All but one (VPU) of the published container images can be built with
static binaries which allows us to use distroless/static as the
base image. Moreover, when combined with stripping the plugin binaries,
we can get both build time and image size savings.
This is the part 1 (out of 2) of the rework. Part 2 will finish the
change by making some adjustments to VPU plugin image and moving the
FPGA/SGX/GPU initcontainers to distroless/static too.
Partial: #516
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
fpga: make AFU resource name 63 char long
webhook: drop mode from README
webhook: extend mappings description
webhook: tighten CRD definitions
webhook: drop mapping to non-existing afuId
explicitly state mappings names can be in any format
use consistent terminology across fpga webhook and plugin
The certificate got signed for wrong service name (fallback default
"webhook-svc") due to incorrectly passed parameter. This showed as
"http: TLS handshake error from ... tls: bad certificate"
error in webhook pod logs.
Fixes: #303
Signed-off-by: Antti Kervinen <antti.kervinen@intel.com>
Setting --output-dir DIR enables writing contents of the secret to DIR
instead of creating the secret in the cluster. This allows creating
the secret later, for instance during fpga_plugin kustomization.
Signed-off-by: Antti Kervinen <antti.kervinen@intel.com>
This commit adds bash scripts with the proper granularity for each sub-stage,
needed for QAT device main stage validation.
Signed-off-by: Rivera Gonzalez, Julio C <julio.c.rivera.gonzalez@intel.com>
This commit adds a script that is (primarily) used in Dockerfiles
to install runtime Go dependencies' LICENSE/NOTICE files into the
image and modifies the Dockerfiles to use the script.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
opae-nlb-demo name is more descriptive about the content and becomes
base image agnostic.
Also, set ENTRYPOINT similar to what we did with other images
and deployment files.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Currently we have hardcoded mapping from human readable names of
AFs and FPGA regions like arria10-nlb0 to the resource names
produced by the FPGA device plugin. This is not sustainable
long term solution.
Implement CRD based mappings so that a new mapping can be added or
removed dynamically by cluster admins with CRD resources.
