mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-22 18:41:37 +00:00
Merge pull request #2834 from ijc/remove-projects/swarmd
Remove projects/swarmd
This commit is contained in:
commit
8b88cb95fb
@ -14,7 +14,6 @@ If you want to create a project, please submit a pull request to create a new di
|
||||
- [Mirage SDK](miragesdk/) privilege separation for userspace services
|
||||
- [OKernel](okernel/) intra-kernel protection using EPT (HPE)
|
||||
- [eBPF](ebpf/) iovisor eBPF tools
|
||||
- [Swarmd](swarmd) Standalone swarmkit based orchestrator
|
||||
- [Landlock LSM](landlock/) programmatic access control
|
||||
- [Clear Containers](clear-containers/) Clear Containers image
|
||||
- [Logging](logging/) Experimental logging tools
|
||||
|
@ -1,35 +0,0 @@
|
||||
### swarmd package
|
||||
|
||||
This adds a `swarmd` package for Moby which contains the standalone
|
||||
swarmkit orchestration daemon (`swarmd`) and CLI tool (`swarmctl`).
|
||||
|
||||
The package tracks [ijc's `container-wip` branch][containerd-wip].
|
||||
Compared with mainline swarmkit (which container a basic containerd
|
||||
executor merged in [PR1965]) this reworks the executor to use the
|
||||
container client library and adds support for CNI networking.
|
||||
|
||||
With a suitable LinuxKit image (such as `swarmd.yml` from this
|
||||
directory) something like this should work:
|
||||
|
||||
ctr exec -- swarmd swarmd swarmctl service create --image docker.io/library/nginx:alpine --name nginx
|
||||
ctr exec -- swarmd swarmd swarmctl service ls
|
||||
|
||||
Note that `swarmd` uses the "swarmd" containerd namespace, so to see
|
||||
swarmd managed containers you will need to use `-n swarmd` on all
|
||||
`ctr` commands e.g.:
|
||||
|
||||
ctr -n swarmd containers ls
|
||||
|
||||
Alternatively you may export `CONTAINERD_NAMESPACE=swarmd`.
|
||||
|
||||
### TODO
|
||||
|
||||
Bootstrapping a cluster needs more investigation. Tokens and join
|
||||
addresses can currently only be passed on the `swarmd` command line
|
||||
which is inconvenient for automated image deployment.
|
||||
|
||||
Swarmkit [PR 1965][PR1965] also contains a number of TODOs which are not
|
||||
separately listed here.
|
||||
|
||||
[PR1965]: https://github.com/docker/swarmkit/pull/1965
|
||||
[containerd-wip]: https://github.com/ijc/swarmkit/tree/containerd-wip
|
@ -1,77 +0,0 @@
|
||||
kernel:
|
||||
image: linuxkit/kernel:4.9.74
|
||||
cmdline: "console=ttyS0 page_poison=1"
|
||||
init:
|
||||
- linuxkit/init:5a577d070817b4f17821657823082651baafd4ed
|
||||
- linuxkit/runc:abc3f292653e64a2fd488e9675ace19a55ec7023
|
||||
- linuxkit/containerd:e58a382c33bb509ba3e0e8170dfaa5a100504c5b
|
||||
- linuxkit/ca-certificates:de21b84d9b055ad9dcecc57965b654a7a24ef8e0
|
||||
onboot:
|
||||
- name: sysctl
|
||||
