support sealer-v0.9.0 auto build

README.md

@@ -27,57 +27,57 @@ images, so make sure it is a valid value.
 
 ### default build
 
-this is will build the Clusterimage named "kubernetes:v1.22.8" without CNI plugin. and both have two platform: amd64 and
-arm64 platform. that means you got four Clusterimages at the same time.
+this is will build the sealer image named "kubernetes:v1.22.15" without CNI plugin. and both have two platform: amd64 and
+arm64 platform. that means you got four sealer image at the same time.
 
 ```shell
 auto-build --k8s-version=v1.22.8
 ```
 
 ### build with specify platform
 
-This will build a Clusterimage with amd64 platform, default is linux/amd64,linux/arm64.
+This will build a sealer image with amd64 platform, default is linux/amd64,linux/arm64.
 
 ```shell
 auto-build --k8s-version=v1.22.8 --platform=amd64
 ```
 
 ### build with specified name
 
-this will build a Clusterimage with amd64 platform.
+this will build a sealer image with amd64 platform.
 
 ```shell
-auto-build --k8s-version=v1.22.8 --buildName=registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:v1.22.8
+auto-build --k8s-version=v1.22.8 --buildName=docker.io/sealerio/kubernetes:v1.22.8
 ```
 
 ### build with specify CRI
 
-this will build a Clusterimage with containerd. if user not specify the CRI ,we use containerd as Clusterimage default cri.
+this will build a sealer image with containerd. if user not specify the CRI ,we use docker as sealer image default cri.
 
 ```shell
 auto-build --k8s-version=v1.22.8 --cri=docker
 ```
 
 ### build with customized Clusterimage name
 
-this will build a Clusterimage named `registry.cn-qingdao.aliyuncs.com/sealer-io/myk8s:v1.22.8`
+this will build a sealer image named `docker.io/sealerio/myk8s:v1.22.8`
 
 ```shell
-auto-build --k8s-version=v1.22.8 --buildName=registry.cn-qingdao.aliyuncs.com/sealer-io/myk8s:v1.22.8
+auto-build --k8s-version=v1.22.8 --buildName=docker.io/sealerio/myk8s:v1.22.8
 ```
 
 ### build without pushing
 
-if `--push`, push the clusterimage to the image registry. The image name must contain the full name of the repository.
+if `--push`, push the sealer image to the image registry. The image name must contain the full name of the repository.
 
 ```shell
-auto-build --k8s-version=v1.22.8 --buildName=registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:v1.22.8 --push
+auto-build --k8s-version=v1.22.8 --buildName=docker.io/sealerio/kubernetes:v1.22.8 --push
 ```
 
 The image warehouse address is registry.cn-qingdao.aliyuncs.com.
 
 If you do not log in to the mirror warehouse, you need to use -u and -p to specify the username and password
 
 ```shell
-auto-build --k8s-version=v1.22.8 --buildName=registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:v1.22.8 --push --username=specifyUser --password=specifyPasswd
+auto-build --k8s-version=v1.22.8 --buildName=docker.io/sealerio/kubernetes:v1.22.8 --push --username=specifyUser --password=specifyPasswd
 ```

auto-build.sh

@@ -41,7 +41,7 @@ for i in "$@"; do
 ### Options
   --k8s-version         set the kubernetes k8s_version of the Clusterimage, k8s_version must be greater than 1.13
   -c, --cri             cri can be set to docker or containerd between kubernetes 1.20-1.24 versions
-  -n, --buildName       set build image name, default is 'registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:${k8s_version}'
+  -n, --buildName       set build image name, default is 'docker.io/sealerio/kubernetes:${k8s_version}'
   --platform            set the build mirror platform, the default is linux/amd64,linux/arm64
   --push                push clusterimage after building the clusterimage. The image name must contain the full name of the repository, and use -u and -p to specify the username and password.
   -u, --username        specify the user's username for pushing the Clusterimage
@@ -63,15 +63,15 @@ for i in "$@"; do
   esac
 done
 
-version_compare() { printf '%s\n%s\n' "$2" "$1" | sort -V -C; } ## version_vompare $a $b:  a>=b
+version_compare() { printf '%s\n%s\n' "$2" "$1" | sort -V -C; } ## version_compare $a $b:  a>=b
 
 ARCH=$(case "$(uname -m)" in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo "unsupported architecture" "$(uname -m)" && exit 1 ;; esac)
 
 if [ "$k8s_version" = "" ]; then echo "pls use --k8s-version to set Clusterimage kubernetes version" && exit 1; else echo "$k8s_version" | grep "v" || k8s_version="v${k8s_version}"; fi
 #cri=$([[ -n "$cri" ]] && echo "$cri" || echo docker)
 cri=$( (version_compare "$k8s_version" "v1.24.0" && echo "containerd") || ([[ -n "$cri" ]] && echo "$cri" || echo "docker"))
 if [[ -z "$buildName" ]]; then
-  buildName="registry.cn-qingdao.aliyuncs.com/sealer-io/kubernetes:${k8s_version}"
+  buildName="docker.io/sealerio/kubernetes:${k8s_version}"
   if [[ "$cri" == "containerd" ]] && ! version_compare "$k8s_version" "v1.24.0"; then buildName=${buildName}-containerd; fi
 fi
 platform=$(if [[ -z "$platform" ]]; then echo "linux/arm64,linux/amd64"; else echo "$platform"; fi)
@@ -87,22 +87,25 @@ sudo chmod +x version.sh download.sh && export kube_install_version="$k8s_versio
 ./download.sh "${cri}"
 
