feat(docker-image)!: Update quay.io/containerdisks/ubuntu Docker tag to v24

Signed-off-by: maximilian.bartz <maximilian.bartz@phoenix-systems.ch>

README.md

@@ -21,3 +21,4 @@
   $ oc get all -n tenant-tpl
 
 ```
+  Great big fire

deployment/ks.yaml

@@ -1,13 +1,14 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: &app ubuntu-vm-6
-  namespace: ${TENANT_NAMESPACE}
+  name: &app ubuntu-deployment
+  namespace: demo
 spec:
+  targetNamespace: demo
   commonMetadata:
     labels:
       app.kubernetes.io/name: *app
-  path: ./ubuntu-vm-3/ubuntu
+  path: ./deployment/ubuntu-deployment
   prune: true
   sourceRef:
     kind: GitRepository

deployment/ubuntu-deployment/datadisk.yaml

@@ -1,12 +1,14 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: windows-vm-datadisk-john
+  name: ubuntu-pod-datadisk-1
+  namespace: demo
+  labels:
+    app: ubuntu-deployment
 spec:
-  storageClassName: ibm-spectrum-scale-fileset
   volumeMode: Filesystem
-  accessModes:
-    - ReadWriteMany
+  accessModes: [ "ReadWriteOnce" ]
+  storageClassName: ibm-spectrum-scale-fileset
   resources:
     requests:
-      storage: 200Gi
+      storage: 50Gi

deployment/ubuntu-deployment/pod-service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: ubuntu-pod-ssh
+  namespace: demo
+  labels:
+    app: ubuntu-deployment
+spec:
+  selector:
+    app: ubuntu-deployment
+  clusterIP: None
+  ports:
+    - name: internal
+      port: 21354
+      targetPort: 21354

deployment/ubuntu-deployment/pod.yaml

@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ubuntu-deployment
+  namespace: demo
+  labels:
+    app: ubuntu-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ubuntu-deployment
+  template:
+    metadata:
+      labels:
+        app: ubuntu-deployment
+    spec:
+      hostname: ubuntu
+      subdomain: pod
+      securityContext:
+        runAsNonRoot: true
+        fsGroup: 1001070000
+        fsGroupChangePolicy: OnRootMismatch
+        seccompProfile:
+          type: RuntimeDefault
+      containers:
+        - name: ubuntu-deployment-pod
+          image: ubuntu:22.04
+          imagePullPolicy: IfNotPresent
+          command: ["bash","-lc","sleep infinity"]
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop: ["ALL"]
+            readOnlyRootFilesystem: false
+          resources:
+            requests:
+              cpu: 200m
+              memory: 512Mi
+            limits:
+              cpu: "1"
+              memory: 1Gi
+          volumeMounts:
+            - name: ubuntu-pod-datadisk-1
+              mountPath: /data
+      volumes:
+        - name: ubuntu-pod-datadisk-1
+          persistentVolumeClaim:
+            claimName: ubuntu-pod-datadisk-1

kustomization.yaml

@@ -12,9 +12,7 @@ resources:
   - ubuntu-vm-1/ks.yaml
   - ubuntu-vm-2/ks.yaml
   - ubuntu-vm-3/ks.yaml
-  - ubuntu-vm-4-john/ks.yaml
-  - ubuntu-vm-5/ks.yaml
-  - ubuntu-vm-6/ks.yaml
+  - deployment/ks.yaml
   - container/ks-debug.yaml
   - templates/image-server/ks-nginx.yaml
   - templates/image-server/ks-pvc.yaml
@@ -22,5 +20,3 @@ resources:
   - templates/windowsserver/ks-flavor.yaml
   - templates/windowsserver-rh/ks-flavor.yaml
   - postgres/ks.yaml
-# - windows-vm-standard-john/ks-vm.yaml
-# - windows-vm-standard-john/ks-pvc.yaml

ubuntu-vm-3/ks.yaml

@@ -7,7 +7,7 @@ spec:
   commonMetadata:
     labels:
       app.kubernetes.io/name: *app
-  path: ./ubuntu-vm-3/ubuntu
+  path: ./ubuntu-vm-3/vm
   prune: true
   sourceRef:
     kind: GitRepository

ubuntu-vm-3/ubuntu/ubuntu-vm.yaml

@@ -1,50 +0,0 @@
-apiVersion: kubevirt.io/v1
-kind: VirtualMachine
-metadata:
-  name: ubuntu-vm-3
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  running: true
-  template:
-    metadata:
-      labels:
-        kubevirt.io/domain: ubuntu-vm-3
-    spec:
-      domain:
-        cpu:
-          cores: 2
-        devices:
-          disks:
-            - disk:
-                bus: virtio
-              name: containerdisk
-            - disk:
-                bus: virtio
-              name: cloudinitdisk
-        resources:
-          requests:
-            memory: 2Gi
-            cpu: 1
-          limits:
-            memory: 2Gi
-            cpu: 2
-        memory:
-          guest: 2Gi
-      volumes:
-        - name: containerdisk
-          containerDisk:
-            image: quay.io/containerdisks/ubuntu:24.04
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            userData: |
-              #cloud-config
-              users:
-                - name: testuser
-                groups: [sudo]
-                sudo: "ALL=(ALL) NOPASSWD:ALL"
-                lock_passwd: false
-                passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1"
-
-                chpasswd: 
-                expire: false
-                ssh_pwauth: true

ubuntu-vm-3/vm/pvc/ubuntu-datadisk.yaml

@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: ubuntu-datadisk-1
+  name: ubuntu-datadisk-3
   namespace: ${TENANT_NAMESPACE}
   labels:
-    app: ubuntu-vm-1
+    app: ubuntu-vm-3
 spec:
   volumeMode: Filesystem
   accessModes:

ubuntu-vm-3/vm/ubuntu/ubuntu-vm.yaml

@@ -1,7 +1,7 @@
 apiVersion: kubevirt.io/v1
 kind: VirtualMachine
 metadata:
-  name: &name ubuntu-vm-1
+  name: &name ubuntu-vm-3
   namespace: ${TENANT_NAMESPACE}
 spec:
   running: true
@@ -12,13 +12,13 @@ spec:
         kubevirt.io/domain: *name
     spec:
       hostname: ubuntu
-      subdomain: vitabyte
+      subdomain: test
       domain:
         devices:
           disks:
             - disk:
                 bus: scsi
-              name: ubuntu-rootdisk
+              name: ubuntu-rootdisk-3
             - disk:
                 bus: scsi
               name: ubuntu-datadisk
@@ -37,12 +37,12 @@ spec:
             cpu: 2
             memory: 2Gi
       volumes:
-        - name: ubuntu-rootdisk
+        - name: ubuntu-rootdisk-3
           containerDisk:
             image: quay.io/containerdisks/ubuntu:24.04
         - name: ubuntu-datadisk
           persistentVolumeClaim:
-            claimName: ubuntu-datadisk-1
+            claimName: ubuntu-datadisk-3
         - name: cloudinit-disk
           cloudInitNoCloud:
             secretRef:

ubuntu-vm-4-john/ks.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app ubuntu-vm-4-john
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./ubuntu-vm-4-john/ubuntu
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: tenant-repos
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m

ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml

@@ -1,48 +0,0 @@
-apiVersion: kubevirt.io/v1
-kind: VirtualMachine
-metadata:
-  name: ubuntu-vm-4-john
-  namespace: kubevirt-vms
-spec:
-  running: true
-  template:
-    metadata:
-      labels:
-        kubevirt.io/domain: ubuntu-vm-4-john
-    spec:
-      domain:
-        cpu:
-          cores: 2
-        devices:
-          disks:
-            - disk:
-                bus: virtio
-              name: containerdisk
-            - disk:
-                bus: virtio
-              name: cloudinitdisk
-        resources:
-          requests:
-            memory: 2Gi
-            cpu: 1
-          limits:
-            memory: 2Gi
-            cpu: 2
-        memory:
-          guest: 2Gi
-      volumes:
-        - name: containerdisk
-          containerDisk:
-            image: quay.io/containerdisks/ubuntu:24.04
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            userData: |
-              #cloud-config
-              hostname: ubuntu-vm-2
-              ssh_pwauth: True
-              users:
-                - name: ubuntu
-                  ssh-authorized-keys:
-                    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPqlhZW/pPLK8zENt3o6tgl0QVinhGAF1sHvajqq3UvI ubuntu
-                  sudo: ['ALL=(ALL) NOPASSWD:ALL']
-                  shell: /bin/bash

ubuntu-vm-5/ks.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app ubuntu-vm-5
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./ubuntu-vm-5/vm
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: tenant-repos
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m

ubuntu-vm-6/ubuntu/ubuntu-vm.yaml

@@ -1,50 +0,0 @@
-apiVersion: kubevirt.io/v1
-kind: VirtualMachine
-metadata:
-  name: ubuntu-vm-3
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  running: true
-  template:
-    metadata:
-      labels:
-        kubevirt.io/domain: ubuntu-vm-3
-    spec:
-      domain:
-        cpu:
-          cores: 2
-        devices:
-          disks:
-            - disk:
-                bus: virtio
-              name: containerdisk
-            - disk:
-                bus: virtio
-              name: cloudinitdisk
-        resources:
-          requests:
-            memory: 2Gi
-            cpu: 1
-          limits:
-            memory: 2Gi
-            cpu: 2
-        memory:
-          guest: 2Gi
-      volumes:
-        - name: containerdisk
-          containerDisk:
-            image: quay.io/containerdisks/ubuntu:24.04
-        - name: cloudinitdisk
-          cloudInitNoCloud:
-            userData: |
-              #cloud-config
-              users:
-                - name: testuser
-                groups: [sudo]
-                sudo: "ALL=(ALL) NOPASSWD:ALL"
-                lock_passwd: false
-                passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1"
-
-                chpasswd: 
-                expire: false
-                ssh_pwauth: true

windows-vm-standard-john/ks-pvc.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app windows-pvc-john
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./windows-vm-standard-john/pvc
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: tenant-repos
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m

windows-vm-standard-john/ks-vm.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: &app windows-vm-standard-john
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  commonMetadata:
-    labels:
-      app.kubernetes.io/name: *app
-  path: ./windows-vm-standard-john/vm
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: tenant-repos
-  wait: false
-  interval: 30m
-  retryInterval: 1m
-  timeout: 5m

windows-vm-standard-john/vm/server.yaml

@@ -1,82 +0,0 @@
-apiVersion: kubevirt.io/v1
-kind: VirtualMachine
-metadata:
-  name: windows-vm-standard-john
-  namespace: ${TENANT_NAMESPACE}
-spec:
-  dataVolumeTemplates:
-    - metadata:
-        name: windows-rootdisk-john
-      spec:
-        source:
-          http:
-            url: http://nginx.demo.svc.cluster.local:80/windows-server-2022-uefi-ns.qcow2
-        storage:
-          resources:
-            requests:
-              storage: 80Gi
-#        sourceRef:
-#          kind: DataSource
-#          name: win2k22
-#          namespace: openshift-virtualization-os-images
-  runStrategy: Always
-  template:
-    metadata:
-      labels:
-        kubevirt.io/domain: windows-vm-standard-john
-    spec:
-      domain:
-        cpu:
-          cores: 4
-        memory:
-          guest: 8Gi
-        features:
-          acpi: {}
-          smm:
-            enabled: true
-        firmware:
-          bootloader:
-            efi: {}
-        devices:
-          rng: {}
-          networkInterfaceMultiqueue: true
-          interfaces:
-            - name: default
-              masquerade: {}
-              ports:
-              - port: 8080
-              - port: 443
-              - port: 22
-              - port: 3389
-          disks:
-            - disk:
-                bus: sata
-              name: rootdisk-john
-            - disk:
-                bus: sata
-              name: datadisk-john
-           # - disk:
-           #     bus: scsi
-           #   name: cloudinitdisk
-        resources:
-          requests:
-            memory: 8Gi
-            cpu: 4
-          limits:
-            memory: 8Gi
-            cpu: 4
-      networks:
-        - name: default
-          pod: {}
-      terminationGracePeriodSeconds: 180
-      volumes:
-        - name: rootdisk-john
-          dataVolume:
-            name: windows-rootdisk-john
-        - name: datadisk-john
-          persistentVolumeClaim:
-            claimName: windows-vm-datadisk-john
-        #- name: cloudinitdisk
-        #  cloudInitNoCloud:
-        #    secretRef:
-        #      name: windows-cloud-init