Age | Commit message (Collapse) | Author |
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Commit c97fe5036ef3df2967d086711e6c0c405941e14b is Kubernetes v1.16.2
(see https://github.com/kubernetes/kubernetes/releases for verification)
and building with the current recipe generates v1.16.2 binaies although
the package names state v1.16.1.
Change-Id: I5701c18cc3ce205ad906eda2595d9ad7f5748b17
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The python3-docker-compose_1.16.1 requires 'docker<3.0, >=2.5.1', while
python3-docker 3.4.0 is provided. Error occurs when running
'docker-compose --version'.
Upgrade to python3-docker-compose_1.21.2 to make it work.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Updating kubernetes to use the 1.16 relese (instead of the 1.16) alpha.
No issues were found in build and runtime testing of this versus the
alpha release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The image tools were not building with the oe/cross GO compiler
and flags. As such, you could end up with a binary on target with
the wong elf interpreter (the host one).
With this, we properly use the settings from our build.
We also bump the SRCREV to pickup a few minor fixes to the package.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The layer does not expect recipes in the first subdir. Move the
podman-compose recipe into a podman-compose subdirectory.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Makefile:
#
# Supported Architectures
ifneq ($(filter-out x86 arm aarch64 ppc64 s390,$(ARCH)),)
$(error "The architecture $(ARCH) isn't supported")
endif
Signed-off-by: Ruslan Piasetskyi <ruslan.piasetskyi@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Add recipe for the FUSE implementation of overlayfs. This is useful
to improve startup time for podman rootless containers.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Add podman-compose, a docker-compose implementation for podman. The
current version is not feature complete, hence not all docker-compose
file work.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Add a default registries.conf and storage.conf. Those config files
are used by several projects of the containers group like buildah or
podman. Provide it as part of skopeo like the other distributions do.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bump to latest podman release 1.6.1.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
It seems that docker uses nowadays a rather vanilla version of runc,
at the time of writing 1.0.0-rc8. This version has successfully
tested with podman, hence remove the obsolete comment.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Create the initial recipe to provide crun as an alternative OCI runtime
provider.
This currently has a depdenency on seccomp, but it would be nice if we
can make that optional in the future to avoid pulling in all of
meta-security as a dependency.
Example:
% skopeo copy docker://busybox oci:busybox-oci:latest
% mkdir busybox-bundle
% oci-image-tool create --ref platform.os=linux busybox-oci busybox-bundle
% cd busybox-bundle/
% rm config.json
% runc spec
% runc run foo
^D
% crun run foo
^D
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The layer check for podman was copied from cri-o .. and some non
podman elements came over as part of that copy. We drop selinux
as a check, and fix some comments.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
podman can behave as transparent drop in replacement for docker
via a wrapper 'docker' script that simply calls podman when any
docker command is issues.
While this is an interesting feature, we want it to be optional
.. since it is possible that podman and docker might want to be
installed at the same time.
So we introduce a 'podman' PACKAGECONFIG, that controls whether
or not this wrapper is installed, and if it is installed it marks
the podman package as conflicting with docker (which gets us a
better message than a failed image assembly provides).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
In a similar manner to cri-o, we don't want to make meta-selinux
or meta-security a hard dependency to meta-virtualization. So we
implement a similar anonymous python check that allows the recipe
to be skipped if the dependent layers are not present (and hence
we are yocto compatible). If we get more than two recipes doing
layer checks (this is the 2nd), we can move the functionality to
a class.
We also make the runc dependency be virtual/runc versus picking
a specific provider (even if only runc-opencontainers has been
tested).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
ostree is now provided by meta-oe, which is a required layer so
we can drop it from the anonymous python checks for layers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
A tool that concurrently runs a whole bunch of go linters and
normalises their output to a standard format. Useful to build
podman.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Add conmon, a OCI container runtime monitor.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
This tool converts markdown into roff (man pages). Useful to build
podman.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Use a standard location to store the cni tools and plugins. This
is more in line how other distributions package cni. Keep a symlink
to /opt/cni/bin for backward compatibility.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
slirp4netns allows connecting a network namespace to the Internet
in a completely unprivileged way, by connecting a TAP device in a
network namespace to the usermode TCP/IP stack ("slirp")."
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
skopeo is a command line utility that performs various operations on
container images and image repositories.
skopeo can work with OCI images as well as the original Docker v2
images.
