···

       
788
       
788
       
 
       
     and use Maturin as their build tool.

     

       
789
       
789
       
 
       
    </para>

     

       
790
       
790
       
 
       
   </listitem>

     

       
791
       
791
       
+
       
   <listitem>

     

       
792
       
792
       
+
       
    <para>

     

       
793
       
793
       
+
       
     Kubernetes has <link xlink:href="https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/">deprecated docker</link> as container runtime.

     

       
794
       
794
       
+
       
     As a consequence, the Kubernetes module now has support for configuration of custom remote container runtimes and enables containerd by default.

     

       
795
       
795
       
+
       
     Note that containerd is more strict regarding container image OCI-compliance.

     

       
796
       
796
       
+
       
     As an example, images with CMD or ENTRYPOINT defined as strings (not lists) will fail on containerd, while working fine on docker.

     

       
797
       
797
       
+
       
     Please test your setup and container images with containerd prior to upgrading.

     

       
798
       
798
       
+
       
    </para>

     

       
799
       
799
       
+
       
   </listitem>

     

       
791
       
800
       
 
       
  </itemizedlist>

     

       
792
       
801
       
 
       
 </section>

     

       
793
       
802
       
 
       
</section>

     

···

       
1053
       
1053
       
 
       
  ./testing/service-runner.nix

     

       
1054
       
1054
       
 
       
  ./virtualisation/anbox.nix

     

       
1055
       
1055
       
 
       
  ./virtualisation/container-config.nix

     

       
1056
       
1056
       
+
       
  ./virtualisation/containerd.nix

     

       
1056
       
1057
       
 
       
  ./virtualisation/containers.nix

     

       
1057
       
1058
       
 
       
  ./virtualisation/nixos-containers.nix

     

       
1058
       
1059
       
 
       
  ./virtualisation/oci-containers.nix

     

···

       
3
       
3
       
 
       
with lib;

     

       
4
       
4
       
 
       


     

       
5
       
5
       
 
       
let

     

       
6
       
6
       
-
       
  version = "1.6.4";

     

       
6
       
6
       
+
       
  version = "1.7.1";

     

       
7
       
7
       
 
       
  cfg = config.services.kubernetes.addons.dns;

     

       
8
       
8
       
 
       
  ports = {

     

       
9
       
9
       
 
       
    dns = 10053;

     
···

       
55
       
55
       
 
       
      type = types.attrs;

     

       
56
       
56
       
 
       
      default = {

     

       
57
       
57
       
 
       
        imageName = "coredns/coredns";

     

       
58
       
58
       
-
       
        imageDigest = "sha256:493ee88e1a92abebac67cbd4b5658b4730e0f33512461442d8d9214ea6734a9b";

     

       
58
       
58
       
+
       
        imageDigest = "sha256:4a6e0769130686518325b21b0c1d0688b54e7c79244d48e1b15634e98e40c6ef";

     

       
59
       
59
       
 
       
        finalImageTag = version;

     

       
60
       
60
       
-
       
        sha256 = "0fm9zdjavpf5hni8g7fkdd3csjbhd7n7py7llxjc66sbii087028";

     

       
60
       
60
       
+
       
        sha256 = "02r440xcdsgi137k5lmmvp0z5w5fmk8g9mysq5pnysq1wl8sj6mw";

     

       
61
       
61
       
 
       
      };

     

       
62
       
62
       
 
       
    };

     

       
63
       
63
       
 
       
  };

     
···

       
156
       
156
       
 
       
            health :${toString ports.health}

     

       
157
       
157
       
 
       
            kubernetes ${cfg.clusterDomain} in-addr.arpa ip6.arpa {

     

       
158
       
158
       
 
       
              pods insecure

     

       
159
       
159
       
-
       
              upstream

     

       
160
       
159
       
 
       
              fallthrough in-addr.arpa ip6.arpa

     

       
161
       
160
       
 
       
            }

     

       
162
       
161
       
 
       
            prometheus :${toString ports.metrics}

     

···

       
238
       
238
       
 
       
      type = int;

     

       
239
       
239
       
 
       
    };

     

       
240
       
240
       
 
       


     

       
241
       
241
       
+
       
    apiAudiences = mkOption {

     

       
242
       
242
       
+
       
      description = ''

     

       
243
       
243
       
+
       
        Kubernetes apiserver ServiceAccount issuer.

     

       
244
       
244
       
+
       
      '';

     

       
245
       
245
       
+
       
      default = "api,https://kubernetes.default.svc";

     

       
246
       
246
       
+
       
      type = str;

     

       
247
       
247
       
+
       
    };

     

       
248
       
248
       
+
       


     

       
249
       
249
       
+
       
    serviceAccountIssuer = mkOption {

     

       
250
       
250
       
+
       
      description = ''

     

       
251
       
251
       
+
       
        Kubernetes apiserver ServiceAccount issuer.

     

       
252
       
252
       
+
       
      '';

     

       
253
       
253
       
+
       
      default = "https://kubernetes.default.svc";

     

       
254
       
254
       
+
       
      type = str;

     

       
255
       
255
       
+
       
    };

     

       
256
       
256
       
+
       


     

       
257
       
257
       
+
       
    serviceAccountSigningKeyFile = mkOption {

     

       
258
       
258
       
+
       
      description = ''

     

       
259
       
259
       
+
       
        Path to the file that contains the current private key of the service

     

       
260
       
260
       
+
       
        account token issuer. The issuer will sign issued ID tokens with this

     

       
261
       
261
       
+
       
        private key.

     

       
262
       
262
       
+
       
      '';

     

       
263
       
263
       
+
       
      type = path;

     

       
264
       
264
       
+
       
    };

     

       
265
       
265
       
+
       


     

       
241
       
266
       
 
       
    serviceAccountKeyFile = mkOption {

     

       
242
       
267
       
 
       
      description = ''

     

       
243
       
243
       
-
       
        Kubernetes apiserver PEM-encoded x509 RSA private or public key file,

     

       
244
       
244
       
-
       
        used to verify ServiceAccount tokens. By default tls private key file

     

       
245
       
245
       
-
       
        is used.

     

       
268
       
268
       
+
       
        File containing PEM-encoded x509 RSA or ECDSA private or public keys,

     

       
269
       
269
       
+
       
        used to verify ServiceAccount tokens. The specified file can contain

     

       
270
       
270
       
+
       
        multiple keys, and the flag can be specified multiple times with

     

       
271
       
271
       
+
       
        different files. If unspecified, --tls-private-key-file is used.

     

       
272
       
272
       
+
       
        Must be specified when --service-account-signing-key is provided

     

       
246
       
273
       
 
       
      '';

     

       
247
       
247
       
-
       
      default = null;

     

       
248
       
248
       
-
       
      type = nullOr path;

     

       
274
       
274
       
+
       
      type = path;

     

       
249
       
275
       
 
       
    };

     

       
250
       
276
       
 
       


     

       
251
       
277
       
 
       
    serviceClusterIpRange = mkOption {

     
···

       
357
       
383
       
 
       
              ${optionalString (cfg.runtimeConfig != "")

     

       
358
       
384
       
 
       
                "--runtime-config=${cfg.runtimeConfig}"} \

     

       
359
       
385
       
 
       
              --secure-port=${toString cfg.securePort} \

     

       
360
       
360
       
-
       
              ${optionalString (cfg.serviceAccountKeyFile!=null)

     

       
361
       
361
       
-
       
                "--service-account-key-file=${cfg.serviceAccountKeyFile}"} \

     

       
386
       
386
       
+
       
              --api-audiences=${toString cfg.apiAudiences} \

     

       
387
       
387
       
+
       
              --service-account-issuer=${toString cfg.serviceAccountIssuer} \

     

       
388
       
388
       
+
       
              --service-account-signing-key-file=${cfg.serviceAccountSigningKeyFile} \

     

       
389
       
389
       
+
       
              --service-account-key-file=${cfg.serviceAccountKeyFile} \

     

       
362
       
390
       
 
       
              --service-cluster-ip-range=${cfg.serviceClusterIpRange} \

     

       
363
       
391
       
 
       
              --storage-backend=${cfg.storageBackend} \

     

       
364
       
392
       
 
       
              ${optionalString (cfg.tlsCertFile != null)

     

···

       
5
       
5
       
 
       
let

     

       
6
       
6
       
 
       
  cfg = config.services.kubernetes;

     

       
7
       
7
       
 
       


     

       
8
       
8
       
+
       
  defaultContainerdConfigFile = pkgs.writeText "containerd.toml" ''

     

       
9
       
9
       
+
       
    version = 2

     

       
10
       
10
       
+
       
    root = "/var/lib/containerd/daemon"

     

       
11
       
11
       
+
       
    state = "/var/run/containerd/daemon"

     

       
12
       
12
       
+
       
    oom_score = 0

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
    [grpc]

     

       
15
       
15
       
+
       
      address = "/var/run/containerd/containerd.sock"

     

       
16
       
16
       
+
       


     

       
17
       
17
       
+
       
    [plugins."io.containerd.grpc.v1.cri"]

     

       
18
       
18
       
+
       
      sandbox_image = "pause:latest"

     

       
19
       
19
       
+
       


     

       
20
       
20
       
+
       
    [plugins."io.containerd.grpc.v1.cri".cni]

     

       
21
       
21
       
+
       
      bin_dir = "/opt/cni/bin"

     

       
22
       
22
       
+
       
      max_conf_num = 0

     

       
23
       
23
       
+
       


     

       
24
       
24
       
+
       
    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]

     

       
25
       
25
       
+
       
      runtime_type = "io.containerd.runc.v2"

     

       
26
       
26
       
+
       


     

       
27
       
27
       
+
       
    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes."io.containerd.runc.v2".options]

     

       
28
       
28
       
+
       
      SystemdCgroup = true

     

       
29
       
29
       
+
       
  '';

     

       
30
       
30
       
+
       


     

       
8
       
31
       
 
       
  mkKubeConfig = name: conf: pkgs.writeText "${name}-kubeconfig" (builtins.toJSON {

     

       
9
       
32
       
 
       
    apiVersion = "v1";

     

       
10
       
33
       
 
       
    kind = "Config";

     
···

       
222
       
245
       
 
       
    })

     

       
223
       
246
       
 
       


     

       
224
       
247
       
 
       
    (mkIf cfg.kubelet.enable {

     

       
225
       
225
       
-
       
      virtualisation.docker = {

     

       
248
       
248
       
+
       
      virtualisation.containerd = {

     

       
226
       
249
       
 
       
        enable = mkDefault true;

     

       
227
       
227
       
-
       


     

       
228
       
228
       
-
       
        # kubernetes needs access to logs

     

       
229
       
229
       
-
       
        logDriver = mkDefault "json-file";

     

       
230
       
230
       
-
       


     

       
231
       
231
       
-
       
        # iptables must be disabled for kubernetes

     

       
232
       
232
       
-
       
        extraOptions = "--iptables=false --ip-masq=false";

     

       
250
       
250
       
+
       
        configFile = mkDefault defaultContainerdConfigFile;

     

       
233
       
251
       
 
       
      };

     

       
234
       
252
       
 
       
    })

     

       
235
       
253
       
 
       


     
···

       
269
       
287
       
 
       
      users.users.kubernetes = {

     

       
270
       
288
       
 
       
        uid = config.ids.uids.kubernetes;

     

       
271
       
289
       
 
       
        description = "Kubernetes user";

     

       
272
       
272
       
-
       
        extraGroups = [ "docker" ];

     

       
273
       
290
       
 
       
        group = "kubernetes";

     

       
274
       
291
       
 
       
        home = cfg.dataDir;

     

       
275
       
292
       
 
       
        createHome = true;

     

···

       
8
       
8
       
 
       


     

       
9
       
9
       
 
       
  # we want flannel to use kubernetes itself as configuration backend, not direct etcd

     

       
10
       
10
       
 
       
  storageBackend = "kubernetes";

     

       
11
       
11
       
-
       


     

       
12
       
12
       
-
       
  # needed for flannel to pass options to docker

     

       
13
       
13
       
-
       
  mkDockerOpts = pkgs.runCommand "mk-docker-opts" {

     

       
14
       
14
       
-
       
    buildInputs = [ pkgs.makeWrapper ];

     

       
15
       
15
       
-
       
  } ''

     

       
16
       
16
       
-
       
    mkdir -p $out

     

       
17
       
17
       
-
       


     

       
18
       
18
       
-
       
    # bashInteractive needed for `compgen`

     

       
19
       
19
       
-
       
    makeWrapper ${pkgs.bashInteractive}/bin/bash $out/mk-docker-opts --add-flags "${pkgs.kubernetes}/bin/mk-docker-opts.sh"

     

       
20
       
20
       
-
       
  '';

     

       
21
       
11
       
 
       
in

     

       
22
       
12
       
 
       
{

     

       
23
       
13
       
 
       
  ###### interface

     
···

       
43
       
33
       
 
       
        cniVersion = "0.3.1";

     

       
44
       
34
       
 
       
        delegate = {

     

       
45
       
35
       
 
       
          isDefaultGateway = true;

     

       
46
       
46
       
-
       
          bridge = "docker0";

     

       
36
       
36
       
+
       
          bridge = "mynet";

     

       
47
       
37
       
 
       
        };

     

       
48
       
38
       
 
       
      }];

     

       
49
       
39
       
 
       
    };

     

       
50
       
40
       
 
       


     

       
51
       
51
       
-
       
    systemd.services.mk-docker-opts = {

     

       
52
       
52
       
-
       
      description = "Pre-Docker Actions";

     

       
53
       
53
       
-
       
      path = with pkgs; [ gawk gnugrep ];

     

       
54
       
54
       
-
       
      script = ''

     

       
55
       
55
       
-
       
        ${mkDockerOpts}/mk-docker-opts -d /run/flannel/docker

     

       
56
       
56
       
-
       
        systemctl restart docker

     

       
57
       
57
       
-
       
      '';

     

       
58
       
58
       
-
       
      serviceConfig.Type = "oneshot";

     

       
59
       
59
       
-
       
    };

     

       
60
       
60
       
-
       


     

       
61
       
61
       
-
       
    systemd.paths.flannel-subnet-env = {

     

       
62
       
62
       
-
       
      wantedBy = [ "flannel.service" ];

     

       
63
       
63
       
-
       
      pathConfig = {

     

       
64
       
64
       
-
       
        PathModified = "/run/flannel/subnet.env";

     

       
65
       
65
       
-
       
        Unit = "mk-docker-opts.service";

     

       
66
       
66
       
-
       
      };

     

       
67
       
67
       
-
       
    };

     

       
68
       
68
       
-
       


     

       
69
       
69
       
-
       
    systemd.services.docker = {

     

       
70
       
70
       
-
       
      environment.DOCKER_OPTS = "-b none";

     

       
71
       
71
       
-
       
      serviceConfig.EnvironmentFile = "-/run/flannel/docker";

     

       
72
       
72
       
-
       
    };

     

       
73
       
73
       
-
       


     

       
74
       
74
       
-
       
    # read environment variables generated by mk-docker-opts

     

       
75
       
75
       
-
       
    virtualisation.docker.extraOptions = "$DOCKER_OPTS";

     

       
76
       
76
       
-
       


     

       
77
       
41
       
 
       
    networking = {

     

       
78
       
42
       
 
       
      firewall.allowedUDPPorts = [

     

       
79
       
43
       
 
       
        8285  # flannel udp

     

       
80
       
44
       
 
       
        8472  # flannel vxlan

     

       
81
       
45
       
 
       
      ];

     

       
82
       
82
       
-
       
      dhcpcd.denyInterfaces = [ "docker*" "flannel*" ];

     

       
46
       
46
       
+
       
      dhcpcd.denyInterfaces = [ "mynet*" "flannel*" ];

     

       
83
       
47
       
 
       
    };

     

       
84
       
48
       
 
       


     

       
85
       
49
       
 
       
    services.kubernetes.pki.certs = {

     

···

       
23
       
23
       
 
       
    name = "pause";

     

       
24
       
24
       
 
       
    tag = "latest";

     

       
25
       
25
       
 
       
    contents = top.package.pause;

     

       
26
       
26
       
-
       
    config.Cmd = "/bin/pause";

     

       
26
       
26
       
+
       
    config.Cmd = ["/bin/pause"];

     

       
27
       
27
       
 
       
  };

     

       
28
       
28
       
 
       


     

       
29
       
29
       
 
       
  kubeconfig = top.lib.mkKubeConfig "kubelet" cfg.kubeconfig;

     
···

       
125
       
125
       
 
       
      };

     

       
126
       
126
       
 
       
    };

     

       
127
       
127
       
 
       


     

       
128
       
128
       
+
       
    containerRuntime = mkOption {

     

       
129
       
129
       
+
       
      description = "Which container runtime type to use";

     

       
130
       
130
       
+
       
      type = enum ["docker" "remote"];

     

       
131
       
131
       
+
       
      default = "remote";

     

       
132
       
132
       
+
       
    };

     

       
133
       
133
       
+
       


     

       
134
       
134
       
+
       
    containerRuntimeEndpoint = mkOption {

     

       
135
       
135
       
+
       
      description = "Endpoint at which to find the container runtime api interface/socket";

     

       
136
       
136
       
+
       
      type = str;

     

       
137
       
137
       
+
       
      default = "unix:///var/run/containerd/containerd.sock";

     

       
138
       
138
       
+
       
    };

     

       
139
       
139
       
+
       


     

       
128
       
140
       
 
       
    enable = mkEnableOption "Kubernetes kubelet.";

     

       
129
       
141
       
 
       


     

       
130
       
142
       
 
       
    extraOpts = mkOption {

     
···

       
235
       
247
       
 
       
  ###### implementation

     

       
236
       
248
       
 
       
  config = mkMerge [

     

       
237
       
249
       
 
       
    (mkIf cfg.enable {

     

       
250
       
250
       
+
       


     

       
251
       
251
       
+
       
      environment.etc."cni/net.d".source = cniConfig;

     

       
252
       
252
       
+
       


     

       
238
       
253
       
 
       
      services.kubernetes.kubelet.seedDockerImages = [infraContainer];

     

       
239
       
254
       
 
       


     

       
255
       
255
       
+
       
      boot.kernel.sysctl = {

     

       
256
       
256
       
+
       
        "net.bridge.bridge-nf-call-iptables"  = 1;

     

       
257
       
257
       
+
       
        "net.ipv4.ip_forward"                 = 1;

     

       
258
       
258
       
+
       
        "net.bridge.bridge-nf-call-ip6tables" = 1;

     

       
259
       
259
       
+
       
      };

     

       
260
       
260
       
+
       


     

       
240
       
261
       
 
       
      systemd.services.kubelet = {

     

       
241
       
262
       
 
       
        description = "Kubernetes Kubelet Service";

     

       
242
       
263
       
 
       
        wantedBy = [ "kubernetes.target" ];

     

       
243
       
243
       
-
       
        after = [ "network.target" "docker.service" "kube-apiserver.service" ];

     

       
264
       
264
       
+
       
        after = [ "containerd.service" "network.target" "kube-apiserver.service" ];

     

       
244
       
265
       
 
       
        path = with pkgs; [

     

       
245
       
266
       
 
       
          gitMinimal

     

       
246
       
267
       
 
       
          openssh

     

       
247
       
247
       
-
       
          docker

     

       
248
       
268
       
 
       
          util-linux

     

       
249
       
269
       
 
       
          iproute

     

       
250
       
270
       
 
       
          ethtool

     
···

       
254
       
274
       
 
       
        ] ++ lib.optional config.boot.zfs.enabled config.boot.zfs.package ++ top.path;

     

       
255
       
275
       
 
       
        preStart = ''

     

       
256
       
276
       
 
       
          ${concatMapStrings (img: ''

     

       
257
       
257
       
-
       
            echo "Seeding docker image: ${img}"

     

       
258
       
258
       
-
       
            docker load <${img}

     

       
277
       
277
       
+
       
            echo "Seeding container image: ${img}"

     

       
278
       
278
       
+
       
            ${if (lib.hasSuffix "gz" img) then

     

       
279
       
279
       
+
       
              ''${pkgs.gzip}/bin/zcat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -''

     

       
280
       
280
       
+
       
            else

     

