github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 17:26:28 +00:00
Code Issues Projects Releases Wiki Activity

Split out init to have standalone runc, containerd

Browse Source 
Also add ca-certificates to base, needed to use `dist` to pull.

Make two stage builds for `containerd` and `runc` so they have a
from `scratch` second stage.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack 2017-04-07 16:25:18 +01:00
parent 9553bbf514
commit a54a694772
17 changed files with 80 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
base/ca-certificates/Dockerfile
View File

@ -1,4 +0,0 @@
FROM debian:testing
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -yq upgrade && apt-get install -yq ca-certificates

21
base/containerd/Dockerfile
View File

@ -1,21 +0,0 @@
FROM golang:1.7-alpine3.5
RUN \
apk update && apk upgrade -a && \
apk add --no-cache \
btrfs-progs-dev \
gcc \
git \
libc-dev \
linux-headers \
make \
&& true
ENV CONTAINERD_COMMIT=8353da59c6ae7e1933aac2228df23541ef8b163f
RUN mkdir -p $GOPATH/src/github.com/docker && \
cd $GOPATH/src/github.com/docker && \
git clone https://github.com/docker/containerd.git
WORKDIR $GOPATH/src/github.com/docker/containerd
RUN git checkout $CONTAINERD_COMMIT
RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
RUN cp bin/containerd bin/ctr bin/containerd-shim bin/dist /usr/bin/
WORKDIR /
COPY . .

5
examples/docker.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0 console=tty0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"

5
examples/gcp.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"

5
examples/sshd.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"

5
examples/vmware.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=tty0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"

5
moby.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0 console=tty0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"

7
pkg/ca-certificates/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
FROM debian:testing
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -yq upgrade && apt-get install -yq ca-certificates
RUN printf "FROM scratch\nCOPY /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/\n" > Dockerfile
CMD ["tar", "cf", "-", "Dockerfile", "etc/ssl/certs/ca-certificates.crt"]

6
base/ca-certificates/Makefile → pkg/ca-certificates/Makefile
View File

@ -7,8 +7,10 @@ default: push
hash: Dockerfile
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat /etc/ssl/certs/ca-certificates.crt | sha1sum' | sed 's/ .*//' > hash
tar cf - $^ | docker build --no-cache -t $(IMAGE):build0 -
docker run --rm $(IMAGE):build0 | docker build --no-cache -t $(IMAGE):build -
docker run --rm -i $(IMAGE):build0 sh -c "cat /etc/ssl/certs/ca-certificates.crt /etc/debian_version | sha1sum - | sed 's/ .*//'" > $@
docker rmi $(IMAGE):build0
push: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \

22
pkg/containerd/Dockerfile Normal file
View File

@ -0,0 +1,22 @@
FROM golang:1.7-alpine3.5
RUN \
apk update && apk upgrade -a && \
apk add --no-cache \
btrfs-progs-dev \
gcc \
git \
libc-dev \
linux-headers \
make \
&& true
ENV CONTAINERD_COMMIT=e5c8c5634a1fa82da41c1b707f8a9889bcfca248
RUN mkdir -p $GOPATH/src/github.com/containerd && \
cd $GOPATH/src/github.com/containerd && \
git clone https://github.com/containerd/containerd.git
WORKDIR $GOPATH/src/github.com/containerd/containerd
RUN git checkout $CONTAINERD_COMMIT
RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
RUN cp bin/containerd bin/ctr bin/containerd-shim bin/dist /usr/bin/
WORKDIR /
RUN printf "FROM scratch\nCOPY /usr/bin/* /usr/bin/\n" > Dockerfile
CMD ["tar", "cf", "-", "Dockerfile", "usr/bin/containerd", "usr/bin/ctr", "usr/bin/containerd-shim", "usr/bin/dist"]

8
base/containerd/Makefile → pkg/containerd/Makefile
View File

@ -1,3 +1,5 @@
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
.PHONY: tag push
BASE=golang:1.7-alpine3.5
@ -7,8 +9,10 @@ default: push
hash: Dockerfile
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
tar cf - $^ | docker build --no-cache -t $(IMAGE):build0 -
docker run --rm $(IMAGE):build0 | docker build --no-cache -t $(IMAGE):build -
docker rmi $(IMAGE):build0
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > $@
push: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \

16
pkg/init/Makefile
View File

@ -1,22 +1,8 @@
CONTAINERD_IMAGE=mobylinux/containerd:a688df6aee1e3700eb8d54dbc81070361df397a2@sha256:59ee3da05fe4dad4fbecff582c86fc30ce75e19a225eeeb07e203c9cc36fe34f
CONTAINERD_BINARIES=usr/bin/containerd usr/bin/containerd-shim usr/bin/ctr usr/bin/dist
RUNC_IMAGE=mobylinux/runc:f225fb93dc3e6dda1cc9004962893015b29dc2d6@sha256:e75c4b274236bd3ad9f4db0a91a6f2174c8c77009c361ab5dd7a4169406675bc
RUNC_BINARY=usr/bin/runc
C_COMPILE=mobylinux/c-compile:81a6bd8ff45d769b60a2ee1acdaccda11ab835c8@sha256:eac250997a3b9784d3285a03c0c8311d4ca6fb63dc75164c987411ba93006487
START_STOP_DAEMON=sbin/start-stop-daemon
default: push
$(RUNC_BINARY): Makefile
mkdir -p $(dir $@)
docker run --rm --net=none $(RUNC_IMAGE) tar cf - $@ | tar xf -
$(CONTAINERD_BINARIES): Makefile
mkdir -p $(dir $@)
docker run --rm --net=none $(CONTAINERD_IMAGE) tar cf - $@ | tar xf -
$(START_STOP_DAEMON): start-stop-daemon.c
mkdir -p $(dir $@)
tar cf - $^ | docker run --rm --net=none --log-driver=none -i $(C_COMPILE) -o $@ | tar xf -
@ -28,7 +14,7 @@ IMAGE=init
ETC=$(shell find etc -type f)
hash: Dockerfile $(ETC) init $(RUNC_BINARY) $(CONTAINERD_BINARIES) $(START_STOP_DAEMON)
hash: Dockerfile $(ETC) init $(START_STOP_DAEMON)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@

3
base/runc/Dockerfile → pkg/runc/Dockerfile
View File

@ -20,4 +20,5 @@ RUN git checkout $RUNC_COMMIT
RUN make static BUILDTAGS="seccomp"
RUN cp runc /usr/bin/
WORKDIR /
COPY . .
RUN printf "FROM scratch\nCOPY /usr/bin/runc /usr/bin/\n" > Dockerfile
CMD ["tar", "cf", "-", "Dockerfile", "usr/bin/runc"]

8
base/runc/Makefile → pkg/runc/Makefile
View File

@ -1,3 +1,5 @@
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
.PHONY: tag push
BASE=golang:1.7-alpine3.5
@ -7,8 +9,10 @@ default: push
hash: Dockerfile
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
tar cf - $^ | docker build --no-cache -t $(IMAGE):build0 -
docker run --rm $(IMAGE):build0 | docker build --no-cache -t $(IMAGE):build -
docker rmi $(IMAGE):build0
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > $@
push: hash
docker pull mobylinux/$(IMAGE):$(shell cat hash) || \

5
test/ltp/test-ltp.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: ltp
image: "mobylinux/test-ltp-20170116:fdca2d1bb019b1d51e722e6032c82c7933d4b870"

5
test/test.yml
View File

@ -2,7 +2,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: binfmt
image: "mobylinux/binfmt:bdb754f25a5d851b4f5f8d185a43dfcbb3c22d01"

5
test/virtsock/test-virtsock-server.yml
View File

@ -6,7 +6,10 @@ kernel:
image: "mobylinux/kernel:4.9.x"
cmdline: "console=ttyS0 page_poison=1"
init:
- "mobylinux/init:7a17035030dca3938947516241f51d28922cebb2"
- mobylinux/init:925c88f42d92d57cd36b656db1f8757b152163a7
- mobylinux/runc:b0fb122e10dbb7e4e45115177a61a3f8d68c19a9
- mobylinux/containerd:68bb523deea09da293d675cbf88474eced540b8c
- mobylinux/ca-certificates:eabc5a6e59f05aa91529d80e9a595b85b046f935
system:
- name: sysctl
image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"