├── .github ├── ISSUE_TEMPLATE │ └── autobuild-k8s.md ├── scripts │ ├── download.sh │ ├── kubernetes.sh │ ├── manifest.sh │ ├── versions │ │ ├── versions.sh │ │ ├── versions_arch.sh │ │ └── versions_sealos.sh │ └── waitRunning.sh ├── versions │ ├── 0 │ │ ├── CHANGELOG-1.16.md │ │ ├── CHANGELOG-1.17.md │ │ └── CHANGELOG-1.18.md │ ├── 1 │ │ ├── CHANGELOG-1.19.md │ │ └── CHANGELOG-1.20.md │ ├── 2 │ │ ├── CHANGELOG-1.21.md │ │ ├── CHANGELOG-1.22.md │ │ └── CHANGELOG-1.23.md │ ├── 3 │ │ ├── CHANGELOG-1.24.md │ │ └── CHANGELOG-1.25.md │ ├── 4 │ │ ├── CHANGELOG-1.26.md │ │ ├── CHANGELOG-1.27.md │ │ ├── CHANGELOG-1.28.md │ │ └── CHANGELOG-1.29.md │ └── 5 │ │ ├── CHANGELOG-1.30.md │ │ ├── CHANGELOG-1.31.md │ │ ├── CHANGELOG-1.32.md │ │ └── CHANGELOG-1.33.md └── workflows │ ├── autobuild-k3s-containerd-part3.yml │ ├── autobuild-k3s-containerd-part4.yml │ ├── autobuild-k3s-containerd-part5.yml │ ├── autobuild-k8s-containerd-part0.yml │ ├── autobuild-k8s-containerd-part1.yml │ ├── autobuild-k8s-containerd-part2.yml │ ├── autobuild-k8s-containerd-part3.yml │ ├── autobuild-k8s-containerd-part4.yml │ ├── autobuild-k8s-containerd-part5.yml │ ├── autobuild-k8s-cri-o-part1.yml │ ├── autobuild-k8s-cri-o-part2.yml │ ├── autobuild-k8s-cri-o-part3.yml │ ├── autobuild-k8s-cri-o-part4.yml │ ├── autobuild-k8s-cri-o-part5.yml │ ├── autobuild-k8s-docker-part0.yml │ ├── autobuild-k8s-docker-part1.yml │ ├── autobuild-k8s-docker-part2.yml │ ├── autobuild-k8s-docker-part3.yml │ ├── autobuild-k8s-docker-part4.yml │ └── autobuild-k8s-docker-part5.yml ├── .gitignore ├── CHANGELOG ├── CHANGELOG-1.0.0.md └── CHANGELOG.md ├── LICENSE ├── README.md ├── containerd ├── Kubefile ├── etc │ ├── config.toml.tmpl │ ├── containerd.service.tmpl │ ├── crictl.yaml │ └── hosts.toml.tmpl └── scripts │ ├── check.sh │ ├── clean-containerd.sh │ ├── clean-cri.sh │ ├── init-containerd.sh │ └── init-cri.sh ├── cri-o ├── Kubefile ├── README.md ├── etc │ ├── 99-crio.conf.tmpl │ └── crictl.yaml └── scripts │ ├── check.sh │ ├── clean-cri.sh │ ├── clean-crio.sh │ ├── init-cri.sh │ └── init-crio.sh ├── docker ├── Kubefile ├── etc │ ├── cri-docker.service.tmpl │ ├── cri-docker.socket │ ├── crictl.yaml │ ├── daemon.json.tmpl │ └── docker.service └── scripts │ ├── check.sh │ ├── clean-cri-dockerd.sh │ ├── clean-cri.sh │ ├── clean-docker.sh │ ├── init-cri-dockerd.sh │ ├── init-cri.sh │ └── init-docker.sh ├── firecracker-microvm └── README.md ├── k3s ├── Kubefile ├── README.md ├── etc │ ├── crictl.yaml.tmpl │ ├── image-cri-shim.service │ ├── image-cri-shim.yaml.tmpl │ ├── k3s.service.tmpl │ ├── limits.d │ │ └── sealos-k8s.conf │ ├── registries.yaml.tmpl │ ├── sysctl.d │ │ └── sealos-k8s.conf │ └── zz-k3s-sealos.yaml.tmpl └── scripts │ ├── check.sh │ ├── clean-cri.sh │ ├── clean-k3s.sh │ ├── clean-shim.sh │ ├── clean.sh │ ├── common.sh │ ├── init-cri.sh │ ├── init-k3s.sh │ ├── init-shim.sh │ ├── init.sh │ ├── k3s-killall.sh │ ├── k3s-post-stop.sh │ └── k3s-pre-start.sh ├── k8s ├── README.md ├── etc │ ├── image-cri-shim.service.tmpl │ ├── image-cri-shim.yaml.tmpl │ ├── kubelet.service.tmpl │ ├── limits.d │ │ └── sealos-k8s.conf │ ├── sysctl.d │ │ └── sealos-k8s.conf │ └── systemd │ │ └── system │ │ └── kubelet.service.d │ │ └── 10-kubeadm.conf.tmpl ├── scripts │ ├── clean-kube.sh │ ├── clean-shim.sh │ ├── clean.sh │ ├── common.sh │ ├── init-kube.sh │ ├── init-shim.sh │ ├── init.sh │ ├── kubelet-post-stop.sh │ └── kubelet-pre-start.sh └── statics │ └── audit-policy.yml ├── registry ├── etc │ ├── registry.service.tmpl │ ├── registry.yml.tmpl │ └── registry_config.yml.tmpl └── scripts │ ├── clean-registry.sh │ └── init-registry.sh ├── runtime └── README.md └── version.yaml /.github/ISSUE_TEMPLATE/autobuild-k8s.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: 构建Kubernetes集群镜像 3 | about: 根据分支目录构建集群镜像并推送到镜像仓库 4 | title: '【AIO】kubernetes' 5 | assignees: '' 6 | 7 | --- 8 | 9 | ``` 10 | Usage: 11 | /kube [sealosVersion] # all images for containerd, cri-o, docker and k3s(v1.24+) 12 | Example: 13 | /kube 4.4.1 # Image tags such as v1.28.0 14 | /kube 4.4.0-alpha1 # Image tags such as v1.28-latest 15 | ``` 16 | -------------------------------------------------------------------------------- /.github/scripts/download.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | until sudo docker run --rm -v "/usr/bin:/pwd" -w /tools --entrypoint /bin/sh "ghcr.io/labring-actions/cache:tools-amd64" -c "ls -lh && cp -a . /pwd"; do 6 | sleep 3 7 | done 8 | -------------------------------------------------------------------------------- /.github/scripts/manifest.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu 4 | 5 | readonly ERR_CODE=127 6 | 7 | readonly CRI_TYPE=${criType?} 8 | readonly KUBE_TYPE=${kubeType:-k8s} 9 | 10 | readonly IMAGE_HUB_REGISTRY=${registry?} 11 | readonly IMAGE_HUB_REPO=${repo?} 12 | readonly IMAGE_HUB_USERNAME=${username?} 13 | readonly IMAGE_HUB_PASSWORD=${password?} 14 | readonly IMAGE_CACHE_NAME="ghcr.io/labring-actions/cache" 15 | 16 | readonly IMAGE_TAG=${version?} 17 | readonly KUBE="${IMAGE_TAG%%-*}" 18 | readonly KUBE_XY="${KUBE%.*}" 19 | if [[ "$sealoslatest" == latest ]]; then 20 | export sealosPatch="ghcr.io/labring/sealos-patch:latest" 21 | sealoslatest=$(until curl -sL "https://api.github.com/repos/labring/sealos/releases/latest" | grep tarball_url; do sleep 3; done | awk -F\" '{print $(NF-1)}' | awk -F/ '{print $NF}' | cut -dv -f2) 22 | fi 23 | readonly sealoslatest="${sealoslatest:-IMAGE_TAG#*-}" 24 | readonly SEALOS=${sealoslatest?} 25 | readonly SEALOS_XYZ="${SEALOS%%-*}" 26 | if [[ "${SEALOS_XYZ//./}" -le 433 ]] && [[ $KUBE_TYPE == k3s ]] && [[ -z "$sealosPatch" ]]; then 27 | echo "INFO::skip $KUBE(build for k3s) when $SEALOS(sealos<=4.3.3)" 28 | exit 29 | fi 30 | readonly kube_major="${KUBE%.*}" 31 | readonly sealos_major="${SEALOS%%-*}" 32 | if [[ "${kube_major//./}" -ge 126 ]]; then 33 | if ! [[ "${sealos_major//./}" -le 413 ]] || [[ -n "$sealosPatch" ]]; then 34 | echo "Verifying the availability of unstable" 35 | else 36 | echo "INFO::skip kube(>=1.26) building when sealos <= 4.1.3" 37 | exit 38 | fi 39 | FROM_CRI=$(sudo buildah from "$IMAGE_CACHE_NAME:cri-amd64") 40 | MOUNT_CRI=$(sudo buildah mount "$FROM_CRI") 41 | case $CRI_TYPE in 42 | containerd) 43 | if ! [[ "$(sudo cat "$MOUNT_CRI"/cri/.versions | grep CONTAINERD | awk -F= '{print $NF}')" =~ v1\.([6-9]|[0-9][0-9])\.[0-9]+ ]]; then 44 | echo https://kubernetes.io/blog/2022/11/18/upcoming-changes-in-kubernetes-1-26/#cri-api-removal 45 | exit 46 | fi 47 | ;; 48 | docker) 49 | if ! [[ "$(sudo cat "$MOUNT_CRI"/cri/.versions | grep CRIDOCKER | awk -F= '{print $NF}')" =~ v0\.[3-9]\.[0-9]+ ]]; then 50 | echo https://github.com/Mirantis/cri-dockerd/issues/125 51 | exit 52 | fi 53 | ;; 54 | esac 55 | fi 56 | 57 | case $CRI_TYPE in 58 | containerd | cri-o) 59 | if [[ "${SEALOS_XYZ%%.*}" -ge 5 ]] && ! [[ "${KUBE_XY//./}" -ge 124 ]]; then 60 | echo "INFO::skip $KUBE(kube<1.24) when $SEALOS(sealos>=5)" 61 | exit 62 | fi 63 | ;; 64 | docker) 65 | if [[ "${SEALOS_XYZ%%.*}" -ge 5 ]] && ! [[ "${KUBE_XY//./}" -ge 126 ]]; then 66 | echo "INFO::skip $KUBE(kube<1.26) when $SEALOS(sealos>=5)" 67 | exit 68 | fi 69 | ;; 70 | esac 71 | case $CRI_TYPE in 72 | containerd) 73 | IMAGE_KUBE=kubernetes 74 | ;; 75 | cri-o) 76 | IMAGE_KUBE=kubernetes-crio 77 | ;; 78 | docker) 79 | IMAGE_KUBE=kubernetes-docker 80 | ;; 81 | esac 82 | if grep k3s <<<"$KUBE"; then 83 | IMAGE_KUBE=k3s 84 | fi 85 | 86 | if ! [[ "$SEALOS" =~ ^[0-9\.]+[0-9]$ ]] || [[ -n "$sealosPatch" ]]; then 87 | IMAGE_TAGS="v${KUBE%.*}-amd64,v${KUBE%.*}-arm64" 88 | IMAGE_PUSH_NAME=( 89 | "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:v${KUBE%.*}-latest" 90 | ) 91 | else 92 | IMAGE_TAGS="v${KUBE%+*}-$SEALOS-amd64,v${KUBE%+*}-$SEALOS-arm64" 93 | if [[ "$SEALOS" == "$( 94 | until curl -sL "https://api.github.com/repos/labring/sealos/releases/latest"; do sleep 3; done | grep tarball_url | awk -F\" '{print $(NF-1)}' | awk -F/ '{print $NF}' | cut -dv -f2 95 | )" ]]; then 96 | IMAGE_PUSH_NAME=( 97 | "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:v${KUBE%+*}" 98 | "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:v${KUBE%+*}-$SEALOS" 99 | ) 100 | else 101 | IMAGE_PUSH_NAME=( 102 | "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:v${KUBE%+*}-$SEALOS" 103 | ) 104 | fi 105 | fi 106 | 107 | sudo buildah login -u "$IMAGE_HUB_USERNAME" -p "$IMAGE_HUB_PASSWORD" "$IMAGE_HUB_REGISTRY" 108 | for IMAGE_NAME in "${IMAGE_PUSH_NAME[@]}"; do 109 | echo "$IMAGE_TAGS" | sed "s~,~\n~g" | while read -r tag; do 110 | echo "${IMAGE_NAME%:*}:$tag" 111 | done | xargs sudo buildah manifest create --all "mf:${KUBE%+*}-$SEALOS" || exit $ERR_CODE 112 | if [[ $(sudo buildah inspect "mf:${KUBE%+*}-$SEALOS" | yq .manifests[].platform.architecture | uniq | grep 64 -c) -eq 2 ]]; then 113 | if sudo buildah login -u labring -p "$1" docker.io; then 114 | IMAGE_NAME="docker.io/labring/${IMAGE_NAME##*/}" 115 | else 116 | echo "warning: Please input REGISTRY_TOKEN for docker.io" 117 | continue 118 | fi 119 | sudo buildah manifest push --rm --all "mf:${KUBE%+*}-$SEALOS" "docker://$IMAGE_NAME" && echo "$IMAGE_NAME push success" 120 | else 121 | sudo buildah manifest inspect "mf:${KUBE%+*}-$SEALOS" | yq -CP 122 | echo "ERROR::TARGETARCH for sealos build" 123 | sudo buildah images 124 | exit $ERR_CODE 125 | fi 126 | done 127 | 128 | sudo buildah images 129 | -------------------------------------------------------------------------------- /.github/scripts/versions/versions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | readonly CRI_TYPE=${criType?} 6 | readonly KUBE_TYPE=${kubeType:-k8s} 7 | 8 | readonly IMAGE_HUB_REGISTRY=${registry:-} 9 | readonly IMAGE_HUB_REPO=${repo?} 10 | if [[ "$sealoslatest" == latest ]]; then 11 | export sealosPatch="ghcr.io/labring/sealos-patch:latest" 12 | sealoslatest=$(until curl -sL "https://api.github.com/repos/labring/sealos/releases/latest" | grep tarball_url; do sleep 3; done | awk -F\" '{print $(NF-1)}' | awk -F/ '{print $NF}' | cut -dv -f2) 13 | fi 14 | readonly SEALOS=${sealoslatest?} 15 | readonly SEALOS_XYZ="${SEALOS%%-*}" 16 | 17 | case $CRI_TYPE in 18 | containerd) 19 | IMAGE_KUBE=kubernetes 20 | ;; 21 | docker) 22 | IMAGE_KUBE=kubernetes-docker 23 | ;; 24 | cri-o) 25 | IMAGE_KUBE=kubernetes-crio 26 | ;; 27 | esac 28 | if grep k3s <<<"$KUBE"; then 29 | IMAGE_KUBE=k3s 30 | fi 31 | 32 | # Recursively finds all directories with a go.mod file and creates 33 | # a GitHub Actions JSON output option. This is used by the linter action. 34 | echo "Resolving versions in $(pwd)" 35 | rm -rf .versions 36 | mkdir -p .versions 37 | for file in $(pwd)/.github/versions/${part:-*}/CHANGELOG*; do 38 | K8S_MD=${file##*/} 39 | case $CRI_TYPE in 40 | containerd | docker) 41 | case $K8S_MD in 42 | CHANGELOG-1.1[0-5].md) 43 | continue 44 | ;; 45 | esac 46 | ;; 47 | cri-o) 48 | case $K8S_MD in 49 | CHANGELOG-1.1[0-9].md) 50 | continue 51 | ;; 52 | esac 53 | ;; 54 | esac 55 | while IFS= read vKUBE; do 56 | if [[ "$allBuild" == true ]]; then 57 | echo "$vKUBE" >>".versions/$K8S_MD" 58 | else 59 | case $IMAGE_HUB_REGISTRY in 60 | docker.io | ghcr.io) 61 | if until curl -sL "https://hub.docker.com/v2/repositories/$IMAGE_HUB_REPO/$IMAGE_KUBE/tags/$vKUBE-$SEALOS"; do sleep 3; done | 62 | grep digest >/dev/null; then 63 | echo "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:$vKUBE-$SEALOS already existed" 64 | else 65 | echo "$vKUBE" >>".versions/$K8S_MD" 66 | fi 67 | ;; 68 | *) 69 | echo "$vKUBE" >>".versions/$K8S_MD" 70 | ;; 71 | esac 72 | fi 73 | done < <( 74 | until curl -sL "https://github.com/kubernetes/kubernetes/raw/master/CHANGELOG/$K8S_MD"; do sleep 3; done | 75 | grep -E '^- \[v[0-9\.]+\]' | awk '{print $2}' | awk -F\[ '{print $2}' | awk -F\] '{print $1}' >".versions/$K8S_MD.cached" 76 | head -n 1 ".versions/$K8S_MD.cached" >".versions/$K8S_MD.latest" 77 | case $KUBE_TYPE in 78 | k3s) 79 | git ls-remote --refs --sort="-version:refname" --tags "https://github.com/k3s-io/k3s.git" | cut -d/ -f3- | grep -E "^$(cut -d. -f-2 ".versions/$K8S_MD.latest").[0-9]+\+k3s[0-9]$" | head -n 1 >".versions/$K8S_MD.cached" 80 | cp ".versions/$K8S_MD.cached" ".versions/$K8S_MD.latest" 81 | ;; 82 | esac 83 | cat ".versions/$K8S_MD.cached" 84 | ) 85 | [[ -s ".versions/$K8S_MD" ]] || cp ".versions/$K8S_MD.latest" ".versions/$K8S_MD" 86 | if ! [[ "$SEALOS" =~ ^[0-9\.]+[0-9]$ ]] || [[ -n "$sealosPatch" ]] || [[ "${SEALOS_XYZ//./}" -ge 416 ]]; then 87 | { 88 | cut -dv -f 2 ".versions/$K8S_MD" | head -n 1 89 | cut -dv -f 2 ".versions/$K8S_MD" | tail -n 1 90 | } | sort | uniq | awk '{printf "{\"'version'\":\"%s\"},",$1}' >>.versions/versions.txt 91 | else 92 | cut -dv -f 2 ".versions/$K8S_MD" | 93 | awk '{printf "{\"'version'\":\"%s\"},",$1}' >>.versions/versions.txt 94 | fi 95 | done 96 | SET_MATRIX=$(cat .versions/versions.txt) 97 | echo "{\"include\":[${SET_MATRIX%?}]}" | yq -P 98 | echo "matrix={\"include\":[${SET_MATRIX%?}]}" >>$GITHUB_OUTPUT 99 | -------------------------------------------------------------------------------- /.github/scripts/versions/versions_arch.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | readonly CRI_TYPE=${criType?} 6 | readonly KUBE_TYPE=${kubeType:-k8s} 7 | 8 | readonly IMAGE_HUB_REGISTRY=${registry:-} 9 | readonly IMAGE_HUB_REPO=${repo?} 10 | if [[ "$sealoslatest" == latest ]]; then 11 | export sealosPatch="ghcr.io/labring/sealos-patch:latest" 12 | sealoslatest=$(until curl -sL "https://api.github.com/repos/labring/sealos/releases/latest" | grep tarball_url; do sleep 3; done | awk -F\" '{print $(NF-1)}' | awk -F/ '{print $NF}' | cut -dv -f2) 13 | fi 14 | readonly SEALOS=${sealoslatest?} 15 | readonly SEALOS_XYZ="${SEALOS%%-*}" 16 | 17 | case $CRI_TYPE in 18 | containerd) 19 | IMAGE_KUBE=kubernetes 20 | ;; 21 | docker) 22 | IMAGE_KUBE=kubernetes-docker 23 | ;; 24 | cri-o) 25 | IMAGE_KUBE=kubernetes-crio 26 | ;; 27 | esac 28 | if grep k3s <<<"$KUBE"; then 29 | IMAGE_KUBE=k3s 30 | fi 31 | 32 | # Recursively finds all directories with a go.mod file and creates 33 | # a GitHub Actions JSON output option. This is used by the linter action. 34 | echo "Resolving versions in $(pwd)" 35 | rm -rf .versions 36 | mkdir -p .versions 37 | for file in $(pwd)/.github/versions/${part:-*}/CHANGELOG*; do 38 | K8S_MD=${file##*/} 39 | case $CRI_TYPE in 40 | containerd | docker) 41 | case $K8S_MD in 42 | CHANGELOG-1.1[0-5].md) 43 | continue 44 | ;; 45 | esac 46 | ;; 47 | cri-o) 48 | case $K8S_MD in 49 | CHANGELOG-1.1[0-9].md) 50 | continue 51 | ;; 52 | esac 53 | ;; 54 | esac 55 | while IFS= read vKUBE; do 56 | if [[ "$allBuild" == true ]]; then 57 | echo "$vKUBE" >>".versions/$K8S_MD" 58 | else 59 | case $IMAGE_HUB_REGISTRY in 60 | docker.io | ghcr.io) 61 | if until curl -sL "https://hub.docker.com/v2/repositories/$IMAGE_HUB_REPO/$IMAGE_KUBE/tags/$vKUBE-$SEALOS"; do sleep 3; done | 62 | grep digest >/dev/null; then 63 | echo "$IMAGE_HUB_REGISTRY/$IMAGE_HUB_REPO/$IMAGE_KUBE:$vKUBE-$SEALOS already existed" 64 | else 65 | echo "$vKUBE" >>".versions/$K8S_MD" 66 | fi 67 | ;; 68 | *) 69 | echo "$vKUBE" >>".versions/$K8S_MD" 70 | ;; 71 | esac 72 | fi 73 | done < <( 74 | until curl -sL "https://github.com/kubernetes/kubernetes/raw/master/CHANGELOG/$K8S_MD"; do sleep 3; done | 75 | grep -E '^- \[v[0-9\.]+\]' | awk '{print $2}' | awk -F\[ '{print $2}' | awk -F\] '{print $1}' >".versions/$K8S_MD.cached" 76 | head -n 1 ".versions/$K8S_MD.cached" >".versions/$K8S_MD.latest" 77 | case $KUBE_TYPE in 78 | k3s) 79 | git ls-remote --refs --sort="-version:refname" --tags "https://github.com/k3s-io/k3s.git" | cut -d/ -f3- | grep -E "^$(cut -d. -f-2 ".versions/$K8S_MD.latest").[0-9]+\+k3s[0-9]$" | head -n 1 >".versions/$K8S_MD.cached" 80 | cp ".versions/$K8S_MD.cached" ".versions/$K8S_MD.latest" 81 | ;; 82 | esac 83 | cat ".versions/$K8S_MD.cached" 84 | ) 85 | [[ -s ".versions/$K8S_MD" ]] || cp ".versions/$K8S_MD.latest" ".versions/$K8S_MD" 86 | if [[ -z "$(cat ".versions/$K8S_MD")" ]]; then 87 | mv ".versions/$K8S_MD.latest" ".versions/$K8S_MD" 88 | fi 89 | if ! [[ "$SEALOS" =~ ^[0-9\.]+[0-9]$ ]] || [[ -n "$sealosPatch" ]] || [[ "${SEALOS_XYZ//./}" -ge 416 ]]; then 90 | { 91 | cut -dv -f 2 ".versions/$K8S_MD" | head -n 1 92 | cut -dv -f 2 ".versions/$K8S_MD" | tail -n 1 93 | } | sort | uniq | awk '{printf "{\"'version'\":\"%s\",\"'arch'\":\"amd64\"},{\"'version'\":\"%s\",\"'arch'\":\"arm64\"},",$1,$1}' >>.versions/versions_arch.txt 94 | else 95 | cut -dv -f 2 ".versions/$K8S_MD" | 96 | awk '{printf "{\"'version'\":\"%s\",\"'arch'\":\"amd64\"},{\"'version'\":\"%s\",\"'arch'\":\"arm64\"},",$1,$1}' >>.versions/versions_arch.txt 97 | fi 98 | done 99 | SET_MATRIX=$(cat .versions/versions_arch.txt) 100 | echo "{\"include\":[${SET_MATRIX%?}]}" | yq -P 101 | echo "matrix={\"include\":[${SET_MATRIX%?}]}" >>$GITHUB_OUTPUT 102 | -------------------------------------------------------------------------------- /.github/scripts/versions/versions_sealos.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | readonly commentVersion="$(echo "${commentbody?}" | awk '{print $2}')" 6 | readonly defaultVersion="$(until curl -sL "https://api.github.com/repos/labring/sealos/tags" | yq '.[].name' | grep -E "^v.+$"; do sleep 1; done | grep -E "v[0-9.]+$" | head -n 1 | cut -dv -f2)" 7 | 8 | if [[ -n "$commentVersion" ]]; then 9 | sealosVersion=$commentVersion 10 | else 11 | sealosVersion=$defaultVersion 12 | fi 13 | 14 | if [[ "$sealosVersion" == latest ]]; then 15 | echo "sealos latest for development" 16 | else 17 | until curl -sL https://api.github.com/repos/labring/sealos/tags | yq .[].name | grep -E "^v.+$"; do sleep 3; done >.tags 18 | if ! grep "$sealosVersion" .tags >/dev/null; then 19 | cat .tags 20 | echo "sealos version $sealosVersion does not exist" 21 | exit 127 22 | fi 23 | fi 24 | 25 | echo "sealos: $sealosVersion" 26 | echo "sealoslatest=$sealosVersion" >>$GITHUB_OUTPUT 27 | -------------------------------------------------------------------------------- /.github/scripts/waitRunning.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | readonly C_TIMEOUT=${1:-1} 6 | readonly R_TIMEOUT=${2:-5} 7 | 8 | echo "CheckCreating(timeout=$C_TIMEOUT), CheckRunning(timeout=$R_TIMEOUT)" 9 | 10 | function checker() { 11 | # for Creating 12 | kubectl get pods -oname --all-namespaces | sort >"all.$HOSTNAME.pods" 13 | until ! diff <(kubectl get pods -oname --all-namespaces | sort) "all.$HOSTNAME.pods" &>/dev/null; do 14 | sleep 3 15 | # timeout 16 | if ! find . -type f -name "all.$HOSTNAME.pods" -mmin -"$C_TIMEOUT" | grep "all.$HOSTNAME.pods" &>/dev/null; then exit 8; fi 17 | done 18 | # for Running 19 | until ! kubectl get pods --no-headers --all-namespaces | grep -vE Running &>/dev/null; do 20 | sleep 9 21 | if kubectl get pods --no-headers --all-namespaces | grep -vE Running; then 22 | echo 23 | fi 24 | # timeout 25 | if ! find . -type f -name "all.$HOSTNAME.pods" -mmin -"$R_TIMEOUT" | grep "all.$HOSTNAME.pods" &>/dev/null; then exit 88; fi 26 | done 27 | rm -f "all.$HOSTNAME.pods" 28 | } 29 | 30 | if kubectl version; then 31 | kubectl get pods -owide --all-namespaces 32 | kubectl get node -owide 33 | checker 34 | kubectl get pods -owide --all-namespaces 35 | kubectl get node -owide 36 | sudo crictl images 37 | fi 38 | -------------------------------------------------------------------------------- /.github/versions/3/CHANGELOG-1.25.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/labring-actions/runtime/703520995534c6814c43bc0f3dbff46562c93b1c/.github/versions/3/CHANGELOG-1.25.md -------------------------------------------------------------------------------- /.github/versions/4/CHANGELOG-1.26.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /.github/versions/4/CHANGELOG-1.27.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /.github/versions/4/CHANGELOG-1.28.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /.github/versions/4/CHANGELOG-1.29.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /.github/versions/5/CHANGELOG-1.30.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/labring-actions/runtime/703520995534c6814c43bc0f3dbff46562c93b1c/.github/versions/5/CHANGELOG-1.30.md -------------------------------------------------------------------------------- /.github/versions/5/CHANGELOG-1.31.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/labring-actions/runtime/703520995534c6814c43bc0f3dbff46562c93b1c/.github/versions/5/CHANGELOG-1.31.md -------------------------------------------------------------------------------- /.github/versions/5/CHANGELOG-1.32.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/labring-actions/runtime/703520995534c6814c43bc0f3dbff46562c93b1c/.github/versions/5/CHANGELOG-1.32.md -------------------------------------------------------------------------------- /.github/versions/5/CHANGELOG-1.33.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/labring-actions/runtime/703520995534c6814c43bc0f3dbff46562c93b1c/.github/versions/5/CHANGELOG-1.33.md -------------------------------------------------------------------------------- /.github/workflows/autobuild-k3s-containerd-part3.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k3s 1.24-25 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 3 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | kubeType: k3s 20 | jobs: 21 | resolve-issue-sealoslatest: 22 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part3') || startswith(github.event.comment.body, '/single_containerd_part3') || contains(github.event.inputs.sealosPatch, 'sealos') 23 | runs-on: ubuntu-24.04 24 | outputs: 25 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 26 | steps: 27 | - name: Checkout 28 | uses: actions/checkout@v3 29 | - name: Set sealos LatestVersion 30 | id: set-sealoslatest 31 | run: | 32 | export commentbody="${{github.event.comment.body}}" 33 | .github/scripts/versions/versions_sealos.sh 34 | resolve-versions-arch: 35 | runs-on: ubuntu-24.04 36 | needs: 37 | - resolve-issue-sealoslatest 38 | env: 39 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 40 | outputs: 41 | matrix: ${{ steps.set-versions.outputs.matrix }} 42 | steps: 43 | - name: Checkout 44 | uses: actions/checkout@v3 45 | - name: Resolve Versions 46 | id: set-versions 47 | run: .github/scripts/versions/versions_arch.sh 48 | resolve-versions: 49 | runs-on: ubuntu-24.04 50 | needs: 51 | - resolve-issue-sealoslatest 52 | env: 53 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 54 | outputs: 55 | matrix: ${{ steps.set-versions.outputs.matrix }} 56 | steps: 57 | - name: Checkout 58 | uses: actions/checkout@v3 59 | - name: Resolve Versions 60 | id: set-versions 61 | run: .github/scripts/versions/versions.sh 62 | build-images: 63 | name: building 64 | needs: 65 | - resolve-issue-sealoslatest 66 | - resolve-versions-arch 67 | runs-on: ubuntu-24.04 68 | env: 69 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 70 | strategy: 71 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 72 | steps: 73 | - name: Checkout 74 | uses: actions/checkout@v3 75 | 76 | - name: Download tools and sealos 77 | run: .github/scripts/download.sh 78 | 79 | - name: Auto build image 80 | env: 81 | username: ${{ github.actor }} 82 | password: ${{ secrets.GITHUB_TOKEN }} 83 | arch: ${{ matrix.arch }} 84 | kubeVersion: ${{ matrix.version }} 85 | run: .github/scripts/kubernetes.sh 86 | 87 | build_manifest: 88 | needs: 89 | - resolve-issue-sealoslatest 90 | - resolve-versions 91 | - build-images 92 | name: manifest 93 | env: 94 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 95 | strategy: 96 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 97 | runs-on: ubuntu-24.04 98 | permissions: 99 | issues: write 100 | steps: 101 | - name: Checkout 102 | uses: actions/checkout@v3 103 | - name: Download tools and sealos 104 | run: .github/scripts/download.sh 105 | - name: Manifest Image 106 | env: 107 | username: ${{ github.actor }} 108 | password: ${{ secrets.GITHUB_TOKEN }} 109 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 110 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | � says: Hooray! The action autobuild-k8s-containerd-part3 has been completed successfully. � 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k3s-containerd-part4.