github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-17 14:58:16 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #3682 from Jakob-Naucke/cross

Browse Source 
Multistrap Ubuntu & enable cross-building guest
This commit is contained in:
James O. D. Hunt
2022-03-21 11:11:47 +00:00
committed by GitHub
parent f8fb0d3bb6 72f7e9e300
commit 3edf25b6c9
17 changed files with 106 additions and 377 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ci/install_libseccomp.sh
View File

@@ -19,7 +19,7 @@ source "${tests_repo_dir}/.ci/lib.sh"
# fail. So let's ensure they are unset here. # fail. So let's ensure they are unset here.
unset PREFIX DESTDIR unset PREFIX DESTDIR
arch=$(uname -m) arch=${ARCH:-$(uname -m)}
workdir="$(mktemp -d --tmpdir build-libseccomp.XXXXX)" workdir="$(mktemp -d --tmpdir build-libseccomp.XXXXX)"
# Variables for libseccomp # Variables for libseccomp
@@ -70,7 +70,8 @@ build_and_install_gperf() {
curl -sLO "${gperf_tarball_url}" curl -sLO "${gperf_tarball_url}"
tar -xf "${gperf_tarball}" tar -xf "${gperf_tarball}"
pushd "gperf-${gperf_version}" pushd "gperf-${gperf_version}"
./configure --prefix="${gperf_install_dir}" # Unset $CC for configure, we will always use native for gperf
CC= ./configure --prefix="${gperf_install_dir}"
make make
make install make install
export PATH=$PATH:"${gperf_install_dir}"/bin export PATH=$PATH:"${gperf_install_dir}"/bin
@@ -84,7 +85,7 @@ build_and_install_libseccomp() {
curl -sLO "${libseccomp_tarball_url}" curl -sLO "${libseccomp_tarball_url}"
tar -xf "${libseccomp_tarball}" tar -xf "${libseccomp_tarball}"
pushd "libseccomp-${libseccomp_version}" pushd "libseccomp-${libseccomp_version}"
./configure --prefix="${libseccomp_install_dir}" CFLAGS="${cflags}" --enable-static ./configure --prefix="${libseccomp_install_dir}" CFLAGS="${cflags}" --enable-static --host="${arch}"
make make
make install make install
popd popd

24
ci/install_musl.sh
View File

@@ -1,24 +0,0 @@
#!/usr/bin/env bash
# Copyright (c) 2020 Ant Group
#
# SPDX-License-Identifier: Apache-2.0
#
set -e
install_aarch64_musl() {
local arch=$(uname -m)
if [ "${arch}" == "aarch64" ]; then
local musl_tar="${arch}-linux-musl-native.tgz"
local musl_dir="${arch}-linux-musl-native"
pushd /tmp
if curl -sLO --fail https://musl.cc/${musl_tar}; then
tar -zxf ${musl_tar}
mkdir -p /usr/local/musl/
cp -r ${musl_dir}/* /usr/local/musl/
fi
popd
fi
}
install_aarch64_musl

3
tools/osbuilder/dracut/Dockerfile.in
View File

@@ -36,7 +36,4 @@ RUN zypper --non-interactive refresh; \
zypper --non-interactive clean --all; zypper --non-interactive clean --all;
# This will install the proper golang to build Kata components
@INSTALL_MUSL@
@INSTALL_GO@
@INSTALL_RUST@ @INSTALL_RUST@

4
tools/osbuilder/rootfs-builder/alpine/Dockerfile.in
View File

@@ -6,7 +6,7 @@
ARG IMAGE_REGISTRY=docker.io ARG IMAGE_REGISTRY=docker.io
FROM ${IMAGE_REGISTRY}/alpine:3.15 FROM ${IMAGE_REGISTRY}/alpine:3.15
RUN apk update && apk add \ RUN apk update && apk add --no-cache \
apk-tools-static \ apk-tools-static \
autoconf \ autoconf \
automake \ automake \
@@ -26,3 +26,5 @@ RUN apk update && apk add \
musl-dev \ musl-dev \
protoc \ protoc \
tar tar
# aarch64 requires this name -- link for all
RUN ln -s /usr/bin/gcc "/usr/bin/$(uname -m)-linux-musl-gcc"

