mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-22 10:31:35 +00:00
Shift to development track containerd
Move to the development track of `containerd` not the legacy 0.2 branch. The commands have changed a bit. This does increase the image size as we are bundling the Docker copy and our copy, and the new one is larger as it is growing features. Hopefully Docker will shrink eventually. Also we may replace `ctr` with a library. Fix #1029 Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
parent
d4416e1b93
commit
89e98eefa0
@ -11,11 +11,6 @@ RUN \
|
||||
|
||||
COPY . .
|
||||
RUN rm Dockerfile
|
||||
RUN cd /usr/bin && \
|
||||
ln -s docker-runc runc && \
|
||||
ln -s docker-containerd-shim containerd-shim && \
|
||||
ln -s docker-containerd-ctr containerd-ctr && \
|
||||
ln -s docker-containerd containerd
|
||||
|
||||
RUN \
|
||||
rc-update add sysctl boot && \
|
||||
|
@ -21,7 +21,7 @@ RUN cp /usr/lib/gummiboot/linuxx64.efi.stub . && \
|
||||
|
||||
# create a ISO with a EFI boot partition
|
||||
RUN mkdir -p iso && \
|
||||
dd if=/dev/zero of=iso/efi.raw bs=1024 count=70000 && \
|
||||
dd if=/dev/zero of=iso/efi.raw bs=1024 count=78000 && \
|
||||
mkfs.vfat iso/efi.raw
|
||||
|
||||
RUN echo "mtools_skip_check=1" >> /etc/mtools.conf && \
|
||||
|
@ -51,7 +51,7 @@ moby.img: Dockerfile mkinitrd.sh init $(ETCFILES)
|
||||
-C packages/9pmount-vsock sbin -C ../.. \
|
||||
-C packages/test etc -C ../.. \
|
||||
-C packages/iptables usr -C ../.. \
|
||||
-C packages/containerd etc -C ../.. \
|
||||
-C packages/containerd etc usr -C ../.. \
|
||||
-C packages/aws etc -C ../.. \
|
||||
-C packages/azure etc -C ../.. \
|
||||
-C packages/gcp etc -C ../.. \
|
||||
|
19
alpine/base/containerd/Dockerfile
Normal file
19
alpine/base/containerd/Dockerfile
Normal file
@ -0,0 +1,19 @@
|
||||
FROM golang:1.7-alpine3.5
|
||||
RUN \
|
||||
apk update && apk upgrade -a && \
|
||||
apk add --no-cache \
|
||||
gcc \
|
||||
git \
|
||||
libc-dev \
|
||||
make \
|
||||
&& true
|
||||
ENV CONTAINERD_COMMIT=3b79682548339895fcf9976f60ddea8abc5fc97e
|
||||
RUN mkdir -p $GOPATH/src/github.com/docker && \
|
||||
cd $GOPATH/src/github.com/docker && \
|
||||
git clone https://github.com/docker/containerd.git
|
||||
WORKDIR $GOPATH/src/github.com/docker/containerd
|
||||
RUN git checkout $CONTAINERD_COMMIT
|
||||
RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
|
||||
RUN cp bin/containerd bin/ctr bin/containerd-shim /usr/bin/
|
||||
WORKDIR /
|
||||
COPY . .
|
29
alpine/base/containerd/Makefile
Normal file
29
alpine/base/containerd/Makefile
Normal file
@ -0,0 +1,29 @@
|
||||
.PHONY: tag push
|
||||
|
||||
BASE=golang:1.7-alpine3.5
|
||||
IMAGE=containerd
|
||||
|
||||
default: push
|
||||
|
||||
hash: Dockerfile
|
||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
||||
docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
|
||||
|
||||
push: hash
|
||||
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
||||
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
|
||||
docker push mobylinux/$(IMAGE):$(shell cat hash))
|
||||
docker rmi $(IMAGE):build
|
||||
rm -f hash
|
||||
|
||||
tag: hash
|
||||
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
||||
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
|
||||
docker rmi $(IMAGE):build
|
||||
rm -f hash
|
||||
|
||||
clean:
|
||||
rm -f hash
|
||||
|
||||
.DELETE_ON_ERROR:
|
23
alpine/base/runc/Dockerfile
Normal file
23
alpine/base/runc/Dockerfile
Normal file
@ -0,0 +1,23 @@
|
||||
FROM golang:1.7-alpine3.5
|
||||
RUN \
|
||||
apk update && apk upgrade -a && \
|
||||
apk add --no-cache \
|
||||
bash \
|
||||
gcc \
|
||||
git \
|
||||
libc-dev \
|
||||
libseccomp-dev \
|
||||
linux-headers \
|
||||
make \
|
||||
&& true
|
||||
ENV RUNC_COMMIT=51371867a01c467f08af739783b8beafc154c4d7
|
||||
RUN mkdir -p $GOPATH/src/github.com/opencontainers && \
|
||||
cd $GOPATH/src/github.com/opencontainers && \
|
||||
git clone https://github.com/opencontainers/runc.git
|
||||
WORKDIR $GOPATH/src/github.com/opencontainers/runc
|
||||
RUN git checkout $RUNC_COMMIT
|
||||
# TODO static pie, currently no easy way to change build options
|
||||
RUN make static BUILDTAGS="seccomp"
|
||||
RUN cp runc /usr/bin/
|
||||
WORKDIR /
|
||||
COPY . .
