diff --git a/README.md b/README.md index 5493ff670a..c4b4b93d60 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Image Builder -## Please see our [Book](https://image-builder.sigs.k8s.io) for more in-depth documentation. +## Please see our [Book](https://image-builder.sigs.k8s.io) for more in-depth documentation ## What is Image Builder? @@ -20,28 +20,29 @@ The table below shows the currently provided operating systems for each provider - ✅: Image is available for the provider - ❌: Image is not available for the provider -| OS | ami | azure | digitalocean | gce | hcloud | huaweicloud | maas | nutanix | oci | openstack | outscale | ova | powervs | proxmox | qemu | raw | scaleway | vultr | +| OS | ami | azure | digitalocean | gce | hcloud | huaweicloud | maas | nutanix | oci | openstack | outscale | ova | powervs | proxmox | qemu | raw | scaleway | vultr | |-------------------|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----| -| Amazon Linux 2 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Amazon Linux 2023 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Azure Linux 3 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| CentOS 8 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | -| CentOS 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | -| Flatcar | ✅ | 💙 | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | -| Oracle Linux 8 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Oracle Linux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Photon 4 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Photon 5 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| RHEL 8 | ✅ | ✅ | ❌ | 💙 | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | -| RHEL 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | -| Rocky Linux 8 | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | -| Rocky Linux 9 | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ❌ | ✅ | ❌ | -| Ubuntu 22.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Ubuntu 24.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Windows 2019 | ✅ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows 2022 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows 2025 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Windows Annual | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Amazon Linux 2 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Amazon Linux 2023 | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Azure Linux 3 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| CentOS 8 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | +| CentOS 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ❌ | ❌ | +| Flatcar | ✅ | 💙 | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | +| Oracle Linux 8 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Oracle Linux 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Photon 4 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Photon 5 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| RHEL 8 | ✅ | ✅ | ❌ | 💙 | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | +| RHEL 9 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | +| Rocky Linux 8 | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | +| Rocky Linux 9 | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | 💙 | ❌ | ✅ | ✅ | ❌ | ✅ | ❌ | +| Ubuntu 22.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Ubuntu 24.04 | ✅ | 💙 | ✅ | 💙 | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | 💙 | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Ubuntu 24.04 ARM64 | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows 2019 | ✅ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows 2022 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows 2025 | ❌ | 💙 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Windows Annual | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ## Community, discussion, contribution, and support diff --git a/images/capi/Makefile b/images/capi/Makefile index 7dec9c232f..12bf799262 100644 --- a/images/capi/Makefile +++ b/images/capi/Makefile @@ -295,6 +295,12 @@ COMMON_NODE_VAR_FILES := packer/config/kubernetes.json \ packer/config/additional_components.json \ packer/config/ecr_credential_provider.json +COMMON_AMD64_NODE_VAR_FILES := ${COMMON_NODE_VAR_FILES} \ + packer/config/amd64/common.json + +COMMON_ARM64_NODE_VAR_FILES := ${COMMON_NODE_VAR_FILES} \ + packer/config/arm64/common.json + COMMON_WINDOWS_VAR_FILES := packer/config/kubernetes.json \ packer/config/windows/kubernetes.json \ packer/config/containerd.json \ @@ -326,7 +332,10 @@ COMMON_POWERVS_VAR_FILES := packer/config/kubernetes.json \ # files from COMMON_VAR_FILES, with each file prefixed by -var-file=. # # Any existing values from PACKER_FLAGS take precendence over variable files. -PACKER_NODE_FLAGS := $(foreach f,$(abspath $(COMMON_NODE_VAR_FILES)),-var-file="$(f)" ) \ +PACKER_NODE_FLAGS := $(foreach f,$(abspath $(COMMON_AMD64_NODE_VAR_FILES)),-var-file="$(f)" ) \ + $(PACKER_FLAGS) +# ARM64 needs to use a different Ubuntu repository (ports.ubuntu.com) for source packages. +PACKER_ARM64_NODE_FLAGS := $(foreach f,$(abspath $(COMMON_ARM64_NODE_VAR_FILES)),-var-file="$(f)" ) \ $(PACKER_FLAGS) ABSOLUTE_PACKER_VAR_FILES := $(foreach f,$(abspath $(PACKER_VAR_FILES)),-var-file="$(f)" ) PACKER_WINDOWS_NODE_FLAGS := $(foreach f,$(abspath $(COMMON_WINDOWS_VAR_FILES)),-var-file="$(f)" ) \ @@ -375,10 +384,12 @@ GCE_BUILD_NAMES ?= gce-ubuntu-2204 gce-ubuntu-2404 gce-rhel-8 VHD_TARGETS := $(shell grep VHD_TARGETS azure_targets.sh | sed 's/VHD_TARGETS=//' | tr -d \") SIG_TARGETS := $(shell grep SIG_TARGETS azure_targets.sh | sed 's/SIG_TARGETS=//' | tr -d \") SIG_GEN2_TARGETS := $(shell grep SIG_GEN2_TARGETS azure_targets.sh | sed 's/SIG_GEN2_TARGETS=//' | tr -d \") +SIG_ARM64_GEN2_TARGETS := $(shell grep SIG_ARM64_GEN2_TARGETS azure_targets.sh | sed 's/SIG_ARM64_GEN2_TARGETS=//' | tr -d \") SIG_CVM_TARGETS := $(shell grep SIG_CVM_TARGETS azure_targets.sh | sed 's/SIG_CVM_TARGETS=//' | tr -d \") AZURE_BUILD_VHD_NAMES ?= $(addprefix azure-vhd-,$(VHD_TARGETS)) AZURE_BUILD_SIG_NAMES ?= $(addprefix azure-sig-,$(SIG_TARGETS)) AZURE_BUILD_SIG_GEN2_NAMES ?= $(addsuffix -gen2,$(addprefix azure-sig-,$(SIG_GEN2_TARGETS))) +AZURE_BUILD_SIG_ARM64_GEN2_NAMES ?= $(addsuffix -gen2,$(addprefix azure-sig-arm64-,$(SIG_ARM64_GEN2_TARGETS))) AZURE_BUILD_SIG_CVM_NAMES ?= $(addsuffix -cvm,$(addprefix azure-sig-,$(SIG_CVM_TARGETS))) OCI_BUILD_NAMES ?= oci-ubuntu-2204 oci-oracle-linux-8 oci-oracle-linux-9 oci-windows-2019 oci-windows-2022 @@ -427,9 +438,11 @@ AZURE_BUILD_VHD_TARGETS := $(addprefix build-,$(AZURE_BUILD_VHD_NAMES)) AZURE_VALIDATE_VHD_TARGETS := $(addprefix validate-,$(AZURE_BUILD_VHD_NAMES)) AZURE_BUILD_SIG_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_NAMES)) AZURE_BUILD_SIG_GEN2_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_GEN2_NAMES)) +AZURE_BUILD_SIG_ARM64_GEN2_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_ARM64_GEN2_NAMES)) AZURE_BUILD_SIG_CVM_TARGETS := $(addprefix build-,$(AZURE_BUILD_SIG_CVM_NAMES)) AZURE_VALIDATE_SIG_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_NAMES)) AZURE_VALIDATE_SIG_GEN2_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_GEN2_NAMES)) +AZURE_VALIDATE_SIG_ARM64_GEN2_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_ARM64_GEN2_NAMES)) AZURE_VALIDATE_SIG_CVM_TARGETS := $(addprefix validate-,$(AZURE_BUILD_SIG_CVM_NAMES)) DO_BUILD_TARGETS := $(addprefix build-,$(DO_BUILD_NAMES)) DO_VALIDATE_TARGETS := $(addprefix validate-,$(DO_BUILD_NAMES)) @@ -528,6 +541,10 @@ $(AZURE_BUILD_SIG_TARGETS): deps-azure $(AZURE_BUILD_SIG_GEN2_TARGETS): deps-azure . $(abspath packer/azure/scripts/init-sig.sh) $(subst build-azure-sig-,,$@) && $(PACKER) build $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-sig-gen2.json)" -var-file="$(abspath packer/azure/$(subst build-azure-sig-,,$@).json)" -only="$(subst build-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json +.PHONY: $(AZURE_BUILD_SIG_ARM64_GEN2_TARGETS) +$(AZURE_BUILD_SIG_ARM64_GEN2_TARGETS): deps-azure + . $(abspath