diff --git a/build/Dockerfile b/build/Dockerfile index a2d9814..7d923ac 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,6 +1,8 @@ FROM alpine:3.10 -ADD https://releases.hashicorp.com/packer/1.6.0/packer_1.6.0_linux_amd64.zip /packer_1.6.0_linux_amd64.zip -RUN unzip packer_1.6.0_linux_amd64.zip && mv packer /bin/packer +ADD https://releases.hashicorp.com/packer/1.7.9/packer_1.7.9_linux_amd64.zip /packer_1.7.9_linux_amd64.zip +ADD ./scripts /scripts +ADD ./config /config +RUN unzip packer_1.7.9_linux_amd64.zip && mv packer /bin/packer ENTRYPOINT ["packer", "build"] diff --git a/scripts/ack-optimized-os-1.16.sh b/scripts/ack-optimized-os-1.16.sh new file mode 100644 index 0000000..dfa9b3b --- /dev/null +++ b/scripts/ack-optimized-os-1.16.sh @@ -0,0 +1,237 @@ +#!/bin/bash + +set -x +set -e + +usage() { + cat >&2 <<-EOF +Usage: + $0 -r RUNTIME [-s] + +Flags: + -r: sepcify container runtime, available value: docker and containerd + -s: skip security upgrade + +Example: + $0 -r docker -s + $0 -r docker + $0 -r containerd -s + $0 -r containerd +EOF + exit 1 +} + +check_params() { + while getopts "r:sh" opt; do + case $opt in + r) RUNTIME="$OPTARG" ; ;; + s) SKIP_SECURITY_FIX="1" ; ;; + h | ?) usage ; ;; + esac + done + + if [[ -z $RUNTIME ]] || [[ $RUNTIME != "docker" && $RUNTIME != "containerd" ]]; then + echo "ERROR: RUNTIME must not be empty, only support 'docker' and 'containerd' " + usage + fi +} + +setup_env() { + export RUNTIME + export OS="AliyunOS" + export RUNTIME_VERSION="1.5.10" + export DOCKER_VERSION="19.03.5" + export KUBE_VERSION="1.16.9-aliyun.1" + export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) + export PKG_FILE_SERVER="http://aliacs-k8s-$REGION.oss-$REGION-internal.aliyuncs.com/$BETA_VERSION" + export ACK_OPTIMIZED_OS_BUILD=1 +} + + +download_pkg() { + curl --retry 4 $PKG_FILE_SERVER/public/pkg/run/run-${KUBE_VERSION}.tar.gz -O + tar -xvf run-${KUBE_VERSION}.tar.gz +} + +source_file() { + + source pkg/run/$KUBE_VERSION/kubernetes.sh --role source +} + +install_pkg() { + public::common::sync_ntpd + public::common::install_package +} + +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + +trim_os() { + local pkg_list="acl +aic94xx-firmware +aliyun-cli +alsa-firmware +alsa-lib +alsa-tools-firmware +authconfig +avahi-libs +bind-libs-lite +bind-license +biosdevname +btrfs-progs +cloud +device-mapper-event +device-mapper-event-libs +dmraid +dmraid-events +dosfstools +ed +file +firewalld +firewalld-filesystem +freetype +fxload +GeoIP +geoipupdate +gettext +gettext-libs +glibc-devel +groff-base +hunspell +hunspell-en +hunspell-en-GB +hunspell-en-US +ivtv-firmware +iwl1000-firmware +iwl100-firmware +iwl105-firmware +iwl135-firmware +iwl2000-firmware +iwl2030-firmware +iwl3160-firmware +iwl3945-firmware +iwl4965-firmware +iwl5000-firmware +iwl5150-firmware +iwl6000-firmware +iwl6000g2a-firmware +iwl6000g2b-firmware +iwl6050-firmware +iwl7260-firmware +jansson +kbd +kbd-legacy +kbd-misc +libaio +libdrm +libmpc +libpciaccess +libpng +libreport-filesystem +lm_sensors-libs +lsscsi +lvm2 +m4 +mailx +man-db +mariadb-libs +mdadm +microcode_ctl +mpfr +NetworkManager +NetworkManager-libnm +NetworkManager-team +NetworkManager-tui +patch +perl-Getopt-Long +plymouth +plymouth-scripts +postfix +python3 +python3-libs +python3-pip +python3-setuptools +python-decorator +python-IPy +rng-tools +rsync +sgpio +slang +spax +strace +sysstat +tcpdump +teamd +vim-common +vim-enhanced +vim-filesystem +wl1000-firmware +wpa_supplicant +xfsprogs +" + yum remove -y $pkg_list + rm -rf /lib/modules/$(uname -r)/kernel/drivers/{media,staging,gpu,usb} + rm -rf /boot/*-rescue-* /boot/*3.10.0* /usr/share/{doc,man} /usr/src +} + +pull_image() { + if [[ "$RUNTIME" = "docker" ]]; then + systemctl start docker + sleep 10 + + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.6.7 + else + systemctl start containerd + sleep 10 + + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.6.7 + fi +} + +update_os_release() { + sed -i "s#LTS#LTS ACK-Optimized-OS#" /etc/image-id +} + +record_k8s_version() { + cat > /etc/ACK-Optimized-OS <<-EOF +kubelet=$KUBE_VERSION +docker=$DOCKER_VERSION +EOF +} + +post_install() { + if [[ $SKIP_SECURITY_FIX ]]; then + touch /var/.skip-security-fix + fi +} + +cleanup() { + rm -rf ./{addon*,docker*,kubernetes*,pkg,run*} +} + +main() { + trap 'cleanup' EXIT + + check_params "$@" + setup_env + + trim_os + + download_pkg + source_file + install_pkg + preset_gpu + pull_image + update_os_release + record_k8s_version +} + +main "$@" diff --git a/scripts/ack-optimized-os-1.18.sh b/scripts/ack-optimized-os-1.18.sh index d751d3d..c021947 100755 --- a/scripts/ack-optimized-os-1.18.sh +++ b/scripts/ack-optimized-os-1.18.sh @@ -39,7 +39,7 @@ check_params() { setup_env() { export RUNTIME export OS="AliyunOS" - export RUNTIME_VERSION="1.4.4" + export RUNTIME_VERSION="1.5.10" export DOCKER_VERSION="19.03.5" export KUBE_VERSION="1.18.8-aliyun.1" export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) @@ -62,6 +62,13 @@ install_pkg() { public::common::install_package } +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + trim_os() { local pkg_list="acl aic94xx-firmware @@ -120,7 +127,6 @@ kbd-legacy kbd-misc libaio libdrm -libfastjson libmpc libpciaccess libpng @@ -152,7 +158,6 @@ python-decorator python-IPy rng-tools rsync -rsyslog sgpio slang spax @@ -222,7 +227,7 @@ main() { download_pkg source_file install_pkg - + preset_gpu pull_image update_os_release record_k8s_version diff --git a/scripts/ack-optimized-os-1.20.sh b/scripts/ack-optimized-os-1.20.sh index 62ff711..7a6b231 100755 --- a/scripts/ack-optimized-os-1.20.sh +++ b/scripts/ack-optimized-os-1.20.sh @@ -39,10 +39,10 @@ check_params() { setup_env() { export RUNTIME export OS="AliyunOS" - export RUNTIME_VERSION="1.4.4" + export RUNTIME_VERSION="1.5.10" export DOCKER_VERSION="19.03.5" export CLOUD_TYPE="public" - export KUBE_VERSION="1.20.4-aliyun.1" + export KUBE_VERSION="1.20.11-aliyun.1" export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) export PKG_FILE_SERVER="http://aliacs-k8s-$REGION.oss-$REGION-internal.aliyuncs.com/" export ACK_OPTIMIZED_OS_BUILD=1 @@ -110,7 +110,6 @@ kbd-legacy kbd-misc libaio libdrm -libfastjson libmpc libpciaccess libpng @@ -142,7 +141,6 @@ python-decorator python-IPy rng-tools rsync -rsyslog sgpio slang spax @@ -172,6 +170,13 @@ install_pkg() { ROLE=deploy-nodes pkg/run/$KUBE_VERSION/bin/kubernetes.sh } +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + pull_image() { if [[ "$RUNTIME" = "docker" ]]; then systemctl start docker @@ -222,7 +227,7 @@ main() { download_pkg install_pkg - + preset_gpu pull_image update_os_release record_k8s_version diff --git a/scripts/ack-optimized-os-1.22.sh b/scripts/ack-optimized-os-1.22.sh new file mode 100644 index 0000000..b7c8a9d --- /dev/null +++ b/scripts/ack-optimized-os-1.22.sh @@ -0,0 +1,242 @@ +#!