Missing ixgbevf ENA drivers for >=Debian stretch

[joeweoj]

While creating a Debian stretch image my build failed during the ENA setup due to a failure to ungzip a file.

Turns out the drivers file was not a gzipped archive, but was actually an HTML 404 page due to the following missing remote resource https://downloadmirror.intel.com/18700/eng/ixgbevf-4.2.1.tar.gz.

The uri in question is set here https://github.com/andsens/bootstrap-vz/blob/4cb1065551cb905bc97eed08a07718f288a16e82/bootstrapvz/providers/ec2/tasks/network.py#L93

This only affects >= Debian stretch.

To workaround it I hacked my local version to download the file from https://github.com/kwilczynski/packer-templates/blob/master/files/ec2/ixgbevf-4.2.1.tar.gz

Looks like the uri was set when fixing https://github.com/andsens/bootstrap-vz/issues/397

[andsens]

*ugh, this is becoming a real pain. We should find an alternate source for those drivers.

[alexfrancavilla]

Any ideas on fixing it in master? I don't like having a modified master tree on my production pipelines :(

[andsens]

Send a PR and I'll merge :-)

[alexfrancavilla]

@andsens My company would happily provide a mirror (through AWS S3/CloudFront) for these drivers. I would set it up and create a PR then. Are you okay with that in general?

[andsens]

Hm, if you add a shasum check to the download code I don't see a problem.
The drivers are not signed if I recall, so I think others would very much like to not have to trust a third party when it comes to networking code :-)

[andsens]

Also: What about the legality? You should check the licensing regarding distribution before you get yourselves into legal troubles.

[alexfrancavilla]

Adding checksums is of course no problem! I'll check about the legal stuff, thank you for noticing.

[justinsb]

Is there any way to disable certain tasks (other than editing the code)? For example, I don't think we want to install the ixgbevf driver at all on anything with a 4.4 or later kernel - the in-tree version is newer.

I think (but have yet to verify) that we also don't want to install the ENA driver, for the same reason.

[andsens]

Not through the manifest, no. This seems like something we might want to codify though. There's no reason to install a specific driver if we just as well can get it through the kernel.
What Debian version has 4.4 or higher? You can switch on that when assembling the task list.

[tnarg]

@justinsb seems to have a fix https://github.com/justinsb/bootstrap-vz/commit/920fc34cf535b34fade874113852a53119c7c8cb

[justinsb]

That is the updated link, but note that the next PR comments it out entirely :-): https://github.com/justinsb/bootstrap-vz/commit/24800e12e3ef0e09799c8fc742b06b5b1888d2cb

I'm testing this now with stretch, with the in-kernel drivers. So far it seems to work. I previously got confirmation from the intel folk that the in-kernel ixgbevf driver is at least as up to date (despite the different version numbering suggesting that it is old). I don't know the state of the ENA driver, but my understanding is that now that they are in-kernel, the in-kernel versions are maintained just as any other driver would be.

For jessie, I am maintaining an image which includes an updated 4.4 kernel (for running kubernetes https://github.com/kubernetes/kube-deploy/tree/master/imagebuilder), and I was removing the ixgbevf driver manually. Even if we could drop ixgbevf from jessie in favor of the in-kernel version (which I don't think we can), we probably don't want to make that big a change to an existing image - but I don't know the release mechanics here!