Age | Commit message (Collapse) | Author |
|
install needs to go to ${D}, not the host path, so we fix up the
offending install lines.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Ricardo Salveti <ricardo@opensourcefoundries.com> pointed out that
runc-docker was not getting a proper PV due to the use of SRCREV
in the variable.
By switching to SRCPV, we get the right PV for both variants of
runc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The go bbclass already inherits goarch.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
This variable isn't picked up by the runc Makefile anyway as it isn't exported.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The "vendor/src" symlink is already created in do_compile in runc.inc.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The recvtty demo/reference application has cross compilation issues when
targeting aarch64 platforms. As it is just a demo application and is not usually
used, we can just patch the Makefile to disable building this application.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
If the GOARCH isn't set CGO took the ARCH from the host and tries
to use -m64 flag that isn't available in aarch64 compiler.
...
| # github.com/opencontainers/runc/libcontainer/system
| aarch64-linaro-linux-gcc: error: unrecognized command line option
'-m64'
| # github.com/containerd/console
| aarch64-linaro-linux-gcc: error: unrecognized command line option
'-m64'
| Makefile:60: recipe for target 'shim-static' failed
...
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Introducing the kubernets components for container orchestration.
The packaging introduced here creates the framework for more
advanced kubernetes configurations. By itself, it doesn't do much
but it makes the components available to be configured and deployed
as master/worker nodes.
It integrates with the previously introduced cni and cri-o
components available in meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
These variables are now set correctly by go.bbclass in oe-core. Changing them to
point at the native sysroot just leads to build errors in some cases, for
example when the target and host have matching GOARCH but not matching c
libraries.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The makefiles for both providers of runc need to be patched in similar ways to
ensure that we use the binaries from go-cross and not go-native.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
This patch hasn't been used in a long time.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
These fixes are needed due to updates to go.bbclass in oe-core. See commit
01a8d4537012ad93dc8510e9b762acdc8c4536c7 for more information.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
To prepare for native kubernetes support without docker on a target,
we integrate the cri-o incubator project.
cri-o is meant to provide an integration path between OCI conformant
runtimes and the kubelet. Specifically, it implements the Kubelet
Container Runtime Interface (CRI) using OCI conformant runtimes.
The scope of cri-o is tied to the scope of the CRI.
This initial introduction is build + packaging only. It is expected
that configuration and deployment tweaks are done at the distro
level.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The following commit:
commit df3a46feb971386f922c7c2c2822b88301f87cb0
Author: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Date: Tue Aug 1 17:39:39 2017 +0800
implement add/set function for hooks items
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Breaks the ability to specify multiple hooks with the same path
(i.e. a shell script that does different things based on arguments).
The author's intent with the change is unclear, so rather than fix
it, we revert it for now.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
This requires some packages as well as the pypi.bbclass from meta-python.
It uses Python 3 as I don't think it makes sense to use Python 2 anymore.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
We want to build in ${S}, so we now require an explicit cd ${S}
to avoid landing in the build directory.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Recently in the oe-core the go.bbclass changed and requires the
defition of the GO_IMPORT variable. This was intended to simplify how
the compilation works with go packages and it is still a work in
progress.
This patch set makes the recipes compatible to generate the same end
result as before using the new go.bbclass from oe-core.
Any patches that were included in the recipes had to have the paths
adjusted because the new go.bbclass manipulates the notion of S to be
S + "src" + "$GO_IMPORT" internally for the purpose of unpack, patch
and compile.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
To work with OCI spec v1.0 images/containers we need to update our
tools.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Our current version of criu is about a year old and has some
compilation issues with the latest gcc (currently it is
unbuildable). Since the version of criu and the kernel version are
fairly tightly coupled it wouldn't be surprising of this old criu
would also be exhibiting some runtime issues with our fairly new
kernel version.
With the above in mind we uprev to criu v3.4 which was recently
released. This requires several of the patches to be updated (mostly
context). We are able to drop the selinux related change as RSS
prevents the situation this was working around from happenning.
This was validated using https://criu.org/Simple_loop (and a few
variants).
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
This reverts commit 90c1046b58c50f127ea711d83874a1dc4b68f7ed.
|
|
While the recipe was functional under an image based on core-image-
full-cmdline, when tested with core-image-minimal runtime issues
appeared: Singularity was unable to create a filesystem within the
container. This change fixes this issue.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
If Bash is not included by any other recipe, the recipe fails at the QA
check. This commit adds Bash to the list of dependencies, preventing
this issue.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Singularity is a container platform built on the principle of mobility
of compute. It is designed to be used on HPC clusters and, unlike
Docker, it does not require root access to mount an image. In addition,
it can use Docker images out-of-the-box and it can pull them from the
Docker Hub. For more information, see singularity.lbl.gov
This recipe enables building the Singularity container platform.
Additionally, it creates a symlink from /usr/bin/python3 to
/usr/bin/python, as well as a symlink to where python3 expects
CA certificates to be.
I have tested it on a Raspberry Pi 3: I successfully built and run
arm32v7 images from Docker Hub. Make sure you have the right image for
your CPU architecture: it defaults to amd64.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru at gmail dot com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
CVE-2017-11468 is fixed in this release.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-11468
Release note:
https://github.com/docker/distribution/releases/tag/v2.6.2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The build is failing due to a failing QA check:
ERROR: lxc-2.0.8-r0 do_package_qa: QA Issue:
/usr/lib/lxc/ptest/src/tests/lxc-test-may-control contained in
package lxc-ptest requires /bin/bash, but no providers found in
RDEPENDS_lxc-ptest? [file-rdeps]
Add bash to the the ptest RDEPENDS.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Fix daemonization, align args with docker.service, fix line breaks in
log file - and fix INITSCRIPT_PARAMS (there is no variable
OS_DEFAULT_INITSCRIPT_PARAMS).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Analogously to docker: There is no variable
OS_DEFAULT_INITSCRIPT_PARAMS, just use "defaults".
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
To match the docker (moby) and runc updates, we need the latest containerd
from the 0.2.x branch to work in cooperation with the other components.
Note: containerd master won't currently work with docker master, but is
very similar to 0.2.x. The build target varies slightly in master, but
otherwise with these changes to the recipe and build steps we can switch
easily when the time comes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The docker uprev missed the version string which matches the actual
binary being built. With this change, the package now reflects the
correct version.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The latest oci-runtime-tool builds are throwing the missing GNU_HASH
error during QA checks.
This is common with go applications, and isn't a problem, so for now,
we simply skip the check.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The config.json has elements which have changed in the latest runc.
These changes are not backward compatible with older versions of runc.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The selinux disable patch required changes as more setfilecon
operations were added.
The new upstream work is needed to allow the rootfs specification to
continue working because runc no longer passes the "root" key as a
part of the json configuration which is sent to a hook via stdin.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
The build method for docker client changed where by the docker cli is
now required to be pulled in from a separate git tree to be built.
The integration patch to cross compile was also upreved since some
parts of it were accepted upstream while other parts have not been
accepted at this time.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
This allows for setting up a detached session where you do not want to
set the terminal to false in the config.json. More or less this is a
runtime override.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Uprev to pick up latest changes in docker-runc.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Fix the following QA warnings:
QA Issue: lxc rdepends on gmp, but it isn't a build dependency,
missing gmp in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on libidn, but it isn't a build dependency,
missing libidn in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on gnutls, but it isn't a build dependency,
missing gnutls in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on nettle, but it isn't a build dependency,
missing nettle in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Fix the following QA warning:
QA Issue: /usr/libexec/criu/scripts/systemd-autofs-restart.sh contained
in package criu requires /bin/bash, but no providers found in
RDEPENDS_criu? [file-rdeps]
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Fix the following QA warning:
QA Issue: criu rdepends on libbsd, but it isn't a build dependency? [build-deps]
This had been fixed by 1fd94d853545b55173b1f0e2cf683a5d21f8cd7b,
but then was overwritten by b9b7ece0cd52966467035fb71ad9ba472bf24b88
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
According to https://github.com/docker/libtrust, this repo is now deprecated
and the library was integrated in the docker-distribution repository.
Signed-off-by: Anselmo L. S. Melo <anselmo.melo@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
gcc 7 has a bug:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=11672
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78969
In order to avoid the build failure that this causes we reduce the
range by one. Better to have a slight reduction in the range than
having nobody to be able to build and use lxc.
Once gcc is fixed this can be reverted.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
1)Upgrade lxc from 2.0.0 to 2.0.8.
2)Delete two patches, since it is integrated upstream.
Delete Generate-lxc-restore-net-properly.patch,this script has already been rearchitected out of existence by cba98d127bf490b018a016b792ae05fd2d29c5ee
Delete Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch,this script has already been rearchitected out of existence by af6824fce9c9536fbcabef8d5547f6c486f55fdf from git://github.com/lxc/lxc.git
3)Modify two patches, since the data has been changed.
automake-ensure-VPATH-builds-correctly.patch
runtest.patch
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Updating to the latest oci-image-tools for better support in unpack/creating
runtime bundles.
With this update, we get a single tool with subcommands, versus separate
commands previously.
We also add two proposed (but not merged) patches that can deal with existing
symlinks when unpacking layers. Without this, we fail to unpack many complex
containers due to duplicate files in layers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
Historically Yocto installs python modules in ${libdir} and not the
no-arch variant. The criu install was following every other distros
use of the non-arch variant, /usr/lib, which was being picked up by
the QA check. Modify the criu Makefile to enable us to overwrite this
location by using setup.py's install-lib directive.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
|
To provide hexdump which is used as part of the build process. Resolves
| criu/pie/../../scripts/gen-offsets.sh: line 37: hexdump: command not found
| criu/pie/Makefile:96: recipe for target 'criu/pie/parasite-blob.h' failed
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|