Zakhar Bessarab
ff1bf76237
deployment/docker: add scratch-based images ( #6386 )
...
### Describe Your Changes
Scratch based images will be using a separate tag: "(version)-scratch"
and will be built for the same architecture as regular images.
This is useful for environments with higher security standards. In this
case using alpine as base layer requires updating images more frequently
in order to get the latest updates for the base image, even in case the
user did not need to update VictoriaMetrics version.
Tested that scratch images work for:
- vmagent - enterprise with kafka and opensource
- cluster
- single-node
No issues observed so far.
cc: @tenmozes
### Checklist
The following checks are **mandatory**:
- [x] My change adheres [VictoriaMetrics contributing
guidelines](https://docs.victoriametrics.com/contributing/ ).
---------
Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Co-authored-by: hagen1778 <roman@victoriametrics.com>
(cherry picked from commit 7dc9124ba7
)
2024-06-03 11:53:45 +02:00
Alexander Marshalov
7d532a31fb
Update base Alpine image to 3.20.0 to avoid security risks ( #6370 )
...
fixes: CVE-2023-42366, CVE-2023-42363, CVE-2024-4603, CVE-2024-2511,
CVE-2024-24788, CVE-2024-24787
2024-05-28 22:16:29 +02:00
Aliaksandr Valialkin
d341cd5db1
deployment/docker/Makefile: group app-via-docker-* and package-via-docker-* rules with CGO_ENABLED=1 together for better maintainability
2024-05-12 23:11:54 +02:00
Aliaksandr Valialkin
ebe1ede42e
deployment/docker/Makefile: rename EXTRA_ENVS to EXTRA_DOCKER_ENVS
...
The purpose of EXTRA_DOCKER_ENVS name is more clear than EXTRA_ENVS.
While at it, make the following small fixes:
- Pass GOARM=5 to Docker builder when building Docker packages for GOARCH=arm in the same way
it is passed to the builder when building production binaries for GOARCH=arm.
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4965
- Set GCO_ENABLED=1 for package-via-docker-amd64, which has been accidentally removed in 07496d7d92
- Consistently use 'CGO_ENABLED=... GOARCH=...' order of env vars at package-via-docker-*,
because this order is used in app-via-docker-*
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6158
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6172
This is a follow-up for 07496d7d92
and 7958f38864
2024-05-12 23:11:52 +02:00
Zhu Jiekun
139f909cdb
chore: [deployment] upgrade from go 1.22.2 to 1.22.3 to include security fixes ( #6238 )
...
### Describe Your Changes
upgrade from go 1.22.2 to 1.22.3 to include security fixes. Also see:
- https://go.dev/doc/devel/release
-
https://github.com/golang/go/issues?q=milestone%3AGo1.22.3+label%3ACherryPickApproved
### Checklist
The following checks are **mandatory**:
- [X] My change adheres [VictoriaMetrics contributing
guidelines](https://docs.victoriametrics.com/contributing/ ).
Signed-off-by: Jiekun <jiekun.dev@gmail.com>
(cherry picked from commit 02851d7800
)
2024-05-10 14:28:56 +02:00
Andrii Chubatiuk
8c97dc3b2c
deployment: update makefile package-* targets ( #6172 )
...
Updated package targets in a same manner, how it's done for publish ones
in
7958f38864
(cherry picked from commit 07496d7d92
)
2024-04-25 13:07:54 +02:00
Andrii Chubatiuk
29f9b8ef5d
deployment/docker: allow cross-platform building on arm64 platform ( #6158 )
...
Added x86_64 libraries to allow building cross-platform images on arm64
(cherry picked from commit 7958f38864
)
2024-04-23 14:52:30 +02:00
Aliaksandr Valialkin
ecf3dfde9a
deployment: update Go builder from 1.22.1 to 1.22.2
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.22.2+label%3ACherryPickApproved
2024-04-04 01:44:58 +03:00
Aliaksandr Valialkin
1df7e5b69d
deployment/docker: update Go builder from Go1.21.7 to Go1.22.1
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.22.1+label%3ACherryPickApproved
2024-03-06 21:04:44 +02:00
Aliaksandr Valialkin
4e5cbc5dc6
deployment/docker: downgrade Go builder from 1.22.0 to 1.21.7
...
