Skip to content

Commit

Permalink
feat: introduce LLDPD extension service
Browse files Browse the repository at this point in the history
LLDPD service is depending on configuration to not start LLDPD before the user have ensured a LLDPD configuration they want to use is in place

Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
Signed-off-by: Noel Georgi <git@frezbo.dev>
  • Loading branch information
salkin authored and frezbo committed Oct 16, 2024
1 parent 6a184b8 commit 8a7635b
Show file tree
Hide file tree
Showing 16 changed files with 198 additions and 9 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
#
# Generated on 2024-08-29T14:13:04Z by kres b5ca957.
# Generated on 2024-10-15T11:50:44Z by kres 34e72ac.

name: default
concurrency:
Expand Down Expand Up @@ -33,7 +33,7 @@ jobs:
labels: ${{ steps.retrieve-pr-labels.outputs.result }}
services:
buildkitd:
image: moby/buildkit:v0.15.2
image: moby/buildkit:v0.16.0
options: --privileged
ports:
- 1234:1234
Expand Down Expand Up @@ -143,7 +143,7 @@ jobs:
- default
services:
buildkitd:
image: moby/buildkit:v0.15.2
image: moby/buildkit:v0.16.0
options: --privileged
ports:
- 1234:1234
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/weekly.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
#
# Generated on 2024-08-29T14:13:04Z by kres b5ca957.
# Generated on 2024-10-15T11:50:44Z by kres 34e72ac.

name: weekly
concurrency:
Expand All @@ -16,7 +16,7 @@ jobs:
- pkgs
services:
buildkitd:
image: moby/buildkit:v0.15.2
image: moby/buildkit:v0.16.0
options: --privileged
ports:
- 1234:1234
Expand Down
1 change: 1 addition & 0 deletions .kres.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ spec:
- intel-ucode
- iscsi-tools
- kata-containers
- lldpd
- mdadm
- mei
- nut-client
Expand Down
1 change: 1 addition & 0 deletions MAINTAINERS.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ If the field is marked as `Needs Maintainer`, it means that the package is curre
| intel-ucode | Sidero Labs | NA |
| iscsi-tools | Sidero Labs | NA |
| kata-containers | Fabiano Fidêncio | [fidencio](https://github.com/fidencio) |
| lldpd | Nokia (Niklas Wik) | [salkin](https://github.com/salkin) |
| mdadm | Serge Logvinov | [sergelogvinov](https://github.com/sergelogvinov) |
| mei | Nick Meyer | [e3b0c442](https://github.com/e3b0c442) |
| nut-client | Sidero Labs | NA |
Expand Down
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ TARGETS += intel-ice-firmware
TARGETS += intel-ucode
TARGETS += iscsi-tools
TARGETS += kata-containers
TARGETS += lldpd
TARGETS += mdadm
TARGETS += mei
TARGETS += nut-client
Expand Down
9 changes: 5 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ cosign verify --certificate-identity-regexp '@siderolabs\.com$' --certificate-oi
| [mei](drivers/mei/) | [ghcr.io/siderolabs/mei](https://github.com/siderolabs/extensions/pkgs/container/mei) | Driver for Intel Management Engine | `talos version` |
| [nvidia](nvidia-gpu/nvidia-modules/) | [ghcr.io/siderolabs/nvidia-open-gpu-kernel-modules](https://github.com/siderolabs/extensions/pkgs/container/nvidia-open-gpu-kernel-modules) | NVIDIA OSS Driver | `nvidia driver upstream version`-`talos version` |
| [thunderbolt](drivers/thunderbolt/) | [ghcr.io/siderolabs/thunderbolt](https://github.com/siderolabs/extensions/pkgs/container/thunderbolt) | Thunderbolt drivers | `talos version` |
| [uinput](drivers/uinput/) | [ghcr.io/siderolabs/uinput](https://github.com/siderolabs/extensions/pkgs/container/uinput) | uinput drivers | `talos version` |
| [uinput](drivers/uinput/) | [ghcr.io/siderolabs/uinput](https://github.com/siderolabs/extensions/pkgs/container/uinput) | uinput drivers | `talos version` |
| [usb-modem](drivers/usb-modem/) | [ghcr.io/siderolabs/usb-modem-drivers](https://github.com/siderolabs/extensions/pkgs/container/usb-modem-drivers) | USB Modem drivers | `talos version` |
| [v4l-uvc](drivers/v4l-uvc/) | [ghcr.io/siderolabs/v4l-uvc-drivers](https://github.com/siderolabs/extensions/pkgs/container/v4l-uvc-drivers) | USB Video Class (Webcam) drivers | `talos version` |

