sonic-buildimage/rules/config
lixiaoyuner 6993a384ad
[Build] Install k8s packages from sonic build storage to mitigate k8s source deprecation issue (#18280) (#18304)
Why I did it
pkgs.k8s.io: Introducing Kubernetes Community-Owned Package Repositories | Kubernetes

For 1.22.2 k8s packages, source repo has been deprecated, going to store these packages in sonic build storage for installation to mitigate the issue. Will migrate to new repo when we are ready to upgrade k8s version.

Work item tracking
Microsoft ADO (number only): 27075924
How I did it
Store the 1.22.2 k8s package in sonic build storage and install the package there.

How to verify it
"apt list" to check if it's installed.
2024-03-08 10:02:06 -08:00

328 lines
13 KiB
Plaintext

###############################################################################
## Configuration parameters for SONiC build system
###############################################################################
# SONIC_CONFIG_PRINT_DEPENDENCIES - show dependencies for each invoked target.
# Before executing rule for each target its dependencies are printed to console.
# Uncomment next line to enable:
# SONIC_CONFIG_PRINT_DEPENDENCIES = y
# SONIC_CONFIG_BUILD_JOBS - set number of jobs for parallel build.
# Corresponding -j argument will be passed to make command inside docker
# container.
SONIC_CONFIG_BUILD_JOBS = 1
# SONIC_CONFIG_MAKE_JOBS - set number of parallel make jobs per package.
# Corresponding -j argument will be passed to make/dpkg commands that build separate packages
SONIC_CONFIG_MAKE_JOBS = $(shell nproc)