image: linuxkit/sysctl:4c1ef93bb5eb1a877318db4b2daa6768ed002e21
|
||||
binds:
|
||||
- /etc/sysctl.d/01-swarmd.conf:/etc/sysctl.d/01-swarmd.conf
|
||||
- name: dhcpcd
|
||||
image: linuxkit/dhcpcd:0d59a6cc03412289ef4313f2491ec666c1715cc9
|
||||
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
|
||||
- name: format
|
||||
image: linuxkit/format:e945016ec780a788a71dcddc81497d54d3b14bc7
|
||||
- name: mount
|
||||
image: linuxkit/mount:b346ec277b7074e5c9986128a879c10a1d18742b
|
||||
command: ["/usr/bin/mountie", "/var/lib/swarmd"]
|
||||
- name: metadata
|
||||
image: linuxkit/metadata:2af15c9f4b0e73515c219b7cc14e6e65e1d4fd6d
|
||||
services:
|
||||
- name: getty
|
||||
image: linuxkit/getty:22e27189b6b354e1d5d38fc0536a5af3f2adb79f
|
||||
env:
|
||||
- INSECURE=true
|
||||
- name: qemu-ga
|
||||
image: linuxkit/qemu-ga:61f1964a9ee6dfe30fb4c09472370ed916e91923
|
||||
binds:
|
||||
- /dev/vport0p1:/dev/vport0p1
|
||||
- name: rngd
|
||||
image: linuxkit/rngd:94e01a4b16fadb053455cdc2269c4eb0b39199cd
|
||||
- name: ntpd
|
||||
image: linuxkit/openntpd:536e5947607c9e6a6771957c2ff817230cba0d3c
|
||||
- name: weave
|
||||
image: weaveworks/weave:2.0.1@sha256:2d70caac7db33365482cc923d40ff8d3ec1238ae7fe06a00b3dde310d09f226e # Must match swarmd/Dockerfile
|
||||
command: ["/bin/sh", "/home/weave/weaver-wrapper"]
|
||||
capabilities:
|
||||
- all
|
||||
pid: host
|
||||
binds:
|
||||
- /usr/local/bin/weaver-wrapper:/home/weave/weaver-wrapper
|
||||
- /var:/var
|
||||
- /var/lib/swarmd:/weavedb
|
||||
- name: swarmd
|
||||
image: linuxkitprojects/swarmd:8c034e2862d3a0fce1e445511a69c4330a1d4dd5
|
||||
command: ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
|
||||
capabilities:
|
||||
- all
|
||||
pid: host
|
||||
binds:
|
||||
- /tmp:/tmp
|
||||
- /run/containerd/containerd.sock:/run/containerd/containerd.sock
|
||||
- /var/lib/containerd:/var/lib/containerd
|
||||
- /var/lib/swarmd:/var/lib/swarmd
|
||||
- /etc/resolv.conf:/etc/resolv.conf
|
||||
files:
|
||||
- path: /etc/sysctl.d/01-swarmd.conf
|
||||
contents: 'net.ipv4.ip_forward = 1'
|
||||
- path: usr/local/bin/weaver-wrapper
|
||||
contents: |
|
||||
/home/weave/weaver \
|
||||
--weave-bridge=weave \
|
||||
--datapath=datapath \
|
||||
--docker-api="" \
|
||||
--ipalloc-range=192.168.106.0/24 \
|
||||
--http-addr=127.0.0.1:6784 \
|
||||
--status-addr=127.0.0.1:6782 &
|
||||
|
||||
while [ ! -e /sys/class/net/weave/ ] ; do
|
||||
sleep 1s
|
||||
done
|
||||
|
||||
/home/weave/weave --local expose net:default
|
||||
wait %1
|
3
projects/swarmd/swarmd/.gitignore
vendored
3
projects/swarmd/swarmd/.gitignore
vendored
@ -1,3 +0,0 @@
|
||||
hash
|
||||
swarmd.tag
|
||||
swarmd.tar
|
@ -1,86 +0,0 @@
|
||||
FROM weaveworks/weave:2.0.1@sha256:2d70caac7db33365482cc923d40ff8d3ec1238ae7fe06a00b3dde310d09f226e AS weave