Go1.22.0 contains the bug https://github.com/golang/go/issues/65705 ,
which prevents vmagent from normal operation.
2024-02-29 13:52:58 +02:00
Roman Khavronenko
baa32adc47
deployment: create a separate env for VictoriaLogs ( #5857 )
...
* deployment: create a separate env for VictoriaLogs
The new environment consists of the following components:
* VictoriaLogs
* fluentbit for collecting logs and sending to VictoriaLogs
* VictoriaMetrics for scraping and storing metrics from fluentbit and VictoriaLogs
* Grafana with VictoriaLogs datasource for monitoring
-----------------
The motivation for creating a separate environment is to simplify existing environments
and make it easier to update or modify them in future.
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2024-02-27 13:13:42 +02:00
Aliaksandr Valialkin
f5680a6857
all: upgrade Go builder from Go1.21.7 to Go1.22.0
...
See https://go.dev/doc/go1.22
2024-02-12 22:14:00 +02:00
Aliaksandr Valialkin
caf706fcc0
all: update Go builder from Go1.21.6 to Go1.21.7
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.7+label%3ACherryPickApproved
2024-02-07 04:01:05 +02:00
Aliaksandr Valialkin
6d766abde7
deployment/docker: upgrade base Docker image from Alpine 3.19.0 to 3.19.1
...
See https://www.alpinelinux.org/posts/Alpine-3.19.1-released.html
2024-01-30 22:47:29 +02:00
hagen1778
644d43620f
deployment/docker: follow-up 38b2a5bc44
...
* Simplify folder structure
* mention datasource in README
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2024-01-22 18:43:54 +02:00
Dmytro Kozlov
69e59ac9b7
deployment/docker: add grafana datasource to the docker-compose files ( #5363 )
...
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/3920
https://github.com/VictoriaMetrics/grafana-datasource/issues/113
2024-01-22 18:43:16 +02:00
Aliaksandr Valialkin
b7fcdb1985
deployment/docker: update Go builder from Go1.21.5 to Go1.21.6
2024-01-17 00:05:24 +02:00
Aliaksandr Valialkin
842aba3f46
deployment/docker: update base Docker image from alpine:3.18.5 to alpine:3.19.0
...
See https://www.alpinelinux.org/posts/Alpine-3.19.0-released.html
2023-12-10 02:28:31 +02:00
Aliaksandr Valialkin
12e94f10cc
deployment/docker: update Go builder from Go1.21.4 to Go1.21.5
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.5+label%3ACherryPickApproved
2023-12-06 22:33:27 +02:00
Aliaksandr Valialkin
a3d0bbfcda
deployment/docker: update backe Docker image from alpine 3.18.4 to 3.18.5
...
See https://www.alpinelinux.org/posts/Alpine-3.15.11-3.16.8-3.17.6-3.18.5-released.html
2023-12-04 18:17:07 +02:00
Aliaksandr Valialkin
0ccc1aca0a
deployment/docker: remove built binaries at bin folder after creating docker image from them at make publish-via-docker
2023-11-21 14:33:50 +02:00
Aliaksandr Valialkin
6b75523468
Makefile: speedup release
, publish
and crossbuild
rules by using parallel make
2023-11-20 23:07:11 +02:00
Aliaksandr Valialkin
7bbdecb79a
deployment: update Go builder from Go1.21.3 to Go1.21.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.4+label%3ACherryPickApproved
2023-11-13 09:40:08 +01:00
PhracturedBlue
6675d08ebc
Support building images via podman ( #4978 )
2023-11-13 09:35:02 +01:00
Aliaksandr Valialkin
ca35e0d66a
deployment/docker: update Go builder from Go1.21.1 to Go1.21.3
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.2+label%3ACherryPickApproved
and https://github.com/golang/go/issues?q=milestone%3AGo1.21.3+label%3ACherryPickApproved
2023-10-16 12:38:14 +02:00
Aliaksandr Valialkin
47741cd935
deployment/docker: update Alpine from 3.18.3 to 3.18.4
...
