Use official docker image instead of Alpine package; switch to aufs by default

Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
2025-07-20 09:39:08 +00:00 · 2015-12-18 14:13:34 +00:00 · 2015-12-18 14:13:34 +00:00 · 6cce9a78e9
commit 6cce9a78e9
parent 2a0f80b497
11 changed files with 55 additions and 152 deletions
--- a/alpine/Dockerfile
+++ b/alpine/Dockerfile
@ -9,14 +9,16 @@ RUN \
  adduser -G docker -u 1001 -s /bin/sh -D -g "Docker" docker && \
  apk update && apk upgrade && \
  apk add \
-  e2fsprogs docker chrony \
+  e2fsprogs chrony \
  git xz iptables \
  sfdisk lvm2 syslinux
 COPY etc /etc/
 ADD kernel/aufs-utils.tar /
 COPY mkinitrd.sh /bin/
 COPY packages/9pudc/9pudc packages/mdnstool/mdnstool /sbin/
 COPY packages/docker/docker /usr/bin/
 RUN \
  setup-timezone -z UTC && \
@ -49,7 +51,4 @@ RUN \
  rc-update add automount boot && \
  ln -s /bin/busybox /init
 # docker mac specific, should be packages
 COPY packages/9pudc/9pudc packages/mdnstool/mdnstool /sbin/
 CMD ["/bin/sh"]
--- a/alpine/Makefile
+++ b/alpine/Makefile
@ -13,13 +13,10 @@ kernel/aufs-utils.tar:
 initrd.img: Dockerfile mkinitrd.sh repositories $(ETCFILES) kernel/aufs-utils.tar
 	rm -f initrd.img
-	$(MAKE) -C packages/9pudc
+	$(MAKE) -C packages
 	$(MAKE) -C packages/mdnstool
 	docker build -t moby:build .
 	docker run moby:build /bin/mkinitrd.sh > $@
 clean:
 	rm -f initrd.img
-	$(MAKE) -C packages/9pudc clean
+	$(MAKE) -C packages clean
 	$(MAKE) -C packages/mdnstool clean
 	$(MAKE) -C kernel clean
--- a/alpine/etc/conf.d/docker
+++ b/alpine/etc/conf.d/docker
@ -1,3 +1,5 @@
 # /etc/conf.d/docker
 export DOCKER_RAMDISK="true"
 export DOCKER_BINARY="/usr/bin/docker"
 export DOCKER_OPTS="-s aufs"
--- a/alpine/etc/init.d/docker
+++ b/alpine/etc/init.d/docker
@ -0,0 +1,26 @@
 #!/sbin/openrc-run
 # Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 command="${DOCKER_BINARY:-/usr/bin/docker}"
 pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}"
 command_args="daemon -p \"${pidfile}\" ${DOCKER_OPTS}"
 DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
 start_stop_daemon_args="--background \
        --stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\""
 grsecdir=/proc/sys/kernel/grsecurity
 start_pre() {
        checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
        for i in $disable_grsec; do
                if [ -e "$grsecdir/$i" ]; then
                        einfo " Disabling $i"
                        echo 0 > "$grsecdir/$i"
                fi
        done
        ulimit -n 1048576
        return 0
 }
--- a/alpine/packages/Makefile
+++ b/alpine/packages/Makefile
@ -0,0 +1,9 @@
 all:
 	$(MAKE) -C 9pudc
 	$(MAKE) -C mdnstool
 	$(MAKE) -C docker
 clean:
 	$(MAKE) -C 9pudc clean
 	$(MAKE) -C mdnstool clean
 	$(MAKE) -C docker clean
--- a/alpine/packages/docker/.gitignore
+++ b/alpine/packages/docker/.gitignore
@ -0,0 +1 @@
 docker
--- a/alpine/packages/docker/APKBUILD
+++ b/alpine/packages/docker/APKBUILD
@ -1,101 +0,0 @@
 # Maintainer: Eivind Uggedal <eivind@uggedal.com>
 pkgname=docker
 pkgver=1.9.1
 pkgrel=2
 _gitcommit=a34a1d5
 pkgdesc="Pack, ship and run any application as a lightweight container"
 url="http://www.docker.io/"
 arch="all"
 license="ASL 2.0"
 depends="iptables git xz"
 depends_dev=""
 makedepends="go sqlite-dev btrfs-progs-dev bash linux-headers"
 options="!strip"
 install="$pkgname.pre-install"
 subpackages="
 	$pkgname-bash-completion:bashcomp
 	$pkgname-zsh-completion:zshcomp
 	$pkgname-vim:vim
 	"
 source="
 	$pkgname-$pkgver.tar.gz::https://github.com/docker/docker/archive/v$pkgver.tar.gz
 	openrc-fixes.patch
 	"
 _builddir="$srcdir"/$pkgname-$pkgver
 _buildtags="exclude_graphdriver_aufs exclude_graphdriver_devicemapper"
 prepare() {
 	local i
 	cd "$_builddir"
 	for i in $source; do
 		case $i in
