feat: add systemd unit for Mariner live patching (#4088)

parts/linux/cloud-init/artifacts/cse_main.sh

@@ -301,7 +301,7 @@ if [ "${ENSURE_NO_DUPE_PROMISCUOUS_BRIDGE}" == "true" ]; then
     logs_to_events "AKS.CSE.ensureNoDupOnPromiscuBridge" ensureNoDupOnPromiscuBridge
 fi
 
-if [[ $OS == $UBUNTU_OS_NAME ]]; then
+if [[ $OS == $UBUNTU_OS_NAME ]] || [[ $OS == $MARINER_OS_NAME ]]; then
     logs_to_events "AKS.CSE.ubuntuSnapshotUpdate" ensureSnapshotUpdate
 fi
 

parts/linux/cloud-init/artifacts/mariner/mariner-package-update.sh

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+set -o nounset
+set -e
+
+# source dnf_update
+source /opt/azure/containers/provision_source_distro.sh
+
+KUBECTL="/usr/local/bin/kubectl --kubeconfig /var/lib/kubelet/kubeconfig"
+
+# At startup, we need to wait for kubelet to finish TLS bootstrapping to create the kubeconfig file.
+n=0
+while [ ! -f /var/lib/kubelet/kubeconfig ]; do
+    echo 'Waiting for TLS bootstrapping'
+    if [[ $n -lt 100 ]]; then
+        n=$((n+1))
+        sleep 3
+    else
+        echo "timeout waiting for kubeconfig to be present"
+        exit 1
+    fi
+done
+
+node_name=$(hostname)
+if [ -z "${node_name}" ]; then
+    echo "cannot get node name"
+    exit 1
+fi
+
+# retrieve golden timestamp from node annotation
+golden_timestamp=$($KUBECTL get node ${node_name} -o jsonpath="{.metadata.annotations['kubernetes\.azure\.com/live-patching-golden-timestamp']}")
+if [ -z "${golden_timestamp}" ]; then
+    echo "golden timestamp is not set, skip live patching"
+    exit 0
+fi
+echo "golden timestamp is: ${golden_timestamp}"
+
+current_timestamp=$($KUBECTL get node ${node_name} -o jsonpath="{.metadata.annotations['kubernetes\.azure\.com/live-patching-current-timestamp']}")
+if [ -n "${current_timestamp}" ]; then
+    echo "current timestamp is: ${current_timestamp}"
+
+    if [[ "${golden_timestamp}" == "${current_timestamp}" ]]; then
+        echo "golden and current timestamp is the same, nothing to patch"
+        exit 0
+    fi
+fi
+
+if ! dnf_update; then
+    echo "dnf_update failed"
+    exit 1
+fi
+
+# update current timestamp
+$KUBECTL annotate --overwrite node ${node_name} kubernetes.azure.com/live-patching-current-timestamp=${golden_timestamp}
+
+echo "package update completed successfully"

parts/linux/cloud-init/artifacts/mariner/package-update.service

@@ -0,0 +1,6 @@
+[Unit]
+Description=Package Update Service
+
+[Service]
+Type=oneshot
+ExecStart=/opt/azure/containers/mariner-package-update.sh

pkg/agent/testdata/CustomizedImageKata/line135.sh → parts/linux/cloud-init/artifacts/mariner/package-update.timer

@@ -1,5 +1,5 @@
 [Unit]
-Description=Runs snapshot update script periodically
+Description=Runs package update script periodically
 
 [Timer]
 OnBootSec=10min

parts/linux/cloud-init/nodecustomdata.yml

@@ -134,6 +134,28 @@ write_files:
   content: !!binary |
     {{GetVariableProperty "cloudInitData" "migPartitionScript"}}
 