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k3s 1.26-29 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 4 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | kubeType: k3s 20 | jobs: 21 | resolve-issue-sealoslatest: 22 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part4') || startswith(github.event.comment.body, '/single_containerd_part4') || contains(github.event.inputs.sealosPatch, 'sealos') 23 | runs-on: ubuntu-24.04 24 | outputs: 25 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 26 | steps: 27 | - name: Checkout 28 | uses: actions/checkout@v3 29 | - name: Set sealos LatestVersion 30 | id: set-sealoslatest 31 | run: | 32 | export commentbody="${{github.event.comment.body}}" 33 | .github/scripts/versions/versions_sealos.sh 34 | resolve-versions-arch: 35 | runs-on: ubuntu-24.04 36 | needs: 37 | - resolve-issue-sealoslatest 38 | env: 39 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 40 | outputs: 41 | matrix: ${{ steps.set-versions.outputs.matrix }} 42 | steps: 43 | - name: Checkout 44 | uses: actions/checkout@v3 45 | - name: Resolve Versions 46 | id: set-versions 47 | run: .github/scripts/versions/versions_arch.sh 48 | resolve-versions: 49 | runs-on: ubuntu-24.04 50 | needs: 51 | - resolve-issue-sealoslatest 52 | env: 53 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 54 | outputs: 55 | matrix: ${{ steps.set-versions.outputs.matrix }} 56 | steps: 57 | - name: Checkout 58 | uses: actions/checkout@v3 59 | - name: Resolve Versions 60 | id: set-versions 61 | run: .github/scripts/versions/versions.sh 62 | build-images: 63 | name: building 64 | needs: 65 | - resolve-issue-sealoslatest 66 | - resolve-versions-arch 67 | runs-on: ubuntu-24.04 68 | env: 69 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 70 | strategy: 71 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 72 | steps: 73 | - name: Checkout 74 | uses: actions/checkout@v3 75 | 76 | - name: Download tools and sealos 77 | run: .github/scripts/download.sh 78 | 79 | - name: Auto build image 80 | env: 81 | username: ${{ github.actor }} 82 | password: ${{ secrets.GITHUB_TOKEN }} 83 | arch: ${{ matrix.arch }} 84 | kubeVersion: ${{ matrix.version }} 85 | run: .github/scripts/kubernetes.sh 86 | 87 | build_manifest: 88 | needs: 89 | - resolve-issue-sealoslatest 90 | - resolve-versions 91 | - build-images 92 | name: manifest 93 | env: 94 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 95 | strategy: 96 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 97 | runs-on: ubuntu-24.04 98 | permissions: 99 | issues: write 100 | steps: 101 | - name: Checkout 102 | uses: actions/checkout@v3 103 | - name: Download tools and sealos 104 | run: .github/scripts/download.sh 105 | - name: Manifest Image 106 | env: 107 | username: ${{ github.actor }} 108 | password: ${{ secrets.GITHUB_TOKEN }} 109 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 110 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 111 | 112 | add-tips: 113 | if: contains(github.event.comment.body, 'imagebuild') 114 | needs: 115 | - build_manifest 116 | name: Auto add tips 117 | runs-on: ubuntu-24.04 118 | permissions: 119 | issues: write 120 | steps: 121 | - name: Success Commit 122 | uses: peter-evans/create-or-update-comment@v1 123 | with: 124 | issue-number: ${{ github.event.issue.number }} 125 | body: | 126 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part4 has been completed successfully. 🎉 127 | 128 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 129 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k3s-containerd-part5.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k3s 1.30+ 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 5 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | kubeType: k3s 20 | jobs: 21 | resolve-issue-sealoslatest: 22 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part5') || startswith(github.event.comment.body, '/single_containerd_part5') || contains(github.event.inputs.sealosPatch, 'sealos') 23 | runs-on: ubuntu-24.04 24 | outputs: 25 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 26 | steps: 27 | - name: Checkout 28 | uses: actions/checkout@v3 29 | - name: Set sealos LatestVersion 30 | id: set-sealoslatest 31 | run: | 32 | export commentbody="${{github.event.comment.body}}" 33 | .github/scripts/versions/versions_sealos.sh 34 | resolve-versions-arch: 35 | runs-on: ubuntu-24.04 36 | needs: 37 | - resolve-issue-sealoslatest 38 | env: 39 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 40 | outputs: 41 | matrix: ${{ steps.set-versions.outputs.matrix }} 42 | steps: 43 | - name: Checkout 44 | uses: actions/checkout@v3 45 | - name: Resolve Versions 46 | id: set-versions 47 | run: .github/scripts/versions/versions_arch.sh 48 | resolve-versions: 49 | runs-on: ubuntu-24.04 50 | needs: 51 | - resolve-issue-sealoslatest 52 | env: 53 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 54 | outputs: 55 | matrix: ${{ steps.set-versions.outputs.matrix }} 56 | steps: 57 | - name: Checkout 58 | uses: actions/checkout@v3 59 | - name: Resolve Versions 60 | id: set-versions 61 | run: .github/scripts/versions/versions.sh 62 | build-images: 63 | name: building 64 | needs: 65 | - resolve-issue-sealoslatest 66 | - resolve-versions-arch 67 | runs-on: ubuntu-24.04 68 | env: 69 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 70 | strategy: 71 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 72 | steps: 73 | - name: Checkout 74 | uses: actions/checkout@v3 75 | 76 | - name: Download tools and sealos 77 | run: .github/scripts/download.sh 78 | 79 | - name: Auto build image 80 | env: 81 | username: ${{ github.actor }} 82 | password: ${{ secrets.GITHUB_TOKEN }} 83 | arch: ${{ matrix.arch }} 84 | kubeVersion: ${{ matrix.version }} 85 | run: .github/scripts/kubernetes.sh 86 | 87 | build_manifest: 88 | needs: 89 | - resolve-issue-sealoslatest 90 | - resolve-versions 91 | - build-images 92 | name: manifest 93 | env: 94 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 95 | strategy: 96 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 97 | runs-on: ubuntu-24.04 98 | permissions: 99 | issues: write 100 | steps: 101 | - name: Checkout 102 | uses: actions/checkout@v3 103 | - name: Download tools and sealos 104 | run: .github/scripts/download.sh 105 | - name: Manifest Image 106 | env: 107 | username: ${{ github.actor }} 108 | password: ${{ secrets.GITHUB_TOKEN }} 109 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 110 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 111 | 112 | add-tips: 113 | if: contains(github.event.comment.body, 'imagebuild') 114 | needs: 115 | - build_manifest 116 | name: Auto add tips 117 | runs-on: ubuntu-24.04 118 | permissions: 119 | issues: write 120 | steps: 121 | - name: Success Commit 122 | uses: peter-evans/create-or-update-comment@v1 123 | with: 124 | issue-number: ${{ github.event.issue.number }} 125 | body: | 126 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part5 has been completed successfully. 🎉 127 | 128 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 129 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part0.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.16-18 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 0 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part0') || startswith(github.event.comment.body, '/single_containerd_part0') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part0 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part1.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.19-20 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 1 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part1') || startswith(github.event.comment.body, '/single_containerd_part1') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part1 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part2.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.21-23 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 2 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part2') || startswith(github.event.comment.body, '/single_containerd_part2') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part2 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part3.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.24-25 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 3 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part3') || startswith(github.event.comment.body, '/single_containerd_part3') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part3 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part4.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.26-29 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 4 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part4') || startswith(github.event.comment.body, '/single_containerd_part4') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part4 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-containerd-part5.yml: -------------------------------------------------------------------------------- 1 | name: containerd for k8s 1.30+ 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 5 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: containerd 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/containerd') || startswith(github.event.comment.body, '/single_part5') || startswith(github.event.comment.body, '/single_containerd_part5') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-containerd-part5 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-cri-o-part1.yml: -------------------------------------------------------------------------------- 1 | name: cri-o for k8s 1.20 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 1 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: cri-o 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/cri-o') || startswith(github.event.comment.body, '/single_part1') || startswith(github.event.comment.body, '/single_cri-o_part1') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-cri-o-part1 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-cri-o-part2.yml: -------------------------------------------------------------------------------- 1 | name: cri-o for k8s 1.21-23 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 2 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: cri-o 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/cri-o') || startswith(github.event.comment.body, '/single_part2') || startswith(github.event.comment.body, '/single_cri-o_part2') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-cri-o-part2 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-cri-o-part3.yml: -------------------------------------------------------------------------------- 1 | name: cri-o for k8s 1.24-25 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 3 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: cri-o 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/cri-o') || startswith(github.event.comment.body, '/single_part3') || startswith(github.event.comment.body, '/single_cri-o_part3') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | add-tips: 111 | if: contains(github.event.comment.body, 'imagebuild') 112 | needs: 113 | - build_manifest 114 | name: Auto add tips 115 | runs-on: ubuntu-24.04 116 | permissions: 117 | issues: write 118 | steps: 119 | - name: Success Commit 120 | uses: peter-evans/create-or-update-comment@v1 121 | with: 122 | issue-number: ${{ github.event.issue.number }} 123 | body: | 124 | 🤖 says: Hooray! The action autobuild-k8s-cri-o-part3 has been completed successfully. 🎉 125 | 126 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 127 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-cri-o-part4.yml: -------------------------------------------------------------------------------- 1 | name: cri-o for k8s 1.26-29 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 4 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: cri-o 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/cri-o') || startswith(github.event.comment.body, '/single_part4') || startswith(github.event.comment.body, '/single_cri-o_part4') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-cri-o-part4 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-cri-o-part5.yml: -------------------------------------------------------------------------------- 1 | name: cri-o for k8s 1.30+ 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 5 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: cri-o 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/cri-o') || startswith(github.event.comment.body, '/single_part5') || startswith(github.event.comment.body, '/single_cri-o_part5') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-cri-o-part5 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part0.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.16-18 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 0 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part0') || startswith(github.event.comment.body, '/single_docker_part0') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part0 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part1.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.19-20 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 1 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part1') || startswith(github.event.comment.body, '/single_docker_part1') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part1 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part2.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.21-23 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 2 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part2') || startswith(github.event.comment.body, '/single_docker_part2') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part2 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part3.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.24-25 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 3 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part3') || startswith(github.event.comment.body, '/single_docker_part3') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part3 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part4.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.26-29 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 4 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part4') || startswith(github.event.comment.body, '/single_docker_part4') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part4 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.github/workflows/autobuild-k8s-docker-part5.yml: -------------------------------------------------------------------------------- 1 | name: docker for k8s 1.30+ 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | sealosPatch: 6 | description: 'sealos patch image for development.' 7 | required: true 8 | default: ghcr.io/labring/sealos-patch:latest 9 | issue_comment: 10 | types: 11 | - created 12 | env: 13 | part: 5 14 | allBuild: false 15 | registry: ghcr.io 16 | repo: ${{ github.repository }} 17 | sealosPatch: ${{ github.event.inputs.sealosPatch }} 18 | criType: docker 19 | jobs: 20 | resolve-issue-sealoslatest: 21 | if: startswith(github.event.comment.body, '/kube') || startswith(github.event.comment.body, '/docker') || startswith(github.event.comment.body, '/single_part5') || startswith(github.event.comment.body, '/single_docker_part5') || contains(github.event.inputs.sealosPatch, 'sealos') 22 | runs-on: ubuntu-24.04 23 | outputs: 24 | sealoslatest: ${{ steps.set-sealoslatest.outputs.sealoslatest }} 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v3 28 | - name: Set sealos LatestVersion 29 | id: set-sealoslatest 30 | run: | 31 | export commentbody="${{github.event.comment.body}}" 32 | .github/scripts/versions/versions_sealos.sh 33 | resolve-versions-arch: 34 | runs-on: ubuntu-24.04 35 | needs: 36 | - resolve-issue-sealoslatest 37 | env: 38 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 39 | outputs: 40 | matrix: ${{ steps.set-versions.outputs.matrix }} 41 | steps: 42 | - name: Checkout 43 | uses: actions/checkout@v3 44 | - name: Resolve Versions 45 | id: set-versions 46 | run: .github/scripts/versions/versions_arch.sh 47 | resolve-versions: 48 | runs-on: ubuntu-24.04 49 | needs: 50 | - resolve-issue-sealoslatest 51 | env: 52 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 53 | outputs: 54 | matrix: ${{ steps.set-versions.outputs.matrix }} 55 | steps: 56 | - name: Checkout 57 | uses: actions/checkout@v3 58 | - name: Resolve Versions 59 | id: set-versions 60 | run: .github/scripts/versions/versions.sh 61 | build-images: 62 | name: building 63 | needs: 64 | - resolve-issue-sealoslatest 65 | - resolve-versions-arch 66 | runs-on: ubuntu-24.04 67 | env: 68 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 69 | strategy: 70 | matrix: ${{ fromJson(needs.resolve-versions-arch.outputs.matrix) }} 71 | steps: 72 | - name: Checkout 73 | uses: actions/checkout@v3 74 | 75 | - name: Download tools and sealos 76 | run: .github/scripts/download.sh 77 | 78 | - name: Auto build image 79 | env: 80 | username: ${{ github.actor }} 81 | password: ${{ secrets.GITHUB_TOKEN }} 82 | arch: ${{ matrix.arch }} 83 | kubeVersion: ${{ matrix.version }} 84 | run: .github/scripts/kubernetes.sh 85 | 86 | build_manifest: 87 | needs: 88 | - resolve-issue-sealoslatest 89 | - resolve-versions 90 | - build-images 91 | name: manifest 92 | env: 93 | sealoslatest: ${{ needs.resolve-issue-sealoslatest.outputs.sealoslatest }} 94 | strategy: 95 | matrix: ${{ fromJson(needs.resolve-versions.outputs.matrix) }} 96 | runs-on: ubuntu-24.04 97 | permissions: 98 | issues: write 99 | steps: 100 | - name: Checkout 101 | uses: actions/checkout@v3 102 | - name: Download tools and sealos 103 | run: .github/scripts/download.sh 104 | - name: Manifest Image 105 | env: 106 | username: ${{ github.actor }} 107 | password: ${{ secrets.GITHUB_TOKEN }} 108 | version: ${{ matrix.version }}-${{ env.sealoslatest }} 109 | run: .github/scripts/manifest.sh ${{ secrets.D_REGISTRY_TOKEN }} 110 | 111 | add-tips: 112 | if: contains(github.event.comment.body, 'imagebuild') 113 | needs: 114 | - build_manifest 115 | name: Auto add tips 116 | runs-on: ubuntu-24.04 117 | permissions: 118 | issues: write 119 | steps: 120 | - name: Success Commit 121 | uses: peter-evans/create-or-update-comment@v1 122 | with: 123 | issue-number: ${{ github.event.issue.number }} 124 | body: | 125 | 🤖 says: Hooray! The action autobuild-k8s-docker-part5 has been completed successfully. 🎉 126 | 127 | See: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} 128 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | .vscode -------------------------------------------------------------------------------- /CHANGELOG/CHANGELOG-1.0.0.md: -------------------------------------------------------------------------------- 1 | ## Changelog 2 | 3 | * refactor(master): fixed version for rootfs in 20230205 4 | 5 | - containerd: v1.6.16 6 | - docker: v23.0.0(Compatible with v19.03.xx/v20.10.xx) 7 | - docker-cri: v0.3.1(Compatible with v0.2.x) 8 | - sealos: v4.1.4(Compatible with v4.1.3) 9 | -------------------------------------------------------------------------------- /CHANGELOG/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # CHANGELOGs 2 | 3 | - [CHANGELOG-1.0.0.md](./CHANGELOG-1.0.0.md) 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # runtime 2 | 3 | * __[containerd](https://github.com/containerd/containerd)__ 4 | * __[cri-o](https://github.com/cri-o/cri-o)__ 5 | * __[docker](https://github.com/moby/moby)__ with [cri-dockerd](https://github.com/Mirantis/cri-dockerd) 6 | -------------------------------------------------------------------------------- /containerd/Kubefile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | MAINTAINER sealos 3 | LABEL init="init-cri.sh \$registryDomain \$registryPort && bash init.sh" \ 4 | clean="clean.sh && bash clean-cri.sh \$criData" \ 5 | check="check.sh \$registryData" \ 6 | init-registry="init-registry.sh \$registryData \$registryConfig" \ 7 | clean-registry="clean-registry.sh \$registryData \$registryConfig" \ 8 | vip="\$defaultVIP" 9 | ENV criData=/var/lib/containerd \ 10 | registryData=/var/lib/registry \ 11 | registryConfig=/etc/registry \ 12 | registryDomain=sealos.hub \ 13 | registryPort=5000 \ 14 | registryUsername=admin \ 15 | registryPassword=passw0rd \ 16 | disableApparmor=false \ 17 | SEALOS_SYS_CRI_ENDPOINT=/var/run/containerd/containerd.sock \ 18 | SEALOS_SYS_IMAGE_ENDPOINT=/var/run/image-cri-shim.sock 19 | COPY . . 20 | -------------------------------------------------------------------------------- /containerd/etc/config.toml.tmpl: -------------------------------------------------------------------------------- 1 | version = 2 2 | root = "{{ .criData }}" 3 | state = "/run/containerd" 4 | oom_score = 0 5 | 6 | [grpc] 7 | address = "/run/containerd/containerd.sock" 8 | uid = 0 9 | gid = 0 10 | max_recv_message_size = 16777216 11 | max_send_message_size = 16777216 12 | 13 | [debug] 14 | address = "/run/containerd/containerd-debug.sock" 15 | uid = 0 16 | gid = 0 17 | level = "warn" 18 | 19 | [timeouts] 20 | "io.containerd.timeout.shim.cleanup" = "5s" 21 | "io.containerd.timeout.shim.load" = "5s" 22 | "io.containerd.timeout.shim.shutdown" = "3s" 23 | "io.containerd.timeout.task.state" = "2s" 24 | 25 | [plugins] 26 | [plugins."io.containerd.grpc.v1.cri"] 27 | sandbox_image = "{{ .registryDomain }}:{{ .registryPort }}/{{ .sandboxImage }}" 28 | max_container_log_line_size = 16384 29 | max_concurrent_downloads = 20 30 | disable_apparmor = {{ .disableApparmor }} 31 | [plugins."io.containerd.grpc.v1.cri".containerd] 32 | snapshotter = "overlayfs" 33 | default_runtime_name = "runc" 34 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] 35 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] 36 | runtime_type = "io.containerd.runc.v2" 37 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 38 | SystemdCgroup = true 39 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun] 40 | runtime_type = "io.containerd.runc.v2" 41 | [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.crun.options] 42 | BinaryName = "/usr/bin/crun" 43 | SystemdCgroup = true 44 | [plugins."io.containerd.grpc.v1.cri".registry] 45 | config_path = "/etc/containerd/certs.d" 46 | [plugins."io.containerd.grpc.v1.cri".registry.configs] 47 | [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ .registryDomain }}:{{ .registryPort }}".auth] 48 | username = "{{ .registryUsername }}" 49 | password = "{{ .registryPassword }}" 50 | -------------------------------------------------------------------------------- /containerd/etc/containerd.service.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=containerd container runtime 3 | Documentation=https://containerd.io 4 | After=network.target local-fs.target 5 | 6 | [Service] 7 | ExecStartPre=-/sbin/modprobe overlay 8 | ExecStart={{ default "/usr/bin" .BIN_DIR }}/containerd 9 | 10 | Type=notify 11 | Delegate=yes 12 | KillMode=process 13 | Restart=always 14 | RestartSec=5 15 | # Having non-zero Limit*s causes performance problems due to accounting overhead 16 | # in the kernel. We recommend using cgroups to do container-local accounting. 17 | LimitNPROC=infinity 18 | LimitCORE=infinity 19 | LimitNOFILE=1048576 20 | # Comment TasksMax if your systemd version does not supports it. 21 | # Only systemd 226 and above support this version. 22 | TasksMax=infinity 23 | OOMScoreAdjust=-999 24 | 25 | [Install] 26 | WantedBy=multi-user.target 27 | -------------------------------------------------------------------------------- /containerd/etc/crictl.yaml: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | image-endpoint: unix:///var/run/image-cri-shim.sock 15 | runtime-endpoint: unix:///run/containerd/containerd.sock 16 | -------------------------------------------------------------------------------- /containerd/etc/hosts.toml.tmpl: -------------------------------------------------------------------------------- 1 | server = "http://{{ .registryDomain }}:{{ .registryPort }}" 2 | 3 | [host."http://{{ .registryDomain }}:{{ .registryPort }}"] 4 | capabilities = ["pull", "resolve", "push"] 5 | skip_verify = true 6 | -------------------------------------------------------------------------------- /containerd/scripts/check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/registry} 18 | 19 | check_port_inuse 20 | if command_exists docker; then 21 | error "docker already exist, uninstall docker and retry" 22 | fi 23 | check_cmd_exits docker 24 | check_file_exits /var/run/docker.sock 25 | check_file_exits $storage 26 | if ! command_exists apparmor_parser; then 27 | sed -i 's/disable_apparmor = false/disable_apparmor = true/g' ../etc/config.toml 28 | warn "Replace disable_apparmor = false to disable_apparmor = true" 29 | fi 30 | logger "check root,port,cri success" 31 | -------------------------------------------------------------------------------- /containerd/scripts/clean-containerd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/containerd} 18 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 19 | systemctl stop containerd 20 | systemctl disable containerd 21 | rm -rf /etc/containerd 22 | rm -rf /etc/systemd/system/containerd.service 23 | systemctl daemon-reload 24 | rm -rf $storage 25 | rm -rf /run/containerd/containerd.sock 26 | rm -rf /var/lib/nerdctl 27 | 28 | rm -f ${BIN_DIR}/containerd 29 | rm -f ${BIN_DIR}/containerd-stress 30 | rm -f ${BIN_DIR}/containerd-shim 31 | rm -f ${BIN_DIR}/containerd-shim-runc-v1 32 | rm -f ${BIN_DIR}/containerd-shim-runc-v2 33 | rm -f ${BIN_DIR}/crictl 34 | rm -f /etc/crictl.yaml 35 | rm -f ${BIN_DIR}/ctr 36 | rm -f ${BIN_DIR}/ctd-decoder 37 | rm -f ${BIN_DIR}/runc 38 | rm -f ${BIN_DIR}/nerdctl 39 | rm -f ${BIN_DIR}/crun 40 | rm -f ${BIN_DIR}/crun_ 41 | 42 | rm -rf /opt/containerd 43 | rm -rf /etc/ld.so.conf.d/containerd.conf 44 | ldconfig 45 | 46 | logger "clean containerd success" 47 | -------------------------------------------------------------------------------- /containerd/scripts/clean-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/containerd} 18 | 19 | bash clean-containerd.sh $storage 20 | 21 | logger "clean containerd cri success" 22 | -------------------------------------------------------------------------------- /containerd/scripts/init-containerd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | registry_domain=${1:-sealos.hub} 18 | registry_port=${2:-5000} 19 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 20 | 21 | mkdir -p /opt/containerd && tar -zxf ../cri/libseccomp.tar.gz -C /opt/containerd 22 | echo "/opt/containerd/lib" >/etc/ld.so.conf.d/containerd.conf 23 | ldconfig 24 | [ -d /etc/containerd/certs.d/ ] || mkdir /etc/containerd/certs.d/ -p 25 | cp ../etc/containerd.service /etc/systemd/system/ 26 | tar -zxf ../cri/cri-containerd.tar.gz --strip-components 2 -C ${BIN_DIR} 27 | if "$BIN_DIR/crun_" --version 2>/dev/null | grep ^crun; then 28 | cp -a "$BIN_DIR/crun_" "$BIN_DIR/crun" 29 | sed -i -E 's~default_runtime_name = ".+"~default_runtime_name = "crun"~' ../etc/config.toml 30 | fi 31 | # shellcheck disable=SC2046 32 | chmod a+x $(tar -tf ../cri/cri-containerd.tar.gz | while read -r binary; do echo "${BIN_DIR}/${binary##*/}"; done | xargs) 33 | systemctl enable containerd.service 34 | cp ../etc/config.toml /etc/containerd 35 | mkdir -p /etc/containerd/certs.d/$registry_domain:$registry_port 36 | cp ../etc/hosts.toml /etc/containerd/certs.d/$registry_domain:$registry_port 37 | systemctl daemon-reload 38 | systemctl restart containerd.service 39 | check_status containerd 40 | logger "init containerd success" 41 | -------------------------------------------------------------------------------- /containerd/scripts/init-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | REGISTRY_DOMAIN=${1:-sealos.hub} 18 | REGISTRY_PORT=${2:-5000} 19 | 20 | # Install containerd 21 | if ! bash init-containerd.sh ${REGISTRY_DOMAIN} ${REGISTRY_PORT}; then 22 | error "====init containerd failed!====" 23 | fi 24 | -------------------------------------------------------------------------------- /cri-o/Kubefile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | MAINTAINER sealos 3 | LABEL init="init-cri.sh \$registryDomain \$registryPort \$registryUsername \$registryPassword && bash init.sh" \ 4 | clean="clean.sh && bash clean-cri.sh \$criData" \ 5 | check="check.sh \$registryData" \ 6 | init-registry="init-registry.sh \$registryData \$registryConfig" \ 7 | clean-registry="clean-registry.sh \$registryData \$registryConfig" \ 8 | vip="\$defaultVIP" 9 | ENV criData=/var/lib/crio \ 10 | registryData=/var/lib/registry \ 11 | registryConfig=/etc/registry \ 12 | registryDomain=sealos.hub \ 13 | registryPort=5000 \ 14 | registryUsername=admin \ 15 | registryPassword=passw0rd \ 16 | SEALOS_SYS_CRI_ENDPOINT=/var/run/crio/crio.sock \ 17 | SEALOS_SYS_IMAGE_ENDPOINT=/var/run/image-cri-shim.sock 18 | COPY . . 19 | -------------------------------------------------------------------------------- /cri-o/README.md: -------------------------------------------------------------------------------- 1 | ### support cri-o 2 | 3 | -------------------------------------------------------------------------------- /cri-o/etc/99-crio.conf.tmpl: -------------------------------------------------------------------------------- 1 | [crio] 2 | root = "{{ .criData }}" 3 | [crio.image] 4 | global_auth_file = "/etc/crio/config.json" 5 | pause_image = "{{ .registryDomain }}:{{ .registryPort }}/{{ .sandboxImage }}" 6 | insecure_registries = [ 7 | "{{ .registryDomain }}:{{ .registryPort }}" 8 | ] 9 | -------------------------------------------------------------------------------- /cri-o/etc/crictl.yaml: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | image-endpoint: unix:///var/run/image-cri-shim.sock 15 | runtime-endpoint: unix:///run/crio/crio.sock 16 | -------------------------------------------------------------------------------- /cri-o/scripts/check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/registry} 18 | 19 | check_port_inuse 20 | if command_exists docker; then 21 | error "Please using docker image: labring/kubernetes-docker:v1.23.10 or uninstall docker retry" 22 | fi 23 | check_cmd_exits crio 24 | check_file_exits /var/run/crio/crio.sock 25 | check_file_exits $storage 26 | logger "check root,port,cri success" 27 | -------------------------------------------------------------------------------- /cri-o/scripts/clean-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/crio} 18 | 19 | bash clean-crio.sh $storage 20 | 21 | logger "clean cri-o success" 22 | -------------------------------------------------------------------------------- /cri-o/scripts/clean-crio.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/crio} 18 | 19 | check_service stop crio 20 | 21 | tar xfz ../cri/cri-o.tar.gz 22 | echo Uninstalling CRI-O 23 | pushd cri-o >/dev/null || exit 24 | if [[ -s ../../cri/crio.files ]]; then 25 | xargs <../../cri/crio.files rm -f && date 26 | else 27 | make uninstall 28 | fi 29 | popd >/dev/null || exit 30 | 31 | rm -rf "$storage" 32 | 33 | logger "clean crio success" 34 | -------------------------------------------------------------------------------- /cri-o/scripts/init-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | registry_domain=${1:-sealos.hub} 18 | registry_port=${2:-5000} 19 | registry_username=${3:-} 20 | registry_password=${4:-} 21 | # Install cri-o 22 | if ! bash init-crio.sh ${registry_domain} ${registry_port} ${registry_username} ${registry_password}; then 23 | error "====init crio failed!====" 24 | fi 25 | 26 | logger "init crio success" 27 | -------------------------------------------------------------------------------- /cri-o/scripts/init-crio.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | registry_domain=${1:-sealos.hub} 18 | registry_port=${2:-5000} 19 | registry_username=${3:-} 20 | registry_password=${4:-} 21 | 22 | # Use other network plugin, eg: calico. 23 | rm -fv /etc/cni/net.d/*.conf 24 | 25 | tar xfz ../cri/cri-o.tar.gz 26 | echo Installing CRI-O 27 | pushd cri-o >/dev/null || exit 28 | if [[ -s ../../cri/install.crio ]]; then 29 | bash -e ../../cri/install.crio && date 30 | else 31 | make 32 | fi 33 | popd >/dev/null || exit 34 | 35 | mkdir -p /etc/crio/crio.conf.d 36 | cp ../etc/99-crio.conf /etc/crio/crio.conf.d/ 37 | base64pwd=$(echo -n "${registry_username}:${registry_password}" | base64) 38 | logger "username: $registry_username, password: $registry_password, base64pwd: $base64pwd" 39 | cat >/etc/crio/config.json </dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/registry} 18 | if command_exists containerd && ! command_exists docker; then 19 | error "containerd already exist, uninstall containerd and retry" 20 | fi 21 | check_port_inuse 22 | check_file_exits $storage 23 | logger "check root,port,cri success" 24 | -------------------------------------------------------------------------------- /docker/scripts/clean-cri-dockerd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/cri-dockerd} 18 | systemctl stop cri-docker 19 | systemctl disable cri-docker 20 | rm -rf /etc/systemd/system/cri-docker.service 21 | rm -rf /etc/systemd/system/cri-docker.socket 22 | systemctl daemon-reload 23 | rm -rf $storage 24 | rm -f /usr/bin/cri-dockerd 25 | rm -f /usr/bin/crictl 26 | rm -f /etc/crictl.yaml 27 | rm -f /var/run/cri-dockerd.sock 28 | logger "clean cri-docker success" 29 | -------------------------------------------------------------------------------- /docker/scripts/clean-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | dockerStorage=${1:-/var/lib/docker} 18 | criDockerStorage=${2:-/var/lib/cri-dockerd} 19 | 20 | bash clean-cri-dockerd.sh $criDockerStorage 21 | bash clean-docker.sh $dockerStorage 22 | logger "clean docker success" 23 | -------------------------------------------------------------------------------- /docker/scripts/clean-docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/docker} 18 | systemctl stop docker 19 | systemctl disable docker 20 | rm -rf /etc/docker/daemon.json 21 | rm -rf /etc/systemd/system/docker.service 22 | systemctl daemon-reload 23 | rm -rf $storage 24 | 25 | rm -f /usr/bin/containerd 26 | rm -f /usr/bin/containerd-shim 27 | rm -f /usr/bin/containerd-shim-runc-v2 28 | rm -f /usr/bin/ctr 29 | rm -f /usr/bin/docker 30 | rm -f /usr/bin/docker-init 31 | rm -f /usr/bin/docker-proxy 32 | rm -f /usr/bin/dockerd 33 | rm -f /usr/bin/runc 34 | logger "clean docker success" 35 | -------------------------------------------------------------------------------- /docker/scripts/init-cri-dockerd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | if ! command_exists cri-docker; then 18 | cp ../etc/cri-docker.service /etc/systemd/system/ 19 | cp ../etc/cri-docker.socket /etc/systemd/system/ 20 | tar --strip-components=1 -zxvf ../cri/cri-dockerd.tgz -C /usr/bin 21 | # shellcheck disable=SC2046 22 | chmod a+x $(tar -tf ../cri/cri-dockerd.tgz | while read -r binary; do echo "/usr/bin/${binary##*/}"; done | xargs) 23 | systemctl enable cri-docker.service 24 | systemctl restart cri-docker.service 25 | fi 26 | systemctl daemon-reload 27 | systemctl restart cri-docker.service 28 | check_status cri-docker 29 | logger "init docker success" 30 | -------------------------------------------------------------------------------- /docker/scripts/init-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | # Install docker 18 | iptables -P FORWARD ACCEPT 19 | 20 | if ! bash init-docker.sh; then 21 | error "====init docker failed!====" 22 | fi 23 | 24 | if ! bash init-cri-dockerd.sh; then 25 | error "====init cri-dockerd failed!====" 26 | fi 27 | 28 | logger "init docker success" 29 | -------------------------------------------------------------------------------- /docker/scripts/init-docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | if ! command_exists docker; then 18 | lsb_dist=$(get_distribution) 19 | lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')" 20 | echo "current system is $lsb_dist" 21 | case "$lsb_dist" in 22 | alios) 23 | ip link add name docker0 type bridge 24 | ip addr add dev docker0 172.17.0.1/16 25 | ;; 26 | esac 27 | 28 | [ -d /etc/docker/ ] || mkdir /etc/docker/ -p 29 | cp ../etc/docker.service /etc/systemd/system/ 30 | tar --strip-components=1 -zxvf ../cri/docker.tgz -C /usr/bin 31 | # shellcheck disable=SC2046 32 | chmod a+x $(tar -tf ../cri/docker.tgz | while read -r binary; do echo "/usr/bin/${binary##*/}"; done | xargs) 33 | systemctl enable docker.service 34 | systemctl restart docker.service 35 | cp ../etc/daemon.json /etc/docker 36 | fi 37 | systemctl daemon-reload 38 | systemctl restart docker.service 39 | check_status docker 40 | logger "init docker success" 41 | -------------------------------------------------------------------------------- /firecracker-microvm/README.md: -------------------------------------------------------------------------------- 1 | ## firecracker 2 | 3 | https://firecracker-microvm.github.io 4 | -------------------------------------------------------------------------------- /k3s/Kubefile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | MAINTAINER sealos 3 | LABEL init="init.sh" \ 4 | init-cri="init-cri.sh" \ 5 | clean="clean.sh" \ 6 | clean-cri="clean-cri.sh" \ 7 | check="check.sh \$registryData" \ 8 | init-registry="init-registry.sh \$registryData \$registryConfig" \ 9 | clean-registry="clean-registry.sh \$registryData \$registryConfig" \ 10 | vip="\$defaultVIP" \ 11 | "apps.sealos.io/type"=rootfs \ 12 | "apps.sealos.io/version"=v1beta1 \ 13 | "apps.sealos.io/distribution"=k3s 14 | ENV registryData=/var/lib/registry \ 15 | registryConfig=/etc/registry \ 16 | registryDomain=sealos.hub \ 17 | registryPort=5000 \ 18 | registryUsername=admin \ 19 | registryPassword=passw0rd \ 20 | SEALOS_SYS_CRI_ENDPOINT=/run/k3s/containerd/containerd.sock \ 21 | SEALOS_SYS_IMAGE_ENDPOINT=/var/run/image-cri-shim.sock \ 22 | SEALOS_SYS_RUN_MODE=master 23 | COPY . . 24 | -------------------------------------------------------------------------------- /k3s/README.md: -------------------------------------------------------------------------------- 1 | # K3s runtime 2 | -------------------------------------------------------------------------------- /k3s/etc/crictl.yaml.tmpl: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | image-endpoint: unix://{{.SEALOS_SYS_IMAGE_ENDPOINT}} 15 | runtime-endpoint: unix://{{.SEALOS_SYS_CRI_ENDPOINT}} 16 | -------------------------------------------------------------------------------- /k3s/etc/image-cri-shim.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=image-cri-shim 3 | 4 | [Service] 5 | ExecStart=/usr/bin/image-cri-shim -f /etc/image-cri-shim.yaml 6 | Restart=always 7 | StartLimitInterval=0 8 | RestartSec=10 9 | LimitNOFILE=1048576 10 | # Having non-zero Limit*s causes performance problems due to accounting overhead 11 | # in the kernel. We recommend using cgroups to do container-local accounting. 12 | LimitNPROC=infinity 13 | LimitCORE=infinity 14 | LimitNOFILE=1048576 15 | # Comment TasksMax if your systemd version does not supports it. 16 | # Only systemd 226 and above support this version. 17 | TasksMax=infinity 18 | [Install] 19 | WantedBy=multi-user.target 20 | -------------------------------------------------------------------------------- /k3s/etc/image-cri-shim.yaml.tmpl: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | shim: {{.SEALOS_SYS_IMAGE_ENDPOINT}} 16 | cri: {{.SEALOS_SYS_CRI_ENDPOINT}} 17 | address: http://{{ .registryDomain }}:{{ .registryPort }} 18 | force: true 19 | debug: false 20 | timeout: 15m 21 | auth: {{ .registryUsername }}:{{ .registryPassword }} 22 | -------------------------------------------------------------------------------- /k3s/etc/k3s.service.