1
tools/osbuilder/rootfs-builder/clearlinux/Dockerfile.in
View File

@@ -37,5 +37,4 @@ RUN dnf -y update && dnf install -y \
dnf clean all dnf clean all
# This will install the proper packages to build Kata components # This will install the proper packages to build Kata components
@INSTALL_MUSL@
@INSTALL_RUST@ @INSTALL_RUST@

34
tools/osbuilder/rootfs-builder/debian/Dockerfile-aarch64.in
View File

@@ -1,34 +0,0 @@
#
# Copyright (c) 2020 ARM Limited
#
# SPDX-License-Identifier: Apache-2.0
ARG IMAGE_REGISTRY=docker.io
# NOTE: OS_VERSION is set according to config.sh
FROM ${IMAGE_REGISTRY}/debian:@OS_VERSION@
# RUN commands
RUN apt-get update && apt-get install -y \
autoconf \
automake \
binutils \
build-essential \
chrony \
coreutils \
curl \
debianutils \
debootstrap \
g++ \
gcc \
git \
libc-dev \
libstdc++-8-dev \
m4 \
make \
sed \
systemd \
tar \
vim
# This will install the proper packages to build Kata components
@INSTALL_MUSL@
@INSTALL_RUST@

4
tools/osbuilder/rootfs-builder/debian/Dockerfile.in
View File

@@ -27,14 +27,14 @@ RUN apt-get update && apt-get --no-install-recommends install -y \
libstdc++-8-dev \ libstdc++-8-dev \
m4 \ m4 \
make \ make \
musl \
musl-dev \
musl-tools \ musl-tools \
sed \ sed \
systemd \ systemd \
tar \ tar \
vim \ vim \
wget wget
# aarch64 requires this name -- link for all
RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc"
# This will install the proper packages to build Kata components # This will install the proper packages to build Kata components
@INSTALL_RUST@ @INSTALL_RUST@

31
tools/osbuilder/rootfs-builder/rootfs.sh
View File

@@ -14,7 +14,6 @@ script_name="${0##*/}"
script_dir="$(dirname $(readlink -f $0))" script_dir="$(dirname $(readlink -f $0))"
AGENT_VERSION=${AGENT_VERSION:-} AGENT_VERSION=${AGENT_VERSION:-}
RUST_VERSION="null" RUST_VERSION="null"
MUSL_VERSION=${MUSL_VERSION:-"null"}
AGENT_BIN=${AGENT_BIN:-kata-agent} AGENT_BIN=${AGENT_BIN:-kata-agent}
AGENT_INIT=${AGENT_INIT:-no} AGENT_INIT=${AGENT_INIT:-no}
KERNEL_MODULES_DIR=${KERNEL_MODULES_DIR:-""} KERNEL_MODULES_DIR=${KERNEL_MODULES_DIR:-""}
@@ -40,7 +39,11 @@ handle_error() {
trap 'handle_error $LINENO' ERR trap 'handle_error $LINENO' ERR
# Default architecture # Default architecture
ARCH=$(uname -m) export ARCH=${ARCH:-$(uname -m)}
if [ "$ARCH" == "ppc64le" ] || [ "$ARCH" == "s390x" ]; then
LIBC=gnu
echo "WARNING: Forcing LIBC=gnu because $ARCH has no musl Rust target"
fi
# distro-specific config file # distro-specific config file
typeset -r CONFIG_SH="config.sh" typeset -r CONFIG_SH="config.sh"
@@ -104,6 +107,11 @@ AGENT_SOURCE_BIN Path to the directory of agent binary.
AGENT_VERSION Version of the agent to include in the rootfs. AGENT_VERSION Version of the agent to include in the rootfs.
Default value: ${AGENT_VERSION:-<not set>} Default value: ${AGENT_VERSION:-<not set>}
ARCH Target architecture (according to \`uname -m\`).
Foreign bootstraps are currently only supported for Ubuntu
and glibc agents.
Default value: $(uname -m)
DISTRO_REPO Use host repositories to install guest packages. DISTRO_REPO Use host repositories to install guest packages.
Default value: <not set> Default value: <not set>
@@ -125,6 +133,9 @@ KERNEL_MODULES_DIR Path to a directory containing kernel modules to include in
the rootfs. the rootfs.
Default value: <empty> Default value: <empty>
LIBC libc the agent is built against (gnu or musl).
Default value: ${LIBC} (varies with architecture)
ROOTFS_DIR Path to the directory that is populated with the rootfs. ROOTFS_DIR Path to the directory that is populated with the rootfs.
Default value: <${script_name} path>/rootfs-<DISTRO-name> Default value: <${script_name} path>/rootfs-<DISTRO-name>
@@ -335,11 +346,6 @@ build_rootfs_distro()
echo "Required rust version: $RUST_VERSION" echo "Required rust version: $RUST_VERSION"
detect_musl_version ||
die "Could not detect the required musl version for AGENT_VERSION='${AGENT_VERSION:-main}'."
echo "Required musl version: $MUSL_VERSION"
if [ -z "${USE_DOCKER}" ] && [ -z "${USE_PODMAN}" ]; then if [ -z "${USE_DOCKER}" ] && [ -z "${USE_PODMAN}" ]; then
info "build directly" info "build directly"
build_rootfs ${ROOTFS_DIR} build_rootfs ${ROOTFS_DIR}
@@ -411,8 +417,10 @@ build_rootfs_distro()
--env ROOTFS_DIR="/rootfs" \ --env ROOTFS_DIR="/rootfs" \
--env AGENT_BIN="${AGENT_BIN}" \ --env AGENT_BIN="${AGENT_BIN}" \
--env AGENT_INIT="${AGENT_INIT}" \ --env AGENT_INIT="${AGENT_INIT}" \
--env ARCH="${ARCH}" \
--env CI="${CI}" \ --env CI="${CI}" \
--env KERNEL_MODULES_DIR="${KERNEL_MODULES_DIR}" \ --env KERNEL_MODULES_DIR="${KERNEL_MODULES_DIR}" \
--env LIBC="${LIBC}" \
--env EXTRA_PKGS="${EXTRA_PKGS}" \ --env EXTRA_PKGS="${EXTRA_PKGS}" \
--env OSBUILDER_VERSION="${OSBUILDER_VERSION}" \ --env OSBUILDER_VERSION="${OSBUILDER_VERSION}" \
--env OS_VERSION="${OS_VERSION}" \ --env OS_VERSION="${OS_VERSION}" \
@@ -540,11 +548,6 @@ EOF
AGENT_DEST="${AGENT_DIR}/${AGENT_BIN}" AGENT_DEST="${AGENT_DIR}/${AGENT_BIN}"
if [ -z "${AGENT_SOURCE_BIN}" ] ; then if [ -z "${AGENT_SOURCE_BIN}" ] ; then
if [ "$ARCH" == "ppc64le" ] || [ "$ARCH" == "s390x" ]; then
LIBC=gnu
echo "WARNING: Forcing LIBC=gnu because $ARCH has no musl Rust target"
fi
[ "$LIBC" == "musl" ] && bash ${script_dir}/../../../ci/install_musl.sh
test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env" test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env"
# rust agent needs ${arch}-unknown-linux-${LIBC} # rust agent needs ${arch}-unknown-linux-${LIBC}
if ! (rustup show | grep -v linux-${LIBC} > /dev/null); then if ! (rustup show | grep -v linux-${LIBC} > /dev/null); then
@@ -555,7 +558,6 @@ EOF
bash ${script_dir}/../../../ci/install_rust.sh ${RUST_VERSION} bash ${script_dir}/../../../ci/install_rust.sh ${RUST_VERSION}
fi fi
test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env" test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env"
[ "$ARCH" == "aarch64" ] && OLD_PATH=$PATH && export PATH=$PATH:/usr/local/musl/bin
agent_dir="${script_dir}/../../../src/agent/" agent_dir="${script_dir}/../../../src/agent/"
@@ -563,7 +565,7 @@ EOF
info "Set up libseccomp" info "Set up libseccomp"
libseccomp_install_dir=$(mktemp -d -t libseccomp.XXXXXXXXXX) libseccomp_install_dir=$(mktemp -d -t libseccomp.XXXXXXXXXX)
gperf_install_dir=$(mktemp -d -t gperf.XXXXXXXXXX) gperf_install_dir=$(mktemp -d -t gperf.XXXXXXXXXX)
bash ${script_dir}/../../../ci/install_libseccomp.sh "${libseccomp_install_dir}" "${gperf_install_dir}" ${script_dir}/../../../ci/install_libseccomp.sh "${libseccomp_install_dir}" "${gperf_install_dir}"
echo "Set environment variables for the libseccomp crate to link the libseccomp library statically" echo "Set environment variables for the libseccomp crate to link the libseccomp library statically"
export LIBSECCOMP_LINK_TYPE=static export LIBSECCOMP_LINK_TYPE=static
export LIBSECCOMP_LIB_PATH="${libseccomp_install_dir}/lib" export LIBSECCOMP_LIB_PATH="${libseccomp_install_dir}/lib"
@@ -577,7 +579,6 @@ EOF
make clean make clean
make LIBC=${LIBC} INIT=${AGENT_INIT} SECCOMP=${SECCOMP} make LIBC=${LIBC} INIT=${AGENT_INIT} SECCOMP=${SECCOMP}
make install DESTDIR="${ROOTFS_DIR}" LIBC=${LIBC} INIT=${AGENT_INIT} make install DESTDIR="${ROOTFS_DIR}" LIBC=${LIBC} INIT=${AGENT_INIT}
[ "$ARCH" == "aarch64" ] && export PATH=$OLD_PATH && rm -rf /usr/local/musl
if [ "${SECCOMP}" == "yes" ]; then if [ "${SECCOMP}" == "yes" ]; then
rm -rf "${libseccomp_install_dir}" "${gperf_install_dir}" rm -rf "${libseccomp_install_dir}" "${gperf_install_dir}"
fi fi