packer/azure/scripts/init-sig.sh) $(subst build-azure-sig-,,$@) && $(PACKER) build $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_ARM64_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-sig-gen2.json)" -var-file="$(abspath packer/azure/$(subst build-azure-sig-,,$@).json)" -only="$(subst build-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json + .PHONY: $(AZURE_BUILD_SIG_CVM_TARGETS) $(AZURE_BUILD_SIG_CVM_TARGETS): deps-azure . $(abspath packer/azure/scripts/init-sig.sh) $(subst build-azure-sig-,,$@) && $(PACKER) build $(if $(findstring windows,$@),$(PACKER_WINDOWS_NODE_FLAGS),$(PACKER_NODE_FLAGS)) -var-file="$(abspath packer/azure/azure-config.json)" -var-file="$(abspath packer/azure/azure-sig-cvm.json)" -var-file="$(abspath packer/azure/$(subst build-azure-sig-,,$@).json)" -only="$(subst build-azure-,,$@)" $(ABSOLUTE_PACKER_VAR_FILES) packer/azure/packer$(findstring -windows,$@).json diff --git a/images/capi/ansible/roles/containerd/tasks/main.yml b/images/capi/ansible/roles/containerd/tasks/main.yml index cd0368f0b8..3c53467cad 100644 --- a/images/capi/ansible/roles/containerd/tasks/main.yml +++ b/images/capi/ansible/roles/containerd/tasks/main.yml @@ -43,16 +43,32 @@ dest: /tmp/runc mode: "0600" -- name: Download containerd-wasm-shims +- name: Download containerd-wasm-shims for AMD64 vars: - sha256sums: "{{ containerd_wasm_shims_sha256 | from_json }}" + sha256sums: "{{ containerd_wasm_shims_sha256_amd64 | from_json }}" runtime_versions: "{{ containerd_wasm_shims_runtime_versions | from_json }}" ansible.builtin.get_url: - url: "{{ containerd_wasm_shims_url | replace('', item) | replace('', runtime_versions[item]) }}" + url: "{{ containerd_wasm_shims_url | replace('', item) | replace('', runtime_versions[item]) | replace('', ansible_architecture) }}" checksum: sha256:{{ sha256sums[item] }} dest: /tmp/{{ item }}_wasm_shim.tar.gz mode: "0600" - when: containerd_wasm_shims_runtimes | length > 0 + when: >- + containerd_wasm_shims_runtimes | length > 0 + and ansible_architecture == 'x86_64' + loop: "{{ containerd_wasm_shims_runtimes | split(',') }}" + +- name: Download containerd-wasm-shims for ARM64 + vars: + sha256sums: "{{ containerd_wasm_shims_sha256_aarch64 | from_json }}" + runtime_versions: "{{ containerd_wasm_shims_runtime_versions | from_json }}" + ansible.builtin.get_url: + url: "{{ containerd_wasm_shims_url | replace('', item) | replace('', runtime_versions[item]) | replace('', ansible_architecture) }}" + checksum: sha256:{{ sha256sums[item] }} + dest: /tmp/{{ item }}_wasm_shim.tar.gz + mode: "0600" + when: >- + containerd_wasm_shims_runtimes | length > 0 + and ansible_architecture == 'aarch64' loop: "{{ containerd_wasm_shims_runtimes | split(',') }}" - name: Create a directory if it does not exist diff --git a/images/capi/ansible/roles/node/defaults/main.yml b/images/capi/ansible/roles/node/defaults/main.yml index 7865a18d08..ed491847bd 100644 --- a/images/capi/ansible/roles/node/defaults/main.yml +++ b/images/capi/ansible/roles/node/defaults/main.yml @@ -107,6 +107,11 @@ common_virt_debs: - linux-tools-virtual - open-vm-tools +common_virt_azure_debs: + - linux-cloud-tools-azure + - linux-tools-azure + - open-vm-tools + common_virt_photon_rpms: - open-vm-tools diff --git a/images/capi/ansible/roles/node/meta/main.yml b/images/capi/ansible/roles/node/meta/main.yml index b798165d1c..6504094b9d 100644 --- a/images/capi/ansible/roles/node/meta/main.yml +++ b/images/capi/ansible/roles/node/meta/main.yml @@ -46,9 +46,16 @@ dependencies: when: > ansible_distribution not in ["VMware Photon OS", "Amazon"] and not (packer_builder_type == "oracle-oci" and ansible_architecture == "aarch64") + and not packer_builder_type == "azure-arm" and not packer_builder_type is search('qemu') - role: setup vars: rpms: "{{ common_rpms + azurelinux_rpms + lookup('vars', 'common_' + build_target + '_rpms') }}" when: ansible_distribution in ["Common Base Linux Mariner", "Microsoft Azure Linux"] + + - role: setup + vars: + debs: "{{ common_debs + lookup('vars', 