See https://alpinelinux.org/posts/Alpine-3.18.4-released.html
2023-10-02 21:54:57 +02:00
Aliaksandr Valialkin
677612c6cb
all: update Go builder from Go1.21.0 to Go1.21.1
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.21.1+label%3ACherryPickApproved
2023-09-07 11:36:49 +02:00
Aliaksandr Valialkin
fe739e771b
deployment/docker: properly build armv5 production builds for GOARCH=arm
...
Pass GOARM=5 when building GOARCH=arm production builds, since the default value for this env var
has been changed to GOARM=6 since Go1.21.0.
See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4965
and https://github.com/golang/go/issues/62475
2023-09-07 11:19:40 +02:00
Nikolay
e711c8877e
deployment/docker: disable provenance in buildx ( #4911 )
...
* deployment/docker: disable provenance in buildx
it must fix an issue with multi-platform manifest generation
at buildx >= 0.10 backward compatibility was broken and generated image cannot be used with docker systems that doesn't support oci.
disabling attestat temporary fixes it.
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/4907
https://docs.docker.com/build/attestations/slsa-provenance/
* Update docs/CHANGELOG.md
---------
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
2023-08-29 16:32:13 +02:00
Aliaksandr Valialkin
181a6152ae
deployment/docker/Makefile: upgrade base Docker image from alpine:3.18.2 to alpine:3.18.3
...
See https://alpinelinux.org/posts/Alpine-3.15.10-3.16.7-3.17.5-3.18.3-released.html
2023-08-12 06:00:07 -07:00
Aliaksandr Valialkin
4470856cc4
all: update Go builder from Go1.20.7 to Go1.21.0
...
See https://tip.golang.org/doc/go1.21
and https://go.dev/blog/go1.21
2023-08-11 06:26:27 -07:00
Roman Khavronenko
7220f70506
security: bump go version from 1.20.6 to 1.20.7 ( #4773 )
...
The update includes a security fix to the crypto/tls package,
as well as bug fixes to the assembler and the compiler.
See the list of issues addressed in Go1.20.7 here:
https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-08-11 04:44:01 -07:00
Anton Tykhyy
2107b3133e
Remove some repetitions in docker Makefile ( #4764 )
2023-08-11 04:00:26 -07:00
Aliaksandr Valialkin
b07a1c85b9
all: update Go builder from 1.20.5 to 1.20.6
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.6+label%3ACherryPickApproved
2023-07-12 01:00:24 -07:00
Sergey
747c39d714
security: update base Alpine image to 3.18.2 to avoid security risks ( #4571 )
...
libcrypto3 and libssl3 in Alpine 3.18.0 have versions `3.1.0-r4`
which contains CVE-2023-2650:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650
Use ALpine image 3.18.2 which contains fixed versions of libssl3
and libcrypto3: 3.1.1-r0
NB: In Openshift these containers are marked as vulnerabilities
because of these CVEs.
2023-07-06 22:12:20 -07:00
Max Golionko
75d9914916
CI: disable docker scan, enable auto release to sandbox ( #4476 )
...
* disable docker scan
* disable nightly, enable auto release to sandbox
* remove whitespace
2023-07-06 22:02:48 -07:00
Roman Khavronenko
4624fda00d
all: update Go builder from Go1.20.4 to Go1.20.5 ( #4427 )
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.5+label%3ACherryPickApproved
Signed-off-by: hagen1778 <roman@victoriametrics.com>
(cherry picked from commit 476c7bdd6f
)
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-06-09 10:42:15 +02:00
Aliaksandr Valialkin
93f934eae3
deployment/docker/Makefile: use alpine 3.17.3 instead of alpine 3.18.0 for certs image, since alpine 3.18.0 doesnt work for cross-platform builds
2023-05-18 14:11:02 -07:00
Denys Holius
211f48fed6
deployment/docker/Makefile: updated docker compose commands regarding migration from V1 to V2 ( #4314 )
...
deployment/docker/Makefile: updated docker compose commands regarding migration from V1 to V2
2023-05-18 10:48:35 -07:00
Aliaksandr Valialkin
e6648d14b2
deployment/docker: update base docker image from 3.17.3 to 3.18.0
...
