From 92fc7f18a243ff3ed9d26b8f5ba063c0b51460ba Mon Sep 17 00:00:00 2001 From: Jeff Grafton Date: Thu, 9 Aug 2018 15:52:44 -0700 Subject: [PATCH 1/3] ensure qemu-ARCH-static binary is world readable and executable --- build/debian-base/Makefile | 4 +++- test/images/image-util.sh | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/build/debian-base/Makefile b/build/debian-base/Makefile index cdeac1dc642..bae4fd25f13 100755 --- a/build/debian-base/Makefile +++ b/build/debian-base/Makefile @@ -57,9 +57,11 @@ ifeq ($(ARCH),amd64) sed "/CROSS_BUILD_/d" $(TEMP_DIR)/Dockerfile.build > $(TEMP_DIR)/Dockerfile.build.tmp else # When cross-building, only the placeholder "CROSS_BUILD_" should be removed - # Register /usr/bin/qemu-ARCH-static as the handler for ARM binaries in the kernel + # Register /usr/bin/qemu-ARCH-static as the handler for non-x86 binaries in the kernel docker run --rm --privileged multiarch/qemu-user-static:register --reset curl -sSL https://github.com/multiarch/qemu-user-static/releases/download/$(QEMUVERSION)/x86_64_qemu-$(QEMUARCH)-static.tar.gz | tar -xz -C $(TEMP_DIR) + # Ensure we don't get surprised by umask settings + chmod 0755 qemu-$(QEMUARCH)-static sed "s/CROSS_BUILD_//g" $(TEMP_DIR)/Dockerfile.build > $(TEMP_DIR)/Dockerfile.build.tmp endif mv $(TEMP_DIR)/Dockerfile.build.tmp $(TEMP_DIR)/Dockerfile.build diff --git a/test/images/image-util.sh b/test/images/image-util.sh index fdd0f0105b6..0c645c42e00 100755 --- a/test/images/image-util.sh +++ b/test/images/image-util.sh @@ -82,6 +82,8 @@ build() { # Register qemu-*-static for all supported processors except the current one docker run --rm --privileged multiarch/qemu-user-static:register --reset curl -sSL https://github.com/multiarch/qemu-user-static/releases/download/${QEMUVERSION}/x86_64_qemu-${QEMUARCHS[$arch]}-static.tar.gz | tar -xz -C ${temp_dir} + # Ensure we don't get surprised by umask settings + chmod 0755 "${temp_dir}/qemu-${QEMUARCHS[$arch]}-static" ${SED} -i "s/CROSS_BUILD_//g" Dockerfile fi fi From 0dee9f150b91cc822db619d409b732f4e430f5c6 Mon Sep 17 00:00:00 2001 From: Jeff Grafton Date: Thu, 9 Aug 2018 15:57:11 -0700 Subject: [PATCH 2/3] Only register qemu-user-static when necessary. Also, don't re-download qemu-ARCH-static binaries for debian-iptables --- build/debian-hyperkube-base/Makefile | 2 ++ build/debian-iptables/Dockerfile | 4 ---- build/debian-iptables/Makefile | 25 ++----------------------- cluster/images/hyperkube/Makefile | 2 ++ 4 files changed, 6 insertions(+), 27 deletions(-) diff --git a/build/debian-hyperkube-base/Makefile b/build/debian-hyperkube-base/Makefile index f47d8caa6d2..30b12386a3e 100644 --- a/build/debian-hyperkube-base/Makefile +++ b/build/debian-hyperkube-base/Makefile @@ -51,8 +51,10 @@ endif mkdir -p ${TEMP_DIR}/cni-bin/bin tar -xz -C ${TEMP_DIR}/cni-bin/bin -f "cni-tars/${CNI_TARBALL}" +ifneq ($(ARCH),amd64) # Register /usr/bin/qemu-ARCH-static as the handler for non-x86 binaries in the kernel docker run --rm --privileged multiarch/qemu-user-static:register --reset +endif docker build --pull -t $(REGISTRY)/$(IMAGE)-$(ARCH):$(TAG) $(TEMP_DIR) rm -rf $(TEMP_DIR) diff --git