github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 09:39:08 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1934 from justincormack/default-ns-change

Browse Source 
Default ns change
This commit is contained in:
Justin Cormack 2017-05-30 16:20:38 +01:00 committed by GitHub
commit 5bb90f166a
43 changed files with 116 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -17,7 +17,7 @@ endif
PREFIX?=/usr/local/ PREFIX?=/usr/local/
MOBY_COMMIT=101fa30ef335b2fa70ef4fc322821a12bd368c26 MOBY_COMMIT=5cd1e4e2ae09409940c7c6b36fa3f46f362fc1ab
bin/moby: Makefile | bin bin/moby: Makefile | bin
docker run --rm --log-driver=none $(CROSS) $(GO_COMPILE) --clone-path github.com/moby/tool --clone https://github.com/moby/tool.git --commit $(MOBY_COMMIT) --package github.com/moby/tool/cmd/moby --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_moby_bin.tar docker run --rm --log-driver=none $(CROSS) $(GO_COMPILE) --clone-path github.com/moby/tool --clone https://github.com/moby/tool.git --commit $(MOBY_COMMIT) --package github.com/moby/tool/cmd/moby --ldflags "-X main.GitCommit=$(GIT_COMMIT) -X main.Version=$(VERSION)" -o $@ > tmp_moby_bin.tar
tar xf tmp_moby_bin.tar > $@ tar xf tmp_moby_bin.tar > $@

4
docs/external-disk.md
View File

@ -39,9 +39,9 @@ To simplify the process, two `onboot` images are available for you to use:
```yml ```yml
onboot: onboot:
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/external"] command: ["/mount.sh", "/var/external"]
``` ```

16
examples/docker.yml
View File

@ -8,23 +8,23 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: sysfs - name: sysfs
image: linuxkit/sysfs:47367d0ef851e8bf2a9e2f80a05392c17f5c2c88 image: linuxkit/sysfs:1244c5a86dfa2318c4e304af68d37e12367e1b7f
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/lib/docker"] command: ["/mount.sh", "/var/lib/docker"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:45deeb05f736162d941c9bf494983f655ab80aa5"
- name: docker - name: docker
image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59" image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59"
capabilities: capabilities:

10
examples/gcp.yml
View File

@ -8,17 +8,17 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:b053fd6a945829bb626bb3546cad69aae0ff7803" image: "linuxkit/metadata:4e73345cdcb4f7e9df07b0ee7aede652960297f2"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
- /var/config/ssh/authorized_keys:/root/.ssh/authorized_keys - /var/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- /tmp/etc/resolv.conf:/etc/resolv.conf - /tmp/etc/resolv.conf:/etc/resolv.conf
- name: nginx - name: nginx

2
examples/minimal.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
trust: trust:
org: org:

6
examples/node_exporter.yml
View File

@ -7,11 +7,11 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: node_exporter - name: node_exporter
image: "linuxkit/node_exporter:29a85e9c5de1a1bd470a963878194303f6a7bd8c" image: "linuxkit/node_exporter:265b35e1c9bd659fff22b0345fc7c8735c787b3c"
trust: trust:
org: org:
- linuxkit - linuxkit

8
examples/packet.yml
View File

@ -8,14 +8,14 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
files: files:
- path: root/.ssh/authorized_keys - path: root/.ssh/authorized_keys
contents: '#your ssh key here' contents: '#your ssh key here'

2
examples/redis-os.yml
View File

@ -9,7 +9,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: redis - name: redis

8
examples/sshd.yml
View File

@ -8,14 +8,14 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
files: files:
- path: root/.ssh/authorized_keys - path: root/.ssh/authorized_keys
contents: '#your ssh key here' contents: '#your ssh key here'

12
examples/swap.yml
View File

@ -8,23 +8,23 @@ init:
- linuxkit/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 - linuxkit/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/external"] command: ["/mount.sh", "/var/external"]
- name: swap - name: swap
image: "linuxkit/swap:085f0088dd1ef2f994e707e438218ea4d41bad13" image: "linuxkit/swap:e36b5e794256c2a56c000035f73a4d46f7ffb3e6"
# to use unencrypted swap, use: # to use unencrypted swap, use:
# command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G"] # command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G"]
command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"] command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