# DEFAULT_BUILD_LOG_TIMESTAMP - add timestamp in build log
# Supported format: simple, none
DEFAULT_BUILD_LOG_TIMESTAMP = none
# SONIC_USE_DOCKER_BUILDKIT - use docker buildkit for build.
# If set to y SONiC build system will set environment variable DOCKER_BUILDKIT=1
# to enable docker buildkit.
# This options will speed up docker image build time.
# NOTE: SONIC_USE_DOCKER_BUILDKIT will produce larger installable SONiC image
# because of a docker bug (more details: https://github.com/moby/moby/issues/38903)
# SONIC_USE_DOCKER_BUILDKIT = y
# SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD - use native dockerd for build.
# If set to y SONiC build container will use native dockerd instead of dind for faster build.
# Special handling of the docker image file names is needed to avoid conflicts with
# other SONiC build jobs on the same server. This requires changes to the Dockerfile.j2 FROM statement
# in the dockers/ and platform/ subdirs to use a variable reference instead of an explicit image name.
# SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD = y
# SONIC_CONFIG_ENABLE_COLORS - enable colored output in build system.
# Comment next line to disable:
# SONIC_CONFIG_ENABLE_COLORS = y
# CHANGE_DEFAULT_PASSWORD - enforce default user/users to change password on 1st login
CHANGE_DEFAULT_PASSWORD ?= n
# DEFAULT_USERNAME - default username for installer build
DEFAULT_USERNAME = admin
# DEFAULT_PASSWORD - default password for installer build
DEFAULT_PASSWORD = YourPaSsWoRd
# ENABLE_DHCP_GRAPH_SERVICE - specify the source of minigraph to generate configuration file.
# If set to y SONiC will get the minigraph from graph service. Graph service URL need to be
# passed through DHCP option 225.
# If not set (default behavior) the default minigraph built into the image will be used.
# ENABLE_DHCP_GRAPH_SERVICE = y
# ENABLE_ZTP - installs Zero Touch Provisioning support.
# ENABLE_ZTP = y
# INCLUDE_PDE - Enable platform development enviroment
# INCLUDE_PDE = y
# SHUTDOWN_BGP_ON_START - if set to y all bgp sessions will be in admin down state when
# bgp service starts.
# SHUTDOWN_BGP_ON_START = y
# ENABLE_PFCWD_ON_START - if set to y PFC Watchdog (PFCWD) will be enabled all server-facing ports
# by default for TOR switch
# ENABLE_PFCWD_ON_START = y
# INSTALL_DEBUG_TOOLS - installs debugging tools in baseline docker
# Uncomment next line to enable:
# INSTALL_DEBUG_TOOLS = y
# SONIC_USE_PDDF_FRAMEWORK - Use PDDF generic drivers and plugins
# Uncomment next line to enable:
SONIC_USE_PDDF_FRAMEWORK = y
# SONIC_ROUTING_STACK - specify the routing-stack being elected to drive SONiC's control-plane.
# Supported routing stacks on SONiC are:
# routing-stacks: frr.
SONIC_ROUTING_STACK = frr
# ENABLE_SYNCD_RPC - build docker-syncd with rpc packages for testing purposes.
# Uncomment to enable:
# ENABLE_SYNCD_RPC = y
# Enable Origanization Extensions - Specific to the deployment scenarios of the Organization
ENABLE_ORGANIZATION_EXTENSIONS = y
# Debugging option allows sonic debian packages to get built including symbols
# information. Profiling option, disables compiler optimizations (-O0) as well
# as includes symbols information. Given that 'profiling' option is a superset
# of 'debugging' one, user should only enable either one option or the other --
# if both options are enabled, the 'profiling' one will prevail.
#SONIC_DEBUGGING_ON = y
#SONIC_PROFILING_ON = y
# DEFAULT_KERNEL_PROCURE_METHOD - default method for obtaining kernel
# build: build kernel from source
# download: download pre-built kernel from Azure storage.
DEFAULT_KERNEL_PROCURE_METHOD = build
# FRR user and group id values. These only take effect when SONIC_ROUTING_STACK is frr.
# Note: these values match the admin uid/gid of the host's admin account. If these values
# change and user doesn't want the frr uid/gid to potentially match a random user on the
# host, then either the appropriate account and group will need to be created on the host
# manually or changes need to be made when the image is built to create the account and
# group during installation.
FRR_USER_UID = 300
FRR_USER_GID = 300
