* copy the skip from podman recipe, because this packagegroup
depends on podman
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Currently boto3 can be built into an image but it won't work without
additional dependencies. First: botocore is needed at run-time, second:
there are other packages available in meta-python that need adding.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Notable Changes:
1. progress module can now be turned on/off, using the
commands: ceph progress on and ceph progress off.
2. PG removal has been optimized in this release.
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bump version to 0.14.
This upgrade is mainly to fix some BUG.
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
bumping runX to the 1.0 tag
- drop patches that are part of the release
- bump kernel to v5.4.104 to work with our gcc10
- tweak initrd install to use externally provided busybox
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Moving off the 1.20.x-rc and onto a dot release tag. This pulls in
the following commits:
e87da0bd6e0 Release commit for Kubernetes v1.20.4
5682545c2da Update CHANGELOG/CHANGELOG-1.20.md for v1.20.3
f8f2fa827d3 Release commit for Kubernetes v1.20.4-rc.0
01849e73f3c Release commit for Kubernetes v1.20.3
58c5493f22a kube-cross: update image to use v1.15.8-legacy-1
e000e9722bb [go1.15] build: Update to k/repo-infra@v0.1.4 (supports go1.15.8)
3365196e9d8 Use go-runner:buster-v2.3.1 image (built on go1.15.8)
91f2745f08c staging/publishing: Set default go version to go1.15.8
3c777448311 Update to go1.15.8
b570189cf1f Revert "make hostPort match test linuxonly"
6698a4e7afc Revert "conformance changes"
6a31f8d17ef dockershim hostport respect IPFamily
a456eb4eaf6 dockershim hostport manager use HostIP
5d9910a0172 Cherry pick of #98254:Fix the kube-scheduler binary's description of the --config parameter is inaccurate
ac866d63911 make podTopologyHints protected by lock
b84ee98db74 kubelet: Fix mirrorPodTerminationMap leak
d381d6c52cc kubelet: Delete static pods gracefully
b2576fb35f7 kubelet logs print 'kubelet nodes sync' frequently
7826a1c6b87 WIP: node sync at least once
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
If the required modules aren't in the image, k3s will fail to start.
Set the requirements as RRECOMMENDS for image types that don't install
the kernel-modules meta-package.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We build and depend on our own containerd, we don't need the ctr
symlink to k3s for proper operation.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
To more closely align with the rancher/upstream build, we add
additional tags to the build. To make them easier to manage, we
also introduce a variable and use it in the go build line.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
k3s requires seccomp, and a runc with seccomp enabled for proper
operation. runc has a distro feature check to enable seccomp, so
if we enforce it as k3s feature, we'll also get a properly built
runc and we'll work out of the box.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
runc can be built with both selinux and seccomp tags. These tags
are a requirement for proper operation with some frameworks (like
k3s).
So we add checks for the appropriate distro features and then
automatically add them to the build tags, allowing us a coordinated
enabling of the functionality.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Fixing up the PV to use SRCPV for tracking future version bumps, if
the tree is dirty or not, git will tell us.
We also add some additional kernel module rrecommends, so that the
tools called by k3s can find the support they need (mainly iptools)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
To make it easier to build container host or k*s host images (as
well as guests), we start to add some packagegroups that wrap the
required elements.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Many of the CNI plugins require authenticated connections, as such
they are looking for elements of ca-certificates.
CNI isn't small, so we add this as a general rdepends. If we need to
slim things down in the future, we can split the CNI into specific
implementations and add the dependency to those packages.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The docker split/requirement on their forked version of runc is
not relevant any more. While we keep the docker-runc around, we
should prefer the opencontainers variant, since that is where
development happens.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
containerd is rarely used without runc, so we add the runtime dependency
to make installation and image construction easier.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We already have docker and some other fragments that are relevant to
k3s/k8s, but the addition of ipset as a depends for k3s highlights
that we should have a reference configuration that sets all the options
for proper opration and runtime dependencies.
When k8s or k3s are distro features, we'll apply the new fragment to
any kernel that supports fragments (and matches the supported
versions).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Grab any remaning binaries into the main k3s package. Both k3s-agent
and k3s-server rdepend on it, so we'll be sure to get them intalled
in both scenarios.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
containerd itself provides 'ctr', and it is in our rdepends. So on
target, we have a conflict for the provider of the ctr binary.
Dropping the ctr link from k3s, since having the actual containerd
package provide its binary .. makes sense.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
See recipes-containers/k3s/README.md for basic usage and testing
instructions.
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The URI has been changed to 'https://linuxcontainers.org/downloads/lxc'
by the site maintainers recently. Updating the recipe to reflect the new
path.
Signed-off-by: Robi Buranyi <rburanyi@google.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
- OVSDB:
* Changed format in which ovsdb transactions are stored in database files.