+{{if IsMariner}}
+- path: /opt/azure/containers/mariner-package-update.sh
+  permissions: "0544"
+  encoding: gzip
+  owner: root
+  content: !!binary |
+    {{GetVariableProperty "cloudInitData" "packageUpdateScriptMariner"}}
+
+- path: /etc/systemd/system/snapshot-update.service
+  permissions: "0644"
+  encoding: gzip
+  owner: root
+  content: !!binary |
+    {{GetVariableProperty "cloudInitData" "packageUpdateServiceMariner"}}
+
+- path: /etc/systemd/system/snapshot-update.timer
+  permissions: "0644"
+  encoding: gzip
+  owner: root
+  content: !!binary |
+    {{GetVariableProperty "cloudInitData" "packageUpdateTimerMariner"}}
+{{- else}}
 - path: /opt/azure/containers/ubuntu-snapshot-update.sh
   permissions: "0544"
   encoding: gzip
@@ -154,6 +176,7 @@ write_files:
   owner: root
   content: !!binary |
     {{GetVariableProperty "cloudInitData" "snapshotUpdateTimer"}}
+{{end}}
 
 - path: /opt/azure/containers/bind-mount.sh
   permissions: "0544"

pkg/agent/const.go

@@ -67,6 +67,9 @@ const (
 	snapshotUpdateScript                = "linux/cloud-init/artifacts/ubuntu/ubuntu-snapshot-update.sh"
 	snapshotUpdateSystemdService        = "linux/cloud-init/artifacts/ubuntu/snapshot-update.service"
 	snapshotUpdateSystemdTimer          = "linux/cloud-init/artifacts/ubuntu/snapshot-update.timer"
+	packageUpdateScriptMariner          = "linux/cloud-init/artifacts/mariner/mariner-package-update.sh"
+	packageUpdateSystemdServiceMariner  = "linux/cloud-init/artifacts/mariner/package-update.service"
+	packageUpdateSystemdTimerMariner    = "linux/cloud-init/artifacts/mariner/package-update.timer"
 	migPartitionScript                  = "linux/cloud-init/artifacts/mig-partition.sh"
 	migPartitionSystemdService          = "linux/cloud-init/artifacts/mig-partition.service"
 

pkg/agent/testdata/AKSUbuntu1604+Containerd/CustomData

@@ -30,7 +30,7 @@ write_files:
   encoding: gzip
   owner: root
   content: !!binary |
-    H4sIAAAAAAAA/9Q7a3Pbtpbf+StQXk0evaUeTuI26VXuMCItc6zX8uFuts1yKBKSsKYABgAV+6be374DgKQomZJlb/fDaiaRCB4cnPc5OID/9kNnjnBnHrGVZrtueOGM7PA30x9chr4ztqeB3z8HGoMcGLcaWoDfgbEAHZLxTvSvnMJOTDCPEIaUdTJKNoghgtsxWWcp5BB8+RXwFcQakB8YrwjQzZTCKLkDNMKAE8DyOIaMAXiLOMLLdrutl+C3iIOutkCaFmV8HdGb38wRwvmtuYSYgxVJE/BC00bTYWg5br+ziWgnJcuCsOiGaeubBFFgZKD1vYC611IMDAb2gOM0ZxxSY8tCSpbgj4KQx4CNmEGD5DzL+e68rZh+bP8XI7jpTZySPDEQRtxYoBSydhZtYNIEuVkJOMajNN1KuITbctjRtOyOrwh+85ieQgqTKOahJCGMCV6gZTu7K3AahiJNjRtZxFeFJNBcUd2R1OC4ZKLAwG95hUJJRU2ukbgPr2nBp2DiB6Frj2zTs/utVymbhxSmMGIQGBQY7LU0v99B6/su7D3o94HeO2933+rgS93iWJ4QEGXcWArzvQNRzgmFa7KBIF5Rgu+0yipb/9zOYHeMw3XMU0Ah4xHlxUhicLSG7A7HiTRKNfFVEnH4+qfWqxVhHEdr+PonIGfFOeNkzWKKMv7xo1TFWtMWhAIEEAatVwx+BT3w5rzbff0rSIgkQHkYA3rr+8Czw0t7NLNdT3rlzPQv7/U9lwJgSWEGjIuv4OXfCmh7evHyCIIXL8CcwuhGYlig7bItBAz4VRL0YBXpi63mAKGkmDJYQbMUwgz0yhUSgqHGYAIMBPROjcxOoh8mVGMkpzE8ArAHYTme704fx+RMPN8cjQ4DFIgehRtMJxfOcIciZaJ667vleOankR16npC5sFBOc7hnoAli0TyFnncJ/vyzJuPa5K2l6RlFm4hDAJdUBMyMkts7ECWJfEIMvGx9n7nOtenboT10bc8LZ+703z+HpmWJp/uXdfq8y2kwsgoWAtcOL31/piYcpveU2eHAPIxAfJTX5xSKOTPBxMDcZT+YWYKJgRkObNf36oZaTbZ5bOMNogSvIeZSSkeYGwSePx0LjL4beP5hAiv8A+m9g2gAKUcLFAvBHyVSUKAIMLCgYRr4n6bBRFAxHpsT675RlgpWCe7adL19KOlamygFrS1MXR4UcnoXr5MQLcJFhNKcQvCuC3rgHWjtUwA+fnxyKjv7+KK3y3cN62QSXpjO6FfJe+EaHcjjDmFGEbq1Kmg71j34oQ/0dURFGtrjU1m4K4IzwkuwjrCRzGXANvJMRFiwSKMlEBmyqhBSsmQhJyHcQMwZ0M0rrz3w7LYK8eMIW3Mz5ySQ8y/SaHmBUqiDo6+Vu91mhHJR6LAVydMkZDcoC/EGJSgKE4o2kDLt4VhYJOd+61WDWkJMQsYjzkBP6KfXBaLmAkZ8e2SV1xqFvN/6Z2XaFHJdirHbKMCLCKUwEWVVAjmka4ShMDSFFCikoCCzWBbMIRArZzBRYt2qenLtWI4ZWq5zbbtlOKwZut76PpwF4WRq2feKqtKjhMkogMNiOuyEhxQbpzDCQTacBZYSjw4eDEnyDiEo461K5y5kJN3ARAfN44fxVFHCTNYIB0yY88MxTbu+tMLRdLjNRf1Hyrmqwm49mAoealvoOOYwAUuSJhADtI6WEGQUlniP+0khu0FZGTpi+lame+MS1UUwGlV50bX/LXBc2+ovIpH8qwqgMg7HC68vReDrA6Hlhsgm2QiYcPnrS0vogVMC5jmXnt4kBUw4WJAcJ3pDbSLAZX0ymfrhhYhS9VjZTLygrGbTraknzLJV1JhTL5yYY1uY9IsXQHDViEWwWFryCYZcqMeCGdNB7WErQyWZYU2vvyovFaJKYAZxAnGMICunRxwRrB+1/gKy0qubY1HQVhTsv1DGqLe+T2zb8kS8901nYrvWrueWgvnu2yN7NnX90J6I6mUPTIkFnCIXH6ZQROBkluZLhCsC98ZV2oE8zwYTx0KUPcr6BPJvhN7sod0Z1SquHS+8EsXCyPabODnKSEK+4ZREyRXNGU9FzC5HKiEnv0Vs7a3QmlXWJ1ZVsgs9eyDqFn/khZ+mU9/zXXM2cybDZ1PiwTin0B95nwjhjNMou8rnMIXcvoVxKZAnAEuiXVsQtxcHjuyLdE9up8pQKWx5OAuKvMT0xrRSxQ5pZ4/nlB+ellMgZjmF9ZSyP7Ib0wr9CAIt+9oZ2OFsFAydSehchMJP7GPxrsIydoYVf/W0qVg0FkCXdVSx7yy+O4plI4EbFEMjk3poM0jFY0PdKD5VB+TJCNu1CCs+HMLnIOn0usYaLUNhRRwu72Tu1MFH0EngpoPzNAX/+MdLsWXVfvfUpC9arbLv60JWwv59e/i5bwhkRokMiMyRQl0Tdiltq1/72cmZqHXjKC1olJ2uJnJBq76I4FazpxcV+0X+OGZGcsffbsKtA71qKNhYlBkmTpQfNIPvVNsP7czzTdeXdffDffdh6kj2KHGWKoIkdSRrJq5Mp7s+Ib1V5ogL85PrDMKxOTGHtnt8H7ibb8emK3JLLeE2WPNj4V2SfBHNKYrHEY6Woi47/O4p+i2ksZDz1yXuxzS7B/5Qs7Ky9vZ1+kDAB8LFnoT2orEsbMp3jzKoot4YLWcR5UgWE+DhWEne8faXbuPkcJDfKyus6eDKdkWV50wOZjcGOfj7reqZkPgGUsEHwsDIQcuzXeUfrjMZODNzFA5Gjj3xQ8eSrd+D7z174Nq+oMT8D5Fsy+aJaw8dz3c/h2KmsOKKBOP2lAKryJXiK+apiRPxSzY6Kms8DKJpMYURh2JgHGG0gIxbiG6ldml6ZTvDs013cBla07F5RHZ663sTfL0l+PFAp1gWV4ZqZBoMRjReGQlZRwgfaA40LeQpw5YdmuPp6EZJpZ6BHt+CXf3Capuvq1+OVIHb5s7Eqc0ZTJxa1Te7Pg+twBwJpxxcHatlT6grrMvBbHNeepJ62in3jpfWJ6+zrSrLtbYjYLureIRY6VkVsfJpd7c/tj3PHNrh9CL0L+3QMj8XBVdjM+IA/J9gHjF4/hYYiTA8YQdrwpPdlXzTHdp+OBhNg1ImprDOwQrhaJCSPNlbkkIeLccDV21WLwiVkLtIi9rtcur5Xtm8NYf25Eg/8LgpzVRHdqC6aJeE8coWG17tKH6nRRn6rjnxZqYrwtJlMLTDmTm0n2wLlUX7NMIsiyjE/DJfwlm0hDV7b3h7hDTvN3MmY8XzyfG+RZnqvT0YanKGoTsNZtdnB9c7WIk+iB+i+IyXlOTZ5qyx8BRV3oGy8yr4ZI+ECUpywouROfT6RoHOUNmsXxCgy3LxWX5dRUTJUBV7kx0/ErRMbD/07fFsZPp2sxdtJ0tJYMhDDtdZGnEomdeeI70KpyHWMxZptHx6CV/JspJHJU+qeg0GhV9zyLg8YiM57/ferYGxXb6CgzjJCMK8n2N0+6HT6dAc1znf/mwzEt+A7QpKc6xf8NtmKYrhDnyxk6pq/7II+wEwuN5AOiBr4TZAKcSd2L7thaKAc6aTD4bebXfbXf0e6L322c/trr5Xnj1T8BX9f5HoQzeY+M7YlhroN4i4T+Ga8JoYinqvXoCUWC3Huwr9z7PDweFpXM8RTtYkx/ywtwYY8S+aC7/miELWFzMMNaXApJkLDmnTi9JJj6dB747FPC3ToHo61bHFBr4piNYMPxg5Y8f3Dgjs4A4O8m1GD1K0Rrxe9jx4dwKfRQ1aMlo81hpRniiKJ9PQCmaiOJ6OHW8QTAMv/OQ61jPSk1pnQqw8m+IZJWvE4vwTRYnITkdentKdPWH5fJ5jnns4ytiKcHXsU2l5Z7RcsLnX++AM7xSiqmh+liS9GPZ+Nro/v4fG2+6b2Ji/eXdmRL33Zz0Iz7o/QyjMnt2xzjxnnc1a/F9snjqrTZhzlHZyLMx7e95enK333qA//vJV/sC6yi80bstuSj0oXJsjxzJ9ZzoJbdftdzXNnDnFxkmdELq27zq213/XLXVYg5CC6vfBj+3icDtF+Kb9467sDmHsdeXlIBmg5RHjHuJ70P9v8J+/d433X/7+R7v5u3VwKWvi7axU0/dTGTiM+KxAXLuG8WileqDBqToAXr/16pADRBkSkRDSCUsJuckzHehN58c7gqxRew964KwLcDEbVLn6HTAknn63QQn664o8z/f6xUWbnbaVGG+QQ8vzPcFt9yGjYuUtIQ8X3W8yubZ00R/13vkv7fM37d7Z+3bvXP8RNPeZ9qxabm2vfvHC2jKqZSCkM5pOr0SBWHZvHrB3IsZDuAqZnNTo26p4cIpy6+50rw6lcQyMzb+anOnt2zeyhaVkfwxMQJ3AcHWBoFT9o/vU/6fs1fLXidcgZA/osYsQIMIJuEHxjQAki0UJXMBllMiLlREvu3SqkaX6S4fuPwgI2TifI9xZRziZi5pG0VXgXyCM2AomxUI7K4AXVfLcbUfuM/mSwjkhHFBVyCU/ATUgeMEkgQBh0ANrhHMOXyqqynuqwIiBzlY5T8g3DAwKeuCF/ox83HSpNMfFtdJ9k3wa6r3TvGBi+r49sWwrDGZD17TsQ/Xf9hMEZeC3HLevSugo4+KfLI7bSef9+wxSRBIU6wcOfVqvEkRxtJZX1nYw3uuv9853SB6vGsB2gOLVmiSge/727WOQSsnmzP/wYVYQ+eGDsjVjFsU30RIaI8SEd/f0X1+Cjx+fhxFHnEOcwMQIsiWNEngyvu01zxyvI3Yjb4omEUrvyg3DdsTIFfJqK9GMCMpTgP8LRCIq0QY0cvwAkvL2qmFgYsxTsRs+EWEd33OQNzHXdNryqAfC9ImnRH+B49XP/03ffBR+a5vqEGhrkqVFIiavrbA8ywjlMAHzO3AT8Uhd7GA/gW8oTSXIHBaqT17u2v5+PbGrjOL+EkjwwhCpYh1xFBuYcLS4I7jU9hEEjJPs+bML/9mdX15tKl1g55zA++z59njgj/aPvp6xgLLY/wX6vbO7v26VmqUXP+tHZ7q6YgrUDfEqq7bFXgGoMkds8DGMOSIYxCsY34CYJPCDDlq79ceRsziIk8aL6Nu+Y9PJj8j5KiGc+qcemqYEs0eYpv3Nnl78TwAAAP//tXl5uWUyAAA=
+    H4sIAAAAAAAA/9Rbe3fbtpL/n58C5dXJo7fUw0ncJr3KPYxIyzzWa0nK3Wyb5aFISMKaAhgAVOybej/7HgAkRcmkZHu7f6zPaW1Bg8HMYB4/DJC//dBZINxZhGyt2a4bXDgjO/jN9AeXge+M7enc758DjUEOjFsNLcHvwFiCDkl5J/xXRmEnIpiHCEPKOiklW8QQwe2IbNIEcgi+/Ar4GmINyB8YrQnQzYTCML4DNMSAE8CyKIKMAXiLOMKrdrutF+S3iIOutkSaFqZ8E9Kb38wRwtmtuYKYgzVJYvBC00bTYWA5br+zDWknIatcsPCGaZubGFFgpKD1Pae61xIMDAYOiKMkYxxSY6dCQlbgj1yQU8RGxKBBMp5mfH/ezkw/tv+LEVz3TZSQLDYQRtxYogSydhpuYVxHuV0LOsbDJNlZuKDbadjRtPSOrwl+c2qfAgrjMOKBFCGICF6iVTu9y3kahhJNjRtpyNe5JdBCSd2R0uCoUCLnwG95yUJZRU2uiHhIr2nzT/OJPw9ce2Sbnt1vvUrYIqAwgSGDwKDAYK+l+/0OWt/3ae9Bvw/03nm7+1YHX6oex7KYgDDlxkq47x0IM04o3JAtBNGaEnynlV7Z+uduBrtjHG4ingAKGQ8pz0dig6MNZHc4iqVTqomv4pDD1z+1Xq0J4zjcwNc/ATkryhgnGxZRlPKPH+VWbDRtSShAAGHQesXgV9ADb8673de/gphIAVSEMaC3vg88O7i0RzPb9WRUzkz/8l4/CCkAVhSmwLj4Cl7+Lae2pxcvjzB48QIsKAxvJIcl2i3bQsCAX6VAD1aRsdiqTxDKigmDJTVLIExBr1ghJhhqDMbAQEDvVMTsxHqzoBojGY3gEYIDCsvxfHd6mpMz8XxzNGomyBmdpBtMJxfOcE8i5aJ667vleOankR14nrC58FBOM3jgoDFi4SKBnncJ/vyzYuPK5J2n6SlF25BDAFdUJMyUkts7EMax/IQYeNn6PnOda9O3A3vo2p4XzNzpv38OTMsSn+5fVuXzLqfzkZWrMHft4NL3Z2pCs7yPmR0MzGYG4kdFfUahmDMTSgzMffXnM0soMTCDge36XtVRy8k2j2y8RZTgDcRcWumIcoO550/HgqPvzj2/WcCS/0BG7yAcQMrREkXC8EeFFBIoAQwsZJjO/U/T+URIMR6bE+u+1paKVhnu2nS9QyoZWtswAa0dTdUeFHJ6F23iAC2DZYiSjELwrgt64B1oHUoAPn58cik7+/iit693hetkElyYzuhXqXseGh3Iow5hRp66tTJpO9Y9+KEP9E1IRRk60FN5uCuSM8IrsAmxES9kwjayVGRYsEzCFRAVskQICVmxgJMAbiHmDOjmldceeHZbpfhxiK2FmXEyl/MvknB1gRKog6Nfq3C7TQnlAuiwNcmSOGA3KA3wFsUoDGKKtpAy7eFYkBfnfutVzbYEmASMh5yBntifXhcIzAWM6PbIKq81Cnm/9c/StSnkujRjt9aAFyFKYCxgVQw5pBuEoXA0xRQopiAXM18WLCAQK6cwVmbdbfXk2rEcM7Bc59p2i3RYcXS99X04mweTqWXfK6mKiBIuowiazdQchE0bGyUwxPN0OJtbyjw6eDAkxWtiUORbVc5dyEiyhbEO6seb+ZRZwow3CM+ZcOeHY5p2fWkFo+lwV4v6J+BcibBbD6aCh7st9jjiMAYrksQQA7QJVxCkFBZ8j8dJbrtBgQwdMX1n04NxyepiPhqVddG1/23uuLbVX4ai+JcIoHQOxwuuL0Xi6wOxyzWZTaoxZyLkry8tsQ+cErDIuIz0OitgwsGSZDjWa7CJIJf4ZDL1gwuRpaq5sl54IVnFp1tTT7hlK8eYUy+YmGNbuPSLF0BoVctFqFh48iMcOd8eC6ZMB5UPOxsqywwr+/qrilJhqhimEMcQRwiyYnrIEcH6Ue/PKct9dTMsAG0pweEXyhn11veJbVueyPe+6Uxs19qP3MIw3317ZM+mrh/YE4FeDsiUWcBj7OLDBIoMHM+SbIVwKeDBuCo7kGfpYOJYiLKTqk8g/0bozQHbvVGt1NrxgisBFka2X6fJUUVi8g0nJIyvaMZ4InJ2MVIaOf4tZBtvjTas9D6xqrJd4NkDgVv8kRd8mk59z3fN2cyZDJ8tiQejjEJ/5H0ihDNOw/QqW8AEcvsWRoVBnkAshXZtIdxBHjhyLtI9eZwqUqXw5eFsntclpteWlTJ3SD87XVN+eFpNgZhlFFZLyuHIfk7L90cIaNnXzsAOZqP50JkEzkUg4sQ+lu9KLmNnWOpXLZtKRWMJdImj8nNn/rujVDZiuEURNFK5D20GqfhYgxvFT9kBeTLDdiXDih8O4XOYdHpdY4NWgfAiDld3snbq4CPoxHDbwVmSgH/846U4smq/e2rSF62C7Pu6sJXwf98efu4bgplRMAOiciRQ14RfSt/qV/7sZExg3ShMchllp6tOXNCqLiK01ezpRal+Xj+OuZE88bfreOtALxsKNhYww8SxioN68j20/dDPPN90fYm7H567m6Uj6UnhLAWCpHQkrReuKKf7MSGjVdaIC/OT6wyCsTkxh7Z7/By4X2/HpitqS6Xg1njzqfQuRb4IFxRF4xCHK4HLmr97yv7m1ljK+ZuC96mdPSB/uLMSWXuHe/rAwA3p4sBCB9lYApviu5MKqqw3RqtZSDmSYAI8HCvEO97+0m0cNyf5A1hhTQdXtitQnjNprG4McvD3W9UzIdENpEIPhIGRgZZnuyo+XGcycGbmKBiMHHviB44lW7+N33v2wLV9IYn5H6LYFs0T1x46nu9+DsRM4cWlCMbtYwBWXivFr4gnJo7FX7LRUXpjM4mmRRSGHIqBcYjREjJuIbqz2qXpFe0MzzbdwWVgTcfmEdvpre919NWW4MeGTrEEV4ZqZBoMhjRaGzHZhAg3NAfqFvKUY8sOzfFydKOsUq1Ap49gV7+wyuHr6pcjKHDX3Jk4lTmDiVNBfbPr88CamyMRlIOrY1j2EbjCuhzMtudFJKlPe3DvOLR+9Do7VFmstRsBu1PFCWFlZJXCyk/7p/2x7Xnm0A6mF4F/aQeW+TkHXLXNiAb6P8EiZPD8LTBi4XjCDzaEx/sr+aY7tP1gMJrOC5uYwjsHa4TDQUKy+GBJCnm4Gg9cdVi9IFRS7jPNsdvl1PO9onlrDu3JkX7gcVeaqY7sQHXRLgnjpS/WfLW38XstysB3zYk3M12Rli7nQzuYmUP7yb5QerRPQ8zSkELML7MVnIUrWPH3mm+PiOb9Zs5krni+ON63MFW9twdDdcEwdKfz2fVZ43qNSPRB/hDgM1pRkqXbs1rgKVBeA+y8mn+yR8IFpTjBxcgcen0jZ2eoatbPBdAlXHxWXJcZUSpU5t54L46ELBPbD3x7PBuZvl0fRbvJ0hIY8oDDTZqEHErltedYr+RpiPWMZRKung7hS1uW9ijtSVWvwaDwawYZl1dsJOP93rsNMHbLl3QQxylBmPczjG4/dDodmuGq5rs/24xEN2C3gto51s/1bbMERXCPPj9Jldi/AGE/AAY3W0gHZCPCBqgNcSe2b3uBAHDOdPLB0Lvtbrur3wO91z77ud3VD+DZMw1fyv8XmT5w5xPfGdtyB/o1Ju5TuCG8YoYc71UBSMHVcryrwP88a04OT9N6gXC8IRnmzdE6x4h/0Vz4NUMUsr6YYagpOSfNXHJI674ogvR4GfTuWMSTogyqT48NbHGAr0uiFcefj5yx43sNBms8wUG+q+jzBG0Qr8KeB989Qs8cgxaK5h8rjShPgOLJNLDmMwGOp2PHG8yncy/45DrWM8qTWmdCrCyd4hklG8Si7BNFsahOR758VHdWXTg86jTZJF+2yDDPPBymbE24uhcq3WBvtJCovhn84JKvUeq6dvhZHPci2PvZ6P78Hhpvu28iY/Hm3ZkR9t6f9SA86/4MoYgLdsc6i4x1thvx//x01Vlvg4yjpJNh4f+7C/n88r33Bv3xl6/yB9ZVAaJRW7Zbqlnj2hw5luk700lgu26/q2nmzMlPVuoK0bV917G9/rtusckVCmmofh/82M5vvxOEb9o/7tuuiWOvK18PyQwu7yAPGN+D/n+D//y9a7z/8vc/2vW/W41LWRNvb6XKfj9VgWbGZznjyjuNk1C2oQOqWgRev/WqKQDCFIlUCemEJYTcZKkO9LoL5j1DVqS9Bz1w1gU4nw3KYv4OGJJPv1uzCfrrUjzP9/r5S5y9vpYYr7FDy/M9oW33oaJi5Z0gDxc97EK5tgzRH/Xe+S/t8zft3tn7du9c/xHUN6IOvFqefa9+8YLKMqqnIKwzmk6vBIIs2jsP1HskxyZeuU0e1QncbfHgMZtbDad7dWuNI2Bs/1UXTG/fvpE9LmX7Y2SC6hEKly8Miq0/eZD9f6pepcA98p2EbBKdeikBQhyDGxTdCEKyXBbEOV1KiXx5GfKijac6XaoB1fRAQlDIzvoC4c4mxPFCgB4lV85/iTBiaxjnC+2tAF6UxXO/X3mo5EsKF4RwQBXSi38CakDogkkMAcKgBzYIZxy+VFIVD1mBEQGdrTMek28YGBT0wAv9GfW47tVphvN3p4cu+TTWB9d984np+/bEsq1gPhu6pmU3AcTdz3xeJH7LcfsKY4cpF/9J9NyOO+/fp5AiEqNIb7gVar2KEcXhRr5p2+N4r78+uAAiWbSuIdsjitYbEoPu+du3pyjVJpsz/8OHWS7khw/K14xZGN2EK2iMEBPR3dN/fQk+fnweRxxyDnEMY2OermgYw0fz270DzfAmZDfyKWkcouSuOFHsRoxMMS/PGvWMoLwm+L9gJLISrWEjxxuYFM9bDQMTY5GI4/IjGVb5PYd5nXJ11zEnIxAmT7xG+gsCr/pAwPTNk/Q731S3RDuXLDwSMfmuhWVpSiiHMVjcgZuQh+rlB/sJfENJIkkWMN/6+OW+7x/iif3NyB84gRgvDVEqNiFHkYEJR8s7govdPsKAcZI+f3YeP/vzi7dPRQjsXSR4nz3fHg/80eHd2DMWUB77v2B/cLn3161S8fT8z+rdmq7eoAL1hLysqm1xVgAK5oCIYAwjjggG0RpGNyAiMfygg9Y+/jhyWQdxXPtSfdeYrLsaEjVfFYTH/lsQTVOGORBM0/5mTy/+JwAA//9dgNZDhjIAAA==
 
 - path: /opt/azure/containers/provision_installs.sh
   permissions: "0744"
@@ -118,6 +118,7 @@ write_files:
   content: !!binary |
     H4sIAAAAAAAA/4SS0YubQBDG3/0rvpp76BVTa3ulXI4+lN41CE0MJelrWddRh5pd2V1tQsj/XjRcIiSgDMLOzu+bj5mdvAlTVmEqbOl5k2Wyfpnhe2MMKVftAyxbzlig4tQIs8eWi2ktjKMMb0vnajsLw4Jd2aTvpd6Gy9/xc/wtvFTdQwqltMM/bf6iNromU+2RkhSNJegcriToxmWi05yvNsgMt2TQkrGslTdZJ8/JDBtLw+avfpxGpnuN7oIdawWROzJ9TqS6JbC1TfdHzjvK4C3i+Z/Vr+RH/PPl690hOnpSWMLdYZA/ghU8APAX8Twq/Pv+0H2qH8jUbrnzg6ksGNFjcBVn4OnpLPRxVOgh6OMW/GkMfgxuNn0Y4z7for6MUR8GFE6zenchSJYafrd4gVZUfFotK+uEktQ9hJwr8i/1O3aIhkbICuldNZb8PwAA//+R/AassAIAAA==
 
+
 - path: /opt/azure/containers/ubuntu-snapshot-update.sh
   permissions: "0544"
   encoding: gzip
@@ -139,6 +140,7 @@ write_files:
   content: !!binary |
     H4sIAAAAAAAA/0TMPapCMRBA4X5WkQ28hy4ghRcbqwv+YBFSDMmgA8kkZCbC3b2Ihe058IWbsEU4kqbB3biJP09Rp4Jdn83c7BmN3He7ToNb5oSlbADhypVGhFWW1uxCye93lQVW+aiHZPyiX4VwEjUsJcIdxSgvm6+zGP9NpfFvOB5k7wAAAP//XnoOYJAAAAA=
 
+
 - path: /opt/azure/containers/bind-mount.sh
   permissions: "0544"
   encoding: gzip

pkg/agent/testdata/AKSUbuntu1604+Containerd/line33.sh

@@ -262,7 +262,7 @@ if [ "${ENSURE_NO_DUPE_PROMISCUOUS_BRIDGE}" == "true" ]; then
     logs_to_events "AKS.CSE.ensureNoDupOnPromiscuBridge" ensureNoDupOnPromiscuBridge
 fi
 
-if [[ $OS == $UBUNTU_OS_NAME ]]; then
+if [[ $OS == $UBUNTU_OS_NAME ]] || [[ $OS == $MARINER_OS_NAME ]]; then
     logs_to_events "AKS.CSE.ubuntuSnapshotUpdate" ensureSnapshotUpdate
 fi