|
||||
|
||||
# Nothing to do in here, just for COPY --from=weave below
|
||||
|
||||
FROM linuxkit/alpine:07f7d136e427dc68154cd5edbb2b9576f9ac5213 AS build
|
||||
|
||||
RUN \
|
||||
apk update && apk upgrade && \
|
||||
apk add --no-cache \
|
||||
bash \
|
||||
ca-certificates \
|
||||
gcc \
|
||||
git \
|
||||
go \
|
||||
libc-dev \
|
||||
linux-headers \
|
||||
make \
|
||||
&& true
|
||||
|
||||
ENV GOPATH=/root/go
|
||||
|
||||
#####################################################################
|
||||
# Output filesystem skeleton
|
||||
|
||||
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
|
||||
RUN apk add --no-cache --initdb -p /out \
|
||||
alpine-baselayout \
|
||||
busybox \
|
||||
ca-certificates \
|
||||
iptables \
|
||||
musl \
|
||||
util-linux
|
||||
|
||||
# Remove apk residuals. We have a read-only rootfs, so apk is of no use.
|
||||
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
|
||||
|
||||
RUN mkdir -p /out/usr/bin/ /out/etc /out/opt/cni/bin /out/etc/cni/net.d
|
||||
|
||||
#####################################################################
|
||||
# Swarmd
|
||||
|
||||
# https://github.com/ijc/swarmkit/tree/containerd-wip
|
||||
ENV SWARMKIT_REPO=https://github.com/ijc/swarmkit
|
||||
ENV SWARMKIT_BRANCH=containerd-wip
|
||||
ENV SWARMKIT_COMMIT=8a09c038f1ba8f227a28b7f48ccc92a04edb85f5
|
||||
|
||||
RUN mkdir -p $GOPATH/src/github.com/docker && \
|
||||
cd $GOPATH/src/github.com/docker && \
|
||||
git clone $SWARMKIT_REPO
|
||||
WORKDIR $GOPATH/src/github.com/docker/swarmkit
|
||||
RUN [ -z "$SWARMKIT_BRANCH" ] || git fetch origin $SWARMKIT_BRANCH
|
||||
RUN git checkout $SWARMKIT_COMMIT
|
||||
|
||||
RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
|
||||
|
||||
RUN cp bin/swarmd bin/swarmctl /out/usr/bin/
|
||||
RUN strip /out/usr/bin/swarmd /out/usr/bin/swarmctl
|
||||
|
||||
#####################################################################
|
||||
# CNI
|
||||
|
||||
ENV CNI_REPO=https://github.com/containernetworking/cni
|
||||
ENV CNI_COMMIT=v0.5.2
|
||||
|
||||
RUN mkdir -p $GOPATH/src/github.com/containernetworking && \
|
||||
cd $GOPATH/src/github.com/containernetworking && \
|
||||
git clone $CNI_REPO
|
||||
WORKDIR $GOPATH/src/github.com/containernetworking/cni
|
||||
RUN [ -z "$CNI_BRANCH" ] || git fetch origin $CNI_BRANCH
|
||||
RUN git checkout $CNI_COMMIT
|
||||
|
||||
RUN ./build.sh -buildmode pie --ldflags '-extldflags "-fno-PIC -static"'
|
||||
|
||||
RUN cp bin/bridge bin/host-local bin/dhcp /out/opt/cni/bin/
|
||||
|
||||
#####################################################################
|
||||
# Weave
|
||||
|
||||
COPY --from=weave /usr/bin/weaveutil /out/opt/cni/bin/weave-net
|
||||
RUN ln -s weave-net /out/opt/cni/bin/weave-ipam
|
||||
|
||||
FROM scratch
|
||||
WORKDIR /
|
||||
ENTRYPOINT []
|
||||
COPY --from=build /out /
|
||||
CMD ["/usr/bin/swarmd", "--containerd-addr=/run/containerd/containerd.sock", "--log-level=debug", "--state-dir=/var/lib/swarmd"]
|
@ -1,4 +0,0 @@
|
||||
org: linuxkitprojects
|
||||
image: swarmd
|
||||
network: true
|
||||
disable-content-trust: true
|
Loading…
Reference in New Issue
Block a user