Move Settings Models to the Settings SDK #41
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds the ability to configure DNS name servers and search suffixes via a new settings prefix `settings.dns`. These DNS settings populate a configuration file which gets used by `netdog` to write the `resolv.conf`. `netdog write-resolv-conf` is triggered via restart command. If DNS settings exist, they are used to write the `resolv.conf`, otherwise the DHCP lease for the primary interface is used.
modeled_types: Use FromStr instead of TryFrom
This reverts commit cf7a49a705883bf5377f3a6de746aa8642a0a2ca.
Add a new boolean settings.boot.reboot-to-reconcile to govern whether Bottlerocket should automatically reboot if kernel or systemd command line parameters are reconfigured during boot. This could happen either via user-data or via a bootstrap container. In either case, command line changes for the kernel or systemd will not take effect until the next reboot. This change only introduces the new setting to the model and threads it through in all places touching BootSettings. The flag is not yet armed, i.e. no reboot action is taken. Signed-off-by: Markus Boehme <markubo@amazon.com>
This adds a new `kubernetes.log-level` setting to allow configuration of the kubelet logging verbosity. With this, an end user can turn up verbosity if they are trying to troubleshoot something, or turn down verbosity if they don't need as many log messages. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
In b696d6f, the new `kubernetes.log-level` setting was implemented but in the actual model the name of the new setting was `kubelet_log_level`. This renames it to `log_level` since that's what is used in the templated configuration files and in the documentation. Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Migrations: migrate to admin container v0.9.2
Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
The symlink points to the newer aws-k8s-1.24 variant Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
The symlink points to the newer vmware-k8s-1.24 variant Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
The symlink points to the newer metal-k8s-1.24 variant Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Add k8s 1.24 variants
This adds `settings.container-runtime.max-container-log-line-size` and `settings.container-runtime.max-concurrent-downloads` settings. The affect how containerd is configured. `max-container-log-line-size` controls how long a log line can be from a container before containerd breaks it into multiple separate lines. `max-concurrent-downloads` controls how many concurrent downloads will be done in parallel to download an image. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
- Remove aws-k8s-1.20 variant - Remove vmware-k8s-1.20 variant Signed-off-by: John McBride <jpmmcb@amazon.com>
I noticed while doing some other work that a couple imports ended up being inserted between a comment and the import it was commenting on. This moves that comment back to where it was supposed to be and runs format on the file to organize those imports. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
Signed-off-by: Ben Cressey <bcressey@amazon.com>
Adds configuration settings for controlling AWS credentials and configuration. This enables setting the `~/.aws/config` and `~/.aws/credentials` file contents so anything using an aws client can be configured to use something other than the default instance role. This adds the AwsSettings to the non-AWS k8s variants in preparation of their use for configuring credential providers. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
prepare foundations for Secure Boot and image resigning
packages: Add AWS config
Add kubelet config option `credential-providers` to allow configuring image credential provider settings. Mention of the new settings have been added to the README, but more detailed documentation on how to use the feature will be necessary. Those docs will be added in a future commit. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
This enables the ability to provide a TLS public and private key to be used by the kubelet process for HTTPS communication. This corresponds to the `--tls-cert-file` and `--tls-key-file` arguments (or the `tlsCertFile` and `tlsPrivateKeyFile` config settings). Signed-off-by: Sean McGinnis <stmcg@amazon.com>
This adds the capability to use Kubernetes image credential providers to retrieve credentials to use when pulling images for container creation. Initially we will only support the ecr-credential-provider, but things are set up so we may add more providers in future updates. Signed-off-by: Sean McGinnis <stmcg@amazon.com>
With this, 4 additional configurations for the ECS agent are supported though the API. There are two configuration files used to set up the ECS agent: - /etc/ecs/ecs.config.json - /etc/ecs/ecs.config We favor the former to add new configurations, and we only use the latter on special cases, i.e. when the configurations to be added aren't modeled as part of the struct that represents the agent's configuration, or when special deserialization is used to parse the configurations. The configurations added in this change are as follows: ECS_CONTAINER_STOP_TIMEOUT: supported through the container-stop-timeout API; this configuration is rendered in the /etc/ecs/ecs.config file since this configuration is of type Duration (1m, 1s, 1h). This type must be parsed by calling the time.ParseDuration function which isn't called under the hood by the serialization libraries used in the ECS agent. ECS_ENGINE_TASK_CLEANUP_WAIT_DURATION: supported through the task-cleanup-wait API; this configuration is of the same type as the previous configuration and was rendered following the same reasoning. ECS_RESERVED_MEMORY: supported through the reserved-memory API; this configuration is rendered in /etc/ecs/config.ecs.json since the configuration's type can be deserialized without additional helper functions. ECS_TASK_METADATA_RPS_LIMIT: this configuration represents a comma-separated string with two values used to set the throttling rates in the metadata service exposed by the ECS agent. These values don't have to be set together, since the ECS agent will use default values if either is missing. Thus, this configuration is supported through the metadata-service-rps and metadata-service-burst APIs. Both configurations are rendered in the /etc/ecs/confing.ecs.json file, since the configurations' type can be deserialized without additional helper functions. Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Add additional ECS API configurations
|
bcressey
approved these changes
Jun 14, 2024
|
I'm re-structuring this PR To bring the git history from the bottlerocket-os/bottlerocket with the contents that are copied. |
Signed-off-by: Sean P. Kelly <seankell@amazon.com>
This change also merges the settings-models and SDK workspaces.
|
bcressey
approved these changes
Jun 17, 2024
webern
approved these changes
Jun 17, 2024
This was referenced Aug 20, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
This moves the following packages from /~https://github.com/bottlerocket-os/bottlerocket to this repository:
modeled-types, useful Rust types that can be composed into new settings modelsmodel-derivemacro for auto-implementing useful string traits in settings modelsscalarandscalar-derivemacro to assist modeling scalar values in settings modelsThis change was constructed by copying content and git history from the Bottlerocket repository directly, and then making discrete changes to those contents as a series of commits -- the commit history is very useful in reviewing this change.
From a user perspective, the
bottlerocket-settings-modelspackage is meant to expose the public API of our existing models, as well as tools used to build new models.Pending
This is the script that was used to import git history from bottlerocket-os/bottlerocket:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.