       
281
       
281
       
+
       
              ''${pkgs.coreutils}/bin/cat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -''

     

       
282
       
282
       
+
       
            }

     

       
259
       
283
       
 
       
          '') cfg.seedDockerImages}

     

       
260
       
284
       
 
       


     

       
261
       
285
       
 
       
          rm /opt/cni/bin/* || true

     
···

       
306
       
330
       
 
       
            ${optionalString (cfg.tlsKeyFile != null)

     

       
307
       
331
       
 
       
              "--tls-private-key-file=${cfg.tlsKeyFile}"} \

     

       
308
       
332
       
 
       
            ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \

     

       
333
       
333
       
+
       
            --container-runtime=${cfg.containerRuntime} \

     

       
334
       
334
       
+
       
            --container-runtime-endpoint=${cfg.containerRuntimeEndpoint} \

     

       
335
       
335
       
+
       
            --cgroup-driver=systemd \

     

       
309
       
336
       
 
       
            ${cfg.extraOpts}

     

       
310
       
337
       
 
       
          '';

     

       
311
       
338
       
 
       
          WorkingDirectory = top.dataDir;

     
···

       
315
       
342
       
 
       
      # Allways include cni plugins

     

       
316
       
343
       
 
       
      services.kubernetes.kubelet.cni.packages = [pkgs.cni-plugins];

     

       
317
       
344
       
 
       


     

       
318
       
318
       
-
       
      boot.kernelModules = ["br_netfilter"];

     

       
345
       
345
       
+
       
      boot.kernelModules = ["br_netfilter" "overlay"];

     

       
319
       
346
       
 
       


     

       
320
       
347
       
 
       
      services.kubernetes.kubelet.hostname = with config.networking;

     

       
321
       
348
       
 
       
        mkDefault (hostName + optionalString (domain != null) ".${domain}");

     

···

       
361
       
361
       
 
       
          tlsCertFile = mkDefault cert;

     

       
362
       
362
       
 
       
          tlsKeyFile = mkDefault key;

     

       
363
       
363
       
 
       
          serviceAccountKeyFile = mkDefault cfg.certs.serviceAccount.cert;

     

       
364
       
364
       
+
       
          serviceAccountSigningKeyFile = mkDefault cfg.certs.serviceAccount.key;

     

       
364
       
365
       
 
       
          kubeletClientCaFile = mkDefault caCert;

     

       
365
       
366
       
 
       
          kubeletClientCertFile = mkDefault cfg.certs.apiserverKubeletClient.cert;

     

       
366
       
367
       
 
       
          kubeletClientKeyFile = mkDefault cfg.certs.apiserverKubeletClient.key;

     

···

       
162
       
162
       
 
       
        NODE_NAME = cfg.nodeName;

     

       
163
       
163
       
 
       
      };

     

       
164
       
164
       
 
       
      path = [ pkgs.iptables ];

     

       
165
       
165
       
-
       
      preStart = ''

     

       
166
       
166
       
-
       
        mkdir -p /run/flannel

     

       
167
       
167
       
-
       
        touch /run/flannel/docker

     

       
168
       
168
       
-
       
      '' + optionalString (cfg.storageBackend == "etcd") ''

     

       
165
       
165
       
+
       
      preStart = optionalString (cfg.storageBackend == "etcd") ''

     

       
169
       
166
       
 
       
        echo "setting network configuration"

     

       
170
       
167
       
 
       
        until ${pkgs.etcdctl}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}'

     

       
171
       
168
       
 
       
        do

     
···

       
177
       
174
       
 
       
        ExecStart = "${cfg.package}/bin/flannel";

     

       
178
       
175
       
 
       
        Restart = "always";

     

       
179
       
176
       
 
       
        RestartSec = "10s";

     

       
177
       
177
       
+
       
        RuntimeDirectory = "flannel";

     

       
180
       
178
       
 
       
      };

     

       
181
       
179
       
 
       
    };

     

       
182
       
180
       
 
       


     

···

       
1
       
1
       
+
       
{ pkgs, lib, config, ... }:

     

       
2
       
2
       
+
       
let

     

       
3
       
3
       
+
       
  cfg = config.virtualisation.containerd;

     

       
4
       
4
       
+
       
  containerdConfigChecked = pkgs.runCommand "containerd-config-checked.toml" { nativeBuildInputs = [pkgs.containerd]; } ''

     

       
5
       
5
       
+
       
    containerd -c ${cfg.configFile} config dump >/dev/null

     

       
6
       
6
       
+
       
    ln -s ${cfg.configFile} $out

     

       
7
       
7
       
+
       
  '';

     

       
8
       
8
       
+
       
in

     

       
9
       
9
       
+
       
{

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
  options.virtualisation.containerd = with lib.types; {

     

       
12
       
12
       
+
       
    enable = lib.mkEnableOption "containerd container runtime";

     

       
13
       
13
       
+
       


     

       
14
       
14
       
+
       
    configFile = lib.mkOption {

     

       
15
       
15
       
+
       
      default = null;

     

       
16
       
16
       
+
       
      description = "path to containerd config file";

     

       
17
       
17
       
+
       
      type = nullOr path;

     

       
18
       
18
       
+
       
    };

     

       
19
       
19
       
+
       


     

       
20
       
20
       
+
       
    args = lib.mkOption {

     

       
21
       
21
       
+
       
      default = {};

     

       
22
       
22
       
+
       
      description = "extra args to append to the containerd cmdline";

     

       
23
       
23
       
+
       
      type = attrsOf str;

     

       
24
       
24
       
+
       
    };

     

       
25
       
25
       
+
       
  };

     

       
26
       
26
       
+
       


     

       
27
       
27
       
+
       
  config = lib.mkIf cfg.enable {

     

       
28
       
28
       
+
       
    virtualisation.containerd.args.config = lib.mkIf (cfg.configFile != null) (toString containerdConfigChecked);

     

       
29
       
29
       
+
       


     

       
30
       
30
       
+
       
    environment.systemPackages = [pkgs.containerd];

     

       
31
       
31
       
+
       


     

       
32
       
32
       
+
       
    systemd.services.containerd = {

     

       
33
       
33
       
+
       
      description = "containerd - container runtime";

     

       
34
       
34
       
+
       
      wantedBy = [ "multi-user.target" ];

     

       
35
       
35
       
+
       
      after = [ "network.target" ];

     

       
36
       
36
       
+
       
      path = with pkgs; [

     

       
37
       
37
       
+
       
        containerd

     

       
38
       
38
       
+
       
        runc

     

       
39
       
39
       
+
       
        iptables

     

       
40
       
40
       
+
       
      ];

     

       
41
       
41
       
+
       
      serviceConfig = {

     

       
42
       
42
       
+
       
        ExecStart = ''${pkgs.containerd}/bin/containerd ${lib.concatStringsSep " " (lib.cli.toGNUCommandLine {} cfg.args)}'';

     

       
43
       
43
       
+
       
        Delegate = "yes";

     

       
44
       
44
       
+
       
        KillMode = "process";

     

       
45
       
45
       
+
       
        Type = "notify";

     

       
46
       
46
       
+
       
        Restart = "always";

     

       
47
       
47
       
+
       
        RestartSec = "5";

     

       
48
       
48
       
+
       
        StartLimitBurst = "8";

     

       
49
       
49
       
+
       
        StartLimitIntervalSec = "120s";

     

       
50
       
50
       
+
       


     

       
51
       
51
       
+
       
        # "limits" defined below are adopted from upstream: https://github.com/containerd/containerd/blob/master/containerd.service

     

       
52
       
52
       
+
       
        LimitNPROC = "infinity";

     

       
53
       
53
       
+
       
        LimitCORE = "infinity";

     

       
54
       
54
       
+
       
        LimitNOFILE = "infinity";

     

       
55
       
55
       
+
       
        TasksMax = "infinity";

     

       
56
       
56
       
+
       
        OOMScoreAdjust = "-999";

     

       
57
       
57
       
+
       
      };

     

       
58
       
58
       
+
       
    };

     

       
59
       
59
       
+
       
  };

     

       
60
       
60
       
+
       
}

     

···

       
34
       
34
       
 
       
    name = "redis";

     

       
35
       
35
       
 
       
    tag = "latest";

     

       
36
       
36
       
 
       
    contents = [ pkgs.redis pkgs.bind.host ];

     

       
37
       
37
       
-
       
    config.Entrypoint = "/bin/redis-server";

     

       
37
       
37
       
+
       
    config.Entrypoint = ["/bin/redis-server"];

     

       
38
       
38
       
 
       
  };

     

       
39
       
39
       
 
       


     

       
40
       
40
       
 
       
  probePod = pkgs.writeText "probe-pod.json" (builtins.toJSON {

     
···

       
55
       
55
       
 
       
    name = "probe";

     

       
56
       
56
       
 
       
    tag = "latest";

     

       
57
       
57
       
 
       
    contents = [ pkgs.bind.host pkgs.busybox ];

     

       
58
       
58
       
-
       
    config.Entrypoint = "/bin/tail";

     

       
58
       
58
       
+
       
    config.Entrypoint = ["/bin/tail"];

     

       
59
       
59
       
 
       
  };

     

       
60
       
60
       
 
       


     

       
61
       
61
       
-
       
  extraConfiguration = { config, pkgs, ... }: {

     

       
61
       
61
       
+
       
  extraConfiguration = { config, pkgs, lib, ... }: {

     

       
62
       
62
       
 
       
    environment.systemPackages = [ pkgs.bind.host ];

     

       
63
       
63
       
-
       
    # virtualisation.docker.extraOptions = "--dns=${config.services.kubernetes.addons.dns.clusterIp}";

     

       
64
       
63
       
 
       
    services.dnsmasq.enable = true;

     

       
65
       
64
       
 
       
    services.dnsmasq.servers = [

     

       
66
       
65
       
 
       
      "/cluster.local/${config.services.kubernetes.addons.dns.clusterIp}#53"

     
···

       
77
       
76
       
 
       
      # prepare machine1 for test

     

       
78
       
77
       
 
       
      machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready")

     

       
79
       
78
       
 
       
      machine1.wait_until_succeeds(

     

       
80
       
80
       
-
       
          "docker load < ${redisImage}"

     

