| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
Bumping the version of docker and dependencies. This gets us closer to
runc 1.0, which is the foundation for future OCI efforts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The docker build isn't properly using CFLAGS/LDFLAGS, which triggers the following
QA error:
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: 'docker/1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0/packages-split/docker/usr/bin/docker' [ldflags]
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: QA run found fatal errors. Please consider fixing them
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: Function failed: do_package_qa
ERROR: Logfile of failure stored in: tmp/work/core2-64-overc-linux/docker/1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0/temp/log.do_package_qa.63906
ERROR: Task meta-virtualization/recipes-containers/docker/docker_git.bb:do_package_qa (meta-virtualization/recipes-containers/docker/docker_git.bb:do_package_qa) failed with exit code '1'
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If the lxc is compiled with gcc 5.2 -O2 optimization on arm,
lxc-console/lxc-stop command always produce segment fault.
The same issue also occurred on systemd: [YOCTO #8291]
For lxc, after several testing, it only needs to disable
schedule-insns2 to fix the segment fault issue.
Signed-off-by: fli <fupan.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When building for qemux86 the following error was encountered due to GOARCH
being set incorrectly:
compile: unknown architecture "i586"
This can be fixed by using the go-osarchmap class.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some recipes in RDEPENDS are installing specific version of package, for
example:
gunicorn (= 19.1.1)
If usigin ipk for PACKAGE_CLASSES, opkg prints error:
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies
for docker:
* gunicorn (= 19.1.1) *
* opkg_install: Cannot install package docker.
This error is caused because opkg appends package revision to version.
In this case:
gunicorn_19.1.1-r0.1
If we use comparator >= this error doesn't appear.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It shows warning when build crius if libselinux has been built already:
WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.
And update indentation at same time.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Usually $GOROOT is set by go tool, but if sstate is specified, $GOROOT
is set to the path in the first project. If docker is built in the
another project(with same SSTATE_DIR) later, and the first project is removed,
the following error will be seen:
| go: cannot find GOROOT directory:
/path/to/previous/project/bitbake_build/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go
This commit is overriding $GOROOT stored in the go tool in sstate cache,
making sure it is set to the correct path in current project.
See more information here: https://golang.org/doc/install#install
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Since CRIU does not explicitly nominate the version of protobuf as 2.6.1, which
should not be included just here. And it seems protobuf-2.5.0 is doable or this
CRIU version based on a basic testing according to criu.org/Simple_loop as well,
so remove it from criu.
Signed-off-by: Zumeng Chen <zumeng.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We no longer need go-net and go-sqlite for the docker build and
runtime. The upstream repos are no longer properly fetching, so
we can simply drop the recipes and dependency.
If they are ever needed in the future, we can revisit the upstream
source for them.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent patch did deprecate a standard POSIX function [1].
This is the build error:
| ../../../lxc-2.0.0/src/lxc/cgfs.c: In function 'cgroup_rmdir':
| ../../../lxc-2.0.0/src/lxc/cgfs.c:172:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
| while (!readdir_r(dir, &dirent, &direntp)) {
| ^
| In file included from ../../../lxc-2.0.0/src/lxc/cgfs.c:30:0:
| /.../build/tmp-glibc/sysroots/qemux86-64/usr/include/dirent.h:183:12: note: declared here
| extern int readdir_r (DIR *__restrict __dirp,
| ^
[1] https://www.sourceware.org/ml/libc-alpha/2016-02/msg00093.html
Signed-off-by: Anders Roxell <anders.roxell@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
The 'base_contains' is now deprecated and only kept as a compatibility method. It will be removed in future releases.
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
This is fixing:
QA Issue: criu rdepends on libbsd, but it isn't a build dependency? [build-deps]
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating docker to the 1.11.1 release, which uses the open container initiative
components.
With this udpate, we drop patches that are no longer required, and adjust the
install/strip routines to not look for obselete components.
