Skip to content

Commit

Permalink
Merge branch 'master' into renovate/azuremonitor-containerinsights-ci…
Browse files Browse the repository at this point in the history 
…prod-3.1.x
  • Loading branch information
@AlisonB319
AlisonB319 authored Sep 24, 2024
2 parents 68d301f + be32da8 commit 80f9fa4
Show file tree
Hide file tree
Showing 23 changed files with 1,281 additions and 291 deletions.
5 changes: 5 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@ generate: bootstrap
./hack/tools/bin/cue export ./schemas/manifest.cue > ./parts/linux/cloud-init/artifacts/manifest.json
@echo "#EOF" >> ./parts/linux/cloud-init/artifacts/manifest.json
GENERATE_TEST_DATA="true" go test ./pkg/agent...
@$(MAKE) validate-prefetch
@echo "running validate-shell to make sure generated cse scripts are correct"
@$(MAKE) validate-shell
@echo "Running shellspec tests to validate shell/bash scripts"
Expand All @@ -107,6 +108,10 @@ generate: bootstrap
@echo "Error will be shown if any."
@$(MAKE) validate-components

.PHONY: validate-prefetch
validate-prefetch:
make -C ./vhdbuilder/prefetch generate

.PHONY: generate-azure-constants
generate-azure-constants:
python pkg/helpers/generate_azure_constants.py
Expand Down
2 changes: 1 addition & 1 deletion packer.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ evaluate-build-performance: az-login
generate-prefetch-scripts:
ifeq (${MODE},linuxVhdMode)
@echo "${MODE}: Generating prefetch scripts"
@bash -c "pushd vhdbuilder/prefetch; go run main.go --components-path=../../parts/linux/cloud-init/artifacts/components.json --output-path=../packer/prefetch.sh || exit 1; popd"
@bash -c "pushd vhdbuilder/prefetch; go run cmd/main.go --components-path=../../parts/linux/cloud-init/artifacts/components.json --output-path=../packer/prefetch.sh || exit 1; popd"
endif