Expand All @@ -85,9 +85,10 @@ cosign verify --certificate-identity-regexp '@siderolabs\.com$' --certificate-oi

### Network

| Name | Image | Description | Version Format |
| ------------------------------- | ------------------------------------------------------------------------------------------------- | ---------------------------------- | ------------------ |
| [tailscale](network/tailscale/) | [ghcr.io/siderolabs/tailscale](https://github.com/siderolabs/extensions/pkgs/container/tailscale) | [Tailscale](https://tailscale.com) | `upstream version` |
| Name | Image | Description | Version Format |
| ------------------------------- | ------------------------------------------------------------------------------------------------- | -------------------------------------- | ------------------ |
| [tailscale](network/tailscale/) | [ghcr.io/siderolabs/tailscale](https://github.com/siderolabs/extensions/pkgs/container/tailscale) | [Tailscale](https://tailscale.com) | `upstream version` |
| [lldpd](network/lldpd/) | [ghcr.io/siderolabs/lldpd](https://github.com/siderolabs/extensions/pkgs/container/lldpd) | [LLDP](https://github.com/lldpd/lldpd) | `upstream version` |

### Storage

Expand Down
5 changes: 5 additions & 0 deletions hack/release.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,10 @@ See [Talos Linux documentation](https://www.talos.dev/v1.9/talos-guides/configur
"""

[notes]
[notes.lldpd]
title = "LLDP"
description = """
lldpd is now available as a system extension.
"""

[make_deps]
39 changes: 39 additions & 0 deletions network/lldpd/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
# LLDPD

Adds https://lldpd.github.io/ as system extensions.
This means a lldpd server is started that sends/receives LLDP messages.

## Installation

See [Installing Extensions](https://github.com/siderolabs/extensions#installing-extensions).

## Usage

Configure the extension via `ExtensionServiceConfig` document. You can add any lldpd related configuration and these will be executed at the LLDPD server startup.

```yaml
---
apiVersion: v1alpha1
kind: ExtensionServiceConfig
name: lldpd
configFiles:
- content: |
configure lldpd portidsubtype ifname
unconfigure lldp management-addresses-advertisements
unconfigure lldp capabilities-advertisements
configure system description "Talos Node"
mountPath: /usr/local/etc/lldpd/lldpd.conf
```
Then apply the patch to your node's MachineConfigs
```bash
talosctl patch mc -p @lldpd-config.yaml
```

