From 1e55900a6941a654243bc50c3ff90691b1ef0a78 Mon Sep 17 00:00:00 2001 From: Antonin Bas Date: Mon, 16 Sep 2024 13:04:09 -0700 Subject: [PATCH] Upgrade Ubuntu to 24.04 (Noble) (#6575) Upgrade to ubuntu:24.04 in most places (except for a few build / test images which will be updated later on). In particular ubuntu:24.04 is now the base image for antrea/antrea-agent-ubuntu and antrea/controller-ubuntu. In order for our current version of OVS (2.17.7) to build correctly on Ubuntu 24.04, some "recent" patches have to be applied manually. After this change, the antrea/antrea-agent-ubuntu image is slightly bigger (344MB -> 372MB uncompressed), and the size increase seems to be driven by some systemd libraries. Signed-off-by: Antonin Bas --- .../antrea/templates/simulator/statefulset.yaml | 2 +- .../images/Dockerfile.build.controller.coverage | 2 +- build/images/Dockerfile.build.controller.ubuntu | 2 +- build/images/Dockerfile.build.migrator | 2 +- build/images/Dockerfile.controller.ubuntu | 2 +- build/images/Dockerfile.simulator.build.ubuntu | 2 +- build/images/base/Dockerfile | 2 +- build/images/base/Dockerfile.ubi | 2 +- build/images/base/build.sh | 6 +++--- build/images/flow-aggregator/Dockerfile | 2 +- build/images/flow-aggregator/Dockerfile.coverage | 2 +- build/images/ovs/Dockerfile | 6 +++--- build/images/ovs/Dockerfile.windows | 2 +- build/images/ovs/apply-patches.sh | 16 +++++++++++++--- build/images/ovs/build.sh | 8 ++++---- hack/build-antrea-linux-all.sh | 6 +++--- .../build/images/Dockerfile.build.coverage | 2 +- 17 files changed, 38 insertions(+), 28 deletions(-) diff --git a/build/charts/antrea/templates/simulator/statefulset.yaml b/build/charts/antrea/templates/simulator/statefulset.yaml index 79a380efd77..d170319c421 100644 --- a/build/charts/antrea/templates/simulator/statefulset.yaml +++ b/build/charts/antrea/templates/simulator/statefulset.yaml @@ -32,7 +32,7 @@ spec: serviceAccountName: antrea-agent initContainers: - name: init-inotify-limit - image: antrea/ubuntu:22.04 + image: antrea/ubuntu:24.04 command: ['sysctl', '-w', 'fs.inotify.max_user_instances=200'] securityContext: privileged: true diff --git a/build/images/Dockerfile.build.controller.coverage b/build/images/Dockerfile.build.controller.coverage index 346acb672bf..9980548ac81 100644 --- a/build/images/Dockerfile.build.controller.coverage +++ b/build/images/Dockerfile.build.controller.coverage @@ -28,7 +28,7 @@ RUN make antctl-instr-binary RUN make antrea-controller-instr-binary -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The Docker image to deploy the antrea-controller with code coverage measurement enabled (used for testing)." diff --git a/build/images/Dockerfile.build.controller.ubuntu b/build/images/Dockerfile.build.controller.ubuntu index 8b3ed63eac1..92be5b0bdf7 100644 --- a/build/images/Dockerfile.build.controller.ubuntu +++ b/build/images/Dockerfile.build.controller.ubuntu @@ -33,7 +33,7 @@ RUN --mount=type=cache,target=/go/pkg/mod/ \ --mount=type=cache,target=/root/.cache/go-build/ \ make antrea-controller -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The Docker image to deploy the antrea-controller." diff --git a/build/images/Dockerfile.build.migrator b/build/images/Dockerfile.build.migrator index b89a773ac5a..75024e4d1f2 100644 --- a/build/images/Dockerfile.build.migrator +++ b/build/images/Dockerfile.build.migrator @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The Docker image to migrate other CNIs to Antrea CNI." diff --git a/build/images/Dockerfile.controller.ubuntu b/build/images/Dockerfile.controller.ubuntu index 02d2a80c666..7d93539e3d3 100644 --- a/build/images/Dockerfile.controller.ubuntu +++ b/build/images/Dockerfile.controller.ubuntu @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The development Docker image to deploy the antrea-controller." diff --git a/build/images/Dockerfile.simulator.build.ubuntu b/build/images/Dockerfile.simulator.build.ubuntu index 21bba8fe842..b9192c7f0a2 100644 --- a/build/images/Dockerfile.simulator.build.ubuntu +++ b/build/images/Dockerfile.simulator.build.ubuntu @@ -26,7 +26,7 @@ COPY . /antrea RUN make antrea-agent-simulator -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The Docker image to deploy the Antrea simulator." diff --git a/build/images/base/Dockerfile b/build/images/base/Dockerfile index 9f10ebddc0c..8221325e9a2 100644 --- a/build/images/base/Dockerfile +++ b/build/images/base/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. ARG BUILD_TAG -FROM ubuntu:22.04 AS cni-binaries +FROM ubuntu:24.04 AS cni-binaries ARG CNI_BINARIES_VERSION diff --git a/build/images/base/Dockerfile.ubi b/build/images/base/Dockerfile.ubi index 0c101c89bbd..c6134bc911c 100644 --- a/build/images/base/Dockerfile.ubi +++ b/build/images/base/Dockerfile.ubi @@ -13,7 +13,7 @@ # limitations under the License. ARG BUILD_TAG -FROM ubuntu:22.04 AS cni-binaries +FROM ubuntu:24.04 AS cni-binaries ARG CNI_BINARIES_VERSION diff --git a/build/images/base/build.sh b/build/images/base/build.sh index 10ed579e0f1..f5355e25b3c 100755 --- a/build/images/base/build.sh +++ b/build/images/base/build.sh @@ -121,10 +121,10 @@ fi if $PULL; then # The ubuntu image is also used for the UBI build (for the cni-binaries intermediate image). if [[ ${DOCKER_REGISTRY} == "" ]]; then - docker pull $PLATFORM_ARG ubuntu:22.04 + docker pull $PLATFORM_ARG ubuntu:24.04 else - docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 - docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 ubuntu:22.04 + docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 + docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 ubuntu:24.04 fi if [ "$DISTRO" == "ubuntu" ]; then diff --git a/build/images/flow-aggregator/Dockerfile b/build/images/flow-aggregator/Dockerfile index a7451fb00b0..e844b93dc6c 100644 --- a/build/images/flow-aggregator/Dockerfile +++ b/build/images/flow-aggregator/Dockerfile @@ -34,7 +34,7 @@ RUN --mount=type=cache,target=/go/pkg/mod/ \ make flow-aggregator # Chose this base image so that a shell is available for users to exec into the container, run antctl and run tools like pprof easily -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The docker image for the flow aggregator" diff --git a/build/images/flow-aggregator/Dockerfile.coverage b/build/images/flow-aggregator/Dockerfile.coverage index 250b42bdf89..61c1cf9645d 100644 --- a/build/images/flow-aggregator/Dockerfile.coverage +++ b/build/images/flow-aggregator/Dockerfile.coverage @@ -27,7 +27,7 @@ RUN make antctl-instr-binary RUN make flow-aggregator-instr-binary -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The docker image for the flow aggregator with code coverage measurement enabled for testing purposes." diff --git a/build/images/ovs/Dockerfile b/build/images/ovs/Dockerfile index aad6aa0d9fb..626dfbb5173 100644 --- a/build/images/ovs/Dockerfile +++ b/build/images/ovs/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM ubuntu:22.04 AS ovs-debs +FROM ubuntu:24.04 AS ovs-debs # Some patches may not apply cleanly if a non-default version is provided. # See build/images/deps/ovs-version for the default version. @@ -39,10 +39,10 @@ RUN wget -q -O - https://www.openvswitch.org/releases/openvswitch-$OVS_VERSION.t cd / && rm -rf /tmp/openvswitch* -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " -LABEL description="A Docker image based on Ubuntu 22.04 which includes Open vSwitch built from source." +LABEL description="A Docker image based on Ubuntu 24.04 which includes Open vSwitch built from source." COPY --from=ovs-debs /tmp/ovs-debs/* /tmp/ovs-debs/ COPY charon-logging.conf /tmp diff --git a/build/images/ovs/Dockerfile.windows b/build/images/ovs/Dockerfile.windows index e713c1c1daf..ff14537c4aa 100644 --- a/build/images/ovs/Dockerfile.windows +++ b/build/images/ovs/Dockerfile.windows @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM --platform=linux/amd64 ubuntu:22.04 AS antrea-windows-builder +FROM --platform=linux/amd64 ubuntu:24.04 AS antrea-windows-builder ARG OVS_VERSION RUN apt-get update && \ diff --git a/build/images/ovs/apply-patches.sh b/build/images/ovs/apply-patches.sh index 03fc8d8d0ec..2270e1df794 100755 --- a/build/images/ovs/apply-patches.sh +++ b/build/images/ovs/apply-patches.sh @@ -107,8 +107,18 @@ if version_get "$OVS_VERSION" "2.13.0" && version_let "$OVS_VERSION" "2.17.5" ; apply_patch "489553b1c21692063931a9f50b6849b23128443c" fi +# These patches are necessary to avoid build errors on Ubuntu 24.04 (when generating manpages). +if version_lt "$OVS_VERSION" "3.3.0"; then + # https://github.com/openvswitch/ovs/commit/6180fefa835c7cad36e89f77f3d9de13c680fb88 + apply_patch "6180fefa835c7cad36e89f77f3d9de13c680fb88" + # https://github.com/openvswitch/ovs/commit/d542f0ea8587f9ae1cad1f9610b6f3ce62dc3b7a + apply_patch "d542f0ea8587f9ae1cad1f9610b6f3ce62dc3b7a" + # https://github.com/openvswitch/ovs/commit/e46d455201d08725687dc90d3d0ee99fe8f70ca6 + apply_patch "e46d455201d08725687dc90d3d0ee99fe8f70ca6" +fi + # OVS hardcodes the installation path to /usr/lib/python3.7/dist-packages/ but this location -# does not seem to be in the Python path in Ubuntu 22.04. There may be a better way to do this, +# does not seem to be in the Python path in Ubuntu. There may be a better way to do this, # but this seems like an acceptable workaround. -sed -i 's/python3\.7/python3\.10/' debian/openvswitch-test.install -sed -i 's/python3\.7/python3\.10/' debian/python3-openvswitch.install +sed -i 's/python3\.7/python3\.12/' debian/openvswitch-test.install +sed -i 's/python3\.7/python3\.12/' debian/python3-openvswitch.install diff --git a/build/images/ovs/build.sh b/build/images/ovs/build.sh index b50490bd500..a66dcb80ad2 100755 --- a/build/images/ovs/build.sh +++ b/build/images/ovs/build.sh @@ -125,16 +125,16 @@ fi if $PULL; then if [ "$DISTRO" == "ubuntu" ]; then if [[ ${DOCKER_REGISTRY} == "" ]]; then - docker pull $PLATFORM_ARG ubuntu:22.04 + docker pull $PLATFORM_ARG ubuntu:24.04 else - docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 - docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 ubuntu:22.04 + docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 + docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 ubuntu:24.04 fi elif [ "$DISTRO" == "ubi" ]; then docker pull $PLATFORM_ARG quay.io/centos/centos:stream9 docker pull $PLATFORM_ARG registry.access.redhat.com/ubi9 elif [ "$DISTRO" == "windows" ]; then - docker pull --platform linux/amd64 ubuntu:22.04 + docker pull --platform linux/amd64 ubuntu:24.04 fi fi diff --git a/hack/build-antrea-linux-all.sh b/hack/build-antrea-linux-all.sh index f0eb68dd8d2..be5176ceca6 100755 --- a/hack/build-antrea-linux-all.sh +++ b/hack/build-antrea-linux-all.sh @@ -137,11 +137,11 @@ fi # image! if $PULL; then if [[ ${DOCKER_REGISTRY} == "" ]]; then - docker pull $PLATFORM_ARG ubuntu:22.04 + docker pull $PLATFORM_ARG ubuntu:24.04 docker pull $PLATFORM_ARG golang:$GO_VERSION else - docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 - docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:22.04 ubuntu:22.04 + docker pull ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 + docker tag ${DOCKER_REGISTRY}/antrea/ubuntu:24.04 ubuntu:24.04 docker pull ${DOCKER_REGISTRY}/antrea/golang:$GO_VERSION docker tag ${DOCKER_REGISTRY}/antrea/golang:$GO_VERSION golang:$GO_VERSION fi diff --git a/multicluster/build/images/Dockerfile.build.coverage b/multicluster/build/images/Dockerfile.build.coverage index 1b72a756b24..85112643867 100644 --- a/multicluster/build/images/Dockerfile.build.coverage +++ b/multicluster/build/images/Dockerfile.build.coverage @@ -25,7 +25,7 @@ COPY . /antrea RUN cd multicluster && make antrea-mc-instr-binary -FROM ubuntu:22.04 +FROM ubuntu:24.04 LABEL maintainer="Antrea " LABEL description="The Docker image to deploy the Antrea Multi-cluster Controller with code coverage measurement enabled (used for testing)."