 		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
 		esac
 	done
 }
 build() {
 	cd "$_builddir"
 	export AUTO_GOPATH=1
 	export DOCKER_GITCOMMIT=$_gitcommit
 	export DOCKER_BUILDTAGS=$_buildtags
 	unset CC # prevent possible ccache issues
 	./hack/make.sh dynbinary
 }
 package() {
 	cd "$_builddir"
 	local ver=$(cat VERSION)
 	install -Dm755 bundles/$ver/dynbinary/docker-$ver \
 		"$pkgdir"/usr/bin/docker
 	install -Dm755 bundles/$ver/dynbinary/dockerinit-$ver \
 		"$pkgdir"/usr/lib/docker/dockerinit
 	install -Dm755 contrib/init/openrc/docker.initd \
 		"$pkgdir"/etc/init.d/docker
 	install -Dm644 contrib/init/openrc/docker.confd \
 		"$pkgdir"/etc/conf.d/docker
 }
 bashcomp() {
 	pkgdesc="Bash completion for Docker"
 	arch="noarch"
 	depends=""
 	install_if="$pkgname=$pkgver-r$pkgrel bash-completion"
 	install -Dm644 "$_builddir"/contrib/completion/bash/$pkgname \
 		"$subpkgdir"/usr/share/bash-completion/completions/$pkgname
 }
 zshcomp() {
 	pkgdesc="Zsh completion for $pkgname"
 	arch="noarch"
 	depends=""
 	install_if="$pkgname=$pkgver-r$pkgrel zsh"
 	install -Dm644 "$_builddir"/contrib/completion/zsh/_$pkgname \
 		"$subpkgdir"/usr/share/zsh/site-functions/_$pkgname || return 1
 }
 vim() {
 	depends=""
 	pkgdesc="Vim syntax for Docker"
 	arch="noarch"
 	local f=
 	for f in ftdetect/dockerfile.vim syntax/dockerfile.vim; do
 		install -Dm644 "$_builddir"/contrib/syntax/vim/$f \
 			"$subpkgdir"/usr/share/vim/vimfiles/$f
 	done
 }
 md5sums="e00baca222046de0359b1b2c066a4eb7  docker-1.9.1.tar.gz
 506e32a6157a7f92e67511111fba6fe8  openrc-fixes.patch"
 sha256sums="ff0ad9647b756381758a16440a48e6f3c8615bbc903e53680569aac0b0a85157  docker-1.9.1.tar.gz
 864d229e21dfa6c931b29b908093302a48837ddb1aa4205088f6f7fd4d7da4e3  openrc-fixes.patch"
 sha512sums="db9db1d5095b2afe2285265414c36026d2b42d5547301d7d462151b81553f33e242b403b566e7835727d51b77e3176c049f1e9f37f60b59b3c66b95403c97b9d  docker-1.9.1.tar.gz
 1162f62e8a7a5ded0c54cfe46014449efd67491bdb678fa22862117adb08206c909a3f98b0062125d25256dc1f48596b696bd4b19a8804d2862e758678a8bb62  openrc-fixes.patch"
--- a/alpine/packages/docker/Makefile
+++ b/alpine/packages/docker/Makefile
@ -0,0 +1,11 @@
 all: docker
 DOCKER_VERSION=1.9.1
 docker:
 	docker run docker:$(DOCKER_VERSION) cat /usr/local/bin/docker > docker
 	chmod +x docker
 clean:
 	rm -f docker
--- a/alpine/packages/docker/docker.pre-install
+++ b/alpine/packages/docker/docker.pre-install
@ -1,6 +0,0 @@
 #!/bin/sh
 if ! getent group docker >/dev/null; then
 	addgroup -S docker
 fi
 exit 0
--- a/alpine/packages/docker/openrc-fixes.patch
+++ b/alpine/packages/docker/openrc-fixes.patch
@ -1,34 +0,0 @@
 diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd
 index 26fa8ef..ea8a3b2 100644
 --- a/contrib/init/openrc/docker.initd
 +++ b/contrib/init/openrc/docker.initd
@@ -9,11 +9,18 @@ DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
 start_stop_daemon_args="--background \
 	--stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\""
 +grsecdir=/proc/sys/kernel/grsecurity
 +
 start_pre() {
 	checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
 +	for i in $disable_grsec; do
 +		if [ -e "$grsecdir/$i" ]; then
 +			einfo " Disabling $i"
 +			echo 0 > "$grsecdir/$i"
 +		fi
 +	done
 	ulimit -n 1048576
 -	ulimit -u 1048576
 	return 0
 }
 --- a/contrib/init/openrc/docker.confd	2015-02-10 17:14:37.000000000 -0100
 +++ b/contrib/init/openrc/docker.confd	2015-03-31 14:52:47.323685914 -0200
@@ -11,3 +11,6 @@
 # any other random options you want to pass to docker
 DOCKER_OPTS=""
 +
 +# disable grsecurity features
 +#disable_grsec="chroot_deny_chmod chroot_deny_mknod"
--- a/alpine/repositories
+++ b/alpine/repositories
@ -1,3 +1,2 @@
 http://dl-4.alpinelinux.org/alpine/edge/main
 http://dl-4.alpinelinux.org/alpine/edge/community
 http://dl-4.alpinelinux.org/alpine/edge/testing