Michael Chus
d52ec67f8f
Stability hardening (webui/app): - readFileLimited(): защита от OOM при чтении audit JSON (100 MB), component-status DB (10 MB) и лога задачи (50 MB) - jobs.go: буферизованный лог задачи — один открытый fd на задачу вместо open/write/close на каждую строку (устраняет тысячи syscall/сек при GPU стресс-тестах) - stability.go: экспоненциальный backoff в goRecoverLoop (2s→4s→…→60s), сброс при успешном прогоне >30s, счётчик перезапусков в slog - kill_workers.go: таймаут 5s на скан /proc, warn при срабатывании - bee-web.service: MemoryMax=3G — OOM killer защищён Build script: - build.sh: удалён блок генерации grub-pc/grub.cfg + live.cfg.in — мёртвый код с v8.25; grub-pc игнорируется live-build, а генерируемый live.cfg.in перезаписывал правильный статический файл устаревшей версией без tuning-параметров ядра и пунктов gsp-off/kms+gsp-off - build.sh: dump_memtest_debug теперь логирует grub-efi/grub.cfg вместо grub-pc/grub.cfg (было всегда "missing") GRUB: - live-theme/bee-logo.png: логотип пчелы 400×400px на чёрном фоне - live-theme/theme.txt: + image компонент по центру в верхней трети экрана; меню сдвинуто с 62% до 65% Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ISO Build
bee ISO is built inside a Debian 12 builder container via iso/builder/build-in-container.sh.
Requirements
- Docker Desktop or another Docker-compatible container runtime
- Privileged containers enabled
- Enough free disk space for builder cache, Debian live-build artifacts, NVIDIA driver cache, and CUDA userspace packages
Build On macOS
From the repository root:
sh iso/builder/build-in-container.sh
The script defaults to linux/amd64 builder containers, so it works on:
- Intel Mac
- Apple Silicon (
M1/M2/M3/M4) via Docker Desktop's Linux VM
You do not need to pass --platform manually for normal ISO builds.
Useful Options
Build with explicit SSH keys baked into the ISO:
sh iso/builder/build-in-container.sh --authorized-keys ~/.ssh/id_ed25519.pub
Rebuild the builder image:
sh iso/builder/build-in-container.sh --rebuild-image
Use a custom cache directory:
sh iso/builder/build-in-container.sh --cache-dir /path/to/cache
Notes
- The builder image is automatically rebuilt if the local tag exists for the wrong architecture.
- The live ISO boots with Debian
live-boottoram, so the read-only medium is copied into RAM during boot and the runtime no longer depends on the original USB/BMC virtual media staying present. - Target systems need enough RAM for the full compressed live medium plus normal runtime overhead, or boot may fail before reaching the TUI.
- The NVIDIA variant installs DCGM 4 packages matched to the CUDA user-mode driver major version. For driver branch
590/ CUDA13.x, the package family isdatacenter-gpu-manager-4-cuda13rather than legacydatacenter-gpu-manager. - Override the container platform only if you know why:
BEE_BUILDER_PLATFORM=linux/amd64 sh iso/builder/build-in-container.sh
- The shipped ISO is still
amd64. - Output ISO artifacts are written under
dist/.