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Lightweight Kubernetes 3 | Documentation=https://k3s.io 4 | Wants=network-online.target 5 | After=network-online.target 6 | 7 | [Install] 8 | WantedBy=multi-user.target 9 | 10 | [Service] 11 | Type=notify 12 | EnvironmentFile=-/etc/default/%N 13 | EnvironmentFile=-/etc/sysconfig/%N 14 | KillMode=process 15 | Delegate=yes 16 | # Having non-zero Limit*s causes performance problems due to accounting overhead 17 | # in the kernel. We recommend using cgroups to do container-local accounting. 18 | LimitNOFILE=1048576 19 | LimitNPROC=infinity 20 | LimitCORE=infinity 21 | TasksMax=infinity 22 | TimeoutStartSec=0 23 | Restart=always 24 | RestartSec=5s 25 | ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service' 26 | ExecStartPre=-/sbin/modprobe br_netfilter 27 | ExecStartPre=-/sbin/modprobe overlay 28 | ExecStart=/usr/bin/k3s {{ if and (.SEALOS_SYS_RUN_MODE) (contains "master" .SEALOS_SYS_RUN_MODE) }}server{{ else }}agent{{end}} 29 | -------------------------------------------------------------------------------- /k3s/etc/limits.d/sealos-k8s.conf: -------------------------------------------------------------------------------- 1 | #Each line describes a limit for a user in the form: 2 | # 3 | # 4 | # 5 | #Where: 6 | # can be: 7 | # - a user name 8 | # - a group name, with @group syntax 9 | # - the wildcard *, for default entry 10 | # - the wildcard %, can be also used with %group syntax, 11 | # for maxlogin limit 12 | # 13 | # can have the two values: 14 | # - "soft" for enforcing the soft limits 15 | # - "hard" for enforcing hard limits 16 | # 17 | # can be one of the following: 18 | # - core - limits the core file size (KB) 19 | # - data - max data size (KB) 20 | # - fsize - maximum filesize (KB) 21 | # - memlock - max locked-in-memory address space (KB) 22 | # - nofile - max number of open file descriptors 23 | # - rss - max resident set size (KB) 24 | # - stack - max stack size (KB) 25 | # - cpu - max CPU time (MIN) 26 | # - nproc - max number of processes 27 | # - as - address space limit (KB) 28 | # - maxlogins - max number of logins for this user 29 | # - maxsyslogins - max number of logins on the system 30 | # - priority - the priority to run user process with 31 | # - locks - max number of file locks the user can hold 32 | # - sigpending - max number of pending signals 33 | # - msgqueue - max memory used by POSIX message queues (bytes) 34 | # - nice - max nice priority allowed to raise to values: [-20, 19] 35 | # - rtprio - max realtime priority 36 | # 37 | # 38 | * - nofile 65535 39 | * - nproc 65535 40 | root - nofile 1048576 41 | root - nproc 1048576 -------------------------------------------------------------------------------- /k3s/etc/registries.yaml.tmpl: -------------------------------------------------------------------------------- 1 | mirrors: 2 | {{ .registryDomain }}:{{ .registryPort }}: 3 | endpoint: 4 | - "http://{{ .registryDomain }}:{{ .registryPort }}" 5 | configs: 6 | {{ .registryDomain }}:{{ .registryPort }}: 7 | auth: 8 | username: {{.registryUsername}} 9 | password: {{.registryPassword}} 10 | -------------------------------------------------------------------------------- /k3s/etc/sysctl.d/sealos-k8s.conf: -------------------------------------------------------------------------------- 1 | net.bridge.bridge-nf-call-ip6tables = 1 2 | net.bridge.bridge-nf-call-iptables = 1 3 | net.ipv4.conf.all.rp_filter=0 4 | net.ipv4.ip_forward=1 5 | net.ipv4.ip_local_port_range=1024 65535 6 | net.ipv6.conf.all.forwarding=1 7 | net.core.somaxconn=65535 8 | fs.file-max=1048576 9 | net.ipv4.vs.conn_reuse_mode=0 10 | net.ipv4.tcp_keepalive_time=600 11 | net.ipv4.tcp_keepalive_intvl=30 12 | net.ipv4.vs.conntrack=1 13 | vm.max_map_count=2147483642 14 | -------------------------------------------------------------------------------- /k3s/etc/zz-k3s-sealos.yaml.tmpl: -------------------------------------------------------------------------------- 1 | pause-image: {{ .registryDomain }}:{{ .registryPort }}/{{.sandboxImage}} 2 | kubelet-arg+: 3 | - image-service-endpoint=unix://{{.SEALOS_SYS_IMAGE_ENDPOINT}} 4 | -------------------------------------------------------------------------------- /k3s/scripts/check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | storage=${1:-/var/lib/registry} 18 | turn_off_all_service 19 | check_file_exits $storage 20 | logger "check root,port,cri success" 21 | -------------------------------------------------------------------------------- /k3s/scripts/clean-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | logger "using builtin containerd, skip clean cri!" 18 | 19 | -------------------------------------------------------------------------------- /k3s/scripts/clean-k3s.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | rm -f /usr/bin/k3s-pre-start.sh 19 | rm -f /usr/bin/k3s-post-stop.sh 20 | 21 | sed -i '/ # sealos/d' /etc/sysctl.conf 22 | sealos_b='### sealos begin ###' 23 | sealos_e='### sealos end ###' 24 | if grep -E "($sealos_b|$sealos_e)" /etc/security/limits.conf >/dev/null 2>&1; then 25 | slb=$(grep -nE "($sealos_b|$sealos_e)" /etc/security/limits.conf | head -n 1 | awk -F: '{print $1}') 26 | sle=$(grep -nE "($sealos_b|$sealos_e)" /etc/security/limits.conf | tail -n 1 | awk -F: '{print $1}') 27 | sed -i "${slb},${sle}d" /etc/security/limits.conf 28 | fi 29 | 30 | 31 | SYSTEM_NAME=k3s 32 | 33 | BIN_DIR=/usr/bin 34 | 35 | ${BIN_DIR}/k3s-killall.sh 36 | 37 | if command -v systemctl; then 38 | systemctl disable ${SYSTEM_NAME} 39 | systemctl reset-failed ${SYSTEM_NAME} 40 | systemctl daemon-reload 41 | fi 42 | if command -v rc-update; then 43 | rc-update delete ${SYSTEM_NAME} default 44 | fi 45 | 46 | rm -f /etc/systemd/system/k3s.service 47 | rm -f /etc/rancher/k3s/*.env 48 | 49 | remove_uninstall() { 50 | rm -f ${BIN_DIR}/k3s-uninstall.sh 51 | } 52 | trap remove_uninstall EXIT 53 | 54 | if (ls /etc/systemd/system/k3s*.service || ls /etc/init.d/k3s*) >/dev/null 2>&1; then 55 | echo 'Additional k3s services installed, skipping uninstall of k3s'; 56 | exit 57 | fi 58 | 59 | for cmd in kubectl crictl ctr; do 60 | if [ -L ${BIN_DIR}/$cmd ]; then 61 | rm -f ${BIN_DIR}/$cmd 62 | fi 63 | done 64 | 65 | rm -rf /etc/rancher/k3s 66 | rm -rf /run/k3s 67 | rm -rf /run/flannel 68 | rm -rf /var/lib/rancher/k3s 69 | rm -rf /var/lib/kubelet 70 | rm -f ${BIN_DIR}/k3s 71 | 72 | logger "clean k3s success" 73 | -------------------------------------------------------------------------------- /k3s/scripts/clean-shim.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | systemctl stop image-cri-shim 18 | systemctl disable image-cri-shim 19 | rm -rf /etc/systemd/system/image-cri-shim.service 20 | systemctl daemon-reload 21 | rm -f /usr/bin/image-cri-shim 22 | rm -f /etc/image-cri-shim.yaml 23 | rm -f /var/lib/image-cri-shim 24 | logger "clean shim success" 25 | -------------------------------------------------------------------------------- /k3s/scripts/clean.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | bash clean-k3s.sh 19 | bash clean-shim.sh 20 | 21 | logger "clean rootfs success" 22 | -------------------------------------------------------------------------------- /k3s/scripts/common.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | timestamp() { 17 | date +"%Y-%m-%d %T" 18 | } 19 | 20 | error() { 21 | flag=$(timestamp) 22 | echo -e "\033[31m ERROR [$flag] >> $* \033[0m" 23 | exit 1 24 | } 25 | 26 | logger() { 27 | flag=$(timestamp) 28 | echo -e "\033[36m INFO [$flag] >> $* \033[0m" 29 | } 30 | 31 | warn() { 32 | flag=$(timestamp) 33 | echo -e "\033[33m WARN [$flag] >> $* \033[0m" 34 | } 35 | 36 | debug() { 37 | flag=$(timestamp) 38 | echo -e "\033[32m DEBUG [$flag] >> $* \033[0m" 39 | } 40 | 41 | check_service() { 42 | local action=$1 43 | shift 44 | systemctl daemon-reload 45 | case $action in 46 | start) 47 | systemctl enable "$@" 48 | ;; 49 | stop) 50 | systemctl disable "$@" 51 | ;; 52 | *) 53 | error "service action error, only start/stop." 54 | ;; 55 | esac 56 | systemctl "$action" "$@" 57 | } 58 | 59 | check_status() { 60 | for unit; do 61 | logger "Health check $unit!" 62 | status=$(systemctl status "$unit" | grep Active | awk '{print $3}') 63 | if [[ $status = "(running)" ]]; then 64 | logger "$unit is running" 65 | else 66 | error "$unit status is error" 67 | fi 68 | done 69 | } 70 | 71 | get_distribution() { 72 | lsb_dist="" 73 | # Every system that we officially support has /etc/os-release 74 | if [ -r /etc/os-release ]; then 75 | lsb_dist="$(. /etc/os-release && echo "$ID")" 76 | fi 77 | # Returning an empty string here should be alright since the 78 | # case statements don't act unless you provide an actual value 79 | echo "$lsb_dist" 80 | } 81 | 82 | disable_firewalld() { 83 | lsb_dist=$(get_distribution) 84 | lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')" 85 | case "$lsb_dist" in 86 | ubuntu | deepin | debian | raspbian) 87 | command -v ufw &>/dev/null && ufw disable 88 | ;; 89 | centos | rhel | ol | sles | kylin | neokylin) 90 | systemctl stop firewalld && systemctl disable firewalld 91 | ;; 92 | *) 93 | systemctl stop firewalld && systemctl disable firewalld 94 | echo "unknown system, use default to stop firewalld" 95 | ;; 96 | esac 97 | } 98 | 99 | command_exists() { 100 | command -v "$@" >/dev/null 2>&1 101 | } 102 | 103 | check_cmd_exits() { 104 | for cmd; do 105 | if which "$cmd"; then 106 | error "The machine $cmd is not clean. Please clean $cmd the system." 107 | fi 108 | done 109 | } 110 | 111 | check_file_exits() { 112 | for f; do 113 | if [[ -f $f ]]; then 114 | error "The machine $f is not clean. Please clean $f the system." 115 | fi 116 | done 117 | } 118 | 119 | 120 | turn_off_all_service() { 121 | for service in /etc/systemd/system/k3s*.service; do 122 | [ -s $service ] && systemctl stop $(basename $service) 123 | done 124 | for service in /etc/init.d/k3s*; do 125 | [ -x $service ] && $service stop 126 | done 127 | systemctl stop registry 128 | systemctl stop image-cri-shim 129 | logger "Turn off all service for k3s" 130 | } 131 | -------------------------------------------------------------------------------- /k3s/scripts/init-cri.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | logger "using builtin containerd, skip init cri!" 18 | -------------------------------------------------------------------------------- /k3s/scripts/init-k3s.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | 17 | # localhost for hosts 18 | grep 127.0.0.1 <(grep localhost /etc/hosts) || echo "127.0.0.1 localhost" >>/etc/hosts 19 | grep ::1 <(grep localhost /etc/hosts) || echo "::1 localhost" >>/etc/hosts 20 | 21 | cp -a ../scripts/k3s-pre-start.sh /usr/bin 22 | cp -a ../scripts/k3s-post-stop.sh /usr/bin 23 | 24 | source common.sh 25 | disable_firewalld 26 | 27 | # Annotate system configuration 28 | cat ../etc/sysctl.d/*.conf | sort | uniq | grep -v ^$ | while read -r str; do 29 | k=${str%=*} 30 | v=${str#*=} 31 | echo "$k=$v # sealos" 32 | done >>/etc/sysctl.conf 33 | bash /usr/bin/k3s-pre-start.sh 34 | sealos_b='### sealos begin ###' 35 | sealos_e='### sealos end ###' 36 | if ! grep -E "($sealos_b|$sealos_e)" /etc/security/limits.conf >/dev/null 2>&1; then 37 | { 38 | echo "$sealos_b" 39 | cat ../etc/limits.d/*.conf | grep -v ^# | grep -v ^$ | awk '{print $1,$2,$3,$4}' 40 | echo "$sealos_e" 41 | } >>/etc/security/limits.conf 42 | fi 43 | cp -a k3s-killall.sh /usr/bin 44 | cp -a ../bin/* /usr/bin 45 | for cmd in kubectl crictl ctr; do 46 | if [ ! -e /usr/bin/${cmd} ] ; then 47 | which_cmd=$(command -v ${cmd} 2>/dev/null || true) 48 | if [ -z "${which_cmd}" ]; then 49 | logger "Creating /usr/bin/${cmd} symlink to k3s" 50 | ln -sf /usr/bin/k3s /usr/bin/${cmd} 51 | else 52 | logger "Skipping /usr/bin/${cmd} symlink to k3s, command exists in PATH at ${which_cmd}" 53 | fi 54 | else 55 | logger "Skipping /usr/bin/${cmd} symlink to k3s, already exists" 56 | fi 57 | done 58 | for bin in /var/lib/rancher/k3s/data/**/bin/; do 59 | [ -d $bin ] && export PATH=$PATH:$bin:$bin/aux 60 | done 61 | #need after cri-shim 62 | mkdir -p /etc/systemd/system 63 | mkdir -p /etc/rancher/k3s/config.yaml.d 64 | cp ../etc/zz-k3s-sealos.yaml /etc/rancher/k3s/config.yaml.d/ 65 | cp ../etc/k3s.service /etc/systemd/system/ 66 | logger "init k3s success" 67 | -------------------------------------------------------------------------------- /k3s/scripts/init-shim.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | cp -rf ../etc/image-cri-shim.service /etc/systemd/system/ 18 | cp -rf ../etc/image-cri-shim.yaml /etc 19 | cp -rf ../cri/image-cri-shim /usr/bin 20 | [ -f ../etc/crictl.yaml ] && cp -rf ../etc/crictl.yaml /etc 21 | systemctl enable image-cri-shim.service 22 | systemctl daemon-reload 23 | systemctl restart image-cri-shim.service 24 | check_status image-cri-shim 25 | logger "init shim success" 26 | -------------------------------------------------------------------------------- /k3s/scripts/init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | [ -d /etc/rancher/k3s ] || mkdir -p /etc/rancher/k3s 19 | [ -f ../etc/registries.yaml ] && cp -rf ../etc/registries.yaml /etc/rancher/k3s/ 20 | 21 | if ! bash init-shim.sh; then 22 | error "====init image-cri-shim failed!