Without this we get:
ERROR: Missing required tool: wget
When attempting to do something like:
lxc-create -n ubu -t download -- --no-validate -d ubuntu -r xenial
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This was renamed back in v1.1.0 but I suppose most folks have been
buiding for systemd or were not using this functionality and it went
unnoticed.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
For some packages we include a -setup package which can be installed
as part of an image to complete a more comprehensive setup of the main
package. This is common for example in meta-cloud-services since many
OpenStack packages have extensive setup.
The -setup package for lxc did at one point do comprehensive setup but
over time this has been moved to the -networking package. Now the
-setup package is only being used as a container for the systemd
service files or sysvinit scripts. This can better be accomplished by
setting appropriate runlevels for the initscripts or disabling or
masking the systemd services (via SYSTEMD_AUTO_ENABLE).
This also fixes some confusion or what might be considered a bug
around -setup and -networking packages as the -setup package was
mopping up the lxc-net.service file, instead of it being included in
the -networking package.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This requires libseccomp from meta-security so it is not enabled by default.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This requires libseccomp from meta-security so it is not enabled by default.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upgrade and make the recipe more systemd "friendly". For the most part
nobody is going to use this with systemd but in case they do they will
get a masked and empty services file, as they do with Debian or
Ubuntu. Otherwise this is a minor update from v1.11.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
LXC is licensed under LGPLv2.1 not GPLv2. The COPYING file
referenced in the LXC recipe on all branches have the same content,
checksum and all define LICENSE="GPLv2" rather than "LGPLv2.1".
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The upstream Makefile now calls `$(GO)` instead of just `go` so this patch isn't
needed anymore.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
go 1.9.x was triggering linkage errors on some build hosts due to
missing symbols.
| tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_mac:
| /usr/src/debug/glibc/2.27-r0/git/sysdeps/x86_64/dl-machine.h:59: undefined reference to `_DYNAMIC'
| tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_get:
| /usr/src/debug/glibc/2.27-r0/git/elf/get-dynamic-info.h:48: undefined reference to `_DYNAMIC'
By ensuring that our sysroot provided go binary and build flags make
it into the build enviroment we can build properly with 1.9 and 1.10
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Refresh patches with devtool command to fix do_patch warning.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
With newer glibc(>= 2.26) and kernel(>=4.14), criu would fail to build:
In file included from
/buildarea/build/tmp/work/core2-64-poky-linux/criu/3.4+gitAUTOINC+a31c1854e1-r0/recipe-sysroot/usr/include/linux/aio_abi.h:31:0,
from criu/cr-check.c:24:
/buildarea/build/tmp/work/core2-64-poky-linux/criu/3.4+gitAUTOINC+a31c1854e1-r0/recipe-sysroot/usr/include/sys/mount.h:35:3:
error: expected identifier before numeric constant
MS_RDONLY = 1, /* Mount read-only. */
^
CC criu/parasite-syscall.o
CC criu/pipes.o
CC criu/pie-util.o
CC criu/pie-util-vdso.o
CC criu/plugin.o
/buildarea/build/tmp/work/core2-64-poky-linux/criu/3.4+gitAUTOINC+a31c1854e1-r0/git/scripts/nmk/scripts/build.mk:110:
recipe for target 'criu/cr-check.o' failed
make[2]: *** [criu/cr-check.o] Error 1
Backport a patch to fix it.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rather than invoking go directly to build docker-proxy, we can use
the libnetwork Make infrastructure. This picks up our exported go
enviroment variables, and other sysroot flags.
We also apply one patch to ensure that the cross-go toolchain is
used, and that the proper build flags are used.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The runc makefile now uses $(GO) universally, but sets the variable
as GO := go by default. This means that the host go will be used
instead of our recipe sysroot variant.
A simple export of the variable is not enough in all cases (due
to Make assignments), so both export it AND pass it directly to the
oe_make call.
This fixes docker-runc builds on ARM64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev containerd to v1.0.2 for compatibility with recent docker (18.04+)
builds.
With this uprev we also significantly restructure the build to use more
of the latest oe-core go build infrastructure, but non-standard parts of
the build remain.
We also allow containerd to be build with CGO enabled to avoid linkage
errors with the oe provided go build infrastructure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This commit introduces a docker-ce reference recipe that is nearly
identical to the docker_git recipe.
The main difference between these two recipes is that one builds from
moby and this one from the docker-ce repository itself. The different
repositories mean that a different selection of commits are used and
that the build locations change slightly.
Although both docker_git and this recipe share nearly all their code,
they will vary more in the future, and prematurely factoring them
into a .inc file is not practical (until this proves useful).
Future work: remove the individual libnetwork and cli repository
fetches and build the components directly from the docker-ce repo.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev the docker daemon, proxy and cli to 18.03.0.
The SRCREVs for these updates come from the versions logged in the
docker-ce 18.03.0 release. The docker-ce recipe has a pure docker-ce
single repository build, but here, we continue to assemble the individual
parts for maximum flexibility.
Along with the uprev, we add new dependencies required to build the new
version; libtool and pkcconfig (although unused by the recipe itself).
Finally we switch to a Makefile based build of the cli to allow the
commit and docker version to be properly captured in the docker executable.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev both variants of runc to v1.0.0-rc5.
We drop patches that have made it into the upstream runc, and we also
refresh the context of of two others.
The docker and opencontainers variants are virtually identical, but
we keep the two variants for now to protect against any future forks
in the support.
The runc-docker SRCREV comes from the docker-ce 18.04 logged commit,
while runc-opencontainers is updated to the tip of the master branch.
Runtime tested with docker on x86-64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Only include aufs-utils if the corresponding distro feature is enabled.
Without that the aufs kernel driver is not included too.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The python3-enum package was removed and it is now part of core.
Signed-off-by: Ricardo Salveti <ricardo@opensourcefoundries.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
systemd unit dir can be customized by the distro (e.g. usrmerge), so
make sure the correct unit dir path is set on configure.
Signed-off-by: Ricardo Salveti <ricardo@opensourcefoundries.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
kube-proxy is required on all kubernetes nodes. Rather than it being
in the catch-all package, we put it in an explicit package.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rebuilding criu would cause the following error.
| make: .gitid: Command not found
| make: *** [Makefile:260: clean-top] Error 127
Fix this problem by setting CLEANBROKEN to "1".
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
When attempting to create a container using
lxc-create -t download -n test -- no-validate --dist ubuntu --release \
xenial --arch amd64
the container creation will fail due to missing 'xz' and in the case
of 'tar' due to invalid options if the busybox version of 'tar' is
used.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
A while ago changes were merged to meta-openembedded to make
/etc/dnsmasq.d (and specifically the files it contains) referenced
when the main instance of dnsmasq is run (see dnsmasq.service and
commit ba665493a0dd [dnsmasq: allow for dnsmasq instances to reuse
default dnsmasq.conf]).