 sudo chmod +x amd64/bin/kube* && sudo chmod +x arm64/bin/kube*
-sudo wget "https://sealer.oss-cn-beijing.aliyuncs.com/sealers/sealer-v0.8.5-linux-${ARCH}.tar.gz" && sudo tar -xvf "sealer-v0.8.5-linux-${ARCH}.tar.gz"
+
+sudo wget https://github.com/sealerio/sealer/releases/download/v0.9.0/sealer-v0.9.0-linux-amd64.tar.gz && tar -xvf sealer-v0.9.0-linux-amd64.tar.gz -C /usr/bin
 sudo sed -i "s/v1.19.8/$k8s_version/g" rootfs/etc/kubeadm.yml ##change k8s_version
+sudo sed -i "s/v1.19.8/$k8s_version/g" rootfs/etc/kubeadm.yml.tmpl ##change k8s_version
 if [[ "$cri" == "containerd" ]]; then sudo sed -i "s/\/var\/run\/dockershim.sock/\/run\/containerd\/containerd.sock/g" rootfs/etc/kubeadm.yml; fi
+if [[ "$cri" == "containerd" ]]; then sudo sed -i "s/\/var\/run\/dockershim.sock/\/run\/containerd\/containerd.sock/g" rootfs/etc/kubeadm.yml.tmpl; fi
 sudo sed -i "s/kubeadm.k8s.io\/v1beta2/$kubeadmApiVersion/g" rootfs/etc/kubeadm.yml
+sudo sed -i "s/kubeadm.k8s.io\/v1beta2/$kubeadmApiVersion/g" rootfs/etc/kubeadm.yml.tmpl
 sudo ./"${ARCH}"/bin/kubeadm config images list --config "rootfs/etc/kubeadm.yml"
+sudo mkdir -p rootfs/manifests
 sudo ./"${ARCH}"/bin/kubeadm config images list --config "rootfs/etc/kubeadm.yml" 2>/dev/null | sed "/WARNING/d" >>imageList
-if [ "$(sudo ./"${ARCH}"/bin/kubeadm config images list --config rootfs/etc/kubeadm.yml 2>/dev/null | grep -c "coredns/coredns")" -gt 0 ]; then sudo sed -i "s/#imageRepository/imageRepository/g" rootfs/etc/kubeadm.yml; fi
-sudo sed -i "s/k8s.gcr.io/sea.hub:5000/g" rootfs/etc/kubeadm.yml
+if [ "$(sudo ./"${ARCH}"/bin/kubeadm config images list --config rootfs/etc/kubeadm.yml 2>/dev/null | grep -c "coredns/coredns")" -gt 0 ]; then sudo sed -i "s/#imageRepository/imageRepository/g" rootfs/etc/kubeadm.yml.tmpl; fi
+sudo sed -i "s/k8s.gcr.io/sea.hub:5000/g" rootfs/etc/kubeadm.yml.tmpl
 pauseImage=$(./"${ARCH}"/bin/kubeadm config images list --config "rootfs/etc/kubeadm.yml" 2>/dev/null | sed "/WARNING/d" | grep pause)
 if [ -f "rootfs/etc/dump-config.toml" ]; then sudo sed -i "s/sea.hub:5000\/pause:3.6/$(echo "$pauseImage" | sed 's/\//\\\//g')/g" rootfs/etc/dump-config.toml; fi
-sudo sed -i "s/v1.19.8/${k8s_version}/g" {arm64,amd64}/etc/Metadata
-##linux/arm64,linux/amd64
-sudo ./sealer build -t "${buildName}" -f Kubefile --platform "${platform}" .
+sudo sealer build -t "docker.io/sealerio/kubernetes:${k8s_version}" -f Kubefile
 if [[ "$push" == "true" ]]; then
   if [[ -n "$username" ]] && [[ -n "$password" ]]; then
-    sudo ./sealer login "$(echo "$buildName" | cut -d "/" -f1)" -u "${username}" -p "${password}"
+    sudo sealer login "$(echo "docker.io" | cut -d "/" -f1)" -u "${username}" -p "${password}"
   fi
-  sudo ./sealer push "${buildName}"
+  sudo sealer push "docker.io/sealerio/kubernetes:${k8s_version}"
 fi

