diff --git a/Makefile b/Makefile index 47a736d54..009d7aabb 100644 --- a/Makefile +++ b/Makefile @@ -73,14 +73,15 @@ IMAGE_BUILD_ARGS = --build-arg VERSION=$(VERSION) \ --build-arg BASE_IMAGE_MINIMAL=$(BASE_IMAGE_MINIMAL) IMAGE_BUILD_ARGS_FULL = --target full \ - -t $(IMAGE_TAG) \ - $(foreach tag,$(IMAGE_EXTRA_TAGS),-t $(tag)) \ - $(IMAGE_BUILD_EXTRA_OPTS) ./ + -t $(IMAGE_TAG)-full \ + $(foreach tag,$(IMAGE_EXTRA_TAGS),-t $(tag)-full) \ + $(IMAGE_BUILD_EXTRA_OPTS) ./ IMAGE_BUILD_ARGS_MINIMAL = --target minimal \ - -t $(IMAGE_TAG)-minimal \ - $(foreach tag,$(IMAGE_EXTRA_TAGS),-t $(tag)-minimal) \ - $(IMAGE_BUILD_EXTRA_OPTS) ./ + -t $(IMAGE_TAG) \ + -t $(IMAGE_TAG)-minimal \ + $(foreach tag,$(IMAGE_EXTRA_TAGS),-t $(tag) -t $(tag)-minimal) \ + $(IMAGE_BUILD_EXTRA_OPTS) ./ all: image @@ -187,7 +188,7 @@ e2e-test: -nfd.pull-if-not-present=$(E2E_PULL_IF_NOT_PRESENT) \ -ginkgo.focus="\[kubernetes-sigs\]" \ $(if $(OPENSHIFT),-nfd.openshift,) - $(GO_CMD) test -v ./test/e2e/ -args -nfd.repo=$(IMAGE_REPO) -nfd.tag=$(IMAGE_TAG_NAME)-minimal \ + $(GO_CMD) test -v ./test/e2e/ -args -nfd.repo=$(IMAGE_REPO) -nfd.tag=$(IMAGE_TAG_NAME)-full \ -kubeconfig=$(KUBECONFIG) \ -nfd.e2e-config=$(E2E_TEST_CONFIG) \ -nfd.pull-if-not-present=$(E2E_PULL_IF_NOT_PRESENT) \ @@ -197,7 +198,12 @@ e2e-test: push: $(IMAGE_PUSH_CMD) $(IMAGE_TAG) $(IMAGE_PUSH_CMD) $(IMAGE_TAG)-minimal - for tag in $(IMAGE_EXTRA_TAGS); do $(IMAGE_PUSH_CMD) $$tag; $(IMAGE_PUSH_CMD) $$tag-minimal; done + $(IMAGE_PUSH_CMD) $(IMAGE_TAG)-full + for tag in $(IMAGE_EXTRA_TAGS); do \ + $(IMAGE_PUSH_CMD) $$tag; \ + $(IMAGE_PUSH_CMD) $$tag-minimal; \ + $(IMAGE_PUSH_CMD) $$tag-full; \ + done push-all: ensure-buildx yamls $(IMAGE_BUILDX_CMD) --push $(IMAGE_BUILD_ARGS) $(IMAGE_BUILD_ARGS_FULL) @@ -205,7 +211,7 @@ push-all: ensure-buildx yamls poll-images: set -e; \ - tags="$(foreach tag,$(IMAGE_TAG_NAME) $(IMAGE_EXTRA_TAG_NAMES),$(tag) $(tag)-minimal)" \ + tags="$(foreach tag,$(IMAGE_TAG_NAME) $(IMAGE_EXTRA_TAG_NAMES),$(tag) $(tag)-minimal $(tag)-full)" \ base_url=`echo $(IMAGE_REPO) | sed -e s'!\([^/]*\)!\1/v2!'`; \ for tag in $$tags; do \ image=$(IMAGE_REPO):$$tag \ diff --git a/docs/deployment/image-variants.md b/docs/deployment/image-variants.md index 67c58204b..6317e19ff 100644 --- a/docs/deployment/image-variants.md +++ b/docs/deployment/image-variants.md @@ -15,21 +15,24 @@ sort: 1 --- -NFD currently offers two variants of the container image. The "full" variant is +NFD currently offers two variants of the container image. The "minimal" variant is currently deployed by default. Released container images are available for x86_64 and Arm64 architectures. -## Full - -This image is based on [debian:bullseye-slim](https://hub.docker.com/_/debian) -and contains a full Linux system for running shell-based nfd-worker hooks and -doing live debugging and diagnosis of the NFD images. - ## Minimal This is a minimal image based on [gcr.io/distroless/base](https://github.com/GoogleContainerTools/distroless/blob/master/base/README.md) and only supports running statically linked binaries. -The container image tag has suffix `-minimal` -(e.g. `{{ site.container_image }}-minimal`) +For backwards compatibility a container image tag with suffix `-minimal` +(e.g. `{{ site.container_image }}-minimal`) is provided. + +## Full + +This image is based on [debian:bullseye-slim](https://hub.docker.com/_/debian) +and contains a full Linux system for running shell-based nfd-worker hooks and +doing live debugging and diagnosis of the NFD images. + +The container image tag has suffix `-full` +(e.g. `{{ site.container_image }}-full`). diff --git a/docs/reference/worker-configuration-reference.md b/docs/reference/worker-configuration-reference.md index 78a9468b5..654f3900d 100644 --- a/docs/reference/worker-configuration-reference.md +++ b/docs/reference/worker-configuration-reference.md @@ -336,6 +336,11 @@ Hooks are DEPRECATED since v0.12.0 release and support will be removed in a future release. Use [feature files](../usage//customization-guide.md#feature-files) instead. +Note: The default NFD container image only supports statically linked binaries. +Use the [full](../deployment/image-variants.md#full) image variant for a +slightly more extensive environment that additionally supports bash and perl +runtimes. + Related tracking issues: 1. Config option to disable hooks [#859](https://github.com/kubernetes-sigs/node-feature-discovery/issues/859). diff --git a/docs/usage/customization-guide.md b/docs/usage/customization-guide.md index 820924eb7..529dd884d 100644 --- a/docs/usage/customization-guide.md +++ b/docs/usage/customization-guide.md @@ -257,9 +257,8 @@ on the nfd-master command line. **DEPRECATED** The `local` source executes hooks found in `/etc/kubernetes/node-feature-discovery/source.d/`. The hook files must be executable and they are supposed to print all discovered features in `stdout`. -With ELF binaries static linking is recommended as the selection of system -libraries available in the NFD release image is very limited. Other runtimes -currently supported by the NFD image are bash and perl. +Since NFD v0.13 the default container image only supports statically linked ELF +binaries. `stderr` output of hooks is propagated to NFD log so it can be used for debugging and logging. @@ -284,8 +283,9 @@ sources: directory. It is the user's responsibility to review the hooks for e.g. possible security implications. -**NOTE:** The [minimal](../deployment/image-variants.md#minimal) image -variant only supports running statically linked binaries. +**NOTE:** The [full](../deployment/image-variants.md#full) image variant +provides backwards-compatibility with older NFD versions by including a more +expanded environment, supporting bash and perl runtimes. ### Feature files