ci: refactor Windows VHD build pipeline updates (#4105)

* chore: updating windows provisioing scripts to v0.0.10

Signed-off-by: marosset <[email protected]>

* ci: refactor Windows VHD build pipeline to use templates and build multiple VHDs in parallel

* fixing stage names in vhd-builder-windows.yaml

* fixing --vhd-uri arg in final pub command

* incresing timeout for windows vhd build task since contianerD images take longer to build

* fixup

* adding contianer-runtime to packer sa name

* adding 13783 to storage account name

* removing extra whitespace in configure-windows-vhd.ps1

* removing scripts replaced by new-sku-and-add-image-version.sh

* specify container runtime when running e2e tests against newly built VHD

* use v1.20 for e2e test clusters

* updating windows containerd package used by CI

* commenting out containerd VHD build for PR jobs

* re-enabling contianerd VHD for CI builds

* PR feedback

.pipelines/vhd-build-publish-windows.yaml

@@ -0,0 +1,38 @@
+trigger: none
+pr: none
+
+stages:
+
+  - stage: build_2019_containerd
+    dependsOn: []
+    jobs:
+    - template: vhd-builder-windows-template.yaml
+      parameters:
+        containerRuntime: containerd
+        windowsServerVersion: 2019
+
+  - stage: build_2019_docker
+    dependsOn: []
+    jobs:
+    - template: vhd-builder-windows-template.yaml
+      parameters:
+        containerRuntime: docker
+        windowsServerVersion: 2019
+
+  - stage: publish_2019_containerd
+    dependsOn: build_2019_containerd
+    jobs:
+    - template: vhd-publish-template.yaml
+      parameters:
+        containerRuntime: containerd
+        skuPrefix: '2019-datacenter-core-ctrd'
+        windowsServerVersion: 2019
+
+  - stage: publish_2019_docker
+    dependsOn: build_2019_docker
+    jobs:
+    - template: vhd-publish-template.yaml
+      parameters:
+        containerRuntime: docker
+        skuPrefix: '2019-datacenter-core-smalldisk'
+        windowsServerVersion: 2019

.pipelines/vhd-builder-windows-template.yaml

@@ -0,0 +1,123 @@
+parameters:
+  containerRuntime: ''
+  windowsServerVersion: ''
+
+jobs:
+- job: build_vhd_windows_${{ parameters.windowsServerVersion }}_${{ parameters.containerRuntime }}
+  timeoutInMinutes: 210
+  strategy:
+    maxParallel: 0
+  pool:
+    name: $(BUILD_POOL)
+  steps:
+  - script: |
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e CLIENT_ID=${CLIENT_ID} \
+      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
+      -e TENANT_ID=${TENANT_ID} \
+      -e AZURE_RESOURCE_GROUP_NAME=${AZURE_RESOURCE_GROUP_NAME} \
+      -e AZURE_LOCATION=${AZURE_LOCATION} \
+      -e AZURE_VM_SIZE=${PACKER_VM_SIZE} \
+      -e GIT_BRANCH=$(Build.SourceBranchName) \
+      -e GIT_REPO=$(Build.Repository.Uri) \
+      -e GIT_VERSION=$(Build.SourceVersion) \
+      -e BUILD_ID=$(Build.BuildId) \
+      -e BUILD_NUMBER=$(Build.BuildNumber) \
+      -e CONTAINER_RUNTIME=${{ parameters.containerRuntime }} \
+      -e WINDOWS_SERVER_VERSION=${{ parameters.windowsServerVersion }} \
+      ${DEIS_GO_DEV_IMAGE} make run-packer-windows
+    displayName: Building windows VHD
+
+  - script: |
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      ${DEIS_GO_DEV_IMAGE} make all
+    displayName: build aks-engine-test - make all
+    condition: and(succeeded(), eq(variables.COPY_VHD, 'False'))
+
+  - script: |
+      OS_DISK_URI="$(cat packer-output | grep "OSDiskUri:" | cut -d " " -f 2)" && \
+      IMAGE_NAME="$(echo $OS_DISK_URI | cut -d "/" -f 3 | cut -d "." -f 1)" && \
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e CLEANUP_ON_EXIT="true" \
+      -e CLIENT_ID=${CLIENT_ID} \
+      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
+      -e CLUSTER_DEFINITION="examples/e2e-tests/kubernetes/windows/hybrid/definition.json" \
+      -e LOCATION=${AZURE_LOCATION} \
+      -e ORCHESTRATOR_RELEASE="1.20" \
+      -e SUBSCRIPTION_ID=${SUBSCRIPTION_ID} \
+      -e TENANT_ID=${TENANT_ID} \
+      -e WINDOWS_NODE_VHD_URL=${OS_DISK_URI} \
+      -e USE_MANAGED_IDENTITY="false" \
+      -e CONTAINER_RUNTIME=${{ parameters.containerRuntime }} \
+      ${DEIS_GO_DEV_IMAGE} make test-kubernetes
+    displayName: run e2e tests
+    condition: and(succeeded(), eq(variables.COPY_VHD, 'False'))
+
+  - task: PublishPipelineArtifact@1
+    inputs:
+      artifact: '${{ parameters.windowsServerVersion }}-${{ parameters.containerRuntime }}-vhd-release-notes'
+      path: 'release-notes.txt'
+
+  - script: |
+      OS_DISK_SAS="$(cat packer-output | grep "OSDiskUriReadOnlySas:" | cut -d " " -f 2)" && \
+      VHD_NAME="$(echo $OS_DISK_SAS | cut -d "/" -f 8 | cut -d "?" -f 1)" && \
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e CLIENT_ID=${CLIENT_ID} \
+      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
+      -e TENANT_ID=${TENANT_ID} \
+      -e CLASSIC_BLOB=${STORAGE_ACCT_BLOB_URL} \
+      -e CLASSIC_SAS_TOKEN="$(STORAGE_ACCT_SAS_TOKEN)" \
+      -e OS_DISK_SAS=${OS_DISK_SAS} \
+      -e VHD_NAME=${VHD_NAME} \
+      ${DEIS_GO_DEV_IMAGE} make az-copy
+    displayName: Copying resource to Classic Storage Account
+    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
+
+  - script: |
+      OS_DISK_SAS="$(cat packer-output | grep "OSDiskUriReadOnlySas:" | cut -d " " -f 2)" && \
+      VHD_NAME="$(echo $OS_DISK_SAS | cut -d "/" -f 8 | cut -d "?" -f 1)" && \
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e CLIENT_ID=${CLIENT_ID} \
+      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
+      -e TENANT_ID=${TENANT_ID} \
+      -e CLASSIC_SA_CONNECTION_STRING="$(CLASSIC_SA_CONNECTION_STRING)" \
+      -e STORAGE_ACCT_BLOB_URL=${STORAGE_ACCT_BLOB_URL} \
+      -e VHD_NAME=${VHD_NAME} \
+      ${DEIS_GO_DEV_IMAGE} make windows-vhd-publishing-info
+    displayName: Generating publishing info for Windows VHD
+    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
+
+  - task: PublishPipelineArtifact@1
+    inputs:
+      artifact: 'publishing_info_${{ parameters.windowsServerVersion }}_${{ parameters.containerRuntime }}'
+      path: 'windows-vhd-publishing-info.json'
+    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
+
+  - script: |
+      SA_NAME="$(cat packer-output | grep "storage name:" | cut -d " " -f 3)" && \
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e CLIENT_ID=${CLIENT_ID} \
+      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
+      -e TENANT_ID=${TENANT_ID} \
+      -e SA_NAME=${SA_NAME} \
+      -e AZURE_RESOURCE_GROUP_NAME=${AZURE_RESOURCE_GROUP_NAME} \
+      ${DEIS_GO_DEV_IMAGE} make delete-sa
+    displayName: cleanup - delete temp storage account
+    condition: always()
+
+  - script: |
+      sudo chown -R $USER:$USER .
+    displayName: cleanup - chown all files in work directory
+    condition: always()

.pipelines/vhd-builder-windows.yaml

@@ -4,7 +4,6 @@
 # - BUILD_POOL - Azure DevOps build pool to use
 # - CLIENT_ID - Service principal ID
 # - CLIENT_SECRET - Service principal secret
-# - CONTAINER_RUNTIME - Container runtime to in for VHD - Valid values are 'containerd' or 'docker'
 # - COPY_VHD - Set to 'True' if VHD should be copied to classic storage account in preparation for publishing
 # - DEIS_GO_DEV_IMAGE - Dev container image ID
 # - PACKER_VM_SIZE - VM Size to be used during packer build operation
@@ -16,121 +15,20 @@
 trigger: none
 pr: none
 
-jobs:
-- job: build_vhd_windows
-  timeoutInMinutes: 150
-  strategy:
-    maxParallel: 0
-  pool:
-    name: $(BUILD_POOL)
-  steps:
-  - script: |
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      -e CLIENT_ID=${CLIENT_ID} \
-      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
-      -e TENANT_ID=${TENANT_ID} \
-      -e AZURE_RESOURCE_GROUP_NAME=${AZURE_RESOURCE_GROUP_NAME} \
-      -e AZURE_LOCATION=${AZURE_LOCATION} \
-      -e AZURE_VM_SIZE=${PACKER_VM_SIZE} \
-      -e GIT_BRANCH=$(Build.SourceBranchName) \
-      -e GIT_REPO=$(Build.Repository.Uri) \
-      -e GIT_VERSION=$(Build.SourceVersion) \
-      -e BUILD_ID=$(Build.BuildId) \
-      -e BUILD_NUMBER=$(Build.BuildNumber) \
-      -e CONTAINER_RUNTIME=$(CONTAINER_RUNTIME) \
-      -e WINDOWS_SERVER_VERSION=2019 \
-      ${DEIS_GO_DEV_IMAGE} make run-packer-windows
-    displayName: Building windows VHD
+stages:
+  - stage: build_2019_containerd
+    dependsOn: []
+    jobs:
+    - template: vhd-builder-windows-template.yaml
+      parameters:
+        containerRuntime: containerd
+        windowsServerVersion: 2019
+
+  - stage: build_2019_docker
+    dependsOn: []
+    jobs:
+    - template: vhd-builder-windows-template.yaml
+      parameters:
+        containerRuntime: docker
+        windowsServerVersion: 2019
 
-  - script: |
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      ${DEIS_GO_DEV_IMAGE} make all
-    displayName: build aks-engine-test - make all
-    condition: and(succeeded(), eq(variables.COPY_VHD, 'False'))
-
-  - script: |
-      OS_DISK_URI="$(cat packer-output | grep "OSDiskUri:" | cut -d " " -f 2)" && \
-      IMAGE_NAME="$(echo $OS_DISK_URI | cut -d "/" -f 3 | cut -d "." -f 1)" && \
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      -e CLEANUP_ON_EXIT="true" \
-      -e CLIENT_ID=${CLIENT_ID} \
-      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
-      -e CLUSTER_DEFINITION="examples/e2e-tests/kubernetes/windows/hybrid/definition.json" \
-      -e LOCATION=${AZURE_LOCATION} \
-      -e ORCHESTRATOR_RELEASE="1.17" \
-      -e SUBSCRIPTION_ID=${SUBSCRIPTION_ID} \
-      -e TENANT_ID=${TENANT_ID} \
-      -e WINDOWS_NODE_VHD_URL=${OS_DISK_URI} \
-      -e USE_MANAGED_IDENTITY="false" \
-      ${DEIS_GO_DEV_IMAGE} make test-kubernetes
-    displayName: run e2e tests
-    condition: and(succeeded(), eq(variables.COPY_VHD, 'False'))
-
-  - task: PublishPipelineArtifact@1
-    inputs:
-      artifact: 'vhd-release-notes'
-      path: 'release-notes.txt'
-
-  - script: |
-      OS_DISK_SAS="$(cat packer-output | grep "OSDiskUriReadOnlySas:" | cut -d " " -f 2)" && \
-      VHD_NAME="$(echo $OS_DISK_SAS | cut -d "/" -f 8 | cut -d "?" -f 1)" && \
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      -e CLIENT_ID=${CLIENT_ID} \
-      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
-      -e TENANT_ID=${TENANT_ID} \
-      -e CLASSIC_BLOB=${STORAGE_ACCT_BLOB_URL} \
-      -e CLASSIC_SAS_TOKEN="$(STORAGE_ACCT_SAS_TOKEN)" \
-      -e OS_DISK_SAS=${OS_DISK_SAS} \
-      -e VHD_NAME=${VHD_NAME} \
-      ${DEIS_GO_DEV_IMAGE} make az-copy
-    displayName: Copying resource to Classic Storage Account
-    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
-
-  - script: |
-      OS_DISK_SAS="$(cat packer-output | grep "OSDiskUriReadOnlySas:" | cut -d " " -f 2)" && \
-      VHD_NAME="$(echo $OS_DISK_SAS | cut -d "/" -f 8 | cut -d "?" -f 1)" && \
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      -e CLIENT_ID=${CLIENT_ID} \
-      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
-      -e TENANT_ID=${TENANT_ID} \
-      -e CLASSIC_SA_CONNECTION_STRING="$(CLASSIC_SA_CONNECTION_STRING)" \
-      -e STORAGE_ACCT_BLOB_URL=${STORAGE_ACCT_BLOB_URL} \
-      -e VHD_NAME=${VHD_NAME} \
-      ${DEIS_GO_DEV_IMAGE} make windows-vhd-publishing-info
-    displayName: Generating publishing info for Windows VHD
-    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
-
-  - task: PublishPipelineArtifact@1
-    inputs:
-      artifact: 'publishing-info'
-      path: 'windows-vhd-publishing-info.json'
-    condition: and(succeeded(), eq(variables.COPY_VHD, 'True'))
-
-  - script: |
-      SA_NAME="$(cat packer-output | grep "storage name:" | cut -d " " -f 3)" && \
-      docker run --rm \
-      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
-      -w /go/src/github.com/Azure/aks-engine \
-      -e CLIENT_ID=${CLIENT_ID} \
-      -e CLIENT_SECRET="$(CLIENT_SECRET)" \
-      -e TENANT_ID=${TENANT_ID} \
-      -e SA_NAME=${SA_NAME} \
-      -e AZURE_RESOURCE_GROUP_NAME=${AZURE_RESOURCE_GROUP_NAME} \
-      ${DEIS_GO_DEV_IMAGE} make delete-sa
-    displayName: cleanup - delete temp storage account
-    condition: always()
-
-  - script: |
-      sudo chown -R $USER:$USER .
-    displayName: cleanup - chown all files in work directory
-    condition: always()

.pipelines/vhd-publish-template.yaml

@@ -0,0 +1,44 @@
+parameters:
+  containerRuntime: ''
+  skuPrefix: ''
+  windowsServerVersion: ''
+
+jobs:
+- job: add_image_to_sku_${{ parameters.windowsServerVersion }}_${{ parameters.containerRuntime }}
+  pool:
+    name: $(BUILD_POOL)
+  steps:
+  - task: DownloadPipelineArtifact@2
+    inputs:
+      artifact: 'publishing_info_${{ parameters.windowsServerVersion }}_${{ parameters.containerRuntime }}'
+      path: 'artifacts/vhd'
+  - script: |
+      tree artifacts
+    displayName: tree
+  - script: |
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      ${DEIS_GO_DEV_IMAGE} make bootstrap
+    displayName: Update tools
+  - script: |
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      -e AZURE_TENANT_ID=${PUB_SP_TENANT_ID} \
+      -e AZURE_CLIENT_ID=${PUB_SP_CLIENT_ID} \
+      -e AZURE_CLIENT_SECRET="$(PUB_SP_CLIENT_SECRET)" \
+      -e SKU_PREFIX=${{ parameters.skuPrefix }} \
+      -e SKU_TEMPLATE_FILE=${SKU_TEMPLATE_FILE} \
+      -e PUBLISHER=${PUBLISHER} \
+      -e OFFER=${OFFER} \
+      -e CONTAINER_RUNTIME=${{ parameters.containerRuntime }} \
+      ${DEIS_GO_DEV_IMAGE} ./vhd/publishing/new-sku-and-add-image-version.sh
+    displayName: Publish vhd
+  - script: |
+      docker run --rm \
+      -v ${PWD}:/go/src/github.com/Azure/aks-engine \
+      -w /go/src/github.com/Azure/aks-engine \
+      ${DEIS_GO_DEV_IMAGE} make tools-clean
+    displayName: cleanup - clean hack/tools/bin
+    condition: always()

test/e2e/engine/template.go

@@ -243,7 +243,7 @@ func Build(cfg *config.Config, masterSubnetID string, agentSubnetIDs []string, i
 
 	if config.ContainerRuntime == "containerd" {
 		if prop.OrchestratorProfile.KubernetesConfig.WindowsContainerdURL == "" {
-			prop.OrchestratorProfile.KubernetesConfig.WindowsContainerdURL = "https://github.com/containerd/containerd/releases/download/v1.4.0/containerd-1.4.0-windows-amd64.tar.gz"
+			prop.OrchestratorProfile.KubernetesConfig.WindowsContainerdURL = "https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-windows-amd64.tar.gz"
 		}
 		if prop.WindowsProfile != nil {
 			if prop.WindowsProfile.WindowsPublisher == "" &&

vhd/packer/init-variables.sh

@@ -6,7 +6,7 @@ SETTINGS_JSON="${SETTINGS_JSON:-./settings.json}"
 SP_JSON="${SP_JSON:-./sp.json}"
 SUBSCRIPTION_ID="${SUBSCRIPTION_ID:-$(az account show -o json --query="id" | tr -d '"')}"
 CREATE_TIME="$(date +%s)"
-STORAGE_ACCOUNT_NAME="aksimages${CREATE_TIME}"
+STORAGE_ACCOUNT_NAME="aksimages${CREATE_TIME}${RANDOM}"
 
 
 echo "Subscription ID: ${SUBSCRIPTION_ID}"

vhd/packer/windows-vhd-builder.json

@@ -33,7 +33,7 @@
             "image_sku": "{{user `image_sku`}}",
             "image_version": "{{user `image_version`}}",
             "resource_group_name": "{{user `resource_group_name`}}",
-            "capture_container_name": "aksengine-vhds-windows-{{user `windows_server_version`}}",
+            "capture_container_name": "aksengine-vhds-windows-{{user `windows_server_version`}}-{{user `container_runtime`}}",
             "capture_name_prefix": "aksengine-{{user `create_time`}}",
             "storage_account": "{{user `storage_account_name`}}",
             "communicator": "winrm",