context/Kubefile

@@ -1,4 +1,9 @@
 FROM scratch
-COPY rootfs/* .
-COPY ${ARCH}/* . 
-COPY imageList manifests
+COPY rootfs .
+COPY amd64 .
+LABEL "cluster.alpha.sealer.io/cluster-runtime-version"="v1.22.15"
+LABEL "cluster.alpha.sealer.io/cluster-runtime-type"="kubernetes"
+LABEL "cluster.alpha.sealer.io/container-runtime-type"="docker"
+LABEL "cluster.alpha.sealer.io/container-runtime-version"="19.03.14"
+CNI calico local://tigera-operator.yaml local://custom-resources.yaml
+LAUNCH ["calico"]

context/containerd/rootfs/scripts/containerd.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+# Copyright © 2021 Alibaba Group Holding Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -x
+set -e
+
+rootfs=$(dirname "$(pwd)")
+image_dir="$rootfs/images"
+lib_dir="${rootfs}/lib"
+dump_config_dir="$rootfs/etc/dump-config.toml"
+
+command_exists() {
+  command -v "$@" >/dev/null 2>&1
+}
+
+server_load_images() {
+  for image in "$image_dir"/*; do
+    if [ -f "${image}" ]; then
+      ${1} load -i "${image}"
+    fi
+  done
+}
+
+##cri is containerd
+if ! command_exists containerd; then
+  tar zxvf ../cri/cri-*.tar.gz -C /
+  cd "$lib_dir" && source install_libseccomp.sh
+fi
+systemctl daemon-reload
+systemctl enable containerd.service
+systemctl restart containerd.service
+
+sed -i "s/sea.hub/${2:-sea.hub}/g" "$dump_config_dir"
+sed -i "s/5000/${3:-5000}/g" "$dump_config_dir"
+mkdir -p /etc/containerd
+containerd --config "$dump_config_dir" config dump >/etc/containerd/config.toml
+systemctl restart containerd.service
+load_image_server="nerdctl"
+
+server_load_images "${load_image_server}"

context/containerd/rootfs/scripts/clean.sh → context/containerd/rootfs/scripts/uninstall-containerd.sh

@@ -27,10 +27,6 @@ rm -f /usr/bin/containerd-shim-runc-v2
 rm -f /usr/bin/crictl
 rm -f /usr/bin/ctr
 
-systemctl disable kubelet
-rm -f /usr/bin/kubeadm
-rm -f /usr/bin/kubectl
-rm -f /usr/bin/kubelet
 rm -f /usr/bin/rootlesskit
 rm -f /usr/bin/rootlesskit-docker-proxy
 rm -f /usr/bin/runc
@@ -40,14 +36,9 @@ rm -f /usr/bin/containerd-rootless.sh
 rm -f /usr/bin/nerdctl
 rm -f /usr/bin/seautil
 
-rm -f /etc/sysctl.d/k8s.conf
 rm -f /etc/crictl.yaml
-rm -f /etc/systemd/system/kubelet.service
-rm -rf /etc/systemd/system/kubelet.service.d
 rm -rf /etc/ld.so.conf.d/containerd.conf
-rm -rf /var/lib/kubelet/
 rm -rf /var/lib/containerd
 rm -rf /var/lib/nerdctl
-rm -f /var/lib/kubelet/config.yaml
 rm -rf /opt/containerd
-systemctl daemon-reload
+

context/custom-resources.yaml

@@ -0,0 +1,28 @@
+# This section includes base Calico installation configuration.
+# For more information, see: https://projectcalico.docs.tigera.io/v3.22/reference/installation/api#operator.tigera.io/v1.Installation
+apiVersion: operator.tigera.io/v1
+kind: Installation
+metadata:
+  name: default
+spec:
+  # Configures Calico networking.
+  registry: sea.hub:5000
+  calicoNetwork:
+    # Note: The ipPools section cannot be modified post-install.
+    ipPools:
+    - blockSize: 26
+      cidr: 100.64.0.0/10
+      encapsulation: VXLANCrossSubnet
+      natOutgoing: Enabled
+      nodeSelector: all()
+
+---
+
+# This section configures the Calico API server.
+# For more information, see: https://projectcalico.docs.tigera.io/v3.22/reference/installation/api#operator.tigera.io/v1.APIServer
+apiVersion: operator.tigera.io/v1
+kind: APIServer 
+metadata: 
+  name: default 
+spec: {}
+

context/docker/rootfs/etc/daemon.json

@@ -1,21 +1,19 @@
 {
+  "experimental": true,
+  "oom-score-adjust": -1000,
   "max-concurrent-downloads": 20,
   "log-driver": "json-file",
   "log-level": "warn",
   "log-opts": {
     "max-size": "10m",
     "max-file": "3"
   },
-  "mirror-registries": [
-    {
-      "domain": "*",
-      "mirrors": [
-        "https://sea.hub:5000"
-      ]
-    }
-  ],
   "exec-opts": [
     "native.cgroupdriver=systemd"
   ],
+  "insecure-registries": ["0.0.0.0/0", "::/0"],
+  "storage-driver": "overlay2",
+  "storage-opts":["overlay2.override_kernel_check=true"],
+  "live-restore": true,
   "data-root": "/var/lib/docker"
-}
+}