Merge pull request #1086 from justincormack/new-containerd

Shift to development track containerd
2025-07-21 01:59:07 +00:00 · 2017-01-24 17:50:45 +00:00 · 2017-01-24 17:50:45 +00:00 · b53e83d695
commit b53e83d695
parent c565c75a85 89e98eefa0
14 changed files with 132 additions and 17 deletions
--- a/alpine/Dockerfile
+++ b/alpine/Dockerfile
@ -11,11 +11,6 @@ RUN \

 COPY . .
 RUN rm Dockerfile
-RUN cd /usr/bin && \
-  ln -s docker-runc runc && \
-  ln -s docker-containerd-shim containerd-shim && \
-  ln -s docker-containerd-ctr containerd-ctr && \
-  ln -s docker-containerd containerd

 RUN \
  rc-update add sysctl boot && \
--- a/alpine/Dockerfile.efi
+++ b/alpine/Dockerfile.efi
@ -21,7 +21,7 @@ RUN cp /usr/lib/gummiboot/linuxx64.efi.stub . && \

 # create a ISO with a EFI boot partition
 RUN mkdir -p iso && \
-    dd if=/dev/zero of=iso/efi.raw bs=1024 count=70000 && \
+    dd if=/dev/zero of=iso/efi.raw bs=1024 count=78000 && \
    mkfs.vfat iso/efi.raw

 RUN echo "mtools_skip_check=1" >> /etc/mtools.conf && \
--- a/alpine/Makefile
+++ b/alpine/Makefile
@ -51,7 +51,7 @@ moby.img: Dockerfile mkinitrd.sh init $(ETCFILES)
 	  -C packages/9pmount-vsock sbin -C ../.. \
 	  -C packages/test etc -C ../.. \
 	  -C packages/iptables usr -C ../.. \
-	  -C packages/containerd etc -C ../.. \
+	  -C packages/containerd etc usr -C ../.. \
 	  -C packages/aws etc -C ../.. \
 	  -C packages/azure etc -C ../.. \
 	  -C packages/gcp etc -C ../.. \
--- a/alpine/base/containerd/Dockerfile
+++ b/alpine/base/containerd/Dockerfile
@ -0,0 +1,19 @@
+FROM golang:1.7-alpine3.5
+RUN \
+  apk update && apk upgrade -a && \
+  apk add --no-cache \
+  gcc \
+  git \
+  libc-dev \
+  make \
+  && true
+ENV CONTAINERD_COMMIT=3b79682548339895fcf9976f60ddea8abc5fc97e
+RUN mkdir -p $GOPATH/src/github.com/docker && \
+  cd $GOPATH/src/github.com/docker && \
+  git clone https://github.com/docker/containerd.git
+WORKDIR $GOPATH/src/github.com/docker/containerd
+RUN git checkout $CONTAINERD_COMMIT
+RUN make binaries GO_GCFLAGS="-buildmode pie --ldflags '-extldflags \"-fno-PIC -static\"'"
+RUN cp bin/containerd bin/ctr bin/containerd-shim /usr/bin/
+WORKDIR /
+COPY . .
--- a/alpine/base/containerd/Makefile
+++ b/alpine/base/containerd/Makefile
@ -0,0 +1,29 @@
+.PHONY: tag push
+
+BASE=golang:1.7-alpine3.5
+IMAGE=containerd
+
+default: push
+
+hash: Dockerfile
+	DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
+	tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
+	docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
+
+push: hash
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
+		 docker push mobylinux/$(IMAGE):$(shell cat hash))
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+tag: hash
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+clean:
+	rm -f hash
+
+.DELETE_ON_ERROR:
--- a/alpine/base/runc/Dockerfile
+++ b/alpine/base/runc/Dockerfile
@ -0,0 +1,23 @@
+FROM golang:1.7-alpine3.5
+RUN \
+  apk update && apk upgrade -a && \
+  apk add --no-cache \
+  bash \
+  gcc \
+  git \
+  libc-dev \
+  libseccomp-dev \
+  linux-headers \
+  make \
+  && true
+ENV RUNC_COMMIT=51371867a01c467f08af739783b8beafc154c4d7
+RUN mkdir -p $GOPATH/src/github.com/opencontainers && \
+  cd $GOPATH/src/github.com/opencontainers && \
+  git clone https://github.com/opencontainers/runc.git
+WORKDIR $GOPATH/src/github.com/opencontainers/runc
+RUN git checkout $RUNC_COMMIT
+# TODO static pie, currently no easy way to change build options
+RUN make static BUILDTAGS="seccomp"
+RUN cp runc /usr/bin/
+WORKDIR /
+COPY . .
--- a/alpine/base/runc/Makefile
+++ b/alpine/base/runc/Makefile
@ -0,0 +1,29 @@
+.PHONY: tag push
+
+BASE=golang:1.7-alpine3.5
+IMAGE=runc
+
+default: push
+
+hash: Dockerfile
+	DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
+	tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
+	docker run --rm $(IMAGE):build sh -c 'cat Dockerfile /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
+
+push: hash
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
+		 docker push mobylinux/$(IMAGE):$(shell cat hash))
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+tag: hash
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+clean:
+	rm -f hash
+
+.DELETE_ON_ERROR:
--- a/alpine/packages/Makefile
+++ b/alpine/packages/Makefile
@ -1,4 +1,4 @@
-DEPS=proxy diagnostics transfused tap-vsockd docker nc-vsock vsudd 9pmount-vsock iptables
+DEPS=proxy diagnostics transfused tap-vsockd docker nc-vsock vsudd 9pmount-vsock iptables containerd
 .PHONY: clean $(DEPS)

