github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-01 17:06:28 +00:00
Code Issues Projects Releases Wiki Activity

osbuilder: ubuntu: Switch from multistrap to mmdebstrap

Browse Source 
Multistrap requires usrmerge package which was dropped in Ubuntu 24.04
(Noble). Based on details from [0], the rootfs build process was switched
to mmdebstrap.

Some additional minor tweaks were needed around chrony as the version
from Noble has very strict systemd sandboxing configured and it doesn't
work with readonly root by default.

[0] https://lists.debian.org/debian-dpkg/2023/05/msg00080.html

Fixes: #11245
Signed-off-by: Jacek Tomasiak <jtomasiak@arista.com>
Signed-off-by: Jacek Tomasiak <jacek.tomasiak@gmail.com>
This commit is contained in:
Jacek Tomasiak
2025-05-08 16:26:22 +02:00
parent 78ff72a386
commit e20fb377fc
3 changed files with 14 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tools/osbuilder/rootfs-builder/rootfs.sh
View File

@@ -700,6 +700,10 @@ EOF
-e '/^\[Unit\]/a ConditionPathExists=\/dev\/ptp0' \ -e '/^\[Unit\]/a ConditionPathExists=\/dev\/ptp0' \
-e 's/^ReadWritePaths=\(.\+\) \/var\/lib\/chrony \(.\+\)$/ReadWritePaths=\1 -\/var\/lib\/chrony \2/m' \ -e 's/^ReadWritePaths=\(.\+\) \/var\/lib\/chrony \(.\+\)$/ReadWritePaths=\1 -\/var\/lib\/chrony \2/m' \
${chrony_systemd_service} ${chrony_systemd_service}
# Disable automatic directory creation
sed -i -e 's/^\(StateDirectory=\)/#\1/g' \
-e 's/^\(LogsDirectory=\)/#\1/g' \
${chrony_systemd_service}
fi fi
AGENT_DIR="${ROOTFS_DIR}/usr/bin" AGENT_DIR="${ROOTFS_DIR}/usr/bin"

2
tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in
View File

@@ -42,7 +42,7 @@ RUN apt-get update && \
libclang-dev \ libclang-dev \
make \ make \
makedev \ makedev \
multistrap \ mmdebstrap \
musl \ musl \
musl-dev \ musl-dev \
musl-tools \ musl-tools \

39
tools/osbuilder/rootfs-builder/ubuntu/rootfs_lib.sh
View File

@@ -4,43 +4,22 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
build_dbus() {
local rootfs_dir=$1
ln -sf /lib/systemd/system/dbus.service $rootfs_dir/etc/systemd/system/dbus.service
ln -sf /lib/systemd/system/dbus.socket $rootfs_dir/etc/systemd/system/dbus.socket
}
build_rootfs() { build_rootfs() {
local rootfs_dir=$1 local rootfs_dir=$1
local multistrap_conf=multistrap.conf
# For simplicity's sake, use multistrap for foreign and native bootstraps.
cat > "$multistrap_conf" << EOF
[General]
cleanup=true
aptsources=Ubuntu
bootstrap=Ubuntu
[Ubuntu]
source=$REPO_URL
keyring=ubuntu-keyring
suite=$OS_VERSION
packages=$PACKAGES $EXTRA_PKGS
EOF
# This fixes the spurious error # This fixes the spurious error
# E: Can't find a source to download version '2021.03.26' of 'ubuntu-keyring:amd64' # E: Can't find a source to download version '2021.03.26' of 'ubuntu-keyring:amd64'
apt update apt update
# focal version of mmdebstrap only supports comma separated package lists
if ! multistrap -a "$DEB_ARCH" -d "$rootfs_dir" -f "$multistrap_conf"; then if [ "$OS_VERSION" = "focal" ]; then
if [ "$OS_VERSION" = "focal" ]; then PACKAGES=$(echo "$PACKAGES" | tr ' ' ',')
echo "WARN: multistrap failed, proceed with hack for Ubuntu 20.04" EXTRA_PKGS=$(echo "$EXTRA_PKGS" | tr ' ' ',')
build_dbus $rootfs_dir fi
else if ! mmdebstrap --mode auto --arch "$DEB_ARCH" --variant required \
echo "ERROR: multistrap failed, cannot proceed" && exit 1 --include "$PACKAGES,$EXTRA_PKGS" "$OS_VERSION" "$rootfs_dir" "$REPO_URL"; then
fi echo "ERROR: mmdebstrap failed, cannot proceed" && exit 1
else else
echo "INFO: multistrap succeeded" echo "INFO: mmdebstrap succeeded"
fi fi
rm -rf "$rootfs_dir/var/run" rm -rf "$rootfs_dir/var/run"
ln -s /run "$rootfs_dir/var/run" ln -s /run "$rootfs_dir/var/run"