diff --git a/contrib/docker-for-mac/README.md b/contrib/docker-for-mac/README.md deleted file mode 100644 index 3615284d3..000000000 --- a/contrib/docker-for-mac/README.md +++ /dev/null @@ -1,49 +0,0 @@ -# Blueprints - -This directory will contain the blueprints for base systems on the platforms that we support with LinuxKit. - -These will be used for running tests, and for the low level parts of blueprints for higher level systems. - -These include all the platforms that Docker has editions on, and all platforms that our community supports. -The detailed blueprints will be addded soon for at least the following platforms. There are WIP versions in -the [examples/](../examples/) directory. - -- MacOS -- Windows Hyper-V -- VMWare -- KVM -- AWS -- Azure -- GCP -- BlueMix -- Packet.net -- ... - - -### Docker for Mac - -An initial blueprint for the open source components of Docker for Mac is available in [docker-for-mac](docker-for-mac). The blueprint has support for controlling `dockerd` from the host via `vsudd` and port forwarding with VPNKit. It requires HyperKit, VPNKit and a Docker client on the host to run. The easiest way to install these at the moment is to install a recent version of Docker for Mac. - -To build it with the latest Docker CE: - -``` -$ linuxkit build -name docker-for-mac base.yml docker-ce.yml -``` - -To run the VM with a 4G disk: - -``` -linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=4096M -data-file ./metadata.json docker-for-mac -``` - -In another terminal you should now be able to access docker via the socket `guest.00000947` in the state directory (`docker-for-mac-state/` by default): - -``` -$ docker -H unix://docker-for-mac-state/guest.00000948 ps -CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES -``` - -### Linux Containers On Windows (LCOW) - -The LCOW blueprint has moved to [its own -repository](https://github.com/linuxkit/lcow). diff --git a/contrib/docker-for-mac/docker-ce.yml b/contrib/docker-for-mac/docker-ce.yml deleted file mode 100644 index 0d7da4cdf..000000000 --- a/contrib/docker-for-mac/docker-ce.yml +++ /dev/null @@ -1,31 +0,0 @@ -services: - # Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container. - # Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit - # for vpnkit coordination and /run/config/docker for the configuration file. - - name: docker-dfm - image: docker:17.07.0-ce-dind - capabilities: - - all - net: host - mounts: - - type: cgroup - options: ["rw","nosuid","noexec","nodev","relatime"] - binds: - - /etc/resolv.conf:/etc/resolv.conf - - /var/lib/docker:/var/lib/docker - - /lib/modules:/lib/modules - - /var/vpnkit:/port # vpnkit control 9p mount - - /var/run:/var/run - - /run/config/docker:/var/config/docker - - /usr/bin/vpnkit-expose-port:/usr/bin/vpnkit-expose-port # userland proxy - - /usr/bin/vpnkit-iptables-wrapper:/usr/bin/iptables # iptables wrapper - command: [ "/usr/local/bin/docker-init", "/usr/local/bin/dockerd", "--", - "--config-file", "/var/config/docker/daemon.json", - "--swarm-default-advertise-addr=eth0", - "--userland-proxy-path", "/usr/bin/vpnkit-expose-port", - "--storage-driver", "overlay2" ] - runtime: - mkdir: ["/var/lib/docker"] -trust: - org: - - library diff --git a/contrib/docker-for-mac/metadata.json b/contrib/docker-for-mac/metadata.json deleted file mode 100644 index c82963ee3..000000000 --- a/contrib/docker-for-mac/metadata.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "docker": { - "entries": { - "daemon.json": { - "perm": "0644", - "content": "{ \"debug\": true }" - } - } - } -} \ No newline at end of file diff --git a/docs/platform-hyperkit.md b/docs/platform-hyperkit.md index 81b169805..b24ae617a 100644 --- a/docs/platform-hyperkit.md +++ b/docs/platform-hyperkit.md @@ -35,7 +35,7 @@ supported and the disks are in raw format. HyperKit sends an ACPI power event when it receives SIGTERM to allow the VM to shut down properly. The VM has to be able to receive ACPI events to initiate the shutdown. This is provided by the [`acpid` package](../pkg/acpid). An example -is available in the [Docker for Mac blueprint](../blueprints/docker-for-mac/base.yml). +is available in the [Docker for Mac example](../examples/docker-for-mac.yml). ## Networking diff --git a/examples/docker-for-mac.md b/examples/docker-for-mac.md new file mode 100644 index 000000000..a625e69ee --- /dev/null +++ b/examples/docker-for-mac.md @@ -0,0 +1,29 @@ +# Docker for Mac + +[`docker-for-mac.yml`](./docker-for-mac.yml) contains an example use +of the open source components of Docker for Mac. The example has +support for controlling `dockerd` from the host via `vsudd` and port +forwarding with VPNKit. It requires HyperKit, VPNKit and a Docker +client on the host to run. The easiest way to install these at the +moment is to install a recent version of Docker for Mac. + +To build it with the latest Docker CE: + +``` +$ linuxkit build docker-for-mac.yml +``` + +To run the VM with a 4G disk: + +``` +linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=4096M -data-file ./metadata.json docker-for-mac +``` + +In another terminal you should now be able to access docker via the +socket `guest.00000947` in the state directory +(`docker-for-mac-state/` by default): + +``` +$ docker -H unix://docker-for-mac-state/guest.00000948 ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +``` diff --git a/contrib/docker-for-mac/base.yml b/examples/docker-for-mac.yml similarity index 74% rename from contrib/docker-for-mac/base.yml rename to examples/docker-for-mac.yml index 1ea617680..89c9a3669 100644 --- a/contrib/docker-for-mac/base.yml +++ b/examples/docker-for-mac.yml @@ -1,4 +1,4 @@ -# This is a blueprint for building the open source components of Docker for Mac +# This is an example for building the open source components of Docker for Mac kernel: image: linuxkit/kernel:4.9.77 cmdline: "console=ttyS0 page_poison=1" @@ -79,7 +79,35 @@ services: # When the host resumes from sleep, force a clock resync - name: host-timesync-daemon image: linuxkit/host-timesync-daemon:085e1910de6f311f96a823eaa10ffd6d92ec9679 + # Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container. + # Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit + # for vpnkit coordination and /run/config/docker for the configuration file. + - name: docker-dfm + image: docker:17.07.0-ce-dind + capabilities: + - all + net: host + mounts: + - type: cgroup + options: ["rw","nosuid","noexec","nodev","relatime"] + binds: + - /etc/resolv.conf:/etc/resolv.conf + - /var/lib/docker:/var/lib/docker + - /lib/modules:/lib/modules + - /var/vpnkit:/port # vpnkit control 9p mount + - /var/run:/var/run + - /run/config/docker:/var/config/docker + - /usr/bin/vpnkit-expose-port:/usr/bin/vpnkit-expose-port # userland proxy + - /usr/bin/vpnkit-iptables-wrapper:/usr/bin/iptables # iptables wrapper + command: [ "/usr/local/bin/docker-init", "/usr/local/bin/dockerd", "--", + "--config-file", "/var/config/docker/daemon.json", + "--swarm-default-advertise-addr=eth0", + "--userland-proxy-path", "/usr/bin/vpnkit-expose-port", + "--storage-driver", "overlay2" ] + runtime: + mkdir: ["/var/lib/docker"] trust: org: - linuxkit + - library