|
29
alpine/base/runc/Makefile
Normal file
29
alpine/base/runc/Makefile
Normal file
@ -0,0 +1,29 @@
|
||||
.PHONY: tag push
|
||||
|
||||
BASE=golang:1.7-alpine3.5
|
||||
IMAGE=runc
|
||||
|
||||
default: push
|
||||
|
||||
hash: Dockerfile
|
||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
||||
docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
|
||||
|
||||
push: hash
|
||||
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
||||
(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
|
||||
docker push mobylinux/$(IMAGE):$(shell cat hash))
|
||||
docker rmi $(IMAGE):build
|
||||
rm -f hash
|
||||
|
||||
tag: hash
|
||||
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
|
||||
docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
|
||||
docker rmi $(IMAGE):build
|
||||
rm -f hash
|
||||
|
||||
clean:
|
||||
rm -f hash
|
||||
|
||||
.DELETE_ON_ERROR:
|
@ -1,4 +1,4 @@
|
||||
DEPS=proxy diagnostics transfused tap-vsockd docker nc-vsock vsudd 9pmount-vsock iptables
|
||||
DEPS=proxy diagnostics transfused tap-vsockd docker nc-vsock vsudd 9pmount-vsock iptables containerd
|
||||
.PHONY: clean $(DEPS)
|
||||
|
||||
default: $(DEPS)
|
||||
|
1
alpine/packages/containerd/.gitignore
vendored
Normal file
1
alpine/packages/containerd/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
usr
|
22
alpine/packages/containerd/Makefile
Normal file
22
alpine/packages/containerd/Makefile
Normal file
@ -0,0 +1,22 @@
|
||||
# Tag: cd9f1788bb2e8e7a342f32dd8ba70f450ff7ae2c
|
||||
CONTAINERD_IMAGE=mobylinux/containerd@sha256:96a96f60751a1bb762e285f36e0cf9c5b4126933bb91475b7369efc990539165
|
||||
CONTAINERD_BINARIES=usr/bin/containerd usr/bin/containerd-shim usr/bin/ctr
|
||||
|
||||
# Tag: 1a72d872ae97b90ae52482e4cb33a2778e168358
|
||||
RUNC_IMAGE=mobylinux/runc@sha256:2ea83d68baa57d547ec6d407d09cd495e4ef9cd6b0207ec3525fb2752b4a197e
|
||||
RUNC_BINARY=usr/bin/runc
|
||||
|
||||
default: $(RUNC_BINARY) $(CONTAINERD_BINARIES)
|
||||
|
||||
$(RUNC_BINARY):
|
||||
mkdir -p $(dir $@)
|
||||
docker run --rm --net=none $(RUNC_IMAGE) tar cf - $@ | tar xf -
|
||||
|
||||
$(CONTAINERD_BINARIES):
|
||||
mkdir -p $(dir $@)
|
||||
docker run --rm --net=none $(CONTAINERD_IMAGE) tar cf - $@ | tar xf -
|
||||
|
||||
clean:
|
||||
rm -rf usr
|
||||
|
||||
.DELETE_ON_ERROR:
|
@ -26,7 +26,7 @@ start()
|
||||
|
||||
for f in /containers/*
|
||||
do
|
||||
containerd-ctr containers start --no-pivot --attach "$(basename $f)" "$f" 2>$LOG >$LOG &
|
||||
ctr run --bundle "$f" "$(basename $f)" 2>$LOG >$LOG &
|
||||
printf " $(basename $f)"
|
||||
done
|
||||
|
||||
|
@ -41,7 +41,7 @@ DIAGNOSTICS=$(ps -eo args | grep '^/usr/bin/diagnostics-server')
|
||||
[ $? -eq 0 ] && ok "Diagnostics server running: $DIAGNOSTICS\n" || fail "No diagnostics server\n"
|
||||
CONTAINERD=$(ps -eo args | grep '^/usr/bin/containerd')
|
||||
[ $? -eq 0 ] && ok "System containerd server running: $CONTAINERD\n" || fail "No containerd server\n"
|
||||
CONTAINERPS=$(containerd-ctr containers 2>&1)
|
||||
CONTAINERPS=$(ctr list 2>&1)
|
||||
[ $? -eq 0 ] && ok "System containerd working\n" || fail "containerd failed: $CONTAINERPS\n"
|
||||
|
||||
exit $EXIT_STATUS
|
||||
|
@ -11,7 +11,7 @@ start()
|
||||
|
||||
ebegin "Running tests"
|
||||
|
||||
if containerd-ctr containers start --no-pivot --attach test /test
|
||||
if ctr run --bundle /test test
|
||||
then
|
||||
printf "Moby test suite PASSED\n"
|
||||
else
|
||||
|
@ -19,12 +19,9 @@ docker rm ${CONTAINER}
|
||||
|
||||
mkdir -p /var/log/nginx /var/cache/nginx
|
||||
|
||||
containerd-ctr containers start ${NAME} .
|
||||
containerd-ctr containers
|
||||
ctr run --bundle . ${NAME}
|
||||
ctr list
|
||||
```
|
||||
|
||||
For debugging it helps to run `containerd-ctr containers start --attach ${NAME} .` It may
|
||||
well turn out that you need to create directories that are empty volumes in docker.
|
||||
|
||||
For production, you will want to create the `config.json` offline and bundle it in with your
|
||||
intii script, but you can create the rootfs online.
|
||||
init script, but you can create the rootfs online.
|
||||
|
Loading…
Reference in New Issue
Block a user