6
examples/vmware.yml
View File

@ -8,12 +8,12 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

8
linuxkit.yml
View File

@ -8,15 +8,15 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

2
pkg/binfmt/Dockerfile
View File

@ -19,4 +19,4 @@ COPY --from=qemu usr/bin/qemu-* usr/bin/
COPY --from=mirror /go/bin/binfmt usr/bin/binfmt COPY --from=mirror /go/bin/binfmt usr/bin/binfmt
COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf
CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"] CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]
LABEL org.mobyproject.config='{"binds": ["/proc/sys/fs/binfmt_misc:/binfmt_misc"], "readonly": true}' LABEL org.mobyproject.config='{"binds": ["/proc/sys/fs/binfmt_misc:/binfmt_misc"], "readonly": true, "net": "new", "ipc": "new"}'

2
pkg/dhcpcd/Dockerfile
View File

@ -16,4 +16,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY /dhcpcd.conf /usr/ / COPY /dhcpcd.conf /usr/ /
CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"] CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
LABEL org.mobyproject.config='{"binds": ["/var:/var", "/tmp/etc:/etc"], "net": "host", "capabilities": ["CAP_NET_ADMIN", "CAP_NET_BIND_SERVICE", "CAP_NET_RAW"]}' LABEL org.mobyproject.config='{"binds": ["/var:/var", "/tmp/etc:/etc"], "capabilities": ["CAP_NET_ADMIN", "CAP_NET_BIND_SERVICE", "CAP_NET_RAW"]}'

2
pkg/format/Dockerfile
View File

@ -19,4 +19,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY format.sh / COPY format.sh /
CMD ["/bin/sh", "/format.sh"] CMD ["/bin/sh", "/format.sh"]
LABEL org.mobyproject.config='{"binds": ["/dev:/dev"], "capabilities": ["CAP_SYS_ADMIN", "CAP_MKNOD"]}' LABEL org.mobyproject.config='{"binds": ["/dev:/dev"], "capabilities": ["CAP_SYS_ADMIN", "CAP_MKNOD"], "net": "new", "ipc": "new"}'

2
pkg/metadata/Dockerfile
View File

@ -12,4 +12,4 @@ CMD []
WORKDIR / WORKDIR /
COPY --from=mirror /go/bin/metadata /usr/bin/metadata COPY --from=mirror /go/bin/metadata /usr/bin/metadata
CMD ["/usr/bin/metadata"] CMD ["/usr/bin/metadata"]
LABEL org.mobyproject.config='{"net": "host", "binds": ["/dev:/dev", "/var:/var", "/tmp/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["CAP_SYS_ADMIN"]}' LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var", "/tmp/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["CAP_SYS_ADMIN"]}'

2
pkg/mount/Dockerfile
View File

@ -17,4 +17,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY mount.sh / COPY mount.sh /
CMD ["/bin/sh", "/mount.sh"] CMD ["/bin/sh", "/mount.sh"]
LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var:rshared,rbind"], "capabilities": ["CAP_SYS_ADMIN"], "rootfsPropagation": "shared"}' LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var:rshared,rbind"], "capabilities": ["CAP_SYS_ADMIN"], "rootfsPropagation": "shared", "net": "new", "ipc": "new"}'

2
pkg/node_exporter/Dockerfile
View File

@ -4,4 +4,4 @@ ENTRYPOINT ["/bin/node_exporter", "-collector.procfs", "/host/proc", \
"-collector.sysfs", "/host/sys", \ "-collector.sysfs", "/host/sys", \
"-collector.filesystem.ignored-mount-points", \ "-collector.filesystem.ignored-mount-points", \
"^/(sys|proc|dev|host|etc)($|/)"] "^/(sys|proc|dev|host|etc)($|/)"]
LABEL org.mobyproject.config='{"net": "host", "pid": "host", "binds": ["/proc:/host/proc", "/sys:/host/sys", "/:/rootfs"], "capabilities": ["all"]}' LABEL org.mobyproject.config='{"pid": "host", "binds": ["/proc:/host/proc", "/sys:/host/sys", "/:/rootfs"], "capabilities": ["all"]}'

1
pkg/open-vm-tools/Dockerfile
View File

@ -14,4 +14,3 @@ CMD []
WORKDIR / WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
CMD ["/usr/bin/vmtoolsd"] CMD ["/usr/bin/vmtoolsd"]
LABEL org.mobyproject.config='{"net": "host"}'