We, however, continued to modify the global configuration
(/etc/dnsmasq.conf) to keep the main instance of dnsmasq from
attaching to virbr0 and lxcbr0, by using 'bind-dynamic'. This approach
is problematic, since it is common that other instances of dnsmasq
will make use of the global configuration file and may have
incompatible options. We see this for example when attempting to start
lxc-net which will attempt to use 'bind-interface' which is
incompatible with 'bind-dynamic' that we were adding to the global
configuration.
Here we remove our change to the global configuration (leaving it
mostly empty as it should be) and instead have lxc and libvirt
packages instruct the global instance not to bind to virbr0 and lxcbr0
by adding configuration files to /etc/dnsmasq.d (setting
except-interface).
The added benefit to this approach is that if lxc or libvirt are not
part of an image the global configuration will not be modified in such
a way as to expect that they are present.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The runc-docker has all the code in it to properly run a stop hook if
you use it in the foreground. It doesn't work in the back ground
because there is no way for a golang application to fork a child exit
out of the parent process because all the golang threads stay with the
parent.
This patch has three parts that happen ONLY when $SIGUSR1_PARENT_PID
is set.
1) At the point where runc start would normally exit, it closes
stdin/stdout/stderr so it would be possible to daemonize "runc start ...".
2) The code to send a SIGUSR1 to the parent process was added. The
idea being that a parent process would simply exit at that point
because it was blocking until runc performed everything it was
required to perform.
3) The code was copied which performs the normal the signal handling
block which is used for the foreground operation of runc.
-- More information --
When you use "runc run " it is running in the "foreground", in the
sense it takes over your existing terminal.
The runc-docker doesn't have a way to start it with "runc run&" where
you can send it to the background and have everything work. With this
commit, it does allow you to do that and have all the stop hooks fire
at the time what ever runc started exits.
Lets take a quick look at what "runc run" does today:
* Starts a whole pile of threads
* Sets up all name spaces
* Starts child process for container and leaves it paused at image activation
* runs start hooks
* executes "continue" for container process
* waits for container app to exit
* executes stop hooks
Now lets look at "runc create/start" does today:
runc create
* Starts a whole pile of threads
* Sets up all name spaces
* Starts child process for container and leaves it paused at image activation
* exits -- [ NOTE: this is our problem! ]
runc start
* runs start hooks
* executes "continue" for continue process
At this point when the container app exits nothing is waiting for it
to run any kind of hooks.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The rdepends on glibc-utils was removed without reason
in the following commit:
"""
e73608d56e
lxc: 2.0.0 -> 2.0.8
"""
And it causes failure:
/usr/libexec/lxc/lxc-net: line 125: getent: command not found
So add the dependency back.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rather than throwing an error if we can't map a user to a uid,
output a warning. We aren't actually running the code, but are
just extracting it .. so the user not existing isn't an issue.
With this, we avoid the not-so-useful traces like this:
config.User: unsupported format
github.com/opencontainers/image-tools/image.(*config).runtimeSpec
oci-image-tools/0.2.0-dev+gitAUTOINC+4abe1a166f-r0/oci-image-tools-0.2.0-dev+gitAUTOINC+4abe1a16 6f/src/import/vendor/src/github.com/opencontainers/image-tools/image/config.go:109
<...>
src/import/cmd/oci-image-tool/main.go:57
runtime.main /usr/lib64/go/src/runtime/proc.go:185
runtime.goexit /usr/lib64/go/src/runtime/asm_amd64.s:2337
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If the root name space has additional cgroup mounts, pass them to the
container.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Ricardo Salveti <ricardo@opensourcefoundries.com> pointed out that
runc-docker was not getting a proper PV due to the use of SRCREV
in the variable.
By switching to SRCPV, we get the right PV for both variants of
runc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The go bbclass already inherits goarch.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This variable isn't picked up by the runc Makefile anyway as it isn't exported.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The "vendor/src" symlink is already created in do_compile in runc.inc.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The recvtty demo/reference application has cross compilation issues when
targeting aarch64 platforms. As it is just a demo application and is not usually
used, we can just patch the Makefile to disable building this application.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If the GOARCH isn't set CGO took the ARCH from the host and tries
to use -m64 flag that isn't available in aarch64 compiler.
...
| # github.com/opencontainers/runc/libcontainer/system
| aarch64-linaro-linux-gcc: error: unrecognized command line option
'-m64'
| # github.com/containerd/console
| aarch64-linaro-linux-gcc: error: unrecognized command line option
'-m64'
| Makefile:60: recipe for target 'shim-static' failed
...
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Introducing the kubernets components for container orchestration.
The packaging introduced here creates the framework for more
advanced kubernetes configurations. By itself, it doesn't do much
but it makes the components available to be configured and deployed
as master/worker nodes.
It integrates with the previously introduced cni and cri-o
components available in meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
These variables are now set correctly by go.bbclass in oe-core. Changing them to
point at the native sysroot just leads to build errors in some cases, for
example when the target and host have matching GOARCH but not matching c
libraries.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The makefiles for both providers of runc need to be patched in similar ways to
ensure that we use the binaries from go-cross and not go-native.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This patch hasn't been used in a long time.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
These fixes are needed due to updates to go.bbclass in oe-core. See commit
01a8d45370 for more information.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To prepare for native kubernetes support without docker on a target,
we integrate the cri-o incubator project.
cri-o is meant to provide an integration path between OCI conformant
runtimes and the kubelet. Specifically, it implements the Kubelet
Container Runtime Interface (CRI) using OCI conformant runtimes.
The scope of cri-o is tied to the scope of the CRI.
This initial introduction is build + packaging only. It is expected
that configuration and deployment tweaks are done at the distro
level.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The following commit:
commit df3a46feb971386f922c7c2c2822b88301f87cb0
Author: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Date: Tue Aug 1 17:39:39 2017 +0800
implement add/set function for hooks items
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Breaks the ability to specify multiple hooks with the same path
(i.e. a shell script that does different things based on arguments).
The author's intent with the change is unclear, so rather than fix
it, we revert it for now.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This requires some packages as well as the pypi.bbclass from meta-python.
It uses Python 3 as I don't think it makes sense to use Python 2 anymore.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We want to build in ${S}, so we now require an explicit cd ${S}
to avoid landing in the build directory.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Recently in the oe-core the go.bbclass changed and requires the
defition of the GO_IMPORT variable. This was intended to simplify how
the compilation works with go packages and it is still a work in
progress.