1
tools/osbuilder/rootfs-builder/template/Dockerfile.template
View File

@@ -14,5 +14,4 @@ FROM ${IMAGE_REGISTRY}/@distro@:@OS_VERSION@
# RUN commands # RUN commands
# This will install the proper packages to build Kata components # This will install the proper packages to build Kata components
@INSTALL_MUSL@
@INSTALL_RUST@ @INSTALL_RUST@

43
tools/osbuilder/rootfs-builder/ubuntu/Dockerfile-aarch64.in
View File

@@ -1,43 +0,0 @@
#
# Copyright (c) 2020 ARM Limited
#
# SPDX-License-Identifier: Apache-2.0
ARG IMAGE_REGISTRY=docker.io
#ubuntu: docker image to be used to create a rootfs
#@OS_VERSION@: Docker image version to build this dockerfile
FROM ${IMAGE_REGISTRY}/ubuntu:@OS_VERSION@
# This dockerfile needs to provide all the componets need to build a rootfs
# Install any package need to create a rootfs (package manager, extra tools)
# Avoid tzdata setup
ENV DEBIAN_FRONTEND noninteractive
# RUN commands
RUN apt-get update && apt-get install -y \
autoconf \
automake \
binutils \
build-essential \
chrony \
coreutils \
curl \
debianutils \
debootstrap \
g++ \
gcc \
git \
libc6-dev \
libstdc++-8-dev \
m4 \
make \
sed \
systemd \
tar \
vim && \
apt-get clean && rm -rf /var/lib/apt/lists/
# This will install the proper packages to build Kata components
@INSTALL_MUSL@
@INSTALL_RUST@

46
tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in
View File

@@ -1,45 +1,29 @@
# # Copyright (c) 2018 Yash Jain, 2022 IBM Corp.
# Copyright (c) 2018 Yash Jain
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
ARG IMAGE_REGISTRY=docker.io ARG IMAGE_REGISTRY=docker.io
#ubuntu: docker image to be used to create a rootfs
#@OS_VERSION@: Docker image version to build this dockerfile
FROM ${IMAGE_REGISTRY}/ubuntu:@OS_VERSION@ FROM ${IMAGE_REGISTRY}/ubuntu:@OS_VERSION@
@SET_PROXY@
# This dockerfile needs to provide all the componets need to build a rootfs RUN apt-get update && \
# Install any package need to create a rootfs (package manager, extra tools) DEBIAN_FRONTEND=noninteractive \
apt-get --no-install-recommends -y install \
# RUN commands
RUN apt-get update && apt-get --no-install-recommends install -y \
apt-utils \
autoconf \
automake \
binutils \
build-essential \
ca-certificates \ ca-certificates \
chrony \
coreutils \
curl \ curl \
debianutils \
debootstrap \
g++ \ g++ \
gcc \ $(gcc_arch="@ARCH@" && [ "$(uname -m)" != "$gcc_arch" ] && ( \
libc_arch="$gcc_arch" && \
[ "$gcc_arch" = aarch64 ] && libc_arch=arm64; \
[ "$gcc_arch" = ppc64le ] && gcc_arch=powerpc64le && libc_arch=ppc64el; \
[ "$gcc_arch" = x86_64 ] && gcc_arch=x86-64 && libc_arch=amd64; \
echo "gcc-$gcc_arch-linux-gnu libc6-dev-$libc_arch-cross")) \
git \ git \
libc6-dev \
libstdc++-8-dev \
m4 \
make \ make \
musl \ multistrap \
musl-dev \
musl-tools \ musl-tools \
protobuf-compiler \ protobuf-compiler
sed \ # aarch64 requires this name -- link for all
systemd \ RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc"
tar \
vim \
wget
# This will install the proper packages to build Kata components
@INSTALL_RUST@ @INSTALL_RUST@