2
pkg/openntpd/Dockerfile
View File

@ -16,4 +16,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY etc/ /etc/ COPY etc/ /etc/
CMD ["/usr/sbin/ntpd", "-d", "-s"] CMD ["/usr/sbin/ntpd", "-d", "-s"]
LABEL org.mobyproject.config='{"net": "host", "capabilities": ["CAP_SYS_TIME", "CAP_SYS_NICE", "CAP_SYS_CHROOT", "CAP_SETUID", "CAP_SETGID"]}' LABEL org.mobyproject.config='{"capabilities": ["CAP_SYS_TIME", "CAP_SYS_NICE", "CAP_SYS_CHROOT", "CAP_SETUID", "CAP_SETGID"]}'

2
pkg/rngd/Dockerfile
View File

@ -42,4 +42,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY --from=build usr/sbin/rngd usr/sbin/rngd COPY --from=build usr/sbin/rngd usr/sbin/rngd
CMD ["/sbin/tini", "/usr/sbin/rngd", "-f"] CMD ["/sbin/tini", "/usr/sbin/rngd", "-f"]
LABEL org.mobyproject.config='{"capabilities": ["CAP_SYS_ADMIN"], "oomScoreAdj": -800, "readonly": true}' LABEL org.mobyproject.config='{"capabilities": ["CAP_SYS_ADMIN"], "oomScoreAdj": -800, "readonly": true, "net": "new", "ipc": "new"}'

2
pkg/sshd/Dockerfile
View File

@ -19,4 +19,4 @@ COPY etc/ /etc/
COPY usr/ /usr/ COPY usr/ /usr/
RUN mkdir -p /etc/ssh /root/.ssh && chmod 0700 /root/.ssh RUN mkdir -p /etc/ssh /root/.ssh && chmod 0700 /root/.ssh
CMD ["/sbin/tini", "/usr/bin/ssh.sh"] CMD ["/sbin/tini", "/usr/bin/ssh.sh"]
LABEL org.mobyproject.config='{"net": "host", "pid": "host", "binds": ["/root/.ssh:/root/.ssh", "/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["all"]}' LABEL org.mobyproject.config='{"pid": "host", "binds": ["/root/.ssh:/root/.ssh", "/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["all"]}'

2
pkg/swap/Dockerfile
View File

@ -16,4 +16,4 @@ WORKDIR /
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY /swap.sh . COPY /swap.sh .
ENTRYPOINT ["swap.sh"] ENTRYPOINT ["swap.sh"]
LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var"], "capabilities": ["CAP_SYS_ADMIN", "CAP_MKNOD"]}' LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var"], "capabilities": ["CAP_SYS_ADMIN", "CAP_MKNOD"], "net": "new", "ipc": "new"}'

2
pkg/swap/README.md
View File

@ -8,7 +8,7 @@ Normally, unless you are running explicitly in a desktop version, LinuxKit image
``` ```
onboot: onboot:
- name: swap - name: swap
image: "linuxkit/swap:085f0088dd1ef2f994e707e438218ea4d41bad13" image: "linuxkit/swap:e36b5e794256c2a56c000035f73a4d46f7ffb3e6"
command: ["swap.sh","--path","/var/external/swap","--size","2G"] command: ["swap.sh","--path","/var/external/swap","--size","2G"]
``` ```

2
pkg/sysctl/Dockerfile
View File

@ -13,4 +13,4 @@ WORKDIR /
COPY --from=mirror /go/bin/sysctl /usr/bin/sysctl COPY --from=mirror /go/bin/sysctl /usr/bin/sysctl
COPY etc/ /etc/ COPY etc/ /etc/
CMD ["/usr/bin/sysctl"] CMD ["/usr/bin/sysctl"]
LABEL org.mobyproject.config='{"net": "host","pid": "host", "ipc": "host", "readonly": true, "capabilities": ["CAP_SYS_ADMIN"]}' LABEL org.mobyproject.config='{"pid": "host", "readonly": true, "capabilities": ["CAP_SYS_ADMIN"]}'

1
pkg/sysfs/Dockerfile
View File

@ -13,3 +13,4 @@ WORKDIR /
COPY --from=mirror /go/bin/sysfs /usr/bin/sysfs COPY --from=mirror /go/bin/sysfs /usr/bin/sysfs
COPY etc/ /etc/ COPY etc/ /etc/
CMD ["/usr/bin/sysfs"] CMD ["/usr/bin/sysfs"]
LABEL org.mobyproject.config='{"net": "new", "ipc": "new"}'

