With the recent python-simplejson:upgrade 3.6.2->3.7.3, docker-registry
was broken due to unsatisfied dependencies. The docker-registry builds and
passes basic testing with 3.7.3 (verified by jason.wessel@windriver.com),
updating the dependency requirement to >= 3.6.2
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
docbook2man fails to build the man pages in poky
due to missing the ancient Davenport 3.0 DTD.
Poky meta has the Oasis 3.1 version so upgrade
to use that instead.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
From b101a0c7ce6ef1eb41bef786831e58fa4d1b069f Mon Sep 17 00:00:00 2001
From: Amy Fong <amy.fong@windriver.com>
Date: Mon, 27 Jul 2015 14:10:20 -0400
Subject: [PATCH] golang: use oe-meta-go
Update meta-virtualization to use go package from oe-meta-go.
The package golang-cross is go-cross in the oe-meta-go.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Systemd throws the following warning at boot:
systemd[1]: [/lib/systemd/system/docker-registry.service:10]
Not an absolute path, ignoring: #WORKDIR#
Fix WORKDIR in docker-registry's systemd from #WORKDIR# to
${PYTHON_SITEPACKAGES_DIR}/docker_registry
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This version has better support for unprivileged
containers.
Two patches are deleted as they are now included.
One new patch is introduced to fix a file not found error at
the install build step.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker searching and launch looks for iptables, so we add it to the
rdepends.
To actually launch a container, netfilter nat and dm-think are often
required, so we make those modules rrecommends.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
golang doesn't work with ccache. In the current state, a lot of parsing
happens where it'll grab the first string in CC or LD and uses that for
its builds. When ccache is enabled, it results in trying to do builds
with just ccache.
The brokeness is seen when building with apps that uses cgo, like docker.
To enable ccache to work, some string comparisons and changes to parsing
had to be made.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev docker to 1.6.2
go-capability is upreved to a later git commit
go-dbus is upreved to version 2
go-distribution-digest is added as a new dependency. Only the
digest part of go-distribution is needed/kept here,
hence go-distribution-digest
go-logrus is upreved to 0.7.1
Remove PR since it's no longer used
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add handling for distros with both systemd and sysvinit by passing
multiple init systems to configure with --with-init-script=
Signed-off-by: Erik Botö <erik.boto@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add command line parameter to create Busybox containers
with OpenSSH support. As a prerequisite, OpenSSH needs
to be installed on the host system.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
In yocto builds, preprocessing of binaries can happen after the install
phase. Some of these can modify the size/sha1sum of the binaries.
e.g. A new .gnu_debuglink can happen
docker will not start because of these modifications. Docker initially
does a sha1sum of dockerinit to identify the dockerinit that it was built
with, this is done for security and for compatibility reasons. Since
this checking is disabled, we should rely on rpm tests for validation
of the binary instead.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If lxc is built not in the source dir, upstart files will fail to be
installed, because of Makefile error.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To generate a proper systemd.service file we should use lxc's builtin
configuration option for the initscript type. To support both sysvinit
and systemd, we trigger off the DISTRO var and enable the proper init
system accordingly.
When properly configured, lxc will create helper scripts and install
the service file, so we can delete the explicit copy of the service
file and let the default rules trigger and install what is needed.
The helper files installed by lxc require a lsb function that is not
commonly available in the 'functions' library: "action". To ensure that
the helper scripts operate, we create a local action() routine with
the expected semantics.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upgrade criu from version from 1.2 to 1.4.
criu is the only user of protobuf and only supported on x86 and arm,
so limit protobuf support on x86 and arm too.
