-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable support for multiple platforms in the Linux Bridge CNI. #1927
Enable support for multiple platforms in the Linux Bridge CNI. #1927
Conversation
Hi @ashokpariya0. Thanks for your PR. PRs from untrusted users cannot be marked as trusted with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
hack/components/bump-linux-bridge.sh
Outdated
ARCH=$(uname -m | sed 's/x86_64/amd64/') | ||
PLATFORMS="linux/amd64,linux/s390x" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please add auto detection instead hardcoding both, we should be able to compile as fast as possible
we can have a flag export PLATFORMS=all
that is translated to push all, which we can use on CI when publishing to quay
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, some comments
hack/components/bump-linux-bridge.sh
Outdated
@@ -39,7 +46,7 @@ RUN \ | |||
WORKDIR ${LINUX_BRIDGE_PATH} | |||
RUN GOFLAGS=-mod=vendor ./build_linux.sh | |||
|
|||
FROM registry.access.redhat.com/ubi8/ubi-minimal | |||
FROM registry.access.redhat.com/ubi8/ubi-minimal AS final |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please drop AS final, it is not used
prone theoretically for mistakes if someone adds layers below that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
hack/components/bump-linux-bridge.sh
Outdated
podman manifest create "${LINUX_BRIDGE_IMAGE_TAGGED}" | ||
|
||
for platform in "${PLATFORM_LIST[@]}"; do | ||
podman build --no-cache --build-arg BUILD_ARCH="$ARCH" --platform "$platform" --manifest "${LINUX_BRIDGE_IMAGE_TAGGED}" . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why no-cache ?
we do want cache locally (fast build is important)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed no-cache is removed to speed up build.
hack/components/bump-linux-bridge.sh
Outdated
modify_dockerfile_for_platform_and_architecture() { | ||
local dockerfile="$1" | ||
# Modify Dockerfile to set platform and architecture | ||
sed -i 's|^FROM registry.access.redhat.com/ubi8/ubi-minimal AS builder$|FROM --platform=linux/${BUILD_ARCH} registry.access.redhat.com/ubi8/ubi-minimal AS builder|' "$dockerfile" | ||
sed -i 's|RUN GOFLAGS=-mod=vendor ./build_linux.sh|RUN GOFLAGS=-mod=vendor GOARCH=${TARGETARCH} GOOS=${TARGETOS} ./build_linux.sh|' "$dockerfile" | ||
sed -i 's/^FROM registry.access.redhat.com\/ubi8\/ubi-minimal AS final$/FROM --platform=linux\/${TARGETARCH} registry.access.redhat.com\/ubi8\/ubi-minimal AS final/' "$dockerfile" | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i dont understand why we sed -i instead directly building the dockerfile as needed please
after all the file is built in create_dockerfile
right?
lets refactor this please
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to use TARGETARCH
and TARGETOS
in the Dockerfile, but these values are only available at runtime. Since the Dockerfile is generated using a cat
command, directly inserting these variables during creation would result in empty values, leading to an incorrect Dockerfile. To address this, we generate the Dockerfile first and then update it using the sed
command to properly set the values at runtime.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am a bit confused why it is different than all the other cases where we have a real Dockerfile (not catted)
with those as args, but we can take it offline, and unblock this PR, (because in any case, not sure we want a standalone Dockerfile for the bump / publish)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed this, Removed sed commands and used backslash to avoid substitution while creating file for few specific lines with cat command.
hack/components/bump-linux-bridge.sh
Outdated
if [ "${OCI_BIN}" == "podman" ]; then | ||
if [ ! -z ${PUSH_IMAGES} ]; then | ||
podman manifest push "${LINUX_BRIDGE_IMAGE_TAGGED}" | ||
fi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please move it after build_podman_image
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
b070bc8
to
6a4f404
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a small comment, thanks
hack/components/bump-linux-bridge.sh
Outdated
# 2. Or specify specific platforms: export PLATFORMS=linux/amd64,linux/arm64 | ||
PLATFORM_LIST="linux/amd64,linux/s390x,linux/arm64" | ||
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/') | ||
[ -z "$PLATFORMS" ] && PLATFORMS="linux/${ARCH}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please use default value bash syntax, as in line 30
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
e6d21e2
to
3454f57
Compare
Looks great thanks /test all @0xFelix |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: oshoval The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you run shellcheck
on this file and fix the issues introduced by this PR?
