From 987e7baacc4a4415412c206a6901800135fafd46257e32631ab3c390e4c2cc37 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 3 Oct 2025 11:10:14 +0200 Subject: [PATCH 01/16] Adds the new sriov-network-operator SRPM package to suse-edge/Factory. --- sriov-network-operator/_service | 20 +++ .../sriov-network-operator.spec | 116 ++++++++++++++++++ 2 files changed, 136 insertions(+) create mode 100644 sriov-network-operator/_service create mode 100644 sriov-network-operator/sriov-network-operator.spec diff --git a/sriov-network-operator/_service b/sriov-network-operator/_service new file mode 100644 index 0000000..f2a93ab --- /dev/null +++ b/sriov-network-operator/_service @@ -0,0 +1,20 @@ + + + https://github.com/k8snetworkplumbingwg/sriov-network-operator + git + v1.5.0 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + sriov-network-operator.obsinfo + + + + diff --git a/sriov-network-operator/sriov-network-operator.spec b/sriov-network-operator/sriov-network-operator.spec new file mode 100644 index 0000000..8023128 --- /dev/null +++ b/sriov-network-operator/sriov-network-operator.spec @@ -0,0 +1,116 @@ +# +# spec file for package sriov-network-operator +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: sriov-network-operator +Version: 1.5.0 +Release: 0 +Summary: Implements a Kubernetes operator for handling SRIOV VF resources +License: Apache-2.0 +URL: https://github.com/k8snetworkplumbingwg/sriov-network-operator +Source: sriov-network-operator-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: golang(API) = 1.22 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +The SRIOV Network Operator implements a Kubernetes operator for handling SRIOV VF resources. It helps users to +provision and configure SR-IOV CNI plugins and SR-IOV Device plugin in a kubernetes cluster. + +Handling (i.e., assigning, removing) SRIOV Virtual Functions (VF) across workloads orchestrated by a kubernetes +cluster requires different components to be provisioned and configured accordingly; the SRIOV Network +Operator takes care of deploying and coordinating all those required components, providing an elegant API to +simplify the process. + +%package common +Summary: SRIOV Network Operator Common +Group: System/Management + +%description common +The SRIOV Network Operator implements a Kubernetes operator for handling SRIOV VF resources. +This subpackage is required to take ownership of the bindata files shared across subpackages. + +%package manager +Summary: SRIOV Network Operator Manager +Group: System/Management +Requires: %{name}-common = %{version} + +%description manager +The SRIOV Network Operator implements a Kubernetes operator for handling SRIOV VF resources. +This subpackage provides the controllers' manager and the config-cleanup binaries. + +%package config-dm +Summary: SRIOV Network Operator Config Daemon +Group: System/Management +Requires: %{name}-common = %{version} + +%description config-dm +The SRIOV Network Operator implements a Kubernetes operator for handling SRIOV VF resources. +This subpackage provides the config-daemon binary. + +%package webhook +Summary: SRIOV Network Operator Webhook +Group: System/Management + +%description webhook +The SRIOV Network Operator implements a Kubernetes operator for handling SRIOV VF resources. +This subpackage provides the webhook binary. + +%prep +%autosetup -a1 -n sriov-network-operator-%{version} -p1 + +%build +# CGO is disable by default in upstream Makefile +%define cgoenabled "0" +%define buildldflags "-X github.com/k8snetworkplumbingwg/sriov-network-operator/pkg/version.Raw=%{version} -s -w" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -o manager main.go +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -o sriov-network-operator-config-cleanup ./cmd/sriov-network-operator-config-cleanup +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -o sriov-network-config-daemon ./cmd/sriov-network-config-daemon +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -o webhook ./cmd/webhook + +%install +install -D -m0755 manager %{buildroot}%{_bindir}/sriov-network-operator +install -D -m0755 sriov-network-operator-config-cleanup %{buildroot}%{_bindir}/sriov-network-operator-config-cleanup +install -D -m0755 sriov-network-config-daemon %{buildroot}%{_bindir}/sriov-network-config-daemon +install -D -m0755 webhook %{buildroot}%{_bindir}/webhook +mkdir -p %{buildroot}/bindata +cp -aR bindata/* %{buildroot}/bindata/ +chmod 755 %{buildroot}/bindata/scripts/* + +%files common +%license LICENSE +%doc README.md +/bindata + +%files manager +%license LICENSE +%doc README.md +%{_bindir}/sriov-network-operator +%{_bindir}/sriov-network-operator-config-cleanup + +%files config-dm +%license LICENSE +%doc README.md +%{_bindir}/sriov-network-config-daemon + +%files webhook +%license LICENSE +%doc README.md +%{_bindir}/webhook + +%changelog -- 2.51.1 From 86ff679f50eb6407dc6f764548c8abb6e7f5b62a0f71833415c9d5c462ba6601 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 11:25:47 +0200 Subject: [PATCH 02/16] Adds new sriov-network-operator-manager-image package to suse-edge/Factory, used to build the sriov-network-manager container image --- .../Dockerfile | 33 +++++++++++++++++++ sriov-network-operator-manager-image/_service | 19 +++++++++++ 2 files changed, 52 insertions(+) create mode 100644 sriov-network-operator-manager-image/Dockerfile create mode 100644 sriov-network-operator-manager-image/_service diff --git a/sriov-network-operator-manager-image/Dockerfile b/sriov-network-operator-manager-image/Dockerfile new file mode 100644 index 0000000..2c21362 --- /dev/null +++ b/sriov-network-operator-manager-image/Dockerfile @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%sriov-network-manager:v%%sriov-network-manager_version%% +#!BuildTag: %%IMG_PREFIX%%sriov-network-manager:v%%sriov-network-manager_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends sriov-network-operator-manager; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.sriov-network-manager +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE sriov-network-manager Container Image" +LABEL org.opencontainers.image.description="sriov-network-manager based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%sriov-network-manager_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-manager:%%sriov-network-manager_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +COPY --from=base /installroot / +ENTRYPOINT ["/usr/bin/sriov-network-operator"] diff --git a/sriov-network-operator-manager-image/_service b/sriov-network-operator-manager-image/_service new file mode 100644 index 0000000..b7954ba --- /dev/null +++ b/sriov-network-operator-manager-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%sriov-network-manager_version%% + sriov-network-operator-manager + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From ae8cfd984da0c566189d8daccbb76fb776f075d59f941779fdfcd907ea432454 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 11:29:27 +0200 Subject: [PATCH 03/16] Adds new sriov-network-operator-config-daemon-image package; used to build the sriov-network-config-daemon image --- .../Dockerfile | 33 +++++++++++++++++++ .../_service | 19 +++++++++++ 2 files changed, 52 insertions(+) create mode 100644 sriov-network-operator-config-daemon-image/Dockerfile create mode 100644 sriov-network-operator-config-daemon-image/_service diff --git a/sriov-network-operator-config-daemon-image/Dockerfile b/sriov-network-operator-config-daemon-image/Dockerfile new file mode 100644 index 0000000..3282202 --- /dev/null +++ b/sriov-network-operator-config-daemon-image/Dockerfile @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%sriov-network-config-daemon:v%%sriov-network-config-daemon_version%% +#!BuildTag: %%IMG_PREFIX%%sriov-network-config-daemon:v%%sriov-network-config-daemon_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends sriov-network-operator-config-dm hwdata mstflint; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.sriov-network-config-daemon +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE sriov-network-config-daemon Container Image" +LABEL org.opencontainers.image.description="sriov-network-config-daemon based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%sriov-network-config-daemon_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-config-daemon:%%sriov-network-config-daemon_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +COPY --from=base /installroot / +ENTRYPOINT ["/usr/bin/sriov-network-config-daemon"] diff --git a/sriov-network-operator-config-daemon-image/_service b/sriov-network-operator-config-daemon-image/_service new file mode 100644 index 0000000..5b26494 --- /dev/null +++ b/sriov-network-operator-config-daemon-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%sriov-network-config-daemon_version%% + sriov-network-operator-config-dm + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 23b56760c9c13f998b4f4f1bc3c5c864100accfca9f23a4c8eef3c8c507d9216 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 11:32:01 +0200 Subject: [PATCH 04/16] Adds new sriov-network-operator-webhook-image package, used to build the sriov-network-webhook container image --- .../Dockerfile | 34 +++++++++++++++++++ sriov-network-operator-webhook-image/_service | 19 +++++++++++ 2 files changed, 53 insertions(+) create mode 100644 sriov-network-operator-webhook-image/Dockerfile create mode 100644 sriov-network-operator-webhook-image/_service diff --git a/sriov-network-operator-webhook-image/Dockerfile b/sriov-network-operator-webhook-image/Dockerfile new file mode 100644 index 0000000..add91eb --- /dev/null +++ b/sriov-network-operator-webhook-image/Dockerfile @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%sriov-network-webhook:v%%sriov-network-webhook_version%% +#!BuildTag: %%IMG_PREFIX%%sriov-network-webhook:v%%sriov-network-webhook_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends sriov-network-operator-webhook; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.sriov-network-webhook +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE sriov-network-webhook Container Image" +LABEL org.opencontainers.image.description="sriov-network-webhook based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%sriov-network-webhook_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-webhook:%%sriov-network-webhook_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +USER 1001 +COPY --from=base /installroot / +CMD ["/usr/bin/webhook"] diff --git a/sriov-network-operator-webhook-image/_service b/sriov-network-operator-webhook-image/_service new file mode 100644 index 0000000..6e9b426 --- /dev/null +++ b/sriov-network-operator-webhook-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%sriov-network-webhook_version%% + sriov-network-operator-webhook + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 5bcea067a66d78fa3baa2bf668ccdafdc0d73881f0c67898ad7ed94126afea86 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:16:25 +0200 Subject: [PATCH 05/16] Adds new sriov-cni SRPM package; used to build the sriov-cni container image --- sriov-cni/_service | 20 +++++++++++++ sriov-cni/sriov-cni.spec | 61 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 sriov-cni/_service create mode 100644 sriov-cni/sriov-cni.spec diff --git a/sriov-cni/_service b/sriov-cni/_service new file mode 100644 index 0000000..d21f9e8 --- /dev/null +++ b/sriov-cni/_service @@ -0,0 +1,20 @@ + + + https://github.com/k8snetworkplumbingwg/sriov-cni + git + v2.9.0 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + sriov-cni.obsinfo + + + + diff --git a/sriov-cni/sriov-cni.spec b/sriov-cni/sriov-cni.spec new file mode 100644 index 0000000..2128fdf --- /dev/null +++ b/sriov-cni/sriov-cni.spec @@ -0,0 +1,61 @@ +# +# spec file for package sriov-cni +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: sriov-cni +Version: 0 +Release: 0 +Summary: Implements a Kubernetes CNI plugin operator for SRIOV VFs +License: Apache-2.0 +URL: https://github.com/k8snetworkplumbingwg/sriov-cni +Source: %{name}-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: golang(API) = 1.22 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +Network Interface Cards (NICs) with SR-IOV capabilities are managed through physical functions (PFs) and virtual functions (VFs). +A PF is used by the host and usually represents a single NIC port. VF configurations are applied through the PF. +The SR-IOV CNI allows each VF to be treated as a separate network interface, assigned to a container, and configured with its own +MAC, VLAN, IP and more. + +SR-IOV CNI plugin works with SR-IOV device plugin for VF allocation in Kubernetes. A CNI metaplugin such as Multus gets the allocated +VF's deviceID(PCI address) and is responsible for invoking the SR-IOV CNI plugin with that deviceID. + +%prep +%autosetup -a1 -n %{name}-%{version} -p1 + +%build +# CGO is disabled by default in upstream Makefile: +%define cgoenabled "0" +# go build constrain (aka tag) "no_openssl" is set by default in upstream Makefile: +%define buildgotags "no_openssl" +%define buildldflags "" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -ldflags %{buildldflags} -tags %{buildgotags} -o sriov cmd/sriov/main.go + +%install +install -D -m0755 sriov %{buildroot}%{_bindir}/sriov +install -D -m0755 images/entrypoint.sh %{buildroot}/entrypoint.sh + +%files +%license LICENSE +%doc README.md +%{_bindir}/sriov +/entrypoint.sh + +%changelog -- 2.51.1 From 5309bc391419c915dad32e2bee67c8b714486a06e054aa1661da94fd4284eaac Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:18:32 +0200 Subject: [PATCH 06/16] Adds new sriov-cni-image package, used to build the sriov-cni container image --- sriov-cni-image/Dockerfile | 33 +++++++++++++++++++++++++++++++++ sriov-cni-image/_service | 19 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 sriov-cni-image/Dockerfile create mode 100644 sriov-cni-image/_service diff --git a/sriov-cni-image/Dockerfile b/sriov-cni-image/Dockerfile new file mode 100644 index 0000000..5b882c9 --- /dev/null +++ b/sriov-cni-image/Dockerfile @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%sriov-cni:v%%sriov-cni_version%% +#!BuildTag: %%IMG_PREFIX%%sriov-cni:v%%sriov-cni_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends sriov-cni gawk which; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.sriov-cni +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE sriov-cni Container Image" +LABEL org.opencontainers.image.description="sriov-cni based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%sriov-cni_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%sriov-cni:%%sriov-cni_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +COPY --from=base /installroot / +ENTRYPOINT ["/entrypoint.sh"] diff --git a/sriov-cni-image/_service b/sriov-cni-image/_service new file mode 100644 index 0000000..fc9b90d --- /dev/null +++ b/sriov-cni-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%sriov-cni_version%% + sriov-cni + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 025cfb2428d924a0344240066b6f7674547028ef03c1be1555ae0a1cb066a898 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:20:49 +0200 Subject: [PATCH 07/16] Adds new ib-sriov-cni SRPM package, used to build the ib-sriov-cni image --- ib-sriov-cni/_service | 25 +++++++++++++ ib-sriov-cni/ib-sriov-cni.spec | 64 ++++++++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 ib-sriov-cni/_service create mode 100644 ib-sriov-cni/ib-sriov-cni.spec diff --git a/ib-sriov-cni/_service b/ib-sriov-cni/_service new file mode 100644 index 0000000..7f8ad6d --- /dev/null +++ b/ib-sriov-cni/_service @@ -0,0 +1,25 @@ + + + https://github.com/k8snetworkplumbingwg/ib-sriov-cni + git + v1.2.1 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + ib-sriov-cni.obsinfo + + + + + ib-sriov-cni.spec + SOURCE_COMMIT + SOURCE_COMMIT=$(grep commit ib-sriov-cni.obsinfo | cut -d" " -f2) + + diff --git a/ib-sriov-cni/ib-sriov-cni.spec b/ib-sriov-cni/ib-sriov-cni.spec new file mode 100644 index 0000000..f78e826 --- /dev/null +++ b/ib-sriov-cni/ib-sriov-cni.spec @@ -0,0 +1,64 @@ +# +# spec file for package ib-sriov-cni +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: ib-sriov-cni +Version: 0 +Release: 0 +Summary: Implements a Kubernetes CNI plugin operator for Infiniband SRIOV VFs +License: Apache-2.0 +URL: https://github.com/k8snetworkplumbingwg/ib-sriov-cni +Source: %{name}-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: golang(API) = 1.23 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +Network Interface Cards (NICs) with SR-IOV capabilities are managed through physical functions (PFs) and virtual functions (VFs). +A PF is used by the host and usually represents a single NIC port. VF configurations are applied through the PF. +The SR-IOV CNI allows each VF to be treated as a separate network interface, assigned to a container, and configured with its own +MAC, VLAN, IP and more. + +Infiniband SR-IOV CNI plugin works with Infiniband SR-IOV device plugin for VF allocation in Kubernetes. A CNI metaplugin such as Multus +gets the allocated VF's deviceID(PCI address) and is responsible for invoking the Infiniband SR-IOV CNI plugin