github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-22 10:31:35 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1772 from rneugeba/pkg

Browse Source 
Update packages
This commit is contained in:
Justin Cormack 2017-05-04 23:11:52 +01:00 committed by GitHub
commit edb909567c
36 changed files with 160 additions and 272 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
examples/docker.yml
View File

@ -18,19 +18,19 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
- CAP_MKNOD - CAP_MKNOD
- name: mount - name: mount
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a" image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
binds: binds:
- /dev:/dev - /dev:/dev
- /var:/var:rshared,rbind - /var:/var:rshared,rbind
@ -46,7 +46,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:57a8ef29d3a910645b2b24c124f9ce9ef53ce703" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc
@ -57,7 +57,7 @@ services:
net: host net: host
oomScoreAdj: -800 oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af" image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
capabilities: capabilities:
- CAP_SYS_TIME - CAP_SYS_TIME
- CAP_SYS_NICE - CAP_SYS_NICE
@ -66,7 +66,7 @@ services:
- CAP_SETGID - CAP_SETGID
net: host net: host
- name: docker - name: docker
image: "linuxkit/docker-ce:a82b61b151f6d6a3606e66f284c927b4c83b50f5" image: "linuxkit/docker-ce:18d9d2719bc99514c5b1883d5c8a36619e5acb4d"
capabilities: capabilities:
- all - all
net: host net: host

2
examples/gcp.yml
View File

@ -16,7 +16,7 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

2
examples/minimal.yml
View File

@ -7,7 +7,7 @@ init:
- linuxkit/containerd:60e2486a74c665ba4df57e561729aec20758daed - linuxkit/containerd:60e2486a74c665ba4df57e561729aec20758daed
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

2
examples/node_exporter.yml
View File

@ -12,7 +12,7 @@ services:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
oomScoreAdj: -800 oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

2
examples/packet.yml
View File

@ -21,7 +21,7 @@ services:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
oomScoreAdj: -800 oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

2
examples/redis-os.yml
View File

@ -9,7 +9,7 @@ init:
- linuxkit/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b - linuxkit/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
services: services:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

2
examples/sshd.yml
View File

@ -21,7 +21,7 @@ services:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
oomScoreAdj: -800 oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

8
examples/swap.yml
View File

@ -16,12 +16,12 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:8881283ac627be1542811bd25c85e7782aebc692" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc
@ -32,14 +32,14 @@ onboot:
net: host net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
- CAP_MKNOD - CAP_MKNOD
- name: mount - name: mount
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a" image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
binds: binds:
- /dev:/dev - /dev:/dev
- /var:/var:rshared,rbind - /var:/var:rshared,rbind

2
examples/vmware.yml
View File

@ -23,7 +23,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

4
linuxkit.yml
View File

@ -16,12 +16,12 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

15
pkg/binfmt/Dockerfile
View File

@ -1,13 +1,10 @@
FROM alpine:edge AS qemu-build FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS qemu
RUN \ RUN apk add \
apk update && apk upgrade && \
apk add \
qemu-aarch64 \ qemu-aarch64 \
qemu-arm \ qemu-arm \
qemu-ppc64le \ qemu-ppc64le
&& true
FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS binfmt-build FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS build
COPY main.go main.go COPY main.go main.go
RUN echo "gofmt..." && test -z $(gofmt -s -l main.go) && \ RUN echo "gofmt..." && test -z $(gofmt -s -l main.go) && \
echo "go vet..." && test -z $(GOOS=linux go tool vet -printf=false main.go) && \ echo "go vet..." && test -z $(GOOS=linux go tool vet -printf=false main.go) && \
@ -17,7 +14,7 @@ RUN go build -o usr/bin/binfmt -buildmode pie -ldflags "-s -w -extldflags -stati
FROM scratch FROM scratch
ENTRYPOINT [] ENTRYPOINT []
WORKDIR / WORKDIR /
COPY --from=qemu-build usr/bin/qemu-* usr/bin/ COPY --from=qemu usr/bin/qemu-* usr/bin/
COPY --from=binfmt-build usr/bin/binfmt usr/bin/binfmt COPY --from=build usr/bin/binfmt usr/bin/binfmt
COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf
CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"] CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]