====" 23 | fi 24 | 25 | 26 | if ! bash init-k3s.sh; then 27 | error "====init k3s failed!====" 28 | fi 29 | 30 | logger "init rootfs success" 31 | -------------------------------------------------------------------------------- /k3s/scripts/k3s-killall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | for bin in /var/lib/rancher/k3s/data/**/bin/; do 3 | [ -d $bin ] && export PATH=$PATH:$bin:$bin/aux 4 | done 5 | 6 | for service in /etc/systemd/system/k3s*.service; do 7 | [ -s $service ] && systemctl stop $(basename $service) 8 | done 9 | 10 | for service in /etc/init.d/k3s*; do 11 | [ -x $service ] && $service stop 12 | done 13 | 14 | pschildren() { 15 | ps -e -o ppid= -o pid= | \ 16 | sed -e 's/^\s*//g; s/\s\s*/\t/g;' | \ 17 | grep -w "^$1" | \ 18 | cut -f2 19 | } 20 | 21 | pstree() { 22 | for pid in $@; do 23 | echo $pid 24 | for child in $(pschildren $pid); do 25 | pstree $child 26 | done 27 | done 28 | } 29 | 30 | killtree() { 31 | kill -9 $( 32 | { set +x; } 2>/dev/null; 33 | pstree $@; 34 | set -x; 35 | ) 2>/dev/null 36 | } 37 | 38 | remove_interfaces() { 39 | # Delete network interface(s) that match 'master cni0' 40 | ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do 41 | iface=${iface%%@*} 42 | [ -z "$iface" ] || ip link delete $iface 43 | done 44 | 45 | # Delete cni related interfaces 46 | ip link delete cni0 47 | ip link delete flannel.1 48 | ip link delete flannel-v6.1 49 | ip link delete kube-ipvs0 50 | ip link delete flannel-wg 51 | ip link delete flannel-wg-v6 52 | 53 | # Restart tailscale 54 | if [ -n "$(command -v tailscale)" ]; then 55 | tailscale set --advertise-routes= 56 | fi 57 | } 58 | 59 | getshims() { 60 | ps -e -o pid= -o args= | sed -e 's/^ *//; s/\s\s*/\t/;' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 61 | } 62 | 63 | killtree $({ set +x; } 2>/dev/null; getshims; set -x) 64 | 65 | do_unmount_and_remove() { 66 | while read -r _ path _; do 67 | case "$path" in $1*) echo "$path" ;; esac 68 | done < /proc/self/mounts | sort -r | xargs -r -t -n 1 sh -c 'umount "$0" && rm -rf "$0"' 69 | } 70 | 71 | do_unmount_and_remove '/run/k3s' 72 | do_unmount_and_remove '/var/lib/rancher/k3s' 73 | do_unmount_and_remove '/var/lib/kubelet/pods' 74 | do_unmount_and_remove '/var/lib/kubelet/plugins' 75 | do_unmount_and_remove '/run/netns/cni-' 76 | 77 | # Remove CNI namespaces 78 | ip netns show 2>/dev/null | grep cni- | xargs -r -t -n 1 ip netns delete 79 | 80 | remove_interfaces 81 | 82 | rm -rf /var/lib/cni/ 83 | iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | iptables-restore 84 | ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | ip6tables-restore 85 | -------------------------------------------------------------------------------- /k3s/scripts/k3s-post-stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | date 16 | -------------------------------------------------------------------------------- /k3s/scripts/k3s-pre-start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # First modprobe 17 | cat </dev/null 2>&1; then 34 | modprobe -- nf_conntrack_ipv4 35 | fi 36 | 37 | sysctl --system 38 | swapoff --all || true 39 | 40 | if grep SELINUX=enforcing /etc/selinux/config >/dev/null 2>&1; then 41 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 42 | setenforce 0 43 | fi 44 | -------------------------------------------------------------------------------- /k8s/README.md: -------------------------------------------------------------------------------- 1 | # 安装常见问题请见下面链接 2 | 3 | https://github.com/labring/sealos/issues 4 | 5 | # 技术支持 6 | 7 | 请加入QQ群(98488045) 联系稳定负责人 8 | -------------------------------------------------------------------------------- /k8s/etc/image-cri-shim.service.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=image-cri-shim 3 | 4 | [Service] 5 | ExecStart={{ default "/usr/bin" .BIN_DIR }}/image-cri-shim -f /etc/image-cri-shim.yaml 6 | Restart=always 7 | StartLimitInterval=0 8 | RestartSec=10 9 | LimitNOFILE=1048576 10 | # Having non-zero Limit*s causes performance problems due to accounting overhead 11 | # in the kernel. We recommend using cgroups to do container-local accounting. 12 | LimitNPROC=infinity 13 | LimitCORE=infinity 14 | LimitNOFILE=1048576 15 | # Comment TasksMax if your systemd version does not supports it. 16 | # Only systemd 226 and above support this version. 17 | TasksMax=infinity 18 | [Install] 19 | WantedBy=multi-user.target 20 | -------------------------------------------------------------------------------- /k8s/etc/image-cri-shim.yaml.tmpl: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | shim: {{.SEALOS_SYS_IMAGE_ENDPOINT}} 16 | cri: {{.SEALOS_SYS_CRI_ENDPOINT}} 17 | address: http://{{ .registryDomain }}:{{ .registryPort }} 18 | force: true 19 | debug: false 20 | timeout: 15m 21 | auth: {{ .registryUsername }}:{{ .registryPassword }} 22 | -------------------------------------------------------------------------------- /k8s/etc/kubelet.service.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=kubelet: The Kubernetes Node Agent 3 | Documentation=http://kubernetes.io/docs/ 4 | 5 | [Service] 6 | ExecStart={{ default "/usr/bin" .BIN_DIR }}/kubelet 7 | ExecStartPre=-{{ default "/usr/bin" .BIN_DIR }}/kubelet-pre-start.sh 8 | ExecStopPost=-{{ default "/usr/bin" .BIN_DIR }}/kubelet-post-stop.sh 9 | Restart=always 10 | StartLimitInterval=0 11 | RestartSec=10 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /k8s/etc/limits.d/sealos-k8s.conf: -------------------------------------------------------------------------------- 1 | #Each line describes a limit for a user in the form: 2 | # 3 | # 4 | # 5 | #Where: 6 | # can be: 7 | # - a user name 8 | # - a group name, with @group syntax 9 | # - the wildcard *, for default entry 10 | # - the wildcard %, can be also used with %group syntax, 11 | # for maxlogin limit 12 | # 13 | # can have the two values: 14 | # - "soft" for enforcing the soft limits 15 | # - "hard" for enforcing hard limits 16 | # 17 | # can be one of the following: 18 | # - core - limits the core file size (KB) 19 | # - data - max data size (KB) 20 | # - fsize - maximum filesize (KB) 21 | # - memlock - max locked-in-memory address space (KB) 22 | # - nofile - max number of open file descriptors 23 | # - rss - max resident set size (KB) 24 | # - stack - max stack size (KB) 25 | # - cpu - max CPU time (MIN) 26 | # - nproc - max number of processes 27 | # - as - address space limit (KB) 28 | # - maxlogins - max number of logins for this user 29 | # - maxsyslogins - max number of logins on the system 30 | # - priority - the priority to run user process with 31 | # - locks - max number of file locks the user can hold 32 | # - sigpending - max number of pending signals 33 | # - msgqueue - max memory used by POSIX message queues (bytes) 34 | # - nice - max nice priority allowed to raise to values: [-20, 19] 35 | # - rtprio - max realtime priority 36 | # 37 | # 38 | * - nofile 65535 39 | * - nproc 65535 40 | root - nofile 1048576 41 | root - nproc 1048576 -------------------------------------------------------------------------------- /k8s/etc/sysctl.d/sealos-k8s.conf: -------------------------------------------------------------------------------- 1 | net.bridge.bridge-nf-call-ip6tables = 1 2 | net.bridge.bridge-nf-call-iptables = 1 3 | net.ipv4.conf.all.rp_filter=0 4 | net.ipv4.ip_forward=1 5 | net.ipv4.ip_local_port_range=1024 65535 6 | net.ipv6.conf.all.forwarding=1 7 | net.core.somaxconn=65535 8 | fs.file-max=1048576 9 | net.ipv4.vs.conn_reuse_mode=0 10 | net.ipv4.tcp_keepalive_time=600 11 | net.ipv4.tcp_keepalive_intvl=30 12 | net.ipv4.vs.conntrack=1 13 | vm.max_map_count=2147483642 14 | -------------------------------------------------------------------------------- /k8s/etc/systemd/system/kubelet.service.d/10-kubeadm.conf.tmpl: -------------------------------------------------------------------------------- 1 | # Note: This dropin only works with kubeadm and kubelet v1.11+ 2 | [Service] 3 | Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" 4 | Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" 5 | # This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically 6 | EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env 7 | # This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use 8 | # the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. 9 | Environment="KUBELET_EXTRA_ARGS= \ 10 | {{ if or (not .SEALOS_SYS_KUBE_VERSION) (eq .SEALOS_SYS_KUBE_VERSION "") (not (semverCompare "^1.27.0" .SEALOS_SYS_KUBE_VERSION)) }}--container-runtime=remote{{ end }} \ 11 | {{ if or (not .SEALOS_SYS_KUBE_VERSION) (eq .SEALOS_SYS_KUBE_VERSION "") (not (semverCompare "^1.27.0" .SEALOS_SYS_KUBE_VERSION)) }}--pod-infra-container-image={{ .registryDomain }}:{{ .registryPort }}/{{ .sandboxImage }}{{ end }} \ 12 | --runtime-request-timeout=15m --container-runtime-endpoint=unix://{{ .SEALOS_SYS_CRI_ENDPOINT }} --image-service-endpoint=unix:///var/run/image-cri-shim.sock" 13 | ExecStart= 14 | ExecStart={{ default "/usr/bin" .BIN_DIR }}/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS 15 | -------------------------------------------------------------------------------- /k8s/scripts/clean-kube.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 18 | systemctl stop kubelet 19 | systemctl disable kubelet 20 | systemctl daemon-reload 21 | 22 | rm -f ${BIN_DIR}/conntrack 23 | rm -f ${BIN_DIR}/kubelet-pre-start.sh 24 | rm -f ${BIN_DIR}/kubelet-post-stop.sh 25 | rm -f ${BIN_DIR}/kubeadm 26 | rm -f ${BIN_DIR}/kubectl 27 | rm -f ${BIN_DIR}/kubelet 28 | 29 | sed -i '/ # sealos/d' /etc/sysctl.conf 30 | sealos_b='### sealos begin ###' 31 | sealos_e='### sealos end ###' 32 | if grep -E "($sealos_b|$sealos_e)" /etc/security/limits.conf >/dev/null 2>&1; then 33 | slb=$(grep -nE "($sealos_b|$sealos_e)" /etc/security/limits.conf | head -n 1 | awk -F: '{print $1}') 34 | sle=$(grep -nE "($sealos_b|$sealos_e)" /etc/security/limits.conf | tail -n 1 | awk -F: '{print $1}') 35 | sed -i "${slb},${sle}d" /etc/security/limits.conf 36 | fi 37 | rm -f /etc/systemd/system/kubelet.service 38 | rm -rf /etc/systemd/system/kubelet.service.d 39 | rm -rf /var/lib/kubelet/ 40 | logger "clean kubelet success" 41 | -------------------------------------------------------------------------------- /k8s/scripts/clean-shim.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 18 | systemctl stop image-cri-shim 19 | systemctl disable image-cri-shim 20 | rm -rf /etc/systemd/system/image-cri-shim.service 21 | systemctl daemon-reload 22 | rm -f ${BIN_DIR}/image-cri-shim 23 | rm -f /etc/image-cri-shim.yaml 24 | rm -f /var/lib/image-cri-shim 25 | logger "clean shim success" 26 | -------------------------------------------------------------------------------- /k8s/scripts/clean.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | bash clean-kube.sh 19 | bash clean-shim.sh 20 | 21 | logger "clean rootfs success" 22 | -------------------------------------------------------------------------------- /k8s/scripts/common.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | timestamp() { 17 | date +"%Y-%m-%d %T" 18 | } 19 | 20 | error() { 21 | flag=$(timestamp) 22 | echo -e "\033[31m ERROR [$flag] >> $* \033[0m" 23 | exit 1 24 | } 25 | 26 | logger() { 27 | flag=$(timestamp) 28 | echo -e "\033[36m INFO [$flag] >> $* \033[0m" 29 | } 30 | 31 | warn() { 32 | flag=$(timestamp) 33 | echo -e "\033[33m WARN [$flag] >> $* \033[0m" 34 | } 35 | 36 | debug() { 37 | flag=$(timestamp) 38 | echo -e "\033[32m DEBUG [$flag] >> $* \033[0m" 39 | } 40 | 41 | check_service() { 42 | local action=$1 43 | shift 44 | systemctl daemon-reload 45 | case $action in 46 | start) 47 | systemctl enable "$@" 48 | ;; 49 | stop) 50 | systemctl disable "$@" 51 | ;; 52 | *) 53 | error "service action error, only start/stop." 54 | ;; 55 | esac 56 | systemctl "$action" "$@" 57 | } 58 | 59 | check_status() { 60 | for unit; do 61 | logger "Health check $unit!" 62 | status=$(systemctl status "$unit" | grep Active | awk '{print $3}') 63 | if [[ $status = "(running)" ]]; then 64 | logger "$unit is running" 65 | else 66 | error "$unit status is error" 67 | fi 68 | done 69 | } 70 | 71 | ubuntu_dns() { 72 | os="$(. /etc/os-release && echo "$ID")" 73 | if echo "$os" | grep "ubuntu" >/dev/null 2>&1; then 74 | if systemctl status systemd-resolved.service >/dev/null 2>&1; then 75 | systemctl stop systemd-resolved.service 76 | systemctl disable systemd-resolved.service 77 | rm /etc/resolv.conf 78 | cp /run/systemd/resolve/resolv.conf /etc/resolv.conf 79 | fi 80 | logger "steup operation_ubuntu finished" 81 | fi 82 | } 83 | 84 | version_ge() { 85 | test "$(echo "$@" | tr ' ' '\n' | sort -rV | head -n 1)" == "$1" 86 | } 87 | 88 | get_distribution() { 89 | lsb_dist="" 90 | # Every system that we officially support has /etc/os-release 91 | if [ -r /etc/os-release ]; then 92 | lsb_dist="$(. /etc/os-release && echo "$ID")" 93 | fi 94 | # Returning an empty string here should be alright since the 95 | # case statements don't act unless you provide an actual value 96 | echo "$lsb_dist" 97 | } 98 | 99 | disable_firewalld() { 100 | lsb_dist=$(get_distribution) 101 | lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')" 102 | case "$lsb_dist" in 103 | ubuntu | deepin | debian | raspbian) 104 | command -v ufw &>/dev/null && ufw disable 105 | ;; 106 | centos | rhel | ol | sles | kylin | neokylin) 107 | systemctl stop firewalld && systemctl disable firewalld 108 | ;; 109 | *) 110 | systemctl stop firewalld && systemctl disable firewalld 111 | echo "unknown system, use default to stop firewalld" 112 | ;; 113 | esac 114 | } 115 | 116 | command_exists() { 117 | command -v "$@" >/dev/null 2>&1 118 | } 119 | 120 | check_cmd_exits() { 121 | for cmd; do 122 | if which "$cmd"; then 123 | error "The machine $cmd is not clean. Please clean $cmd the system." 124 | fi 125 | done 126 | } 127 | 128 | check_file_exits() { 129 | for f; do 130 | if [[ -f $f ]]; then 131 | error "The machine $f is not clean. Please clean $f the system." 132 | fi 133 | done 134 | } 135 | 136 | check_port_inuse() { 137 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 138 | if ! command_exists lsof; then 139 | cp -au ../opt/lsof ${BIN_DIR} 140 | fi 141 | logger "Check port kubelet port 10249..10259, reserved port 5050..5054 inuse. Please wait..." 142 | for port in {10249..10259} {5050..5054}; do 143 | portOut="$(lsof -i :"${port}")" 144 | if [ -n "$portOut" ]; then 145 | error "Port: $port occupied. Please turn off port service." 146 | fi 147 | done 148 | } 149 | -------------------------------------------------------------------------------- /k8s/scripts/init-kube.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 17 | 18 | # localhost for hosts 19 | grep 127.0.0.1 <(grep localhost /etc/hosts) || echo "127.0.0.1 localhost" >>/etc/hosts 20 | grep ::1 <(grep localhost /etc/hosts) || echo "::1 localhost" >>/etc/hosts 21 | 22 | cp -a ../scripts/kubelet-pre-start.sh ${BIN_DIR} 23 | cp -a ../scripts/kubelet-post-stop.sh ${BIN_DIR} 24 | 25 | source common.sh 26 | disable_firewalld 27 | 28 | # Annotate system configuration 29 | cat ../etc/sysctl.d/*.conf | sort | uniq | grep -v ^$ | while read -r str; do 30 | k=${str%=*} 31 | v=${str#*=} 32 | echo "$k=$v # sealos" 33 | done >>/etc/sysctl.conf 34 | bash ${BIN_DIR}/kubelet-pre-start.sh 35 | sealos_b='### sealos begin ###' 36 | sealos_e='### sealos end ###' 37 | if ! grep -E "($sealos_b|$sealos_e)" /etc/security/limits.conf >/dev/null 2>&1; then 38 | { 39 | echo "$sealos_b" 40 | cat ../etc/limits.d/*.conf | grep -v ^# | grep -v ^$ | awk '{print $1,$2,$3,$4}' 41 | echo "$sealos_e" 42 | } >>/etc/security/limits.conf 43 | fi 44 | 45 | cp -a ../bin/* ${BIN_DIR} 46 | #need after cri-shim 47 | logger "pull pause image ${registryDomain}:${registryPort}/${sandboxImage}" 48 | crictl pull ${registryDomain}:${registryPort}/${sandboxImage} 49 | mkdir -p /etc/systemd/system 50 | cp ../etc/kubelet.service /etc/systemd/system/ 51 | cp -a ../etc/systemd/system /etc/systemd && systemctl daemon-reload 52 | [ -d /var/lib/kubelet ] || mkdir /var/lib/kubelet 53 | systemctl enable kubelet 54 | logger "init kubelet success" 55 | -------------------------------------------------------------------------------- /k8s/scripts/init-shim.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 18 | cp -rf ../etc/image-cri-shim.service /etc/systemd/system/ 19 | cp -rf ../etc/image-cri-shim.yaml /etc 20 | cp -rf ../cri/image-cri-shim ${BIN_DIR} 21 | [ -f ../etc/crictl.yaml ] && cp -rf ../etc/crictl.yaml /etc 22 | systemctl enable image-cri-shim.service 23 | systemctl daemon-reload 24 | systemctl restart image-cri-shim.service 25 | check_status image-cri-shim 26 | logger "init shim success" 27 | -------------------------------------------------------------------------------- /k8s/scripts/init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | if ! bash init-shim.sh; then 19 | error "====init image-cri-shim failed!====" 20 | fi 21 | 22 | 23 | if ! bash init-kube.sh; then 24 | error "====init kubelet failed!====" 25 | fi 26 | 27 | logger "init rootfs success" 28 | -------------------------------------------------------------------------------- /k8s/scripts/kubelet-post-stop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | date 16 | -------------------------------------------------------------------------------- /k8s/scripts/kubelet-pre-start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # First modprobe 17 | cat </dev/null 2>&1; then 33 | modprobe -- nf_conntrack_ipv4 34 | fi 35 | 36 | sysctl --system 37 | swapoff --all || true 38 | 39 | if grep SELINUX=enforcing /etc/selinux/config >/dev/null 2>&1; then 40 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 41 | setenforce 0 42 | fi 43 | -------------------------------------------------------------------------------- /k8s/statics/audit-policy.yml: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | apiVersion: audit.k8s.io/v1 # This is required. 16 | kind: Policy 17 | # Don't generate audit events for all requests in RequestReceived stage. 18 | omitStages: 19 | - "RequestReceived" 20 | rules: 21 | # The following requests were manually identified as high-volume and low-risk, 22 | # so drop them. 23 | - level: None 24 | users: [ "system:kube-proxy" ] 25 | verbs: [ "watch" ] 26 | resources: 27 | - group: "" # core 28 | resources: [ "endpoints", "services" ] 29 | - level: None 30 | users: [ "system:unsecured" ] 31 | namespaces: [ "kube-system" ] 32 | verbs: [ "get" ] 33 | resources: 34 | - group: "" # core 35 | resources: [ "configmaps" ] 36 | - level: None 37 | users: [ "kubelet" ] # legacy kubelet identity 38 | verbs: [ "get" ] 39 | resources: 40 | - group: "" # core 41 | resources: [ "nodes" ] 42 | - level: None 43 | userGroups: [ "system:nodes" ] 44 | verbs: [ "get" ] 45 | resources: 46 | - group: "" # core 47 | resources: [ "nodes" ] 48 | - level: None 49 | users: 50 | - system:kube-controller-manager 51 | - system:kube-scheduler 52 | - system:serviceaccount:kube-system:endpoint-controller 53 | verbs: [ "get", "update" ] 54 | namespaces: [ "kube-system" ] 55 | resources: 56 | - group: "" # core 57 | resources: [ "endpoints" ] 58 | - level: None 59 | users: [ "system:apiserver" ] 60 | verbs: [ "get" ] 61 | resources: 62 | - group: "" # core 63 | resources: [ "namespaces" ] 64 | # Don't log these read-only URLs. 65 | - level: None 66 | nonResourceURLs: 67 | - /healthz* 68 | - /version 69 | - /swagger* 70 | # Don't log events requests. 71 | - level: None 72 | resources: 73 | - group: "" # core 74 | resources: [ "events" ] 75 | # Secrets, ConfigMaps, and TokenReviews can contain sensitive & binary data, 76 | # so only log at the Metadata level. 77 | - level: Metadata 78 | resources: 79 | - group: "" # core 80 | resources: [ "secrets", "configmaps" ] 81 | - group: authentication.k8s.io 82 | resources: [ "tokenreviews" ] 83 | # Get repsonses can be large; skip them. 84 | - level: Request 85 | verbs: [ "get", "list", "watch" ] 86 | resources: 87 | - group: "" # core 88 | - group: "admissionregistration.k8s.io" 89 | - group: "apps" 90 | - group: "authentication.k8s.io" 91 | - group: "authorization.k8s.io" 92 | - group: "autoscaling" 93 | - group: "batch" 94 | - group: "certificates.k8s.io" 95 | - group: "extensions" 96 | - group: "networking.k8s.io" 97 | - group: "policy" 98 | - group: "rbac.authorization.k8s.io" 99 | - group: "settings.k8s.io" 100 | - group: "storage.k8s.io" 101 | # Default level for known APIs 102 | - level: RequestResponse 103 | resources: 104 | - group: "" # core 105 | - group: "admissionregistration.k8s.io" 106 | - group: "apps" 107 | - group: "authentication.k8s.io" 108 | - group: "authorization.k8s.io" 109 | - group: "autoscaling" 110 | - group: "batch" 111 | - group: "certificates.k8s.io" 112 | - group: "extensions" 113 | - group: "networking.k8s.io" 114 | - group: "policy" 115 | - group: "rbac.authorization.k8s.io" 116 | - group: "settings.k8s.io" 117 | - group: "storage.k8s.io" 118 | - group: "autoscaling.alibabacloud.com" 119 | # Default level for all other requests. 120 | - level: Metadata 121 | -------------------------------------------------------------------------------- /registry/etc/registry.service.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=registry: The sealos registry 3 | Documentation=https://www.sealos.io/docs/Intro 4 | 5 | [Service] 6 | ExecStart={{ default "/usr/bin" .BIN_DIR }}/registry serve {{ .registryConfig }}/registry_config.yml 7 | Restart=always 8 | StartLimitInterval=0 9 | RestartSec=10 10 | LimitNOFILE=1048576 11 | # Having non-zero Limit*s causes performance problems due to accounting overhead 12 | # in the kernel. We recommend using cgroups to do container-local accounting. 13 | LimitNPROC=infinity 14 | LimitCORE=infinity 15 | LimitNOFILE=1048576 16 | # Comment TasksMax if your systemd version does not supports it. 17 | # Only systemd 226 and above support this version. 18 | TasksMax=infinity 19 | [Install] 20 | WantedBy=multi-user.target 21 | -------------------------------------------------------------------------------- /registry/etc/registry.yml.tmpl: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | domain: {{ .registryDomain }} 16 | port: "{{ .registryPort }}" 17 | username: "{{ .registryUsername }}" 18 | password: "{{ .registryPassword }}" 19 | data: "{{ .registryData }}" 20 | -------------------------------------------------------------------------------- /registry/etc/registry_config.yml.tmpl: -------------------------------------------------------------------------------- 1 | # Copyright © 2022 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | version: 0.1 16 | log: 17 | fields: 18 | service: registry 19 | storage: 20 | cache: 21 | blobdescriptor: inmemory 22 | filesystem: 23 | rootdirectory: {{ .registryData }} 24 | delete: 25 | enabled: true 26 | http: 27 | addr: :{{ .registryPort }} 28 | debug: 29 | addr: :5001 30 | prometheus: 31 | enabled: true 32 | path: /metrics 33 | headers: 34 | X-Content-Type-Options: [nosniff] 35 | proxy: 36 | on: true 37 | health: 38 | storagedriver: 39 | enabled: true 40 | interval: 10s 41 | threshold: 3 42 | auth: 43 | htpasswd: 44 | realm: "Registry Realm" 45 | path: {{ .registryConfig }}/registry_htpasswd 46 | -------------------------------------------------------------------------------- /registry/scripts/clean-registry.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 18 | # prepare registry storage as directory 19 | cd "$(dirname "$0")" || error "error for $0" 20 | 21 | readonly DATA=${1:-/var/lib/registry} 22 | readonly CONFIG=${2:-/etc/registry} 23 | 24 | check_service stop registry 25 | rm -f /etc/systemd/system/registry.service 26 | rm -f ${BIN_DIR}/registry 27 | 28 | rm -rf "$DATA" 29 | rm -rf "$CONFIG" 30 | rm -f /etc/registry.yml 31 | 32 | logger "clean registry success" 33 | -------------------------------------------------------------------------------- /registry/scripts/init-registry.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Copyright © 2022 sealos. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | cd "$(dirname "$0")" >/dev/null 2>&1 || exit 16 | source common.sh 17 | 18 | readonly DATA=${1:-/var/lib/registry} 19 | readonly CONFIG=${2:-/etc/registry} 20 | readonly BIN_DIR=${BIN_DIR:-/usr/bin} 21 | 22 | mkdir -p "$DATA" "$CONFIG" 23 | 24 | cp -a ../etc/registry.service /etc/systemd/system/ 25 | cp -au ../cri/registry ${BIN_DIR}/ 26 | 27 | cp -a ../etc/registry_config.yml "$CONFIG" 28 | cp -a ../etc/registry_htpasswd "$CONFIG" 29 | 30 | if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then 31 | sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 32 | setenforce 0 33 | fi 34 | 35 | check_service start registry 36 | check_status registry 37 | 38 | logger "init registry success" 39 | -------------------------------------------------------------------------------- /runtime/README.md: -------------------------------------------------------------------------------- 1 | ### runtime 2 | 3 | cri 4 | 5 | - containerd 6 | - crio 7 | - docker 8 | rootfs 9 | - kubernetes 10 | - k3s 11 | - k0s 12 | 13 | registry 14 | -------------------------------------------------------------------------------- /version.yaml: -------------------------------------------------------------------------------- 1 | # Copyright © 2023 sealos. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | version: 16 | containerd: "1.6.16" 17 | docker: "20.10" 18 | sealos: "4.1.5-rc1" 19 | crun: "1.8" 20 | runc: "1.1.4" 21 | ctl: "0.0.3-rc1" 22 | 23 | --------------------------------------------------------------------------------