This patch set makes the recipes compatible to generate the same end
result as before using the new go.bbclass from oe-core.
Any patches that were included in the recipes had to have the paths
adjusted because the new go.bbclass manipulates the notion of S to be
S + "src" + "$GO_IMPORT" internally for the purpose of unpack, patch
and compile.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Our current version of criu is about a year old and has some
compilation issues with the latest gcc (currently it is
unbuildable). Since the version of criu and the kernel version are
fairly tightly coupled it wouldn't be surprising of this old criu
would also be exhibiting some runtime issues with our fairly new
kernel version.
With the above in mind we uprev to criu v3.4 which was recently
released. This requires several of the patches to be updated (mostly
context). We are able to drop the selinux related change as RSS
prevents the situation this was working around from happenning.
This was validated using https://criu.org/Simple_loop (and a few
variants).
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
While the recipe was functional under an image based on core-image-
full-cmdline, when tested with core-image-minimal runtime issues
appeared: Singularity was unable to create a filesystem within the
container. This change fixes this issue.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If Bash is not included by any other recipe, the recipe fails at the QA
check. This commit adds Bash to the list of dependencies, preventing
this issue.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Singularity is a container platform built on the principle of mobility
of compute. It is designed to be used on HPC clusters and, unlike
Docker, it does not require root access to mount an image. In addition,
it can use Docker images out-of-the-box and it can pull them from the
Docker Hub. For more information, see singularity.lbl.gov
This recipe enables building the Singularity container platform.
Additionally, it creates a symlink from /usr/bin/python3 to
/usr/bin/python, as well as a symlink to where python3 expects
CA certificates to be.
I have tested it on a Raspberry Pi 3: I successfully built and run
arm32v7 images from Docker Hub. Make sure you have the right image for
your CPU architecture: it defaults to amd64.
Signed-off-by: Alexandru Tiniuc <tiniuc.alexandru at gmail dot com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The build is failing due to a failing QA check:
ERROR: lxc-2.0.8-r0 do_package_qa: QA Issue:
/usr/lib/lxc/ptest/src/tests/lxc-test-may-control contained in
package lxc-ptest requires /bin/bash, but no providers found in
RDEPENDS_lxc-ptest? [file-rdeps]
Add bash to the the ptest RDEPENDS.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Fix daemonization, align args with docker.service, fix line breaks in
log file - and fix INITSCRIPT_PARAMS (there is no variable
OS_DEFAULT_INITSCRIPT_PARAMS).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Analogously to docker: There is no variable
OS_DEFAULT_INITSCRIPT_PARAMS, just use "defaults".
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To match the docker (moby) and runc updates, we need the latest containerd
from the 0.2.x branch to work in cooperation with the other components.
Note: containerd master won't currently work with docker master, but is
very similar to 0.2.x. The build target varies slightly in master, but
otherwise with these changes to the recipe and build steps we can switch
easily when the time comes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The docker uprev missed the version string which matches the actual
binary being built. With this change, the package now reflects the
correct version.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The latest oci-runtime-tool builds are throwing the missing GNU_HASH
error during QA checks.
This is common with go applications, and isn't a problem, so for now,
we simply skip the check.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The config.json has elements which have changed in the latest runc.
These changes are not backward compatible with older versions of runc.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The selinux disable patch required changes as more setfilecon
operations were added.
The new upstream work is needed to allow the rootfs specification to
continue working because runc no longer passes the "root" key as a
part of the json configuration which is sent to a hook via stdin.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The build method for docker client changed where by the docker cli is
now required to be pulled in from a separate git tree to be built.
The integration patch to cross compile was also upreved since some
parts of it were accepted upstream while other parts have not been
accepted at this time.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This allows for setting up a detached session where you do not want to
set the terminal to false in the config.json. More or less this is a
runtime override.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev to pick up latest changes in docker-runc.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Fix the following QA warnings:
QA Issue: lxc rdepends on gmp, but it isn't a build dependency,
missing gmp in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on libidn, but it isn't a build dependency,
missing libidn in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on gnutls, but it isn't a build dependency,
missing gnutls in DEPENDS or PACKAGECONFIG? [build-deps]
QA Issue: lxc rdepends on nettle, but it isn't a build dependency,
missing nettle in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Fix the following QA warning:
QA Issue: /usr/libexec/criu/scripts/systemd-autofs-restart.sh contained
in package criu requires /bin/bash, but no providers found in
RDEPENDS_criu? [file-rdeps]
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Fix the following QA warning:
QA Issue: criu rdepends on libbsd, but it isn't a build dependency? [build-deps]
This had been fixed by 1fd94d8535,
but then was overwritten by b9b7ece0cd
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
According to https://github.com/docker/libtrust, this repo is now deprecated
and the library was integrated in the docker-distribution repository.
Signed-off-by: Anselmo L. S. Melo <anselmo.melo@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
gcc 7 has a bug:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=11672https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78969
In order to avoid the build failure that this causes we reduce the
range by one. Better to have a slight reduction in the range than
having nobody to be able to build and use lxc.
Once gcc is fixed this can be reverted.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
1)Upgrade lxc from 2.0.0 to 2.0.8.
2)Delete two patches, since it is integrated upstream.
Delete Generate-lxc-restore-net-properly.patch,this script has already been rearchitected out of existence by cba98d127bf490b018a016b792ae05fd2d29c5ee
Delete Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch,this script has already been rearchitected out of existence by af6824fce9c9536fbcabef8d5547f6c486f55fdf from git://github.com/lxc/lxc.git
3)Modify two patches, since the data has been changed.
automake-ensure-VPATH-builds-correctly.patch
runtest.patch
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Updating to the latest oci-image-tools for better support in unpack/creating
runtime bundles.
With this update, we get a single tool with subcommands, versus separate
commands previously.
We also add two proposed (but not merged) patches that can deal with existing
symlinks when unpacking layers. Without this, we fail to unpack many complex
containers due to duplicate files in layers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Historically Yocto installs python modules in ${libdir} and not the
no-arch variant. The criu install was following every other distros
use of the non-arch variant, /usr/lib, which was being picked up by
the QA check. Modify the criu Makefile to enable us to overwrite this
location by using setup.py's install-lib directive.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To provide hexdump which is used as part of the build process. Resolves
| criu/pie/../../scripts/gen-offsets.sh: line 37: hexdump: command not found
| criu/pie/Makefile:96: recipe for target 'criu/pie/parasite-blob.h' failed
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
I am not sure how the uprev to v2.5 was completed without seeing this
patch failure but regardless the file being patched was moved to the
'criu' directory as part of the v2.5 release. Update the path found in
the patch and update the context in the patch such that it applies.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Continue work to use go infra in oe-core instead of the support for go
previously found in meta-virt. This is a 1:1 drop in replacement and
removes one more go piece from meta-virt in favor of the common
support found in oe-core.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rather than explicit go-cross DEPENDS, we can inherit go.bbclass and
pick up them automatically.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This recipe just installs a pair of shell scripts.
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Lua support is automatically enabled when configuring LXC if lua is
available in the sysroot. The packaging step will fail since the lua
related files are not in FILES.
This patch explicitly enables/disables lua support using PACKAGECONFIG,
and also adds lua-related files to FILES.
Signed-off-by: Jonatan Pålsson <jonatan.palsson@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The docker recipe has some outdated go hacks. While this doesn't remove
them all, it does use more of the oe-core go infrastructure .. and that
results in more consistent builds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
glibc-utils is only provided by glibc therefore
add it with glibc overrides.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rather than expliciting depending on go-cross-${TARGET_ARCH}, we
can now simply inherit the oe-core go bbclass. This gets us the
correct go dependencies and other variables properly set.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We can now use the oe-core go bbclass to get our DEPENDS correct
for building these go packages.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Follow the bouncing docker-registry package. Rather than use the docker hub
registry container, we can have finer grained control if we clone and build
the docker-distribution repository directly.
Since this is distinct from the main docker package/codebase, we break the
registry back out into its own package.
We also create a baseline configuration and .service file that can be the
basis for more complex implementations.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The docker v1 registry has long been depreciated and moved into the
docker distribution library.
The registry is run via the docker CLI and not through a standalone
server.
This change removes the old registry and adds a .service file + package
for docker registry in the main docker recipe. Anyone that wants to
run a local registry can install the docker-registry package and the
service will start.
Note: No full config.yml file is provided, since the default are sane.
If tweaks are required, we can use ENV vars or consider adding a
config overlay.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Most (all) distros package docker-proxy along with the docker CLI
and daemon .. largely due to the fact that it is required to run
the docker registry.
docker-proxy is part of the libnetwork repository, so we add it to
the docker recipe as a separate git repo and integrate it into the
build and packaging process.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since there are two implementations of runc and containerd that may
not always be in sync, the docker variant, and the opencontainers
variable, we create a virtual/* namespace for these components.
Anything requiring runc or containerd should set a preferred provider
to get the desired/tested variant.
We set the default provider to the docker variants, since they are
the primary use case for these components.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Oru existing docker.service file is using an out of date command. We
can use the contrib .service file instead .. and hopefully it will
stay up to date.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
At the moment we only use runc in conjunction with docker. In order to
allow docker to function correctly we need to use the version
specified in docker's vendor.conf file. Uprev runc to this version.
NOTE that the docker folks have actually forked runc and I have used
this fork as the SRC_URI. I could have chosen instead to use the old
SRC_URI along with the fork point commit as the SRCREV, and then
applied the 2 commits the docker team have added beyond the fork. I
opted instead to use the fork such that 'docker info' would not
complain about a version mismatch. This also makes it easier to google
for issues since the commit ID matches.
NOTE when we eventually have more users of runc we will have to
determine a strategy to either have them all use the same version or
allow for multiple versions of runc on the system. This is also true
for containerd.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker defines required dependency versions in its vendor.conf
file. These can also be validated by running 'docker info' on the
running system. In order to avoid issues, such as the current one
where docker can't run containers, we need to ensure we match these
versions. Uprev containerd to the version defined in docker's
vendor.conf file.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Go only understands "386" as target arch, not "i586". Adjust this.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Regular users don't need lxc, docker-registry and rt-tests on the target.
These tools aren't even needed or provide additional features when running
docker at runtime. They also increase the size of the image uneccessarily.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker is failing to build because it is attempting to download
missing go dependencies. Add new recipes for missing dependencies and
update existing recipes to ensure the version defined in docker's
vendor.conf is available.
Note that this fixes the build only. At this time many docker
functions are working, such as 'docker image', 'docker pull' and more,
but 'docker run' is currently failing.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since we are building a cross tool which produces something which is
ARCH specific we should stick to the <toolname>-cross-<arch> naming
convention. A variant of this patch has been floating around for a
while but with the changes around per recipe sysroots, distributed
builds, shared builds... we are best served to adopt this convention
now.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Make use of bitbake variable where appropriate, this makes the recipe portable.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Make use of bitbake variable where appropriate, this makes the recipe portable.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The poky/oe-core commit [glibc: Upgrade to 2.25 snapshot] brought with
it a change that has apparently been in the works for a while, to move
major() and minor() definitions from <sys/types.h> to
<sys/sysmacros.h>. This version of glibc took the step of adding a
warning about this change which results in the build failure of lxc
since we build with -Werror:
| lxclvm.c:139:13: error: In the GNU C Library, "major" is defined
| by <sys/sysmacros.h>. For historical compatibility, it is
| currently defined by <sys/types.h> as well, but we plan to
| remove this soon. To use "major", include <sys/sysmacros.h>
| directly. If you did not intend to use a system-defined macro
| "major", you should undefine it after including <sys/types.h>. [-Werror]
| major(statbuf.st_rdev), minor(statbuf.st_rdev));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Instead of dropping -Werror we are opting instead to apply the
upstream fix for this since it is available and applies relatively
cleanly.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Similar to commit 01aa8f1, runc and containered also need to set GOROOT
explicitly.
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This new version of docker starts to assume that go 1.7 is
used. Specifically in go 1.7 golang.org/x/net/context has been merged
so the include is starting to be shortened to simply "context" which
does not work when using go 1.6. We can continue to use go 1.6 by
using the full pkg path.
Additionally the docker-proxy is not built when using the hacks build
mechanism, as we do to build docker (ie. we don't build docker in a
docker container). We could probably find a way to build docker-proxy
using the build hacks, but for now we will simply drop docker-proxy
from the package. In an embedded env. using the proxy doesn't make a
lot of sense anyways.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Adjust SRCREV and DOCKER_VERSION to match docker 1.13.0 release.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc's postinst will run populate-volatile.sh scripts,
which is provided by initscripts package, thus it's better
to add this rdepends.
Signed-off-by: fli <fupan.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
cosmetic only, no changes in behavior:
* align all the DEPENDS, better readability
* fix indentation in do_install(): space -> tab
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
It allows to:
* easily extend future architecture added/supported
* tune arm architecture and set GOARM as appropriate
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The oci runtime uses config.json to configure and control containers.
Most of that file can be generated via the oci runtime tools.