# DPKG cache allows the .deb files to be stored in the cache path. This allows the submodules
# package to be cached and restored back if its commit hash is not modified and its dependencies are not modified.
# SONIC_DPKG_CACHE_METHOD - Default method of deb package caching
# none : no caching
# rwcache : Use cache if exists else build the source and update the cache
# wcache : Dont use the cache and just build the source and update the cache
# rcache : Use cache if exists, but dont update the cache
# cache : Same as rwcache
# SONIC_DPKG_CACHE_SOURCE - Stores the cache location details
SONIC_DPKG_CACHE_METHOD ?= none
SONIC_DPKG_CACHE_SOURCE ?= /var/cache/sonic/artifacts
# Default VS build memory preparation
DEFAULT_VS_PREPARE_MEM = yes
# INCLUDE_SYSTEM_GNMI - build docker-sonic-gnmi for system gnmi support
INCLUDE_SYSTEM_GNMI = y
# INCLUDE_SYSTEM_EVENTD - build docker-eventd for system eventd support
INCLUDE_SYSTEM_EVENTD = y
# INCLUDE_SYSTEM_TELEMETRY - build docker-sonic-telemetry for system telemetry support
INCLUDE_SYSTEM_TELEMETRY = n
# INCLUDE_ICCPD - build docker-iccpd for mclag support
INCLUDE_ICCPD = n
# INCLUDE_SFLOW - build docker-sflow for sFlow support
INCLUDE_SFLOW = y
# INCLUDE_MGMT_FRAMEWORK - build docker-sonic-mgmt-framework for CLI and REST server support
INCLUDE_MGMT_FRAMEWORK = y
# ENABLE_HOST_SERVICE_ON_START - enable sonic-host-server for mgmt-framework and/or
# gnmi containers to access host functionality by default
ENABLE_HOST_SERVICE_ON_START = y
# INCLUDE_RESTAPI - build docker-sonic-restapi for configuring the switch using REST APIs
INCLUDE_RESTAPI = n
# INCLUDE_NAT - build docker-nat for nat support
INCLUDE_NAT = y
# INCLUDE_DHCP_RELAY - build and install dhcp-relay package
INCLUDE_DHCP_RELAY = y
# INCLUDE_DHCP_SERVER - build and install dhcp-server package
INCLUDE_DHCP_SERVER ?= n
# INCLUDE_P4RT - build docker-p4rt for P4RT support
INCLUDE_P4RT = n
# ENABLE_AUTO_TECH_SUPPORT - Enable the configuration for event-driven techsupport & coredump mgmt feature
ENABLE_AUTO_TECH_SUPPORT = y
# ENABLE_TRANSLIB_WRITE - Enable translib write/config operations via the gNMI interface.
# Uncomment to enable:
# ENABLE_TRANSLIB_WRITE = y
# ENABLE_NATIVE_WRITE - Enable native write/config operations via the gNMI interface.
ENABLE_NATIVE_WRITE = y
# INCLUDE_MACSEC - build docker-macsec for macsec support
INCLUDE_MACSEC = y
# INCLUDE_GBSYNCD - build docker-gbsyncd-* for gearbox support
INCLUDE_GBSYNCD ?= y
# INCLUDE_TEAMD - build docker-teamd for LAG protocol support
INCLUDE_TEAMD ?= y
# INCLUDE_ROUTER_ADVERTISER - build docker-router-advertiser for router advertisements support
INCLUDE_ROUTER_ADVERTISER ?= y
# INCLUDE_KUBERNETES - if set to y kubernetes packages are installed to be able to
# run as worker node in kubernetes cluster.
INCLUDE_KUBERNETES ?= n
KUBE_DOCKER_PROXY = http://172.16.1.1:3128/
# KUBERNETES_VERSION - Set to the required version.
# K8s_GCR_IO_PAUSE_VERSION - Version of k8s universal pause container image
# These are Used *only* when INCLUDE_KUBERNETES=y
# NOTE: As a worker node it has to run version compatible to kubernetes master.
#
KUBERNETES_VERSION = 1.22.2-00
KUBERNETES_CNI_VERSION = 0.8.7-00
KUBERNETES_CRI_TOOLS_VERSION = 1.26.0-00
K8s_GCR_IO_PAUSE_VERSION = 3.5
# INCLUDE_KUBERNETES_MASTER - if set to y kubernetes packages are installed o be able
# to run as master node in kubernetes cluster
INCLUDE_KUBERNETES_MASTER ?= n
# MASTER_KUBERNETES_VERSION - version of k8s components
# MASTER_PAUSE_VERSION - version of pause container image
# MASTER_COREDNS_VERSION - version of coredns container image
# MASTER_ETCD_VERSION = version of etcd container image
# MASTER_CRI_DOCKERD = version of cri-dockerd container image
# MASTER_UI_METRIC_VERSION = version of k8s metrics server container image
# MASTER_UI_DASH_VERSION = version of k8s dashboard container image
# MASTER_MDM_VERSION = version of mdm container image
# MASTER_MDS_VERSION = version of mds container image
# MASTER_FLUENTD_VERSION = version of fluentd container image
MASTER_KUBERNETES_VERSION = 1.22.2-00
MASTER_KUBERNETES_CONTAINER_IMAGE_VERSION = v1.22.2
MASTER_PAUSE_VERSION = 3.5
MASTER_COREDNS_VERSION = v1.8.4
MASTER_ETCD_VERSION = 3.5.0-0
MASTER_CRI_DOCKERD = 0.3.1
MASTER_UI_METRIC_VERSION = v1.0.8
MASTER_UI_DASH_VERSION = v2.7.0
MASTER_MDM_VERSION = 2.2023.505.1124-45da18-20230505t1700
MASTER_MDS_VERSION = mariner_20230517.1
MASTER_FLUENTD_VERSION = mariner_20230517.1
# SONIC_ENABLE_IMAGE_SIGNATURE - enable image signature
# To not use the auto-generated self-signed certificate, the required files to sign the image as below:
# SIGNING_KEY =
# SIGNING_CERT =
# CA_CERT =
# The relative path is build root folder.
SONIC_ENABLE_IMAGE_SIGNATURE ?= n
# SONIC_ENABLE_SECUREBOOT_SIGNATURE - enable SONiC kernel signing to support UEFI secureboot
# To support UEFI secureboot chain of trust requires EFI kernel to be signed as a PE binary
# SIGNING_KEY =
# SIGNING_CERT =
# The absolute path should be provided.
SONIC_ENABLE_SECUREBOOT_SIGNATURE ?= n
# Full Secure Boot feature flags.
# SECURE_UPGRADE_DEV_SIGNING_KEY - path to development signing key, used for image signing during build
# SECURE_UPGRADE_SIGNING_CERT - path to development signing certificate, used for image signing during build
# SECURE_UPGRADE_MODE - enum value for secure upgrade mode, valid options are "dev", "prod" and "no_sign"
# SECURE_UPGRADE_PROD_SIGNING_TOOL - path to a vendor signing tool for production flow.
# SECURE_UPGRADE_PROD_TOOL_ARGS - Extra arguments options for vendor to use to run his specific prod signing script
SECURE_UPGRADE_DEV_SIGNING_KEY ?=
SECURE_UPGRADE_SIGNING_CERT ?=
SECURE_UPGRADE_MODE = "no_sign"
SECURE_UPGRADE_PROD_SIGNING_TOOL ?=
SECURE_UPGRADE_PROD_TOOL_ARGS ?=
# PACKAGE_URL_PREFIX - the package url prefix
PACKAGE_URL_PREFIX ?= https://packages.trafficmanager.net/public/packages
# TRUSTED_GPG_URLS - the trusted gpgs, separated by comma
TRUSTED_GPG_URLS = https://packages.trafficmanager.net/debian/public_key.gpg,https://packages.microsoft.com/keys/microsoft.asc
# SONIC_VERSION_CONTROL_COMPONENTS - Valid values: none|all|components..., the components consist of one or multiple: deb,py2,py3,web,git,docker, seperated by comma
# none : disable the version control
# all : enable the version control for all components
# deb : debian packages
# py2 : python2 packages
# py3 : python3 pakcages
# web : web packages, downloaded by wget, curl
# git : git repositories, donloaded by git clone
# docker: docker base images
SONIC_VERSION_CONTROL_COMPONENTS ?= none
# MIRROR_SNAPSHOT - support mirror snapshot flag
MIRROR_SNAPSHOT ?= n
# SONIC_VERSION_CACHE allows the .deb,.py, wget, git, docker and go files to be stored in the cache path. This allows the submodules to
# cache standard installation package and restored back to avoid the package download every time.
# SONIC_VERSION_CACHE - Method of deb package caching
# none : no caching
# cache : Use cache if exists else build the source and update the cache
# SONIC_VERSION_CACHE_SOURCE - Defines the version cache location details
SONIC_VERSION_CACHE_METHOD ?= none
SONIC_VERSION_CACHE_SOURCE ?= $(SONIC_DPKG_CACHE_SOURCE)/vcache
# SONiC docker registry
#
# Set the env variable ENABLE_DOCKER_BASE_PULL = y to enable pulling sonic-slave docker from registry
REGISTRY_PORT ?= 443
REGISTRY_SERVER ?= sonicdev-microsoft.azurecr.io
REGISTRY_SERVER_PATH ?=
# BUILD_MULTIASIC_KVM - if set to y multi-asic KVM images will be generated.
BUILD_MULTIASIC_KVM = n
# INCLUDE_MUX - build docker-mux for dual ToR (Gemini)
INCLUDE_MUX = y
# ENABLE_ASAN - enable address sanitizer
ENABLE_ASAN ?= n
# reset default container registry from dockerhub to other
DEFAULT_CONTAINER_REGISTRY ?=
# INCLUDE_BOOTCHART - install systemd-bootchart
INCLUDE_BOOTCHART = y
# ENABLE_BOOTCHART - whether to enable systemd-bootchart on boot
ENABLE_BOOTCHART = n
# INCLUDE_FIPS - support FIPS feature, only for amd64 or arm64, armhf not supported yet
# ENABLE_FIPS - support FIPS flag, if enabled, no additional config requred for the image to support FIPS
INCLUDE_FIPS ?= y
ENABLE_FIPS ?= n
# SONIC_SLAVE_DOCKER_DRIVER - set the sonic slave docker storage driver
SONIC_SLAVE_DOCKER_DRIVER ?= vfs
# GZ_COMPRESS_PROGRAM - select pigz (a parallel implementation of gzip) to reduce a build time
# and speed up a decompression of docker images on target system
GZ_COMPRESS_PROGRAM ?= gzip
# SONIC_OS_VERSION - sonic os version
SONIC_OS_VERSION ?= 11
# PIP timeout for http connection
PIP_HTTP_TIMEOUT ?= 60
# BUILD_REDUCE_IMAGE_SIZE - reduce the image size as much as possbible
BUILD_REDUCE_IMAGE_SIZE = n