       
79
       
79
       
+
       
          "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
81
       
80
       
 
       
      )

     

       
82
       
81
       
 
       
      machine1.wait_until_succeeds(

     

       
83
       
82
       
 
       
          "kubectl create -f ${redisPod}"

     
···

       
86
       
85
       
 
       
          "kubectl create -f ${redisService}"

     

       
87
       
86
       
 
       
      )

     

       
88
       
87
       
 
       
      machine1.wait_until_succeeds(

     

       
89
       
89
       
-
       
          "docker load < ${probeImage}"

     

       
88
       
88
       
+
       
          "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
90
       
89
       
 
       
      )

     

       
91
       
90
       
 
       
      machine1.wait_until_succeeds(

     

       
92
       
91
       
 
       
          "kubectl create -f ${probePod}"

     
···

       
118
       
117
       
 
       
      # prepare machines for test

     

       
119
       
118
       
 
       
      machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready")

     

       
120
       
119
       
 
       
      machine2.wait_until_succeeds(

     

       
121
       
121
       
-
       
          "docker load < ${redisImage}"

     

       
120
       
120
       
+
       
          "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
122
       
121
       
 
       
      )

     

       
123
       
122
       
 
       
      machine1.wait_until_succeeds(

     

       
124
       
123
       
 
       
          "kubectl create -f ${redisPod}"

     
···

       
127
       
126
       
 
       
          "kubectl create -f ${redisService}"

     

       
128
       
127
       
 
       
      )

     

       
129
       
128
       
 
       
      machine2.wait_until_succeeds(

     

       
130
       
130
       
-
       
          "docker load < ${probeImage}"

     

       
129
       
129
       
+
       
          "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
131
       
130
       
 
       
      )

     

       
132
       
131
       
 
       
      machine1.wait_until_succeeds(

     

       
133
       
132
       
 
       
          "kubectl create -f ${probePod}"

     

···

       
85
       
85
       
 
       
    name = "kubectl";

     

       
86
       
86
       
 
       
    tag = "latest";

     

       
87
       
87
       
 
       
    contents = [ kubectl pkgs.busybox kubectlPod2 ];

     

       
88
       
88
       
-
       
    config.Entrypoint = "/bin/sh";

     

       
88
       
88
       
+
       
    config.Entrypoint = ["/bin/sh"];

     

       
89
       
89
       
 
       
  };

     

       
90
       
90
       
 
       


     

       
91
       
91
       
 
       
  base = {

     
···

       
97
       
97
       
 
       
      machine1.wait_until_succeeds("kubectl get node machine1.my.zyx | grep -w Ready")

     

       
98
       
98
       
 
       


     

       
99
       
99
       
 
       
      machine1.wait_until_succeeds(

     

       
100
       
100
       
-
       
          "docker load < ${kubectlImage}"

     

       
100
       
100
       
+
       
          "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
101
       
101
       
 
       
      )

     

       
102
       
102
       
 
       


     

       
103
       
103
       
 
       
      machine1.wait_until_succeeds(

     
···

       
134
       
134
       
 
       
      machine1.wait_until_succeeds("kubectl get node machine2.my.zyx | grep -w Ready")

     

       
135
       
135
       
 
       


     

       
136
       
136
       
 
       
      machine2.wait_until_succeeds(

     

       
137
       
137
       
-
       
          "docker load < ${kubectlImage}"

     

       
137
       
137
       
+
       
          "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"

     

       
138
       
138
       
 
       
      )

     

       
139
       
139
       
 
       


     

       
140
       
140
       
 
       
      machine1.wait_until_succeeds(

     

···

       
17
       
17
       
 
       


     

       
18
       
18
       
 
       
stdenv.mkDerivation rec {

     

       
19
       
19
       
 
       
  pname = "particl-core";

     

       
20
       
20
       
-
       
  version = "0.19.2.3";

     

       
20
       
20
       
+
       
  version = "0.19.2.5";

     

       
21
       
21
       
 
       


     

       
22
       
22
       
 
       
  src = fetchurl {

     

       
23
       
23
       
 
       
    url = "https://github.com/particl/particl-core/archive/v${version}.tar.gz";

     

       
24
       
24
       
-
       
    sha256 = "sha256-nAsQvYWUejSu/4MMIwZhlV5Gjza/Da4jcp6/01lppvg=";

     

       
24
       
24
       
+
       
    sha256 = "sha256-uI4T8h6RvCikk8h/sZmGlj3Uj3Xhu0vDn/fPb6rLcSg=";

     

       
25
       
25
       
 
       
  };

     

       
26
       
26
       
 
       


     

       
27
       
27
       
 
       
  nativeBuildInputs = [ pkg-config autoreconfHook ];

     

···

       
33
       
33
       
 
       


     

       
34
       
34
       
 
       
, gmp

     

       
35
       
35
       
 
       


     

       
36
       
36
       
-
       
# Pluggable transport dependencies

     

       
37
       
37
       
-
       
, python27

     

       
38
       
38
       
-
       


     

       
39
       
36
       
 
       
# Wrapper runtime

     

       
40
       
37
       
 
       
, coreutils

     

       
41
       
38
       
 
       
, glibcLocales

     
···

       
91
       
88
       
 
       
  fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];

     

       
92
       
89
       
 
       


     

       
93
       
90
       
 
       
  # Upstream source

     

       
94
       
94
       
-
       
  version = "10.0.12";

     

       
91
       
91
       
+
       
  version = "10.0.13";

     

       
95
       
92
       
 
       


     

       
96
       
93
       
 
       
  lang = "en-US";

     

       
97
       
94
       
 
       


     

       
98
       
95
       
 
       
  srcs = {

     

       
99
       
96
       
 
       
    x86_64-linux = fetchurl {

     

       
100
       
97
       
 
       
      url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz";

     

       
101
       
101
       
-
       
      sha256 = "0i5g997kgn7n6ji7pxbyvkx33nqfi2s1val680fp5hh1zz31yvfv";

     

       
98
       
98
       
+
       
      sha256 = "sha256-KxJKS/ymbkAg8LjMFz3BDSupPk5cNB1pFz9fFyRTndk=";

     

       
102
       
99
       
 
       
    };

     

       
103
       
100
       
 
       


     

       
104
       
101
       
 
       
    i686-linux = fetchurl {

     

       
105
       
102
       
 
       
      url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz";

     

       
106
       
106
       
-
       
      sha256 = "16915fvvq3d16v1bzclnb52sa6yyaalihk3gv93jcnph9vsz8ags";

     

       
103
       
103
       
+
       
      sha256 = "sha256-4glc2qP6AdHtWc8zW+varG30rlAXpeFyKjqDPsmiVfI=";

     

       
107
       
104
       
 
       
    };

     

       
108
       
105
       
 
       
  };

     

       
109
       
106
       
 
       
in

     

···

       
20
       
20
       
 
       


     

       
21
       
21
       
 
       
stdenv.mkDerivation rec {

     

       
22
       
22
       
 
       
  pname = "kubernetes";

     

       
23
       
23
       
-
       
  version = "1.19.5";

     

       
23
       
23
       
+
       
  version = "1.20.4";

     

       
24
       
24
       
 
       


     

       
25
       
25
       
 
       
  src = fetchFromGitHub {

     

       
26
       
26
       
 
       
    owner = "kubernetes";

     

       
27
       
27
       
 
       
    repo = "kubernetes";

     

       
28
       
28
       
 
       
    rev = "v${version}";

     

       
29
       
29
       
-
       
    sha256 = "15bv620fj4x731f2z2a9dcdss18rk379kc40g49bpqsdn42jjx2z";

     

       
29
       
29
       
+
       
    sha256 = "0nni351ya688dphdkpyq94p3wjw2kigg85kmalwdpv5wpz1abl5g";

     

       
30
       
30
       
 
       
  };

     

       
31
       
31
       
 
       


     

       
32
       
32
       
 
       
  nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ];

     

       
33
       
33
       
 
       


     

       
34
       
34
       
 
       
  outputs = [ "out" "man" "pause" ];

     

       
35
       
35
       
 
       


     

       
36
       
36
       
+
       
  patches = [ ./fixup-addonmanager-lib-path.patch ];

     

       
37
       
37
       
+
       


     

       
36
       
38
       
 
       
  postPatch = ''

     

       
37
       
39
       
 
       
    # go env breaks the sandbox

     

       
38
       
40
       
 
       
    substituteInPlace "hack/lib/golang.sh" \

     
···

       
53
       
55
       
 
       


     

       
54
       
56
       
 
       
  postBuild = ''

     

       
55
       
57
       
 
       
    ./hack/update-generated-docs.sh

     

       
56
       
56
       
-
       
    (cd build/pause && cc pause.c -o pause)

     

       
58
       
58
       
+
       
    (cd build/pause/linux && cc pause.c -o pause)

     

       
57
       
59
       
 
       
  '';

     

       
58
       
60
       
 
       


     

       
59
       
61
       
 
       
  installPhase = ''

     
···

       
61
       
63
       
 
       
      install -D _output/local/go/bin/''${p##*/} -t $out/bin

     

       
62
       
64
       
 
       
    done

     

       
63
       
65
       
 
       


     

       
64
       
64
       
-
       
    install -D build/pause/pause -t $pause/bin

     

       
66
       
66
       
+
       
    install -D build/pause/linux/pause -t $pause/bin

     

       
65
       
67
       
 
       
    installManPage docs/man/man1/*.[1-9]

     

       
66
       
68
       
 
       


     

       
67
       
67
       
-
       
    cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons

     

       
69
       
69
       
+
       
    # Unfortunately, kube-addons-main.sh only looks for the lib file in either the current working dir

     

       
70
       
70
       
+
       
    # or in /opt. We have to patch this for now.

     

       
71
       
71
       
+
       
    substitute cluster/addons/addon-manager/kube-addons-main.sh $out/bin/kube-addons \

     

       
72
       
72
       
+
       
      --subst-var out

     

       
73
       
73
       
+
       


     

       
74
       
74
       
+
       
    chmod +x $out/bin/kube-addons

     

       
68
       
75
       
 
       
    patchShebangs $out/bin/kube-addons

     

       
69
       
76
       
 
       
    wrapProgram $out/bin/kube-addons --set "KUBECTL_BIN" "$out/bin/kubectl"