With this package we can generate container configurations dynamically
on the target.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To support running "OS containers" aka systemd as the entry point under runc,
we provide the oci-systemd-hook.
By adding this to the pre-start and stop hook points, coupled with the proper
config.json, you can start systemd controlled containers via runc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Bitbake reports a [debug-files] QA Issue for the following path:
packages-split/lxc/usr/lib/lxc/lxc/hooks/.debug/unmount-namespace
Signed-off-by: Igor Socec <igor.socec@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The script /usr/share/docker/config-check.sh is very useful to test all
kernel requirements for docker. A lot of embedded boards will use a
custom kernel config that does not have all kernel features enabled by
default. Install the script so kernel developer can easily enable the
missing features.
Signed-off-by: Stefan Lengfeld <s.lengfeld@phytec.de>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We need to ensure we are using the target toolchain and sysroot to
avoid possible host contamination, and in the case of non x86-64
target builds, allow the build to complete successfully.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
getent is needed by lxc-net of lxc, but current system misses it,
so add glibc-utils to lxc's rdepend, fix this issue.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This is a small package so despite the large version jump the changes
are minor, mostly bug fixes and some work around systemd.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Seems upstream adjusted their LICENSE file. The license is still
Apache version 2 so no worries about having to update the LICENSE
string for the recipe.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Systemd takes care of setting up the various cgroup mounts at boot,
and likewise the tearing down of these at shutdown. It is therefor a
useless dependency when we are using systemd.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Bumping the version of docker and dependencies. This gets us closer to
runc 1.0, which is the foundation for future OCI efforts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The docker build isn't properly using CFLAGS/LDFLAGS, which triggers the following
QA error:
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: QA Issue: No GNU_HASH in the elf binary: 'docker/1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0/packages-split/docker/usr/bin/docker' [ldflags]
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: QA run found fatal errors. Please consider fixing them
ERROR: docker-1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0 do_package_qa: Function failed: do_package_qa
ERROR: Logfile of failure stored in: tmp/work/core2-64-overc-linux/docker/1.11.1+git5604cbed50d51c4039b1abcb1cf87c4e01bce924-r0/temp/log.do_package_qa.63906
ERROR: Task meta-virtualization/recipes-containers/docker/docker_git.bb:do_package_qa (meta-virtualization/recipes-containers/docker/docker_git.bb:do_package_qa) failed with exit code '1'
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If the lxc is compiled with gcc 5.2 -O2 optimization on arm,
lxc-console/lxc-stop command always produce segment fault.
The same issue also occurred on systemd: [YOCTO #8291]
For lxc, after several testing, it only needs to disable
schedule-insns2 to fix the segment fault issue.
Signed-off-by: fli <fupan.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
When building for qemux86 the following error was encountered due to GOARCH
being set incorrectly:
compile: unknown architecture "i586"
This can be fixed by using the go-osarchmap class.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Some recipes in RDEPENDS are installing specific version of package, for
example:
gunicorn (= 19.1.1)
If usigin ipk for PACKAGE_CLASSES, opkg prints error:
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies
for docker:
* gunicorn (= 19.1.1) *
* opkg_install: Cannot install package docker.
This error is caused because opkg appends package revision to version.
In this case:
gunicorn_19.1.1-r0.1
If we use comparator >= this error doesn't appear.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
It shows warning when build crius if libselinux has been built already:
WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
Add a patch to disable selinux support when 'selinux' is not in PACKAGECONF.
And update indentation at same time.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Usually $GOROOT is set by go tool, but if sstate is specified, $GOROOT
is set to the path in the first project. If docker is built in the
another project(with same SSTATE_DIR) later, and the first project is removed,
the following error will be seen:
| go: cannot find GOROOT directory:
/path/to/previous/project/bitbake_build/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go
This commit is overriding $GOROOT stored in the go tool in sstate cache,
making sure it is set to the correct path in current project.
See more information here: https://golang.org/doc/install#install
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since CRIU does not explicitly nominate the version of protobuf as 2.6.1, which
should not be included just here. And it seems protobuf-2.5.0 is doable or this
CRIU version based on a basic testing according to criu.org/Simple_loop as well,
so remove it from criu.
Signed-off-by: Zumeng Chen <zumeng.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We no longer need go-net and go-sqlite for the docker build and
runtime. The upstream repos are no longer properly fetching, so
we can simply drop the recipes and dependency.
If they are ever needed in the future, we can revisit the upstream
source for them.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Recent patch did deprecate a standard POSIX function [1].
This is the build error:
| ../../../lxc-2.0.0/src/lxc/cgfs.c: In function 'cgroup_rmdir':
| ../../../lxc-2.0.0/src/lxc/cgfs.c:172:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
| while (!readdir_r(dir, &dirent, &direntp)) {
| ^
| In file included from ../../../lxc-2.0.0/src/lxc/cgfs.c:30:0:
| /.../build/tmp-glibc/sysroots/qemux86-64/usr/include/dirent.h:183:12: note: declared here
| extern int readdir_r (DIR *__restrict __dirp,
| ^
[1] https://www.sourceware.org/ml/libc-alpha/2016-02/msg00093.html
Signed-off-by: Anders Roxell <anders.roxell@linaro.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The 'base_contains' is now deprecated and only kept as a compatibility method. It will be removed in future releases.
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This is fixing:
QA Issue: criu rdepends on libbsd, but it isn't a build dependency? [build-deps]
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Updating docker to the 1.11.1 release, which uses the open container initiative
components.
With this udpate, we drop patches that are no longer required, and adjust the
install/strip routines to not look for obselete components.
There are now 4 binaries required for docker to work:
- docker
- docker-containerd
- docker-containerd-shim
- docker-runc
The new containerd and runc recipes provide the latter, while docker provides
the cli and daemon.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
With the update to docker 1.11.x, we must also introduce runc. From the
runc site:
runC is a CLI tool for spawning and running containers according to the OCP specification.
Containers are started as a child process of runC and can be embedded into various other
systems without having to run a Docker daemon.
runC is built on libcontainer, the same container technology powering millions of
Docker Engine installations.
Docker images can be run with runC.
So not only is runc required for docker, it is useful for any system that wants
to run OCP containers AND docker containers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
With the update to docker 1.11.x+, we need the OCI containerd to control
runc:
containerd is a daemon to control runC, built for performance and density.
containerd leverages runC's advanced features such as seccomp and user
namespace support as well as checkpoint and restore for cloning and
live migration of containers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2.0.0 is released, and contains many of the patches we've been carrying for
1.x.
With this updated, we drop upstream backports (and submitted patches), and
refresh on patch. Otherwise, everything is the same.
Sanity tested on x86-64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Recently the configure with python enabled has become the default here.