48
tools/osbuilder/rootfs-builder/ubuntu/config.sh
View File

@@ -1,34 +1,28 @@
# This is a configuration file add extra variables to # Copyright (c) 2018 Yash Jain, 2022 IBM Corp.
#
# Copyright (c) 2018 Yash Jain
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# be used by build_rootfs() from rootfs_lib.sh the variables will be
# loaded just before call the function. For more information see the
# rootfs-builder/README.md file.
OS_VERSION=${OS_VERSION:-20.04} OS_NAME=ubuntu
# This should be Ubuntu's code name, e.g. "focal" (Focal Fossa) for 20.04 # This should be Ubuntu's code name, e.g. "focal" (Focal Fossa) for 20.04
OS_NAME=${OS_NAME:-"focal"} OS_VERSION=${OS_VERSION:-focal}
PACKAGES=chrony
[ "$AGENT_INIT" = no ] && PACKAGES+=" init"
[ "$SECCOMP" = yes ] && PACKAGES+=" libseccomp2"
REPO_URL=http://ports.ubuntu.com
# packages to be installed by default case "$ARCH" in
PACKAGES="systemd coreutils init kmod" aarch64) DEB_ARCH=arm64;;
EXTRA_PKGS+=" chrony" ppc64le) DEB_ARCH=ppc64el;;
s390x) DEB_ARCH="$ARCH";;
DEBOOTSTRAP=${PACKAGE_MANAGER:-"debootstrap"} x86_64) DEB_ARCH=amd64; REPO_URL=http://archive.ubuntu.com/ubuntu;;
*) die "$ARCH not supported"
case $(uname -m) in
x86_64) ARCHITECTURE="amd64";;
ppc64le) ARCHITECTURE="ppc64el";;
aarch64) ARCHITECTURE="arm64";;
s390x) ARCHITECTURE="s390x";;
(*) die "$(uname -m) not supported "
esac esac
# Init process must be one of {systemd,kata-agent} if [ "$(uname -m)" != "$ARCH" ]; then
INIT_PROCESS=systemd case "$ARCH" in
# List of zero or more architectures to exclude from build, ppc64le) cc_arch=powerpc64le;;
# as reported by `uname -m` x86_64) cc_arch=x86-64;;
ARCH_EXCLUDE_LIST=() *) cc_arch="$ARCH"
esac
[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp2" || true export CC="$cc_arch-linux-gnu-gcc"
fi