Note that some the warnings are considered annoyance imho, so it is better to have judgement per warning please |
This PR does not introduce any new warnings; I have already verified it using shellcheck |
These are relevant. |
The 2nd isnt regression of this PR, I remember something vaguely about -n when not using quotes, if the value is empty, it can have undesired output, but value shouldn't be empty here. More over, the 1st isn't regression of this PR, so imo we don't need to enforce fixing it on this PR |
Once this PR is merged, also need to recall / find out please how to trigger its release |
@oshoval I also encountered some issues recently when trying to achieve a 100% result in ShellCheck without any warnings. |
I think we can proceed please, |
I'm not a fan of leaving warnings in place when you change the code anyway. But it's up to you to decide. |
okay. |
Thanks seems https://github.com/kubevirt/cluster-network-addons-operator/actions/runs/12339360372/job/34435568203?pr=1927 is failing, would you have time to look please ? |
/test all |
I don't see any change w.r.t to free disk space https://github.com/ovn-kubernetes/ovn-kubernetes/blob/eee91422cc619cde68dcb4e3be30ccf33e188867/.github/workflows/test.yml#L295 |
i believe git actions default container was changed and it will fail there soon as well if we use the same |
lets try to remove please the ones that NA, and see if it pass ? (well it might be flaky if there wont be enough space, but this is a start) |
unit test fail on kmp image mismatch (might be related to the last PR that was merged) maybe @RamLavi knows something about it ?
|
opened ovn-kubernetes/ovn-kubernetes#4914 and the one that is mentioned there |
still fails after rebase, unit test should be fixed first, and worth to check if main branch state is broken |
opened for that #1944 |
storage problem also hit OVN |
The issue also occurs with OVN, as it seems that ubuntu-latest now points to Ubuntu 24.04. This is causing disk cleanup problems across the board. We can address this by either removing only the installed packages or switching to ubuntu-22.04. Additionally, the following link still doesn't reflect the correct version: https://github.com/actions/runner-images Please also review the issue here: actions/runner-images#10636. |
Thank you |
Sure |
|
can you please rebase to take ipam fix ? |
I am on it. |
These updates allow the building and pushing of Linux Bridge container images for multiple platforms (e.g., amd64, s390x) using a single Dockerfile. Multi-platform build support is provided for both Docker and Podman container runtimes. Signed-off-by: Ashok Pariya <[email protected]>
e1c4a33
to
c7b00fe
Compare
Quality Gate passedIssues Measures |
Done. |
@oshoval IPAM controller e2e tests passed on this pr, could you please trigger all other tests? |
Thanks /test all |
/lgtm since was removed just due to rebase |
/hold cancel |
These updates allow the building and pushing of Linux Bridge container images for multiple platforms (e.g., amd64, s390x) using a single Dockerfile. Multi-platform build support is provided for both Docker and Podman container runtimes.
What this PR does / why we need it:
"The upstream cni-default-plugins image ([link](https://quay.io/repository/kubevirt/cni-default-plugins?tab=tags&tag=latest)) currently supports only the amd64 architecture. The proposed changes in this PR enable multi-platform support for the linux-bridge image, broadening its compatibility to include additional architectures like s390x."
Special notes for your reviewer:
Multi-platform build support is enabled for both Docker and Podman container runtimes, and the necessary changes have been made accordingly.
To use this feature, you need to:
For Podman:
No additional dependencies are required to build multi-platform images. Podman supports this feature natively.
and We set the default value of OCI_BIN to podman if it's available, so we are good here.
For Docker:
Have access to docker buildx. More information: [Docker Buildx Documentation](https://docs.docker.com/build/building/multi-platform/)
Ensure that BuildKit is enabled. More information: [Docker BuildKit Enhancements](https://docs.docker.com/develop/develop-images/build_enhancements/)
Release note: