Merge pull request #2876 from rn/contrib

Re-arrange some files/directories

blueprints/README.md

@@ -1,49 +0,0 @@
-# Blueprints
-
-This directory will contain the blueprints for base systems on the platforms that we support with LinuxKit.
-
-These will be used for running tests, and for the low level parts of blueprints for higher level systems.
-
-These include all the platforms that Docker has editions on, and all platforms that our community supports.
-The detailed blueprints will be addded soon for at least the following platforms. There are WIP versions in
-the [examples/](../examples/) directory.
-
-- MacOS
-- Windows Hyper-V
-- VMWare
-- KVM
-- AWS
-- Azure
-- GCP
-- BlueMix
-- Packet.net
-- ...
-
-
-### Docker for Mac
-
-An initial blueprint for the open source components of Docker for Mac is available in [docker-for-mac](docker-for-mac). The blueprint has support for controlling `dockerd` from the host via `vsudd` and port forwarding with VPNKit. It requires HyperKit, VPNKit and a Docker client on the host to run. The easiest way to install these at the moment is to install a recent version of Docker for Mac.
-
-To build it with the latest Docker CE:
-
-```
-$ linuxkit build -name docker-for-mac base.yml docker-ce.yml
-```
-
-To run the VM with a 4G disk:
-
-```
-linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=4096M -data-file ./metadata.json docker-for-mac
-```
-
-In another terminal you should now be able to access docker via the socket `guest.00000947` in the state directory (`docker-for-mac-state/` by default):
-
-```
-$ docker -H unix://docker-for-mac-state/guest.00000948 ps
-CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
-```
-
-### Linux Containers On Windows (LCOW)
-
-The LCOW blueprint has moved to [its own
-repository](https://github.com/linuxkit/lcow).

blueprints/docker-for-mac/docker-ce.yml

@@ -1,31 +0,0 @@
-services:
-  # Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
-  # Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
-  # for vpnkit coordination and /run/config/docker for the configuration file.
-  - name: docker-dfm
-    image: docker:17.07.0-ce-dind
-    capabilities:
-     - all
-    net: host
-    mounts:
-     - type: cgroup
-       options: ["rw","nosuid","noexec","nodev","relatime"]
-    binds:
-     - /etc/resolv.conf:/etc/resolv.conf
-     - /var/lib/docker:/var/lib/docker
-     - /lib/modules:/lib/modules
-     - /var/vpnkit:/port # vpnkit control 9p mount
-     - /var/run:/var/run
-     - /run/config/docker:/var/config/docker
-     - /usr/bin/vpnkit-expose-port:/usr/bin/vpnkit-expose-port # userland proxy
-     - /usr/bin/vpnkit-iptables-wrapper:/usr/bin/iptables # iptables wrapper 
-    command: [ "/usr/local/bin/docker-init", "/usr/local/bin/dockerd", "--",
-            "--config-file", "/var/config/docker/daemon.json",
-            "--swarm-default-advertise-addr=eth0",
-            "--userland-proxy-path", "/usr/bin/vpnkit-expose-port",
-            "--storage-driver", "overlay2" ]
-    runtime:
-      mkdir: ["/var/lib/docker"]
-trust:
-    org:
-        - library

blueprints/docker-for-mac/metadata.json

@@ -1,10 +0,0 @@
-{
-  "docker": {
-    "entries": {
-      "daemon.json": {
-        "perm": "0644",
-        "content": "{ \"debug\": true }"
-      }
-    }
-  }
-}

docs/kernels.md

@@ -23,8 +23,8 @@ The perf package is called `kernel-perf` and is tagged the same way as
 the kernel packages.
 
 In addition to the official images, there are also some
-[scripts](../scripts/kernels) which repackage kernels packages from
-some Linux distributions into LinuxKit kernel packages. These are
+[scripts](../contrib/foreign-kernels) which repackage kernels packages
+from some Linux distributions into LinuxKit kernel packages. These are
 mostly provided for testing purposes.
 
 

docs/platform-hyperkit.md

@@ -35,7 +35,7 @@ supported and the disks are in raw format.
 HyperKit sends an ACPI power event when it receives SIGTERM to allow the VM to
 shut down properly. The VM has to be able to receive ACPI events to initiate the
 shutdown.  This is provided by the [`acpid` package](../pkg/acpid). An example
-is available in the [Docker for Mac blueprint](../blueprints/docker-for-mac/base.yml).
+is available in the [Docker for Mac example](../examples/docker-for-mac.yml).
 
 ## Networking
 
@@ -177,7 +177,7 @@ domain socket inside the VM to the host via virtio or Hyper-V sockets.
 With HyperKit, the virtio sockets can be exposed as unix domain
 sockets on the host, enabling access to other daemons, like
 `containerd` and `dockerd`, from the host.  An example configuration
-file is available in [examples/vsudd.yml](/examples/vsudd.yml).
+file is available in [examples/vsudd-containerd.yml](/examples/vsudd-containerd.yml).
 
 After building the example, run it with `linuxkit run hyperkit
 -vsock-ports 2374 vsudd`. This will create a unix domain socket in the state directory that maps to the `containerd` control socket. The socket is called `guest.00000946`.

examples/docker-for-mac.md

@@ -0,0 +1,29 @@
+# Docker for Mac
+
+[`docker-for-mac.yml`](./docker-for-mac.yml) contains an example use
+of the open source components of Docker for Mac. The example has
+support for controlling `dockerd` from the host via `vsudd` and port
+forwarding with VPNKit. It requires HyperKit, VPNKit and a Docker
+client on the host to run. The easiest way to install these at the
+moment is to install a recent version of Docker for Mac.
+
+To build it with the latest Docker CE:
+
+```
+$ linuxkit build docker-for-mac.yml
+```
+
+To run the VM with a 4G disk:
+
+```
+linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=4096M -data-file ./metadata.json docker-for-mac
+```
+
+In another terminal you should now be able to access docker via the
+socket `guest.00000947` in the state directory
+(`docker-for-mac-state/` by default):
+
+```
+$ docker -H unix://docker-for-mac-state/guest.00000948 ps
+CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
+```

examples/docker-for-mac.yml

@@ -1,4 +1,4 @@
-# This is a blueprint for building the open source components of Docker for Mac
+# This is an example for building the open source components of Docker for Mac
 kernel:
   image: linuxkit/kernel:4.9.77
   cmdline: "console=ttyS0 page_poison=1"
@@ -79,7 +79,35 @@ services:
   # When the host resumes from sleep, force a clock resync
   - name: host-timesync-daemon
     image: linuxkit/host-timesync-daemon:085e1910de6f311f96a823eaa10ffd6d92ec9679
+  # Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
+  # Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
+  # for vpnkit coordination and /run/config/docker for the configuration file.
+  - name: docker-dfm
+    image: docker:17.07.0-ce-dind
+    capabilities:
+     - all
+    net: host
+    mounts:
+     - type: cgroup
+       options: ["rw","nosuid","noexec","nodev","relatime"]
+    binds:
+     - /etc/resolv.conf:/etc/resolv.conf
+     - /var/lib/docker:/var/lib/docker
+     - /lib/modules:/lib/modules
+     - /var/vpnkit:/port # vpnkit control 9p mount
+     - /var/run:/var/run
+     - /run/config/docker:/var/config/docker
+     - /usr/bin/vpnkit-expose-port:/usr/bin/vpnkit-expose-port # userland proxy
+     - /usr/bin/vpnkit-iptables-wrapper:/usr/bin/iptables # iptables wrapper
+    command: [ "/usr/local/bin/docker-init", "/usr/local/bin/dockerd", "--",
+            "--config-file", "/var/config/docker/daemon.json",
+            "--swarm-default-advertise-addr=eth0",
+            "--userland-proxy-path", "/usr/bin/vpnkit-expose-port",
+            "--storage-driver", "overlay2" ]
+    runtime:
+      mkdir: ["/var/lib/docker"]
 
 trust:
     org:
         - linuxkit
+        - library

scripts/signing/init_signing.sh

@@ -1,25 +0,0 @@
-# USAGE: ./init_signing.sh linuxkit/repo
-
-if [[ -z  $DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE  ]]
-then
-    echo "must set DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE"
-    exit 1
-fi
-
-if [[ -z  $DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE  ]]
-then
-    echo "must set DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE"
-    exit 1
-fi
-
-docker trust signer add justin $1 --key justin.crt
-
-docker trust signer add rolf $1 --key rolf.crt
-
-docker trust signer add ian $1 --key ian.crt --key ian_arm.crt
-
-docker trust signer add avi $1 --key avi.crt --key avi_arm.crt
-
-docker trust signer add riyaz $1 --key riyaz.crt
-
-echo "Successfully set up signing for $1"

test/cases/000_build/100_examples/090_docker_for_mac/test.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-# SUMMARY: Test the Docker for Mac blueprint
+# SUMMARY: Test the Docker for Mac example
 # LABELS: amd64
 
 set -e
@@ -17,7 +17,7 @@ clean_up() {
 trap clean_up EXIT
 
 # Test code goes here
-linuxkit build -name "${NAME}" "${LINUXKIT_BLUEPRINTS_DIR}/${NAME}/base.yml" "${LINUXKIT_BLUEPRINTS_DIR}/${NAME}/docker-ce.yml"
+linuxkit build "${LINUXKIT_EXAMPLES_DIR}/${NAME}.yml"
 
 exit 0
 

test/cases/000_build/200_blueprints/group.sh

@@ -1,31 +0,0 @@
-#!/bin/sh
-# SUMMARY: Check that the blueprint YAML files work
-# LABELS:
-
-group_init() {
-    # Group initialisation code goes here
-    return 0
-}
-
-group_deinit() {
-    # Group de-initialisation code goes here
-    return 0
-}
-
-CMD=$1
-case $CMD in
-init)
-    group_init
-    res=$?
-    ;;
-deinit)
-    group_deinit
-    res=$?
-    ;;
-*)
-    res=1
-    ;;
-esac
-
-exit $res
-

test/cases/group.sh

@@ -11,7 +11,6 @@ group_init() {
     [ -r "${LINUXKIT_TMPDIR}" ] && rm -rf "${LINUXKIT_TMPDIR}"
     mkdir "${LINUXKIT_TMPDIR}"
     echo "export LINUXKIT_EXAMPLES_DIR=${RT_PROJECT_ROOT}/../../examples" >> "${LINUXKIT_TMPDIR}/env.sh"
-    echo "export LINUXKIT_BLUEPRINTS_DIR=${RT_PROJECT_ROOT}/../../blueprints" >> "${LINUXKIT_TMPDIR}/env.sh"
 
     if rt_label_set "gcp"; then
         # If we run GCP tests, make sure it is configured