@elad.ga...@wiz.io Kernel headers, modules and modules-extras for GKE kernel versions 5.15.0.1027, 5.15.0.1028 and 5.15.0.1030 have now restored to the archive.
There has also been an exception to any archive pruning/deleting made for future gke and gkeop (Anthos on VMware) kernel header and module packages due to the GKE deployments being long-lived and often having older kernels installed. See https://lists.ubuntu.com/archives/ubuntu-devel/2023-May/042571.html for context Phil (Canonical Public Cloud Team) > 1. Now, instaed of "apt install -y linux-headers-$(uname -r)", I do > """ > KERNEL_VERSION="$(uname -r | sed 's,-gke,,g')" > pull-lp-debs -p debs -D ppa --ppa 'canonical-kernel-team/ppa' > linux-headers-${KERNEL_VERSION}-gke -s all > pull-lp-debs -p debs -D ppa --ppa 'canonical-kernel-team/ppa' > linux-gke-headers-${KERNEL_VERSION} -s all > apt install -y ./*.deb > > """ > and it looks OK. > > > 1. I use the latest GKE version, seems like they didn't update the kernel > versions in them.. > > Thanks! > ________________________________ > From: Dimitri John Ledkov <dimitri.ledkov at canonical.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > Sent: Monday, May 15, 2023 12:46 > To: Elad Gabay <elad.gabay at wiz.io > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > Cc: ubuntu-devel-discuss at lists.ubuntu.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss> > <ubuntu-devel-discuss at lists.ubuntu.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > Subject: Re: linux-headers-5.15.0-1028-gke for Ubuntu 22.04 > > Caution - External Sender > > > 1) did you try pull-lp-debs as suggested in the first email, and is > that not sufficient to find/download header debs and install them? > > 2) I have to point out that linux-gke 5.15.0-1028.33 was superseded on > 2023-01-06 (more than 4 months ago) by linux-gke - 5.15.0-1024.29 > > The kernel gke abi you are using is 4 months obsolete and likely > contains multiple publicly known security vulnerabilities. GKE > provides multiple update mechanisms (cluster/image based, or > apt/unattended-upgrades based) , which one should be using to receive > kernel security updates for your cluster. Please contact your GKE > support to investigate why your clusters are not receiving security > updates. > > Given your post, and other posts from other GKE users, I am deeply > concerned that many GKE deployments are not receiving updates, which > Ubuntu is publishing for GKE. Note that Ubuntu has no callhome > capability to explain why particular Ubuntu installations are not > downloading and applying security updates. > > On Sun, 14 May 2023 at 12:26, Elad Gabay <elad.gabay at wiz.io > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> wrote: > >>* Hi, > *>* I don't have access to do full host bind mount therefore I can't use > headers from the node, I need to be able to fetch the headers from a > container\other machine. > *>* Now I see the same for linux-headers-5.15.0-1030-gke version. > *>* Thanks > *>* ________________________________ > *>* From: Dimitri John Ledkov <dimitri.ledkov at canonical.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > *>* Sent: Saturday, May 13, 2023 03:03 > *>* To: Elad Gabay <elad.gabay at wiz.io > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > *>* Cc: ubuntu-devel-discuss at lists.ubuntu.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss> > <ubuntu-devel-discuss at lists.ubuntu.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> > *>* Subject: Re: linux-headers-5.15.0-1028-gke for Ubuntu 22.04 > *>>* Caution - External Sender > *>>>* Please see this discussion over here > *>* https://lists.ubuntu.com/archives/kernel-team/2023-May/139336.html > <https://lists.ubuntu.com/archives/kernel-team/2023-May/139336.html> and > *>* the emails before/later in the thread. > *>>* tl;dr Note you have access to headers on the host that you can bind > *>* mount in the container, you are using obsolete out-of-date kernel ABI. > *>* You can use `pull-pkg / pull-lp-debs / pull-lp-ddebs` as needed to > *>* fetch desired packages for Jammy ABI directly from launchpad. > *>>* On Sat, 13 May 2023 at 00:51, Elad Gabay <elad.gabay at wiz.io > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>> wrote: > *>* > > *>* > Hello, > *>* > Is there a reason that "linux-headers-5.15.0-1028-gke" published only > for Ubuntu 20.04 but not for 22.04? > *>* > https://packages.ubuntu.com/uk/focal/main/linux-headers-5.15.0-1028-gke > <https://packages.ubuntu.com/uk/focal/main/linux-headers-5.15.0-1028-gke> > *>* > Ubuntu – Details of package linux-headers-5.15.0-1028-gke in focal > *>* > Linux kernel headers for version 5.15.0 on 64 bit x86 SMP > *>* > packages.ubuntu.com <http://packages.ubuntu.com> > *>* > > *>* > > *>* > Thanks > *>* > Elad > *>* > -- > *>* > Ubuntu-devel-discuss mailing list > *>* > Ubuntu-devel-discuss at lists.ubuntu.com > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss> > *>* > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > <https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss> > *>>>>* -- > *>* okurrr, > *>>* Dimitri > * > > > -- > okurrr, > > Dimitri > > -- Phil Roche Staff Software Engineer Canonical Public Cloud
-- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss