From 2721cb96c82885c4592c550751b96af30f6363a8 Mon Sep 17 00:00:00 2001 From: Kai Lueke Date: Tue, 7 May 2024 15:58:32 +0900 Subject: [PATCH] Add extension overview and release all repackaged extensions Recently more build scripts got added and not all are covered in the release yet. Add a table that gives an overview on available extensions and whether they are released or not. We try to release all extensions, I didn't do it for keepalived now because it was quite slow to build for arm64. While at it fix the README order a bit, added a Butane template and made the release instructions more robust against mistakes. --- README.md | 73 +++++++++++++++++++++++++++++++++++--- release_build_versions.txt | 6 ++++ 2 files changed, 74 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a1a055a..b0f0653 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,26 @@ You can also set the architecture to be arm64 to fetch the right binaries and en The tools normally generate squashfs images not only because of the compression benefits but also because it doesn't need root permissions and loop device mounts. +### Available Extensions + +The following table shows which build recipes exist and for which the GitHub Release publishes updatable images. +While the goal is to automate the release pipeline to detect latest versions and have weekly releases, currently the release trigger is manual and all version updates except Kubernetes are also manual. +For extensions that are not part of the GitHub Release or which you want to customize, you can build your own images and host them elsewhere - the easiest is to fork this repo and modify the `release_build_versions.txt` file and create a new `latest` tag. + +| Extension | Availability | +| --- | --- | +| `kubernetes` | released | +| `docker` | released (includes containerd) | +| `docker_compose` | released | +| `wasmtime` | released | +| `wasmcloud` | released | +| `tailscale` | released | +| `crio` | released | +| `k3s` | released | +| `rke2` | released | +| `keepalived` | build script | + + ### Consuming the published images There is a Github Action to build current recipes and to publish the built images as release artifacts. It's possible to directly consume the latest release from a Butane/Ignition configuration, example: @@ -135,6 +155,52 @@ systemd: This also configures systemd-sysupdate for auto-updates. The `noop.conf` is a workaround for systemd-sysupdate to run without error messages. Since the configuration sets up a custom Docker version, it also disables Torcx and the future `docker-flatcar` and `containerd-flatcar` extensions to prevent conflicts. +Here a template for a single extension where you have to replace `NAME`, `VERSION`, and `ARCH`: + +```yaml +# butane < config.yaml > config.json +# ./flatcar_production_qemu.sh -i ./config.json +variant: flatcar +version: 1.0.0 +storage: + files: + - path: /opt/extensions/NAME/NAME-VERSION-ARCH.raw + contents: + source: https://github.com/flatcar/sysext-bakery/releases/download/latest/NAME-VERSION-ARCH.raw + - path: /etc/sysupdate.d/noop.conf + contents: + source: https://github.com/flatcar/sysext-bakery/releases/download/latest/noop.conf + - path: /etc/sysupdate.NAME.d/NAME.conf + contents: + source: https://github.com/flatcar/sysext-bakery/releases/download/latest/NAME.conf + links: + - target: /opt/extensions/NAME/NAME-VERSION-ARCH.raw + path: /etc/extensions/NAME.raw + hard: false +systemd: + units: + - name: systemd-sysupdate.timer + enabled: true + - name: systemd-sysupdate.service + dropins: + - name: NAME.conf + contents: | + [Service] + ExecStartPre=/usr/lib/systemd/systemd-sysupdate -C NAME update + - name: sysext.conf + contents: | + [Service] + ExecStartPost=systemctl restart systemd-sysext +``` + +In the [Flatcar docs](https://www.flatcar.org/docs/latest/provisioning/sysext/) you can find an Ignition configuration that explicitly sets the update configurations instead of downloading them. + +The updates works by [`systemd-sysupdate`](https://www.freedesktop.org/software/systemd/man/sysupdate.d.html) fetching the `SHA256SUMS` file of the generated artifacts, which holds the list of built images with their respective SHA256 digest. + +#### Kubernetes + +The [Flatcar Kubernetes docs](https://www.flatcar.org/docs/latest/container-runtimes/getting-started-with-kubernetes/) show how to use the extension provided here for controllers and workers. + #### wasmcloud For another example of how you can further customize the recipes provided in this repository, the following recipe uses the image built with `create_wasmcloud_sysext.sh`: @@ -211,10 +277,6 @@ This example uses Butane/Ignition configuration do the following customizations 3. Override the bundled `NATS_CONFIG` environment variable to point it to the newly created configuration (`NATS_CONFIG=/etc/nats-server.conf`). 4. Override the lattice the wasmCloud host is configured to connect (`WASMCLOUD_LATTICE=`). -In the [Flatcar docs](https://www.flatcar.org/docs/latest/provisioning/sysext/) you can find an Ignition configuration that explicitly sets the update configurations instead of downloading them. - -The updates works by [`systemd-sysupdate`](https://www.freedesktop.org/software/systemd/man/sysupdate.d.html) fetching the `SHA256SUMS` file of the generated artifacts, which holds the list of built images with their respective SHA256 digest. - #### k3s The k3s sysext can be configured by using the following snippet, in case you @@ -360,7 +422,8 @@ Please make also sure that your don't have a `containerd.service` drop in file u CI can be kicked-off by overriding the `latest` tag. The `latest` release artifacts will be updated consequently here: https://github.com/flatcar/sysext-bakery/releases/tag/latest ``` -git rebase origin/main +git checkout main +git pull --ff-only git tag -d latest git tag -as latest git push origin --force latest diff --git a/release_build_versions.txt b/release_build_versions.txt index 5306648..e014f33 100644 --- a/release_build_versions.txt +++ b/release_build_versions.txt @@ -22,3 +22,9 @@ wasmcloud-0.82.0 wasmcloud-1.0.0 tailscale-1.64.0 + +crio-1.28.4 + +k3s-v1.29.2+k3s1 + +rke2-v1.29.2+rke2r1