Now each transaction contains diff of data instead of the whole new
value of a column.
New ovsdb-server process will be able to read old database format, but
old processes will *fail* to read database created by the new one.
For cluster and active-backup service models follow upgrade instructions
in 'Upgrading from version 2.14 and earlier to 2.15 and later' section
of ovsdb(7).
* New unixctl command 'ovsdb-server/get-db-storage-status' to show the
status of the storage that's backing a database.
* New unixctl command 'ovsdb-server/memory-trim-on-compaction on|off'.
If turned on, ovsdb-server will try to reclaim all the unused memory
after every DB compaction back to OS. Disabled by default.
* Maximum backlog on RAFT connections limited to 500 messages or 4GB.
Once threshold reached, connection is dropped (and re-established).
Use the 'cluster/set-backlog-threshold' command to change limits.
- DPDK:
* Removed support for vhost-user dequeue zero-copy.
* Add support for DPDK 20.11.
- Userspace datapath:
* Add the 'pmd' option to "ovs-appctl dpctl/dump-flows", which
restricts a flow dump to a single PMD thread if set.
* New 'options:dpdk-vf-mac' field for DPDK interface of VF ports,
that allows configuring the MAC address of a VF representor.
* Add generic IP protocol support to conntrack. With this change, all
none UDP, TCP, and ICMP traffic will be treated as general L3
traffic, i.e. using 3 tupples.
* Add parameters 'pmd-auto-lb-load-threshold' and
'pmd-auto-lb-improvement-threshold' to configure PMD auto load balance
behaviour.
- The environment variable OVS_UNBOUND_CONF, if set, is now used
as the DNS resolver's (unbound) configuration file.
- Linux datapath:
* Support for kernel versions up to 5.8.x.
- Terminology:
* The terms "master" and "slave" have been replaced by "primary" and
"secondary", respectively, for OpenFlow connection roles.
* The term "slave" has been replaced by "member", for bonds, LACP, and
OpenFlow bundle actions.
- Support for GitHub Actions based continuous integration builds has been
added.
- Bareudp Tunnel
* Bareudp device support is present in linux kernel from version 5.7
* Kernel bareudp device is not backported to ovs tree.
* Userspace datapath support is not added
- ovs-dpctl and 'ovs-appctl dpctl/':
* New commands '{add,mod,del}-flows' where added, which allow adding,
deleting, or modifying flows based on information read from a file.
- IPsec:
* Add option '--no-cleanup' to allow ovs-monitor-ipsec to stop without
tearing down IPsec tunnels.
* Add option '--no-restart-ike-daemon' to allow ovs-monitor-ipsec to start
without restarting ipsec daemon.
- Building the Linux kernel module from the OVS source tree is deprecated
* Support for the Linux kernel is capped at version 5.8
* Only bug fixes for the Linux OOT kernel module will be accepted.
* The Linux kernel module will be fully removed from the OVS source tree
in OVS branch 2.18
fix some do_patch error about local patch.
Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Miscellaneous bug fix release, consisting of:
Strlen checking for IRQBALANCE_BANNED_CPU env var
Typo cleanup in SOCKET_TMPFS
consolidation of numa node creation on non-numa systems
fix uninitialized use of package_mask in affinity setup
use num_online_cpus instead of core_count
fix a null ptr crash in do_one_cpu
make list searching common from glib
fix a calloc parameter bug
remove some unused variables
use g_list_free_full
remove redundant call to free_cl_opts
fix some resource leaks in main()
fix some use after free issues in check_for_irq_ban
fix resource leaks in irqballance-ui, and in add_one_node
Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Upgrade version of seabios to the latest one.
This is solving compilation errors happening with newer version of gcc
introduced in poky which in the following error after some warnings:
"x86_64-poky-linux-ld: cannot use executable file 'out/rom16.strip.o' as
input to a link"
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
fix following error during do_rootfs:
nothing provides php needed by nagios-core-4.4.6-r0.corei7_64
(try to add '--skip-broken' to skip uninstallable packages)
Since commit c4ffcaa2 [php: split out phpdbg into a separate package],
package php is empty.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
CVE entries are using version 2.xx.xx, our PV is 2.13+xxx, this causes
problem for CVE detection. So we need to set a CVE_VERSION for better
CVE scanning.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bump SRCREV version of xen recipes to use the latest 4.14 release
(4.14.1) and the current status of master.
This allows to remove some patches related to gcc 10 support which have
now been merged in Xen.
Xen-tools is modified to include the latest tools installed with Xen:
- a rename of the bash-completion,
- a new xl example,
- xen-access,
- xen-memshare (only available on x86).
A new patch to fix python and pygrub is added as the makefiles have been
deeply modified in 4.15 which require a new patch (but doing the same).
Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:
no required module provides package ... : working directory is not part of a module
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