The recipe originates from from meta-overc commit a497792. It has
been updated with the new project URL and v0.1.39.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Podman is a daemonless container engine for developing, managing, and
running OCI Containers on your Linux System. Containers can either be
run as root or in rootless mode.
This patch adds the initial recipe for podman. Currently the build tags
systemd (if in DISTRO_FEATURES), seccomp, varlink and remoteclient are
enabled which allows to run podman with overlayfs as root and vfs in
rootless mode. The storage drivers btrfs and device-mapper have not
been tested and are disabled at the moment.
It seems that seccomp is mandatory, which makes meta-security which
provides libseccomp a mandatory dependency for this recipe.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Build libvirt results in the follow warning:
ERROR: libvirt-5.5.0-r0 do_package: libvirt-ptest: Multiple shlib providers for libvirt-admin.so.0: libvirt, libvirt-ptest
(used by files: ./tmp/work/aarch64-overc-linux/libvirt/5.5.0-r0/packages-split/libvirt-ptest/usr/lib/libvirt/ptest/tools/virt-admin)
ERROR: libvirt-5.5.0-r0 do_package: libvirt: Multiple shlib providers for libvirt-admin.so.0: libvirt, libvirt-ptest
(used by files: ./tmp/work/aarch64-overc-linux/libvirt/5.5.0-r0/packages-split/libvirt/usr/bin/virt-admin)
This is caused by the introduction of a shlib provider check added to
openembedded-core (commit 61c413690034 [package: Multiple
shlib_providers for the same file should error]). You can see the
issue and solution discussed more here
https://bugzilla.yoctoproject.org/show_bug.cgi?id=4628
Since the ptest version of the shared library will only be used by the
ptest package so we can use PRIVATE_LIBS to have the shlib providers
list.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The build has broken again on master, even for non-static builds of
netns. The simplest fix is to extend our existing patch to cover this
case as well.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The recipe for cri-o already has an anonymous Python function in place
to skip the recipe if dependencies are not found so there's no need to
force inclusion of the meta-selinux layer.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Updating the moby recipes to the match the 19.03.x updates pulled
into docker/docker-ce
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Since commit:
[
Author: Tom Rini <trini@konsulko.com>
Date: Fri Feb 8 13:22:35 2019 -0500
docker: Move /etc/docker to a symlink to volatiles
The only thing which docker uses /etc/docker for is a TLS key for
connecting with other TLS-enabled services. Make /etc/docker a symlink
to the existing docker volatiles directory so that we can use docker on
a read-only rootfs.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
We've had a transient / volatile docker configuration since we point
our /etc configuration to /run. This is not always a good thing if
a static configuration for keys, etc, is desired.
We maintain this functionality under the 'transient-config'
PACKAGECONFIG, and also allow the existing static/permanent config
to be used.
Signed-off-by: Matt Spencer <matthew@thespencers.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The recipe which was providing the default "docker" package was aligned
with the moby repositories. In order to make that alignment clear, we
rename that recipe docker-moby.
To allow easier switching between the docker providing recipes, we
introduce a virtual/docker PROVIDES to the common .inc file (and
hence each recipe). This allows users to chose what they want via
the standard PREFERRED_PROVIDER mechanism.
Also to allow existing package lists and image installs to
continue to work without changes, we make sure that the implementation
specific docker-<foo> packages RPROVIDE docker. If any packages are
missed, we'll add them to this list in future updates.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bump the git hashes to Docker CE v19.03.2.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Since commit applied in moby [61a3285 Support cross-compile for arm]
it hardcoded var-CC to support cross-compile for arm
Correct it with "${parameter:-word}" format, it is helpful for user
define toolchains
(Use Default Values. If parameter is unset or null, the expansion of
word is substituted. Otherwise, the value of parameter is substituted.)
https://github.com/moby/moby/commit/61a3285864d3f1b489f48f765b61b2c7bd300372
This fixes a build issue seen when building docker-ce:
exec: "aarch64-linux-gnu-gcc": executable file not found in $PATH
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Use GNU Make 4.2.1(such as fedora-29) to build k8s in a long directory,
it failed with `execvp: /bin/bash: Argument list too long'
[snip]
$ cd /buildarea1/hjia/wrlinux-1019/I_/suspect_/that_/if_/you_/create_/your_/project_/in_/a_/very_/deep_/directory/build_master-wr_qemux86-64_faw_2019090509/build/tmp-glibc/work/core2-64-wrs-linux/kubernetes/v1.16.0-alpha+git7054e3ead7e1a00ca6ac3ec47ea355b76061a35a-r0/kubernetes-v1.16.0-alpha+git7054e3ead7e1a00ca6ac3ec47ea355b76061a35a/src/import
$ make cross KUBE_BUILD_PLATFORMS=linux/amd64 GOLDFLAGS=""
|+++ [0804 16:38:32] Building go targets for linux/amd64:
| ./vendor/k8s.io/code-generator/cmd/deepcopy-gen
|make[1]: execvp: /bin/bash: Argument list too long
|make[1]: *** [Makefile.generated_files:184: pkg/kubectl/cmd/testing/zz_generated.deepcopy.go] Error 127
|make: *** [Makefile:557: generated_files] Error 2
...