93
tools/osbuilder/rootfs-builder/ubuntu/rootfs_lib.sh
View File

@@ -1,78 +1,29 @@
# - Arguments # Copyright (c) 2018 Yash Jain, 2022 IBM Corp.
#
# Copyright (c) 2018 Yash Jain
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
#
#
# rootfs_dir=$1
#
# - Optional environment variables
#
# EXTRA_PKGS: Variable to add extra PKGS provided by the user
#
# BIN_AGENT: Name of the Kata-Agent binary
#
# REPO_URL: URL to distribution repository ( should be configured in
# config.sh file)
#
# Any other configuration variable for a specific distro must be added
# and documented on its own config.sh
#
# - Expected result
#
# rootfs_dir populated with rootfs pkgs
# It must provide a binary in /sbin/init
#
build_rootfs() { build_rootfs() {
# Mandatory local rootfs_dir=$1
local ROOTFS_DIR=$1 local multistrap_conf=multistrap.conf
# Name of the Kata-Agent binary # For simplicity's sake, use multistrap for foreign and native bootstraps.
local BIN_AGENT=${BIN_AGENT} cat > "$multistrap_conf" << EOF
[General]
cleanup=true
aptsources=Ubuntu
bootstrap=Ubuntu
# In case of support EXTRA packages, use it to allow [Ubuntu]
# users to add more packages to the base rootfs source=$REPO_URL
local EXTRA_PKGS=${EXTRA_PKGS:-} keyring=ubuntu-keyring
suite=focal
packages=$PACKAGES $EXTRA_PKGS
EOF
multistrap -a "$DEB_ARCH" -d "$rootfs_dir" -f "$multistrap_conf"
rm -rf "$rootfs_dir/var/run"
ln -s /run "$rootfs_dir/var/run"
cp --remove-destination /etc/resolv.conf "$rootfs_dir/etc"
# In case rootfs is created using repositories allow user to modify # Reduce image size and memory footprint by removing unnecessary files and directories.
# the default URL rm -rf $rootfs_dir/usr/share/{bash-completion,bug,doc,info,lintian,locale,man,menu,misc,pixmaps,terminfo,zsh}
local REPO_URL=${REPO_URL:-YOUR_REPO}
# PATH where files this script is placed
# Use it to refer to files in the same directory
# Example: ${CONFIG_DIR}/foo
local CONFIG_DIR=${CONFIG_DIR}
# Populate ROOTFS_DIR
# Must provide /sbin/init and /bin/${BIN_AGENT}
DEBOOTSTRAP="debootstrap"
check_root
mkdir -p "${ROOTFS_DIR}"
if [ -n "${PKG_MANAGER}" ]; then
info "debootstrap path provided by user: ${PKG_MANAGER}"
elif check_program $DEBOOTSTRAP ; then
PKG_MANAGER=$DEBOOTSTRAP
else
die "$DEBOOTSTRAP is not installed"
fi
# trim whitespace
PACKAGES=$(echo $PACKAGES |xargs )
# add comma as debootstrap needs , separated package names.
# Don't change $PACKAGES in config.sh to include ','
# This is done to maintain consistency
PACKAGES=$(echo $PACKAGES | sed -e 's/ /,/g' )
${PKG_MANAGER} --variant=minbase \
--arch=${ARCHITECTURE}\
--include="$PACKAGES" \
${OS_NAME} \
${ROOTFS_DIR}
[ -n "${EXTRA_PKGS}" ] && chroot $ROOTFS_DIR apt-get install -y ${EXTRA_PKGS}
# Reduce image size and memory footprint
# removing not needed files and directories.
chroot $ROOTFS_DIR rm -rf /usr/share/{bash-completion,bug,doc,info,lintian,locale,man,menu,misc,pixmaps,terminfo,zoneinfo,zsh}
} }