build-nbcparser-all:
Expand Down
21 changes: 16 additions & 5 deletions parts/linux/cloud-init/artifacts/README-COMPONENTS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,16 +39,26 @@ Please refer to [components.cue](../../../../schemas/components.cue) for the mos
downloadURL: string
amd64OnlyVersions: [...string]
multiArchVersionsV2: [...#VersionV2]
prefetchOptimizations: [...#ContainerImagePrefetchOptimization]
}
```
```
#ContainerImagePrefetchOptimization: {
binaries: [...string]
}
#ContainerImagePrefetchOptimizations: {
latestVersion: #ContainerImagePrefetchOptimization
previousLatestVersion?: #ContainerImagePrefetchOptimization
}
#VersionV2: {
k8sVersion?: string
renovateTag?: string
latestVersion: string
previousLatestVersion?: string
k8sVersion?: string
renovateTag?: string
latestVersion: string
previousLatestVersion?: string
containerImagePrefetch?: #ContainerImagePrefetchOptimizations
}
```
`multiArchVersionsV2` is updated from `multiArchVersions` and is a list of `VersionV2`.
1. In `versionV2`, there are a few keys.
Expand All @@ -60,6 +70,7 @@ Please refer to [components.cue](../../../../schemas/components.cue) for the mos
- `renovateTag` must be exactly one line before `latestVersion` and the optional `previousLatestVersion`. `Renovate.json` requires this tag to parse the versions correctly.
- If you add anything other than the 2 types mentioned above, it won't be monitered by the current configurations of `renovate.json`. For example, you might see `"renovateTag": "<DO_NOT_UPDATE>"` which is actually equivalent to not having any `renovateTag`. Placing `"<DO_NOT_UPDATE>"` here is simply for human readability, but we still recommend including it for consistency and readability.
- `latestVersion` and `previousLatestVersion`: to keep the last 2 patch versions in the components.json as well as VHD and keep them auto-updated by Renovate, we will put the latest version in `latestVersion` and the previous latest version `previousLatestVersion`.
- `containerImagePrefetch` defines the prefetch optimization for the particular container image, if any. Each `ContainerImagePrefetchOptimizations` object must define a prefetch optimization _at least_ for the `latestVersion`, while optionally defining one of the `previousLatestVersion`. At the end of the day, a prefetch optimization is parameterized by an array of file paths pointing to binaries (relative to the FS of the container image, starting with `/`) to be prefetched during image builder optimization.

### Packages
`Packages` is a list of `Package` where a `package` has the following scehma:
Expand Down
161 changes: 76 additions & 85 deletions parts/linux/cloud-init/artifacts/components.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,55 +42,43 @@
}
]
},
{
"downloadURL": "mcr.microsoft.com/mirror/docker/library/busybox:*",
"amd64OnlyVersions": [],
"multiArchVersionsV2": [
{
"renovateTag": "registry=https://mcr.microsoft.com, name=mirror/docker/library/busybox",
"latestVersion": "1.35"
}
]
},
{
"downloadURL": "mcr.microsoft.com/containernetworking/azure-cni:*",
"amd64OnlyVersions": [],
"prefetchOptimizations": [
{
"version": "v1.5.32",
"binaries": [
"dropgz"
]
},
{
"version": "v1.5.35",
"binaries": [
"dropgz"
]
},
{
"version": "v1.6.5",
"binaries": [
"dropgz"
]
},
{
"version": "v1.6.7",
"binaries": [
"dropgz"
]
}
],
"multiArchVersionsV2": [
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-cni",
"latestVersion": "v1.5.35",
"previousLatestVersion": "v1.5.32"
"previousLatestVersion": "v1.5.32",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/dropgz"
]
},
"previousLatestVersion": {
"binaries": [
"/dropgz"
]
}
}
},
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-cni",
"latestVersion": "v1.6.7",
"previousLatestVersion": "v1.6.5"
"previousLatestVersion": "v1.6.5",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/dropgz"
]
},
"previousLatestVersion": {
"binaries": [
"/dropgz"
]
}
}
}
]
},
Expand All @@ -100,43 +88,48 @@
"multiArchVersionsV2": [
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-cns",
"latestVersion": "v1.4.52"
"latestVersion": "v1.4.52",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/usr/local/bin/azure-cns"
]
}
}
},
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-cns",
"latestVersion": "v1.5.35",
"previousLatestVersion": "v1.5.32"
"previousLatestVersion": "v1.5.32",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/usr/local/bin/azure-cns"
]
},
"previousLatestVersion": {
"binaries": [
"/usr/local/bin/azure-cns"
]
}
}
},
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-cns",
"latestVersion": "v1.6.7",
"previousLatestVersion": "v1.6.5"
}
],
"prefetchOptimizations": [
{
"version": "v1.5.32",
"binaries": [
"usr/local/bin/azure-cns"
]
},
{
"version": "v1.5.35",
"binaries": [
"usr/local/bin/azure-cns"
]
},
{
"version": "v1.6.5",
"binaries": [
"usr/local/bin/azure-cns"
]
},
{
"version": "v1.6.7",
"binaries": [
"usr/local/bin/azure-cns"
]
