| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The docker-compose project is using console_scripts which hence imports
pkg_resources which is very slow at starting time, see:
https://github.com/pypa/setuptools/issues/510
This could be workaround by importing fastentrypoints module.
Some tests:
Before the patch, on a colibri-imx8x machine:
$ time docker-compose
```
real 0m5.108s
user 0m4.761s
sys 0m0.272s
```
After the patch, on a colibri-imx8x machine:
$ time docker-compose
```
real 0m3.526s
user 0m3.249s
sys 0m0.235s
```
Have verified the patch with:
https://docs.docker.com/compose/gettingstarted
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Currently conman is compiled without journald support which leads to
this error message when trying to use it (e.g. --log-driver=journald
with podman):
[conmon:e] Include journald in compilation path to log to systemd journal
Make sure to build with journald backend compiled-in when systemd is in
distro features by adding systemd to DEPENDS (through PACKAGECONFIG).
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
| |
Updating the version of criu and the install rules to be python3 safe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Bump the git hashes to Docker CE v19.03.5. This requires to get the
docker daemon binary from a different location as the symlink from
the latest/ subdirectory has been removed. See also commit deaac5d4b3fa
("hack/make.sh remove "latest" symlink") in the docker-ce repository.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Bump to latest podman release 1.7.0. It features improvements to
networking, podman play kube, and systemd unit file integration.
They have also added the podman system reset command, to remove all
existing containers, pods, images, and volumes and reset the system
to its initial state.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Bump to latest version 2.0.9. This also makes our Makefile fix obsolete
as the fix has been aplied upstream.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
| |
This reverts commit 06dad20a32c81b6a8b6e93c99cda6f1133abddc6.
|
| |
|
|
|
|
|
|
|
|
|
| |
Updating to v1.17-beta, so we can drop the GO version 1.12 in
meta-virtualization.
We also drop one patch, since it is part of the upstream now.
Basic sanity tests shows no show-stopper issues.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
This file is useless and misleading. Remove it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Lateest upstream is 1.6.4, but neither 1.6.3 nor 1.6.4
build cleanly.
Release notes:
https://github.com/containers/libpod/releases/tag/v1.6.2
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
go 1.12 was removed from oe-core, but currently k8s cannot
be built successfully with go 1.13. See link below.
https://github.com/kubernetes/kubernetes/issues/82531
We need to wait for k8s to support go 1.13 and update it
to latest release, as well as its depedencies. Before this
is done, add back go 1.12 and use it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Trying to use docker info and hello world container without this module
causes a daemon error.
docker info error log:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the
docker daemon running?
dockerd error log:
PREROUTING chain: iptables failed: iptables --wait -t nat -A PREROUTING -m
addrtype --dst-type LOCAL -j DOCKER: iptables v1.8.3 (legacy): Couldn't
load match `addrtype':No such file or directory
Signed-off-by: Norbert Kaminski <norbert.kaminski@3mdeb.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since go was upgraded to 1.13, there is a failure:
...
| src/vendor/golang.org/x/net/http2/frame.go:17:2: use of vendored package not allowed
| ../../../recipe-sysroot/usr/lib64/go/src/net/http/h2_bundle.go:49:2: use of vendored package not allowed
...
Refer upstream suggestion [1]:
`or copying your vendor contents into GOPATH/src rather than
mapping them in to GOPATH/src/vendor.'
[1] https://github.com/golang/go/issues/34068
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove maximum version requirements for docker-compose so that it
does not require old version recipes.
The old version recipes required are as below.
* PyYAML
* requests
* urllib3
* idna
* jsonschema
The current one has been tested against https://docs.docker.com/compose/gettingstarted/.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Since commit [a092153 containerd: Disable for all mips machines] applied,
and the cri-o runtime depends `virtual/containerd', it should do the same
thing to disable for all mips machines
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Commit c97fe5036ef3df2967d086711e6c0c405941e14b is Kubernetes v1.16.2
(see https://github.com/kubernetes/kubernetes/releases for verification)
and building with the current recipe generates v1.16.2 binaies although
the package names state v1.16.1.
Change-Id: I5701c18cc3ce205ad906eda2595d9ad7f5748b17
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The python3-docker-compose_1.16.1 requires 'docker<3.0, >=2.5.1', while
python3-docker 3.4.0 is provided. Error occurs when running
'docker-compose --version'.
Upgrade to python3-docker-compose_1.21.2 to make it work.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
Updating kubernetes to use the 1.16 relese (instead of the 1.16) alpha.
