From 43a5d147f11928db879c801d9accd5eceaf0497a Mon Sep 17 00:00:00 2001 From: Julio Montes Date: Wed, 30 Oct 2019 21:15:08 +0000 Subject: [PATCH 1/2] snap: use adopt-info to set grade and version adopt-info is a snapcraft feature that allows us to specify the snap grade and version at runtime. Depending on the environment the master or the latest stable branch can be used to build the Kata Containers snap, for the kata CI and launchpad snap-master branch, the master branch are used, otherwise the latest stable branch. Signed-off-by: Julio Montes --- snap/snapcraft.yaml | 45 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 37 insertions(+), 8 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 6fd77f203b..5f5a2f9ada 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,16 +1,39 @@ name: kata-containers -version: "master" summary: Build lightweight VMs that seamlessly plug into the containers ecosystem description: | Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs -grade: stable confinement: classic +adopt-info: metadata parts: + metadata: + plugin: nil + prime: + - -* + build-packages: + - git + - git-extras + override-pull: | + branch="master" + + # kata CI or launchpad snap-master + if [ "${CI}" = "true" ] || echo "${SNAPCRAFT_IMAGE_INFO}" | egrep -o "build_url.*" | grep -q "${branch}"; then + snapcraftctl set-grade "devel" + else + # Get the latest stable version + runtime_url="https://github.com/kata-containers/runtime" + branch=$(git ls-remote --tags ${runtime_url} | egrep -o "refs.*" | egrep -v "\-alpha|\-rc|{}" | cut -d/ -f3 | sort -r | head -1) + snapcraftctl set-grade "stable" + fi + + snapcraftctl set-version "${branch}" + echo "${branch}" | tee ${SNAPCRAFT_STAGE}/kata_version + yq: + after: [metadata] plugin: nil prime: - -* @@ -41,8 +64,9 @@ parts: go: after: [yq] override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) yq=$(realpath ../../yq/build/yq) - versions_url=https://raw.githubusercontent.com/kata-containers/runtime/${SNAPCRAFT_PROJECT_VERSION}/versions.yaml + versions_url=https://raw.githubusercontent.com/kata-containers/runtime/${kata_version}/versions.yaml version="$(curl -sSL ${versions_url} | ${yq} r - languages.golang.version)" curl -LO https://dl.google.com/go/go${version}.src.tar.gz tar -xf go${version}.src.tar.gz --strip-components=1 @@ -60,6 +84,7 @@ parts: plugin: nil build-attributes: [no-patchelf] override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) pkg_name=runtime # set GOPATH @@ -71,7 +96,7 @@ parts: mkdir -p ${pkg_gopath} # download source - git clone -b ${SNAPCRAFT_PROJECT_VERSION} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} + git clone -b ${kata_version} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} cd ${pkg_gopath} # build and install @@ -98,6 +123,7 @@ parts: plugin: nil build-attributes: [no-patchelf] override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) pkg_name=proxy # set GOPATH @@ -109,7 +135,7 @@ parts: mkdir -p ${pkg_gopath} # download source - git clone -b ${SNAPCRAFT_PROJECT_VERSION} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} + git clone -b ${kata_version} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} cd ${pkg_gopath} # build and install @@ -121,6 +147,7 @@ parts: plugin: nil build-attributes: [no-patchelf] override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) pkg_name=shim # set GOPATH @@ -132,7 +159,7 @@ parts: mkdir -p ${pkg_gopath} # download source - git clone -b ${SNAPCRAFT_PROJECT_VERSION} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} + git clone -b ${kata_version} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} cd ${pkg_gopath} # build and install @@ -192,6 +219,7 @@ parts: plugin: nil build-attributes: [no-patchelf] override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) pkg_name=ksm-throttler # set GOPATH @@ -203,7 +231,7 @@ parts: mkdir -p ${pkg_gopath} # download source - git clone -b ${SNAPCRAFT_PROJECT_VERSION} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} + git clone -b ${kata_version} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} cd ${pkg_gopath} # build and install @@ -280,11 +308,12 @@ parts: - libcapstone-dev - bc override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) yq=$(realpath ../../yq/build/yq) pkg_name="qemu" configs_dir="${SNAPCRAFT_STAGE}/qemu/default-configs" - versions_url=https://raw.githubusercontent.com/kata-containers/runtime/${SNAPCRAFT_PROJECT_VERSION}/versions.yaml + versions_url=https://raw.githubusercontent.com/kata-containers/runtime/${kata_version}/versions.yaml # arch-specific definition case "$(uname -m)" in "aarch64") From 27c7773693cbdd56c9bad17a0caf8355ff6af874 Mon Sep 17 00:00:00 2001 From: Julio Montes Date: Wed, 30 Oct 2019 21:23:54 +0000 Subject: [PATCH 2/2] snap: reimplement image part in order to make launchpad happy again, next changes are required: * Install podman and cni plugings * Use podman to build the rootfs or initrd image * Depending on the architecture, build rootfs or initrd image fixes #678 Signed-off-by: Julio Montes --- snap/snapcraft.yaml | 77 ++++++++++++++++++++++++++++++++------------- 1 file changed, 55 insertions(+), 22 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 5f5a2f9ada..7bb83987f8 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -80,7 +80,7 @@ parts: - -* runtime: - after: [go] + after: [go, image] plugin: nil build-attributes: [no-patchelf] override-build: | @@ -115,8 +115,13 @@ parts: SKIP_GO_VERSION_CHECK=1 \ QEMUCMD=qemu-system-$arch - # Set rootfs image by default - sed -i -e '/^initrd =/d' ${SNAPCRAFT_PART_INSTALL}/usr/share/defaults/${SNAPCRAFT_PROJECT_NAME}/configuration.toml + if [ -e ${SNAPCRAFT_STAGE}/kata-containers.img ]; then + # Use rootfs image by default + sed -i -e '/^initrd =/d' ${SNAPCRAFT_PART_INSTALL}/usr/share/defaults/${SNAPCRAFT_PROJECT_NAME}/configuration.toml + else + # Use initrd by default + sed -i -e '/^image =/d' ${SNAPCRAFT_PART_INSTALL}/usr/share/defaults/${SNAPCRAFT_PROJECT_NAME}/configuration.toml + fi proxy: after: [go] @@ -170,11 +175,16 @@ parts: after: [go] plugin: nil build-packages: - - docker.io - cpio + - git + - iptables + - software-properties-common + - uidmap override-build: | + kata_version=$(cat ${SNAPCRAFT_STAGE}/kata_version) yq=$(realpath ../../yq/build/yq) pkg_name=osbuilder + cni_plugings_repo="github.com/containernetworking/plugins" # set GOPATH export GOPATH=$(realpath go) @@ -184,35 +194,58 @@ parts: # go was built in parts/go/build export GOROOT=$(realpath ../../go/build) export PATH="${GOROOT}/bin:${PATH}" - if [ -n "$http_proxy" ]; then - echo "Setting proxy $http_proxy" - sudo -E systemctl set-environment http_proxy=$http_proxy || true - sudo -E systemctl set-environment https_proxy=$https_proxy || true - fi + + # install podman + sudo add-apt-repository -y ppa:projectatomic/ppa + sudo apt-get update + sudo apt-get -y install podman + + # Build and install cni plugings + echo "Retrieve CNI plugins repository" + go get -d ${cni_plugings_repo} || true + cd $GOPATH/src/${cni_plugings_repo} + + echo "Build CNI plugins" + ./build_linux.sh + + echo "Install CNI binaries" + cni_bin_path="/opt/cni" + sudo mkdir -p ${cni_bin_path} + sudo cp -a bin ${cni_bin_path} # Copy yq binary. It's used in the container mkdir -p "${GOPATH}/bin/" cp -a "${yq}" "${GOPATH}/bin/" - echo "Unmasking docker service" - sudo -E systemctl unmask docker.service || true - sudo -E systemctl unmask docker.socket || true - - echo "Adding $USER into docker group" - sudo -E gpasswd -a $USER docker - - echo "Starting docker" - sudo -E systemctl start docker || true - # download source - git clone -b ${SNAPCRAFT_PROJECT_VERSION} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} + git clone -b ${kata_version} https://github.com/kata-containers/${pkg_name} ${pkg_gopath} cd ${pkg_gopath} - sudo -E PATH=$PATH make AGENT_VERSION=${SNAPCRAFT_PROJECT_VERSION} DISTRO=clearlinux AGENT_INIT=yes USE_DOCKER=1 image + # build image + export AGENT_VERSION=${kata_version} + export AGENT_INIT=yes + export USE_PODMAN=1 + export DEBUG=1 + case "$(uname -m)" in + aarch64|ppc64le|s390x) + sudo -E PATH=$PATH DISTRO=alpine make initrd + ;; + x86_64) + # In some build systems it's impossible to build a rootfs image, try with the initrd image + sudo -E PATH=$PATH DISTRO=clearlinux make image || sudo -E PATH=$PATH DISTRO=alpine make initrd + ;; + *) echo "unsupported architecture: $(uname -m)"; exit 1;; + esac + # Install image kata_image_dir=${SNAPCRAFT_PART_INSTALL}/usr/share/kata-containers mkdir -p ${kata_image_dir} - cp kata-containers.img ${kata_image_dir} + cp kata-containers*.img ${kata_image_dir} + if [ -e kata-containers.img ]; then + touch ${SNAPCRAFT_STAGE}/kata-containers.img + else + touch ${SNAPCRAFT_STAGE}/kata-containers-initrd.img + fi ksm-throttler: after: [go]