There are now 4 binaries required for docker to work:
- docker
- docker-containerd
- docker-containerd-shim
- docker-runc
The new containerd and runc recipes provide the latter, while docker provides
the cli and daemon.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the update to docker 1.11.x, we must also introduce runc. From the
runc site:
runC is a CLI tool for spawning and running containers according to the OCP specification.
Containers are started as a child process of runC and can be embedded into various other
systems without having to run a Docker daemon.
runC is built on libcontainer, the same container technology powering millions of
Docker Engine installations.
Docker images can be run with runC.
So not only is runc required for docker, it is useful for any system that wants
to run OCP containers AND docker containers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With the update to docker 1.11.x+, we need the OCI containerd to control
runc:
containerd is a daemon to control runC, built for performance and density.
containerd leverages runC's advanced features such as seccomp and user
namespace support as well as checkpoint and restore for cloning and
live migration of containers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2.0.0 is released, and contains many of the patches we've been carrying for
1.x.
With this updated, we drop upstream backports (and submitted patches), and
refresh on patch. Otherwise, everything is the same.
Sanity tested on x86-64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently the configure with python enabled has become the default here.
However, if the host doesn't have python3, configure fails with:
checking for a Python interpreter with version >= 3.2... none
configure: error: You must install python3
We have a python3 in the sysroot, but we need to inherit it for it to
be available for lxc's configure step.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Cherry picked patch from lxc upstream commit:
f2e206ff47<lxc: let lxc-start support wlan phys>
to enable lxc-start command support wlan0 device
and make cube-essential support paththrough wlan
device from host to lxc containers.
Signed-off-by: fli <fupan.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Zongchun Yu <zongchun.yu@nxp.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
This is the latest stable release and includes many important bug
fixes as well as CVE fixes such as CVE-2015-1335.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Warnings fixes:
- optional mounts when dirs not available
- busybox dynamically linked
- fstab not available in container
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to poky commit 3d45853eef1269b455d840a60491802251368378
[python3: fix do_configure check platform triplet error] lxc's
configure scripts would fail to find python3 and would therefor
configure with python3 support disabled.
After poky integrated the above commit lxc can, and does, detect
python3 and attempts to configure with python support. Unfortunately
it would detect the host's python3 which it would use to run setup.py
and therefor get the host's include path etc. and ultimately fail to
build.
To fix this we make 'python' support configurable via a PACKAGECONFIG
and we default to not configuring with this support, to match our
previous configuration. We also fix things such that 'python' support
can be enabled in the PACKAGECONFIG and the build will complete
successfully, using our python3 and not the host's.
We might want to eventually enable the python support but since this
not only enables python extensions but even goes as far as turning
scripts like lxc-ls into python scripts, instead of shell scripts,
keeping it disabled for now is the minimally invasive approach.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
These patches address some warnings that LXC throws when running
an application container. They are currently applied in the official
repository.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
go-cross-1.3 is old, and doesn't link properly with the latest 2.26
binutils.
To get things building again, and to start the docker uprev, we simply
depend on go-cross and line docker up with the rest of the go users.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Finding the libprotobuf.* incorrectly if the host have pkgconfig
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
V1.1.4 includes a fix for CVE-2015-1335:
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container
administrators to escape AppArmor confinement via a symlink attack on a (1)
mount target or (2) bind mount source.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1335
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Some of the cgo variables were pointing to host paths and not target
Fix install rules - binaries can be installed to a subdirectory.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since we need go 1.3 to co-exist with later versions (ie 1.4),
package go-cross_1.3 as go-cross-1.3_1.3.
go 1.3 will be installed to a different path than go-cross, this requires
go packages needing go 1.3 to set its PATH to:
export PATH=${STAGING_BINDIR_NATIVE}/${HOST_SYS}/go-1.3:$PATH
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Add the protobuf's pkgconfig path into PKG_CONFIG_PATH
so that pkg-config can find the protoc from sysroot in the configure process.
And don't conflict even if installing the protobuf in the localhost.
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: Logs are nice in that they report the source file,
routine, and line number where an issue occurs. But the
file is printed as the absolute filename. Users do not
need to see a long spew of path directory names where the package
just happened to have been built on some host somewhere. It
can be confusing to anyone other than the developer.
Solution: Introduce a configure option to chop off all leading
directories so that just the source filename ie. basename is printed.
[ Upstream status: Not needed. These absolute filenames are a
consequence of poky/bitbake feeding the absolute filenames to
the compiler. If you build lxc outside of poky/bitbake, just
the basenames are fed to the compiler. ]
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Author: Amy Fong <amy.fong@windriver.com>
Date: Wed Sep 16 00:12:10 2015 -0400
docker: update SRC_URI
branch=release is no longer valid in the git tree,
updating the branch to v1.6.2
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Uprev to 1.1.3
Remove Generate-lxc-restore-net-properly.patch since related code
has been removed.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The networking configuration that is part of the lxc-setup package is
not appropriate for all use cases, or init systems.
To avoid having this configuration be pulled in by default, we create
an empty -networking package that handles the configuration. Images
can enable this step by including lxc-networking in the install package
list.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
With the recent python-simplejson:upgrade 3.6.2->3.7.3, docker-registry
was broken due to unsatisfied dependencies. The docker-registry builds and
passes basic testing with 3.7.3 (verified by jason.wessel@windriver.com),
updating the dependency requirement to >= 3.6.2
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
docbook2man fails to build the man pages in poky
due to missing the ancient Davenport 3.0 DTD.
Poky meta has the Oasis 3.1 version so upgrade
to use that instead.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
From b101a0c7ce6ef1eb41bef786831e58fa4d1b069f Mon Sep 17 00:00:00 2001
From: Amy Fong <amy.fong@windriver.com>
Date: Mon, 27 Jul 2015 14:10:20 -0400
Subject: [PATCH] golang: use oe-meta-go
Update meta-virtualization to use go package from oe-meta-go.
The package golang-cross is go-cross in the oe-meta-go.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Systemd throws the following warning at boot:
systemd[1]: [/lib/systemd/system/docker-registry.service:10]
Not an absolute path, ignoring: #WORKDIR#
Fix WORKDIR in docker-registry's systemd from #WORKDIR# to
${PYTHON_SITEPACKAGES_DIR}/docker_registry
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This version has better support for unprivileged
containers.
Two patches are deleted as they are now included.
One new patch is introduced to fix a file not found error at
the install build step.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Docker searching and launch looks for iptables, so we add it to the
rdepends.
To actually launch a container, netfilter nat and dm-think are often
required, so we make those modules rrecommends.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
golang doesn't work with ccache. In the current state, a lot of parsing
happens where it'll grab the first string in CC or LD and uses that for
its builds. When ccache is enabled, it results in trying to do builds
with just ccache.
The brokeness is seen when building with apps that uses cgo, like docker.
To enable ccache to work, some string comparisons and changes to parsing
had to be made.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Uprev docker to 1.6.2
go-capability is upreved to a later git commit
go-dbus is upreved to version 2
go-distribution-digest is added as a new dependency. Only the
digest part of go-distribution is needed/kept here,
hence go-distribution-digest
go-logrus is upreved to 0.7.1
Remove PR since it's no longer used
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Add handling for distros with both systemd and sysvinit by passing
multiple init systems to configure with --with-init-script=
Signed-off-by: Erik Botö <erik.boto@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Add command line parameter to create Busybox containers
with OpenSSH support. As a prerequisite, OpenSSH needs
to be installed on the host system.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In yocto builds, preprocessing of binaries can happen after the install
phase. Some of these can modify the size/sha1sum of the binaries.
e.g. A new .gnu_debuglink can happen
docker will not start because of these modifications. Docker initially
does a sha1sum of dockerinit to identify the dockerinit that it was built
with, this is done for security and for compatibility reasons. Since
this checking is disabled, we should rely on rpm tests for validation
of the binary instead.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
If lxc is built not in the source dir, upstart files will fail to be
installed, because of Makefile error.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
