,9 +1,10 @@ { "containerd_additional_settings": null, "containerd_cri_socket": "/var/run/containerd/containerd.sock", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, - "containerd_version": "2.2.2", - "runc_version": "1.3.4" + "containerd_version": "2.3.1", + "runc_version": "1.4.2" } diff --git a/images/capi/packer/config/ppc64le/containerd.json b/images/capi/packer/config/ppc64le/containerd.json index 78d4944db8..e68bb89172 100644 --- a/images/capi/packer/config/ppc64le/containerd.json +++ b/images/capi/packer/config/ppc64le/containerd.json @@ -1,5 +1,5 @@ { "containerd_image_pull_progress_timeout": null, - "containerd_sha256": "8f7a8190f2a635cd0e5580a131408a275ba277f7a04edffba4a4005960093987", - "containerd_version": "2.2.2" + "containerd_sha256": "cb5bcdb38c79fb78dc7b4e7c02d0c0e41b486446f646a49ed7e6c35c077d8d33", + "containerd_version": "2.3.1" } diff --git a/images/capi/packer/digitalocean/packer.json b/images/capi/packer/digitalocean/packer.json index 35750d72ea..2ab3b84ac8 100644 --- a/images/capi/packer/digitalocean/packer.json +++ b/images/capi/packer/digitalocean/packer.json @@ -43,6 +43,7 @@ "ansible_extra_vars": "", "ansible_scp_extra_args": "", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/digitalocean/ubuntu-2604.json b/images/capi/packer/digitalocean/ubuntu-2604.json new file mode 100644 index 0000000000..d34086e735 --- /dev/null +++ b/images/capi/packer/digitalocean/ubuntu-2604.json @@ -0,0 +1,5 @@ +{ + "build_name": "ubuntu-2604", + "snapshot_name_suffix": "on Ubuntu 26.04", + "source_image": "ubuntu-26-04-x64" +} diff --git a/images/capi/packer/gce/ci/nightly/overwrite-1-34.json b/images/capi/packer/gce/ci/nightly/overwrite-1-34.json index 8a36fb79e5..cdb14d1157 100644 --- a/images/capi/packer/gce/ci/nightly/overwrite-1-34.json +++ b/images/capi/packer/gce/ci/nightly/overwrite-1-34.json @@ -1,8 +1,8 @@ { "build_timestamp": "nightly", - "kubernetes_deb_version": "1.34.3-1.1", - "kubernetes_rpm_version": "1.34.3", - "kubernetes_semver": "v1.34.3", + "kubernetes_deb_version": "1.34.8-1.1", + "kubernetes_rpm_version": "1.34.8", + "kubernetes_semver": "v1.34.8", "kubernetes_series": "v1.34", "service_account_email": "gcb-builder-cluster-api-gcp@k8s-staging-cluster-api-gcp.iam.gserviceaccount.com" } diff --git a/images/capi/packer/gce/ci/nightly/overwrite-1-35.json b/images/capi/packer/gce/ci/nightly/overwrite-1-35.json index 801e4116f1..bdba85ed41 100644 --- a/images/capi/packer/gce/ci/nightly/overwrite-1-35.json +++ b/images/capi/packer/gce/ci/nightly/overwrite-1-35.json @@ -1,8 +1,8 @@ { "build_timestamp": "nightly", - "kubernetes_deb_version": "1.35.0-1.1", - "kubernetes_rpm_version": "1.35.0", - "kubernetes_semver": "v1.35.0", + "kubernetes_deb_version": "1.35.5-1.1", + "kubernetes_rpm_version": "1.35.5", + "kubernetes_semver": "v1.35.5", "kubernetes_series": "v1.35", "service_account_email": "gcb-builder-cluster-api-gcp@k8s-staging-cluster-api-gcp.iam.gserviceaccount.com" } diff --git a/images/capi/packer/gce/packer.json b/images/capi/packer/gce/packer.json index 498e57e580..5347ea49a3 100644 --- a/images/capi/packer/gce/packer.json +++ b/images/capi/packer/gce/packer.json @@ -65,6 +65,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "gcp", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -86,6 +87,7 @@ "ansible_extra_vars": "", "ansible_scp_extra_args": "", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/gce/ubuntu-2604.json b/images/capi/packer/gce/ubuntu-2604.json new file mode 100644 index 0000000000..41fad01b89 --- /dev/null +++ b/images/capi/packer/gce/ubuntu-2604.json @@ -0,0 +1,9 @@ +{ + "build_name": "ubuntu-2604", + "distribution": "ubuntu", + "distribution_release": "resolute", + "distribution_version": "2604", + "source_image_family": "ubuntu-2604-lts-amd64", + "ssh_username": "ubuntu", + "zone": "us-central1-a" +} diff --git a/images/capi/packer/goss/goss-files.yaml b/images/capi/packer/goss/goss-files.yaml index d38a634989..1d1ad56b33 100644 --- a/images/capi/packer/goss/goss-files.yaml +++ b/images/capi/packer/goss/goss-files.yaml @@ -32,3 +32,10 @@ file: contains: - {{ .Vars.extra_kernel_boot_params }} {{end}} +{{if eq .Vars.containerd_enable_limit_no_file "true"}} + "/etc/systemd/system/containerd.service.d/limit-nofile.conf": + exists: true + filetype: file + contains: + - "LimitNOFILE=1048576" +{{end}} diff --git a/images/capi/packer/goss/goss-package.yaml b/images/capi/packer/goss/goss-package.yaml index 3781a9411d..93fcda4372 100644 --- a/images/capi/packer/goss/goss-package.yaml +++ b/images/capi/packer/goss/goss-package.yaml @@ -56,6 +56,16 @@ package: {{$key}}: {{$val}} {{end}} {{end}} +# x86-only provider packages (hypervisor tools not available on arm64) +{{if ne .Vars.arch "arm64"}} +{{range $name, $vers := index .Vars .Vars.OS .Vars.PROVIDER "package-x86"}} + {{$name}}: + installed: true + {{range $key, $val := $vers}} + {{$key}}: {{$val}} + {{end}} +{{end}} +{{end}} # Iterate thru different OS Versions like RHEL7/8, Photon 3/4(future) etc. {{$distro_version := .Vars.OS_VERSION}} diff --git a/images/capi/packer/goss/goss-vars.yaml b/images/capi/packer/goss/goss-vars.yaml index d0272ee97a..c53e9818f1 100644 --- a/images/capi/packer/goss/goss-vars.yaml +++ b/images/capi/packer/goss/goss-vars.yaml @@ -89,6 +89,7 @@ photon_5_rpms: &photon_5_rpms logrotate: arch: "amd64" +containerd_enable_limit_no_file: "" containerd_gvisor_runtime: "" containerd_gvisor_version: "" containerd_image_pull_progress_timeout: "" @@ -156,7 +157,6 @@ centos: open-vm-tools: ova: package: - python2-pip: open-vm-tools: qemu: package: @@ -171,16 +171,12 @@ centos: package: cloud-init: cloud-utils-growpart: - python2-pip: almalinux: common-package: *common_rpms ova: package: open-vm-tools: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -259,10 +255,6 @@ rockylinux: amazon: package: amazon-ssm-agent: - os_version: - - distro_version: "8" - package: - <<: *rh8_rpms command: /usr/local/sbin/aws --version: exit-status: 0 @@ -276,10 +268,6 @@ rockylinux: package: open-vm-tools: os_version: - - distro_version: "8" - package: - python2-pip: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -289,9 +277,6 @@ rockylinux: cloud-init: cloud-utils: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -303,9 +288,6 @@ rockylinux: lvm2: xfsprogs: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -317,10 +299,6 @@ rockylinux: package: cloud-init: cloud-utils-growpart: - os_version: - - distro_version: "8" - package: - <<: *rh8_rpms openstack: package: cloud-init: @@ -342,10 +320,6 @@ rhel: amazon: package: amazon-ssm-agent: - os_version: - - distro_version: "8" - package: - <<: *rh8_rpms command: /usr/local/sbin/aws --version: exit-status: 0 @@ -358,10 +332,6 @@ rhel: azure: package: open-vm-tools: - os_version: - - distro_version: "8" - package: - <<: *rh8_rpms gcp: command: find -L /bin -maxdepth 1 -type f -executable -printf "%f\n" | grep -Fx 'gcloud': @@ -369,18 +339,10 @@ rhel: stdout: ["gcloud"] stderr: [] timeout: 0 - os_version: - - distro_version: "8" - package: - <<: *rh8_rpms ova: package: open-vm-tools: os_version: - - distro_version: "8" - package: - python2-pip: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -390,9 +352,6 @@ rhel: cloud-init: cloud-utils-growpart: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -401,9 +360,6 @@ rhel: cloud-init: cloud-utils-growpart: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -415,9 +371,6 @@ rhel: lvm2: xfsprogs: os_version: - - distro_version: "8" - package: - <<: *rh8_rpms - distro_version: "9" package: <<: *rh9_rpms @@ -462,7 +415,8 @@ ubuntu: snap.amazon-ssm-agent.amazon-ssm-agent.service: enabled: true running: true - package: + package: {} + package-x86: linux-cloud-tools-virtual: linux-tools-virtual: command: @@ -505,6 +459,29 @@ ubuntu: cloud-guest-utils: cloud-initramfs-copymods: cloud-initramfs-dyn-netconf: + maas: + service: + networkd-dispatcher: + enabled: true + running: true + package: + linux-cloud-tools-virtual: + linux-tools-virtual: + open-vm-tools: + cloud-guest-utils: + cloud-initramfs-copymods: + cloud-initramfs-dyn-netconf: + maas-arm64: + service: + networkd-dispatcher: + enabled: true + running: true + package: + linux-tools-virtual: + open-vm-tools: + cloud-guest-utils: + cloud-initramfs-copymods: + cloud-initramfs-dyn-netconf: qemu: service: networkd-dispatcher: @@ -564,6 +541,10 @@ ubuntu: service: package: command: + oxide: + service: + package: + command: oracle linux: common-kernel-param: diff --git a/images/capi/packer/hcloud/packer.json b/images/capi/packer/hcloud/packer.json index 19308d02c5..255b3c23ba 100644 --- a/images/capi/packer/hcloud/packer.json +++ b/images/capi/packer/hcloud/packer.json @@ -28,6 +28,7 @@ "build_name": "{{user `build_name`}}", "build_timestamp": "{{user `build_timestamp`}}", "build_type": "node", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_version": "{{user `containerd_version`}}", @@ -102,6 +103,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "hcloud", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -126,6 +128,7 @@ "ansible_user_vars": "", "build_name": null, "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/hcloud/ubuntu-2604.json b/images/capi/packer/hcloud/ubuntu-2604.json new file mode 100644 index 0000000000..66f9b0c8ba --- /dev/null +++ b/images/capi/packer/hcloud/ubuntu-2604.json @@ -0,0 +1,8 @@ +{ + "build_name": "ubuntu-2604", + "distribution": "ubuntu", + "distribution_release": "resolute", + "distribution_version": "2604", + "image": "ubuntu-26.04", + "ssh_username": "root" +} diff --git a/images/capi/packer/huaweicloud/packer.json b/images/capi/packer/huaweicloud/packer.json index abe9129f04..4cb0726d78 100644 --- a/images/capi/packer/huaweicloud/packer.json +++ b/images/capi/packer/huaweicloud/packer.json @@ -49,6 +49,7 @@ "post-processors": [ { "custom_data": { + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_version": "{{user `containerd_version`}}", @@ -99,6 +100,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "huaweicloud", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -124,6 +126,7 @@ "associate_public_ip_address": "true", "availability_zone": "ap-southeast-1g", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/maas/.gitignore b/images/capi/packer/maas/.gitignore index ed3058d85d..e8e39bf3d1 100644 --- a/images/capi/packer/maas/.gitignore +++ b/images/capi/packer/maas/.gitignore @@ -1,4 +1,5 @@ packer.json +packer-arm64.json ks.cfg preseed.cfg preseed-efi.cfg diff --git a/images/capi/packer/maas/README.md b/images/capi/packer/maas/README.md index 24252e380b..50e78fd1db 100644 --- a/images/capi/packer/maas/README.md +++ b/images/capi/packer/maas/README.md @@ -1,18 +1,66 @@ +# Prereqs + +Assuming you're building on Ubuntu: +``` +apt update +apt install -y make jq unzip python3-pip +cd images/capi +make deps-qemu +``` + +If you will be building ARM64 images, ensure you run the builder on a native ARM64 server and add these additional prereqs: +``` +apt-get install qemu-system-arm libvirt-daemon-system -y + +# create EFI disk images for ARM64 +pushd /var/lib/libvirt/images/ +dd if=/dev/zero of=capi.fd bs=1M count=64 +dd if=/dev/zero of=capi-nvmram.fd bs=1M count=64 +dd if=/usr/share/qemu-efi-aarch64/QEMU_EFI.fd of=capi.fd conv=notrunc +popd +``` + +# Building + To build an image using a specific version of Kubernetes use the "PACKER_FLAGS" env var like in the example below: +For AMD64: +``` +export PATH=/root/.local/bin:$PATH + PACKER_FLAGS="--var 'kubernetes_rpm_version=1.30.5' --var 'kubernetes_semver=v1.30.5' --var 'kubernetes_series=v1.30' --var 'kubernetes_deb_version=1.30.5-1.1'" make build-maas-ubuntu-2204-efi +``` + +For ARM64: +``` +export PATH=/root/.local/bin:$PATH + +ARCH=arm64 PACKER_FLAGS="--var 'kubernetes_rpm_version=1.30.5' --var 'kubernetes_semver=v1.30.5' --var 'kubernetes_series=v1.30' --var 'kubernetes_deb_version=1.30.5-1.1'" make build-maas-ubuntu-2204-arm64 +``` P.S: In order to change disk size(defaults to 20GB as of 31.10.22) you can update PACKER_FLAGS with: --var 'disk_size=' +# Uploading to MaaS -Upload images to MaaS +To upload the generates images to MaaS, run the following command. +For AMD64: ``` -maas boot-resources create name=custom/ architecture=amd64/generic title= subarches=generic base_image=ubuntu/ content@=./.tar.gz +maas boot-resources create name= architecture=amd64/generic title= base_image=ubuntu/ content@=./.tar.gz ``` +For ARM64: +``` +maas boot-resources create name= architecture=arm64/generic title= base_image=ubuntu/ content@=./.tar.gz +``` + + Notes / Things you need to known: - If you are using ubuntu **22.04**, set the `base_image` field to: `ubuntu/jammy`. For 24.04, use: `ubuntu/noble` -- Use **UEFI** to boot the machines, if you use BIOS, your MaaS deployment will **probably** fail. \ No newline at end of file +- Use **UEFI** to boot the machines, if you use BIOS, your MaaS deployment will **probably** fail. + +# Development + +Ensure any future changes to packer.json.tmpl that are not architecture-specific, are also synced into packer-arm64.json.tmpl! \ No newline at end of file diff --git a/images/capi/packer/maas/linux/ubuntu/http/22.04.arm64/meta-data b/images/capi/packer/maas/linux/ubuntu/http/22.04.arm64/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/maas/linux/ubuntu/http/22.04.arm64/user-data.tmpl b/images/capi/packer/maas/linux/ubuntu/http/22.04.arm64/user-data.tmpl new file mode 100644 index 0000000000..44eafe3f30 --- /dev/null +++ b/images/capi/packer/maas/linux/ubuntu/http/22.04.arm64/user-data.tmpl @@ -0,0 +1,106 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/vda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-vda + - device: disk-vda + # Create EFI partition of 512MB same as in Ubuntu 20.04 + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-vda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: "all" + ssh: + install-server: true + allow-pw: true + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/maas/linux/ubuntu/http/24.04.arm64/meta-data b/images/capi/packer/maas/linux/ubuntu/http/24.04.arm64/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/maas/linux/ubuntu/http/24.04.arm64/user-data.tmpl b/images/capi/packer/maas/linux/ubuntu/http/24.04.arm64/user-data.tmpl new file mode 100644 index 0000000000..532fa05425 --- /dev/null +++ b/images/capi/packer/maas/linux/ubuntu/http/24.04.arm64/user-data.tmpl @@ -0,0 +1,116 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/vda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-vda + - device: disk-vda + # Create EFI partition of 512MB same as in Ubuntu 20.04 + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-vda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/maas/linux/ubuntu/http/26.04.efi/meta-data b/images/capi/packer/maas/linux/ubuntu/http/26.04.efi/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/maas/linux/ubuntu/http/26.04.efi/user-data.tmpl b/images/capi/packer/maas/linux/ubuntu/http/26.04.efi/user-data.tmpl new file mode 100644 index 0000000000..0d43ca5e1b --- /dev/null +++ b/images/capi/packer/maas/linux/ubuntu/http/26.04.efi/user-data.tmpl @@ -0,0 +1,116 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/sda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-sda + - device: disk-sda + # Create EFI partition of 512MB same as in Ubuntu 20.04 + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-sda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/maas/linux/ubuntu/http/26.04/meta-data b/images/capi/packer/maas/linux/ubuntu/http/26.04/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/maas/linux/ubuntu/http/26.04/user-data.tmpl b/images/capi/packer/maas/linux/ubuntu/http/26.04/user-data.tmpl new file mode 100644 index 0000000000..30edc45b19 --- /dev/null +++ b/images/capi/packer/maas/linux/ubuntu/http/26.04/user-data.tmpl @@ -0,0 +1,93 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + replace_linux_default: false + config: + - type: disk + id: disk-0 + size: largest + grub_device: true + preserve: false + ptable: msdos + wipe: superblock + - type: partition + id: partition-0 + device: disk-0 + size: -1 + number: 1 + preserve: false + flag: boot + - type: format + id: format-0 + volume: partition-0 + fstype: ext4 + preserve: false + - type: mount + id: mount-0 + device: format-0 + path: / + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/maas/maas-ubuntu-2204-arm64.json b/images/capi/packer/maas/maas-ubuntu-2204-arm64.json new file mode 100644 index 0000000000..3d58d49677 --- /dev/null +++ b/images/capi/packer/maas/maas-ubuntu-2204-arm64.json @@ -0,0 +1,22 @@ +{ + "arch": "arm64", + "boot_command_prefix": "clinux /casper/vmlinuz console=ttyAMA0 autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/' --- initrd /casper/initrdboot", + "boot_type": "uefi", + "build_name": "ubuntu-2204-arm64", + "cpus": "16", + "distribution_version": "2204", + "distro_name": "ubuntu", + "goss_arch": "arm64", + "guest_os_type": "ubuntu-64", + "http_directory": "./packer/maas/linux/ubuntu/http/22.04.arm64", + "iso_checksum": "eafec62cfe760c30cac43f446463e628fada468c2de2f14e0e2bc27295187505", + "iso_checksum_type": "sha256", + "iso_target_path": "/tmp/packer_cache/ubuntu-22.04.5-live-server-arm64.iso", + "iso_url": "https://cdimage.ubuntu.com/releases/22.04.5/release/ubuntu-22.04.5-live-server-arm64.iso", + "memory": "4096", + "os_display_name": "Ubuntu 22.04", + "shutdown_command": "shutdown -P now", + "ubuntu_repo": "http://ports.ubuntu.com/ubuntu-ports", + "ubuntu_security_repo": "http://ports.ubuntu.com/ubuntu-ports", + "unmount_iso": "true" +} diff --git a/images/capi/packer/maas/maas-ubuntu-2404-arm64.json b/images/capi/packer/maas/maas-ubuntu-2404-arm64.json new file mode 100644 index 0000000000..4d115a0b00 --- /dev/null +++ b/images/capi/packer/maas/maas-ubuntu-2404-arm64.json @@ -0,0 +1,22 @@ +{ + "arch": "arm64", + "boot_command_prefix": "clinux /casper/vmlinuz console=ttyAMA0 autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/' --- initrd /casper/initrdboot", + "boot_type": "uefi", + "build_name": "ubuntu-2404-arm64", + "cpus": "16", + "distribution_version": "2404", + "distro_name": "ubuntu", + "goss_arch": "arm64", + "guest_os_type": "ubuntu-64", + "http_directory": "./packer/maas/linux/ubuntu/http/24.04.arm64", + "iso_checksum": "2ee2163c9b901ff5926400e80759088ff3b879982a3956c02100495b489fd555", + "iso_checksum_type": "sha256", + "iso_target_path": "/tmp/packer_cache/ubuntu-24.04.3-live-server-arm64.iso", + "iso_url": "https://cdimage.ubuntu.com/releases/24.04/release/ubuntu-24.04.3-live-server-arm64.iso", + "memory": "4096", + "os_display_name": "Ubuntu 24.04", + "shutdown_command": "shutdown -P now", + "ubuntu_repo": "http://ports.ubuntu.com/ubuntu-ports", + "ubuntu_security_repo": "http://ports.ubuntu.com/ubuntu-ports", + "unmount_iso": "true" +} diff --git a/images/capi/packer/maas/maas-ubuntu-2604-efi.json b/images/capi/packer/maas/maas-ubuntu-2604-efi.json new file mode 100644 index 0000000000..018d504276 --- /dev/null +++ b/images/capi/packer/maas/maas-ubuntu-2604-efi.json @@ -0,0 +1,14 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04.efi/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604-efi", + "distribution_version": "2604", + "distro_name": "ubuntu", + "firmware": "OVMF.fd", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/releases/26.04/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "unmount_iso": "true" +} diff --git a/images/capi/packer/maas/packer-arm64.json.tmpl b/images/capi/packer/maas/packer-arm64.json.tmpl new file mode 100644 index 0000000000..b691d2ba84 --- /dev/null +++ b/images/capi/packer/maas/packer-arm64.json.tmpl @@ -0,0 +1,235 @@ +{ + "builders": [ + { + "accelerator": "{{user `accelerator`}}", + "boot_command": [ + "{{user `boot_command_prefix`}}", + "{{user `boot_media_path`}}", + "{{user `boot_command_suffix`}}" + ], + "boot_wait": "{{user `boot_wait`}}", + "cd_files": [ + "{{user `cd_files`}}" + ], + "cd_label": "cidata", + "cdrom_interface": "{{user `cdrom_interface`}}", + "cpu_model": "{{user `cpu_model`}}", + "cpus": "{{user `cpus`}}", + "disk_compression": "{{ user `disk_compression`}}", + "disk_discard": "{{user `disk_discard`}}", + "disk_image": "{{ user `disk_image` }}", + "disk_interface": "{{ user `disk_interface` }}", + "disk_size": "{{user `disk_size`}}", + "efi_boot": "{{user `efi_boot`}}", + "efi_firmware_code": "{{user `efi_firmware_code`}}", + "efi_firmware_vars": "{{user `efi_firmware_vars`}}", + "firmware": "{{user `firmware`}}", + "format": "{{user `format`}}", + "headless": "{{user `headless`}}", + "http_directory": "{{user `http_directory`}}", + "iso_checksum": "{{user `iso_checksum_type`}}:{{user `iso_checksum`}}", + "iso_url": "{{user `iso_url`}}", + "iso_target_path": "{{user `iso_target_path`}}", + "machine_type": "{{user `machine_type`}}", + "memory": "{{user `memory`}}", + "net_device": "virtio-net", + "output_directory": "{{user `output_directory`}}", + "qemu_binary": "{{user `qemu_binary`}}", + "qemuargs": [ + [ "-device", "usb-ehci" ], + [ "-device", "usb-kbd" ], + "-usb", + [ "-drive", "if=none,file=output/{{user `vm_name`}}/{{user `vm_name`}},id=drive0,cache=writeback,discard=unmap,format=qcow2" ], + [ "-device", "virtio-blk,drive=drive0,bootindex=0" ], + [ "-drive", "file={{user `iso_target_path`}},if=none,index=1,id=cdrom0,media=cdrom" ], + [ "-device", "virtio-blk,drive=cdrom0,bootindex=1" ], + [ "-drive", "file=/var/lib/libvirt/images/capi.fd,format=raw,if=pflash" ], + [ "-drive", "file=/var/lib/libvirt/images/capi-nvmram.fd,format=raw,if=pflash" ], + [ "-device", "virtio-gpu-pci" ] + ], + "shutdown_command": "echo '{{user `ssh_password`}}' | sudo -S -E sh -c 'userdel -f -r {{user `ssh_username`}} && rm -f /etc/sudoers.d/{{user `ssh_username` }} && rm -f /etc/sudoers.d/90-cloud-init-users && {{user `shutdown_command`}}'", + "ssh_password": "{{user `ssh_password`}}", + "ssh_timeout": "2h", + "ssh_username": "{{user `ssh_username`}}", + "type": "qemu", + "vm_name": "{{user `vm_name`}}", + "vnc_bind_address": "{{user `vnc_bind_address`}}" + } + ], + "post-processors": [ + { + "environment_vars": [ + "CUSTOM_POST_PROCESSOR={{user `custom_post_processor`}}" + ], + "inline": [ + "if [ \"$CUSTOM_POST_PROCESSOR\" != \"true\" ]; then exit 0; fi", + "{{user `custom_post_processor_command`}}" + ], + "name": "custom-post-processor", + "type": "shell-local" + }, + { + "inline": [ + "sudo bash ./packer/maas/scripts/generate-maas-image.sh {{user `output_directory`}}/{{user `artifact_name`}}" + ], + "name": "convert-to-maas", + "type": "shell-local" + } + ], + "provisioners": [ + { + "environment_vars": [ + "PYPY_HTTP_SOURCE={{user `pypy_http_source`}}" + ], + "execute_command": "BUILD_NAME={{user `build_name`}}; if [[ \"${BUILD_NAME}\" == *\"flatcar\"* ]]; then sudo {{.Vars}} -S -E bash '{{.Path}}'; fi", + "script": "./packer/files/flatcar/scripts/bootstrap-flatcar.sh", + "type": "shell" + }, + { + "ansible_env_vars": [ + "ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} {{user `ansible_common_ssh_args`}}'", + "KUBEVIRT={{user `kubevirt`}}" + ], + "extra_arguments": [ + "--extra-vars", + "{{user `ansible_common_vars`}}", + "--extra-vars", + "{{user `ansible_extra_vars`}}", + "--extra-vars", + "{{user `ansible_user_vars`}}", + "--scp-extra-args", + "{{user `ansible_scp_extra_args`}}" + ], + "playbook_file": "./ansible/firstboot.yml", + "type": "ansible", + "user": "builder" + }, + { + "expect_disconnect": true, + "inline": [ + "sudo reboot now" + ], + "inline_shebang": "/bin/bash -e", + "type": "shell" + }, + { + "pause_before": "30s", + "ansible_env_vars": [ + "ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} {{user `ansible_common_ssh_args`}}'", + "KUBEVIRT={{user `kubevirt`}}" + ], + "extra_arguments": [ + "--extra-vars", + "{{user `ansible_common_vars`}}", + "--extra-vars", + "{{user `ansible_extra_vars`}}", + "--extra-vars", + "{{user `ansible_user_vars`}}", + "--scp-extra-args", + "{{user `ansible_scp_extra_args`}}" + ], + "playbook_file": "./ansible/node.yml", + "type": "ansible", + "user": "builder" + }, + { + "inline": [ + "sudo rm -f /etc/fstab" + ], + "inline_shebang": "/bin/bash -e", + "type": "shell" + }, + { + "arch": "{{user `goss_arch`}}", + "format": "{{user `goss_format`}}", + "format_options": "{{user `goss_format_options`}}", + "goss_file": "{{user `goss_entry_file`}}", + "inspect": "{{user `goss_inspect_mode`}}", + "tests": [ + "{{user `goss_tests_dir`}}" + ], + "type": "goss", + "url": "{{user `goss_url`}}", + "use_sudo": true, + "vars_file": "{{user `goss_vars_file`}}", + "vars_inline": { + "ARCH": "amd64", + "OS": "{{user `distro_name` | lower}}", + "OS_VERSION": "{{user `distribution_version` | lower}}", + "PROVIDER": "maas-arm64", + "containerd_version": "{{user `containerd_version`}}", + "kubernetes_cni_deb_version": "{{ user `kubernetes_cni_deb_version` }}", + "kubernetes_cni_rpm_version": "{{ split (user `kubernetes_cni_rpm_version`) \"-\" 0 }}", + "kubernetes_cni_source_type": "{{user `kubernetes_cni_source_type`}}", + "kubernetes_cni_version": "{{user `kubernetes_cni_semver` | replace \"v\" \"\" 1}}", + "kubernetes_deb_version": "{{ user `kubernetes_deb_version` }}", + "kubernetes_rpm_version": "{{ split (user `kubernetes_rpm_version`) \"-\" 0 }}", + "kubernetes_source_type": "{{user `kubernetes_source_type`}}", + "kubernetes_version": "{{user `kubernetes_semver` | replace \"v\" \"\" 1}}" + }, + "version": "{{user `goss_version`}}" + } + ], + "variables": { + "accelerator": "kvm", + "ansible_common_vars": "", + "ansible_extra_vars": "ansible_python_interpreter=/usr/bin/python3", + "ansible_user_vars": "", + "artifact_name": "{{user `build_name`}}-kube-{{user `kubernetes_semver`}}", + "boot_media_path": "http://{{ .HTTPIP }}:{{ .HTTPPort }}", + "boot_wait": "10s", + "build_timestamp": "{{timestamp}}", + "cd_files": "linux/base/*.nothing", + "cdrom_interface": "none", + "containerd_service_url": "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v{{user `containerd_version`}}/containerd.service", + "containerd_url": "https://github.com/containerd/containerd/releases/download/v{{user `containerd_version`}}/containerd-{{user `containerd_version`}}-linux-arm64.tar.gz", + "containerd_version": null, + "cpu_model": "host", + "cpus": "1", + "crictl_version": null, + "crictl_url": "https://github.com/kubernetes-sigs/cri-tools/releases/download/v{{user `crictl_version`}}/crictl-v{{user `crictl_version`}}-linux-arm64.tar.gz", + "disk_compression": "false", + "disk_discard": "unmap", + "disk_image": "false", + "disk_interface": "virtio-scsi", + "disk_size": "20480", + "efi_boot": "true", + "efi_firmware_code": "/var/lib/libvirt/images/capi.fd", + "efi_firmware_vars": "/var/lib/libvirt/images/capi-nvmram.fd", + "existing_ansible_ssh_args": "{{env `ANSIBLE_SSH_ARGS`}}", + "firmware": "", + "format": "qcow2", + "headless": "true", + "http_directory": "./packer/qemu/linux/{{user `distro_name`}}/http/", + "kubernetes_cni_deb_version": null, + "kubernetes_cni_http_source": null, + "kubernetes_cni_semver": null, + "kubernetes_cni_source_type": null, + "kubernetes_container_registry": null, + "kubernetes_deb_gpg_key": null, + "kubernetes_deb_repo": null, + "kubernetes_deb_version": null, + "kubernetes_http_source": null, + "kubernetes_load_additional_imgs": null, + "kubernetes_rpm_gpg_check": null, + "kubernetes_rpm_gpg_key": null, + "kubernetes_rpm_repo": null, + "kubernetes_rpm_version": null, + "kubernetes_semver": null, + "kubernetes_series": null, + "kubernetes_source_type": null, + "runc_url": "https://github.com/opencontainers/runc/releases/download/v{{user `runc_version`}}/runc.amd64", + "runc_version": null, + "machine_id_mode": "444", + "machine_type": "virt", + "memory": "2048", + "oem_id": "", + "output_directory": "./output/{{user `build_name`}}-kube-{{user `kubernetes_semver`}}", + "python_path": "", + "qemu_binary": "qemu-system-aarch64", + "ssh_password": "$SSH_PASSWORD", + "ssh_username": "builder", + "vm_name": "{{user `build_name`}}-kube-{{user `kubernetes_semver`}}", + "vnc_bind_address": "127.0.0.1" + } +} diff --git a/images/capi/packer/maas/packer.json.tmpl b/images/capi/packer/maas/packer.json.tmpl index 48734e1bb5..a6b2885f4e 100644 --- a/images/capi/packer/maas/packer.json.tmpl +++ b/images/capi/packer/maas/packer.json.tmpl @@ -138,7 +138,8 @@ "ARCH": "amd64", "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", - "PROVIDER": "qemu", + "PROVIDER": "maas", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", "containerd_version": "{{user `containerd_version`}}", "kubernetes_cni_deb_version": "{{ user `kubernetes_cni_deb_version` }}", @@ -163,6 +164,7 @@ "boot_wait": "10s", "build_timestamp": "{{timestamp}}", "cd_files": "linux/base/*.nothing", + "containerd_enable_limit_no_file": "false", "containerd_service_url": "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v{{user `containerd_version`}}/containerd.service", "containerd_url": "https://github.com/containerd/containerd/releases/download/v{{user `containerd_version`}}/containerd-{{user `containerd_version`}}-linux-amd64.tar.gz", "containerd_version": null, diff --git a/images/capi/packer/nutanix/linux/cloud-init/rhel/8/user-data.tmpl b/images/capi/packer/nutanix/linux/cloud-init/rhel/8/user-data.tmpl deleted file mode 100644 index 246b32e0e9..0000000000 --- a/images/capi/packer/nutanix/linux/cloud-init/rhel/8/user-data.tmpl +++ /dev/null @@ -1,9 +0,0 @@ -#cloud-config -users: - - name: builder - sudo: ['ALL=(ALL) NOPASSWD:ALL'] -chpasswd: - list: | - builder:$SSH_PASSWORD - expire: False -ssh_pwauth: True \ No newline at end of file diff --git a/images/capi/packer/nutanix/linux/cloud-init/rockylinux/8/user-data.tmpl b/images/capi/packer/nutanix/linux/cloud-init/rockylinux/8/user-data.tmpl deleted file mode 100644 index 246b32e0e9..0000000000 --- a/images/capi/packer/nutanix/linux/cloud-init/rockylinux/8/user-data.tmpl +++ /dev/null @@ -1,9 +0,0 @@ -#cloud-config -users: - - name: builder - sudo: ['ALL=(ALL) NOPASSWD:ALL'] -chpasswd: - list: | - builder:$SSH_PASSWORD - expire: False -ssh_pwauth: True \ No newline at end of file diff --git a/images/capi/packer/nutanix/packer.json.tmpl b/images/capi/packer/nutanix/packer.json.tmpl index b71042195b..cb559c6baa 100644 --- a/images/capi/packer/nutanix/packer.json.tmpl +++ b/images/capi/packer/nutanix/packer.json.tmpl @@ -95,6 +95,7 @@ "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "nutanix", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -116,6 +117,7 @@ "ansible_extra_vars": "", "ansible_user_vars": "", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_version": null, diff --git a/images/capi/packer/nutanix/ubuntu-2604.json b/images/capi/packer/nutanix/ubuntu-2604.json new file mode 100644 index 0000000000..6f2183341d --- /dev/null +++ b/images/capi/packer/nutanix/ubuntu-2604.json @@ -0,0 +1,8 @@ +{ + "build_name": "ubuntu-2604", + "distro_name": "ubuntu", + "guest_os_type": "Linux", + "image_url": "https://cloud-images.ubuntu.com/resolute/current/resolute-server-cloudimg-amd64.img", + "shutdown_command": "shutdown -P now", + "user_data": "I2Nsb3VkLWNvbmZpZwp1c2VyczoKICAtIG5hbWU6IGJ1aWxkZXIKICAgIHN1ZG86IFsnQUxMPShBTEwpIE5PUEFTU1dEOkFMTCddCiAgICBzaGVsbDogL2Jpbi9iYXNoCmNocGFzc3dkOgogIGxpc3Q6IHwKICAgIGJ1aWxkZXI6YnVpbGRlcgogIGV4cGlyZTogRmFsc2UKc3NoX3B3YXV0aDogVHJ1ZQo=" +} diff --git a/images/capi/packer/oci/packer.json b/images/capi/packer/oci/packer.json index 73fdcc0750..901e03efe6 100644 --- a/images/capi/packer/oci/packer.json +++ b/images/capi/packer/oci/packer.json @@ -76,6 +76,7 @@ "OS": "{{user `distribution` | lower }}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "oci", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -100,6 +101,7 @@ "base_image_ocid": "", "build_timestamp": "{{timestamp}}", "compartment_ocid": "", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/openstack/packer.json b/images/capi/packer/openstack/packer.json index 04a7bb60f1..7eb6b75f92 100644 --- a/images/capi/packer/openstack/packer.json +++ b/images/capi/packer/openstack/packer.json @@ -93,6 +93,7 @@ "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `os_version`}}", "PROVIDER": "openstack", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -115,6 +116,7 @@ "ansible_user_vars": "", "attach_config_drive": "false", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/openstack/ubuntu-2604.json b/images/capi/packer/openstack/ubuntu-2604.json new file mode 100644 index 0000000000..e05505dfa5 --- /dev/null +++ b/images/capi/packer/openstack/ubuntu-2604.json @@ -0,0 +1,5 @@ +{ + "build_name": "ubuntu-2604", + "distro_name": "ubuntu", + "ssh_username": "ubuntu" +} diff --git a/images/capi/packer/outscale/packer.json b/images/capi/packer/outscale/packer.json index 1343cc198a..300341a7f6 100644 --- a/images/capi/packer/outscale/packer.json +++ b/images/capi/packer/outscale/packer.json @@ -76,6 +76,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "outscale", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -98,6 +99,7 @@ "ansible_common_vars": "", "ansible_extra_vars": "", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/outscale/ubuntu-2604.json b/images/capi/packer/outscale/ubuntu-2604.json new file mode 100644 index 0000000000..3b84cc68b3 --- /dev/null +++ b/images/capi/packer/outscale/ubuntu-2604.json @@ -0,0 +1,7 @@ +{ + "build_name": "ubuntu-2604", + "distribution": "ubuntu", + "distribution_release": "ubuntu", + "distribution_version": "2604", + "image_name": "Ubuntu-26.04-2026-04-22" +} diff --git a/images/capi/packer/ova/linux/ubuntu/http/26.04.efi/meta-data b/images/capi/packer/ova/linux/ubuntu/http/26.04.efi/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/ova/linux/ubuntu/http/26.04.efi/user-data.tmpl