/bin/bash + +set -x +set -e + +usage() { + cat >&2 <<-EOF +Usage: + $0 -r RUNTIME [-s] + +Flags: + -r: sepcify container runtime, available value: docker and containerd + -s: skip security upgrade + +Example: + $0 -r docker -s + $0 -r docker + $0 -r containerd -s + $0 -r containerd +EOF + exit 1 +} + +check_params() { + while getopts "r:sh" opt; do + case $opt in + r) RUNTIME="$OPTARG" ; ;; + s) SKIP_SECURITY_FIX="1" ; ;; + h | ?) usage ; ;; + esac + done + + if [[ -z $RUNTIME ]] || [[ $RUNTIME != "docker" && $RUNTIME != "containerd" ]]; then + echo "ERROR: RUNTIME must not be empty, only support 'docker' and 'containerd' " + usage + fi +} + +setup_env() { + export RUNTIME + export OS="AliyunOS" + export CLOUD_TYPE="public" + export KUBE_VERSION="1.22.10-aliyun.1" + export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) + export PKG_FILE_SERVER="http://aliacs-k8s-$REGION.oss-$REGION-internal.aliyuncs.com/" + export ACK_OPTIMIZED_OS_BUILD=1 + + if [[ "$RUNTIME" = "docker" ]]; then + RUNTIME_VERSION="19.03.5" + DOCKER_VERSION="19.03.5" + else + RUNTIME_VERSION="1.5.10" + fi + + mkdir -p /root/ack-deploy + cd /root/ack-deploy + +} + +trim_os() { + local pkg_list="acl +aic94xx-firmware +aliyun-cli +alsa-firmware +alsa-lib +alsa-tools-firmware +authconfig +avahi-libs +bind-libs-lite +bind-license +biosdevname +btrfs-progs +cloud +device-mapper-event +device-mapper-event-libs +dmraid +dmraid-events +dosfstools +ed +file +firewalld +firewalld-filesystem +freetype +fxload +GeoIP +geoipupdate +gettext +gettext-libs +glibc-devel +groff-base +hunspell +hunspell-en +hunspell-en-GB +hunspell-en-US +ivtv-firmware +iwl1000-firmware +iwl100-firmware +iwl105-firmware +iwl135-firmware +iwl2000-firmware +iwl2030-firmware +iwl3160-firmware +iwl3945-firmware +iwl4965-firmware +iwl5000-firmware +iwl5150-firmware +iwl6000-firmware +iwl6000g2a-firmware +iwl6000g2b-firmware +iwl6050-firmware +iwl7260-firmware +jansson +kbd +kbd-legacy +kbd-misc +libaio +libdrm +libmpc +libpciaccess +libpng +libreport-filesystem +lm_sensors-libs +lsscsi +lvm2 +m4 +mailx +man-db +mariadb-libs +mdadm +microcode_ctl +mpfr +NetworkManager +NetworkManager-libnm +NetworkManager-team +NetworkManager-tui +patch +perl-Getopt-Long +plymouth +plymouth-scripts +postfix +python3 +python3-libs +python3-pip +python3-setuptools +python-decorator +python-IPy +rng-tools +rsync +sgpio +slang +spax +strace +sysstat +tcpdump +teamd +vim-common +vim-enhanced +vim-filesystem +wl1000-firmware +wpa_supplicant +xfsprogs +" + + yum remove -y $pkg_list + rm -rf /lib/modules/$(uname -r)/kernel/drivers/{media,staging,gpu,usb} + rm -rf /boot/*-rescue-* /boot/*3.10.0* /usr/share/{doc,man} /usr/src +} + +download_pkg() { + curl --retry 4 $PKG_FILE_SERVER/public/pkg/run/run-${KUBE_VERSION}.tar.gz -O + tar -zxvf run-${KUBE_VERSION}.tar.gz +} + +install_pkg() { + ROLE=deploy-nodes pkg/run/$KUBE_VERSION/bin/kubernetes.sh +} + +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + +pull_image() { + if [[ "$RUNTIME" = "docker" ]]; then + systemctl start docker + sleep 10 + + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.7.0 + else + systemctl start containerd + sleep 10 + + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.7.0 + fi +} + +update_os_release() { + sed -i "s#LTS#LTS ACK-Optimized-OS#" /etc/image-id +} + +record_k8s_version() { + cat >/etc/ACK-Optimized-OS <<-EOF +kubelet=$KUBE_VERSION +runtime=$RUNTIME +docker=$DOCKER_VERSION +EOF +} + +post_install() { + if [[ $SKIP_SECURITY_FIX ]]; then + touch /var/.skip-security-fix + fi +} + +cleanup() { + rm -rf /root/ack-deploy +} + +main() { + trap 'cleanup' EXIT + + check_params "$@" + setup_env + + trim_os + + download_pkg + install_pkg + preset_gpu + pull_image + update_os_release + record_k8s_version + post_install +} + +main "$@" diff --git a/scripts/ack-optimized-os-1.24.sh b/scripts/ack-optimized-os-1.24.sh new file mode 100644 index 0000000..c515c22 --- /dev/null +++ b/scripts/ack-optimized-os-1.24.sh @@ -0,0 +1,237 @@ +#!/bin/bash + +set -x +set -e + +usage() { + cat >&2 <<-EOF +Usage: + $0 -r RUNTIME [-s] + +Flags: + -r: sepcify container runtime, available value: docker and containerd + -s: skip security upgrade + +Example: + $0 -r docker -s + $0 -r docker + $0 -r containerd -s + $0 -r containerd +EOF + exit 1 +} + +check_params() { + while getopts "r:sh" opt; do + case $opt in + r) RUNTIME="$OPTARG" ; ;; + s) SKIP_SECURITY_FIX="1" ; ;; + h | ?) usage ; ;; + esac + done + + if [[ -z $RUNTIME ]] || [[ $RUNTIME != "docker" && $RUNTIME != "containerd" ]]; then + echo "ERROR: RUNTIME must not be empty, only support 'docker' and 'containerd' " + usage + fi +} + +setup_env() { + export RUNTIME + export OS="AliyunOS" + export RUNTIME_VERSION="1.5.10" + export DOCKER_VERSION="19.03.5" + export CLOUD_TYPE="public" + export KUBE_VERSION="1.24.3-aliyun.1" + export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) + export PKG_FILE_SERVER="http://aliacs-k8s-$REGION.oss-$REGION-internal.aliyuncs.com/" + export ACK_OPTIMIZED_OS_BUILD=1 + + mkdir -p /root/ack-deploy + cd /root/ack-deploy + +} + +trim_os() { + local pkg_list="acl +aic94xx-firmware +aliyun-cli +alsa-firmware +alsa-lib +alsa-tools-firmware +authconfig +avahi-libs +bind-libs-lite +bind-license +biosdevname +btrfs-progs +cloud +device-mapper-event +device-mapper-event-libs +dmraid +dmraid-events +dosfstools +ed +file +firewalld +firewalld-filesystem +freetype +fxload +GeoIP +geoipupdate +gettext +gettext-libs +glibc-devel +groff-base +hunspell +hunspell-en +hunspell-en-GB +hunspell-en-US +ivtv-firmware +iwl1000-firmware +iwl100-firmware +iwl105-firmware +iwl135-firmware +iwl2000-firmware +iwl2030-firmware +iwl3160-firmware +iwl3945-firmware +iwl4965-firmware +iwl5000-firmware +iwl5150-firmware +iwl6000-firmware +iwl6000g2a-firmware +iwl6000g2b-firmware +iwl6050-firmware +iwl7260-firmware +jansson +kbd +kbd-legacy +kbd-misc +libaio +libdrm +libmpc +libpciaccess +libpng +libreport-filesystem +lm_sensors-libs +lsscsi +lvm2 +m4 +mailx +man-db +mariadb-libs +mdadm +microcode_ctl +mpfr +NetworkManager +NetworkManager-libnm +NetworkManager-team +NetworkManager-tui +patch +perl-Getopt-Long +plymouth +plymouth-scripts +postfix +python3 +python3-libs +python3-pip +python3-setuptools +python-decorator +python-IPy +rng-tools +rsync +sgpio +slang +spax +strace +sysstat +tcpdump +teamd +vim-common +vim-enhanced +vim-filesystem +wl1000-firmware +wpa_supplicant +xfsprogs +" + + yum remove -y $pkg_list + rm -rf /lib/modules/$(uname -r)/kernel/drivers/{media,staging,gpu,usb} + rm -rf /boot/*-rescue-* /boot/*3.10.0* /usr/share/{doc,man} /usr/src +} + +download_pkg() { + curl --retry 4 $PKG_FILE_SERVER/public/pkg/run/run-${KUBE_VERSION}.tar.gz -O + tar -zxvf run-${KUBE_VERSION}.tar.gz +} + +install_pkg() { + ROLE=deploy-nodes pkg/run/$KUBE_VERSION/bin/kubernetes.sh +} + +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + +pull_image() { + if [[ "$RUNTIME" = "docker" ]]; then + systemctl start docker + sleep 10 + + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.7.0 + else + systemctl start containerd + sleep 10 + + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.7.0 + fi +} + +update_os_release() { + sed -i "s#LTS#LTS ACK-Optimized-OS#" /etc/image-id +} + +record_k8s_version() { + cat >/etc/ACK-Optimized-OS <<-EOF +kubelet=$KUBE_VERSION +runtime=$RUNTIME +docker=$DOCKER_VERSION +EOF +} + +post_install() { + if [[ $SKIP_SECURITY_FIX ]]; then + touch /var/.skip-security-fix + fi +} + +cleanup() { + rm -rf /root/ack-deploy +} + +main() { + trap 'cleanup' EXIT + + check_params "$@" + setup_env + + trim_os + + download_pkg + install_pkg + preset_gpu + pull_image + update_os_release + record_k8s_version + post_install +} + +main "$@" diff --git a/scripts/ack-optimized-os-all.sh b/scripts/ack-optimized-os-all.sh new file mode 100644 index 0000000..248f829 --- /dev/null +++ b/scripts/ack-optimized-os-all.sh @@ -0,0 +1,246 @@ +#!/bin/bash + +set -x +set -e + +usage() { + cat >&2 <<-EOF +Usage: + $0 -r RUNTIME [-s] + +Flags: + -r: sepcify container runtime, available value: docker and containerd + -s: skip security upgrade + +Example: + $0 -r docker -s + $0 -r docker + $0 -r containerd -s + $0 -r containerd +EOF + exit 1 +} + +check_params() { + while getopts "r:sh" opt; do + case $opt in + r) RUNTIME="$OPTARG" ; ;; + s) SKIP_SECURITY_FIX="1" ; ;; + h | ?) usage ; ;; + esac + done + + if [[ -z $RUNTIME ]] || [[ $RUNTIME != "docker" && $RUNTIME != "containerd" ]]; then + echo "ERROR: RUNTIME must not be empty, only support 'docker' and 'containerd' " + usage + fi +} + +setup_env() { + export RUNTIME + export OS="AliyunOS" + + if [[ "$RUNTIME" = "docker" ]]; then + export RUNTIME_VERSION="19.03.5" + export DOCKER_VERSION="19.03.5" + else + export RUNTIME_VERSION="1.5.10" + fi + + export REGION=$(curl --retry 10 -sSL http://100.100.100.200/latest/meta-data/region-id) + export PKG_FILE_SERVER="http://aliacs-k8s-$REGION.oss-$REGION-internal.aliyuncs.com/$BETA_VERSION" + export ACK_OPTIMIZED_OS_BUILD=1 +} + + +download_pkg() { + curl --retry 4 $PKG_FILE_SERVER/public/pkg/run/run-${KUBE_VERSION}.tar.gz -O + tar -xvf run-${KUBE_VERSION}.tar.gz +} + + +source_file() { + if [[ -e "pkg/run/$KUBE_VERSION/kubernetes.sh" ]]; then + source pkg/run/$KUBE_VERSION/kubernetes.sh --role source + install_pkg + elif [[ -e "pkg/run/$KUBE_VERSION/bin/kubernetes.sh" ]]; then + ROLE=deploy-nodes pkg/run/$KUBE_VERSION/bin/kubernetes.sh + fi +} + +install_pkg() { + public::common::sync_ntpd + public::common::install_package +} + +preset_gpu() { + GPU_PACKAGE_URL=http://aliacs-k8s-${REGION}.oss-${REGION}-internal.aliyuncs.com/public/pkg + if [[ "$PRESET_GPU" == "true" ]]; then + bash -x pkg/run/$KUBE_VERSION/bin/nvidia-gpu-installer.sh --package-url-prefix ${GPU_PACKAGE_URL} + fi +} + +trim_os() { + local pkg_list="acl +aic94xx-firmware +aliyun-cli +alsa-firmware +alsa-lib +alsa-tools-firmware +authconfig +avahi-libs +bind-libs-lite +bind-license +biosdevname +btrfs-progs +cloud +device-mapper-event +device-mapper-event-libs +dmraid +dmraid-events +dosfstools +ed +file +firewalld +firewalld-filesystem +freetype +fxload +GeoIP +geoipupdate +gettext +gettext-libs +glibc-devel +groff-base +hunspell +hunspell-en +hunspell-en-GB +hunspell-en-US +ivtv-firmware +iwl1000-firmware +iwl100-firmware +iwl105-firmware +iwl135-firmware +iwl2000-firmware +iwl2030-firmware +iwl3160-firmware +iwl3945-firmware +iwl4965-firmware +iwl5000-firmware +iwl5150-firmware +iwl6000-firmware +iwl6000g2a-firmware +iwl6000g2b-firmware +iwl6050-firmware +iwl7260-firmware +jansson +kbd +kbd-legacy +kbd-misc +libaio +libdrm +libmpc +libpciaccess +libpng +libreport-filesystem +lm_sensors-libs +lsscsi +lvm2 +m4 +mailx +man-db +mariadb-libs +mdadm +microcode_ctl +mpfr +NetworkManager +NetworkManager-libnm +NetworkManager-team +NetworkManager-tui +patch +perl-Getopt-Long +plymouth +plymouth-scripts +postfix +python3 +python3-libs +python3-pip +python3-setuptools +python-decorator +python-IPy +rng-tools +rsync +sgpio +slang +spax +strace +sysstat +tcpdump +teamd +vim-common +vim-enhanced +vim-filesystem +wl1000-firmware +wpa_supplicant +xfsprogs +" + yum remove -y $pkg_list + rm -rf /lib/modules/$(uname -r)/kernel/drivers/{media,staging,gpu,usb} + rm -rf /boot/*-rescue-* /boot/*3.10.0* /usr/share/{doc,man} /usr/src +} + +pull_image() { + if [[ "$RUNTIME" = "docker" ]]; then + systemctl start docker + sleep 10 + + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + docker pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.6.7 + else + systemctl start containerd + sleep 10 + + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/kube-proxy:v${KUBE_VERSION} + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/pause:3.2 + ctr -n k8s.io i pull registry-vpc.${REGION}.aliyuncs.com/acs/coredns:1.6.7 + fi +} + +update_os_release() { + sed -i "s#LTS#LTS ACK-Optimized-OS#" /etc/image-id +} + +record_k8s_version() { + cat > /etc/ACK-Optimized-OS <<-EOF +kubelet=$KUBE_VERSION +docker=$DOCKER_VERSION +EOF +} + +post_install() { + if [[ $SKIP_SECURITY_FIX ]]; then + touch /var/.skip-security-fix + fi +} + +cleanup() { + rm -rf ./{addon*,docker*,kubernetes*,pkg,run*} +} + +main() { + trap 'cleanup' EXIT + + check_params "$@" + setup_env + + trim_os + + download_pkg + source_file + preset_gpu + pull_image + update_os_release + record_k8s_version +} + +main "$@" \ No newline at end of file