116
tools/osbuilder/scripts/lib.sh
View File

@@ -7,7 +7,6 @@
set -e set -e
KATA_REPO=${KATA_REPO:-github.com/kata-containers/kata-containers} KATA_REPO=${KATA_REPO:-github.com/kata-containers/kata-containers}
MUSL_VERSION=${MUSL_VERSION:-"null"}
# Give preference to variable set by CI # Give preference to variable set by CI
yq_file="${script_dir}/../../../ci/install_yq.sh" yq_file="${script_dir}/../../../ci/install_yq.sh"
kata_versions_file="${script_dir}/../../../versions.yaml" kata_versions_file="${script_dir}/../../../versions.yaml"
@@ -204,107 +203,27 @@ generate_dockerfile()
dir="$1" dir="$1"
[ -d "${dir}" ] || die "${dir}: not a directory" [ -d "${dir}" ] || die "${dir}: not a directory"
local architecture=$(uname -m) local rustarch="$ARCH"
local rustarch=${architecture} [ "$ARCH" = ppc64le ] && rustarch=powerpc64le
local muslarch=${architecture}
local libc=musl
case "$(uname -m)" in
"ppc64le")
rustarch=powerpc64le
muslarch=powerpc64
libc=gnu
;;
"s390x")
libc=gnu
;;
*)
;;
esac
[ -n "${http_proxy:-}" ] && readonly set_proxy="RUN sed -i '$ a proxy="${http_proxy:-}"' /etc/dnf/dnf.conf /etc/yum.conf; true" [ -n "${http_proxy:-}" ] && readonly set_proxy="RUN sed -i '$ a proxy="${http_proxy:-}"' /etc/dnf/dnf.conf /etc/yum.conf; true"
# Rust agent # Rust agent
# rust installer should set path apropiately, just in case
# install musl for compiling rust-agent
local musl_source_url="https://git.zv.io/toolchains/musl-cross-make.git"
local musl_source_dir="musl-cross-make"
install_musl=
if [ "${muslarch}" == "aarch64" ]; then
local musl_tar="${muslarch}-linux-musl-native.tgz"
local musl_dir="${muslarch}-linux-musl-native"
local aarch64_musl_target="aarch64-linux-musl"
install_musl="
RUN cd /tmp; \
mkdir -p /usr/local/musl/; \
if curl -sLO --fail https://musl.cc/${musl_tar}; then \
tar -zxf ${musl_tar}; \
cp -r ${musl_dir}/* /usr/local/musl/; \
else \
git clone ${musl_source_url}; \
TARGET=${aarch64_musl_target} make -j$(nproc) -C ${musl_source_dir} install; \
cp -r ${musl_source_dir}/output/* /usr/local/musl/; \
cp /usr/local/musl/bin/aarch64-linux-musl-g++ /usr/local/musl/bin/g++; \
fi
ENV PATH=\$PATH:/usr/local/musl/bin
RUN ln -sf /usr/local/musl/bin/g++ /usr/bin/g++
"
else
local musl_tar="musl-${MUSL_VERSION}.tar.gz"
local musl_dir="musl-${MUSL_VERSION}"
install_musl="
RUN pushd /root; \
curl -sLO https://www.musl-libc.org/releases/${musl_tar}; tar -zxf ${musl_tar}; \
cd ${musl_dir}; \
sed -i \"s/^ARCH = .*/ARCH = ${muslarch}/g\" dist/config.mak; \
./configure > /dev/null 2>\&1; \
make > /dev/null 2>\&1; \
make install > /dev/null 2>\&1; \
echo \"/usr/local/musl/lib\" > /etc/ld-musl-${muslarch}.path; \
popd
ENV PATH=\$PATH:/usr/local/musl/bin
"
fi
readonly install_rust=" readonly install_rust="
RUN curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSLf --output /tmp/rust-init; \ ENV http_proxy=${http_proxy:-}
chmod a+x /tmp/rust-init; \ ENV https_proxy=${http_proxy:-}
export http_proxy=${http_proxy:-}; \ RUN curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSLf | \
export https_proxy=${http_proxy:-}; \ sh -s -- -y --default-toolchain ${RUST_VERSION} -t ${rustarch}-unknown-linux-${LIBC}
/tmp/rust-init -y --default-toolchain ${RUST_VERSION} RUN . /root/.cargo/env; cargo install cargo-when
RUN . /root/.cargo/env; \
export http_proxy=${http_proxy:-}; \
export https_proxy=${http_proxy:-}; \
cargo install cargo-when; \
rustup target install ${rustarch}-unknown-linux-${libc}
RUN ln -sf /usr/bin/g++ /bin/musl-g++
" "
pushd "${dir}" pushd "${dir}"
dockerfile_template="Dockerfile.in"
dockerfile_arch_template="Dockerfile-${architecture}.in"
# if arch-specific docker file exists, swap the univesal one with it.
if [ -f "${dockerfile_arch_template}" ]; then
dockerfile_template="${dockerfile_arch_template}"
else
[ -f "${dockerfile_template}" ] || die "${dockerfile_template}: file not found"
fi
# ppc64le and s390x have no musl target
if [ "${architecture}" == "ppc64le" ] || [ "${architecture}" == "s390x" ]; then
sed \ sed \
-e "s|@OS_VERSION@|${OS_VERSION:-}|g" \ -e "s#@OS_VERSION@#${OS_VERSION:-}#g" \
-e "s|@INSTALL_MUSL@||g" \ -e "s#@ARCH@#$ARCH#g" \
-e "s|@INSTALL_RUST@|${install_rust//$'\n'/\\n}|g" \ -e "s#@INSTALL_RUST@#${install_rust//$'\n'/\\n}#g" \
-e "s|@SET_PROXY@|${set_proxy:-}|g" \ -e "s#@SET_PROXY@#${set_proxy:-}#g" \
"${dockerfile_template}" > Dockerfile Dockerfile.in > Dockerfile
else
sed \
-e "s|@OS_VERSION@|${OS_VERSION:-}|g" \
-e "s|@INSTALL_MUSL@|${install_musl//$'\n'/\\n}|g" \
-e "s|@INSTALL_RUST@|${install_rust//$'\n'/\\n}|g" \
-e "s|@SET_PROXY@|${set_proxy:-}|g" \
"${dockerfile_template}" > Dockerfile
fi
popd popd
} }
@@ -345,17 +264,6 @@ detect_rust_version()
[ -n "$RUST_VERSION" ] [ -n "$RUST_VERSION" ]
} }
detect_musl_version()
{
info "Detecting musl version"
local yq_path="externals.musl.version"
info "Get musl version from ${kata_versions_file}"
MUSL_VERSION="$(get_package_version_from_kata_yaml "$yq_path")"
[ -n "$MUSL_VERSION" ]
}
before_starting_container() { before_starting_container() {
return 0 return 0
} }