Signed-off-by: Nam Ninh <nam.ninh@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The following is the type of error you see when CCACHE is enabled.
| ---> Making bundle: dynbinary (in bundles/1.5.0-dev/dynbinary)
| go build runtime/cgo: no buildable Go source files in /opt/proj/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go/src/pkg/runtime/cgo
| WARNING: /opt/proj/tmp/work/core2-64-wrs-linux/docker/1.5.0+git2243e32cbbf1c9809c262a7376d34ca43a7a36dc-r0/temp/do_compile/run.do_compile.19967:1 exit 1 from
| DOCKER_GITCOMMIT="2243e32cbbf1c9809c262a7376d34ca43a7a36dc" ./hack/make.sh dynbinary
| ERROR: Function failed: do_compile (log file is located at /opt/proj/tmp/work/core2-64-wrs-linux/docker/1.5.0+git2243e32cbbf1c9809c262a7376d34ca43a7a36dc-r0/temp/do_compile/log.do_compile.19967)
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker's build process will clone missing dependencies which
circumvents the bitbake fetcher. This is a bad thing in many ways, for
example this will not respect BB_NO_NETWORK and DL_DIR settings. To
work around this we are able to provide recipes for each of the
missing dependencies.
The dependencies are all in GO and are required to be added to the
sysroot such that the docker build can find them via GOPATH at build
time. The docker recipe was updated to add these new packages as
dependencies and the explicit clone of go-cli was removed.
After these change we are able to complete the build with networking
disabled after completing a fetchall. Docker functionality was tested
on an image built with these changes and it functions as it did
before.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Update the LXC recipe with the upstream-applied version of the patch.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add the necessary bits to enable seccomp support for LXC running on PPC
architectures. libseccomp added support for PPC [1], yet to be applied to
Yocto/meta-security.
[1] https://github.com/seccomp/libseccomp/tree/working-ppc64
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Busybox powered containers rely on a different signal for reboot - SIGTERM,
rather than the default SIGINT.
Apply the upstream support adding the infrastructure for defining a custom
reboot signal for a container, and default this signal to SIGTERM for Busybox
containers. The original patches have been applied on the upstream master LXC
branch, and required a minor backport.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Now that we have a lxc-setup package, we can start to define networking
and other out of the box configuration details for those that opt to
install it.
These are by no means complete, and won't work for everyone, but they are
a start.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc comes with sysvinit and systemd initscripts that autostart
containers and check for required services. So we should be installing
and enabling them.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc 1.0.7 is available, and integrates two patches that we were carrying
against 1.0.6 .. so we do the update, and drop the two busybox patches.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add PACKAGECONFIG for 'selinux', otherwise there would be warnings like
below:
WARN: lxc: lxc rdepends on libselinux, but it isn't a build dependency?
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rework patch 5b57bf462b [lxc: fixup VPATH builds]
since the new version of LXC refactored one of the files and it no longer
applies. Provide a fix for what's left.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Also remove patch file that no longer applies.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Building and basic functionality verified on Wandboard-dual
with linux-wandboard_3.10.17.
Signed-off-by: Alexey Firago <alexey_firago@mentor.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Split a ${PN}-template pkg to put ${datadir}/lxc/templates/, and debash in
${datadir}/lxc/hooks/* since the checkbashisms shows there are no bashism, so
use /bin/sh.
checkbashisms is from devscripts package:
http://packages.ubuntu.com/trusty/devscripts
Bash scripts:
lxc/usr/share/lxc/hooks/mountcgroups:#!/bin/bash
lxc/usr/share/lxc/hooks/ubuntu-cloud-prep:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-debian:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-openmandriva:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-archlinux:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-centos:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-plamo:1:#!/bin/bash -eu
lxc/usr/share/lxc/templates/lxc-ubuntu-cloud:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-opensuse:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-gentoo:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-altlinux:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-sshd:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-ubuntu:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-cirros:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-busybox:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-fedora:1:#!/bin/bash
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Ensure that we modify the libdir in the build directory, not the
source directory, to respect the splitting of source and build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
While buiding protobuf ptest on Centos 6.4, the build
failed with errors:
...libprotobuf.so: undefined reference to `memcpy@GLIBC_2.14'
This is due to protobuf.pc still contains /usr/lib64
as libdir which are not good for cross compiling.
Replace it with proper sysroot path.