40
pkg/binfmt/Makefile
View File

@ -2,43 +2,13 @@
default: push default: push
IMAGE=binfmt IMAGE=binfmt
BASE=alpine:edge
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*) DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*)
# Note, this isn't quite right as we pull in qemu binaries from HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
# alpine:edge and they may vary over time. BUT: We are going to change
# the hashing stuff soon anyway, so there is little point in faffing
# about with computing a hash during the build and get it out.
hash: $(DEPS)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
tag: hash tag: $(DEPS)
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
push: tag push: tag
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \
docker push linuxkit/$(IMAGE):$(shell cat hash) DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH)
rm -f hash
docker rmi $(IMAGE):build || true
signed-tag: hash
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
docker build --no-cache -t $(IMAGE):build . && \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
sign: signed-tag
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
rm -f hash
docker rmi $(IMAGE):build || true
clean:
rm -f hash
docker rmi $(IMAGE):build || true
.DELETE_ON_ERROR:

17
pkg/dhcpcd/Dockerfile
View File

@ -1,12 +1,13 @@
FROM alpine:3.5 FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
RUN \ FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
apk update && apk upgrade -a && \ COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
apk add --no-cache \ COPY --from=mirror /etc/apk/keys /etc/apk/keys/
dhcpcd \ COPY --from=mirror /mirror /mirror/
openrc \
&& true RUN apk add dhcpcd
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
COPY . . COPY . .
CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"] CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]

36
pkg/dhcpcd/Makefile
View File

@ -1,34 +1,14 @@
.PHONY: tag push clean container .PHONY: tag push
default: push default: push
IMAGE=dhcpcd IMAGE=dhcpcd
DEPS=Dockerfile Makefile dhcpcd.conf usr/lib/dhcpcd/dhcpcd-hooks/10-mtu
BASE=alpine:3.5 HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
DEPS=dhcpcd.conf usr/lib/dhcpcd/dhcpcd-hooks/10-mtu tag: $(DEPS)
docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
container: Dockerfile $(DEPS) push: tag
tar cf - $^ | docker build --no-cache -t $(IMAGE):build - docker pull linuxkit/$(IMAGE):$(HASH) || \
docker push linuxkit/$(IMAGE):$(HASH)
hash: Dockerfile $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > hash
push: hash container
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash container
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean:
rm -rf hash
.DELETE_ON_ERROR:

26
pkg/docker-ce/Dockerfile
View File

@ -1,15 +1,9 @@
FROM alpine:3.5 FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
# Docker daemon only minimal Alpine install FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
# set up Docker group COPY --from=mirror /etc/apk/keys /etc/apk/keys/
# set up subuid/subgid so that "--userns-remap=default" works out-of-the-box COPY --from=mirror /mirror /mirror/
RUN set -x \
&& addgroup -S docker \
&& addgroup -S dockremap \
&& adduser -S -G dockremap dockremap \
&& echo 'dockremap:165536:65536' >> /etc/subuid \
&& echo 'dockremap:165536:65536' >> /etc/subgid
# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
# removed openssl as I do not think server needs it # removed openssl as I do not think server needs it
@ -22,6 +16,16 @@ RUN apk add --no-cache \
iptables \ iptables \
xfsprogs \ xfsprogs \
xz xz
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
# set up Docker group
# set up subuid/subgid so that "--userns-remap=default" works out-of-the-box
RUN set -x \
&& addgroup -S docker \
&& addgroup -S dockremap \
&& adduser -S -G dockremap dockremap \
&& echo 'dockremap:165536:65536' >> /etc/subuid \
&& echo 'dockremap:165536:65536' >> /etc/subgid
ENV DOCKER_BUCKET get.docker.com ENV DOCKER_BUCKET get.docker.com
ENV DOCKER_VERSION 17.04.0-ce ENV DOCKER_VERSION 17.04.0-ce

31
pkg/docker-ce/Makefile
View File

@ -1,29 +1,14 @@
.PHONY: tag push .PHONY: tag push
BASE=alpine:3.5
IMAGE=docker-ce
default: push default: push
hash: Dockerfile IMAGE=docker-ce
DOCKER_CONTENT_TRUST=1 docker pull $(BASE) DEPS=Dockerfile
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --entrypoint /bin/sh --rm $(IMAGE):build -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
push: hash HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash tag: $(DEPS)
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker build --squash --no-cache -t linuxkit/$(IMAGE):$(HASH) .
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean: push: tag
rm -f hash docker pull linuxkit/$(IMAGE):$(HASH) || \
docker push linuxkit/$(IMAGE):$(HASH)
.DELETE_ON_ERROR:

13
pkg/format/Dockerfile
View File

@ -1,13 +1,18 @@
FROM alpine:3.5 FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
RUN \ FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
apk update && apk upgrade -a && \ COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
apk add --no-cache \ COPY --from=mirror /etc/apk/keys /etc/apk/keys/
COPY --from=mirror /mirror /mirror/
RUN apk add \
e2fsprogs \ e2fsprogs \
e2fsprogs-extra \ e2fsprogs-extra \
jq \ jq \
sfdisk \ sfdisk \
&& true && true
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
COPY . ./ COPY . ./
CMD ["/bin/sh", "/format.sh"] CMD ["/bin/sh", "/format.sh"]

31
pkg/format/Makefile
View File

@ -1,29 +1,14 @@
.PHONY: tag push .PHONY: tag push
BASE=alpine:3.5
IMAGE=format
default: push default: push
hash: Dockerfile format.sh IMAGE=format
DOCKER_CONTENT_TRUST=1 docker pull $(BASE) DEPS=Dockerfile format.sh
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm --entrypoint /bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@
push: hash HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash tag: $(DEPS)
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean: push: tag
rm -f hash docker pull linuxkit/$(IMAGE):$(HASH) || \
docker push linuxkit/$(IMAGE):$(HASH)
.DELETE_ON_ERROR:

12
pkg/mount/Dockerfile
View File

@ -1,11 +1,15 @@
FROM alpine:3.5 FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
RUN \ FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
apk update && apk upgrade -a && \ COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
apk add --no-cache \ COPY --from=mirror /etc/apk/keys /etc/apk/keys/
COPY --from=mirror /mirror /mirror/
RUN apk add --no-cache \
jq \ jq \
sfdisk \ sfdisk \
&& true && true
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
COPY . ./ COPY . ./
CMD ["/bin/sh", "/mount.sh"] CMD ["/bin/sh", "/mount.sh"]

31
pkg/mount/Makefile
View File

@ -1,29 +1,14 @@
.PHONY: tag push .PHONY: tag push
BASE=alpine:3.5
IMAGE=mount
default: push default: push
hash: Dockerfile mount.sh IMAGE=mount
DOCKER_CONTENT_TRUST=1 docker pull $(BASE) DEPS=Dockerfile mount.sh
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm --entrypoint /bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@
push: hash HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash tag: $(DEPS)
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean: push: tag
rm -f hash docker pull linuxkit/$(IMAGE):$(HASH) || \
docker push linuxkit/$(IMAGE):$(HASH)
.DELETE_ON_ERROR:

2
pkg/node_exporter/Dockerfile
View File

@ -1,4 +1,4 @@
FROM prom/node-exporter:v0.14.0 FROM prom/node-exporter:v0.14.0@sha256:ea8396dd32be6195ef03438b2f459b2e69a88b8fc798c3fc51559f56d4b158fa
ENTRYPOINT ["/bin/node_exporter", "-collector.procfs", "/host/proc", \ ENTRYPOINT ["/bin/node_exporter", "-collector.procfs", "/host/proc", \
"-collector.sysfs", "/host/sys", \ "-collector.sysfs", "/host/sys", \

31
pkg/node_exporter/Makefile
View File

@ -1,29 +1,14 @@
.PHONY: tag push clean container .PHONY: tag push
default: push default: push
IMAGE=node_exporter IMAGE=node_exporter
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8 DEPS=Dockerfile
container: Dockerfile HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
docker build --no-cache -t $(IMAGE):build .
hash: Dockerfile tag: $(DEPS)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
push: hash container push: tag
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker pull linuxkit/$(IMAGE):$(HASH) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ docker push linuxkit/$(IMAGE):$(HASH)
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash container
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean:
rm -rf hash
.DELETE_ON_ERROR:

14
pkg/openntpd/Dockerfile
View File

@ -1,10 +1,12 @@
FROM alpine:3.5 FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
RUN \ FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
apk update && apk upgrade -a && \ COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
apk add --no-cache \ COPY --from=mirror /etc/apk/keys /etc/apk/keys/
openntpd \ COPY --from=mirror /mirror /mirror/
&& true
RUN apk add --no-cache openntpd && true
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
COPY . . COPY . .

31
pkg/openntpd/Makefile
View File

@ -1,29 +1,14 @@
.PHONY: tag push clean container .PHONY: tag push
default: push default: push
IMAGE=openntpd IMAGE=openntpd
DEPS=Dockerfile etc/ntpd.conf
BASE=alpine:3.5 HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
hash: Dockerfile etc/ntpd.conf tag: $(DEPS)
DOCKER_CONTENT_TRUST=1 docker pull $(BASE) docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
docker run --rm $(IMAGE):build sh -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > hash
push: hash push: tag
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ docker pull linuxkit/$(IMAGE):$(HASH) || \
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ docker push linuxkit/$(IMAGE):$(HASH)
docker push linuxkit/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean:
rm -rf hash
.DELETE_ON_ERROR:

8
projects/etcd/etcd.yml
View File

@ -16,14 +16,14 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
- CAP_MKNOD - CAP_MKNOD
- name: mount - name: mount
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a" image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
binds: binds:
- /dev:/dev - /dev:/dev
- /var:/var:rshared,rbind - /var:/var:rshared,rbind
@ -32,7 +32,7 @@ onboot:
rootfsPropagation: shared rootfsPropagation: shared
command: ["/mount.sh", "/var/lib/etcd"] command: ["/mount.sh", "/var/lib/etcd"]
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc
@ -59,7 +59,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af" image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
capabilities: capabilities:
- CAP_SYS_TIME - CAP_SYS_TIME
- CAP_SYS_NICE - CAP_SYS_NICE

2
projects/etcd/prom-us-central1-f.yml
View File

@ -16,7 +16,7 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

8
projects/kubernetes/kube-master.yml
View File

@ -18,12 +18,12 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
@ -46,7 +46,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc
@ -57,7 +57,7 @@ services:
net: host net: host
oomScoreAdj: -800 oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af" image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
capabilities: capabilities:
- CAP_SYS_TIME - CAP_SYS_TIME
- CAP_SYS_NICE - CAP_SYS_NICE

8
projects/kubernetes/kube-node.yml
View File

@ -18,12 +18,12 @@ onboot:
- name: sysfs - name: sysfs
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
@ -46,7 +46,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc
@ -57,7 +57,7 @@ services:
net: host net: host
oomScoreAdj: -800 oomScoreAdj: -800
- name: ntpd - name: ntpd
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af" image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
capabilities: capabilities:
- CAP_SYS_TIME - CAP_SYS_TIME
- CAP_SYS_NICE - CAP_SYS_NICE

2
projects/kubernetes/mounts.rb
View File

@ -1,6 +1,6 @@
import 'common.rb' import 'common.rb'
from "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a" from "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
script = [ script = [
mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"), mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"),

4
projects/logging/examples/logging.yml
View File

@ -17,12 +17,12 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

2
projects/miragesdk/examples/mirage-dhcp.yml
View File

@ -16,7 +16,7 @@ onboot:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
readonly: true readonly: true
- name: binfmt - name: binfmt
image: linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd image: linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true

2
projects/okernel/examples/okernel_simple.yaml
View File

@ -21,7 +21,7 @@ services:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
oomScoreAdj: -800 oomScoreAdj: -800
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

2
projects/swarmd/swarmd.yml
View File

@ -20,7 +20,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

8
test/docker-bench/test-docker-bench.yml
View File

@ -18,19 +18,19 @@ onboot:
- name: sysfs - name: sysfs
image: "linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c" image: "linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c"
- name: binfmt - name: binfmt
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd" image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
binds: binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc - /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true readonly: true
- name: format - name: format
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e" image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
binds: binds:
- /dev:/dev - /dev:/dev
capabilities: capabilities:
- CAP_SYS_ADMIN - CAP_SYS_ADMIN
- CAP_MKNOD - CAP_MKNOD
- name: mount - name: mount
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a" image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
binds: binds:
- /dev:/dev - /dev:/dev
- /var:/var:rshared,rbind - /var:/var:rshared,rbind
@ -46,7 +46,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp/etc:/etc - /tmp/etc:/etc

2
test/test.yml
View File

@ -8,7 +8,7 @@ init:
- linuxkit/ca-certificates:5fc6ba7f91534ddbfef975404c33e44581e6ed7a - linuxkit/ca-certificates:5fc6ba7f91534ddbfef975404c33e44581e6ed7a
onboot: onboot:
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc

2
test/virtsock/test-virtsock-server.yml
View File

@ -27,7 +27,7 @@ services:
oomScoreAdj: -800 oomScoreAdj: -800
readonly: true readonly: true
- name: dhcpcd - name: dhcpcd
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa" image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
binds: binds:
- /var:/var - /var:/var
- /tmp:/etc - /tmp:/etc