It has been observed that the DiagTrack service in the pause
image is consuming a non-trivial amount of CPU. We don't need
this service in the pause image, so we should disable it.
We can disable the service by running chntpw in a docker buildx Linux stage
and then copy the SYSTEM file back to the final Windows image.
Co-Authored-By: Mark Rossetti <marosset@microsoft.com>
Co-Authored-By: Davanum Srinivas <davanum@gmail.com>
As per #96015 and other reports, conversion-gen does the wrong thing if
dependent packages are not ALSO being re-generated. It creates new
versions of generated files that have missing conversions.
This change passes all packages as "extras" which will be parsed but not
regenerated (default already does exactly this).
Provides a response that includes a body and a method. This response
will enable a client (e2e test) to confirm that a proxy did not alter
the http method.
Adds Windows support for most of the images.
Adds a README explaining the image building process, including the
Windows Container image building process.
Some distributions have no default write-access to this file, which
means that it's not possible to update the file and rebuild the project
if not write-able. This patch fixes this by adding an additional
`chmod`.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
We can use docker buildx in order to build and push Windows images from the same Linux
node, as long as the Dockerfile does not have any RUN commands in the Windows step.
We also need to create a non-default builder instance in order to be able to
build and push Windows images.
The Windows images have to be built and pushed directly to the registry. Because of
this, the make target "push" has been removed (the target "all" will build and push
the images).
We need wincat for a few kubectl proxy scenarios.
For Windows containers without Hyper-V isolation, the host OS Version and the
Container OS Version need to match, which is why we added multiple Windows OS Versions
to the building process.
Adds support for Windows OS Versions: 1809, 1903, 1909, 2004.
Bumps pause image version to 3.4.
Co-Authored-By: Claudiu Belu <cbelu@cloudbasesolutions.com>
Co-Authored-By: Ben Moss <bmoss@pivotal.io>
Signed-off-by: Leah Hanson <lhanson@pivotal.io>
'agnhost' image uses hardcoded 'cluster.local' value for DNS domain.
It leads to failure of a bunch of HPA tests when test cluster is
configured to use custom DNS domain and there is no alias for
default 'cluster.local' one.
So, fix it by reusing it's own function for reading DNS domain suffixes.
Signed-off-by: Valerii Ponomarov <kiparis.kh@gmail.com>
Using Windows nanoserver container images as a base instead of the current
Windows servercore image will reduce the image size by about ~10x.
However, the nanoserver image lacks several things we need:
- netapi32.dll
- powershell
- certain powershell commands
- chocolatey cannot be used
When building the nanoserver images, we are going to use a Windows servercore helper,
in which we are going to install the necessary dependencies, and then copy them over
to our nanoserver image, including necessary DLLs.
Other notable changes include:
- switch from wget to curl (wget was a powershell alias).
- implement in code getting the DNS suffix list and DNS server list.
- reimplement getting file permissions for mounttest.
And same for go_test_conditional_pure.
Instead of aliasing. Aliases are annoying in a number of ways. This is
specifically bugging me now because they make the action graph harder to
analyze programmatically. By using aliases here, we would need to handle
potentially aliased go_binary targets and dereference to the effective
target.
The comment references an issue with `pure = select(...)` which appears
to be resolved considering this now builds.
When we switched to go-runner for building the apiserver,
controller-manager, and scheduler server components, we no longer
reference the individual architectures in the image names, specifically
in the 'FROM' directive of the server image Dockerfiles.
As a result, server images for non-amd64 images copy in the go-runner
amd64 binary instead of the go-runner that matches that architecture.
This commit explicitly sets the '--platform=linux/${arch}' to ensure
we're pulling the correct go-runner arch from the manifest list.
Before:
FROM ${base_image}
After:
FROM --platform=linux/${arch} ${base_image}
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
debian-base is no longer used for building core Kubernetes server
components, so we remove the unnecessary local variable referencing it
from kube::build::get_docker_wrapped_binaries().
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