2
tools/osbuilder/tests/test_images.sh
View File

@@ -640,8 +640,6 @@ test_dracut()
die "Could not detect the required Go version for AGENT_VERSION='${AGENT_VERSION:-master}'." die "Could not detect the required Go version for AGENT_VERSION='${AGENT_VERSION:-master}'."
detect_rust_version || detect_rust_version ||
die "Could not detect the required rust version for AGENT_VERSION='${AGENT_VERSION:-master}'." die "Could not detect the required rust version for AGENT_VERSION='${AGENT_VERSION:-master}'."
detect_musl_version ||
die "Could not detect the required musl version for AGENT_VERSION='${AGENT_VERSION:-master}'."
generate_dockerfile ${dracut_dir} generate_dockerfile ${dracut_dir}
info "Creating container for dracut" info "Creating container for dracut"

11
utils.mk
View File

@@ -113,7 +113,8 @@ endef
BUILD_TYPE = release BUILD_TYPE = release
##VAR ARCH=arch target to build (format: uname -m) ##VAR ARCH=arch target to build (format: uname -m)
ARCH = $(shell uname -m) HOST_ARCH = $(shell uname -m)
ARCH ?= $(HOST_ARCH)
##VAR LIBC=musl|gnu ##VAR LIBC=musl|gnu
LIBC ?= musl LIBC ?= musl
ifneq ($(LIBC),musl) ifneq ($(LIBC),musl)
@@ -142,6 +143,14 @@ ifeq ($(ARCH), aarch64)
$(warning "WARNING: aarch64-musl needs extra symbols from libgcc") $(warning "WARNING: aarch64-musl needs extra symbols from libgcc")
endif endif
ifneq ($(HOST_ARCH),$(ARCH))
ifeq ($(CC),)
CC = gcc
$(warning "WARNING: A foreign ARCH was passed, but no CC alternative. Using gcc.")
endif
override EXTRA_RUSTFLAGS += -C linker=$(CC)
endif
TRIPLE = $(ARCH)-unknown-linux-$(LIBC) TRIPLE = $(ARCH)-unknown-linux-$(LIBC)
CWD := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) CWD := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))

13
versions.yaml
View File

@@ -233,19 +233,6 @@ externals:
.*/v?(\d\S+)\.tar\.gz .*/v?(\d\S+)\.tar\.gz
version: "v1.0.1" version: "v1.0.1"
musl:
description: |
The musl library is used to build the rust agent.
url: "https://www.musl-libc.org/"
uscan-url: >-
https://www.musl-libc.org/releases/
musl-([\d\.]+)\.tar\.gz
version: "1.1.23"
meta:
description: |
'newest-version' is the latest version known to work.
newest-version: "1.1.23"
nydus: nydus:
description: "Nydus image acceleration service" description: "Nydus image acceleration service"
url: "https://github.com/dragonflyoss/image-service" url: "https://github.com/dragonflyoss/image-service"