From 25a05142a359f052260b9f1064be5519c6e4f00c Mon Sep 17 00:00:00 2001 From: David Scott Date: Tue, 22 Aug 2017 11:23:44 +0100 Subject: [PATCH 1/4] docker-for-mac: supply the daemon.json via metadata Previously the docker-for-mac example had a `files` declaration which wrote `/var/config/docker/daemon.json`. This was probably an error because the `/var/config` directory is owned by the `metadata` package. It used to work -- probably by accident -- but doesn't any more. This patch switches to using the metadata package to populate the `daemon.json`. Signed-off-by: David Scott --- blueprints/README.md | 2 +- blueprints/docker-for-mac/docker-ce.yml | 5 ----- blueprints/docker-for-mac/metadata.json | 8 ++++++++ 3 files changed, 9 insertions(+), 6 deletions(-) create mode 100644 blueprints/docker-for-mac/metadata.json diff --git a/blueprints/README.md b/blueprints/README.md index b3f667d83..3847d5edf 100644 --- a/blueprints/README.md +++ b/blueprints/README.md @@ -33,7 +33,7 @@ $ moby build -name docker-for-mac base.yml docker-ce.yml To run the VM with a 500M disk: ``` -linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=500M docker-for-mac +linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=500M -data ./metadata.json docker-for-mac ``` In another terminal you should now be able to access docker via the socket `guest.00000947` in the state directory (`docker-for-mac-state/` by default): diff --git a/blueprints/docker-for-mac/docker-ce.yml b/blueprints/docker-for-mac/docker-ce.yml index 345b74353..2feb5522b 100644 --- a/blueprints/docker-for-mac/docker-ce.yml +++ b/blueprints/docker-for-mac/docker-ce.yml @@ -23,11 +23,6 @@ services: "--swarm-default-advertise-addr=eth0", "--userland-proxy-path", "/usr/bin/vpnkit-expose-port", "--storage-driver", "overlay2" ] - -files: - - path: /var/config/docker/daemon.json - contents: '{ "debug": true }' - trust: org: - library diff --git a/blueprints/docker-for-mac/metadata.json b/blueprints/docker-for-mac/metadata.json new file mode 100644 index 000000000..c7d11d2bb --- /dev/null +++ b/blueprints/docker-for-mac/metadata.json @@ -0,0 +1,8 @@ +{ + "docker": { + "daemon.json": { + "perm": "0644", + "content": "{ \"debug\": true }" + } + } +} From c29b43378072880cebb41f3e66ceaeb1fd1e4886 Mon Sep 17 00:00:00 2001 From: David Scott Date: Tue, 22 Aug 2017 11:42:25 +0100 Subject: [PATCH 2/4] docker-for-mac: add certificates This fixes the error starting the `metadata` package, as described in Signed-off-by: David Scott --- blueprints/docker-for-mac/base.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/blueprints/docker-for-mac/base.yml b/blueprints/docker-for-mac/base.yml index 144da3ed3..ba144b394 100644 --- a/blueprints/docker-for-mac/base.yml +++ b/blueprints/docker-for-mac/base.yml @@ -7,6 +7,7 @@ init: - linuxkit/init:6d11a1f9d299d3425e78cce80dfba8b236d20412 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a - linuxkit/containerd:7d97282aebe36040fcdd3378a95562d440d34a9d + - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 onboot: # support metadata for optional config in /var/config - name: metadata From af5761d6b51bacdde69e45faf9bc23445f7509a4 Mon Sep 17 00:00:00 2001 From: David Scott Date: Tue, 29 Aug 2017 13:25:39 +0100 Subject: [PATCH 3/4] docker-for-mac: use `runtime: mkdir` This replaces an alpine container which existed only to run the `mkdir`. Signed-off-by: David Scott --- blueprints/docker-for-mac/base.yml | 6 ------ blueprints/docker-for-mac/docker-ce.yml | 2 ++ 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/blueprints/docker-for-mac/base.yml b/blueprints/docker-for-mac/base.yml index ba144b394..cffaf5fd8 100644 --- a/blueprints/docker-for-mac/base.yml +++ b/blueprints/docker-for-mac/base.yml @@ -24,12 +24,6 @@ onboot: - name: mount image: linuxkit/mount:4fe245efb01384e42622c36302e13e386bbaeb08 command: ["/usr/bin/mountie", "/var/lib"] - # create docker dir on mounted drive if it doesn't exist - - name: mkdir-docker - image: alpine:3.6 - binds: - - /var/lib:/host_var_lib - command: ["sh", "-c", "mkdir -p /host_var_lib/docker"] # mount-vpnkit mounts the 9p share used by vpnkit to coordinate port forwarding - name: mount-vpnkit image: alpine:3.6 diff --git a/blueprints/docker-for-mac/docker-ce.yml b/blueprints/docker-for-mac/docker-ce.yml index 2feb5522b..bc117db01 100644 --- a/blueprints/docker-for-mac/docker-ce.yml +++ b/blueprints/docker-for-mac/docker-ce.yml @@ -23,6 +23,8 @@ services: "--swarm-default-advertise-addr=eth0", "--userland-proxy-path", "/usr/bin/vpnkit-expose-port", "--storage-driver", "overlay2" ] + runtime: + mkdir: ["/var/lib/docker"] trust: org: - library From b60ad02add17e26ea7768df98a8881508fe8a979 Mon Sep 17 00:00:00 2001 From: David Scott Date: Tue, 29 Aug 2017 13:26:34 +0100 Subject: [PATCH 4/4] docker-for-mac: AF_VSOCK port in README should be 948 (was 947) Before: docker-for-mac djs$ docker -H unix://docker-for-mac-state/guest.00000947 ps Cannot connect to the Docker daemon at unix://docker-for-mac-state/guest.00000947. Is the docker daemon running? After: docker-for-mac djs$ docker -H unix://docker-for-mac-state/guest.00000948 ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES Signed-off-by: David Scott --- blueprints/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blueprints/README.md b/blueprints/README.md index 3847d5edf..87a6d642d 100644 --- a/blueprints/README.md +++ b/blueprints/README.md @@ -39,7 +39,7 @@ linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=500M -data In another terminal you should now be able to access docker via the socket `guest.00000947` in the state directory (`docker-for-mac-state/` by default): ``` -$ docker -H unix://docker-for-mac-state/guest.00000947 ps +$ docker -H unix://docker-for-mac-state/guest.00000948 ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ```