github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-26 12:07:41 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2413 from justincormack/runtime-config

Browse Source 
Add a runtime config
This commit is contained in:
Justin Cormack 2017-08-18 17:45:10 +01:00 committed by GitHub
commit 9506d45d49
474 changed files with 14544 additions and 706 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -21,7 +21,7 @@ endif
PREFIX?=/usr/local/ PREFIX?=/usr/local/
MOBY_REPO=https://github.com/moby/tool.git MOBY_REPO=https://github.com/moby/tool.git
MOBY_COMMIT=d9546ee1ce9c5af213c2f96fc23ce0266c4c3133 MOBY_COMMIT=0d58d332be0afc27be4402301f7c7950bd3ae189
MOBY_VERSION=0.0 MOBY_VERSION=0.0
bin/moby: tmp_moby_bin.tar | bin bin/moby: tmp_moby_bin.tar | bin
tar xf $< tar xf $<

6
blueprints/docker-for-mac/base.yml
View File

@ -4,9 +4,9 @@ kernel:
cmdline: "console=ttyS0 page_poison=1" cmdline: "console=ttyS0 page_poison=1"
init: init:
- linuxkit/vpnkit-expose-port:fa4ab4ac78b83fe392e39b861b4114c3bb02d170 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host - linuxkit/vpnkit-expose-port:fa4ab4ac78b83fe392e39b861b4114c3bb02d170 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
onboot: onboot:
# support metadata for optional config in /var/config # support metadata for optional config in /var/config
- name: metadata - name: metadata

2
blueprints/lcow.yml
View File

@ -4,7 +4,7 @@ kernel:
tar: none tar: none
init: init:
- linuxkit/init-lcow:227221c5f344b59c841fd57d0a9decbc50f1bb5e - linuxkit/init-lcow:227221c5f344b59c841fd57d0a9decbc50f1bb5e
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
trust: trust:
org: org:
- linuxkit - linuxkit

6
examples/aws.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/azure.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/docker.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/gcp.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/getty.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/minimal.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7 image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7

6
examples/node_exporter.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0" cmdline: "console=tty0 console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
services: services:
- name: getty - name: getty
image: linuxkit/getty:797cb79e0a229fcd16ebf44a0da74bcec03968ec image: linuxkit/getty:797cb79e0a229fcd16ebf44a0da74bcec03968ec

6
examples/packet.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS1" cmdline: "console=ttyS1"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/redis-os.yml
View File

@ -4,9 +4,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7 image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7

6
examples/sshd.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/swap.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

4
examples/tpm.yml
View File

@ -3,8 +3,8 @@ kernel:
cmdline: "console=tty0 console=ttyS0" cmdline: "console=tty0 console=ttyS0"
init: init:
- linuxkit/init:d049e7b2074da5cd699a27defb47eb101142455d - linuxkit/init:d049e7b2074da5cd699a27defb47eb101142455d
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/vmware.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0" cmdline: "console=tty0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

6
examples/vpnkit-forwarder.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7 image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7

6
examples/vsudd.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7 image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7

6
examples/vultr.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=ttyS0" cmdline: "console=ttyS0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

57
examples/wireguard.yml Normal file
View File

@ -0,0 +1,57 @@
kernel:
image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot:
- name: sysctl
image: linuxkit/sysctl:154913b72c6f1f33eb408609fca9963628e8c051
- name: dhcpcd
image: linuxkit/dhcpcd:f3f5413abb78fae9020e35bd4788fa93df4530b7
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: wg
image: linuxkit/ip:4ce3b47fef3a9d5c78ae45e2946c9fdf95af2fa5
net: new
binds:
- /etc/wireguard:/etc/wireguard
command: ["sh", "-c", "ip link set dev wg0 up; ip address add dev wg0 192.168.2.1 peer 192.168.2.2; wg setconf wg0 /etc/wireguard/wg0.conf; wg show wg0"]
runtime:
interfaces:
- name: wg0
add: wireguard
createInRoot: true
bindNS:
net: /run/netns/wg
services:
- name: getty
image: linuxkit/getty:797cb79e0a229fcd16ebf44a0da74bcec03968ec
env:
- INSECURE=true
net: /run/netns/wg
- name: rngd
image: linuxkit/rngd:558e86a36242bb74353bc9287b715ddb8567357e
- name: nginx
image: nginx:alpine
net: /run/netns/wg
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
files:
- path: etc/wireguard/wg0.conf
contents: |
[Interface]
PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
ListenPort = 51820
[Peer]
PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
AllowedIPs = 0.0.0.0/0
trust:
org:
- linuxkit
- library

6
linuxkit.yml
View File

@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:4.9.43 image: linuxkit/kernel:4.9.43
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0" cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init: init:
- linuxkit/init:c7d651da1a5e308c757bc61ce6a41804ea843426 - linuxkit/init:09d549199c7615fee56567c70d8263585dfa02f7
- linuxkit/runc:838259153885c0c40460379d6cdb7baebaf3fa36 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a
- linuxkit/containerd:09a21d6606a4011efebacff62a88b956ecac01be - linuxkit/containerd:fc35653f832f053bfb1ce1ed84d2bb7a277e9c18
- linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10 - linuxkit/ca-certificates:e44b0a66df5a102c0e220f0066b0d904710dcb10
onboot: onboot:
- name: sysctl - name: sysctl

5
pkg/containerd/Dockerfile
View File

@ -20,9 +20,6 @@ RUN git checkout $CONTAINERD_COMMIT
RUN make binaries EXTRA_FLAGS="-buildmode pie" EXTRA_LDFLAGS="-extldflags \\\"-fno-PIC -static\\\"" RUN make binaries EXTRA_FLAGS="-buildmode pie" EXTRA_LDFLAGS="-extldflags \\\"-fno-PIC -static\\\""
RUN cp bin/containerd bin/ctr bin/containerd-shim /usr/bin/ RUN cp bin/containerd bin/ctr bin/containerd-shim /usr/bin/
ADD cmd /go/src/cmd
RUN cd /go/src/cmd/service && ./skanky-vendor.sh $GOPATH/src/github.com/containerd/containerd
RUN go-compile.sh /go/src/cmd/service
RUN mkdir -p /etc/init.d && ln -s /usr/bin/service /etc/init.d/020-containerd RUN mkdir -p /etc/init.d && ln -s /usr/bin/service /etc/init.d/020-containerd
WORKDIR / WORKDIR /
@ -31,7 +28,7 @@ COPY . .
FROM scratch FROM scratch
ENTRYPOINT [] ENTRYPOINT []
WORKDIR / WORKDIR /
COPY --from=alpine /usr/bin/containerd /usr/bin/ctr /usr/bin/containerd-shim /go/bin/service /usr/bin/ COPY --from=alpine /usr/bin/containerd /usr/bin/ctr /usr/bin/containerd-shim /usr/bin/
COPY --from=alpine /etc/containerd/config.toml /etc/containerd/ COPY --from=alpine /etc/containerd/config.toml /etc/containerd/
COPY --from=alpine /usr/share/zoneinfo/UTC /etc/localtime COPY --from=alpine /usr/share/zoneinfo/UTC /etc/localtime
COPY --from=alpine /etc/init.d/ /etc/init.d/ COPY --from=alpine /etc/init.d/ /etc/init.d/

87
pkg/containerd/cmd/service/prepare.go
View File

@ -1,87 +0,0 @@
package main
// Please note this file is shared between pkg/runc and pkg/containerd
// Update it in both places if you make changes
import (
"fmt"
"os"
"path/filepath"
"syscall"
)
func prepare(path string) error {
// see if we are dealing with a read only or read write container
if _, err := os.Stat(filepath.Join(path, "lower")); err != nil {
if os.IsNotExist(err) {
return prepareRO(path)
}
return err
}
return prepareRW(path)
}
func prepareRO(path string) error {
// make rootfs a mount point, as runc doesn't like it much otherwise
rootfs := filepath.Join(path, "rootfs")
if err := syscall.Mount(rootfs, rootfs, "", syscall.MS_BIND, ""); err != nil {
return err
}
return nil
}
func prepareRW(path string) error {
// mount a tmpfs on tmp for upper and workdirs
// make it private as nothing else should be using this
tmp := filepath.Join(path, "tmp")
if err := syscall.Mount("tmpfs", tmp, "tmpfs", 0, "size=10%"); err != nil {
return err
}
// make it private as nothing else should be using this
if err := syscall.Mount("", tmp, "", syscall.MS_REMOUNT|syscall.MS_PRIVATE, ""); err != nil {
return err
}
upper := filepath.Join(tmp, "upper")
// make the mount points
if err := os.Mkdir(upper, 0755); err != nil {
return err
}
work := filepath.Join(tmp, "work")
if err := os.Mkdir(work, 0755); err != nil {
return err
}
lower := filepath.Join(path, "lower")
rootfs := filepath.Join(path, "rootfs")
opt := fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lower, upper, work)
if err := syscall.Mount("overlay", rootfs, "overlay", 0, opt); err != nil {
return err
}
return nil
}
// cleanup functions are best efforts only, mainly for rw onboot containers
func cleanup(path string) {
// see if we are dealing with a read only or read write container
if _, err := os.Stat(filepath.Join(path, "lower")); err != nil {
cleanupRO(path)
} else {
cleanupRW(path)
}
}
func cleanupRO(path string) {
// remove the bind mount
rootfs := filepath.Join(path, "rootfs")
_ = syscall.Unmount(rootfs, 0)
}
func cleanupRW(path string) {
// remove the overlay mount
rootfs := filepath.Join(path, "rootfs")
_ = os.RemoveAll(rootfs)
_ = syscall.Unmount(rootfs, 0)
// remove the tmpfs
tmp := filepath.Join(path, "tmp")
_ = os.RemoveAll(tmp)
_ = syscall.Unmount(tmp, 0)
}

28
pkg/init/Dockerfile
View File

@ -1,17 +1,28 @@
FROM linuxkit/alpine:87a0cd10449d72f374f950004467737dbf440630 AS build FROM linuxkit/alpine:0fd732eb9e99c4db0953ae8de23d95de340ab847 AS build
RUN apk add --no-cache --initdb alpine-baselayout make gcc musl-dev RUN apk add --no-cache --initdb alpine-baselayout make gcc musl-dev git linux-headers
ADD usermode-helper.c . ADD usermode-helper.c ./
RUN make usermode-helper RUN LDFLAGS=-static CFLAGS=-Werror make usermode-helper
RUN apk add --no-cache go musl-dev RUN apk add --no-cache go musl-dev
ENV GOPATH=/go PATH=$PATH:/go/bin ENV GOPATH=/go PATH=$PATH:/go/bin
COPY init.go /go/src/init/ COPY cmd /go/src/cmd
COPY vendor /go/src/init/vendor/ RUN go-compile.sh /go/src/cmd/init
RUN go-compile.sh /go/src/init/
FROM linuxkit/alpine:87a0cd10449d72f374f950004467737dbf440630 AS mirror # checkout containerd for vendoring
ENV GOPATH=/go PATH=$PATH:/go/bin
# CONTAINERD_REPO and CONTAINERD_COMMIT are defined in linuxkit/alpine
RUN mkdir -p $GOPATH/src/github.com/containerd && \
cd $GOPATH/src/github.com/containerd && \
git clone $CONTAINERD_REPO
WORKDIR $GOPATH/src/github.com/containerd/containerd
RUN git checkout $CONTAINERD_COMMIT
RUN cd /go/src/cmd/service && ./skanky-vendor.sh $GOPATH/src/github.com/containerd/containerd
RUN go-compile.sh /go/src/cmd/service
FROM linuxkit/alpine:6ed3b299f5243acb6459b4993549c5045e4ad7f4 AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out alpine-baselayout busybox musl RUN apk add --no-cache --initdb -p /out alpine-baselayout busybox musl
@ -23,6 +34,7 @@ ENTRYPOINT []
CMD [] CMD []
WORKDIR / WORKDIR /
COPY --from=build /go/bin/init / COPY --from=build /go/bin/init /
COPY --from=build /go/bin/service /usr/bin/
COPY --from=build usermode-helper /sbin/ COPY --from=build usermode-helper /sbin/
COPY --from=mirror /out/ / COPY --from=mirror /out/ /
COPY etc etc/ COPY etc etc/

3
pkg/init/Makefile
View File

@ -1,4 +1,5 @@
IMAGE=init IMAGE=init
DEPS=init.go vendor.conf usermode-helper.c $(wildcard etc/*) $(wildcard etc/init.d/*) NETWORK=1
DEPS=usermode-helper.c $(wildcard etc/*) $(wildcard etc/init.d/*) $(shell find cmd -type f)
include ../package.mk include ../package.mk

0
pkg/init/init.go → pkg/init/cmd/init/init.go
View File

0
pkg/init/vendor.conf → pkg/init/cmd/init/vendor.conf
View File

0
pkg/init/vendor/golang.org/x/sys/LICENSE → pkg/init/cmd/init/vendor/golang.org/x/sys/LICENSE generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/PATENTS → pkg/init/cmd/init/vendor/golang.org/x/sys/PATENTS generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/README → pkg/init/cmd/init/vendor/golang.org/x/sys/README generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/README.md → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/README.md generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_darwin_386.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_darwin_386.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_darwin_arm.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_darwin_arm.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_freebsd_386.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_freebsd_386.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_386.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_386.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_arm.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_arm.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_arm64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_arm64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_linux_s390x.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_linux_s390x.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_netbsd_386.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_netbsd_386.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_openbsd_386.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_openbsd_386.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/bluetooth_linux.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/bluetooth_linux.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/constants.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/constants.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/dirent.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/dirent.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/endian_big.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/endian_big.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/endian_little.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/endian_little.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/env_unix.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/env_unix.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/env_unset.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/env_unset.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/flock.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/flock.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/flock_linux_32bit.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/flock_linux_32bit.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/gccgo.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/gccgo.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/gccgo_c.c → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/gccgo_c.c generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/gccgo_linux_sparc64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/gccgo_linux_sparc64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/openbsd_pledge.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/openbsd_pledge.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/race.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/race.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/race0.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/race0.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/sockcmsg_linux.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/sockcmsg_linux.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/sockcmsg_unix.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/sockcmsg_unix.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/str.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/str.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_bsd.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_bsd.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_darwin.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_darwin.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_darwin_386.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_darwin_386.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_dragonfly.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_dragonfly.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_freebsd.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_freebsd.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_386.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_386.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_arm.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_arm.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_netbsd.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_netbsd.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go generated vendored
View File

0
pkg/init/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go → pkg/init/cmd/init/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go generated vendored
View File

Some files were not shown because too many files have changed in this diff Show More