From 7d10576cb64f9f4e284294717ae5f2e01b8059ca Mon Sep 17 00:00:00 2001 From: Evan Baker Date: Wed, 25 Oct 2023 22:42:03 +0000 Subject: [PATCH] feat: build cni installer image with cni builds Signed-off-by: Evan Baker --- .pipelines/pipeline.yaml | 43 +++---------- Makefile | 130 +++++++++++++-------------------------- cni/linux.Dockerfile | 37 +++++++++++ cni/windows.Dockerfile | 37 +++++++++++ 4 files changed, 126 insertions(+), 121 deletions(-) create mode 100644 cni/linux.Dockerfile create mode 100644 cni/windows.Dockerfile diff --git a/.pipelines/pipeline.yaml b/.pipelines/pipeline.yaml index 30201afe943..349e59a97a6 100644 --- a/.pipelines/pipeline.yaml +++ b/.pipelines/pipeline.yaml @@ -39,7 +39,6 @@ stages: echo "##vso[task.setvariable variable=Tag;isOutput=true]$(make version)" echo "##vso[task.setvariable variable=cniVersion;isOutput=true]$(make cni-version)" echo "##vso[task.setvariable variable=npmVersion;isOutput=true]$(make npm-version)" - echo "##vso[task.setvariable variable=dropgzVersion;isOutput=true]$(make cni-dropgz-version)" cat /etc/os-release uname -a sudo chown -R $(whoami):$(whoami) . @@ -159,32 +158,18 @@ stages: name: "$(BUILD_POOL_NAME_LINUX_AMD64)" strategy: matrix: - cni_dropgz_linux_amd64: + cni_linux_amd64: arch: amd64 - name: cni-dropgz + name: cni os: linux - cni_dropgz_test_linux_amd64: + cni_windows2019_amd64: arch: amd64 - name: cni-dropgz-test - os: linux - cni_dropgz_windows2019_amd64: - arch: amd64 - name: cni-dropgz - os: windows - os_version: ltsc2019 - cni_dropgz_windows2022_amd64: - arch: amd64 - name: cni-dropgz - os: windows - os_version: ltsc2022 - cni_dropgz_test_windows2019_amd64: - arch: amd64 - name: cni-dropgz-test + name: cni os: windows os_version: ltsc2019 - cni_dropgz_test_windows2022_amd64: + cni_windows2022_amd64: arch: amd64 - name: cni-dropgz-test + name: cni os: windows os_version: ltsc2022 cns_linux_amd64: @@ -225,13 +210,9 @@ stages: name: "$(BUILD_POOL_NAME_LINUX_ARM64)" strategy: matrix: - cni_dropgz_linux_arm64: - arch: arm64 - name: cni-dropgz - os: linux - cni_dropgz_test_linux_arm64: + cni_linux_arm64: arch: arm64 - name: cni-dropgz-test + name: cni os: linux cns_linux_arm64: arch: arm64 @@ -294,12 +275,8 @@ stages: name: "$(BUILD_POOL_NAME_DEFAULT)" strategy: matrix: - cni_dropgz: - name: cni-dropgz - os_versions: ltsc2019 ltsc2022 - platforms: linux/amd64 linux/arm64 windows/amd64 - cni_dropgz_test: - name: cni-dropgz-test + cni: + name: cni os_versions: ltsc2019 ltsc2022 platforms: linux/amd64 linux/arm64 windows/amd64 cns: diff --git a/Makefile b/Makefile index 05481cfe6a1..5e67df8fe17 100644 --- a/Makefile +++ b/Makefile @@ -37,8 +37,6 @@ REVISION ?= $(shell git rev-parse --short HEAD) ACN_VERSION ?= $(shell git describe --exclude "azure-ipam*" --exclude "dropgz*" --exclude "zapai*" --tags --always) AZURE_IPAM_VERSION ?= $(notdir $(shell git describe --match "azure-ipam*" --tags --always)) CNI_VERSION ?= $(ACN_VERSION) -CNI_DROPGZ_VERSION ?= $(notdir $(shell git describe --match "dropgz*" --tags --always)) -CNI_DROPGZ_TEST_VERSION ?= $(notdir $(shell git describe --match "dropgz-test*" --tags --always)) CNS_VERSION ?= $(ACN_VERSION) NPM_VERSION ?= $(ACN_VERSION) ZAPAI_VERSION ?= $(notdir $(shell git describe --match "zapai*" --tags --always)) @@ -102,9 +100,9 @@ NPM_ARCHIVE_NAME = azure-npm-$(GOOS)-$(GOARCH)-$(NPM_VERSION).$(ARCHIVE_EXT) AZURE_IPAM_ARCHIVE_NAME = azure-ipam-$(GOOS)-$(GOARCH)-$(AZURE_IPAM_VERSION).$(ARCHIVE_EXT) # Image info file names. -CNI_DROPGZ_IMAGE_INFO_FILE = cni-dropgz-$(CNI_DROPGZ_VERSION).txt -CNS_IMAGE_INFO_FILE = azure-cns-$(CNS_VERSION).txt -NPM_IMAGE_INFO_FILE = azure-npm-$(NPM_VERSION).txt +CNI_IMAGE_INFO_FILE = azure-cni-$(CNI_VERSION).txt +CNS_IMAGE_INFO_FILE = azure-cns-$(CNS_VERSION).txt +NPM_IMAGE_INFO_FILE = azure-npm-$(NPM_VERSION).txt # Docker libnetwork (CNM) plugin v2 image parameters. CNM_PLUGIN_IMAGE ?= microsoft/azure-vnet-plugin @@ -154,12 +152,6 @@ azure-ipam-version: ## prints the azure-ipam version cni-version: ## prints the cni version @echo $(CNI_VERSION) -cni-dropgz-version: ## prints the cni-dropgz version - @echo $(CNI_DROPGZ_VERSION) - -cni-dropgz-test-version: ## prints the cni-dropgz version - @echo $(CNI_DROPGZ_TEST_VERSION) - cns-version: @echo $(CNS_VERSION) @@ -246,19 +238,18 @@ CONTAINER_TRANSPORT = docker endif ## Image name definitions. -ACNCLI_IMAGE = acncli -CNI_DROPGZ_IMAGE = cni-dropgz -CNI_DROPGZ_TEST_IMAGE = cni-dropgz-test -CNS_IMAGE = azure-cns -NPM_IMAGE = azure-npm +ACNCLI_IMAGE = acncli +CNI_IMAGE = cni-dropgz +CNS_IMAGE = azure-cns +NPM_IMAGE = azure-npm ## Image platform tags. -ACNCLI_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(ACN_VERSION) -CNI_DROPGZ_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNI_DROPGZ_VERSION) -CNI_DROPGZ_TEST_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNI_DROPGZ_TEST_VERSION) -CNS_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNS_VERSION) -CNS_WINDOWS_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNS_VERSION)-$(OS_SKU_WIN) -NPM_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(NPM_VERSION) +ACNCLI_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(ACN_VERSION) +CNI_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNI_VERSION) +CNI_WINDOWS_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNI_VERSION)-$(WINDOWS_OS_SKU) +CNS_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNS_VERSION) +CNS_WINDOWS_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(CNS_VERSION)-$(WINDOWS_OS_SKU) +NPM_PLATFORM_TAG ?= $(subst /,-,$(PLATFORM))$(if $(OS_VERSION),-$(OS_VERSION),)-$(NPM_VERSION) qemu-user-static: ## Set up the host to run qemu multiplatform container builds. @@ -330,55 +321,35 @@ acncli-image-pull: ## pull cni-manager container image. IMAGE=$(ACNCLI_IMAGE) \ TAG=$(ACNCLI_PLATFORM_TAG) -# cni-dropgz +# cni -cni-dropgz-image-name: # util target to print the CNI dropgz image name. - @echo $(CNI_DROPGZ_IMAGE) +cni-image-name: # util target to print the CNI image name. + @echo $(CNI_IMAGE) -cni-dropgz-image-name-and-tag: # util target to print the CNI dropgz image name and tag. - @echo $(IMAGE_REGISTRY)/$(CNI_DROPGZ_IMAGE):$(CNI_DROPGZ_PLATFORM_TAG) +cni-image-name-and-tag: # util target to print the CNI image name and tag. + @echo $(IMAGE_REGISTRY)/$(CNI_IMAGE):$(CNI_PLATFORM_TAG) -cni-dropgz-image: ## build cni-dropgz container image. +cni-image: ## build cni container image. $(MAKE) container \ - DOCKERFILE=dropgz/build/$(OS).Dockerfile \ + DOCKERFILE=cni/$(OS).Dockerfile \ + IMAGE=$(CNI_IMAGE) \ EXTRA_BUILD_ARGS='--build-arg OS=$(OS) --build-arg ARCH=$(ARCH) --build-arg OS_VERSION=$(OS_VERSION)' \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_PLATFORM_TAG) + PLATFORM=$(PLATFORM) \ + TAG=$(CNI_PLATFORM_TAG) \ + OS=$(OS) \ + ARCH=$(ARCH) \ + OS_VERSION=$(OS_VERSION) -cni-dropgz-image-push: ## push cni-dropgz container image. +cni-image-push: ## push cni container image. $(MAKE) container-push \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_PLATFORM_TAG) + IMAGE=$(CNI_IMAGE) \ + TAG=$(CNI_PLATFORM_TAG) -cni-dropgz-image-pull: ## pull cni-dropgz container image. +cni-image-pull: ## pull cni container image. $(MAKE) container-pull \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_PLATFORM_TAG) + IMAGE=$(CNI_IMAGE) \ + TAG=$(CNI_PLATFORM_TAG) -# cni-dropgz-test - -cni-dropgz-test-image-name: # util target to print the CNI dropgz test image name. - @echo $(CNI_DROPGZ_TEST_IMAGE) - -cni-dropgz-test-image-name-and-tag: # util target to print the CNI dropgz test image name and tag. - @echo $(IMAGE_REGISTRY)/$(CNI_DROPGZ_TEST_IMAGE):$(CNI_DROPGZ_TEST_PLATFORM_TAG) - -cni-dropgz-test-image: ## build cni-dropgz-test container image. - $(MAKE) container \ - DOCKERFILE=dropgz/build/cniTest_$(OS).Dockerfile \ - EXTRA_BUILD_ARGS='--build-arg OS=$(OS) --build-arg ARCH=$(ARCH) --build-arg OS_VERSION=$(OS_VERSION)' \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_PLATFORM_TAG) - -cni-dropgz-test-image-push: ## push cni-dropgz-test container image. - $(MAKE) container-push \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_PLATFORM_TAG) - -cni-dropgz-test-image-pull: ## pull cni-dropgz-test container image. - $(MAKE) container-pull \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_PLATFORM_TAG) # cns @@ -519,39 +490,22 @@ acncli-skopeo-archive: ## export tar archive of acncli multiplat container manif IMAGE=$(ACNCLI_IMAGE) \ TAG=$(ACN_VERSION) -cni-dropgz-manifest-build: ## build cni-dropgz multiplat container manifest. +cni-manifest-build: ## build cni multiplat container manifest. $(MAKE) manifest-build \ PLATFORMS="$(PLATFORMS)" \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_VERSION) \ + IMAGE=$(CNI_IMAGE) \ + TAG=$(CNI_VERSION) \ OS_VERSIONS="$(OS_VERSIONS)" -cni-dropgz-manifest-push: ## push cni-dropgz multiplat container manifest +cni-manifest-push: ## push cni multiplat container manifest $(MAKE) manifest-push \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_VERSION) + IMAGE=$(CNI_IMAGE) \ + TAG=$(CNI_VERSION) -cni-dropgz-skopeo-archive: ## export tar archive of cni-dropgz multiplat container manifest. +cni-skopeo-archive: ## export tar archive of cni multiplat container manifest. $(MAKE) manifest-skopeo-archive \ - IMAGE=$(CNI_DROPGZ_IMAGE) \ - TAG=$(CNI_DROPGZ_VERSION) - -cni-dropgz-test-manifest-build: ## build cni-dropgz multiplat container manifest. - $(MAKE) manifest-build \ - PLATFORMS="$(PLATFORMS)" \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_VERSION) \ - OS_VERSIONS="$(OS_VERSIONS)" - -cni-dropgz-test-manifest-push: ## push cni-dropgz multiplat container manifest - $(MAKE) manifest-push \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_VERSION) - -cni-dropgz-test-skopeo-archive: ## export tar archive of cni-dropgz multiplat container manifest. - $(MAKE) manifest-skopeo-archive \ - IMAGE=$(CNI_DROPGZ_TEST_IMAGE) \ - TAG=$(CNI_DROPGZ_TEST_VERSION) + IMAGE=$(CNI_IMAGE) \ + TAG=$(CNI_VERSION) cns-manifest-build: ## build azure-cns multiplat container manifest. $(MAKE) manifest-build \ @@ -723,7 +677,7 @@ test-all: ## run all unit tests. go test -mod=readonly -buildvcs=false -tags "unit" -coverpkg=$(COVER_FILTER) -race -covermode atomic -coverprofile=coverage.out $(COVER_PKG)/... test-integration: ## run all integration tests. - CNI_DROPGZ_VERSION=$(CNI_DROPGZ_VERSION) \ + CNI_VERSION=$(CNI_VERSION) \ CNS_VERSION=$(CNS_VERSION) \ go test -mod=readonly -buildvcs=false -timeout 1h -coverpkg=./... -race -covermode atomic -coverprofile=coverage.out -tags=integration ./test/integration... diff --git a/cni/linux.Dockerfile b/cni/linux.Dockerfile new file mode 100644 index 00000000000..32200f09331 --- /dev/null +++ b/cni/linux.Dockerfile @@ -0,0 +1,37 @@ +ARG ARCH +ARG DROPGZ_VERSION=v0.0.12 +ARG OS_VERSION +ARG OS + +FROM mcr.microsoft.com/oss/go/microsoft/golang:1.21 AS azure-vnet +ARG VERSION +WORKDIR /azure-container-networking +COPY . . +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/network/plugin/main.go +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet-telemetry -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/telemetry/service/telemetrymain.go +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet-ipam -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/ipam/plugin/main.go + +FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS compressor +ARG OS=$OS +WORKDIR /payload +COPY --from=azure-vnet /go/bin/* /payload/azure-vnet +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS.conflist /payload/azure.