No issues were found in build and runtime testing of this versus the
alpha release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The image tools were not building with the oe/cross GO compiler
and flags. As such, you could end up with a binary on target with
the wong elf interpreter (the host one).
With this, we properly use the settings from our build.
We also bump the SRCREV to pickup a few minor fixes to the package.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
The layer does not expect recipes in the first subdir. Move the
podman-compose recipe into a podman-compose subdirectory.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Makefile:
#
# Supported Architectures
ifneq ($(filter-out x86 arm aarch64 ppc64 s390,$(ARCH)),)
$(error "The architecture $(ARCH) isn't supported")
endif
Signed-off-by: Ruslan Piasetskyi <ruslan.piasetskyi@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Add podman-compose, a docker-compose implementation for podman. The
current version is not feature complete, hence not all docker-compose
file work.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Add a default registries.conf and storage.conf. Those config files
are used by several projects of the containers group like buildah or
podman. Provide it as part of skopeo like the other distributions do.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Bump to latest podman release 1.6.1.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
It seems that docker uses nowadays a rather vanilla version of runc,
at the time of writing 1.0.0-rc8. This version has successfully
tested with podman, hence remove the obsolete comment.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Create the initial recipe to provide crun as an alternative OCI runtime
provider.
This currently has a depdenency on seccomp, but it would be nice if we
can make that optional in the future to avoid pulling in all of
meta-security as a dependency.
Example:
% skopeo copy docker://busybox oci:busybox-oci:latest
% mkdir busybox-bundle
% oci-image-tool create --ref platform.os=linux busybox-oci busybox-bundle
% cd busybox-bundle/
% rm config.json
% runc spec
% runc run foo
^D
% crun run foo
^D
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
The layer check for podman was copied from cri-o .. and some non
podman elements came over as part of that copy. We drop selinux
as a check, and fix some comments.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman can behave as transparent drop in replacement for docker
via a wrapper 'docker' script that simply calls podman when any
docker command is issues.
While this is an interesting feature, we want it to be optional
.. since it is possible that podman and docker might want to be
installed at the same time.
So we introduce a 'podman' PACKAGECONFIG, that controls whether
or not this wrapper is installed, and if it is installed it marks
the podman package as conflicting with docker (which gets us a
better message than a failed image assembly provides).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In a similar manner to cri-o, we don't want to make meta-selinux
or meta-security a hard dependency to meta-virtualization. So we
implement a similar anonymous python check that allows the recipe
to be skipped if the dependent layers are not present (and hence
we are yocto compatible). If we get more than two recipes doing
layer checks (this is the 2nd), we can move the functionality to
a class.
We also make the runc dependency be virtual/runc versus picking
a specific provider (even if only runc-opencontainers has been
tested).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
ostree is now provided by meta-oe, which is a required layer so
we can drop it from the anonymous python checks for layers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Add conmon, a OCI container runtime monitor.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Use a standard location to store the cni tools and plugins. This
is more in line how other distributions package cni. Keep a symlink
to /opt/cni/bin for backward compatibility.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
skopeo is a command line utility that performs various operations on
container images and image repositories.
skopeo can work with OCI images as well as the original Docker v2
images.
The recipe originates from from meta-overc commit a497792. It has
been updated with the new project URL and v0.1.39.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman is a daemonless container engine for developing, managing, and
running OCI Containers on your Linux System. Containers can either be
run as root or in rootless mode.
This patch adds the initial recipe for podman. Currently the build tags
systemd (if in DISTRO_FEATURES), seccomp, varlink and remoteclient are
enabled which allows to run podman with overlayfs as root and vfs in
rootless mode. The storage drivers btrfs and device-mapper have not
been tested and are disabled at the moment.
It seems that seccomp is mandatory, which makes meta-security which
provides libseccomp a mandatory dependency for this recipe.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Updating the moby recipes to the match the 19.03.x updates pulled
into docker/docker-ce
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit:
[
Author: Tom Rini <trini@konsulko.com>
Date: Fri Feb 8 13:22:35 2019 -0500
docker: Move /etc/docker to a symlink to volatiles
The only thing which docker uses /etc/docker for is a TLS key for
connecting with other TLS-enabled services. Make /etc/docker a symlink
to the existing docker volatiles directory so that we can use docker on
a read-only rootfs.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
We've had a transient / volatile docker configuration since we point
our /etc configuration to /run. This is not always a good thing if
a static configuration for keys, etc, is desired.
We maintain this functionality under the 'transient-config'
PACKAGECONFIG, and also allow the existing static/permanent config
to be used.
Signed-off-by: Matt Spencer <matthew@thespencers.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recipe which was providing the default "docker" package was aligned
with the moby repositories. In order to make that alignment clear, we
rename that recipe docker-moby.
To allow easier switching between the docker providing recipes, we
introduce a virtual/docker PROVIDES to the common .inc file (and
hence each recipe). This allows users to chose what they want via
the standard PREFERRED_PROVIDER mechanism.
Also to allow existing package lists and image installs to
continue to work without changes, we make sure that the implementation
specific docker-<foo> packages RPROVIDE docker. If any packages are
missed, we'll add them to this list in future updates.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
| |
Bump the git hashes to Docker CE v19.03.2.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit applied in moby [61a3285 Support cross-compile for arm]
it hardcoded var-CC to support cross-compile for arm
Correct it with "${parameter:-word}" format, it is helpful for user
define toolchains
(Use Default Values. If parameter is unset or null, the expansion of
word is substituted. Otherwise, the value of parameter is substituted.)
https://github.com/moby/moby/commit/61a3285864d3f1b489f48f765b61b2c7bd300372
This fixes a build issue seen when building docker-ce:
exec: "aarch64-linux-gnu-gcc": executable file not found in $PATH
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use GNU Make 4.2.1(such as fedora-29) to build k8s in a long directory,
it failed with `execvp: /bin/bash: Argument list too long'
[snip]
$ cd /buildarea1/hjia/wrlinux-1019/I_/suspect_/that_/if_/you_/create_/your_/project_/in_/a_/very_/deep_/directory/build_master-wr_qemux86-64_faw_2019090509/build/tmp-glibc/work/core2-64-wrs-linux/kubernetes/v1.16.0-alpha+git7054e3ead7e1a00ca6ac3ec47ea355b76061a35a-r0/kubernetes-v1.16.0-alpha+git7054e3ead7e1a00ca6ac3ec47ea355b76061a35a/src/import
$ make cross KUBE_BUILD_PLATFORMS=linux/amd64 GOLDFLAGS=""
|+++ [0804 16:38:32] Building go targets for linux/amd64:
| ./vendor/k8s.io/code-generator/cmd/deepcopy-gen
|make[1]: execvp: /bin/bash: Argument list too long
|make[1]: *** [Makefile.generated_files:184: pkg/kubectl/cmd/testing/zz_generated.deepcopy.go] Error 127
|make: *** [Makefile:557: generated_files] Error 2
...
[snip]
From make manual [1]
$?
The names of all the prerequisites that are newer than the target, with spaces between them.
While two `$?' was passed to bash in a line, it caused above failure,
drop a duplicated one could workaround the issue.
[1] https://www.gnu.org/software/make/manual/html_node/Automatic-Variables.html
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
When curl's MIT license is preferable to wget's GPLv3. Which it is in
several situations.
Change-Id: I72ee1ce66493c564557b73fae80f5219ef83af6d
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 7394c154a92f [containers: update oci-systemd-hook to 0.2.0]
incorrectly adjusted the context around the patch
0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch.
This resulted in containers failing with an error:
systemdhook <error>: Failed to mkdir new dest: /opt/container/cube-server/rootfs/sys/fs/cgroup/perf_event: No such file or directory
Unfortunately, the code was being patched in ahead of the mounting of
the tmpfs after the patch context was adjusted. You can even get a
hint of this in the comment "Systemd is already handled above". Here
we correct this by pushing the code down to the correct position in
the file/function, making the error go away and proper function
return.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nl80211 device can't be moved to another namespace due to
e389f2afd8509(start: unify and simplify network creation), and lxc
community has fixed this issue with:
commit 3dd7829433f63b2ec1323a1f237efa7d67ea6e2b lxc upstream
This patch is grabbing the commit above, and should be abandoned with
lxc uprev afterwards.
See more details here: https://github.com/lxc/lxc/issues/3105
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since comit 3f64779e in meta-oe:
[ libdevmapper/lvm2: force recipe libdevmapper to populate sysroot only ]
libdevmapper recipe does not provide package any more, we need RDEPENDS
on libdevmapper which is being provided by lvm2 recipe.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
It defaults to "-s -w" [1] which strips debug information, refresh a backported
patch to build unstripped binaries
https://golang.org/cmd/link/
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Specify GOLDFLAGS as an empty string for building unstripped binaries, which allows
you to use code debugging tools like delve. When GOLDFLAGS is unspecified, it defaults
to "-s -w" which strips debug information. Other flags that can be used for GOLDFLAGS
are documented at https://golang.org/cmd/link/ [1]
[1] https://github.com/kubernetes/kubernetes/blob/master/build/root/Makefile#L82
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