     

       
70
       
77
       
 
       


     

       
71
       
71
       
-
       
    cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh

     

       
78
       
78
       
+
       
    cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons-lib.sh

     

       
72
       
79
       
 
       


     

       
73
       
80
       
 
       
    for tool in kubeadm kubectl; do

     

       
74
       
81
       
 
       
      installShellCompletion --cmd $tool \

     

···

       
1
       
1
       
+
       
diff --git a/cluster/addons/addon-manager/kube-addons-main.sh b/cluster/addons/addon-manager/kube-addons-main.sh

     

       
2
       
2
       
+
       
index 849973470d1..e4fef30eaea 100755

     

       
3
       
3
       
+
       
--- a/cluster/addons/addon-manager/kube-addons-main.sh

     

       
4
       
4
       
+
       
+++ b/cluster/addons/addon-manager/kube-addons-main.sh

     

       
5
       
5
       
+
       
@@ -17,17 +17,7 @@

     

       
6
       
6
       
+
       
 # Import required functions. The addon manager is installed to /opt in

     

       
7
       
7
       
+
       
 # production use (see the Dockerfile)

     

       
8
       
8
       
+
       
 # Disabling shellcheck following files as the full path would be required.

     

       
9
       
9
       
+
       
-if [ -f "kube-addons.sh" ]; then

     

       
10
       
10
       
+
       
-  # shellcheck disable=SC1091

     

       
11
       
11
       
+
       
-  source "kube-addons.sh"

     

       
12
       
12
       
+
       
-elif [ -f "/opt/kube-addons.sh" ]; then

     

       
13
       
13
       
+
       
-  # shellcheck disable=SC1091

     

       
14
       
14
       
+
       
-  source "/opt/kube-addons.sh"

     

       
15
       
15
       
+
       
-else

     

       
16
       
16
       
+
       
-  # If the required source is missing, we have to fail.

     

       
17
       
17
       
+
       
-  log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) =="

     

       
18
       
18
       
+
       
-  exit 1

     

       
19
       
19
       
+
       
-fi

     

       
20
       
20
       
+
       
+source "@out@/bin/kube-addons-lib.sh"

     

       
21
       
21
       
+
       
 

     

       
22
       
22
       
+
       
 # The business logic for whether a given object should be created

     

       
23
       
23
       
+
       
 # was already enforced by salt, and /etc/kubernetes/addons is the

     

···

       
1
       
1
       
-
       
#!/usr/bin/env bash

     

       
2
       
2
       
-
       


     

       
3
       
3
       
-
       
# Copyright 2014 The Kubernetes Authors.

     

       
4
       
4
       
-
       
#

     

       
5
       
5
       
-
       
# Licensed under the Apache License, Version 2.0 (the "License");

     

       
6
       
6
       
-
       
# you may not use this file except in compliance with the License.

     

       
7
       
7
       
-
       
# You may obtain a copy of the License at

     

       
8
       
8
       
-
       
#

     

       
9
       
9
       
-
       
#     http://www.apache.org/licenses/LICENSE-2.0

     

       
10
       
10
       
-
       
#

     

       
11
       
11
       
-
       
# Unless required by applicable law or agreed to in writing, software

     

       
12
       
12
       
-
       
# distributed under the License is distributed on an "AS IS" BASIS,

     

       
13
       
13
       
-
       
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

     

       
14
       
14
       
-
       
# See the License for the specific language governing permissions and

     

       
15
       
15
       
-
       
# limitations under the License.

     

       
16
       
16
       
-
       


     

       
17
       
17
       
-
       
# Generate Docker daemon options based on flannel env file.

     

       
18
       
18
       
-
       


     

       
19
       
19
       
-
       
# exit on any error

     

       
20
       
20
       
-
       
set -e

     

       
21
       
21
       
-
       


     

       
22
       
22
       
-
       
usage() {

     

       
23
       
23
       
-
       
  echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY]

     

       
24
       
24
       
-
       


     

       
25
       
25
       
-
       
Generate Docker daemon options based on flannel env file

     

       
26
       
26
       
-
       
OPTIONS:

     

       
27
       
27
       
-
       
    -f  Path to flannel env file. Defaults to /run/flannel/subnet.env

     

       
28
       
28
       
-
       
    -d  Path to Docker env file to write to. Defaults to /run/docker_opts.env

     

       
29
       
29
       
-
       
    -i  Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500

     

       
30
       
30
       
-
       
    -c  Output combined Docker options into DOCKER_OPTS var

     

       
31
       
31
       
-
       
    -k  Set the combined options key to this value (default DOCKER_OPTS=)

     

       
32
       
32
       
-
       
    -m  Do not output --ip-masq (useful for older Docker version)

     

       
33
       
33
       
-
       
" >/dev/stderr

     

       
34
       
34
       
-
       
  exit 1

     

       
35
       
35
       
-
       
}

     

       
36
       
36
       
-
       


     

       
37
       
37
       
-
       
flannel_env="/run/flannel/subnet.env"

     

       
38
       
38
       
-
       
docker_env="/run/docker_opts.env"

     

       
39
       
39
       
-
       
combined_opts_key="DOCKER_OPTS"

     

       
40
       
40
       
-
       
indiv_opts=false

     

       
41
       
41
       
-
       
combined_opts=false

     

       
42
       
42
       
-
       
ipmasq=true

     

       
43
       
43
       
-
       
val=""

     

       
44
       
44
       
-
       


     

       
45
       
45
       
-
       
while getopts "f:d:icmk:" opt; do

     

       
46
       
46
       
-
       
  case $opt in

     

       
47
       
47
       
-
       
    f)

     

       
48
       
48
       
-
       
      flannel_env=$OPTARG

     

       
49
       
49
       
-
       
      ;;

     

       
50
       
50
       
-
       
    d)

     

       
51
       
51
       
-
       
      docker_env=$OPTARG

     

       
52
       
52
       
-
       
      ;;

     

       
53
       
53
       
-
       
    i)

     

       
54
       
54
       
-
       
      indiv_opts=true

     

       
55
       
55
       
-
       
      ;;

     

       
56
       
56
       
-
       
    c)

     

       
57
       
57
       
-
       
      combined_opts=true

     

       
58
       
58
       
-
       
      ;;

     

       
59
       
59
       
-
       
    m)

     

       
60
       
60
       
-
       
      ipmasq=false

     

       
61
       
61
       
-
       
      ;;

     

       
62
       
62
       
-
       
    k)

     

       
63
       
63
       
-
       
      combined_opts_key=$OPTARG

     

       
64
       
64
       
-
       
      ;;

     

       
65
       
65
       
-
       
    \?)

     

       
66
       
66
       
-
       
      usage

     

       
67
       
67
       
-
       
      ;;

     

       
68
       
68
       
-
       
  esac

     

       
69
       
69
       
-
       
done

     

       
70
       
70
       
-
       


     

       
71
       
71
       
-
       
if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then

     

       
72
       
72
       
-
       
  indiv_opts=true

     

       
73
       
73
       
-
       
  combined_opts=true

     

       
74
       
74
       
-
       
fi

     

       
75
       
75
       
-
       


     

       
76
       
76
       
-
       
if [[ -f "${flannel_env}" ]]; then

     

       
77
       
77
       
-
       
  source "${flannel_env}"

     

       
78
       
78
       
-
       
fi

     

       
79
       
79
       
-
       


     

       
80
       
80
       
-
       
if [[ -n "$FLANNEL_SUBNET" ]]; then

     

       
81
       
81
       
-
       
  # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below

     

       
82
       
82
       
-
       
  DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET"

     

       
83
       
83
       
-
       
fi

     

       
84
       
84
       
-
       


     

       
85
       
85
       
-
       
if [[ -n "$FLANNEL_MTU" ]]; then

     

       
86
       
86
       
-
       
  # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below

     

       
87
       
87
       
-
       
  DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU"

     

       
88
       
88
       
-
       
fi

     

       
89
       
89
       
-
       


     

       
90
       
90
       
-
       
if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then

     

       
91
       
91
       
-
       
  # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below

     

       
92
       
92
       
-
       
  DOCKER_OPT_IPMASQ="--ip-masq=false"

     

       
93
       
93
       
-
       
fi

     

       
94
       
94
       
-
       


     

       
95
       
95
       
-
       
eval docker_opts="\$${combined_opts_key}"

     

       
96
       
96
       
-
       
docker_opts+=" "

     

       
97
       
97
       
-
       


     

       
98
       
98
       
-
       
echo -n "" >"${docker_env}"

     

       
99
       
99
       
-
       


     

       
100
       
100
       
-
       
# OPT_LOOP

     

       
101
       
101
       
-
       
for opt in $(compgen -v DOCKER_OPT_); do

     

       
102
       
102
       
-
       
  eval val=\$"${opt}"

     

       
103
       
103
       
-
       


     

       
104
       
104
       
-
       
  if [[ "$indiv_opts" = true ]]; then

     

       
105
       
105
       
-
       
    echo "$opt=\"$val\"" >>"${docker_env}"

     

       
106
       
106
       
-
       
  fi

     

       
107
       
107
       
-
       


     

       
108
       
108
       
-
       
  docker_opts+="$val "

     

       
109
       
109
       
-
       
done

     

       
110
       
110
       
-
       


     

       
111
       
111
       
-
       
if [[ "$combined_opts" = true ]]; then

     

       
112
       
112
       
-
       
  echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}"

     

       
113
       
113
       
-
       
fi

     

···

       
1
       
1
       
+
       
From bea6307ec2a77d90d59c13940381d73ec0f05b70 Mon Sep 17 00:00:00 2001

     

       
2
       
2
       
+
       
From: Graham Christensen <graham@grahamc.com>

     

       
3
       
3
       
+
       
Date: Mon, 1 Mar 2021 10:57:44 -0500

     

       
4
       
4
       
+
       
Subject: [PATCH] Disable NIC tests that fail in the Nix sandbox.

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
---

     

       
7
       
7
       
+
       
 agent/managedInstances/fingerprint/fingerprint_integ_test.go | 2 ++

     

       
8
       
8
       
+
       
 agent/ssm/service_test.go                                    | 1 +

     

       
9
       
9
       
+
       
 2 files changed, 3 insertions(+)

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
diff --git a/agent/managedInstances/fingerprint/fingerprint_integ_test.go b/agent/managedInstances/fingerprint/fingerprint_integ_test.go

     

       
12
       
12
       
+
       
index a1f969ff..631ea1f5 100644

     

       
13
       
13
       
+
       
--- a/agent/managedInstances/fingerprint/fingerprint_integ_test.go

     

       
14
       
14
       
+
       
+++ b/agent/managedInstances/fingerprint/fingerprint_integ_test.go

     

       
15
       
15
       
+
       
@@ -28,12 +28,14 @@ func TestHostnameInfo(t *testing.T) {

     

       
16
       
16
       
+
       
 }

     

       
17
       
17
       
+
       
 

     

       
18
       
18
       
+
       
 func TestPrimaryIpInfo(t *testing.T) {

     

       
19
       
19
       
+
       
+	t.Skip("The Nix build sandbox has no non-loopback IPs, causing this test to fail.");

     

       
20
       
20
       
+
       
 	ip, err := primaryIpInfo()

     

       
21
       
21
       
+
       
 	assert.NoError(t, err, "expected no error fetching the primary ip")

     

       
22
       
22
       
+
       
 	assert.NotEmpty(t, ip, "expected to fetch primary ip")

     

       
23
       
23
       
+
       
 }

     

       
24
       
24
       
+
       
 

     

       
25
       
25
       
+
       
 func TestMacAddrInfo(t *testing.T) {

     

       
26
       
26
       
+
       
+	t.Skip("The Nix build sandbox has no non-loopback interfaces, causing this test to fail.");

     

       
27
       
27
       
+
       
 	mac, err := macAddrInfo()

     

       
28
       
28
       
+
       
 	assert.NoError(t, err, "expected no error fetching the mac addr")

     

       
29
       
29
       
+
       
 	assert.NotEmpty(t, mac, "expected to fetch mac address")

     

       
30
       
30
       
+
       
diff --git a/agent/ssm/service_test.go b/agent/ssm/service_test.go

     

       
31
       
31
       
+
       
index f4b34f83..d8216dba 100644

     

       
32
       
32
       
+
       
--- a/agent/ssm/service_test.go

     

       
33
       
33
       
+
       
+++ b/agent/ssm/service_test.go

     

       
34
       
34
       
+
       
@@ -85,6 +85,7 @@ func (suite *SsmServiceTestSuite) TestUpdateEmptyInstanceInformation() {

     

       
35
       
35
       
+
       
 // Test function for update instance information

     

       
36
       
36
       
+
       
 // This function update the agent name, agent statuc, and agent version.

     

       
37
       
37
       
+
       
 func (suite *SsmServiceTestSuite) TestUpdateInstanceInformation() {

     

       
38
       
38
       
+
       
+	suite.T().Skip("The Nix build sandbox has no interfaces for IP and MAC address reports.");

     

       
39
       
39
       
+
       
 	// Give mock value to test UpdateInstanceInformation, assert the error is nil, assert the log.Debug function get called.

     

       
40
       
40
       
+
       
 	response, err := suite.sdkService.UpdateInstanceInformation(suite.logMock, "2.2.3.2", "active", "Amazon-ssm-agent")

     

       
41
       
41
       
+
       
 	assert.Nil(suite.T(), err, "Err should be nil")

     

       
42
       
42
       
+
       
-- 

     

       
43
       
43
       
+
       
2.29.2

     

       
44
       
44
       
+
       


     

···

       
1
       
1
       
+
       
From 473e3f8544915a35b3a45c548743978b34e5310e Mon Sep 17 00:00:00 2001

     

       
2
       
2
       
+
       
From: Cole Helbling <cole.e.helbling@outlook.com>

     

       
3
       
3
       
+
       
Date: Tue, 2 Mar 2021 00:24:00 -0800

     

       
4
       
4
       
+
       
Subject: [PATCH] version-gen: don't use unnecessary constants

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
This prevents the tool from being built with Nix, because this project

     

       
7
       
7
       
+
       
doesn't use Go modules (or something; I'm not really familiar with Go,

     

       
8
       
8
       
+
       
much less Go + Nix).

     

       
9
       
9
       
+
       
---

     

       
10
       
10
       
+
       
 agent/version/versiongenerator/version-gen.go | 6 ++----

     

       
11
       
11
       
+
       
 1 file changed, 2 insertions(+), 4 deletions(-)

     

       
12
       
12
       
+
       


     

       
13
       
13
       
+
       
diff --git a/agent/version/versiongenerator/version-gen.go b/agent/version/versiongenerator/version-gen.go

     

       
14
       
14
       
+
       
index d710effc..55c9a001 100644

     

       
15
       
15
       
+
       
--- a/agent/version/versiongenerator/version-gen.go

     

       
16
       
16
       
+
       
+++ b/agent/version/versiongenerator/version-gen.go

     

       
17
       
17
       
+
       
@@ -22,8 +22,6 @@ import (

     

       
18
       
18
       
+
       
 	"path/filepath"

     

       
19
       
19
       
+
       
 	"strings"

     

       
20
       
20
       
+
       
 	"text/template"

     

       
21
       
21
       
+
       
-

     

       
22
       
22
       
+
       
-	"github.com/aws/amazon-ssm-agent/agent/appconfig"

     

       
23
       
23
       
+
       
 )

     

       
24
       
24
       
+
       
 

     

       
25
       
25
       
+
       
 const versiongoTemplate = `// This is an autogenerated file and should not be edited.

     

       
26
       
26
       
+
       
@@ -59,7 +57,7 @@ func main() {

     

       
27
       
27
       
+
       
 	versionStr := strings.TrimSpace(string(versionContent))

     

       
28
       
28
       
+
       
 

     

       
29
       
29
       
+
       
 	fmt.Printf("Agent Version: %v", versionStr)

     

       
30
       
30
       
+
       
-	if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), appconfig.ReadWriteAccess); err != nil {

     

       
31
       
31
       
+
       
+	if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), 0600); err != nil {

     

       
32
       
32
       
+
       
 		log.Fatalf("Error writing to VERSION file. %v", err)

     

       
33
       
33
       
+
       
 	}

     

       
34
       
34
       
+
       
 

     

       
35
       
35
       
+
       
@@ -108,7 +106,7 @@ func main() {

     

       
36
       
36
       
+
       
 

     

       
37
       
37
       
+
       
 	releaseNoteOutFile := strings.Join(releaseNoteLines, "\n")

     

       
38
       
38
       
+
       
 

     

       
39
       
39
       
+
       
-	if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), appconfig.ReadWriteAccess); err != nil {

     

       
40
       
40
       
+
       
+	if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), 0600); err != nil {

     

       
41
       
41
       
+
       
 		log.Fatalf("Error writing to RELEASENOTES.md file. %v", err)

     

       
42
       
42
       
+
       
 	}

     

       
43
       
43
       
+
       
 

     

       
44
       
44
       
+
       
-- 

     

       
45
       
45
       
+
       
2.30.0

     

       
46
       
46
       
+
       


     

···

       
1
       
1
       
-
       
{ lib, fetchFromGitHub, buildGoPackage, bash, makeWrapper }:

     

       
1
       
1
       
+
       
{ lib

     

       
2
       
2
       
+
       
, writeShellScriptBin

     

       
3
       
3
       
+
       
, buildGoPackage

     

       
4
       
4
       
+
       
, makeWrapper

     

       
5
       
5
       
+
       
, fetchFromGitHub

     

       
6
       
6
       
+
       
, coreutils

     

       
7
       
7
       
+
       
, nettools

     

       
8
       
8
       
+
       
, dmidecode

     

       
9
       
9
       
+
       
, util-linux

     

       
10
       
10
       
+
       
, bashInteractive

     

       
11
       
11
       
+
       
}:

     

       
12
       
12
       
+
       


     

       
13
       
13
       
+
       
let

     

       
14
       
14
       
+
       
  # Tests use lsb_release, so we mock it (the SSM agent used to not

     

       
15
       
15
       
+
       
  # read from our /etc/os-release file, but now it does) because in

     

       
16
       
16
       
+
       
  # reality, it won't (shouldn't) be used when active on a system with

     

       
17
       
17
       
+
       
  # /etc/os-release. If it is, we fake the only two fields it cares about.

     

       
18
       
18
       
+
       
  fake-lsb-release = writeShellScriptBin "lsb_release" ''

     

       
19
       
19
       
+
       
    . /etc/os-release || true

     

       
2
       
20
       
 
       


     

       
21
       
21
       
+
       
    case "$1" in

     

       
22
       
22
       
+
       
      -i) echo "''${NAME:-unknown}";;

     

       
23
       
23
       
+
       
      -r) echo "''${VERSION:-unknown}";;

     

       
24
       
24
       
+
       
    esac

     

       
25
       
25
       
+
       
  '';

     

       
26
       
26
       
+
       
in

     

       
3
       
27
       
 
       
buildGoPackage rec {

     

       
4
       
4
       
-
       
  pname   = "amazon-ssm-agent";

     

       
5
       
5
       
-
       
  version = "2.3.1319.0";

     

       
28
       
28
       
+
       
  pname = "amazon-ssm-agent";

     

       
29
       
29
       
+
       
  version = "3.0.755.0";

     

       
6
       
30
       
 
       


     

       
7
       
31
       
 
       
  goPackagePath = "github.com/aws/${pname}";

     

       
8
       
8
       
-
       
  subPackages   = [

     

       
9
       
9
       
-
       
    "agent"

     

       
10
       
10
       
-
       
    "agent/framework/processor/executer/outofproc/worker"

     

       
11
       
11
       
-
       
    "agent/framework/processor/executer/outofproc/worker"

     

       
12
       
12
       
-
       
    "agent/framework/processor/executer/outofproc/sessionworker"

     

       
13
       
13
       
-
       
    "agent/session/logging"

     

       
14
       
14
       
-
       
    "agent/cli-main"

     

       
15
       
15
       
-
       
  ];

     

       
16
       
32
       
 
       


     

       
17
       
33
       
 
       
  nativeBuildInputs = [ makeWrapper ];

     

       
18
       
34
       
 
       


     

       
19
       
35
       
 
       
  src = fetchFromGitHub {

     

       
20
       
20
       
-
       
    rev    = version;

     

       
21
       
21
       
-
       
    owner  = "aws";

     

       
22
       
22
       
-
       
    repo   = pname;

     

       
23
       
23
       
-
       
    sha256 = "1yiyhj7ckqa32b1rnbwn7zx89rsj00m5imn1xlpsw002ywxsxbnv";

     

       
36
       
36
       
+
       
    rev = version;

     

       
37
       
37
       
+
       
    owner = "aws";

     

       
38
       
38
       
+
       
    repo = "amazon-ssm-agent";

     

       
39
       
39
       
+
       
    hash = "sha256-yVQJL1MJ1JlAndlrXfEbNLQihlbLhSoQXTKzJMRzhao=";

     

       
24
       
40
       
 
       
  };

     

       
25
       
41
       
 
       


     

       
42
       
42
       
+
       
  patches = [

     

       
43
       
43
       
+
       
    # Some tests use networking, so we skip them.

     

       
44
       
44
       
+
       
    ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch

     

       
45
       
45
       
+
       


     

       
46
       
46
       
+
       
    # They used constants from another package that I couldn't figure

     

       
47
       
47
       
+
       
    # out how to resolve, so hardcoded the constants.

     

       
48
       
48
       
+
       
    ./0002-version-gen-don-t-use-unnecessary-constants.patch

     

       
49
       
49
       
+
       
  ];

     

       
50
       
50
       
+
       


     

       
51
       
51
       
+
       
  preConfigure = ''

     

       
52
       
52
       
+
       
    rm -r ./Tools/src/goreportcard

     

       
53
       
53
       
+
       
    printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh

     

       
54
       
54
       
+
       


     

       
55
       
55
       
+
       
    substituteInPlace agent/platform/platform_unix.go \

     

       
56
       
56
       
+
       
        --replace "/usr/bin/uname" "${coreutils}/bin/uname" \

     

       
57
       
57
       
+
       
        --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \

     

       
58
       
58
       
+
       
        --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'

     

       
59
       
59
       
+
       


     

       
60
       
60
       
+
       
    substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \

     

       
61
       
61
       
+
       
        --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode

     

       
62
       
62
       
+
       


     

       
63
       
63
       
+
       
    substituteInPlace agent/session/shell/shell_unix.go \

     

       
64
       
64
       
+
       
        --replace '"script"' '"${util-linux}/bin/script"'

     

       
65
       
65
       
+
       


     

       
66
       
66
       
+
       
    echo "${version}" > VERSION

     

       
67
       
67
       
+
       
  '';

     

       
68
       
68
       
+
       


     

       
26
       
69
       
 
       
  preBuild = ''

     

       
27
       
27
       
-
       
    mv go/src/${goPackagePath}/vendor strange-vendor

     

       
28
       
28
       
-
       
    mv strange-vendor/src go/src/${goPackagePath}/vendor

     

       
70
       
70
       
+
       
    cp -r go/src/${goPackagePath}/vendor/src go

     

       
29
       
71
       
 
       


     

       
30
       
30
       
-
       
    cd go/src/${goPackagePath}

     

       
31
       
31
       
-
       
    echo ${version} > VERSION

     

       
72
       
72
       
+
       
    pushd go/src/${goPackagePath}

     

       
32
       
73
       
 
       


     

       
33
       
33
       
-
       
    substituteInPlace agent/plugins/inventory/gatherers/application/dataProvider.go \

     

       
34
       
34
       
-
       
      --replace '"github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/localpackages"' ""

     

       
74
       
74
       
+
       
    # Note: if this step fails, please patch the code to fix it! Please only skip

     

       
75
       
75
       
+
       
    # tests if it is not feasible for the test to pass in a sandbox.

     

       
76
       
76
       
+
       
    make quick-integtest

     

       
35
       
77
       
 
       


     

       
36
       
36
       
-
       
    go run agent/version/versiongenerator/version-gen.go

     

       
37
       
37
       
-
       
    substituteInPlace agent/appconfig/constants_unix.go \

     

       
38
       
38
       
-
       
      --replace /usr/bin/ssm-document-worker $bin/bin/ssm-document-worker \

     

       
39
       
39
       
-
       
      --replace /usr/bin/ssm-session-worker $bin/bin/ssm-session-worker \

     

       
40
       
40
       
-
       
      --replace /usr/bin/ssm-session-logger $bin/bin/ssm-session-logger

     

       
41
       
41
       
-
       
    cd -

     

       
78
       
78
       
+
       
    make pre-release

     

       
79
       
79
       
+
       
    make pre-build

     

       
80
       
80
       
+
       


     

       
81
       
81
       
+
       
    popd

     

       
42
       
82
       
 
       
  '';

     

       
43
       
83
       
 
       


     

       
44
       
84
       
 
       
  postBuild = ''

     

       
45
       
45
       
-
       
    mv go/bin/agent go/bin/amazon-ssm-agent

     

       
46
       
46
       
-
       
    mv go/bin/worker go/bin/ssm-document-worker

     

       
47
       
47
       
-
       
    mv go/bin/sessionworker go/bin/ssm-session-worker

     

       
48
       
48
       
-
       
    mv go/bin/logging go/bin/ssm-session-logger

     

       
49
       
49
       
-
       
    mv go/bin/cli-main go/bin/ssm-cli

     

       
85
       
85
       
+
       
    pushd go/bin

     

       
86
       
86
       
+
       


     

       
87
       
87
       
+
       
    rm integration-cli versiongenerator generator

     

       
88
       
88
       
+
       


     

       
89
       
89
       
+
       
    mv core amazon-ssm-agent

     

       
90
       
90
       
+
       
    mv agent ssm-agent-worker

     

       
91
       
91
       
+
       
    mv cli-main ssm-cli

     

       
92
       
92
       
+
       
    mv worker ssm-document-worker

     

       
93
       
93
       
+
       
    mv logging ssm-session-logger

     

       
94
       
94
       
+
       
    mv sessionworker ssm-session-worker

     

       
95
       
95
       
+
       


     

       
96
       
96
       
+
       
    popd

     

       
50
       
97
       
 
       
  '';

     

       
51
       
98
       
 
       


     

       
52
       
52
       
-
       
  postInstall = ''

     

       
53
       
53
       
-
       
    wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bash}/bin

     

       
99
       
99
       
+
       
  postFixup = ''

     

       
100
       
100
       
+
       
    wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin

     

       
54
       
101
       
 
       
  '';

     

       
55
       
102
       
 
       


     

       
56
       
103
       
 
       
  meta = with lib; {

     

       
57
       
104
       
 
       
    description = "Agent to enable remote management of your Amazon EC2 instance configuration";

     

       
58
       
58
       
-
       
    homepage    = "https://github.com/aws/amazon-ssm-agent";

     

       
59
       
59
       
-
       
    license     = licenses.asl20;

     

       
60
       
60
       
-
       
    platforms   = platforms.unix;

     

       
105
       
105
       
+
       
    homepage = "https://github.com/aws/amazon-ssm-agent";

     

       
106
       
106
       
+
       
    license = licenses.asl20;

     

       
107
       
107
       
+
       
    platforms = platforms.unix;

     

       
61
       
108
       
 
       
    maintainers = with maintainers; [ copumpkin manveru ];

     

       
62
       
109
       
 
       
  };

     

       
63
       
110
       
 
       
}

     

···

       
1
       
1
       
 
       
{ lib, stdenv, mkDerivation, fetchFromGitHub

     

       
2
       
2
       
 
       
, qmake, pkg-config, olm, wrapQtAppsHook

     

       
3
       
3
       
-
       
, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qttools, qtgraphicaleffects

     

       
3
       
3
       
+
       
, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qtgraphicaleffects

     

       
4
       
4
       
 
       
, python3Packages, pyotherside, libXScrnSaver

     

       
5
       
5
       
 
       
}:

     

       
6
       
6
       
 
       


     

···

       
1
       
1
       
+
       
diff --git a/src/sage/libs/eclib/interface.py b/src/sage/libs/eclib/interface.py

     

       
2
       
2
       
+
       
index e898456720..6b98c12328 100644

     

       
3
       
3
       
+
       
--- a/src/sage/libs/eclib/interface.py

     

       
4
       
4
       
+
       
+++ b/src/sage/libs/eclib/interface.py

     

       
5
       
5
       
+
       
@@ -758,78 +758,78 @@ class mwrank_MordellWeil(SageObject):

     

       
6
       
6
       
+
       
 

     

       
7
       
7
       
+
       
         sage: EQ = mwrank_MordellWeil(E, verbose=True)

     

       
8
       
8
       
+
       
         sage: EQ.search(1)

     

       
9
       
9
       
+
       
-        P1 = [0:1:0]     is torsion point, order 1

     

       
10
       
10
       
+
       
-        P1 = [-3:0:1]     is generator number 1

     

       
11
       
11
       
+
       
-        saturating up to 20...Checking 2-saturation

     

       
12
       
12
       
+
       
+        P1 = [0:1:0]         is torsion point, order 1

     

       
13
       
13
       
+
       
+        P1 = [-3:0:1]         is generator number 1

     

       
14
       
14
       
+
       
+        saturating up to 20...Checking 2-saturation...

     

       
15
       
15
       
+
       
         Points have successfully been 2-saturated (max q used = 7)

     

       
16
       
16
       
+
       
-        Checking 3-saturation

     

       
17
       
17
       
+
       
+        Checking 3-saturation...

     

       
18
       
18
       
+
       
         Points have successfully been 3-saturated (max q used = 7)

     

       
19
       
19
       
+
       
-        Checking 5-saturation

     

       
20
       
20
       
+
       
+        Checking 5-saturation...

     

       
21
       
21
       
+
       
         Points have successfully been 5-saturated (max q used = 23)

     

       
22
       
22
       
+
       
-        Checking 7-saturation

     

       
23
       
23
       
+
       
+        Checking 7-saturation...

     

       
24
       
24
       
+
       
         Points have successfully been 7-saturated (max q used = 41)

     

       
25
       
25
       
+
       
-        Checking 11-saturation

     

       
26
       
26
       
+
       
+        Checking 11-saturation...

     

       
27
       
27
       
+
       
         Points have successfully been 11-saturated (max q used = 17)

     

       
28
       
28
       
+
       
-        Checking 13-saturation

     

       
29
       
29
       
+
       
+        Checking 13-saturation...

     

       
30
       
30
       
+
       
         Points have successfully been 13-saturated (max q used = 43)

     

       
31
       
31
       
+
       
-        Checking 17-saturation

     

       
32
       
32
       
+
       
+        Checking 17-saturation...

     

       
33
       
33
       
+
       
         Points have successfully been 17-saturated (max q used = 31)

     

       
34
       
34
       
+
       
-        Checking 19-saturation

     

       
35
       
35
       
+
       
+        Checking 19-saturation...

     

       
36
       
36
       
+
       
         Points have successfully been 19-saturated (max q used = 37)

     

       
37
       
37
       
+
       
         done

     

       
38
       
38
       
+
       
-        P2 = [-2:3:1]     is generator number 2

     

       
39
       
39
       
+
       
-        saturating up to 20...Checking 2-saturation

     

       
40
       
40
       
+
       
+        P2 = [-2:3:1]         is generator number 2

     

       
41
       
41
       
+
       
+        saturating up to 20...Checking 2-saturation...

     

       
42
       
42
       
+
       
         possible kernel vector = [1,1]

     

       
43
       
43
       
+
       
         This point may be in 2E(Q): [14:-52:1]

     

       
44
       
44
       
+
       
         ...and it is!

     

       
45
       
45
       
+
       
         Replacing old generator #1 with new generator [1:-1:1]

     

       
46
       
46
       
+
       
         Points have successfully been 2-saturated (max q used = 7)

     

       
47
       
47
       
+
       
         Index gain = 2^1

     

       
48
       
48
       
+
       
-        Checking 3-saturation

     

       
49
       
49
       
+
       
+        Checking 3-saturation...

     

       
50
       
50
       
+
       
         Points have successfully been 3-saturated (max q used = 13)

     

       
51
       
51
       
+
       
-        Checking 5-saturation

     

       
52
       
52
       
+
       
+        Checking 5-saturation...

     

       
53
       
53
       
+
       
         Points have successfully been 5-saturated (max q used = 67)

     

       
54
       
54
       
+
       
-        Checking 7-saturation

     

       
55
       
55
       
+
       
+        Checking 7-saturation...

     

       
56
       
56
       
+
       
         Points have successfully been 7-saturated (max q used = 53)

     

       
57
       
57
       
+
       
-        Checking 11-saturation

     

       
58
       
58
       
+
       
+        Checking 11-saturation...

     

       
59
       
59
       
+
       
         Points have successfully been 11-saturated (max q used = 73)

     

       
60
       
60
       
+
       
-        Checking 13-saturation

     

       
61
       
61
       
+
       
+        Checking 13-saturation...

     

       
62
       
62
       
+
       
         Points have successfully been 13-saturated (max q used = 103)

     

       
63
       
63
       
+
       
-        Checking 17-saturation

     

       
64
       
64
       
+
       
+        Checking 17-saturation...

     

       
65
       
65
       
+
       
         Points have successfully been 17-saturated (max q used = 113)

     

       
66
       
66
       
+
       
-        Checking 19-saturation

     

       
67
       
67
       
+
       
+        Checking 19-saturation...

     

       
68
       
68
       
+
       
         Points have successfully been 19-saturated (max q used = 47)

     

       
69
       
69
       
+
       
         done (index = 2).

     

       
70
       
70
       
+
       
         Gained index 2, new generators = [ [1:-1:1] [-2:3:1] ]

     

       
71
       
71
       
+
       
-        P3 = [-14:25:8]   is generator number 3

     

       
72
       
72
       
+
       
-        saturating up to 20...Checking 2-saturation

     

       
73
       
73
       
+
       
+        P3 = [-14:25:8]       is generator number 3

     

       
74
       
74
       
+
       
+        saturating up to 20...Checking 2-saturation...

     

       
75
       
75
       
+
       
         Points have successfully been 2-saturated (max q used = 11)

     

       
76
       
76
       
+
       
-        Checking 3-saturation

     

       
77
       
77
       
+
       
+        Checking 3-saturation...

     

       
78
       
78
       
+
       
         Points have successfully been 3-saturated (max q used = 13)

     

       
79
       
79
       
+
       
-        Checking 5-saturation

     

       
80
       
80
       
+
       
+        Checking 5-saturation...

     

       
81
       
81
       
+
       
         Points have successfully been 5-saturated (max q used = 71)

     

       
82
       
82
       
+
       
-        Checking 7-saturation

     

       
83
       
83
       
+
       
+        Checking 7-saturation...

     

       
84
       
84
       
+
       
         Points have successfully been 7-saturated (max q used = 101)

     

       
85
       
85
       
+
       
-        Checking 11-saturation

     

       
86
       
86
       
+
       
+        Checking 11-saturation...

     

       
87
       
87
       
+
       
         Points have successfully been 11-saturated (max q used = 127)

     

       
88
       
88
       
+
       
-        Checking 13-saturation

     

       
89
       
89
       
+
       
+        Checking 13-saturation...

     

       
90
       
90
       
+
       
         Points have successfully been 13-saturated (max q used = 151)

     

       
91
       
91
       
+
       
-        Checking 17-saturation

     

       
92
       
92
       
+
       
+        Checking 17-saturation...

     

       
93
       
93
       
+
       
         Points have successfully been 17-saturated (max q used = 139)

     

       
94
       
94
       
+
       
-        Checking 19-saturation

     

       
95
       
95
       
+
       
+        Checking 19-saturation...

     

       
96
       
96
       
+
       
         Points have successfully been 19-saturated (max q used = 179)

     

       
97
       
97
       
+
       
         done (index = 1).

     

       
98
       
98
       
+
       
-        P4 = [-1:3:1]    = -1*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
99
       
99
       
+
       
-        P4 = [0:2:1]     = 2*P1 + 0*P2 + 1*P3 (mod torsion)

     

       
100
       
100
       
+
       
-        P4 = [2:13:8]    = -3*P1 + 1*P2 + -1*P3 (mod torsion)

     

       
101
       
101
       
+
       
-        P4 = [1:0:1]     = -1*P1 + 0*P2 + 0*P3 (mod torsion)

     

       
102
       
102
       
+
       
-        P4 = [2:0:1]     = -1*P1 + 1*P2 + 0*P3 (mod torsion)

     

       
103
       
103
       
+
       
-        P4 = [18:7:8]    = -2*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
104
       
104
       
+
       
-        P4 = [3:3:1]     = 1*P1 + 0*P2 + 1*P3 (mod torsion)

     

       
105
       
105
       
+
       
-        P4 = [4:6:1]     = 0*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
106
       
106
       
+
       
-        P4 = [36:69:64]  = 1*P1 + -2*P2 + 0*P3 (mod torsion)

     

       
107
       
107
       
+
       
-        P4 = [68:-25:64]         = -2*P1 + -1*P2 + -2*P3 (mod torsion)

     

       
108
       
108
       
+
       
-        P4 = [12:35:27]  = 1*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
109
       
109
       
+
       
+        P4 = [-1:3:1]        = -1*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
110
       
110
       
+
       
+        P4 = [0:2:1]         = 2*P1 + 0*P2 + 1*P3 (mod torsion)

     

       
111
       
111
       
+
       
+        P4 = [2:13:8]        = -3*P1 + 1*P2 + -1*P3 (mod torsion)

     

       
112
       
112
       
+
       
+        P4 = [1:0:1]         = -1*P1 + 0*P2 + 0*P3 (mod torsion)

     

       
113
       
113
       
+
       
+        P4 = [2:0:1]         = -1*P1 + 1*P2 + 0*P3 (mod torsion)

     

       
114
       
114
       
+
       
+        P4 = [18:7:8]        = -2*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
115
       
115
       
+
       
+        P4 = [3:3:1]         = 1*P1 + 0*P2 + 1*P3 (mod torsion)

     

       
116
       
116
       
+
       
+        P4 = [4:6:1]         = 0*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
117
       
117
       
+
       
+        P4 = [36:69:64]      = 1*P1 + -2*P2 + 0*P3 (mod torsion)

     

       
118
       
118
       
+
       
+        P4 = [68:-25:64]     = -2*P1 + -1*P2 + -2*P3 (mod torsion)

     

       
119
       
119
       
+
       
+        P4 = [12:35:27]      = 1*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
120
       
120
       
+
       
         sage: EQ

     

       
121
       
121
       
+
       
         Subgroup of Mordell-Weil group: [[1:-1:1], [-2:3:1], [-14:25:8]]

     

       
122
       
122
       
+
       
 

     

       
123
       
123
       
+
       
@@ -1076,7 +1076,7 @@ class mwrank_MordellWeil(SageObject):

     

       
124
       
124
       
+
       
             sage: EQ.search(1)

     

       
125
       
125
       
+
       
             P1 = [0:1:0]         is torsion point, order 1

     

       
126
       
126
       
+
       
             P1 = [-3:0:1]         is generator number 1

     

       
127
       
127
       
+
       
-            saturating up to 20...Checking 2-saturation

     

       
128
       
128
       
+
       
+            saturating up to 20...Checking 2-saturation...

     

       
129
       
129
       
+
       
             ...

     

       
130
       
130
       
+
       
             P4 = [12:35:27]      = 1*P1 + -1*P2 + -1*P3 (mod torsion)

     

       
131
       
131
       
+
       
             sage: EQ

     

···

       
112
       
112
       
 
       


     

       
113
       
113
       
 
       
    # workaround until we use sage's fork of threejs, which contains a "version" file

     

       
114
       
114
       
 
       
    ./patches/dont-grep-threejs-version-from-minified-js.patch

     

       
115
       
115
       
+
       


     

       
116
       
116
       
+
       
    # updated eclib output has punctuation changes and tidier whitespace

     

       
117
       
117
       
+
       
    ./patches/eclib-20210223-test-formatting.patch

     

       
115
       
118
       
 
       
  ];

     

       
116
       
119
       
 
       


     

       
117
       
120
       
 
       
  patches = nixPatches ++ bugfixPatches ++ packageUpgradePatches;