You will then be able to verify that it is in place with the following command
```bash
talosctl get extensionserviceconfigs

NODE NAMESPACE TYPE ID VERSION
mynode runtime ExtensionServiceConfig lldpd 1
```
1 change: 1 addition & 0 deletions network/lldpd/files/group
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
root:x:0:
1 change: 1 addition & 0 deletions network/lldpd/files/passwd
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
root:x:0:0:root:/:/sbin/false
52 changes: 52 additions & 0 deletions network/lldpd/lldpd.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
# © 2024 Nokia
# Licensed under the Mozilla Public License 2.0
# SPDX-License-Identifier: MPL-2.0
name: lldpd
depends:
- service: cri
- network:
- addresses
- connectivity
- etcfiles
- configuration: true
container:
args:
- -d
- -u
- /var/run/lldpd/lldpd.socket
- -I
- eth*,enp*,ens*,eno*
entrypoint: /usr/local/sbin/lldpd
mounts:
# release file
- source: /etc/os-release
destination: /etc/os-release
type: bind
options:
- bind
- ro
# libs
- source: /lib
destination: /lib
type: bind
options:
- bind
- ro
# more libs
- source: /usr/lib
destination: /usr/lib
type: bind
options:
- bind
- ro
# lldpd socket
- source: /var/run/lldpd
destination: /var/run/lldpd
type: bind
options:
- bind
- rw
security:
writeableRootfs: false
writeableSysfs: true
restart: always
13 changes: 13 additions & 0 deletions network/lldpd/manifest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# © 2024 Nokia
# Licensed under the Mozilla Public License 2.0
# SPDX-License-Identifier: MPL-2.0
version: v1alpha1
metadata:
name: lldpd
version: "$VERSION"
author: Niklas Wik
description: |
LLDP adds a LLDP discovery service to Talos. LLDP cli can be used to interface with the daemon.
compatibility:
talos:
version: ">= v1.7.0"
67 changes: 67 additions & 0 deletions network/lldpd/pkg.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
# © 2024 Nokia
# Licensed under the Mozilla Public License 2.0
# SPDX-License-Identifier: MPL-2.0
name: lldpd
variant: scratch
shell: /toolchain/bin/bash
dependencies:
- stage: base
steps:
- sources:
- url: https://github.com/lldpd/lldpd/releases/download/{{ .LLDPD_VERSION }}/lldpd-{{ .LLDPD_VERSION }}.tar.gz
destination: lldpd.tar.gz
sha256: 38cd319aa02ab61d9a2ad130e22f906795ccca9ac73a0a0d9dac19ca99a8a870
sha512: c8734221767cd879c98ea3ee6fa80e1dce2f8470a97b0f757cfe7ef8fe2adaf878fdedcda896cf65e1af980634f2ab312588658fb85f89c6d5b6cc9d2da52045
# ref: https://git.alpinelinux.org/aports/tree/main/libc-dev
# https://wiki.musl-libc.org/faq.html#Q:-Why-is-%3Ccode%3Esys/queue.h%3C/code%3E-not-included
- url: https://git.alpinelinux.org/aports/plain/main/libc-dev/sys-queue.h?id=87f42de0e1c1c6d2b229edfc126a3d4191c835ed
sha256: c13407edd0e33be73cae72514cb234f8612e1c0e54401c9448daffd3a240158b
sha512: 2f0d5e6e4dc3350285cf17009265dddcbe12431c111868eea39bc8cb038ab7c1f2acacbb21735c4e9d4a1fd106a8fc0f8611ea33987d4faba37dde5ce6da0750
destination: sys-queue.h
env:
SOURCE_DATE_EPOCH: {{ .BUILD_ARG_SOURCE_DATE_EPOCH }}
prepare:
- |
sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml
- |
tar -xf lldpd.tar.gz --strip-components=1
mkdir -p /usr/local/include/sys
cp sys-queue.h /usr/local/include/sys/queue.h
- |
ln -sf /toolchain/bin/env /usr/bin/env
export CFLAGS="${CFLAGS} -I/usr/local/include"
./configure \
--prefix=/usr/local \
--libexecdir=/usr/local/lib/lldpd \
--datadir=/usr/local/share/lldpd \
--sysconfdir=/usr/local/etc/lldpd \
--enable-hardening \
--with-privsep-user=root \
--with-privsep-group=root \
--with-privsep-chroot=/opt/lldpd
build:
- |
make -j $(nproc) all
install:
- |
mkdir -p /rootfs/usr/local/{etc/containers,lib/containers/lldpd/{etc,opt/lldpd}}
cp /pkg/lldpd.yaml /rootfs/usr/local/etc/containers/lldpd.yaml
cp /pkg/files/* /rootfs/usr/local/lib/containers/lldpd/etc
make DESTDIR=/rootfs/usr/local/lib/containers/lldpd install-exec
test:
- |
mkdir -p /extensions-validator-rootfs
cp -r /rootfs/ /extensions-validator-rootfs/rootfs
cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml
/extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}"
finalize:
- from: /rootfs
to: /rootfs
- from: /pkg/manifest.yaml
to: /
4 changes: 4 additions & 0 deletions network/lldpd/vars.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# © 2024 Nokia
# Licensed under the Mozilla Public License 2.0
# SPDX-License-Identifier: MPL-2.0
VERSION: "{{ .LLDPD_VERSION }}"
2 changes: 2 additions & 0 deletions network/vars.yaml
Original file line number Diff line number Diff line change
@@ -1,2 +1,4 @@
# renovate: datasource=github-releases extractVersion=^v(?<version>.*)$ depName=tailscale/tailscale
TAILSCALE_VERSION: 1.72.1
# renovate: datasource=github-releases depName=lldpd/lldpd
LLDPD_VERSION: 1.0.18
1 change: 1 addition & 0 deletions reproducibility/pkg.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ dependencies:
- stage: iscsi-tools
# kata-containers can be ignored from reproducibility test since it's a tarball downloaded and extracted (no build happens)
# - stage: kata-containers
- stage: lldpd
- stage: mdadm
# mei can be ignored from reproducibility test since it's kernel modules copied from pkgs
# - stage: mei
Expand Down

0 comments on commit 8a7635b

Please sign in to comment.