with that deviceID. + +%prep +%autosetup -a1 -n %{name}-%{version} -p1 + +%build +# CGO is disabled by default in upstream Makefile: +%define cgoenabled "0" +# go build constrain (aka tag) "no_openssl" is set by default in upstream Makefile +%define gotags "no_openssl" +%define buildtime %(date +%%Y-%%m-%%dT%%H:%%M:%%S%%z) +%define buildcommit %%SOURCE_COMMIT%% +%define buildldflags "-X main.version=%{version} -X main.commit=%{buildcommit}% -X main.date=%{buildtime}%" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -tags %{gotags} -ldflags %{buildldflags} -o ib-sriov cmd/ib-sriov-cni/main.go + +%install +install -D -m0755 ib-sriov %{buildroot}%{_bindir}/ib-sriov +install -D -m0755 images/entrypoint.sh %{buildroot}/entrypoint.sh + + +%files +%license LICENSE +%doc README.md +%{_bindir}/ib-sriov +/entrypoint.sh + +%changelog -- 2.51.1 From 4e9483617fe2be9919e7ef25198c2e1669cd8a34007f680fefe2dff463a731d9 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:22:21 +0200 Subject: [PATCH 08/16] Adds new ib-sriov-cni-image package, used to build the ib-sriov-cni image --- ib-sriov-cni-image/Dockerfile | 33 +++++++++++++++++++++++++++++++++ ib-sriov-cni-image/_service | 19 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 ib-sriov-cni-image/Dockerfile create mode 100644 ib-sriov-cni-image/_service diff --git a/ib-sriov-cni-image/Dockerfile b/ib-sriov-cni-image/Dockerfile new file mode 100644 index 0000000..c31f8ad --- /dev/null +++ b/ib-sriov-cni-image/Dockerfile @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%ib-sriov-cni:v%%ib-sriov-cni_version%% +#!BuildTag: %%IMG_PREFIX%%ib-sriov-cni:v%%ib-sriov-cni_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends ib-sriov-cni gawk which; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.ib-sriov-cni +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE ib-sriov-cni Container Image" +LABEL org.opencontainers.image.description="ib-sriov-cni based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%ib-sriov-cni_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%ib-sriov-cni:%%ib-sriov-cni_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +COPY --from=base /installroot / +ENTRYPOINT ["/entrypoint.sh"] diff --git a/ib-sriov-cni-image/_service b/ib-sriov-cni-image/_service new file mode 100644 index 0000000..ea9872c --- /dev/null +++ b/ib-sriov-cni-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%ib-sriov-cni_version%% + ib-sriov-cni + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 12677f19ce6ccbc288bf23e6dc2f4110c79f24bb0e84ef9d1cb74b963837fe2a Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:25:05 +0200 Subject: [PATCH 09/16] Adds new sriov-network-device-plugin SRPM package, required to build the sriov-network-device-plugin image --- sriov-network-device-plugin/_service | 20 ++++++ .../sriov-network-device-plugin.spec | 69 +++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 sriov-network-device-plugin/_service create mode 100644 sriov-network-device-plugin/sriov-network-device-plugin.spec diff --git a/sriov-network-device-plugin/_service b/sriov-network-device-plugin/_service new file mode 100644 index 0000000..5ec6d6c --- /dev/null +++ b/sriov-network-device-plugin/_service @@ -0,0 +1,20 @@ + + + https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin + git + v3.9.0 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + sriov-network-device-plugin.obsinfo + + + + diff --git a/sriov-network-device-plugin/sriov-network-device-plugin.spec b/sriov-network-device-plugin/sriov-network-device-plugin.spec new file mode 100644 index 0000000..f83cfea --- /dev/null +++ b/sriov-network-device-plugin/sriov-network-device-plugin.spec @@ -0,0 +1,69 @@ +# +# spec file for package sriov-network-device-plugin +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: sriov-network-device-plugin +Version: 0 +Release: 0 +Summary: Kubernetes device plugin for discovering and advertising SR-IOV available resources in the host +License: Apache-2.0 +URL: https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin +Source: %{name}-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: golang(API) = 1.23 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +The SR-IOV Network Device Plugin is a Kubernetes device plugin for discovering and advertising networking resources in the form of +(i) SR-IOV virtual functions [VFs], (ii) PCI physical functions [PFs] and (iii) Auxiliary network devices (in particular Subfunctions [SFs]) +which are available on a Kubernetes host. +To deploy workloads with SR-IOV resources this plugin needs to work together a CNI meta plugin supporting Device Plugin based network +provisioning (e.g., Multus CNI) and a CNI capable of consuming the SR-IOV network device allocated to the Pod (e.g., sriov-cni). + +List of supported SR-IOV devices (not limited to NICs): https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin/blob/main/README.md +(select the right version/tag) + +%prep +%autosetup -a1 -n %{name}-%{version} -p1 + +%build +# Following go-build settings have been taken from upstream Makefile (for the STATIC option, the one set by rancher/ecm hardened +# image used as baseline: https://github.com/rancher/image-build-sriov-network-device-plugin/blob/v3.9.0-build20250425/Dockerfile#L18 ): +# +# - CGO being disabled: +%define cgoenabled "0" +# - go-build constrain (aka tag) "no_openssl" being set: +%define buildgotags "no_openssl" +# - go-build to invoke external linker (i.e., gcc's ld) to which "static" option is being passed +%define buildldflags "-extldflags '-static'" +# - force rebuilding of packages that are already up-to-date +#define buildgoflags "-a" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -ldflags %{buildldflags} ${buildgoflags} -tags %{buildgotags} -o sriovdp ./cmd/sriovdp + +%install +install -D -m0755 sriovdp %{buildroot}%{_bindir}/sriovdp +install -D -m0755 images/entrypoint.sh %{buildroot}/entrypoint.sh + + +%files +%license LICENSE +%doc README.md +%{_bindir}/sriovdp +/entrypoint.sh + +%changelog -- 2.51.1 From f918fb62841842fbee6cc9c9e595cc036b9bf2521762fabb682cf2be44f2f1fd Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:27:39 +0200 Subject: [PATCH 10/16] Adds new sriov-network-device-plugin-image package, used to build the sriov-network-device-plugin container image --- sriov-network-device-plugin-image/Dockerfile | 33 ++++++++++++++++++++ sriov-network-device-plugin-image/_service | 19 +++++++++++ 2 files changed, 52 insertions(+) create mode 100644 sriov-network-device-plugin-image/Dockerfile create mode 100644 sriov-network-device-plugin-image/_service diff --git a/sriov-network-device-plugin-image/Dockerfile b/sriov-network-device-plugin-image/Dockerfile new file mode 100644 index 0000000..b2dca50 --- /dev/null +++ b/sriov-network-device-plugin-image/Dockerfile @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%sriov-network-device-plugin:v%%sriov-network-device-plugin_version%% +#!BuildTag: %%IMG_PREFIX%%sriov-network-device-plugin:v%%sriov-network-device-plugin_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends sriov-network-device-plugin hwdata gawk which; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.sriov-network-device-plugin +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE sriov-network-device-plugin Container Image" +LABEL org.opencontainers.image.description="sriov-network-device-plugin based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%sriov-network-device-plugin_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-device-plugin:%%sriov-network-device-plugin_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +COPY --from=base /installroot / +ENTRYPOINT ["/entrypoint.sh"] diff --git a/sriov-network-device-plugin-image/_service b/sriov-network-device-plugin-image/_service new file mode 100644 index 0000000..02dce0b --- /dev/null +++ b/sriov-network-device-plugin-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%sriov-network-device-plugin_version%% + sriov-network-device-plugin + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 7dbbd28a844f828aa48677a8a0b97787f15ec112df27f2a66793d056f5c81b84 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:29:50 +0200 Subject: [PATCH 11/16] Adds new network-resources-injector SRPM package, required to build the network-resources-injector container image --- network-resources-injector/_service | 20 ++++++ .../network-resources-injector.spec | 62 +++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 network-resources-injector/_service create mode 100644 network-resources-injector/network-resources-injector.spec diff --git a/network-resources-injector/_service b/network-resources-injector/_service new file mode 100644 index 0000000..bdc6ab9 --- /dev/null +++ b/network-resources-injector/_service @@ -0,0 +1,20 @@ + + + https://github.com/k8snetworkplumbingwg/network-resources-injector + git + v1.7.1 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + network-resources-injector.obsinfo + + + + diff --git a/network-resources-injector/network-resources-injector.spec b/network-resources-injector/network-resources-injector.spec new file mode 100644 index 0000000..4bfac9e --- /dev/null +++ b/network-resources-injector/network-resources-injector.spec @@ -0,0 +1,62 @@ +# +# spec file for package network-resources-injector +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: network-resources-injector +Version: 0 +Release: 0 +Summary: Kubernetes admission controller able to patch pod spec's requests and limits on custom network resources +License: Apache-2.0 +URL: https://github.com/k8snetworkplumbingwg/network-resources-injector +Source: %{name}-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: golang(API) = 1.21 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +Network Resources Injector is a Kubernetes Dynamic Admission Controller application that provides functionality of +patching Kubernetes pod specifications with requests and limits of custom network resources (managed by device plugins +such as k8snetworkplumbingwg/sriov-network-device-plugin). Requires Multus Network-Attach-Definition (NAD) custom +objects to be created before creating the pod object referring/pointing to them; custom network resources' request and +limits to add to the pod spec are inferred from the pointed NAD/s. + +%prep +%autosetup -a1 -n %{name}-%{version} -p1 + +%build +# CGO is disabled by default in upstream Makefile +%define cgoenabled "0" +# go build constrain (aka tag) "no_openssl" is set by default in upstream Makefile +%define buildgotags "no_openssl" +%define buildldflags "-w -s" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -tags %{buildgotags} -o installer ./cmd/installer +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -buildmode=pie -trimpath -ldflags %{buildldflags} -tags %{buildgotags} -o webhook ./cmd/webhook + + +%install +install -D -m0755 installer %{buildroot}%{_bindir}/installer +install -D -m0755 webhook %{buildroot}%{_bindir}/webhook + + +%files +%license LICENSE +%doc README.md +%{_bindir}/installer +%{_bindir}/webhook + +%changelog -- 2.51.1 From 91bc150524b600ea8a2e2e387cc37bfd2f4b51344b6e74676937eb0c88ecd067 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:30:50 +0200 Subject: [PATCH 12/16] Adds new network-resources-injector-image package, used to build the network-resources-injector container image --- network-resources-injector-image/Dockerfile | 34 +++++++++++++++++++++ network-resources-injector-image/_service | 19 ++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 network-resources-injector-image/Dockerfile create mode 100644 network-resources-injector-image/_service diff --git a/network-resources-injector-image/Dockerfile b/network-resources-injector-image/Dockerfile new file mode 100644 index 0000000..3f24deb --- /dev/null +++ b/network-resources-injector-image/Dockerfile @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%network-resources-injector:v%%network-resources-injector_version%% +#!BuildTag: %%IMG_PREFIX%%network-resources-injector:v%%network-resources-injector_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends network-resources-injector gawk which; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.network-resources-injector +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE network-resources-injector Container Image" +LABEL org.opencontainers.image.description="network-resources-injector based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%network-resources-injector_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%network-resources-injector:%%network-resources-injector_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +USER 1001 +COPY --from=base /installroot / +CMD ["/usr/bin/webhook"] diff --git a/network-resources-injector-image/_service b/network-resources-injector-image/_service new file mode 100644 index 0000000..8bc3de2 --- /dev/null +++ b/network-resources-injector-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%network-resources-injector_version%% + network-resources-injector + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From 1ba01a688678be97663bd91e9ef2b0e681fc2464f0acb249602e23c3852bbe8f Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:32:31 +0200 Subject: [PATCH 13/16] Adds new node-feature-discovery SRPM package, required to build the node-feature-discovery container image --- node-feature-discovery/_service | 20 ++++ .../node-feature-discovery.spec | 91 +++++++++++++++++++ 2 files changed, 111 insertions(+) create mode 100644 node-feature-discovery/_service create mode 100644 node-feature-discovery/node-feature-discovery.spec diff --git a/node-feature-discovery/_service b/node-feature-discovery/_service new file mode 100644 index 0000000..d299576 --- /dev/null +++ b/node-feature-discovery/_service @@ -0,0 +1,20 @@ + + + https://github.com/kubernetes-sigs/node-feature-discovery + git + v0.15.7 + _auto_ + @PARENT_TAG@ + enable + antonio.alarcon@suse.com + v* + v(\d+\.\d+\.\d+) + yes + \1 + + + node-feature-discovery.obsinfo + + + + diff --git a/node-feature-discovery/node-feature-discovery.spec b/node-feature-discovery/node-feature-discovery.spec new file mode 100644 index 0000000..74ea4bd --- /dev/null +++ b/node-feature-discovery/node-feature-discovery.spec @@ -0,0 +1,91 @@ +# +# spec file for package node-feature-discovery +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: node-feature-discovery +Version: 0 +Release: 0 +Summary: Advertises hardware features available on each Kubernetes node using node labels +License: Apache-2.0 +URL: https://github.com/kubernetes-sigs/node-feature-discovery +Source: %{name}-%{version}.tar +Source1: vendor.tar.gz +BuildRequires: glibc-static +BuildRequires: golang(API) = 1.21 +ExcludeArch: s390 +ExcludeArch: %{ix86} + +%description +Node-Feature-Discovery (NFD) software enables node feature discovery for Kubernetes. It detects hardware features available on each node in a +Kubernetes cluster, and advertises those features using node labels and optionally node extended resources, annotations and node taints. +Node Feature Discovery is compatible with any recent version of Kubernetes (v1.21+). + +NFD consists of four software components: +- nfd-master: + daemon responsible for communication towards the Kubernetes API. That is, it receives labeling requests from the worker and modifies node + objects accordingly. +- nfd-worker: + daemon responsible for feature detection. It then communicates the information to nfd-master which does the actual node labeling. One instance + of nfd-worker is supposed to be running on each node of the cluster. +- nfd-topology-updater: + daemon responsible for examining allocated resources on a worker node to account for resources available to be allocated to new pod on a per-zone + basis (where a zone can be a NUMA node). It then creates or updates a NodeResourceTopology custom resource object specific to this node. One instance + of nfd-topology-updater is supposed to be running on each node of the cluster. +- nfd-gc: + daemon responsible for cleaning obsolete NodeFeature and NodeResourceTopology objects. + One instance of nfd-gc is supposed to be running in the cluster. + +%prep +%autosetup -a1 -n %{name}-%{version} -p1 + +%build +%define cgoenabled "1" +# Most of the following go-build settings, toghether the build requirement on glibc-static package (see above) come from the aim +# to get an statically linked binary (once CGO being enabled); they have been taken from upstream Makefile. +# +# Apart from that, the "host-" setting in "pathPrefix" variable in "sigs.k8s.io/node-feature-discovery/pkg/utils/hostpath" package +# (below) is required for alignment with the several mount paths set in the nfd chart's "worker" daemonset (yaml) template, for +# all the hostPath volumes defined there. +%define buildgotags "osusergo,netgo" +%define buildldflags "-linkmode=external -extldflags '-static -Wl,--fatal-warnings' -X sigs.k8s.io/node-feature-discovery/pkg/version.version=v%{version} -X sigs.k8s.io/node-feature-discovery/pkg/utils/hostpath.pathPrefix=/host- -s -w" +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -trimpath -tags %{buildgotags} -ldflags %{buildldflags} -o kubectl-nfd ./cmd/kubectl-nfd +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -trimpath -tags %{buildgotags} -ldflags %{buildldflags} -o nfd-gc ./cmd/nfd-gc +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -trimpath -tags %{buildgotags} -ldflags %{buildldflags} -o nfd-master ./cmd/nfd-master +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -trimpath -tags %{buildgotags} -ldflags %{buildldflags} -o nfd-worker ./cmd/nfd-worker +CGO_ENABLED=%{cgoenabled} go build -mod=vendor -trimpath -tags %{buildgotags} -ldflags %{buildldflags} -o nfd-topology-updater ./cmd/nfd-topology-updater + +%install +install -D -m0755 kubectl-nfd %{buildroot}%{_bindir}/kubectl-nfd +install -D -m0755 nfd-gc %{buildroot}%{_bindir}/nfd-gc +install -D -m0755 nfd-master %{buildroot}%{_bindir}/nfd-master +install -D -m0755 nfd-worker %{buildroot}%{_bindir}/nfd-worker +install -D -m0755 nfd-topology-updater %{buildroot}%{_bindir}/nfd-topology-updater +install -D -m0644 ./deployment/components/worker-config/nfd-worker.conf.example %{buildroot}%{_sysconfdir}/kubernetes/node-feature-discovery/nfd-worker.conf + +%files +%license LICENSE +%doc README.md +%{_bindir}/kubectl-nfd +%{_bindir}/nfd-gc +%{_bindir}/nfd-master +%{_bindir}/nfd-worker +%{_bindir}/nfd-topology-updater +%dir %{_sysconfdir}/kubernetes +%dir %{_sysconfdir}/kubernetes/node-feature-discovery +%{_sysconfdir}/kubernetes/node-feature-discovery/nfd-worker.conf + +%changelog -- 2.51.1 From ae771b55c08528b3dd2f2e736e4ddbb95a5e6fd01d4dc1208cea8c520f0c9d58 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Fri, 17 Oct 2025 12:33:24 +0200 Subject: [PATCH 14/16] Adds new node-feature-discovery-image package, used to build the node-feature-discovery container image --- node-feature-discovery-image/Dockerfile | 35 +++++++++++++++++++++++++ node-feature-discovery-image/_service | 19 ++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 node-feature-discovery-image/Dockerfile create mode 100644 node-feature-discovery-image/_service diff --git a/node-feature-discovery-image/Dockerfile b/node-feature-discovery-image/Dockerfile new file mode 100644 index 0000000..5031bc5 --- /dev/null +++ b/node-feature-discovery-image/Dockerfile @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: Apache-2.0 +#!BuildTag: %%IMG_PREFIX%%node-feature-discovery:v%%node-feature-discovery_version%% +#!BuildTag: %%IMG_PREFIX%%node-feature-discovery:v%%node-feature-discovery_version%%-%RELEASE% +ARG SLE_VERSION +FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro + +FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base +COPY --from=micro / /installroot/ +RUN zypper --installroot /installroot --non-interactive install --no-recommends node-feature-discovery; \ + zypper -n clean; \ + rm -rf /var/log/* + +FROM micro AS final +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=com.suse.application.node-feature-discovery +LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" +LABEL org.opencontainers.image.title="SLE node-feature-discovery Container Image" +LABEL org.opencontainers.image.description="node-feature-discovery based on the SLE Base Container Image." +LABEL org.opencontainers.image.version="%%node-feature-discovery_version%%" +LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="SUSE LLC" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%node-feature-discovery:%%node-feature-discovery_version%%-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" +LABEL com.suse.eula="SUSE Combined EULA February 2024" +LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle" +LABEL com.suse.image-type="application" +LABEL com.suse.release-stage="released" +# endlabelprefix + +USER 65534:65534 +COPY --from=base /installroot / + + diff --git a/node-feature-discovery-image/_service b/node-feature-discovery-image/_service new file mode 100644 index 0000000..8a9844d --- /dev/null +++ b/node-feature-discovery-image/_service @@ -0,0 +1,19 @@ + + + + + Dockerfile + %%node-feature-discovery_version%% + node-feature-discovery + patch + + + Dockerfile + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + SUPPORT_LEVEL=$(rpm --macros=/root/.rpmmacros -E %support_level) + SUPPORT_LEVEL + + -- 2.51.1 From bf0dfff3d7cd5ce671f0652b77f87e338c56f6da277f57149f6d2398a898c3e0 Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Sun, 26 Oct 2025 16:59:56 +0100 Subject: [PATCH 15/16] Updates Chart.yaml, _service, values.yaml and charts/sriov-nfd/values.yaml files in sriov-network-operator-chart package --- sriov-network-operator-chart/Chart.yaml | 6 ++-- sriov-network-operator-chart/_service | 14 ++++++++++ .../charts/sriov-nfd/values.yaml | 4 +-- sriov-network-operator-chart/values.yaml | 28 +++++++++---------- 4 files changed, 33 insertions(+), 19 deletions(-) diff --git a/sriov-network-operator-chart/Chart.yaml b/sriov-network-operator-chart/Chart.yaml index fd91649..6d7d470 100644 --- a/sriov-network-operator-chart/Chart.yaml +++ b/sriov-network-operator-chart/Chart.yaml @@ -1,5 +1,5 @@ -#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.2_up1.5.0-%RELEASE% -#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.2_up1.5.0 +#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.3_up1.5.0 +#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.3_up1.5.0-%RELEASE% annotations: catalog.cattle.io/auto-install: sriov-crd=match catalog.cattle.io/experimental: "true" @@ -25,4 +25,4 @@ name: sriov-network-operator sources: - https://github.com/k8snetworkplumbingwg/sriov-network-operator type: application -version: "%%CHART_MAJOR%%.0.2+up1.5.0" \ No newline at end of file +version: "%%CHART_MAJOR%%.0.3+up1.5.0" \ No newline at end of file diff --git a/sriov-network-operator-chart/_service b/sriov-network-operator-chart/_service index 399e403..c8baad3 100644 --- a/sriov-network-operator-chart/_service +++ b/sriov-network-operator-chart/_service @@ -7,4 +7,18 @@ CHART_MAJOR=$(rpm --macros=/root/.rpmmacros -E %{?chart_major}) CHART_MAJOR + + values.yaml + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + + + charts/sriov-nfd/values.yaml + IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix}) + IMG_PREFIX + IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo) + IMG_REPO + diff --git a/sriov-network-operator-chart/charts/sriov-nfd/values.yaml b/sriov-network-operator-chart/charts/sriov-nfd/values.yaml index d9ed05c..290cc2b 100644 --- a/sriov-network-operator-chart/charts/sriov-nfd/values.yaml +++ b/sriov-network-operator-chart/charts/sriov-nfd/values.yaml @@ -1,9 +1,9 @@ image: - repository: registry.rancher.com/rancher/hardened-node-feature-discovery + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%node-feature-discovery" # This should be set to 'IfNotPresent' for released version pullPolicy: IfNotPresent # tag, if defined will use the given image tag, else Chart.AppVersion will be used - tag: v0.15.7-build20250425 + tag: v0.15.7 imagePullSecrets: [] nameOverride: "" diff --git a/sriov-network-operator-chart/values.yaml b/sriov-network-operator-chart/values.yaml index 7eace4e..aaf1914 100644 --- a/sriov-network-operator-chart/values.yaml +++ b/sriov-network-operator-chart/values.yaml @@ -101,26 +101,26 @@ supportedExtraNICs: [] # Image URIs for sriov-network-operator components images: operator: - repository: registry.suse.com/rancher/hardened-sriov-network-operator - tag: v1.5.0-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-manager" + tag: v1.5.0 sriovConfigDaemon: - repository: registry.suse.com/rancher/hardened-sriov-network-config-daemon - tag: v1.5.0-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-config-daemon" + tag: v1.5.0 sriovCni: - repository: registry.suse.com/rancher/hardened-sriov-cni - tag: v2.9.0-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%sriov-cni" + tag: v2.9.0 ibSriovCni: - repository: registry.suse.com/rancher/hardened-ib-sriov-cni - tag: v1.2.1-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%ib-sriov-cni" + tag: v1.2.1 sriovDevicePlugin: - repository: registry.suse.com/rancher/hardened-sriov-network-device-plugin - tag: v3.9.0-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-device-plugin" + tag: v3.9.0 resourcesInjector: - repository: registry.suse.com/rancher/hardened-sriov-network-resources-injector - tag: v1.7.1-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%network-resources-injector" + tag: v1.7.1 webhook: - repository: registry.suse.com/rancher/hardened-sriov-network-webhook - tag: v1.5.0-build20250425 + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-webhook" + tag: v1.5.0 imagePullSecrets: [] extraDeploy: [] global: -- 2.51.1 From c4aefbf45562d76f8c408ccad449d5c340d6e53e4c1dd4fa82f554c28843137b Mon Sep 17 00:00:00 2001 From: Antonio Alonso Alarcon Date: Sun, 26 Oct 2025 17:05:18 +0100 Subject: [PATCH 16/16] Updates release_images.yaml to point to the new sriov-related images and release_manifest.yaml to point to the bumped (in the semver patch field) sriov-network-operator-chart --- release-manifest-image/release_images.yaml | 9 ++++++++- release-manifest-image/release_manifest.yaml | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/release-manifest-image/release_images.yaml b/release-manifest-image/release_images.yaml index c86ae66..2fc6b0c 100644 --- a/release-manifest-image/release_images.yaml +++ b/release-manifest-image/release_images.yaml @@ -11,6 +11,14 @@ images: - name: %%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller:v0.15.2 - name: %%IMG_REPO%%/%%IMG_PREFIX%%metallb-speaker:v0.15.2 - name: %%IMG_REPO%%/%%IMG_PREFIX%%upgrade-controller:0.1.1 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-manager:v1.5.0 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-config-daemon:v1.5.0 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-webhook:v1.5.0 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-cni:v2.9.0 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%ib-sriov-cni:v1.2.1 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%sriov-network-device-plugin:v3.9.0 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%network-resources-injector:v1.7.1 + - name: %%IMG_REPO%%/%%IMG_PREFIX%%node-feature-discovery:v0.15.7 - name: registry.rancher.com/rancher/fleet-agent:v0.13.1 - name: registry.rancher.com/rancher/fleet:v0.13.1 - name: registry.rancher.com/rancher/hardened-cluster-autoscaler:v1.10.2-build20250611 @@ -52,7 +60,6 @@ images: - name: registry.suse.com/rancher/cluster-api-provider-rke2-bootstrap:v0.20.1 - name: registry.suse.com/rancher/cluster-api-provider-rke2-controlplane:v0.20.1 - name: registry.suse.com/rancher/elemental-operator:1.7.3 - - name: registry.suse.com/rancher/hardened-sriov-network-operator:v1.5.0-build20250425 - name: registry.suse.com/rancher/ip-address-manager:v1.10.2 - name: registry.suse.com/suse/sles/15.7/cdi-apiserver:1.62.0-150700.9.3.1 - name: registry.suse.com/suse/sles/15.7/cdi-controller:1.62.0-150700.9.3.1 diff --git a/release-manifest-image/release_manifest.yaml b/release-manifest-image/release_manifest.yaml index 32cad0f..1359d5d 100644 --- a/release-manifest-image/release_manifest.yaml +++ b/release-manifest-image/release_manifest.yaml @@ -155,7 +155,7 @@ spec: - prettyName: SRIOV releaseName: sriov-network-operator chart: '%%CHART_REPO%%/%%CHART_PREFIX%%sriov-network-operator' - version: '%%CHART_MAJOR%%.0.2+up1.5.0' + version: '%%CHART_MAJOR%%.0.3+up1.5.0' dependencyCharts: - releaseName: sriov-crd chart: '%%CHART_REPO%%/%%CHART_PREFIX%%sriov-crd' -- 2.51.1