diff --git a/components/kueue/staging/stone-stage-p01/queue-config/cluster-queue.yaml b/components/kueue/staging/stone-stage-p01/queue-config/cluster-queue.yaml index 261c4589d5a..2cb135bbcc4 100644 --- a/components/kueue/staging/stone-stage-p01/queue-config/cluster-queue.yaml +++ b/components/kueue/staging/stone-stage-p01/queue-config/cluster-queue.yaml @@ -108,6 +108,7 @@ spec: - linux-x86-64 - local - localhost + - macos-mac2metal-arm64 flavors: - name: platform-group-2 resources: @@ -137,6 +138,8 @@ spec: nominalQuota: '1000' - name: localhost nominalQuota: '1000' + - name: macos-mac2metal-arm64 + nominalQuota: '5' stopPolicy: None --- apiVersion: kueue.x-k8s.io/v1beta1 diff --git a/components/multi-platform-controller/base/host-config-chart/templates/host-config.yaml b/components/multi-platform-controller/base/host-config-chart/templates/host-config.yaml index 53244d0b24d..6144b1cc494 100644 --- a/components/multi-platform-controller/base/host-config-chart/templates/host-config.yaml +++ b/components/multi-platform-controller/base/host-config-chart/templates/host-config.yaml @@ -1025,6 +1025,40 @@ data: dynamic.linux-extra-fast-amd64.allocation-timeout: "1200" {{ end }} + {{- if hasKey .Values.dynamicConfigs "macos-mac2metal-arm64" }} + {{- $config := index .Values.dynamicConfigs "macos-mac2metal-arm64" | default (dict) }} + dynamic.macos-mac2metal-arm64.type: {{ index $config "type" | default "aws" | quote }} + dynamic.macos-mac2metal-arm64.region: {{ index $config "region" | default "us-east-1" | quote }} + dynamic.macos-mac2metal-arm64.ami: {{ default (index $amd "ami") $config.ami | quote }} + dynamic.macos-mac2metal-arm64.instance-type: {{ (index $config "instance-type") | default "mac2.metal" | quote }} + dynamic.macos-mac2metal-arm64.instance-tag: {{ (index $config "instance-tag") | default (printf "%s-arm64-mac2metal" $environment) | quote }} + dynamic.macos-mac2metal-arm64.key-name: {{ default (index $amd "key-name") ((index $config "key-name")) | quote }} + dynamic.macos-mac2metal-arm64.aws-secret: {{ (index $config "aws-secret") | default "aws-account" | quote }} + dynamic.macos-mac2metal-arm64.ssh-secret: {{ (index $config "ssh-secret") | default "aws-ssh-key" | quote }} + dynamic.macos-mac2metal-arm64.security-group-id: {{ default (index $amd "security-group-id") ((index $config "security-group-id")) | quote }} + dynamic.macos-mac2metal-arm64.max-instances: {{ (index $config "max-instances") | default "5" | quote }} + dynamic.macos-mac2metal-arm64.subnet-id: {{ default (index $amd "subnet-id") ((index $config "subnet-id")) | quote }} + dynamic.macos-mac2metal-arm64.disk: {{ index $config "disk" | default "100" | quote }} + dynamic.macos-mac2metal-arm64.allocation-timeout: "1200" + dynamic.macos-mac2metal-arm64.tenancy: "host" + dynamic.macos-mac2metal-arm64.host-resource-group-arn: {{ index $config "host-resource-group-arn" | quote }} + dynamic.macos-mac2metal-arm64.license-configuration-arn: {{ index $config "license-configuration-arn" | quote }} + {{- if (index $config "iops") }} + dynamic.macos-mac2metal-arm64.iops: {{ index $config "iops" | quote }} + {{ end }} + {{- if (index $config "throughput") }} + dynamic.macos-mac2metal-arm64.throughput: {{ index $config "throughput" | quote }} + {{ end }} + {{- if (index $config "user-data") }} + dynamic.macos-mac2metal-arm64.user-data: | + {{- $lines := splitList "\n" (index $config "user-data") }} + {{- range $line := $lines }} + {{ $line }} + {{- end }} + {{- end }} + {{ end }} + + {{- if hasKey .Values.dynamicConfigs "linux-test-amd64" }} {{- $config := index .Values.dynamicConfigs "linux-test-amd64" | default (dict) }} dynamic.linux-test-amd64.type: {{ index $config "type" | default "aws" | quote }} diff --git a/components/multi-platform-controller/staging-downstream/host-values.yaml b/components/multi-platform-controller/staging-downstream/host-values.yaml index d3076a50755..8a216e0b6da 100644 --- a/components/multi-platform-controller/staging-downstream/host-values.yaml +++ b/components/multi-platform-controller/staging-downstream/host-values.yaml @@ -168,6 +168,62 @@ dynamicConfigs: chmod a+rw /etc/cdi/nvidia.yaml --//-- + macos-mac2metal-arm64: + ami: "ami-000ce2c23b96216d3" + host-resource-group-arn: "arn:aws:resource-groups:us-east-1:654654171619:group/MacOS-Servers" + license-configuration-arn: "arn:aws:license-manager:us-east-1:654654171619:license-configuration:lic-fecd71a2010a12080e452eb28065f489" + user-data: | + #!/bin/bash + set -eu + set -x + + user="konflux-builder" + + # Check if user already exists + if ! id "$user" &>/dev/null; then + # Generate random password + random_password=$(openssl rand -base64 32) + + # Create user + sudo sysadminctl -addUser "$user" -fullName "Konflux Builder" -password "$random_password" -home /Users/$user + + # Clear password from variable + unset random_password + else + echo "User $user already exists, skipping user creation" + fi + + # Create home directory if it doesn't exist + sudo mkdir -p /Users/$user + + # Create SSH directory + sudo mkdir -p /Users/$user/.ssh + + # Remove existing SSH keys if they exist + sudo rm -f /Users/$user/.ssh/id_rsa /Users/$user/.ssh/id_rsa.pub + + # Generate new SSH keys + sudo ssh-keygen -t rsa -b 4096 -f /Users/$user/.ssh/id_rsa -N "" -C "" + + # Set proper permissions on .ssh directory + sudo chmod 700 /Users/$user/.ssh + + # Create/overwrite authorized_keys + sudo chmod 600 /Users/$user/.ssh/authorized_keys 2>/dev/null || true + sudo cat /Users/$user/.ssh/id_rsa.pub | sudo tee /Users/$user/.ssh/authorized_keys > /dev/null + + # Set ownership of entire home directory to ensure user has full control + sudo chown -R $user:staff /Users/$user + + # Copy private key to ec2-user's directory + sudo cp /Users/$user/.ssh/id_rsa /Users/ec2-user/$user + + # Set ownership of the copied private key to ec2-user + sudo chown ec2-user:staff /Users/ec2-user/$user + sudo chmod 600 /Users/ec2-user/$user + + --//-- + linux-root-arm64: sudo-commands: "/usr/bin/podman" disk: "200"