'common_virt_azure_debs') }}" + when: >- + packer_builder_type == "azure-arm" diff --git a/images/capi/ansible/roles/setup/tasks/debian.yml b/images/capi/ansible/roles/setup/tasks/debian.yml index 41e0fd631e..ce694db810 100644 --- a/images/capi/ansible/roles/setup/tasks/debian.yml +++ b/images/capi/ansible/roles/setup/tasks/debian.yml @@ -23,14 +23,23 @@ # As a result the there is change in format source configurations and location when: (packer_builder_type != "oracle-oci") and ((ansible_distribution == "Ubuntu") and (ansible_distribution_major_version is version('24', '<'))) -- name: Put templated ubuntu.sources in place +- name: Put templated ubuntu.sources in place (x86 variant) ansible.builtin.template: src: etc/apt/sources.list.d/ubuntu.sources.j2 dest: /etc/apt/sources.list.d/ubuntu.sources mode: "0644" # Ubuntu 24.04 has changed to deb822 source management # As a result the there is change in format source configurations and location - when: (ansible_distribution == "Ubuntu") and (ansible_distribution_major_version is version('24', '>=')) + when: (ansible_distribution == "Ubuntu") and (ansible_distribution_major_version is version('24', '>=')) and (ansible_architecture == "x86_64") + +- name: Put templated ubuntu.sources in place (arm64 variant) + ansible.builtin.template: + src: etc/apt/sources.list.d/ubuntu.sources.arm64.j2 + dest: /etc/apt/sources.list.d/ubuntu.sources + mode: "0644" + # Ubuntu 24.04 has changed to deb822 source management + # As a result the there is change in format source configurations and location + when: (ansible_distribution == "Ubuntu") and (ansible_distribution_major_version is version('24', '>=')) and (ansible_architecture == "aarch64") - name: Put templated apt.conf.d/90proxy in place when defined ansible.builtin.template: diff --git a/images/capi/ansible/roles/setup/templates/etc/apt/sources.list.d/ubuntu.sources.arm64.j2 b/images/capi/ansible/roles/setup/templates/etc/apt/sources.list.d/ubuntu.sources.arm64.j2 new file mode 100644 index 0000000000..aed8d7210f --- /dev/null +++ b/images/capi/ansible/roles/setup/templates/etc/apt/sources.list.d/ubuntu.sources.arm64.j2 @@ -0,0 +1,11 @@ +Types: deb +URIs: http://us.ports.ubuntu.com/ +Suites: {{ ansible_distribution_release }} {{ ansible_distribution_release }}-updates {{ ansible_distribution_release }}-backports +Components: main restricted universe multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg + +Types: deb +URIs: http://us.ports.ubuntu.com/ +Suites: {{ ansible_distribution_release }}-security +Components: main restricted universe multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/images/capi/azure_targets.sh b/images/capi/azure_targets.sh index 88a428dad0..545c1cf16b 100644 --- a/images/capi/azure_targets.sh +++ b/images/capi/azure_targets.sh @@ -1,4 +1,5 @@ VHD_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 rhel-8 windows-2019-containerd windows-2022-containerd" SIG_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 rhel-8 windows-2019-containerd windows-2022-containerd windows-2025-containerd flatcar" -SIG_GEN2_TARGETS="ubuntu-2204 ubuntu-2404 azurelinux-3 flatcar" +SIG_GEN2_TARGETS="ubuntu-2204 ubuntu-2404 ubuntu-2404-arm64 azurelinux-3 flatcar" +SIG_ARM64_GEN2_TARGETS="ubuntu-2404-arm64" SIG_CVM_TARGETS="ubuntu-2204 ubuntu-2404 windows-2019-containerd windows-2022-containerd" diff --git a/images/capi/packer/azure/packer.json b/images/capi/packer/azure/packer.json index f4de234784..9a434f1bfb 100644 --- a/images/capi/packer/azure/packer.json +++ b/images/capi/packer/azure/packer.json @@ -56,8 +56,8 @@ "image_sku": "{{user `image_sku`}}", "image_version": "{{user `image_version`}}", "location": "{{user `azure_location`}}", - "managed_image_name": "{{user `image_name`}}-{{user `build_timestamp`}}", - "managed_image_resource_group_name": "{{user `resource_group_name`}}", + "managed_image_name": "{{user `managed_image_name`}}", + "managed_image_resource_group_name": "{{user `managed_image_resource_group_name`}}", "managed_image_storage_account_type": "{{user `managed_image_storage_account_type`}}", "name": "sig-{{user `build_name`}}", "os_disk_size_gb": "{{user `os_disk_size_gb`}}", @@ -166,15 +166,13 @@ "remote_folder": "{{user `goss_remote_folder`}}", "remote_path": "{{user `goss_remote_path`}}", "skip_install": "{{user `goss_skip_install`}}", - "tests": [ - "{{user `goss_tests_dir`}}" - ], + "tests": ["{{user `goss_tests_dir`}}"], "type": "goss", "url": "{{user `goss_url`}}", "use_sudo": true, "vars_file": "{{user `goss_vars_file`}}", "vars_inline": { - "ARCH": "amd64", + "ARCH": "{{ user `goss_arch` }}", "OS": "{{user `distribution` | lower}}", "OS_VERSION": "{{user `distribution_version` | lower}}", "PROVIDER": "azure", @@ -194,9 +192,7 @@ "version": "{{user `goss_version`}}" }, { - "environment_vars": [ - "BUILD_NAME={{user `build_name`}}" - ], + "environment_vars": ["BUILD_NAME={{user `build_name`}}"], "inline": [ "if [[ $BUILD_NAME != \"flatcar\"* ]]; then exit 0; fi", "sudo PATH=\"$PATH:/usr/share/oem/python/bin:/usr/share/oem/bin\" bash -c \"waagent -force -deprovision && userdel -f -r $USER && ln -sf ../run/systemd/resolve/resolv.conf /etc/resolv.conf && sync\"" @@ -211,6 +207,7 @@ "ansible_extra_vars": "", "ansible_scp_extra_args": "", "ansible_user_vars": "", + "arch": "amd64", "azure_location": null, "build_name": null, "build_resource_group_name": "{{ env `BUILD_RESOURCE_GROUP_NAME` }}", @@ -232,6 +229,7 @@ "distribution_version": null, "exclude_from_latest": "false", "existing_ansible_ssh_args": "{{env `ANSIBLE_SSH_ARGS`}}", + "goss_arch": "amd64", "ib_version": "{{env `IB_VERSION`}}", "image_offer": "", "image_publisher": "", @@ -256,6 +254,8 @@ "kubernetes_semver": null, "kubernetes_series": null, "kubernetes_source_type": null, + "managed_image_name": "{{user `image_name`}}-{{user `build_timestamp`}}", + "managed_image_resource_group_name": "{{user `resource_group_name`}}", "managed_image_storage_account_type": "{{user `storage_account_type`}}", "manifest_output": "manifest.json", "os_disk_size_gb": "", diff --git a/images/capi/packer/azure/scripts/init-sig.sh b/images/capi/packer/azure/scripts/init-sig.sh index 730c55b943..900d68c080 100755 --- a/images/capi/packer/azure/scripts/init-sig.sh +++ b/images/capi/packer/azure/scripts/init-sig.sh @@ -136,6 +136,7 @@ create_image_definition() { --hyper-v-generation ${3} \ --os-type ${4} \ --features ${5:-''} \ + --architecture ${6:-'x64'} \ "${plan_args[@]}" # TODO: Delete this line after the image is GA fi } @@ -186,6 +187,9 @@ case ${SIG_TARGET} in ubuntu-2404-gen2) create_image_definition ${SIG_TARGET} "24_04-lts-gen2" "V2" "Linux" ;; + ubuntu-2404-arm64-gen2) + create_image_definition ${SIG_TARGET} "24_04-lts-arm64-gen2" "V2" "Linux" "" "Arm64" + ;; ubuntu-2404-cvm) create_image_definition ${SIG_TARGET} "24_04-lts-cvm" "V2" "Linux" ${SECURITY_TYPE_CVM_SUPPORTED_FEATURE} ;; diff --git a/images/capi/packer/azure/ubuntu-2404-arm64-gen2.json b/images/capi/packer/azure/ubuntu-2404-arm64-gen2.json new file mode 100644 index 0000000000..1b3a3a3cd1 --- /dev/null +++ b/images/capi/packer/azure/ubuntu-2404-arm64-gen2.json @@ -0,0 +1,16 @@ +{ + "arch": "arm64", + "build_name": "ubuntu-2404-arm64-gen2", + "distribution": "ubuntu", + "distribution_release": "noble", + "distribution_version": "2404-arm64", + "goss_arch": "arm64", + "goss_inspect_mode": "true", + "image_offer": "ubuntu-24_04-lts", + "image_publisher": "Canonical", + "image_sku": "server-arm64", + "managed_image_name": "", + "managed_image_resource_group_name": "", + "managed_image_storage_account_type": "", + "vm_size": "Standard_D2ps_v6" +} diff --git a/images/capi/packer/config/amd64/common.json b/images/capi/packer/config/amd64/common.json new file mode 100644 index 0000000000..5e8946ab17 --- /dev/null +++ b/images/capi/packer/config/amd64/common.json @@ -0,0 +1,4 @@ +{ + "ubuntu_security_repo": "http://security.ubuntu.com/ubuntu", + "ubuntu_repo": "http://us.archive.ubuntu.com/ubuntu" +} diff --git a/images/capi/packer/config/ansible-args.json b/images/capi/packer/config/ansible-args.json index eb2906c1ae..d35f25228a 100644 --- a/images/capi/packer/config/ansible-args.json +++ b/images/capi/packer/config/ansible-args.json @@ -1,5 +1,5 @@ { "ansible_common_ssh_args": "-o IdentitiesOnly=yes", - "ansible_common_vars": "containerd_gvisor_runtime={{user `containerd_gvisor_runtime`}} containerd_gvisor_version={{user `containerd_gvisor_version`}} containerd_sha256={{user `containerd_sha256`}} pause_image={{user `pause_image`}} containerd_additional_settings={{user `containerd_additional_settings`}} containerd_cri_socket={{user `containerd_cri_socket`}} containerd_version={{user `containerd_version`}} containerd_wasm_shims_url={{user `containerd_wasm_shims_url`}} containerd_wasm_shims_version={{user `containerd_wasm_shims_version`}} containerd_wasm_shims_sha256={{user `containerd_wasm_shims_sha256`}} containerd_wasm_shims_runtimes=\"{{user `containerd_wasm_shims_runtimes`}}\" containerd_wasm_shims_runtime_versions=\"{{user `containerd_wasm_shims_runtime_versions`}}\" crictl_version={{user `crictl_version`}} custom_role_names=\"{{user `custom_role_names`}}\" firstboot_custom_roles_pre=\"{{user `firstboot_custom_roles_pre`}}\" firstboot_custom_roles_post=\"{{user `firstboot_custom_roles_post`}}\" node_custom_roles_pre=\"{{user `node_custom_roles_pre`}}\" node_custom_roles_post=\"{{user `node_custom_roles_post`}}\" node_custom_roles_post_sysprep=\"{{user `node_custom_roles_post_sysprep`}}\" disable_public_repos={{user `disable_public_repos`}} extra_debs=\"{{user `extra_debs`}}\" extra_repos=\"{{user `extra_repos`}}\" extra_rpms=\"{{user `extra_rpms`}}\" http_proxy={{user `http_proxy`}} https_proxy={{user `https_proxy`}} kubeadm_template={{user `kubeadm_template`}} kubernetes_apiserver_port={{user `kubernetes_apiserver_port`}} kubernetes_cni_http_source={{user `kubernetes_cni_http_source`}} kubernetes_http_source={{user `kubernetes_http_source`}} kubernetes_container_registry={{user `kubernetes_container_registry`}} kubernetes_rpm_repo={{user `kubernetes_rpm_repo`}} kubernetes_rpm_gpg_key={{user `kubernetes_rpm_gpg_key`}} kubernetes_rpm_gpg_check={{user `kubernetes_rpm_gpg_check`}} kubernetes_deb_repo={{user `kubernetes_deb_repo`}} kubernetes_deb_gpg_key={{user `kubernetes_deb_gpg_key`}} kubernetes_cni_deb_version={{user `kubernetes_cni_deb_version`}} kubernetes_cni_rpm_version={{user `kubernetes_cni_rpm_version`}} kubernetes_cni_semver={{user `kubernetes_cni_semver`}} kubernetes_cni_source_type={{user `kubernetes_cni_source_type`}} kubernetes_semver={{user `kubernetes_semver`}} kubernetes_source_type={{user `kubernetes_source_type`}} kubernetes_load_additional_imgs={{user `kubernetes_load_additional_imgs`}} kubernetes_deb_version={{user `kubernetes_deb_version`}} kubernetes_rpm_version={{user `kubernetes_rpm_version`}} no_proxy={{user `no_proxy`}} pip_conf_file={{user `pip_conf_file`}} python_path={{user `python_path`}} redhat_epel_rpm={{user `redhat_epel_rpm`}} epel_rpm_gpg_key={{user `epel_rpm_gpg_key`}} reenable_public_repos={{user `reenable_public_repos`}} remove_extra_repos={{user `remove_extra_repos`}} systemd_prefix={{user `systemd_prefix`}} sysusr_prefix={{user `sysusr_prefix`}} sysusrlocal_prefix={{user `sysusrlocal_prefix`}} load_additional_components={{ user `load_additional_components`}} additional_registry_images={{ user `additional_registry_images`}} additional_registry_images_list={{ user `additional_registry_images_list`}} ecr_credential_provider={{ user `ecr_credential_provider` }} additional_url_images={{ user `additional_url_images`}} additional_url_images_list={{ user `additional_url_images_list`}} additional_executables={{ user `additional_executables`}} additional_executables_list={{ user `additional_executables_list`}} additional_executables_destination_path={{ user `additional_executables_destination_path`}} additional_s3={{ user `additional_s3`}} build_target={{ user `build_target`}} amazon_ssm_agent_rpm={{ user `amazon_ssm_agent_rpm` }} enable_containerd_audit={{ user `enable_containerd_audit` }} kubernetes_enable_automatic_resource_sizing={{ user `kubernetes_enable_automatic_resource_sizing` }} debug_tools={{user `debug_tools`}} ubuntu_repo={{user `ubuntu_repo`}} ubuntu_security_repo={{user `ubuntu_security_repo`}} gpu_block_nouveau_loading={{user `block_nouveau_loading`}} runc_version={{user `runc_version`}} containerd_service_url={{user `containerd_service_url`}} netplan_removal_excludes=\"{{user `netplan_removal_excludes`}}\"", + "ansible_common_vars": "containerd_gvisor_runtime={{user `containerd_gvisor_runtime`}} containerd_gvisor_version={{user `containerd_gvisor_version`}} containerd_sha256={{user `containerd_sha256`}} pause_image={{user `pause_image`}} containerd_additional_settings={{user `containerd_additional_settings`}} containerd_cri_socket={{user `containerd_cri_socket`}} containerd_version={{user `containerd_version`}} containerd_wasm_shims_url={{user `containerd_wasm_shims_url`}} containerd_wasm_shims_version={{user `containerd_wasm_shims_version`}} containerd_wasm_shims_sha256_amd64={{user `containerd_wasm_shims_sha256_amd64`}} containerd_wasm_shims_sha256_aarch64={{user `containerd_wasm_shims_sha256_aarch64`}} containerd_wasm_shims_runtimes=\"{{user `containerd_wasm_shims_runtimes`}}\" containerd_wasm_shims_runtime_versions=\"{{user `containerd_wasm_shims_runtime_versions`}}\" crictl_version={{user `crictl_version`}} custom_role_names=\"{{user `custom_role_names`}}\" firstboot_custom_roles_pre=\"{{user `firstboot_custom_roles_pre`}}\" firstboot_custom_roles_post=\"{{user `firstboot_custom_roles_post`}}\" node_custom_roles_pre=\"{{user `node_custom_roles_pre`}}\" node_custom_roles_post=\"{{user `node_custom_roles_post`}}\" node_custom_roles_post_sysprep=\"{{user `node_custom_roles_post_sysprep`}}\" disable_public_repos={{user `disable_public_repos`}} extra_debs=\"{{user `extra_debs`}}\" extra_repos=\"{{user `extra_repos`}}\" extra_rpms=\"{{user `extra_rpms`}}\" http_proxy={{user `http_proxy`}} https_proxy={{user `https_proxy`}} kubeadm_template={{user `kubeadm_template`}} kubernetes_apiserver_port={{user `kubernetes_apiserver_port`}} kubernetes_cni_http_source={{user `kubernetes_cni_http_source`}} kubernetes_http_source={{user `kubernetes_http_source`}} kubernetes_container_registry={{user `kubernetes_container_registry`}} kubernetes_rpm_repo={{user `kubernetes_rpm_repo`}} kubernetes_rpm_gpg_key={{user `kubernetes_rpm_gpg_key`}} kubernetes_rpm_gpg_check={{user `kubernetes_rpm_gpg_check`}} kubernetes_deb_repo={{user `kubernetes_deb_repo`}} kubernetes_deb_gpg_key={{user `kubernetes_deb_gpg_key`}} kubernetes_cni_deb_version={{user `kubernetes_cni_deb_version`}} kubernetes_cni_rpm_version={{user `kubernetes_cni_rpm_version`}} kubernetes_cni_semver={{user `kubernetes_cni_semver`}} kubernetes_cni_source_type={{user `kubernetes_cni_source_type`}} kubernetes_semver={{user `kubernetes_semver`}} kubernetes_source_type={{user `kubernetes_source_type`}} kubernetes_load_additional_imgs={{user `kubernetes_load_additional_imgs`}} kubernetes_deb_version={{user `kubernetes_deb_version`}} kubernetes_rpm_version={{user `kubernetes_rpm_version`}} no_proxy={{user `no_proxy`}} pip_conf_file={{user `pip_conf_file`}} python_path={{user `python_path`}} redhat_epel_rpm={{user `redhat_epel_rpm`}} epel_rpm_gpg_key={{user `epel_rpm_gpg_key`}} reenable_public_repos={{user `reenable_public_repos`}} remove_extra_repos={{user `remove_extra_repos`}} systemd_prefix={{user `systemd_prefix`}} sysusr_prefix={{user `sysusr_prefix`}} sysusrlocal_prefix={{user `sysusrlocal_prefix`}} load_additional_components={{ user `load_additional_components`}} additional_registry_images={{ user `additional_registry_images`}} additional_registry_images_list={{ user `additional_registry_images_list`}} ecr_credential_provider={{ user `ecr_credential_provider` }} additional_url_images={{ user `additional_url_images`}} additional_url_images_list={{ user `additional_url_images_list`}} additional_executables={{ user `additional_executables`}} additional_executables_list={{ user `additional_executables_list`}} additional_executables_destination_path={{ user `additional_executables_destination_path`}} additional_s3={{ user `additional_s3`}} build_target={{ user `build_target`}} amazon_ssm_agent_rpm={{ user `amazon_ssm_agent_rpm` }} enable_containerd_audit={{ user `enable_containerd_audit` }} kubernetes_enable_automatic_resource_sizing={{ user `kubernetes_enable_automatic_resource_sizing` }} debug_tools={{user `debug_tools`}} ubuntu_repo={{user `ubuntu_repo`}} ubuntu_security_repo={{user `ubuntu_security_repo`}} gpu_block_nouveau_loading={{user `block_nouveau_loading`}} runc_version={{user `runc_version`}} containerd_service_url={{user `containerd_service_url`}} netplan_removal_excludes=\"{{user `netplan_removal_excludes`}}\"", "ansible_scp_extra_args": "{{env `ANSIBLE_SCP_EXTRA_ARGS`}}" } diff --git a/images/capi/packer/config/arm64/common.json b/images/capi/packer/config/arm64/common.json new file mode 100644 index 0000000000..661f41431d --- /dev/null +++ b/images/capi/packer/config/arm64/common.json @@ -0,0 +1,4 @@ +{ + "ubuntu_security_repo": "http://us.ports.ubuntu.com", + "ubuntu_repo": "http://us.ports.ubuntu.com" +} diff --git a/images/capi/packer/config/common.json b/images/capi/packer/config/common.json index e41c230127..cc9e48ac5b 100644 --- a/images/capi/packer/config/common.json +++ b/images/capi/packer/config/common.json @@ -18,7 +18,5 @@ "pip_conf_file": "", "redhat_epel_rpm": "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm", "reenable_public_repos": "true", - "remove_extra_repos": "false", - "ubuntu_repo": "http://us.archive.ubuntu.com/ubuntu", - "ubuntu_security_repo": "http://security.ubuntu.com/ubuntu" + "remove_extra_repos": "false" } diff --git a/images/capi/packer/config/wasm-shims.json b/images/capi/packer/config/wasm-shims.json index bb70b13d69..9e39aea335 100644 --- a/images/capi/packer/config/wasm-shims.json +++ b/images/capi/packer/config/wasm-shims.json @@ -1,7 +1,8 @@ { "containerd_wasm_shims_runtime_versions": "{\"lunatic\":\"v1\",\"slight\":\"v1\",\"spin\":\"v2\",\"wws\":\"v1\"}", "containerd_wasm_shims_runtimes": "", - "containerd_wasm_shims_sha256": "{\"lunatic\":\"7054bc882db755ce5f3ded46d114bfd4e0a318e437fa18a2601295d20b616b32\",\"slight\":\"a6ea87d965037933a7d9edb5e20cfc175265c8e1ca92a16535f1f3c3f376f5b0\",\"spin\":\"dcffedb8e4d2f585a851b3de489fa1e8a0054ec0ad72cf111c623623919245d0\",\"wws\":\"e917f90692d798d80873aa0f37990c7d652f2846129d64fecbfd41ffa77799b8\"}", - "containerd_wasm_shims_url": "https://github.com/deislabs/containerd-wasm-shims/releases/download/{{ user `containerd_wasm_shims_version` }}/containerd-wasm-shims---linux-x86_64.tar.gz", + "containerd_wasm_shims_sha256_amd64": "{\"lunatic\":\"7054bc882db755ce5f3ded46d114bfd4e0a318e437fa18a2601295d20b616b32\",\"slight\":\"a6ea87d965037933a7d9edb5e20cfc175265c8e1ca92a16535f1f3c3f376f5b0\",\"spin\":\"dcffedb8e4d2f585a851b3de489fa1e8a0054ec0ad72cf111c623623919245d0\",\"wws\":\"e917f90692d798d80873aa0f37990c7d652f2846129d64fecbfd41ffa77799b8\"}", + "containerd_wasm_shims_sha256_aarch64": "{\"lunatic\":\"8644aba14535f90c4d77ce9c3943f251195c23e9489f8626884834de0e9542e5\",\"slight\":\"0232ee4e011ecceda00c88a0d4f0be249c61ec2fcae39fb6f083724b97d640e2\",\"spin\":\"29d6363fdc864cf59ff164005acb7c3d39ff24761443fd5494948433b0d5f7c5\",\"wws\":\"8ffb2e015dd72029c0c4482ff5ce9eceeecba2e4c4e2e97bc09daffef564b51c\"}", + "containerd_wasm_shims_url": "https://github.com/deislabs/containerd-wasm-shims/releases/download/{{ user `containerd_wasm_shims_version` }}/containerd-wasm-shims---linux-.tar.gz", "containerd_wasm_shims_version": "v0.11.1" } diff --git a/images/capi/packer/goss/goss-vars.yaml b/images/capi/packer/goss/goss-vars.yaml index 08c9bc48d3..6009822b3d 100644 --- a/images/capi/packer/goss/goss-vars.yaml +++ b/images/capi/packer/goss/goss-vars.yaml @@ -435,8 +435,8 @@ ubuntu: title: "Check exact for the contains in /etc/cloud/cloud.cfg.d/15_azure-vnet.cfg" package: open-vm-tools: - linux-cloud-tools-virtual: - linux-tools-virtual: + linux-cloud-tools-azure: + linux-tools-azure: service: chrony: enabled: true