b/images/capi/packer/ova/linux/ubuntu/http/26.04.efi/user-data.tmpl new file mode 100644 index 0000000000..37b67cf07c --- /dev/null +++ b/images/capi/packer/ova/linux/ubuntu/http/26.04.efi/user-data.tmpl @@ -0,0 +1,111 @@ +#cloud-config +# Copyright 2024 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + mounts: + - [ swap, null ] + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + swap: + size: 0 + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/sda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-sda + - device: disk-sda + # Create EFI partition of 512MB same as in Ubuntu 20.04 + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-sda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: xfs + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: "all" + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Removes snapd, https://bugs.launchpad.net/subiquity/+bug/1946609 + # 2. Cleans up any packages that are no longer required + # 3. Removes the cached list of packages + late-commands: + - chroot /target apt-get purge -y snapd + - curtin in-target --target=/target -- apt-get purge --auto-remove -y + - curtin in-target --target=/target -- apt-get clean + - curtin in-target --target=/target -- rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/ova/linux/ubuntu/http/26.04/meta-data b/images/capi/packer/ova/linux/ubuntu/http/26.04/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/ova/linux/ubuntu/http/26.04/user-data.tmpl b/images/capi/packer/ova/linux/ubuntu/http/26.04/user-data.tmpl new file mode 100644 index 0000000000..3e91ea071f --- /dev/null +++ b/images/capi/packer/ova/linux/ubuntu/http/26.04/user-data.tmpl @@ -0,0 +1,90 @@ +#cloud-config +# Copyright 2024 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + mounts: + - [ swap, null ] + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + swap: + size: 0 + grub: + replace_linux_default: false + config: + - type: disk + id: disk-0 + size: largest + grub_device: true + preserve: false + ptable: msdos + wipe: superblock + - type: partition + id: partition-0 + device: disk-0 + size: -1 + number: 1 + preserve: false + flag: boot + - type: format + id: format-0 + volume: partition-0 + fstype: xfs + preserve: false + - type: mount + id: mount-0 + device: format-0 + path: / + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Removes snapd, https://bugs.launchpad.net/subiquity/+bug/1946609 + # 2. Cleans up any packages that are no longer required + # 3. Removes the cached list of packages + late-commands: + - chroot /target apt-get purge -y snapd + - curtin in-target --target=/target -- apt-get purge --auto-remove -y + - curtin in-target --target=/target -- apt-get clean + - curtin in-target --target=/target -- rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/ova/packer-node.json b/images/capi/packer/ova/packer-node.json index cfd3f2d37e..cdd35231f8 100644 --- a/images/capi/packer/ova/packer-node.json +++ b/images/capi/packer/ova/packer-node.json @@ -461,6 +461,7 @@ "OS_VERSION": "{{user `distro_version` | lower}}", "PROVIDER": "ova", "block_nouveau_loading": "{{user `block_nouveau_loading`}}", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", diff --git a/images/capi/packer/ova/ubuntu-2604-efi.json b/images/capi/packer/ova/ubuntu-2604-efi.json new file mode 100644 index 0000000000..d8d2e3f476 --- /dev/null +++ b/images/capi/packer/ova/ubuntu-2604-efi.json @@ -0,0 +1,19 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz ipv6.disable={{ user `boot_disable_ipv6` }} --- autoinstall ds='nocloud;'initrd /casper/initrdboot", + "boot_disable_ipv6": "0", + "build_name": "ubuntu-2604-efi", + "cd_content_location": "./packer/ova/linux/{{user `distro_name`}}/http/26.04.efi/*", + "cd_label": "cidata", + "distro_arch": "amd64", + "distro_name": "ubuntu", + "distro_version": "26.04", + "firmware": "efi", + "floppy_dirs": "", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/resolute/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "vsphere_guest_os_type": "ubuntu64Guest" +} diff --git a/images/capi/packer/ova/ubuntu-2604.json b/images/capi/packer/ova/ubuntu-2604.json new file mode 100644 index 0000000000..ed2d98e51a --- /dev/null +++ b/images/capi/packer/ova/ubuntu-2604.json @@ -0,0 +1,18 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz ipv6.disable={{ user `boot_disable_ipv6` }} --- autoinstall ds='nocloud;'initrd /casper/initrdboot", + "boot_disable_ipv6": "0", + "build_name": "ubuntu-2604", + "cd_content_location": "./packer/ova/linux/{{user `distro_name`}}/http/{{user `distro_version`}}/*", + "cd_label": "cidata", + "distro_arch": "amd64", + "distro_name": "ubuntu", + "distro_version": "26.04", + "floppy_dirs": "", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/resolute/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "vsphere_guest_os_type": "ubuntu64Guest" +} diff --git a/images/capi/packer/oxide/config.pkr.hcl b/images/capi/packer/oxide/config.pkr.hcl new file mode 100644 index 0000000000..7292fd5b35 --- /dev/null +++ b/images/capi/packer/oxide/config.pkr.hcl @@ -0,0 +1,8 @@ +packer { + required_plugins { + oxide = { + source = "github.com/oxidecomputer/oxide" + version = "~> 0.6" + } + } +} diff --git a/images/capi/packer/oxide/packer.json b/images/capi/packer/oxide/packer.json new file mode 100644 index 0000000000..21e33b0e89 --- /dev/null +++ b/images/capi/packer/oxide/packer.json @@ -0,0 +1,107 @@ +{ + "builders": [ + { + "artifact_name": "cluster-api-{{user `build_name`}}-{{user `kubernetes_semver` | replace_all `.` `-`}}-{{user `build_timestamp`}}", + "boot_disk_image_id": "{{user `oxide_boot_disk_image_id`}}", + "boot_disk_size": "{{ user `size` }}", + "name": "{{user `build_name`}}", + "project": "{{ user `oxide_project`}}", + "ssh_username": "ubuntu", + "subnet": "{{user `oxide_subnet`}}", + "type": "oxide-instance", + "vpc": "{{user `oxide_vpc`}}" + } + ], + "provisioners": [ + { + "ansible_env_vars": [ + "ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} {{user `ansible_common_ssh_args`}}'" + ], + "extra_arguments": [ + "--extra-vars", + "{{user `ansible_common_vars`}}", + "--extra-vars", + "{{user `ansible_extra_vars`}}", + "--extra-vars", + "{{user `ansible_user_vars`}}", + "--scp-extra-args", + "{{user `ansible_scp_extra_args`}}" + ], + "playbook_file": "./ansible/node.yml", + "type": "ansible", + "user": "packer" + }, + { + "arch": "{{user `goss_arch`}}", + "download_path": "{{user `goss_download_path`}}", + "format": "{{user `goss_format`}}", + "format_options": "{{user `goss_format_options`}}", + "goss_file": "{{user `goss_entry_file`}}", + "inspect": "{{user `goss_inspect_mode`}}", + "remote_folder": "{{user `goss_remote_folder`}}", + "remote_path": "{{user `goss_remote_path`}}", + "skip_install": "{{user `goss_skip_install`}}", + "tests": [ + "{{user `goss_tests_dir`}}" + ], + "type": "goss", + "url": "{{user `goss_url`}}", + "use_sudo": true, + "vars_file": "{{user `goss_vars_file`}}", + "vars_inline": { + "ARCH": "{{ user `arch` | lower }}", + "OS": "{{user `distribution` | lower}}", + "OS_VERSION": "{{user `distribution_version` | lower}}", + "PROVIDER": "oxide", + "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", + "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", + "containerd_version": "{{user `containerd_version`}}", + "containerd_wasm_shims_runtimes": "{{user `containerd_wasm_shims_runtimes` }}", + "kubernetes_cni_deb_version": "{{ user `kubernetes_cni_deb_version` }}", + "kubernetes_cni_rpm_version": "{{ split (user `kubernetes_cni_rpm_version`) \"-\" 0 }}", + "kubernetes_cni_source_type": "{{user `kubernetes_cni_source_type`}}", + "kubernetes_cni_version": "{{user `kubernetes_cni_semver` | replace \"v\" \"\" 1}}", + "kubernetes_deb_version": "{{ user `kubernetes_deb_version` }}", + "kubernetes_rpm_version": "{{ split (user `kubernetes_rpm_version`) \"-\" 0 }}", + "kubernetes_source_type": "{{user `kubernetes_source_type`}}", + "kubernetes_version": "{{user `kubernetes_semver` | replace \"v\" \"\" 1}}" + }, + "version": "{{user `goss_version`}}" + } + ], + "variables": { + "ansible_common_vars": "", + "ansible_extra_vars": "", + "ansible_scp_extra_args": "", + "build_timestamp": "{{timestamp}}", + "containerd_gvisor_runtime": "false", + "containerd_gvisor_version": "latest", + "containerd_service_url": "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v{{user `containerd_version`}}/containerd.service", + "containerd_version": null, + "crictl_version": null, + "existing_ansible_ssh_args": "{{env `ANSIBLE_SSH_ARGS`}}", + "kubernetes_cni_deb_version": null, + "kubernetes_cni_http_source": null, + "kubernetes_cni_rpm_version": null, + "kubernetes_cni_semver": null, + "kubernetes_cni_source_type": null, + "kubernetes_container_registry": null, + "kubernetes_deb_gpg_key": null, + "kubernetes_deb_repo": null, + "kubernetes_deb_version": null, + "kubernetes_http_source": null, + "kubernetes_load_additional_imgs": null, + "kubernetes_rpm_gpg_check": null, + "kubernetes_rpm_gpg_key": null, + "kubernetes_rpm_repo": null, + "kubernetes_rpm_version": null, + "kubernetes_semver": null, + "kubernetes_series": null, + "kubernetes_source_type": null, + "oxide_boot_disk_image_id": "{{env `OXIDE_BOOT_DISK_IMAGE_ID`}}", + "oxide_project": "{{env `OXIDE_PROJECT`}}", + "oxide_subnet": "{{env `OXIDE_SUBNET`}}", + "oxide_vpc": "{{env `OXIDE_VPC`}}", + "runc_version": null + } +} diff --git a/images/capi/packer/oxide/ubuntu-2404.json b/images/capi/packer/oxide/ubuntu-2404.json new file mode 100644 index 0000000000..f19d0d2a68 --- /dev/null +++ b/images/capi/packer/oxide/ubuntu-2404.json @@ -0,0 +1,6 @@ +{ + "build_name": "ubuntu-2404", + "distribution": "ubuntu", + "distribution_release": "noble", + "distribution_version": "2404" +} diff --git a/images/capi/packer/powervs/centos-10.json b/images/capi/packer/powervs/centos-10.json new file mode 100644 index 0000000000..c7e3f20878 --- /dev/null +++ b/images/capi/packer/powervs/centos-10.json @@ -0,0 +1,9 @@ +{ + "build_name": "centos-streams10", + "epel_rpm_gpg_key": "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-10", + "redhat_epel_rpm": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm", + "source_cos_bucket": "power-oss-bucket", + "source_cos_object": "centos-streams-10.ova.gz", + "source_cos_region": "us-south", + "ssh_username": "root" +} diff --git a/images/capi/packer/powervs/packer.json b/images/capi/packer/powervs/packer.json index e8e8c2a5a6..61c78241a7 100644 --- a/images/capi/packer/powervs/packer.json +++ b/images/capi/packer/powervs/packer.json @@ -72,6 +72,7 @@ "capture_cos_bucket": "", "capture_cos_region": "", "capture_cos_secret_key": "", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/proxmox/linux/ubuntu/http/26.04.efi/meta-data b/images/capi/packer/proxmox/linux/ubuntu/http/26.04.efi/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/proxmox/linux/ubuntu/http/26.04.efi/user-data.tmpl b/images/capi/packer/proxmox/linux/ubuntu/http/26.04.efi/user-data.tmpl new file mode 100644 index 0000000000..f731532a65 --- /dev/null +++ b/images/capi/packer/proxmox/linux/ubuntu/http/26.04.efi/user-data.tmpl @@ -0,0 +1,99 @@ +#cloud-config +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + ssh: + install-server: true + allow-pw: true + packages: + - qemu-guest-agent + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + swap: + size: 0 + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/sda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-sda + - device: disk-sda + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-sda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: 'all' + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/proxmox/linux/ubuntu/http/26.04/meta-data b/images/capi/packer/proxmox/linux/ubuntu/http/26.04/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/proxmox/linux/ubuntu/http/26.04/user-data.tmpl b/images/capi/packer/proxmox/linux/ubuntu/http/26.04/user-data.tmpl new file mode 100644 index 0000000000..f4b29aa247 --- /dev/null +++ b/images/capi/packer/proxmox/linux/ubuntu/http/26.04/user-data.tmpl @@ -0,0 +1,75 @@ +#cloud-config +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + ssh: + install-server: true + allow-pw: true + packages: + - qemu-guest-agent + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + replace_linux_default: false + config: + - type: disk + id: disk-0 + size: largest + grub_device: true + preserve: false + ptable: msdos + wipe: superblock + - type: partition + id: partition-0 + device: disk-0 + size: -1 + number: 1 + preserve: false + flag: boot + - type: format + id: format-0 + volume: partition-0 + fstype: ext4 + preserve: false + - type: mount + id: mount-0 + device: format-0 + path: / + updates: 'all' + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/proxmox/packer.json.tmpl b/images/capi/packer/proxmox/packer.json.tmpl index e26a764da4..38d48e8ac0 100644 --- a/images/capi/packer/proxmox/packer.json.tmpl +++ b/images/capi/packer/proxmox/packer.json.tmpl @@ -154,6 +154,7 @@ "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "qemu", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", "containerd_version": "{{user `containerd_version`}}", "kubernetes_cni_deb_version": "{{ user `kubernetes_cni_deb_version` }}", @@ -187,6 +188,7 @@ "bridge": "{{env `PROXMOX_BRIDGE`}}", "build_timestamp": "{{timestamp}}", "containerd_version": null, + "containerd_enable_limit_no_file": "false", "containerd_image_pull_progress_timeout": null, "containerd_service_url": "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v{{user `containerd_version`}}/containerd.service", "runc_version": null, diff --git a/images/capi/packer/proxmox/ubuntu-2604-efi.json b/images/capi/packer/proxmox/ubuntu-2604-efi.json new file mode 100644 index 0000000000..2d7a055386 --- /dev/null +++ b/images/capi/packer/proxmox/ubuntu-2604-efi.json @@ -0,0 +1,14 @@ +{ + "bios": "ovmf", + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604-efi", + "distribution_version": "2604", + "distro_name": "ubuntu", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_file": "{{env `ISO_FILE`}}", + "iso_url": "https://releases.ubuntu.com/resolute/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "unmount_iso": "true", + "version": "26.04" +} diff --git a/images/capi/packer/proxmox/ubuntu-2604.json b/images/capi/packer/proxmox/ubuntu-2604.json new file mode 100644 index 0000000000..417214f4c7 --- /dev/null +++ b/images/capi/packer/proxmox/ubuntu-2604.json @@ -0,0 +1,14 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604", + "distribution_version": "2604", + "distro_name": "ubuntu", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_file": "{{env `ISO_FILE`}}", + "iso_url": "https://releases.ubuntu.com/resolute/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "source_image": "ubuntu-20-04-x64", + "unmount_iso": "true", + "version": "26.04" +} diff --git a/images/capi/packer/qemu/linux/ubuntu/http/26.04.efi/meta-data b/images/capi/packer/qemu/linux/ubuntu/http/26.04.efi/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/qemu/linux/ubuntu/http/26.04.efi/user-data.tmpl b/images/capi/packer/qemu/linux/ubuntu/http/26.04.efi/user-data.tmpl new file mode 100644 index 0000000000..0d43ca5e1b --- /dev/null +++ b/images/capi/packer/qemu/linux/ubuntu/http/26.04.efi/user-data.tmpl @@ -0,0 +1,116 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/sda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-sda + - device: disk-sda + # Create EFI partition of 512MB same as in Ubuntu 20.04 + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-sda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/qemu/linux/ubuntu/http/26.04/meta-data b/images/capi/packer/qemu/linux/ubuntu/http/26.04/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/qemu/linux/ubuntu/http/26.04/user-data.tmpl b/images/capi/packer/qemu/linux/ubuntu/http/26.04/user-data.tmpl new file mode 100644 index 0000000000..30edc45b19 --- /dev/null +++ b/images/capi/packer/qemu/linux/ubuntu/http/26.04/user-data.tmpl @@ -0,0 +1,93 @@ +#cloud-config +# Copyright 2022 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + apt: + mirror-selection: + primary: + - uri: http://archive.ubuntu.com/ubuntu + # Create a single-partition with no swap space. Kubernetes + # really dislikes the idea of anyone else managing memory. + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + grub: + replace_linux_default: false + config: + - type: disk + id: disk-0 + size: largest + grub_device: true + preserve: false + ptable: msdos + wipe: superblock + - type: partition + id: partition-0 + device: disk-0 + size: -1 + number: 1 + preserve: false + flag: boot + - type: format + id: format-0 + volume: partition-0 + fstype: ext4 + preserve: false + - type: mount + id: mount-0 + device: format-0 + path: / + updates: 'all' + ssh: + install-server: true + allow-pw: true + # Customize the list of packages installed. + packages: + - open-vm-tools + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Cleans up any packages that are no longer required + # 5. Removes the cached list of packages + late-commands: + - swapoff -a + - rm -f /swapfile + - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - apt-get purge --auto-remove -y + - rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/qemu/packer.json.tmpl b/images/capi/packer/qemu/packer.json.tmpl index 76524d47aa..e8d54f5d47 100644 --- a/images/capi/packer/qemu/packer.json.tmpl +++ b/images/capi/packer/qemu/packer.json.tmpl @@ -142,6 +142,7 @@ "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "qemu", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", "containerd_version": "{{user `containerd_version`}}", "kubernetes_cni_deb_version": "{{ user `kubernetes_cni_deb_version` }}", @@ -186,6 +187,7 @@ "containerd_version": null, "containerd_image_pull_progress_timeout": null, "cpu_model": "host", + "containerd_enable_limit_no_file": "false", "containerd_service_url": "https://raw.githubusercontent.com/containerd/containerd/refs/tags/v{{user `containerd_version`}}/containerd.service", "runc_version": null, "cpus": "1", diff --git a/images/capi/packer/qemu/qemu-ubuntu-2604-efi.json b/images/capi/packer/qemu/qemu-ubuntu-2604-efi.json new file mode 100644 index 0000000000..46c250c6cd --- /dev/null +++ b/images/capi/packer/qemu/qemu-ubuntu-2604-efi.json @@ -0,0 +1,15 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04.efi/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604-efi", + "distribution_version": "2604", + "distro_name": "ubuntu", + "firmware": "OVMF.fd", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/releases/26.04/ubuntu-26.04-live-server-amd64.iso", + "memory": "4096", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "unmount_iso": "true" +} diff --git a/images/capi/packer/qemu/qemu-ubuntu-2604.json b/images/capi/packer/qemu/qemu-ubuntu-2604.json new file mode 100644 index 0000000000..6d9544e187 --- /dev/null +++ b/images/capi/packer/qemu/qemu-ubuntu-2604.json @@ -0,0 +1,14 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604", + "distribution_version": "2604", + "distro_name": "ubuntu", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/releases/26.04/ubuntu-26.04-live-server-amd64.iso", + "memory": "4096", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "unmount_iso": "true" +} diff --git a/images/capi/packer/raw/linux/ubuntu/http/26.04.efi/meta-data b/images/capi/packer/raw/linux/ubuntu/http/26.04.efi/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/raw/linux/ubuntu/http/26.04.efi/user-data.tmpl b/images/capi/packer/raw/linux/ubuntu/http/26.04.efi/user-data.tmpl new file mode 100644 index 0000000000..5657d3fb98 --- /dev/null +++ b/images/capi/packer/raw/linux/ubuntu/http/26.04.efi/user-data.tmpl @@ -0,0 +1,114 @@ +#cloud-config +# Copyright 2025 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + swap: + size: 0 + grub: + reorder_uefi: false + replace_linux_default: false + config: + - ptable: gpt + path: /dev/sda + wipe: superblock-recursive + preserve: false + name: '' + grub_device: false + type: disk + id: disk-sda + - device: disk-sda + size: 536870912 + wipe: superblock + flag: boot + number: 1 + preserve: false + grub_device: true + type: partition + id: partition-0 + - fstype: fat32 + volume: partition-0 + preserve: false + type: format + id: format-0 + - device: disk-sda + size: -1 + wipe: superblock + flag: '' + number: 2 + preserve: false + grub_device: false + type: partition + id: partition-1 + - fstype: ext4 + volume: partition-1 + preserve: false + type: format + id: format-1 + - path: / + device: format-1 + type: mount + id: mount-1 + - path: /boot/efi + device: format-0 + type: mount + id: mount-0 + apt: + fallback: offline-install + updates: 'all' + ssh: + install-server: true + allow-pw: true + + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Removes snapd, https://bugs.launchpad.net/subiquity/+bug/1946609 + # 5. Cleans up any packages that are no longer required + # 6. Removes the cached list of packages + late-commands: + - curtin in-target --target=/target -- swapoff -a + - curtin in-target --target=/target -- rm -f /swap.img + - curtin in-target --target=/target -- sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - chroot /target apt-get purge -y snapd + - curtin in-target --target=/target -- apt-get purge --auto-remove -y + - curtin in-target --target=/target -- apt-get clean + - curtin in-target --target=/target -- rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/raw/linux/ubuntu/http/26.04/meta-data b/images/capi/packer/raw/linux/ubuntu/http/26.04/meta-data new file mode 100644 index 0000000000..e69de29bb2 diff --git a/images/capi/packer/raw/linux/ubuntu/http/26.04/user-data.tmpl b/images/capi/packer/raw/linux/ubuntu/http/26.04/user-data.tmpl new file mode 100644 index 0000000000..e89ae2f3cc --- /dev/null +++ b/images/capi/packer/raw/linux/ubuntu/http/26.04/user-data.tmpl @@ -0,0 +1,92 @@ +#cloud-config +# Copyright 2025 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# For more information on how autoinstall is configured, please refer to +# https://ubuntu.com/server/docs/install/autoinstall-reference +autoinstall: + version: 1 + # Disable ssh server during installation, otherwise packer tries to connect and exceed max attempts + early-commands: + - systemctl stop ssh + # Configure the locale + locale: en_US.UTF-8 + keyboard: + layout: us + # For more information on how partitioning is configured, + # please refer to https://curtin.readthedocs.io/en/latest/topics/storage.html. + storage: + swap: + size: 0 + grub: + replace_linux_default: false + config: + - type: disk + id: disk-0 + size: largest + grub_device: true + preserve: false + ptable: msdos + wipe: superblock + - type: partition + id: partition-0 + device: disk-0 + size: -1 + number: 1 + preserve: false + flag: boot + - type: format + id: format-0 + volume: partition-0 + fstype: ext4 + preserve: false + - type: mount + id: mount-0 + device: format-0 + path: / + apt: + fallback: offline-install + updates: 'all' + ssh: + install-server: true + allow-pw: true + + # Create the default user. + # Ensures the "builder" user doesn't require a password to use sudo. + user-data: + users: + - name: builder + # openssl passwd -6 -salt -stdin <<< + passwd: $ENCRYPTED_SSH_PASSWORD + groups: [adm, cdrom, dip, plugdev, lxd, sudo] + lock-passwd: false + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + + # This command runs after all other steps; it: + # 1. Disables swapfiles + # 2. Removes the existing swapfile + # 3. Removes the swapfile entry from /etc/fstab + # 4. Removes snapd, https://bugs.launchpad.net/subiquity/+bug/1946609 + # 5. Cleans up any packages that are no longer required + # 6. Removes the cached list of packages + late-commands: + - curtin in-target --target=/target -- swapoff -a + - curtin in-target --target=/target -- rm -f /swap.img + - curtin in-target --target=/target -- sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab + - chroot /target apt-get purge -y snapd + - curtin in-target --target=/target -- apt-get purge --auto-remove -y + - curtin in-target --target=/target -- apt-get clean + - curtin in-target --target=/target -- rm -rf /var/lib/apt/lists/* diff --git a/images/capi/packer/raw/packer.json.tmpl b/images/capi/packer/raw/packer.json.tmpl index 652322341a..8c84ba4786 100644 --- a/images/capi/packer/raw/packer.json.tmpl +++ b/images/capi/packer/raw/packer.json.tmpl @@ -132,6 +132,7 @@ "OS": "{{user `distro_name` | lower}}", "OS_VERSION": "{{user `distro_version` | lower}}", "PROVIDER": "raw", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -158,6 +159,7 @@ "boot_media_path": "http://{{ .HTTPIP }}:{{ .HTTPPort }}", "boot_wait": "10s", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_version": null, diff --git a/images/capi/packer/raw/raw-ubuntu-2604-efi.json b/images/capi/packer/raw/raw-ubuntu-2604-efi.json new file mode 100644 index 0000000000..2044a5dd61 --- /dev/null +++ b/images/capi/packer/raw/raw-ubuntu-2604-efi.json @@ -0,0 +1,17 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04.efi/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604-efi", + "build_target": "raw", + "distro_arch": "amd64", + "distro_name": "ubuntu", + "distro_version": "26.04", + "distro_version_slug": "2604", + "firmware": "OVMF.fd", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/releases/26.04/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "unmount_iso": "true" +} diff --git a/images/capi/packer/raw/raw-ubuntu-2604.json b/images/capi/packer/raw/raw-ubuntu-2604.json new file mode 100644 index 0000000000..4b53e183b0 --- /dev/null +++ b/images/capi/packer/raw/raw-ubuntu-2604.json @@ -0,0 +1,16 @@ +{ + "boot_command_prefix": "clinux /casper/vmlinuz --- autoinstall ds='nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/26.04/'initrd /casper/initrdboot", + "build_name": "ubuntu-2604", + "build_target": "raw", + "distro_arch": "amd64", + "distro_name": "ubuntu", + "distro_version": "26.04", + "distro_version_slug": "2604", + "guest_os_type": "ubuntu-64", + "iso_checksum": "dec49008a71f6098d0bcfc822021f4d042d5f2db279e4d75bdd981304f1ca5d9", + "iso_checksum_type": "sha256", + "iso_url": "https://releases.ubuntu.com/releases/26.04/ubuntu-26.04-live-server-amd64.iso", + "os_display_name": "Ubuntu 26.04", + "shutdown_command": "shutdown -P now", + "unmount_iso": "true" +} diff --git a/images/capi/packer/scaleway/packer.json b/images/capi/packer/scaleway/packer.json index c091dfef36..faa3e96dad 100644 --- a/images/capi/packer/scaleway/packer.json +++ b/images/capi/packer/scaleway/packer.json @@ -56,6 +56,7 @@ "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "scaleway", + "containerd_enable_limit_no_file": "{{user `containerd_enable_limit_no_file`}}", "containerd_gvisor_runtime": "{{user `containerd_gvisor_runtime`}}", "containerd_gvisor_version": "{{user `containerd_gvisor_version`}}", "containerd_image_pull_progress_timeout": "{{user `containerd_image_pull_progress_timeout`}}", @@ -79,6 +80,7 @@ "ansible_scp_extra_args": "", "build_timestamp": "{{timestamp}}", "commercial_type": "DEV1-S", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/scaleway/ubuntu-2604.json b/images/capi/packer/scaleway/ubuntu-2604.json new file mode 100644 index 0000000000..a09945d444 --- /dev/null +++ b/images/capi/packer/scaleway/ubuntu-2604.json @@ -0,0 +1,6 @@ +{ + "build_name": "ubuntu-2604", + "distribution": "ubuntu", + "distribution_version": "2604", + "image": "ubuntu_resolute" +} diff --git a/images/capi/packer/vultr/packer.json b/images/capi/packer/vultr/packer.json index 208c4353a7..294ce2f7b4 100644 --- a/images/capi/packer/vultr/packer.json +++ b/images/capi/packer/vultr/packer.json @@ -37,6 +37,7 @@ "ansible_scp_extra_args": "", "api_key": "{{env `VULTR_API_KEY`}}", "build_timestamp": "{{timestamp}}", + "containerd_enable_limit_no_file": "false", "containerd_gvisor_runtime": "false", "containerd_gvisor_version": "latest", "containerd_image_pull_progress_timeout": null, diff --git a/images/capi/packer/vultr/ubuntu-2604.json b/images/capi/packer/vultr/ubuntu-2604.json new file mode 100644 index 0000000000..607a439b82 --- /dev/null +++ b/images/capi/packer/vultr/ubuntu-2604.json @@ -0,0 +1,6 @@ +{ + "build_name": "ubuntu-2604", + "os": "2760", + "snapshot_name_suffix": "on Ubuntu 26.04", + "source_image": "ubuntu-26-04-x64" +} diff --git a/images/capi/scripts/ci-azure-e2e.sh b/images/capi/scripts/ci-azure-e2e.sh index f80065a329..602c5683f4 100755 --- a/images/capi/scripts/ci-azure-e2e.sh +++ b/images/capi/scripts/ci-azure-e2e.sh @@ -29,16 +29,10 @@ CAPI_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. cd "${CAPI_ROOT}" || exit 1 export ARTIFACTS="${ARTIFACTS:-${PWD}/_artifacts}" -mkdir -p "${ARTIFACTS}/azure-sigs" "${ARTIFACTS}/azure-vhds" +mkdir -p "${ARTIFACTS}/azure-sigs" # Dynamically gets all targets and filters out the following: # - Any RHEL targets (because of subscription requirements) -VHD_CI_TARGETS=( $(make build-azure-vhds --recon -d | grep "Must remake" | \ - grep -v build-azure-vhds | grep -v deps- | \ - grep -v gen2 | grep -v cvm | \ - grep -E -v 'rhel' | \ - grep -E -o 'build-azure-vhd-[a-zA-Z0-9\-]+' | \ - sed -E 's/build-azure-vhd-([0-9a-z\-]*)/\1/' ) ) SIG_CI_TARGETS=( $(make build-azure-sigs --recon -d | grep "Must remake" | \ grep -v build-azure-sigs | grep -v deps- | \ grep -v cvm | \ @@ -124,35 +118,27 @@ export FLATCAR_VERSION="$(get_flatcar_version)" export PACKER_VAR_FILES="packer/azure/scripts/disable-windows-prepull.json scripts/ci-disable-goss-inspect.json" declare -A PIDS -if [[ "${AZURE_BUILD_FORMAT:-vhd}" == "sig" ]]; then - for target in ${SIG_CI_TARGETS[@]}; - do - login - make build-azure-sig-${target} > ${ARTIFACTS}/azure-sigs/${target}.log 2>&1 & - PIDS["sig-${target}"]=$! - done - - SELECTED_LOCATION="${AZURE_LOCATION}" - if [[ ! " ${VALID_CVM_LOCATIONS[*]} " =~ " ${SELECTED_LOCATION} " ]]; then - SELECTED_LOCATION="$(get_random_cvm_region)" - echo "AZURE_LOCATION=${AZURE_LOCATION} is invalid for Confidential VM targets. Valid CVM locations: ${VALID_CVM_LOCATIONS[*]}." - echo "Selected location is ${SELECTED_LOCATION}." - fi - - for target in ${SIG_CVM_CI_TARGETS[@]}; - do - login - AZURE_LOCATION="${SELECTED_LOCATION}" make build-azure-sig-${target} > ${ARTIFACTS}/azure-sigs/${target}.log 2>&1 & - PIDS["sig-${target}"]=$! - done -else - for target in ${VHD_CI_TARGETS[@]}; - do - make build-azure-vhd-${target} > ${ARTIFACTS}/azure-vhds/${target}.log 2>&1 & - PIDS["vhd-${target}"]=$! - done +for target in ${SIG_CI_TARGETS[@]}; +do + login + make build-azure-sig-${target} > ${ARTIFACTS}/azure-sigs/${target}.log 2>&1 & + PIDS["sig-${target}"]=$! +done + +SELECTED_LOCATION="${AZURE_LOCATION}" +if [[ ! " ${VALID_CVM_LOCATIONS[*]} " =~ " ${SELECTED_LOCATION} " ]]; then + SELECTED_LOCATION="$(get_random_cvm_region)" + echo "AZURE_LOCATION=${AZURE_LOCATION} is invalid for Confidential VM targets. Valid CVM locations: ${VALID_CVM_LOCATIONS[*]}." + echo "Selected location is ${SELECTED_LOCATION}." fi +for target in ${SIG_CVM_CI_TARGETS[@]}; +do + login + AZURE_LOCATION="${SELECTED_LOCATION}" make build-azure-sig-${target} > ${ARTIFACTS}/azure-sigs/${target}.log 2>&1 & + PIDS["sig-${target}"]=$! +done + # need to unset errexit so that failed child tasks don't cause script to exit set +o errexit exit_err=false diff --git a/images/capi/scripts/ci-goss-populate.sh b/images/capi/scripts/ci-goss-populate.sh index fa0b1b7de4..f06731f095 100755 --- a/images/capi/scripts/ci-goss-populate.sh +++ b/images/capi/scripts/ci-goss-populate.sh @@ -29,7 +29,7 @@ source hack/utils.sh ensure_py3 _version="v0.3.23" -_bin_url="https://github.com/goss-org/goss/releases/download/${_version}/goss-linux-amd64" +_bin_url="https://github.com/goss-org/goss/releases/download/${_version}/goss-linux-${HOSTARCH}" if ! command -v goss >/dev/null 2>&1; then if [[ ${HOSTOS} == "linux" ]]; then diff --git a/images/capi/scripts/ci-ova.sh b/images/capi/scripts/ci-ova.sh index 6a98a8540a..3b3d1546c2 100755 --- a/images/capi/scripts/ci-ova.sh +++ b/images/capi/scripts/ci-ova.sh @@ -29,10 +29,12 @@ export ARTIFACTS="${ARTIFACTS:-${PWD}/_artifacts}" # The following are currently having issues running in the # test environment so are specifically excluded for now # - Photon-4 +# - Ubuntu 26.04 (autoinstall never completes, hanging the job; see #2035) TARGETS=( $(make build-node-ova-vsphere-all --recon -d | grep "Must remake" | \ grep -v build-node-ova-vsphere-all | \ grep -E -v 'rhel|windows|efi' | \ grep -v build-node-ova-vsphere-photon-4 | \ + grep -v build-node-ova-vsphere-ubuntu-2604 | \ grep -E -o 'build-node-ova-vsphere-[a-zA-Z0-9\-]+' ) ) export BOSKOS_RESOURCE_OWNER=image-builder diff --git a/images/capi/scripts/ci-packer-validate.sh b/images/capi/scripts/ci-packer-validate.sh index 2a3221d784..f02135ab06 100755 --- a/images/capi/scripts/ci-packer-validate.sh +++ b/images/capi/scripts/ci-packer-validate.sh @@ -31,10 +31,11 @@ export PATH=${PYTHON_BIN_DIR:-"${HOME}/.local/bin"}:$PATH # OCI packer builder requires a valid private key file, hence creating a temporary one openssl genrsa -out /tmp/oci_api_key.pem 2048 -AZURE_LOCATION=fake RESOURCE_GROUP_NAME=fake STORAGE_ACCOUNT_NAME=fake \ +AZURE_LOCATION=fake RESOURCE_GROUP_NAME=fake \ DIGITALOCEAN_ACCESS_TOKEN=fake GCP_PROJECT_ID=fake \ OCI_AVAILABILITY_DOMAIN=fake OCI_SUBNET_OCID=fake OCI_USER_FINGERPRINT=fake \ OCI_TENANCY_OCID=fake OCI_USER_OCID=fake OCI_USER_KEY_FILE=/tmp/oci_api_key.pem \ + OXIDE_PROJECT=fake OXIDE_BOOT_DISK_IMAGE_ID=fake \ NUTANIX_ENDPOINT=fake NUTANIX_CLUSTER_NAME=fake NUTANIX_USERNAME=fake \ NUTANIX_PASSWORD=fake NUTANIX_SUBNET_NAME=fake \ HCLOUD_LOCATION=fake HCLOUD_TOKEN=fake \