a/build/debian-iptables/Dockerfile b/build/debian-iptables/Dockerfile index 0ec3d56dc62..e4fd481fbb4 100644 --- a/build/debian-iptables/Dockerfile +++ b/build/debian-iptables/Dockerfile @@ -14,10 +14,6 @@ FROM BASEIMAGE -# If we're building for another architecture than amd64, the CROSS_BUILD_ placeholder is removed so e.g. CROSS_BUILD_COPY turns into COPY -# If we're building normally, for amd64, CROSS_BUILD lines are removed -CROSS_BUILD_COPY qemu-ARCH-static /usr/bin/ - RUN clean-install \ conntrack \ ebtables \ diff --git a/build/debian-iptables/Makefile b/build/debian-iptables/Makefile index d70a4fce8bf..8cd9ccb4d4c 100644 --- a/build/debian-iptables/Makefile +++ b/build/debian-iptables/Makefile @@ -19,37 +19,16 @@ IMAGE=debian-iptables TAG=v10.1 ARCH?=amd64 TEMP_DIR:=$(shell mktemp -d) -QEMUVERSION=v2.9.1 - -ifeq ($(ARCH),arm) - QEMUARCH=arm -endif -ifeq ($(ARCH),arm64) - QEMUARCH=aarch64 -endif -ifeq ($(ARCH),ppc64le) - QEMUARCH=ppc64le -endif -ifeq ($(ARCH),s390x) - QEMUARCH=s390x -endif BASEIMAGE=k8s.gcr.io/debian-base-$(ARCH):0.3.1 build: cp ./* $(TEMP_DIR) cd $(TEMP_DIR) && sed -i "s|BASEIMAGE|$(BASEIMAGE)|g" Dockerfile - cd $(TEMP_DIR) && sed -i "s|ARCH|$(QEMUARCH)|g" Dockerfile -ifeq ($(ARCH),amd64) - # When building "normally" for amd64, remove the whole line, it has no part in the amd64 image - cd $(TEMP_DIR) && sed -i "/CROSS_BUILD_/d" Dockerfile -else - # When cross-building, only the placeholder "CROSS_BUILD_" should be removed - # Register /usr/bin/qemu-ARCH-static as the handler for ARM binaries in the kernel +ifneq ($(ARCH),amd64) + # Register /usr/bin/qemu-ARCH-static as the handler for non-x86 binaries in the kernel docker run --rm --privileged multiarch/qemu-user-static:register --reset - curl -sSL https://github.com/multiarch/qemu-user-static/releases/download/$(QEMUVERSION)/x86_64_qemu-$(QEMUARCH)-static.tar.gz | tar -xz -C $(TEMP_DIR) - cd $(TEMP_DIR) && sed -i "s/CROSS_BUILD_//g" Dockerfile endif docker build --pull -t $(REGISTRY)/$(IMAGE)-$(ARCH):$(TAG) $(TEMP_DIR) diff --git a/cluster/images/hyperkube/Makefile b/cluster/images/hyperkube/Makefile index 4c8a645d92a..3d0a6f5d0fe 100644 --- a/cluster/images/hyperkube/Makefile +++ b/cluster/images/hyperkube/Makefile @@ -39,8 +39,10 @@ endif cd ${TEMP_DIR} && sed -i.back "s|BASEIMAGE|${BASEIMAGE}|g" Dockerfile +ifneq ($(ARCH),amd64) # Register /usr/bin/qemu-ARCH-static as the handler for non-x86 binaries in the kernel docker run --rm --privileged multiarch/qemu-user-static:register --reset +endif docker build --pull -t ${REGISTRY}/hyperkube-${ARCH}:${VERSION} ${TEMP_DIR} rm -rf "${TEMP_DIR}" From eb796ba1b02b348bc3618cbe6c13aacaf4b1c9a9 Mon Sep 17 00:00:00 2001 From: Jeff Grafton Date: Thu, 9 Aug 2018 15:59:25 -0700 Subject: [PATCH 3/3] Bump debian-base to 0.3.2 --- build/debian-base/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/debian-base/Makefile b/build/debian-base/Makefile index bae4fd25f13..ef39666460a 100755 --- a/build/debian-base/Makefile +++ b/build/debian-base/Makefile @@ -18,7 +18,7 @@ REGISTRY ?= staging-k8s.gcr.io IMAGE ?= debian-base BUILD_IMAGE ?= debian-build -TAG ?= 0.3.1 +TAG ?= 0.3.2 TAR_FILE ?= rootfs.tar ARCH?=amd64