Skip to content
Open
Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
c5c7d35
Debian 13
majst01 Nov 6, 2025
bb66fd5
Fix docker installation
majst01 Nov 6, 2025
1c43632
Merge master
majst01 Nov 7, 2025
bf80b59
Do not install backport kernels
majst01 Nov 7, 2025
0587a14
Fix nvidia build
majst01 Nov 7, 2025
1c5ab53
Remove more debian:12 relicts
majst01 Nov 7, 2025
142d8fd
Fix
majst01 Nov 7, 2025
d9e5fa1
Merge master
majst01 Nov 12, 2025
c2084db
Merge main
majst01 Nov 12, 2025
4b29669
Merge main
majst01 Nov 20, 2025
473b082
Fix
majst01 Nov 20, 2025
6974a9e
Merge master
majst01 Jan 12, 2026
b122317
Pin containerd version
majst01 Jan 12, 2026
0e870a5
Merge master
majst01 Jan 12, 2026
a39d498
Merge master
majst01 Jan 12, 2026
16d359d
Merge branch 'master' into debian-13
majst01 Jan 13, 2026
d9cab96
Merge branch 'master' of https://github.com/metal-stack/metal-images …
majst01 Jan 20, 2026
5d13ba5
Merge branch 'debian-13' of https://github.com/metal-stack/metal-imag…
majst01 Jan 20, 2026
bfe257c
merge master
majst01 Feb 12, 2026
9e1e99d
Satisfy linter
majst01 Feb 12, 2026
4edcfac
Merge main
majst01 Mar 4, 2026
a7fa381
hint
majst01 Mar 4, 2026
a10e8e1
Nvidia is now debian-13 compatible
majst01 Mar 4, 2026
ac2b8a3
fsck.ext4 was missing
majst01 Mar 4, 2026
381363c
Add kernel headers
majst01 Mar 5, 2026
51b1cc7
install header
mwennrich Mar 5, 2026
db3a6ab
Merge master
majst01 Mar 9, 2026
b3cd983
Merge branch 'debian-13' of https://github.com/metal-stack/metal-imag…
majst01 Mar 9, 2026
3eb9945
Update critools and lldpd
majst01 Mar 10, 2026
dd959bf
Merge branch 'master' of https://github.com/metal-stack/metal-images …
majst01 Mar 10, 2026
17368c3
Updates
majst01 Mar 15, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/docker.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
matrix:
os:
- name: debian
version: 12
version: 13
- name: ubuntu
version: 24.04

Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,21 +41,21 @@ jobs:
- run: |
# copy supported images (entire stable folder cannot be copied as a whole because it contains obsolete images as well)
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/almalinux/9 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/almalinux/9
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/debian/12 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/debian/12
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/debian-nvidia/12 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/debian-nvidia/12
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/debian/13 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/debian/13
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/debian-nvidia/13 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/debian-nvidia/13
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/firewall/3.0-ubuntu gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/firewall/3.0-ubuntu
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/ubuntu/24.04 gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/ubuntu/24.04
gsutil -m cp -r gs://$GCS_BUCKET/metal-os/stable/capms-ubuntu/ gs://$GCS_BUCKET/metal-os/${GITHUB_REF##*/}/capms-ubuntu

docker pull ghcr.io/metal-stack/debian:12-stable
docker tag ghcr.io/metal-stack/debian:12-stable ghcr.io/metal-stack/debian:12
docker tag ghcr.io/metal-stack/debian:12-stable ghcr.io/metal-stack/debian:latest
docker push ghcr.io/metal-stack/debian:12
docker pull ghcr.io/metal-stack/debian:13-stable
docker tag ghcr.io/metal-stack/debian:13-stable ghcr.io/metal-stack/debian:13
docker tag ghcr.io/metal-stack/debian:13-stable ghcr.io/metal-stack/debian:latest
docker push ghcr.io/metal-stack/debian:13

docker pull ghcr.io/metal-stack/debian-nvidia:12-stable
docker tag ghcr.io/metal-stack/debian-nvidia:12-stable ghcr.io/metal-stack/debian-nvidia:12
docker tag ghcr.io/metal-stack/debian-nvidia:12-stable ghcr.io/metal-stack/debian-nvidia:latest
docker push ghcr.io/metal-stack/debian-nvidia:12
docker pull ghcr.io/metal-stack/debian-nvidia:13-stable
docker tag ghcr.io/metal-stack/debian-nvidia:13-stable ghcr.io/metal-stack/debian-nvidia:13
docker tag ghcr.io/metal-stack/debian-nvidia:13-stable ghcr.io/metal-stack/debian-nvidia:latest
docker push ghcr.io/metal-stack/debian-nvidia:13

docker pull ghcr.io/metal-stack/ubuntu:24.04-stable
docker tag ghcr.io/metal-stack/ubuntu:24.04-stable ghcr.io/metal-stack/ubuntu:24.04
Expand Down
10 changes: 5 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -50,14 +50,14 @@ test:

.PHONY: debian
debian: binary
Comment thread
majst01 marked this conversation as resolved.
Outdated
mkdir -p "images/debian/12"
OS_NAME=debian OUTPUT_FOLDER="" SEMVER_MAJOR_MINOR=12 docker buildx bake --no-cache debian
OS_NAME=debian OUTPUT_FOLDER="" CIS_VERSION=v4.1-4 SEMVER_MAJOR_MINOR=12 ./test.sh
mkdir -p "images/debian/13"
OS_NAME=debian OUTPUT_FOLDER="" SEMVER_MAJOR_MINOR=13 docker buildx bake --no-cache debian
OS_NAME=debian OUTPUT_FOLDER="" CIS_VERSION=v4.1-4 SEMVER_MAJOR_MINOR=13 ./test.sh

.PHONY: nvidia
nvidia:
mkdir -p "images/nvidia/12"
OS_NAME=nvidia OUTPUT_FOLDER="" SEMVER_MAJOR_MINOR=12 docker buildx bake --no-cache debian-nvidia
mkdir -p "images/nvidia/13"
OS_NAME=nvidia OUTPUT_FOLDER="" SEMVER_MAJOR_MINOR=13 docker buildx bake --no-cache debian-nvidia

.PHONY: ubuntu
ubuntu: binary
Expand Down
7 changes: 1 addition & 6 deletions debian-nvidia/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,10 @@ COPY --from=ctx . /
RUN set -ex \
&& rm -f /.dockerenv \
&& apt-get update \
&& apt-get remove --yes linux-image-*-amd64 \
&& apt-get install --yes -t bookworm-backports \
linux-image-amd64 \
linux-headers-amd64 \
&& apt-get install --yes \
dkms \
software-properties-common \
&& curl -fsSL https://developer.download.nvidia.com/compute/cuda/repos/debian12/x86_64/cuda-keyring_1.1-1_all.deb -o cuda-keyring_1.1-1_all.deb \
&& dpkg -i cuda-keyring_1.1-1_all.deb \
&& add-apt-repository contrib \
&& apt-get update \
&& apt-get install --yes \
cuda-drivers
Expand Down
4 changes: 0 additions & 4 deletions debian-nvidia/context/etc/apt/sources.list

This file was deleted.

10 changes: 6 additions & 4 deletions debian/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
ARG BASE_OS_NAME=debian
ARG BASE_OS_VERSION=bookworm
ARG BASE_OS_VERSION=trixie

FROM golang:1.22-bookworm AS ignition-builder
ARG IGNITION_BRANCH
Expand Down Expand Up @@ -48,7 +48,6 @@ RUN set -ex \
apt-utils \
ca-certificates \
cloud-init \
cpufrequtils \
curl \
cryptsetup \
dbus \
Expand Down Expand Up @@ -90,8 +89,11 @@ RUN set -ex \
&& userdel -f ubuntu || true \
&& curl -fLsS https://github.com/metal-stack/go-lldpd/releases/download/${GOLLDPD_VERSION}/go-lldpd.tgz -o /tmp/go-lldpd.tgz \
&& tar -xf /tmp/go-lldpd.tgz \
&& curl -fLsS ${DOCKER_URL}/linux/${DOCKER_APT_OS}/gpg | apt-key add - \
&& echo "deb [arch=amd64] ${DOCKER_URL}/linux/${DOCKER_APT_OS} ${DOCKER_APT_CHANNEL} stable" > /etc/apt/sources.list.d/docker.list \
&& curl -fLsS ${DOCKER_URL}/linux/${DOCKER_APT_OS}/gpg -o /etc/apt/keyrings/docker.asc \
&& chmod a+r /etc/apt/keyrings/docker.asc \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/$(. /etc/os-release && echo "$ID") \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \
&& apt-get update \
&& apt-get install --yes --no-install-recommends containerd.io=${CONTAINERD_VERSION} \
# generate a default containerd config because the one coming with the package prevents GNA to create a proper config for cgroup v2
Expand Down
9 changes: 5 additions & 4 deletions debian/context/kernel-installation.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,18 @@ if [ "${ID}" = "ubuntu" ] ; then
apt-get install --yes \
/tmp/linux-image* \
/tmp/linux-modules* \
cpufrequtils \
intel-microcode
else
echo "Debian - Install kernel"

cat <<EOF > /etc/apt/sources.list
deb http://deb.debian.org/debian bookworm main contrib non-free-firmware
deb http://deb.debian.org/debian bookworm-updates main contrib non-free-firmware
deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware
deb http://deb.debian.org/debian trixie main contrib non-free-firmware
deb http://deb.debian.org/debian trixie-updates main contrib non-free-firmware
deb http://security.debian.org/debian-security trixie-security main contrib non-free-firmware
EOF

apt update && apt install -y intel-microcode linux-image-${KERNEL_VERSION}-amd64
apt update && apt install -y intel-microcode linux-image-${KERNEL_VERSION}-amd64 linux-cpupower
fi

# Remove WIFI, netronome, v4l and liquidio firmware to save ~300MB image size
Expand Down
18 changes: 8 additions & 10 deletions docker-bake.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,15 @@ target "debian" {
}
args = {
BASE_OS_NAME = "debian"
BASE_OS_VERSION = "bookworm"
BASE_OS_VERSION = "trixie"
DOCKER_APT_OS = "debian"
DOCKER_APT_CHANNEL ="bookworm"
DOCKER_APT_CHANNEL ="trixie"
FRR_VERSION ="frr-10.4"
FRR_VERSION_DETAIL ="10.4.2-0~deb12u1"
FRR_APT_CHANNEL ="bookworm"
# see https://packages.debian.org/bookworm/kernel/ for available versions
# upgrade to > 6.1.0-40 actually not possible because it breaks calico:
# see https://github.com/projectcalico/calico/issues/11302#issuecomment-3526431095
KERNEL_VERSION = "6.1.0-40"
CONTAINERD_VERSION = "2.1.5-1~debian.12~bookworm"
FRR_VERSION_DETAIL ="10.4.2-0~deb13u1"
FRR_APT_CHANNEL ="trixie"
# see https://packages.debian.org/trixie/kernel/ for available versions
KERNEL_VERSION = "6.12.63+deb13"
CONTAINERD_VERSION = "2.1.5-1~debian.13~trixie"
}
tags = ["ghcr.io/metal-stack/debian:${SEMVER_MAJOR_MINOR}${SEMVER_PATCH}"]
}
Expand Down Expand Up @@ -97,7 +95,7 @@ target "ubuntu" {
FRR_VERSION_DETAIL ="10.4.2-0~ubuntu24.04.1"
FRR_APT_CHANNEL ="noble"
# see https://kernel.ubuntu.com/mainline for available versions
UBUNTU_MAINLINE_KERNEL_VERSION = "v6.12.56"
UBUNTU_MAINLINE_KERNEL_VERSION = "v6.12.64"
CONTAINERD_VERSION = "2.1.5-1~ubuntu.24.04~noble"
}
tags = ["ghcr.io/metal-stack/ubuntu:${SEMVER_MAJOR_MINOR}${SEMVER_PATCH}"]
Expand Down
6 changes: 3 additions & 3 deletions test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ set -ex
# uses cloud-hypervisor to spin up a thin VM based on the docker image of a metal-image
# examples:
# WORKS OS_NAME=ubuntu ./test.sh ghcr.io/metal-stack/ubuntu:24.04-stable
# WORKS OS_NAME=debian CIS_VERSION=v4.1-4 ./test.sh ghcr.io/metal-stack/debian:12-stable
# WORKS_WITH_METAL_KERNEL OS_NAME=debian-nvidia ./test.sh ghcr.io/metal-stack/debian-nvidia:12-stable
# WORKS_WITH_METAL_KERNEL OS_NAME=debian ./test.sh ghcr.io/metal-stack/debian:12-stable
# WORKS OS_NAME=debian CIS_VERSION=v4.1-4 ./test.sh ghcr.io/metal-stack/debian:13-stable
# WORKS_WITH_METAL_KERNEL OS_NAME=debian-nvidia ./test.sh ghcr.io/metal-stack/debian-nvidia:13-stable
# WORKS_WITH_METAL_KERNEL OS_NAME=debian ./test.sh ghcr.io/metal-stack/debian:13-stable
# WORKS OS_NAME=firewall ./test.sh ghcr.io/metal-stack/firewall:3.0-ubuntu-stable
# WORKS OS_NAME=almalinux ./test.sh ghcr.io/metal-stack/almalinux:9-stable

Expand Down
Loading