diff --git a/README.md b/README.md index ab459866b3..1b11c45658 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,7 @@ | [newrelic](./images/newrelic) | `cgr.dev/chainguard/newrelic` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/newrelic.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/newrelic:latest) | | [nginx](./images/nginx) | `cgr.dev/chainguard/nginx` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/nginx.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/nginx:latest) | | [node](./images/node) | `cgr.dev/chainguard/node` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/node.build.status.18.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/node:18) | +| [node-problem-detector](./images/node-problem-detector) | `cgr.dev/chainguard/node-problem-detector` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/node-problem-detector.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/node-problem-detector:latest) | | [nodetaint](./images/nodetaint) | `cgr.dev/chainguard/nodetaint` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/nodetaint.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/nodetaint:latest) | | [ntpd-rs](./images/ntpd-rs) | `cgr.dev/chainguard/ntpd-rs` | experimental | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/ntpd-rs.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/ntpd-rs:latest) | | [nvidia-device-plugin](./images/nvidia-device-plugin) | `cgr.dev/chainguard/nvidia-device-plugin` | stable | [![](https://storage.googleapis.com/chainguard-images-build-outputs/badges/nvidia-device-plugin.build.status.latest.svg)](https://registry-ui.chainguard.app/?image=cgr.dev/chainguard/nvidia-device-plugin:latest) | diff --git a/images/node-problem-detector/README.md b/images/node-problem-detector/README.md new file mode 100644 index 0000000000..b67916882e --- /dev/null +++ b/images/node-problem-detector/README.md @@ -0,0 +1,38 @@ + +# node-problem-detector +| | | +| - | - | +| **Status** | stable | +| **OCI Reference** | `cgr.dev/chainguard/node-problem-detector` | + + +* [View Image in Chainguard Academy](https://edu.chainguard.dev/chainguard/chainguard-images/reference/node-problem-detector/overview/) +* [View Image Catalog](https://console.enforce.dev/images/catalog) for a full list of available tags. +*[Contact Chainguard](https://www.chainguard.dev/chainguard-images) for enterprise support, SLAs, and access to older tags.* + +--- + + +[node-problem-detector](https://github.com/kubernetes/node-problem-detector) aims to make various node problems visible to the upstream layers in the cluster management stack. + +## Get It! + +The image is available on `cgr.dev`: + +``` +docker pull cgr.dev/chainguard/node-problem-detector +``` + +## Usage + +Install via `helm` using the upstream source shown below: + +```bash +helm repo add deliveryhero https://charts.deliveryhero.io/ +helm upgrade --install npd deliveryhero/node-problem-detector \ + --namespace node-problem-detector \ + --create-namespace \ + --set image.repository=cgr.dev/chainguard/node-problem-detector \ + --set image.tag=latest +``` + diff --git a/images/node-problem-detector/configs/latest.apko.yaml b/images/node-problem-detector/configs/latest.apko.yaml new file mode 100644 index 0000000000..dde4ae6b19 --- /dev/null +++ b/images/node-problem-detector/configs/latest.apko.yaml @@ -0,0 +1,51 @@ +contents: + packages: + - node-problem-detector + - node-problem-detector-compat + - health-checker + - log-counter + +accounts: + groups: + - groupname: nonroot + gid: 65532 + users: + - username: nonroot + uid: 65532 + gid: 65532 + run-as: 0 + +paths: + - path: /config + type: directory + uid: 65532 + gid: 65532 + permissions: 0o777 + recursive: true + - path: /custom-config + type: directory + uid: 65532 + gid: 65532 + permissions: 0o777 + recursive: true + - path: /var/log + type: directory + uid: 65532 + gid: 65532 + permissions: 0o777 + recursive: true + - path: /dev + type: directory + uid: 65532 + gid: 65532 + permissions: 0o777 + recursive: true + +entrypoint: + command: /usr/bin/node-problem-detector +cmd: --config.system-log-monitor=/config/kernel-monitor.json + +annotations: + "org.opencontainers.image.authors": "Chainguard Team https://www.chainguard.dev/" + "org.opencontainers.image.url": https://edu.chainguard.dev/chainguard/chainguard-images/reference/node-problem-detector/ + "org.opencontainers.image.source": https://github.com/chainguard-images/images/tree/main/images/node-problem-detector diff --git a/images/node-problem-detector/image.yaml b/images/node-problem-detector/image.yaml new file mode 100644 index 0000000000..b286ab5206 --- /dev/null +++ b/images/node-problem-detector/image.yaml @@ -0,0 +1,3 @@ +versions: + - apko: + config: configs/latest.apko.yaml diff --git a/images/node-problem-detector/main.tf b/images/node-problem-detector/main.tf new file mode 100644 index 0000000000..2467a8d493 --- /dev/null +++ b/images/node-problem-detector/main.tf @@ -0,0 +1,55 @@ +terraform { + required_providers { + apko = { source = "chainguard-dev/apko" } + oci = { source = "chainguard-dev/oci" } + } +} + +variable "target_repository" { + description = "The docker repo into which the image and attestations should be published." +} + +module "latest" { + source = "../../tflib/publisher" + target_repository = var.target_repository + config = file("${path.module}/configs/latest.apko.yaml") +} + +module "dev" { source = "../../tflib/dev-subvariant" } + +module "latest-dev" { + source = "../../tflib/publisher" + + target_repository = var.target_repository + config = jsonencode(module.latest.config) +} + +module "version-tags" { + source = "../../tflib/version-tags" + package = "node-problem-detector" + config = module.latest.config +} + +module "test-latest" { + source = "./tests" + digest = module.latest.image_ref +} + +module "test-latest-dev" { + source = "./tests" + digest = module.latest-dev.image_ref +} + +module "tagger" { + source = "../../tflib/tagger" + + depends_on = [ + module.test-latest, + module.test-latest-dev, + ] + + tags = merge( + { for t in toset(concat(["latest"], module.version-tags.tag_list)) : t => module.latest.image_ref }, + { for t in toset(concat(["latest"], module.version-tags.tag_list)) : "${t}-dev" => module.latest-dev.image_ref }, + ) +} diff --git a/images/node-problem-detector/tests/main.tf b/images/node-problem-detector/tests/main.tf new file mode 100644 index 0000000000..8fb961fddc --- /dev/null +++ b/images/node-problem-detector/tests/main.tf @@ -0,0 +1,28 @@ +terraform { + required_providers { + oci = { source = "chainguard-dev/oci" } + } +} + +variable "digest" { + description = "The image digest to run tests over." +} + +data "oci_string" "ref" { input = var.digest } + +resource "random_pet" "suffix" {} + +resource "helm_release" "node-problem-detector" { + name = "npd-${random_pet.suffix.id}" + repository = "https://charts.deliveryhero.io/" + chart = "node-problem-detector" + namespace = "npd-${random_pet.suffix.id}" + create_namespace = true + + values = [jsonencode({ + image = { + repository = data.oci_string.ref.registry_repo + tag = data.oci_string.ref.pseudo_tag + } + })] +} diff --git a/main.tf b/main.tf index 61992eeba1..401b356789 100644 --- a/main.tf +++ b/main.tf @@ -544,6 +544,11 @@ module "nodetaint" { target_repository = "${var.target_repository}/nodetaint" } +module "node-problem-detector" { + source = "./images/node-problem-detector" + target_repository = "${var.target_repository}/node-problem-detector" +} + module "ntpd-rs" { source = "./images/ntpd-rs" target_repository = "${var.target_repository}/ntpd-rs"