See https://www.alpinelinux.org/posts/Alpine-3.18.0-released.html
2023-05-12 17:31:35 -07:00
Aliaksandr Valialkin
8cca9ed0d9
all: update Go builder from Go1.20.3 to Go1.20.4
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
2023-05-09 22:31:08 -07:00
Zakhar Bessarab
2856e15a6e
deployment/docker: allow overriding docker namespace ( #4265 )
...
It makes it easier for users who build and self-host images to publish their images without changing tags manually.
Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>
2023-05-09 21:44:22 -07:00
Aliaksandr Valialkin
52c46f49e1
all: update Go builder from Go1.20.2 to Go1.20.3
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.3+label%3ACherryPickApproved
2023-04-05 13:38:44 -07:00
Aliaksandr Valialkin
43b431d322
deployment/docker: update base Docker image from Alpine 3.17.2 to Alpine 3.17.3
...
This fixes security issues from https://alpinelinux.org/posts/Alpine-3.17.3-released.html
This is a follow-up for 59c350d0d2
2023-03-31 22:54:48 -07:00
Aliaksandr Valialkin
0627b845be
deployment/docker/Makefile: properly add amd64 suffix to windows binary names
2023-03-19 00:18:58 -07:00
Aliaksandr Valialkin
3473e83246
deployment/docker/Makefile: build CGO-enabled vmagent for GOARCH=arm64
...
Updates https://github.com/VictoriaMetrics/VictoriaMetrics/issues/2271
This is a follow-up for 565497fb074321caedea38d5151044d98d92d759
2023-03-18 23:15:38 -07:00
Nikolay
a61106d965
Vmagent kafka updates ( #535 )
...
* app/vmagent: allow vm proto for kafka consumer and producer
it should reduce network usage up to 50%.
According to benchmarks without any encoding at kafka topic, it reduces traffic up to 50%.
With enabled zstd at kafka topic, it shows no diffence in traffic. So it
doesn't make much sense to use it.
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1225
* mention eb61a7dd68b834b08d01727a918f207700348ada at changelog
* app/vmagent: bumps kafka lib version
it allows compiling vmagent for arm64 machines
fixes https://github.com/VictoriaMetrics/VictoriaMetrics/issues/2271
* mention d19b1a888248c96cfd7ccee00ba6f596d89be1d7 at change log
* app/vmagent: adds natural concurrency for kafka consumer
it should improve performance for data consumption
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/1957
* mention change 0c143bb22ca2e7e0b7eec9bc84a94ee2b41626ca
* Update app/vmagent/kafka/consumer.go
Co-authored-by: Roman Khavronenko <roman@victoriametrics.com>
* Update app/vmagent/kafka/consumer_cgo.go
Co-authored-by: Roman Khavronenko <roman@victoriametrics.com>
---------
Co-authored-by: Aliaksandr Valialkin <valyala@victoriametrics.com>
Co-authored-by: Roman Khavronenko <roman@victoriametrics.com>
2023-03-15 13:03:51 -07:00
Roman Khavronenko
b6ed977fa4
security: bump go version to 1.20.2 ( #3935 )
...
upgrade Go builder from Go1.20.1 to Go1.20.2
See the list of issues addressed in Go1.20.2 here (https://github.com/golang/go/issues?q=milestone%3AGo1.20.2+label%3ACherryPickApproved ).
Signed-off-by: hagen1778 <roman@victoriametrics.com>
2023-03-11 23:38:14 -08:00
Aliaksandr Valialkin
ecc84f7923
all: update Go builder from Go1.20.0 to Go1.20.1
...
See https://github.com/golang/go/issues?q=milestone%3AGo1.20.1+label%3ACherryPickApproved
2023-02-14 23:05:54 -08:00
Aliaksandr Valialkin
4d9aaff3e1
all: update alpine base docker image from 1.17.1 to 1.17.2
...
See https://alpinelinux.org/posts/Alpine-3.17.2-released.html
2023-02-11 00:37:28 -08:00