"previousLatestVersion": "v1.6.5",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/usr/local/bin/azure-cns"
]
},
"previousLatestVersion": {
"binaries": [
"/usr/local/bin/azure-cns"
]
}
}
}
]
},
Expand All @@ -146,15 +139,14 @@
"multiArchVersionsV2": [
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/azure-ipam",
"latestVersion": "v0.2.0"
}
],
"prefetchOptimizations": [
{
"version": "v0.2.0",
"binaries": [
"dropgz"
]
"latestVersion": "v0.2.0",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/dropgz"
]
}
}
}
]
},
Expand All @@ -164,15 +156,14 @@
"multiArchVersionsV2": [
{
"renovateTag": "registry=https://mcr.microsoft.com, name=containernetworking/cni-dropgz",
"latestVersion": "v0.0.20"
}
],
"prefetchOptimizations": [
{
"version": "v0.0.20",
"binaries": [
"dropgz"
]
"latestVersion": "v0.0.20",
"containerImagePrefetch": {
"latestVersion": {
"binaries": [
"/dropgz"
]
}
}
}
]
},
Expand Down
16 changes: 10 additions & 6 deletions schemas/components.cue
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,28 @@
package components

#ContainerImagePrefetchOptimization: {
version: string
binaries: [...string]
}

#ContainerImagePrefetchOptimizations: {
latestVersion: #ContainerImagePrefetchOptimization
previousLatestVersion?: #ContainerImagePrefetchOptimization
}

#ContainerImage: {
downloadURL: string
amd64OnlyVersions: [...string]
multiArchVersionsV2: [...#VersionV2]
prefetchOptimizations: [...#ContainerImagePrefetchOptimization]
}

#Images: [...#ContainerImage]
#Packages: [...#Package]
#VersionV2: {
k8sVersion?: string
renovateTag?: string
latestVersion: string
previousLatestVersion?: string
k8sVersion?: string
renovateTag?: string
latestVersion: string
previousLatestVersion?: string
containerImagePrefetch?: #ContainerImagePrefetchOptimizations
}

#ReleaseDownloadURI: {
Expand Down
67 changes: 48 additions & 19 deletions vhdbuilder/packer/init-variables.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -243,26 +243,55 @@ if [[ "$MODE" == "linuxVhdMode" || "$MODE" == "windowsVhdMode" ]]; then
--gallery-image-definition ${SIG_IMAGE_NAME}) || id=""
if [ -z "$id" ]; then
echo "Creating image definition ${SIG_IMAGE_NAME} in gallery ${SIG_GALLERY_NAME} resource group ${AZURE_RESOURCE_GROUP_NAME}"
TARGET_COMMAND_STRING=""
if [[ ${ARCHITECTURE,,} == "arm64" ]]; then
TARGET_COMMAND_STRING+="--architecture Arm64"
elif [[ ${IMG_SKU} == "20_04-lts-cvm" ]]; then
TARGET_COMMAND_STRING+="--features SecurityType=ConfidentialVMSupported"
elif [[ ${ENABLE_TRUSTED_LAUNCH} == "True" ]]; then
TARGET_COMMAND_STRING+="--features SecurityType=TrustedLaunch"
# The following conditionals do not require NVMe tagging on disk controller type
if [[ ${ARCHITECTURE,,} == "arm64" ]] || [[ ${IMG_SKU} == "20_04-lts-cvm" ]] || [[ ${HYPERV_GENERATION} == "V1" ]]; then
TARGET_COMMAND_STRING=""
if [[ ${ARCHITECTURE,,} == "arm64" ]]; then
TARGET_COMMAND_STRING+="--architecture Arm64"
elif [[ ${IMG_SKU} == "20_04-lts-cvm" ]]; then
TARGET_COMMAND_STRING+="--features SecurityType=ConfidentialVMSupported"
fi

az sig image-definition create \
--resource-group ${AZURE_RESOURCE_GROUP_NAME} \
--gallery-name ${SIG_GALLERY_NAME} \
--gallery-image-definition ${SIG_IMAGE_NAME} \
--publisher microsoft-aks \
--offer ${SIG_GALLERY_NAME} \
--sku ${SIG_IMAGE_NAME} \
--os-type ${OS_TYPE} \
--hyper-v-generation ${HYPERV_GENERATION} \
--location ${AZURE_LOCATION} \
${TARGET_COMMAND_STRING}
else
# TL can only be enabled on Gen2 VMs, therefore if TL enabled = true, mark features for both TL and NVMe
if [[ ${ENABLE_TRUSTED_LAUNCH} == "True" ]]; then
az sig image-definition create \
--resource-group ${AZURE_RESOURCE_GROUP_NAME} \
--gallery-name ${SIG_GALLERY_NAME} \
--gallery-image-definition ${SIG_IMAGE_NAME} \
--publisher microsoft-aks \
--offer ${SIG_GALLERY_NAME} \
--sku ${SIG_IMAGE_NAME} \
--os-type ${OS_TYPE} \
--hyper-v-generation ${HYPERV_GENERATION} \
--location ${AZURE_LOCATION} \
--features "DiskControllerTypes=SCSI,NVMe SecurityType=TrustedLaunch"
else
# For vanilla Gen2, mark only NVMe
az sig image-definition create \
--resource-group ${AZURE_RESOURCE_GROUP_NAME} \
--gallery-name ${SIG_GALLERY_NAME} \
--gallery-image-definition ${SIG_IMAGE_NAME} \
--publisher microsoft-aks \
--offer ${SIG_GALLERY_NAME} \
--sku ${SIG_IMAGE_NAME} \
--os-type ${OS_TYPE} \
--hyper-v-generation ${HYPERV_GENERATION} \
--location ${AZURE_LOCATION} \
--features DiskControllerTypes=SCSI,NVMe
fi
fi

az sig image-definition create \
--resource-group ${AZURE_RESOURCE_GROUP_NAME} \
--gallery-name ${SIG_GALLERY_NAME} \
--gallery-image-definition ${SIG_IMAGE_NAME} \
--publisher microsoft-aks \
--offer ${SIG_GALLERY_NAME} \
--sku ${SIG_IMAGE_NAME} \
--os-type ${OS_TYPE} \
--hyper-v-generation ${HYPERV_GENERATION} \
--location ${AZURE_LOCATION} \
${TARGET_COMMAND_STRING}
else
echo "Image definition ${SIG_IMAGE_NAME} existing in gallery ${SIG_GALLERY_NAME} resource group ${AZURE_RESOURCE_GROUP_NAME}"
fi
Expand Down
Loading

0 comments on commit 80f9fa4

Please sign in to comment.