Signed-off-by: Zibo Zhao <Zibo.Zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Tweak the ptest build rule to look for artifacts in the build directory
instead of source, since build and source are split on the latest oe-core.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The installation of Google Protocol Buffers python header files
requires the ability to run the "protoc" compiler on the host to
generate the Python header files. This fix adds a native package
that builds Google Protocol Buffers for the host machine to provide
the compiler that is used to cross-compile the package for the target
machine.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Google Protocol Buffers includes some basic example applications to
show its functionality. This fix installs these examples to the
target system when the "test" feature is enabled in the configuration.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The recipe uses 4 spaces instead of tabs when indenting. The recipe
style guidelines indicate that tabs should be used instead. This
simple fix replaces the spaces with tabs where appropriate in the
recipe file.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The compiler generated by Google Protocol Buffers currently includes
support for Python bindings. However, currently the python files
required to use the generated files are not included on the system.
This fix installs the python header files using python setup-tools
after the compiler is built.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upgrade Google Protocol Buffers to version 2.5.0. The previous
version 2.4.1 is getting quite old (released April 2011). The newer
version provides bug fixes and more functionality. This version adds
some speed optimization and the ability to allow multiple enum
symbols to have the same value.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Update lxc to latest available version: 1.0.5
Remove already upstreamed patches.
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Poky commit 69b6eaca3d9b635e8a61a0fdbd814b558e91901d [autotools:
Enable separate builddir by default] enforced separate build
directories, which is supported by automake. Unfortunately lxc had a
few make directives which didn't take into account VPATH builds so
fixing them up here to allow the lxc build to complete successfully.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Install lxc test suite and run it as ptest.
Signed-off-by: Mihaela Sendrea <mihaela.sendrea@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Adding a couple of upstream fixes for lxc:
- follow symlinks when determining if Busybox is statically linked
- don't fail for lxc.network.type = none
- don't fail if no default macvlan mode is specified
More details are available in the individual patches.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The reason is that the generic code which handles reading lxc.rootfs.mount
always frees the old value if not NULL. So without this setting
lxc.rootfs.mount = /mnt causes segfault.
This is a backport for lxc-0.9.0 (dora) of the same fix found in
upstream's master, see commits 54c30e29 and 53f3f048.
Signed-off-by: Josep Puigdemont <josep.puigdemont@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
autoconf-1.14 will fail to configure lxc with the following warning (and
hence error):
| automake: warnings are treated as errors
| src/lxc/Makefile.am:79: warning: source file '../include/openpty.c' is in a subdirectory,
| src/lxc/Makefile.am:79: but option 'subdir-objects' is disabled
So we tell autoconf that subdir objects are fine .. and the issue is solved.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc's configure script makes use of pkg-config so we need to inherit
pkgconfig or else we may see an error like
./configure: line 5315: syntax error near unexpected token `PYTHONDEV,'
./configure: line 5315: ` PKG_CHECK_MODULES(PYTHONDEV, python3 >= \
3.2,,AC_MSG_ERROR([You must install python3-dev]))'
during configure.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Without enabling INCLUDE_SUSv2 in busybox, we need to use head's -n argument,
rather than -#.
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
BPN should be used in place of PN otherwise the fetcher will attempt
to download a file with the multilib prefix,and fail, and S will not
be what is expected, causing patching and other failures.
Signed-off-by: Mark Asselstine <asselsm@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Patch to fix interface netns transition when
assigning a physical interface to a container.
Pushed to the upstream LXC repo, to be included
in future versions of LXC.
Further details in included patch description.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Many LXC templates expect the cache directory to exist and use it without
necessarily checking if it exists. Normally the Makefile would create this
directory but since /var/cache is volatile we must use the volatile system to
create this directory at boot, or when the package is installed.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To be safe, we specifiy all four possible fields
even if some trailing ones are null.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Do not query the host to find out our distro. We specify the bitbake
variable ${DISTRO} in order to get the desired runtime default config file.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This patch has been included in the upstream repo as the first
patch after LXC 0.9.0 release. Including it in meta-virtualization
for proper functioning of the lxc-clone command.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The patch checks bind mounting lib directories when starting a
busybox container on a 64bit platform. Some entries in the host
filesystem are not present but the busybox template expects them
to be there, and thus container start fails.