 default: $(DEPS)
--- a/alpine/packages/containerd/.gitignore
+++ b/alpine/packages/containerd/.gitignore
@ -0,0 +1 @@
+usr
--- a/alpine/packages/containerd/Makefile
+++ b/alpine/packages/containerd/Makefile
@ -0,0 +1,22 @@
+# Tag: cd9f1788bb2e8e7a342f32dd8ba70f450ff7ae2c
+CONTAINERD_IMAGE=mobylinux/containerd@sha256:96a96f60751a1bb762e285f36e0cf9c5b4126933bb91475b7369efc990539165
+CONTAINERD_BINARIES=usr/bin/containerd usr/bin/containerd-shim usr/bin/ctr
+
+# Tag: 1a72d872ae97b90ae52482e4cb33a2778e168358
+RUNC_IMAGE=mobylinux/runc@sha256:2ea83d68baa57d547ec6d407d09cd495e4ef9cd6b0207ec3525fb2752b4a197e
+RUNC_BINARY=usr/bin/runc
+
+default: $(RUNC_BINARY) $(CONTAINERD_BINARIES)
+
+$(RUNC_BINARY):
+	mkdir -p $(dir $@)
+	docker run --rm --net=none $(RUNC_IMAGE) tar cf - $@ | tar xf -
+
+$(CONTAINERD_BINARIES):
+	mkdir -p $(dir $@)
+	docker run --rm --net=none $(CONTAINERD_IMAGE) tar cf - $@ | tar xf -
+
+clean:
+	rm -rf usr
+
+.DELETE_ON_ERROR:
--- a/alpine/packages/containerd/etc/init.d/containerd
+++ b/alpine/packages/containerd/etc/init.d/containerd
@ -26,7 +26,7 @@ start()

 	for f in /containers/*
 	do
-		containerd-ctr containers start --no-pivot --attach "$(basename $f)" "$f" 2>$LOG >$LOG &
+		ctr run --bundle "$f" "$(basename $f)" 2>$LOG >$LOG &
 		printf " $(basename $f)"
 	done

--- a/alpine/packages/diagnostics/usr/bin/diagnostics
+++ b/alpine/packages/diagnostics/usr/bin/diagnostics
@ -41,7 +41,7 @@ DIAGNOSTICS=$(ps -eo args | grep '^/usr/bin/diagnostics-server')
 [ $? -eq 0 ] && ok "Diagnostics server running: $DIAGNOSTICS\n" || fail "No diagnostics server\n"
 CONTAINERD=$(ps -eo args | grep '^/usr/bin/containerd')
 [ $? -eq 0 ] && ok "System containerd server running: $CONTAINERD\n" || fail "No containerd server\n"
-CONTAINERPS=$(containerd-ctr containers 2>&1)
+CONTAINERPS=$(ctr list 2>&1)
 [ $? -eq 0 ] && ok "System containerd working\n" || fail "containerd failed: $CONTAINERPS\n"

 exit $EXIT_STATUS
--- a/alpine/packages/test/etc/init.d/test
+++ b/alpine/packages/test/etc/init.d/test
@ -11,7 +11,7 @@ start()

 	ebegin "Running tests"

-	if containerd-ctr containers start --no-pivot --attach test /test
+	if ctr run --bundle /test test
 	then
 		printf "Moby test suite PASSED\n"
 	else
--- a/docs/containerd.md
+++ b/docs/containerd.md
@ -19,12 +19,9 @@ docker rm ${CONTAINER}

 mkdir -p /var/log/nginx /var/cache/nginx

-containerd-ctr containers start ${NAME} .
-containerd-ctr containers
+ctr run --bundle . ${NAME}
+ctr list
 ```

-For debugging it helps to run `containerd-ctr containers start --attach ${NAME} .` It may
-well turn out that you need to create directories that are empty volumes in docker.
-
 For production, you will want to create the `config.json` offline and bundle it in with your
-intii script, but you can create the rootfs online.
+init script, but you can create the rootfs online.