diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index b6ac1338db..a2fdcc0ba2 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -82,8 +82,36 @@ parts: fi rustup component add rustfmt + docker: + after: [metadata] + plugin: nil + prime: + - -* + build-packages: + - curl + override-build: | + source "${SNAPCRAFT_PROJECT_DIR}/snap/local/snap-common.sh" + + sudo apt-get -y update + sudo apt-get -y install ca-certificates curl gnupg lsb-release + curl -fsSL https://download.docker.com/linux/ubuntu/gpg |\ + sudo gpg --batch --yes --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + distro_codename=$(lsb_release -cs) + echo "deb [arch=${dpkg_arch} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu ${distro_codename} stable" |\ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + sudo apt-get -y update + sudo apt-get -y install docker-ce docker-ce-cli containerd.io + + echo "Unmasking docker service" + sudo -E systemctl unmask docker.service || true + sudo -E systemctl unmask docker.socket || true + echo "Adding $USER into docker group" + sudo -E gpasswd -a $USER docker + echo "Starting docker" + sudo -E systemctl start docker || true + image: - after: [godeps, qemu, kernel] + after: [godeps, docker, qemu, kernel] plugin: nil build-packages: - docker.io @@ -107,14 +135,6 @@ parts: # Copy yq binary. It's used in the container cp -a "${yq}" "${GOPATH}/bin/" - echo "Unmasking docker service" - sudo -E systemctl unmask docker.service || true - sudo -E systemctl unmask docker.socket || true - echo "Adding $USER into docker group" - sudo -E gpasswd -a $USER docker - echo "Starting docker" - sudo -E systemctl start docker || true - cd "${kata_dir}/tools/osbuilder" # build image @@ -301,54 +321,31 @@ parts: virtiofsd: plugin: nil - after: [godeps, rustdeps] + after: [godeps, rustdeps, docker] override-build: | source "${SNAPCRAFT_PROJECT_DIR}/snap/local/snap-common.sh" - # Currently, powerpc makes use of the QEMU's C implementation. - # The other platforms make use of the new rust virtiofsd. - # - # See "tools/packaging/scripts/configure-hypervisor.sh". - if [ "${arch}" == "ppc64le" ] - then - echo "INFO: Building QEMU's C version of virtiofsd" - # Handled by the 'qemu' part, so nothing more to do here. - exit 0 - else - echo "INFO: Building rust version of virtiofsd" - fi + echo "INFO: Building rust version of virtiofsd" - cd "${kata_dir}" + cd "${SNAPCRAFT_PROJECT_DIR}" + # Clean-up build dir in case it already exists + sudo -E NO_TTY=true make virtiofsd-tarball - export PATH=${PATH}:${HOME}/.cargo/bin - # Download the rust implementation of virtiofsd - tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh sudo install \ --owner='root' \ --group='root' \ --mode=0755 \ -D \ --target-directory="${SNAPCRAFT_PART_INSTALL}/usr/libexec/" \ - virtiofsd/virtiofsd + build/virtiofsd/builddir/virtiofsd/virtiofsd cloud-hypervisor: plugin: nil - after: [godeps] + after: [godeps, docker] override-build: | source "${SNAPCRAFT_PROJECT_DIR}/snap/local/snap-common.sh" if [ "${arch}" == "aarch64" ] || [ "${arch}" == "x86_64" ]; then - sudo apt-get -y update - sudo apt-get -y install ca-certificates curl gnupg lsb-release - curl -fsSL https://download.docker.com/linux/ubuntu/gpg |\ - sudo gpg --batch --yes --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg - distro_codename=$(lsb_release -cs) - echo "deb [arch=${dpkg_arch} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu ${distro_codename} stable" |\ - sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - sudo apt-get -y update - sudo apt-get -y install docker-ce docker-ce-cli containerd.io - sudo systemctl start docker.socket - cd "${SNAPCRAFT_PROJECT_DIR}" sudo -E NO_TTY=true make cloud-hypervisor-tarball diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 78fb8326b4..e1e7250788 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -26,7 +26,7 @@ readonly firecracker_builder="${static_build_dir}/firecracker/build-static-firec readonly kernel_builder="${static_build_dir}/kernel/build.sh" readonly qemu_builder="${static_build_dir}/qemu/build-static-qemu.sh" readonly shimv2_builder="${static_build_dir}/shim-v2/build.sh" -readonly virtiofsd_builder="${static_build_dir}/virtiofsd/build-static-virtiofsd.sh" +readonly virtiofsd_builder="${static_build_dir}/virtiofsd/build.sh" readonly rootfs_builder="${repo_root_dir}/tools/packaging/guest-image/build_image.sh" diff --git a/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh b/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh index 30eb14a952..90d6d6fa57 100755 --- a/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh +++ b/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh @@ -16,10 +16,13 @@ script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "${script_dir}/../../scripts/lib.sh" +virtiofsd_repo="${virtiofsd_repo:-}" virtiofsd_version="${virtiofsd_version:-}" +virtiofsd_zip="${virtiofsd_zip:-}" -[ -n "$virtiofsd_version" ] || virtiofsd_version=$(get_from_kata_deps "externals.virtiofsd.version") +[ -n "$virtiofsd_repo" ] || die "failed to get virtiofsd repo" [ -n "$virtiofsd_version" ] || die "failed to get virtiofsd version" +[ -n "${virtiofsd_zip}" ] || die "failed to get virtiofsd binary URL" [ -d "virtiofsd" ] && rm -r virtiofsd @@ -28,8 +31,6 @@ pull_virtiofsd_released_binary() { info "Only x86_64 binaries are distributed as part of the virtiofsd releases" && return 1 fi info "Download virtiofsd version: ${virtiofsd_version}" - virtiofsd_zip=$(get_from_kata_deps "externals.virtiofsd.meta.binary") - [ -n "${virtiofsd_zip}" ] || die "failed to get virtiofsd binary URL" mkdir -p virtiofsd @@ -44,31 +45,35 @@ pull_virtiofsd_released_binary() { } init_env() { + source "$HOME/.cargo/env" + case ${ARCH} in "aarch64") LIBC="musl" + ARCH_LIBC="" ;; "ppc64le") LIBC="gnu" ARCH="powerpc64le" + ARCH_LIBC=${ARCH}-linux-${LIBC} ;; "s390x") LIBC="gnu" + ARCH_LIBC=${ARCH}-linux-${LIBC} ;; "x86_64") LIBC="musl" + ARCH_LIBC="" + ;; esac - ARCH_LIBC=${ARCH}-linux-${LIBC} } build_virtiofsd_from_source() { echo "build viriofsd from source" init_env - virtiofsd_url=$(get_from_kata_deps "externals.virtiofsd.url") - - git clone --depth 1 --branch ${virtiofsd_version} ${virtiofsd_url} virtiofsd + git clone --depth 1 --branch ${virtiofsd_version} ${virtiofsd_repo} virtiofsd pushd virtiofsd export RUSTFLAGS='-C target-feature=+crt-static -C link-self-contained=yes' diff --git a/tools/packaging/static-build/virtiofsd/build.sh b/tools/packaging/static-build/virtiofsd/build.sh new file mode 100755 index 0000000000..64441d2aef --- /dev/null +++ b/tools/packaging/static-build/virtiofsd/build.sh @@ -0,0 +1,61 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2022 Intel +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)" +readonly virtiofsd_builder="${script_dir}/build-static-virtiofsd.sh" + +source "${script_dir}/../../scripts/lib.sh" + +DESTDIR=${DESTDIR:-${PWD}} +PREFIX=${PREFIX:-/opt/kata} +container_image="kata-virtiofsd-builder" +kata_version="${kata_version:-}" +virtiofsd_repo="${virtiofsd_repo:-}" +virtiofsd_version="${virtiofsd_version:-}" +virtiofsd_zip="${virtiofsd_zip:-}" +package_output_dir="${package_output_dir:-}" + +[ -n "${virtiofsd_repo}" ] || virtiofsd_repo=$(get_from_kata_deps "externals.virtiofsd.url") +[ -n "${virtiofsd_version}" ] || virtiofsd_version=$(get_from_kata_deps "externals.virtiofsd.version") +[ -n "${virtiofsd_zip}" ] || virtiofsd_zip=$(get_from_kata_deps "externals.virtiofsd.meta.binary") + +[ -n "${virtiofsd_repo}" ] || die "Failed to get virtiofsd repo" +[ -n "${virtiofsd_version}" ] || die "Failed to get virtiofsd version or commit" +[ -n "${virtiofsd_zip}" ] || die "Failed to get virtiofsd binary URL" + +ARCH=$(uname -m) +case ${ARCH} in + "aarch64") + libc="musl" + ;; + "ppc64le") + libc="gnu" + ;; + "s390x") + libc="gnu" + ;; + "x86_64") + libc="musl" + ;; +esac + +sudo docker build \ + -t "${container_image}" "${script_dir}/${libc}" + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${PWD}" \ + --env DESTDIR="${DESTDIR}" \ + --env PREFIX="${PREFIX}" \ + --env virtiofsd_repo="${virtiofsd_repo}" \ + --env virtiofsd_version="${virtiofsd_version}" \ + --env virtiofsd_zip="${virtiofsd_zip}" \ + "${container_image}" \ + bash -c "${virtiofsd_builder}" diff --git a/tools/packaging/static-build/virtiofsd/gnu/Dockerfile b/tools/packaging/static-build/virtiofsd/gnu/Dockerfile new file mode 100644 index 0000000000..c214dfc415 --- /dev/null +++ b/tools/packaging/static-build/virtiofsd/gnu/Dockerfile @@ -0,0 +1,19 @@ +# Copyright (c) 2022 Intel +# +# SPDX-License-Identifier: Apache-2.0 + +FROM ubuntu:20.04 +ENV DEBIAN_FRONTEND=noninteractive +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + build-essential \ + ca-certificates \ + curl \ + git \ + libcap-ng-dev \ + libseccomp-dev \ + unzip && \ + apt-get clean && rm -rf /var/lib/lists/ && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y diff --git a/tools/packaging/static-build/virtiofsd/musl/Dockerfile b/tools/packaging/static-build/virtiofsd/musl/Dockerfile new file mode 100644 index 0000000000..9b9bb93b90 --- /dev/null +++ b/tools/packaging/static-build/virtiofsd/musl/Dockerfile @@ -0,0 +1,16 @@ +# Copyright (c) 2022 Intel +# +# SPDX-License-Identifier: Apache-2.0 + +FROM alpine:3.16.2 + +SHELL ["/bin/ash", "-o", "pipefail", "-c"] +RUN apk --no-cache add \ + bash \ + curl \ + gcc \ + git \ + libcap-ng-static \ + libseccomp-static \ + musl-dev && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y