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift.conflist /payload/azure-swift.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift-overlay.conflist /payload/azure-swift-overlay.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift-overlay-dualstack.conflist /payload/azure-swift-overlay-dualstack.conflist +COPY --from=azure-vnet /azure-container-networking/telemetry/azure-vnet-telemetry.config /payload/azure-vnet-telemetry.config +RUN cd /azure-vnet && sha256sum * > sum.txt +RUN gzip --verbose --best --recursive /azure-vnet && for f in /azure-vnet/*.gz; do mv -- "$f" "${f%%.gz}"; done + +FROM mcr.microsoft.com/oss/go/microsoft/golang:1.21 AS dropgz +ARG DROPGZ_VERISON=$DROPGZ_VERSION +ARG VERSION +RUN go mod download github.com/azure/azure-container-networking/dropgz@$DROPGZ_VERSION +WORKDIR /go/pkg/mod/github.com/azure/azure-container-networking/dropgz\@$DROPGZ_VERSION +COPY --from=compressor /payload/* /pkg/embed/fs/ +COPY /go/src/azure-container-networking/cni/azure-$OS.conflist pkg/embed/fs/azure.conflist +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/dropgz -trimpath -ldflags "-X github.com/Azure/azure-container-networking/dropgz/internal/buildinfo.Version="$VERSION"" -gcflags="-dwarflocationlists=true" main.go + +FROM scratch +COPY --from=dropgz /go/bin/dropgz dropgz +ENTRYPOINT [ "dropgz" ] diff --git a/cni/windows.Dockerfile b/cni/windows.Dockerfile new file mode 100644 index 00000000000..36fef6b1151 --- /dev/null +++ b/cni/windows.Dockerfile @@ -0,0 +1,37 @@ +ARG ARCH +ARG DROPGZ_VERSION=v0.0.12 +ARG OS +ARG OS_VERSION + +FROM --platform=linux/${ARCH} mcr.microsoft.com/oss/go/microsoft/golang:1.21 AS azure-vnet +ARG VERSION +WORKDIR /azure-container-networking +COPY . . +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/network/plugin/main.go +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet-telemetry -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/telemetry/service/telemetrymain.go +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/azure-vnet-ipam -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" cni/ipam/plugin/main.go + +FROM --platform=linux/${ARCH} mcr.microsoft.com/cbl-mariner/base/core:2.0 AS compressor +ARG OS=$OS +WORKDIR /payload +COPY --from=azure-vnet /go/bin/* /payload/ +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS.conflist /payload/azure.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift.conflist /payload/azure-swift.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift-overlay.conflist /payload/azure-swift-overlay.conflist +COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift-overlay-dualstack.conflist /payload/azure-swift-overlay-dualstack.conflist +COPY --from=azure-vnet /azure-container-networking/telemetry/azure-vnet-telemetry.config /payload/azure-vnet-telemetry.config +RUN cd /azure-vnet && sha256sum * > sum.txt +RUN gzip --verbose --best --recursive /azure-vnet && for f in /azure-vnet/*.gz; do mv -- "$f" "${f%%.gz}"; done + +FROM --platform=linux/${ARCH} mcr.microsoft.com/oss/go/microsoft/golang:1.21 AS dropgz +ARG DROPGZ_VERISON=$DROPGZ_VERSION +ARG VERSION +RUN go mod download github.com/azure/azure-container-networking/dropgz@$DROPGZ_VERSION +WORKDIR /go/pkg/mod/github.com/azure/azure-container-networking/dropgz\@$DROPGZ_VERSION +COPY --from=compressor /payload/* /pkg/embed/fs/ +COPY /go/src/azure-container-networking/cni/azure-$OS.conflist pkg/embed/fs/azure.conflist +RUN GOOS=windows CGO_ENABLED=0 go build -a -o /go/bin/dropgz -trimpath -ldflags "-X github.com/Azure/azure-container-networking/dropgz/internal/buildinfo.Version="$VERSION"" -gcflags="-dwarflocationlists=true" main.go + +FROM mcr.microsoft.com/windows/nanoserver:${OS_VERSION} +COPY --from=dropgz /go/bin/dropgz dropgz +ENTRYPOINT [ "dropgz" ]