However, if the host doesn't have python3, configure fails with:
checking for a Python interpreter with version >= 3.2... none
configure: error: You must install python3
We have a python3 in the sysroot, but we need to inherit it for it to
be available for lxc's configure step.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Cherry picked patch from lxc upstream commit:
f2e206ff47<lxc: let lxc-start support wlan phys>
to enable lxc-start command support wlan0 device
and make cube-essential support paththrough wlan
device from host to lxc containers.
Signed-off-by: fli <fupan.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This is the latest stable release and includes many important bug
fixes as well as CVE fixes such as CVE-2015-1335.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Warnings fixes:
- optional mounts when dirs not available
- busybox dynamically linked
- fstab not available in container
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Prior to poky commit 3d45853eef1269b455d840a60491802251368378
[python3: fix do_configure check platform triplet error] lxc's
configure scripts would fail to find python3 and would therefor
configure with python3 support disabled.
After poky integrated the above commit lxc can, and does, detect
python3 and attempts to configure with python support. Unfortunately
it would detect the host's python3 which it would use to run setup.py
and therefor get the host's include path etc. and ultimately fail to
build.
To fix this we make 'python' support configurable via a PACKAGECONFIG
and we default to not configuring with this support, to match our
previous configuration. We also fix things such that 'python' support
can be enabled in the PACKAGECONFIG and the build will complete
successfully, using our python3 and not the host's.
We might want to eventually enable the python support but since this
not only enables python extensions but even goes as far as turning
scripts like lxc-ls into python scripts, instead of shell scripts,
keeping it disabled for now is the minimally invasive approach.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
These patches address some warnings that LXC throws when running
an application container. They are currently applied in the official
repository.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@nxp.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
go-cross-1.3 is old, and doesn't link properly with the latest 2.26
binutils.
To get things building again, and to start the docker uprev, we simply
depend on go-cross and line docker up with the rest of the go users.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Finding the libprotobuf.* incorrectly if the host have pkgconfig
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
V1.1.4 includes a fix for CVE-2015-1335:
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container
administrators to escape AppArmor confinement via a symlink attack on a (1)
mount target or (2) bind mount source.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1335
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Some of the cgo variables were pointing to host paths and not target
Fix install rules - binaries can be installed to a subdirectory.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since we need go 1.3 to co-exist with later versions (ie 1.4),
package go-cross_1.3 as go-cross-1.3_1.3.
go 1.3 will be installed to a different path than go-cross, this requires
go packages needing go 1.3 to set its PATH to:
export PATH=${STAGING_BINDIR_NATIVE}/${HOST_SYS}/go-1.3:$PATH
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add the protobuf's pkgconfig path into PKG_CONFIG_PATH
so that pkg-config can find the protoc from sysroot in the configure process.
And don't conflict even if installing the protobuf in the localhost.
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Problem: Logs are nice in that they report the source file,
routine, and line number where an issue occurs. But the
file is printed as the absolute filename. Users do not
need to see a long spew of path directory names where the package
just happened to have been built on some host somewhere. It
can be confusing to anyone other than the developer.
Solution: Introduce a configure option to chop off all leading
directories so that just the source filename ie. basename is printed.
[ Upstream status: Not needed. These absolute filenames are a
consequence of poky/bitbake feeding the absolute filenames to
the compiler. If you build lxc outside of poky/bitbake, just
the basenames are fed to the compiler. ]
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev to 1.1.3
Remove Generate-lxc-restore-net-properly.patch since related code
has been removed.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The networking configuration that is part of the lxc-setup package is
not appropriate for all use cases, or init systems.
To avoid having this configuration be pulled in by default, we create
an empty -networking package that handles the configuration. Images
can enable this step by including lxc-networking in the install package
list.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
With the recent python-simplejson:upgrade 3.6.2->3.7.3, docker-registry
was broken due to unsatisfied dependencies. The docker-registry builds and
passes basic testing with 3.7.3 (verified by jason.wessel@windriver.com),
updating the dependency requirement to >= 3.6.2
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
docbook2man fails to build the man pages in poky
due to missing the ancient Davenport 3.0 DTD.
Poky meta has the Oasis 3.1 version so upgrade
to use that instead.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
From b101a0c7ce6ef1eb41bef786831e58fa4d1b069f Mon Sep 17 00:00:00 2001
From: Amy Fong <amy.fong@windriver.com>
Date: Mon, 27 Jul 2015 14:10:20 -0400
Subject: [PATCH] golang: use oe-meta-go
Update meta-virtualization to use go package from oe-meta-go.
The package golang-cross is go-cross in the oe-meta-go.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Systemd throws the following warning at boot:
systemd[1]: [/lib/systemd/system/docker-registry.service:10]
Not an absolute path, ignoring: #WORKDIR#
Fix WORKDIR in docker-registry's systemd from #WORKDIR# to
${PYTHON_SITEPACKAGES_DIR}/docker_registry
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This version has better support for unprivileged
containers.
Two patches are deleted as they are now included.
One new patch is introduced to fix a file not found error at
the install build step.
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker searching and launch looks for iptables, so we add it to the
rdepends.
To actually launch a container, netfilter nat and dm-think are often
required, so we make those modules rrecommends.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
golang doesn't work with ccache. In the current state, a lot of parsing
happens where it'll grab the first string in CC or LD and uses that for
its builds. When ccache is enabled, it results in trying to do builds
with just ccache.
The brokeness is seen when building with apps that uses cgo, like docker.
To enable ccache to work, some string comparisons and changes to parsing
had to be made.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Uprev docker to 1.6.2
go-capability is upreved to a later git commit
go-dbus is upreved to version 2
go-distribution-digest is added as a new dependency. Only the
digest part of go-distribution is needed/kept here,
hence go-distribution-digest
go-logrus is upreved to 0.7.1
Remove PR since it's no longer used
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add handling for distros with both systemd and sysvinit by passing
multiple init systems to configure with --with-init-script=
Signed-off-by: Erik Botö <erik.boto@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add command line parameter to create Busybox containers
with OpenSSH support. As a prerequisite, OpenSSH needs
to be installed on the host system.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
In yocto builds, preprocessing of binaries can happen after the install
phase. Some of these can modify the size/sha1sum of the binaries.
e.g. A new .gnu_debuglink can happen
docker will not start because of these modifications. Docker initially
does a sha1sum of dockerinit to identify the dockerinit that it was built
with, this is done for security and for compatibility reasons. Since
this checking is disabled, we should rely on rpm tests for validation
of the binary instead.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If lxc is built not in the source dir, upstart files will fail to be
installed, because of Makefile error.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To generate a proper systemd.service file we should use lxc's builtin
configuration option for the initscript type. To support both sysvinit
and systemd, we trigger off the DISTRO var and enable the proper init
system accordingly.