[snip]
From make manual [1]
$?
The names of all the prerequisites that are newer than the target, with spaces between them.
While two `$?' was passed to bash in a line, it caused above failure,
drop a duplicated one could workaround the issue.
[1] https://www.gnu.org/software/make/manual/html_node/Automatic-Variables.html
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
When curl's MIT license is preferable to wget's GPLv3. Which it is in
several situations.
Change-Id: I72ee1ce66493c564557b73fae80f5219ef83af6d
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
commit 7394c154a92f [containers: update oci-systemd-hook to 0.2.0]
incorrectly adjusted the context around the patch
0001-Add-additional-cgroup-mounts-from-root-NS-automatica.patch.
This resulted in containers failing with an error:
systemdhook <error>: Failed to mkdir new dest: /opt/container/cube-server/rootfs/sys/fs/cgroup/perf_event: No such file or directory
Unfortunately, the code was being patched in ahead of the mounting of
the tmpfs after the patch context was adjusted. You can even get a
hint of this in the comment "Systemd is already handled above". Here
we correct this by pushing the code down to the correct position in
the file/function, making the error go away and proper function
return.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
openembedded-core commit fb064356af61 [Remove LSB support] dropped the
'lsb' recipe which caused openvswitch to throw a dependency fail for
both sysvinit and systemd builds. LSB init functions for
log_begin_msg, log_end_msg and others were being used. We now use the
functions from ovs-lib which are part of OVS and supply the remaining
ones directly. This allows us to regain the functionality and drop the
dependency on 'lsb'.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
nl80211 device can't be moved to another namespace due to
e389f2afd8509(start: unify and simplify network creation), and lxc
community has fixed this issue with:
commit 3dd7829433f63b2ec1323a1f237efa7d67ea6e2b lxc upstream
This patch is grabbing the commit above, and should be abandoned with
lxc uprev afterwards.
See more details here: https://github.com/lxc/lxc/issues/3105
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
root@intelx86-64: journalctl -xe
ceph-crash[854]: ERROR:_main_:directory /var/lib/ceph/crash/posted does
not exist; please create
Create the directory for both of systemd and sysvinit
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Upgrade to the latest stable version and backport two patches from master branch
to fix the following two build failures which are introduce by upgrading boost
to 1.71.0.
f1651b8c509d ("rgw: add executor type for basic_waitable_timers") for:
src/rgw/rgw_dmclock_async_scheduler.h:45:30: error: could not convert
'boost::asio::basic_waitable_timer<Clock, WaitTraits, Executor>::get_executor()
064f142746ae ("rgw: beast handle_connection() takes io_context") for:
src/rgw/rgw_asio_frontend.cc:155:38: error:
'class boost::asio::basic_socket<boost::asio::ip::tcp, boost::asio::executor>'
has no member named 'get_io_context'; did you mean 'io_control'?
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Since comit 3f64779e in meta-oe:
[ libdevmapper/lvm2: force recipe libdevmapper to populate sysroot only ]
libdevmapper recipe does not provide package any more, we need RDEPENDS
on libdevmapper which is being provided by lvm2 recipe.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Remove python-nose from RDEPENDS for it has been removed from oe-core.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
It defaults to "-s -w" [1] which strips debug information, refresh a backported
patch to build unstripped binaries
https://golang.org/cmd/link/
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Specify GOLDFLAGS as an empty string for building unstripped binaries, which allows
you to use code debugging tools like delve. When GOLDFLAGS is unspecified, it defaults
to "-s -w" which strips debug information. Other flags that can be used for GOLDFLAGS
are documented at https://golang.org/cmd/link/ [1]
[1] https://github.com/kubernetes/kubernetes/blob/master/build/root/Makefile#L82
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|