Please see further details in added patch description.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This patch enables installation of Buysbox containers on Busybox hosts.
Please see patch message for detailed information.
The patch has been submitted and accepted upstream by LXC maintainers.
The functionality hasn't made it to LXC 0.9.0, but will (most probably)
be included upstream in future releases of LXC.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Patch is no longer needed since the removal of LXC 0.8.0 recipe.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
LXC 0.9.0 has been added, we no longer need the 0.8.0 recipe, since
all functionality has been migrated
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The patch configures the LXC recipe to include configuration examples
or containers in the default package - lxc, not in the documentation
one - lxc-doc.
By default, bitbake will split a specific package into multiple sections,
based on meaning - binaries, libraries, documentation, configs, etc. The
sections will then be assembled into individual packages, such as e.g lxc,
lxc-doc, lxc-dbg and so on. The packages are mutually exclusive with
respect to the sections they contain.
LXC installation provides several example configuration files for various
usage scenarios. The twist is that LXC build scripts place these config
examples in a relative path that is identified by bitbake as belonging to
documentation. This patch places these configuration files in the main
package, where they normally belong.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The provided patch makes a modification to the LXC busybox template (the
template that creates a minimal container with Busybox).
This type of container will start the udhcpc service - the DHCP client - on
init. For an embedded Linux image, we might assume that the majority of
containers will have manual / static networking configuration on start.
Considering this, starting the udhcpc service by default is useless, since
the service will then has to be killed. The containers that use DHCP for
networking can start udhcpc after container boot, or alter the busybox
template locally to do so by default.
The patch deactivates the default start of the DHCP client on a Busybox
container init.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Introducing the LXC 0.9.0 recipe.
Maintainer log for intermediate versions since LXC 0.8.0. This only contains
the major differences between versions. You may find the complete log on the
SourceForge LXC devel mailing list [1].
0.9.0.alpha1:
- Introduction of the new liblxc API
- Python bindings
- New tools:
- lxc-device
- lxc-start-ephemeral
- python version of lxc-ls
- lxc.autodev support
- oracle template
- reworked lxc-attach
- /etc/lxc/lxc.conf configuration
- Switch to new docbook
- A lot of other improvements, new features and bugfixes
0.9.0.alpha2: bug fix for issue with 0.9.0.alpha1 - no significant changes
0.9.0.alpha3:
- Android support
- New lua binding
- User namespace support
- Oracle template
- Manpage updates
- POSIX shell support for most scripts
- Improved systemd support
- Various API improvements
- Logging improvements
0.9.0.rc1:
- Addition of -P option to all executables (to specify lxcpath)
- Rework of the cgroup handling code
- Rework of lxc-attach for userns
- Updates to the alpine, archlinux, opensuse, oracle and ubuntu
templates. Removal of the lenny template.
- Introduction of a new lxc.stopsignal option
- Introduction of a new lxc.kmsg option
- Various userns improvements
- New --host option in lxc-ps
- Introduction of a few examples lxc hooks
- Support for nested containers in lxc-ls
- Introduction of get_version in the C API.
- And a variety of bugfixes
0.9.0:
Feature changes include:
- Support for ephemeral containers in lxc-clone
- --clear-env/--keep-env support in lxc-attach
- -n option to lxc-start-ephemeral
Everything else is bugfixes on top of rc1.
Tests done by maintainers:
- Test build on my machine (up to date Ubuntu 13.04)
- Test build on Launchpad (Ubuntu 12.04, 12.10 and 13.04)
- Test build on an armhf board running Ubuntu 13.04
- Test build for Android cross-compiling on my laptop
- Ran our test suite on the x86 binaries
- Ran a quick test (start/stop/info/wait) on Android
- Tested the API and tools on ARM
- Rebuilt all my local templates (~20 containers) on a variety of
architectures (i386, amd64, armel and armhf)
[1] https://lists.sourceforge.net/lists/listinfo/lxc-develIntroducing the LXC 0.9.0 recipe.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