When properly configured, lxc will create helper scripts and install
the service file, so we can delete the explicit copy of the service
file and let the default rules trigger and install what is needed.
The helper files installed by lxc require a lsb function that is not
commonly available in the 'functions' library: "action". To ensure that
the helper scripts operate, we create a local action() routine with
the expected semantics.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upgrade criu from version from 1.2 to 1.4.
criu is the only user of protobuf and only supported on x86 and arm,
so limit protobuf support on x86 and arm too.
Signed-off-by: Nam Ninh <nam.ninh@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The following is the type of error you see when CCACHE is enabled.
| ---> Making bundle: dynbinary (in bundles/1.5.0-dev/dynbinary)
| go build runtime/cgo: no buildable Go source files in /opt/proj/tmp/sysroots/x86_64-linux/usr/lib/x86_64-wrs-linux/go/src/pkg/runtime/cgo
| WARNING: /opt/proj/tmp/work/core2-64-wrs-linux/docker/1.5.0+git2243e32cbbf1c9809c262a7376d34ca43a7a36dc-r0/temp/do_compile/run.do_compile.19967:1 exit 1 from
| DOCKER_GITCOMMIT="2243e32cbbf1c9809c262a7376d34ca43a7a36dc" ./hack/make.sh dynbinary
| ERROR: Function failed: do_compile (log file is located at /opt/proj/tmp/work/core2-64-wrs-linux/docker/1.5.0+git2243e32cbbf1c9809c262a7376d34ca43a7a36dc-r0/temp/do_compile/log.do_compile.19967)
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Docker's build process will clone missing dependencies which
circumvents the bitbake fetcher. This is a bad thing in many ways, for
example this will not respect BB_NO_NETWORK and DL_DIR settings. To
work around this we are able to provide recipes for each of the
missing dependencies.
The dependencies are all in GO and are required to be added to the
sysroot such that the docker build can find them via GOPATH at build
time. The docker recipe was updated to add these new packages as
dependencies and the explicit clone of go-cli was removed.
After these change we are able to complete the build with networking
disabled after completing a fetchall. Docker functionality was tested
on an image built with these changes and it functions as it did
before.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Update the LXC recipe with the upstream-applied version of the patch.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add the necessary bits to enable seccomp support for LXC running on PPC
architectures. libseccomp added support for PPC [1], yet to be applied to
Yocto/meta-security.
[1] https://github.com/seccomp/libseccomp/tree/working-ppc64
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Busybox powered containers rely on a different signal for reboot - SIGTERM,
rather than the default SIGINT.
Apply the upstream support adding the infrastructure for defining a custom
reboot signal for a container, and default this signal to SIGTERM for Busybox
containers. The original patches have been applied on the upstream master LXC
branch, and required a minor backport.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Now that we have a lxc-setup package, we can start to define networking
and other out of the box configuration details for those that opt to
install it.
These are by no means complete, and won't work for everyone, but they are
a start.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc comes with sysvinit and systemd initscripts that autostart
containers and check for required services. So we should be installing
and enabling them.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc 1.0.7 is available, and integrates two patches that we were carrying
against 1.0.6 .. so we do the update, and drop the two busybox patches.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Add PACKAGECONFIG for 'selinux', otherwise there would be warnings like
below:
WARN: lxc: lxc rdepends on libselinux, but it isn't a build dependency?
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Rework patch 5b57bf462b [lxc: fixup VPATH builds]
since the new version of LXC refactored one of the files and it no longer
applies. Provide a fix for what's left.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Also remove patch file that no longer applies.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Building and basic functionality verified on Wandboard-dual
with linux-wandboard_3.10.17.
Signed-off-by: Alexey Firago <alexey_firago@mentor.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Split a ${PN}-template pkg to put ${datadir}/lxc/templates/, and debash in
${datadir}/lxc/hooks/* since the checkbashisms shows there are no bashism, so
use /bin/sh.
checkbashisms is from devscripts package:
http://packages.ubuntu.com/trusty/devscripts
Bash scripts:
lxc/usr/share/lxc/hooks/mountcgroups:#!/bin/bash
lxc/usr/share/lxc/hooks/ubuntu-cloud-prep:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-debian:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-openmandriva:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-archlinux:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-centos:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-plamo:1:#!/bin/bash -eu
lxc/usr/share/lxc/templates/lxc-ubuntu-cloud:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-opensuse:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-gentoo:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-altlinux:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-sshd:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-ubuntu:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-cirros:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-busybox:1:#!/bin/bash
lxc/usr/share/lxc/templates/lxc-fedora:1:#!/bin/bash
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Ensure that we modify the libdir in the build directory, not the
source directory, to respect the splitting of source and build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
While buiding protobuf ptest on Centos 6.4, the build
failed with errors:
...libprotobuf.so: undefined reference to `memcpy@GLIBC_2.14'
This is due to protobuf.pc still contains /usr/lib64
as libdir which are not good for cross compiling.
Replace it with proper sysroot path.
Signed-off-by: Zibo Zhao <Zibo.Zhao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Tweak the ptest build rule to look for artifacts in the build directory
instead of source, since build and source are split on the latest oe-core.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The installation of Google Protocol Buffers python header files
requires the ability to run the "protoc" compiler on the host to
generate the Python header files. This fix adds a native package
that builds Google Protocol Buffers for the host machine to provide
the compiler that is used to cross-compile the package for the target
machine.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Google Protocol Buffers includes some basic example applications to
show its functionality. This fix installs these examples to the
target system when the "test" feature is enabled in the configuration.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The recipe uses 4 spaces instead of tabs when indenting. The recipe
style guidelines indicate that tabs should be used instead. This
simple fix replaces the spaces with tabs where appropriate in the
recipe file.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The compiler generated by Google Protocol Buffers currently includes
support for Python bindings. However, currently the python files
required to use the generated files are not included on the system.
This fix installs the python header files using python setup-tools
after the compiler is built.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Upgrade Google Protocol Buffers to version 2.5.0. The previous
version 2.4.1 is getting quite old (released April 2011). The newer
version provides bug fixes and more functionality. This version adds
some speed optimization and the ability to allow multiple enum
symbols to have the same value.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Update lxc to latest available version: 1.0.5
Remove already upstreamed patches.
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Poky commit 69b6eaca3d9b635e8a61a0fdbd814b558e91901d [autotools:
Enable separate builddir by default] enforced separate build
directories, which is supported by automake. Unfortunately lxc had a
few make directives which didn't take into account VPATH builds so
fixing them up here to allow the lxc build to complete successfully.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Install lxc test suite and run it as ptest.
Signed-off-by: Mihaela Sendrea <mihaela.sendrea@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Adding a couple of upstream fixes for lxc:
- follow symlinks when determining if Busybox is statically linked
- don't fail for lxc.network.type = none
- don't fail if no default macvlan mode is specified
More details are available in the individual patches.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The reason is that the generic code which handles reading lxc.rootfs.mount
always frees the old value if not NULL. So without this setting
lxc.rootfs.mount = /mnt causes segfault.
This is a backport for lxc-0.9.0 (dora) of the same fix found in
upstream's master, see commits 54c30e29 and 53f3f048.
Signed-off-by: Josep Puigdemont <josep.puigdemont@enea.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
autoconf-1.14 will fail to configure lxc with the following warning (and
hence error):
| automake: warnings are treated as errors
| src/lxc/Makefile.am:79: warning: source file '../include/openpty.c' is in a subdirectory,
| src/lxc/Makefile.am:79: but option 'subdir-objects' is disabled
So we tell autoconf that subdir objects are fine .. and the issue is solved.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
lxc's configure script makes use of pkg-config so we need to inherit
pkgconfig or else we may see an error like
./configure: line 5315: syntax error near unexpected token `PYTHONDEV,'
./configure: line 5315: ` PKG_CHECK_MODULES(PYTHONDEV, python3 >= \
3.2,,AC_MSG_ERROR([You must install python3-dev]))'
during configure.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Without enabling INCLUDE_SUSv2 in busybox, we need to use head's -n argument,
rather than -#.
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
BPN should be used in place of PN otherwise the fetcher will attempt
to download a file with the multilib prefix,and fail, and S will not
be what is expected, causing patching and other failures.
Signed-off-by: Mark Asselstine <asselsm@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Patch to fix interface netns transition when
assigning a physical interface to a container.
Pushed to the upstream LXC repo, to be included
in future versions of LXC.
Further details in included patch description.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Many LXC templates expect the cache directory to exist and use it without
necessarily checking if it exists. Normally the Makefile would create this
directory but since /var/cache is volatile we must use the volatile system to
create this directory at boot, or when the package is installed.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
To be safe, we specifiy all four possible fields
even if some trailing ones are null.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Do not query the host to find out our distro. We specify the bitbake
variable ${DISTRO} in order to get the desired runtime default config file.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This patch has been included in the upstream repo as the first
patch after LXC 0.9.0 release. Including it in meta-virtualization
for proper functioning of the lxc-clone command.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The patch checks bind mounting lib directories when starting a
busybox container on a 64bit platform. Some entries in the host
filesystem are not present but the busybox template expects them
to be there, and thus container start fails.
Please see further details in added patch description.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This patch enables installation of Buysbox containers on Busybox hosts.
Please see patch message for detailed information.
The patch has been submitted and accepted upstream by LXC maintainers.
The functionality hasn't made it to LXC 0.9.0, but will (most probably)
be included upstream in future releases of LXC.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Patch is no longer needed since the removal of LXC 0.8.0 recipe.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
LXC 0.9.0 has been added, we no longer need the 0.8.0 recipe, since
all functionality has been migrated
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The patch configures the LXC recipe to include configuration examples
or containers in the default package - lxc, not in the documentation
one - lxc-doc.
By default, bitbake will split a specific package into multiple sections,
based on meaning - binaries, libraries, documentation, configs, etc. The
sections will then be assembled into individual packages, such as e.g lxc,
lxc-doc, lxc-dbg and so on. The packages are mutually exclusive with
respect to the sections they contain.
LXC installation provides several example configuration files for various
usage scenarios. The twist is that LXC build scripts place these config
examples in a relative path that is identified by bitbake as belonging to
documentation. This patch places these configuration files in the main
package, where they normally belong.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The provided patch makes a modification to the LXC busybox template (the
template that creates a minimal container with Busybox).
This type of container will start the udhcpc service - the DHCP client - on
init. For an embedded Linux image, we might assume that the majority of
containers will have manual / static networking configuration on start.
Considering this, starting the udhcpc service by default is useless, since
the service will then has to be killed. The containers that use DHCP for
networking can start udhcpc after container boot, or alter the busybox
template locally to do so by default.
The patch deactivates the default start of the DHCP client on a Busybox
container init.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Introducing the LXC 0.9.0 recipe.
Maintainer log for intermediate versions since LXC 0.8.0. This only contains
the major differences between versions. You may find the complete log on the
SourceForge LXC devel mailing list [1].
0.9.0.alpha1:
- Introduction of the new liblxc API
- Python bindings
- New tools:
- lxc-device
- lxc-start-ephemeral
- python version of lxc-ls
- lxc.autodev support
- oracle template
- reworked lxc-attach
- /etc/lxc/lxc.conf configuration
- Switch to new docbook
- A lot of other improvements, new features and bugfixes
0.9.0.alpha2: bug fix for issue with 0.9.0.alpha1 - no significant changes
0.9.0.alpha3:
- Android support
- New lua binding
- User namespace support
- Oracle template
- Manpage updates
- POSIX shell support for most scripts
- Improved systemd support
- Various API improvements
- Logging improvements
0.9.0.rc1:
- Addition of -P option to all executables (to specify lxcpath)
- Rework of the cgroup handling code
- Rework of lxc-attach for userns
- Updates to the alpine, archlinux, opensuse, oracle and ubuntu
templates. Removal of the lenny template.
- Introduction of a new lxc.stopsignal option
- Introduction of a new lxc.kmsg option
- Various userns improvements
- New --host option in lxc-ps
- Introduction of a few examples lxc hooks
- Support for nested containers in lxc-ls
- Introduction of get_version in the C API.
- And a variety of bugfixes
0.9.0:
Feature changes include:
- Support for ephemeral containers in lxc-clone
- --clear-env/--keep-env support in lxc-attach
- -n option to lxc-start-ephemeral
Everything else is bugfixes on top of rc1.
Tests done by maintainers:
- Test build on my machine (up to date Ubuntu 13.04)
- Test build on Launchpad (Ubuntu 12.04, 12.10 and 13.04)
- Test build on an armhf board running Ubuntu 13.04
- Test build for Android cross-compiling on my laptop
- Ran our test suite on the x86 binaries
- Ran a quick test (start/stop/info/wait) on Android
- Tested the API and tools on ARM
- Rebuilt all my local templates (~20 containers) on a variety of
architectures (i386, amd64, armel and armhf)
[1] https://lists.sourceforge.net/lists/listinfo/lxc-develIntroducing the LXC 0.9.0 recipe.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