16
projects/etcd/etcd.yml
View File

@ -8,24 +8,24 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/lib/etcd"] command: ["/mount.sh", "/var/lib/etcd"]
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:b053fd6a945829bb626bb3546cad69aae0ff7803" image: "linuxkit/metadata:4e73345cdcb4f7e9df07b0ee7aede652960297f2"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:45deeb05f736162d941c9bf494983f655ab80aa5"
- name: node_exporter - name: node_exporter
image: "linuxkit/node_exporter:29a85e9c5de1a1bd470a963878194303f6a7bd8c" image: "linuxkit/node_exporter:265b35e1c9bd659fff22b0345fc7c8735c787b3c"
- name: etcd - name: etcd
image: "moby/etcd" image: "moby/etcd"
capabilities: capabilities:

6
projects/etcd/prom-us-central1-f.yml
View File

@ -8,12 +8,12 @@ init:
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata - name: metadata
image: "linuxkit/metadata:b053fd6a945829bb626bb3546cad69aae0ff7803" image: "linuxkit/metadata:4e73345cdcb4f7e9df07b0ee7aede652960297f2"
services: services:
- name: rngd - name: rngd
image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9"

8
projects/ima-namespace/ima-namespace.yml
View File

@ -9,15 +9,15 @@ init:
- linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29 - linuxkit/ima-utils:dfeb3896fd29308b80ff9ba7fe5b8b767e40ca29
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

16
projects/kubernetes/kube-master.yml
View File

@ -8,13 +8,13 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: sysfs - name: sysfs
image: linuxkit/sysfs:47367d0ef851e8bf2a9e2f80a05392c17f5c2c88 image: linuxkit/sysfs:1244c5a86dfa2318c4e304af68d37e12367e1b7f
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mounts - name: mounts
image: "linuxkit/kubernetes:latest-mounts" image: "linuxkit/kubernetes:latest-mounts"
capabilities: capabilities:
@ -26,13 +26,13 @@ onboot:
- /var:/var:rshared,rbind - /var:/var:rshared,rbind
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:45deeb05f736162d941c9bf494983f655ab80aa5"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
- name: docker - name: docker
image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59" image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59"
capabilities: capabilities:

16
projects/kubernetes/kube-node.yml
View File

@ -8,13 +8,13 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: sysfs - name: sysfs
image: linuxkit/sysfs:47367d0ef851e8bf2a9e2f80a05392c17f5c2c88 image: linuxkit/sysfs:1244c5a86dfa2318c4e304af68d37e12367e1b7f
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mounts - name: mounts
image: "linuxkit/kubernetes:latest-mounts" image: "linuxkit/kubernetes:latest-mounts"
capabilities: capabilities:
@ -26,13 +26,13 @@ onboot:
- /var:/var:rshared,rbind - /var:/var:rshared,rbind
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:45deeb05f736162d941c9bf494983f655ab80aa5"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
- name: docker - name: docker
image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59" image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59"
capabilities: capabilities:

2
projects/kubernetes/mounts.rb
View File

@ -1,6 +1,6 @@
import 'common.rb' import 'common.rb'
from "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" from "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
script = [ script = [
mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"), mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"),

8
projects/logging/examples/logging.yml
View File

@ -9,15 +9,15 @@ init:
- linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012 - linuxkit/memlogd:9b5834189f598f43c507f6938077113906f51012
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: nginx - name: nginx
image: "nginx:alpine" image: "nginx:alpine"
capabilities: capabilities:

2
projects/miragesdk/examples/mirage-dhcp.yml
View File

@ -8,7 +8,7 @@ init:
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935 - mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: rngd - name: rngd
image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9 image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9

8
projects/okernel/examples/okernel_simple.yaml
View File

@ -8,14 +8,14 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: sshd - name: sshd
image: "linuxkit/sshd:ddce15b9fbde068941e31294acdcd22befa4fc20" image: "linuxkit/sshd:abc1f5e096982ebc3fb61c506aed3ac9c2ae4d55"
files: files:
- path: root/.ssh/authorized_keys - path: root/.ssh/authorized_keys
contents: '#your ssh key here' contents: '#your ssh key here'

14
projects/swarmd/swarmd.yml
View File

@ -8,26 +8,26 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/lib/swarmd"] command: ["/mount.sh", "/var/lib/swarmd"]
- name: metadata - name: metadata
image: "linuxkit/metadata:b053fd6a945829bb626bb3546cad69aae0ff7803" image: "linuxkit/metadata:4e73345cdcb4f7e9df07b0ee7aede652960297f2"
services: services:
- name: qemu-ga - name: qemu-ga
image: "linuxkit/qemu-ga:e5fbcf55926f6e1a96b3e49a392e547e8be1022c" image: "linuxkit/qemu-ga:e5fbcf55926f6e1a96b3e49a392e547e8be1022c"
binds: binds:
- /dev/vport0p1:/dev/vport0p1 - /dev/vport0p1:/dev/vport0p1
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" image: "linuxkit/openntpd:45deeb05f736162d941c9bf494983f655ab80aa5"
- name: swarmd - name: swarmd
image: "linuxkit/swarmd:a2f57f14f07fb6d7cded7832b2dabe878b28554e" image: "linuxkit/swarmd:a2f57f14f07fb6d7cded7832b2dabe878b28554e"
command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"] command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]

2
test/cases/000_build/000_outputs/test.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
trust: trust:
org: org:

14
test/cases/030_security/000_docker-bench/test-docker-bench.yml
View File

@ -8,21 +8,21 @@ init:
- linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d - linuxkit/ca-certificates:75cf419fb58770884c3464eb687ec8dfc704169d
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: sysfs - name: sysfs
image: "linuxkit/sysfs:47367d0ef851e8bf2a9e2f80a05392c17f5c2c88" image: "linuxkit/sysfs:1244c5a86dfa2318c4e304af68d37e12367e1b7f"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: format - name: format
image: "linuxkit/format:55afe08816c2a4d8dbae3ee51ef53e0bee422d66" image: "linuxkit/format:180cb2dc1de5e60373385080f8148abf10a3afac"
- name: mount - name: mount
image: "linuxkit/mount:15e20f27abe69d276f796e4026531833ec5ff345" image: "linuxkit/mount:ff5338822f20375b8913f5a80f9ed4f6ea9a592b"
command: ["/mount.sh", "/var/lib/docker"] command: ["/mount.sh", "/var/lib/docker"]
services: services:
- name: rngd - name: rngd
image: "linuxkit/rngd:b67c3151a52b05db50e6207b40876900f2208d14" image: "linuxkit/rngd:1fa4de44c961bb5075647181891a3e7e7ba51c31"
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
- name: docker - name: docker
image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59" image: "linuxkit/docker-ce:668d62da6e3da081a8f8aca7db3e2a98adf5da59"
capabilities: capabilities:

2
test/cases/040_packages/002_binfmt/test-binfmt.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:3433ade10a9271d4035f9424e8669358e425b6f6" image: "linuxkit/binfmt:8ac5535f57f0c6f5fe88317b9d22a7677093c765"
- name: test - name: test
image: "alpine:3.6" image: "alpine:3.6"
readonly: true readonly: true

2
test/cases/040_packages/004_dhcpcd/test-dhcpcd.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: test - name: test
image: "alpine:3.6" image: "alpine:3.6"

2
test/cases/040_packages/019_sysctl/test-sysctl.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: sysctl - name: sysctl
image: "linuxkit/sysctl:b16a483897dd5f71be7e0c04cd090b05f52682e1" image: "linuxkit/sysctl:3aa6bc663c2849ef239be7d941d3eaf3e6fcc018"
- name: test - name: test
image: "alpine:3.6" image: "alpine:3.6"
net: host net: host

2
test/hack/test.yml
View File

@ -9,7 +9,7 @@ init:
- linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b - linuxkit/containerd:b1766e4c4c09f63ac4925a6e4612852a93f7e73b
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:7d2f17a0e5d1ef9a75a527821a9ab0d753b22e7e" image: "linuxkit/dhcpcd:7d2b8aaaf20c24ad7d11a5ea2ea5b4a80dc966f1"
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: check-kernel-config - name: check-kernel-config
image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c" image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"

2
test/pkg/poweroff/Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.5 FROM alpine:3.5
ADD . ./ ADD . ./
ENTRYPOINT ["/bin/sh", "/poweroff.sh"] ENTRYPOINT ["/bin/sh", "/poweroff.sh"]
LABEL org.mobyproject.config='{"net": "host","pid": "host", "ipc": "host", "readonly": true, "capabilities": ["CAP_SYS_BOOT"]}' LABEL org.mobyproject.config='{"pid": "host", "readonly": true, "capabilities": ["CAP_SYS_BOOT"]}'