mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-22 10:31:35 +00:00
commit
edb909567c
@ -18,19 +18,19 @@ onboot:
|
|||||||
- name: sysfs
|
- name: sysfs
|
||||||
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
- CAP_MKNOD
|
- CAP_MKNOD
|
||||||
- name: mount
|
- name: mount
|
||||||
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a"
|
image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
- /var:/var:rshared,rbind
|
- /var:/var:rshared,rbind
|
||||||
@ -46,7 +46,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:57a8ef29d3a910645b2b24c124f9ce9ef53ce703"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
@ -57,7 +57,7 @@ services:
|
|||||||
net: host
|
net: host
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: ntpd
|
- name: ntpd
|
||||||
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af"
|
image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_TIME
|
- CAP_SYS_TIME
|
||||||
- CAP_SYS_NICE
|
- CAP_SYS_NICE
|
||||||
@ -66,7 +66,7 @@ services:
|
|||||||
- CAP_SETGID
|
- CAP_SETGID
|
||||||
net: host
|
net: host
|
||||||
- name: docker
|
- name: docker
|
||||||
image: "linuxkit/docker-ce:a82b61b151f6d6a3606e66f284c927b4c83b50f5"
|
image: "linuxkit/docker-ce:18d9d2719bc99514c5b1883d5c8a36619e5acb4d"
|
||||||
capabilities:
|
capabilities:
|
||||||
- all
|
- all
|
||||||
net: host
|
net: host
|
||||||
|
@ -16,7 +16,7 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -7,7 +7,7 @@ init:
|
|||||||
- linuxkit/containerd:60e2486a74c665ba4df57e561729aec20758daed
|
- linuxkit/containerd:60e2486a74c665ba4df57e561729aec20758daed
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -12,7 +12,7 @@ services:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -21,7 +21,7 @@ services:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -9,7 +9,7 @@ init:
|
|||||||
- linuxkit/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
|
- linuxkit/containerd:18eaf72f3f4f9a9f29ca1951f66df701f873060b
|
||||||
services:
|
services:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -21,7 +21,7 @@ services:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -16,12 +16,12 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:8881283ac627be1542811bd25c85e7782aebc692"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
@ -32,14 +32,14 @@ onboot:
|
|||||||
net: host
|
net: host
|
||||||
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
|
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
- CAP_MKNOD
|
- CAP_MKNOD
|
||||||
- name: mount
|
- name: mount
|
||||||
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a"
|
image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
- /var:/var:rshared,rbind
|
- /var:/var:rshared,rbind
|
||||||
|
@ -23,7 +23,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -16,12 +16,12 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -1,13 +1,10 @@
|
|||||||
FROM alpine:edge AS qemu-build
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS qemu
|
||||||
RUN \
|
RUN apk add \
|
||||||
apk update && apk upgrade && \
|
|
||||||
apk add \
|
|
||||||
qemu-aarch64 \
|
qemu-aarch64 \
|
||||||
qemu-arm \
|
qemu-arm \
|
||||||
qemu-ppc64le \
|
qemu-ppc64le
|
||||||
&& true
|
|
||||||
|
|
||||||
FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS binfmt-build
|
FROM linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5 AS build
|
||||||
COPY main.go main.go
|
COPY main.go main.go
|
||||||
RUN echo "gofmt..." && test -z $(gofmt -s -l main.go) && \
|
RUN echo "gofmt..." && test -z $(gofmt -s -l main.go) && \
|
||||||
echo "go vet..." && test -z $(GOOS=linux go tool vet -printf=false main.go) && \
|
echo "go vet..." && test -z $(GOOS=linux go tool vet -printf=false main.go) && \
|
||||||
@ -17,7 +14,7 @@ RUN go build -o usr/bin/binfmt -buildmode pie -ldflags "-s -w -extldflags -stati
|
|||||||
FROM scratch
|
FROM scratch
|
||||||
ENTRYPOINT []
|
ENTRYPOINT []
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
COPY --from=qemu-build usr/bin/qemu-* usr/bin/
|
COPY --from=qemu usr/bin/qemu-* usr/bin/
|
||||||
COPY --from=binfmt-build usr/bin/binfmt usr/bin/binfmt
|
COPY --from=build usr/bin/binfmt usr/bin/binfmt
|
||||||
COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf
|
COPY etc/binfmt.d/00_linuxkit.conf etc/binfmt.d/00_linuxkit.conf
|
||||||
CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]
|
CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]
|
||||||
|
@ -2,43 +2,13 @@
|
|||||||
default: push
|
default: push
|
||||||
|
|
||||||
IMAGE=binfmt
|
IMAGE=binfmt
|
||||||
BASE=alpine:edge
|
|
||||||
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
|
||||||
DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*)
|
DEPS=Dockerfile Makefile main.go $(wildcard etc/binmft.d/*)
|
||||||
|
|
||||||
# Note, this isn't quite right as we pull in qemu binaries from
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
# alpine:edge and they may vary over time. BUT: We are going to change
|
|
||||||
# the hashing stuff soon anyway, so there is little point in faffing
|
|
||||||
# about with computing a hash during the build and get it out.
|
|
||||||
hash: $(DEPS)
|
|
||||||
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
|
|
||||||
|
|
||||||
tag: hash
|
tag: $(DEPS)
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
|
|
||||||
docker build --no-cache -t $(IMAGE):build . && \
|
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
|
|
||||||
push: tag
|
push: tag
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash)
|
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
rm -f hash
|
|
||||||
docker rmi $(IMAGE):build || true
|
|
||||||
|
|
||||||
signed-tag: hash
|
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
(DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \
|
|
||||||
docker build --no-cache -t $(IMAGE):build . && \
|
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
|
|
||||||
sign: signed-tag
|
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
rm -f hash
|
|
||||||
docker rmi $(IMAGE):build || true
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -f hash
|
|
||||||
docker rmi $(IMAGE):build || true
|
|
||||||
|
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,12 +1,13 @@
|
|||||||
FROM alpine:3.5
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
|
||||||
|
|
||||||
RUN \
|
FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
||||||
apk update && apk upgrade -a && \
|
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
|
||||||
apk add --no-cache \
|
COPY --from=mirror /etc/apk/keys /etc/apk/keys/
|
||||||
dhcpcd \
|
COPY --from=mirror /mirror /mirror/
|
||||||
openrc \
|
|
||||||
&& true
|
RUN apk add dhcpcd
|
||||||
|
|
||||||
|
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
|
||||||
|
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
|
CMD ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
|
||||||
|
@ -1,34 +1,14 @@
|
|||||||
.PHONY: tag push clean container
|
.PHONY: tag push
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
IMAGE=dhcpcd
|
IMAGE=dhcpcd
|
||||||
|
DEPS=Dockerfile Makefile dhcpcd.conf usr/lib/dhcpcd/dhcpcd-hooks/10-mtu
|
||||||
|
|
||||||
BASE=alpine:3.5
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
|
|
||||||
DEPS=dhcpcd.conf usr/lib/dhcpcd/dhcpcd-hooks/10-mtu
|
tag: $(DEPS)
|
||||||
|
docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
|
|
||||||
container: Dockerfile $(DEPS)
|
push: tag
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
hash: Dockerfile $(DEPS)
|
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
||||||
docker run --rm $(IMAGE):build sh -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > hash
|
|
||||||
|
|
||||||
push: hash container
|
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash container
|
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -rf hash
|
|
||||||
|
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,15 +1,9 @@
|
|||||||
FROM alpine:3.5
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
|
||||||
|
|
||||||
# Docker daemon only minimal Alpine install
|
FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
||||||
|
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
|
||||||
# set up Docker group
|
COPY --from=mirror /etc/apk/keys /etc/apk/keys/
|
||||||
# set up subuid/subgid so that "--userns-remap=default" works out-of-the-box
|
COPY --from=mirror /mirror /mirror/
|
||||||
RUN set -x \
|
|
||||||
&& addgroup -S docker \
|
|
||||||
&& addgroup -S dockremap \
|
|
||||||
&& adduser -S -G dockremap dockremap \
|
|
||||||
&& echo 'dockremap:165536:65536' >> /etc/subuid \
|
|
||||||
&& echo 'dockremap:165536:65536' >> /etc/subgid
|
|
||||||
|
|
||||||
# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
|
# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
|
||||||
# removed openssl as I do not think server needs it
|
# removed openssl as I do not think server needs it
|
||||||
@ -22,6 +16,16 @@ RUN apk add --no-cache \
|
|||||||
iptables \
|
iptables \
|
||||||
xfsprogs \
|
xfsprogs \
|
||||||
xz
|
xz
|
||||||
|
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
|
||||||
|
|
||||||
|
# set up Docker group
|
||||||
|
# set up subuid/subgid so that "--userns-remap=default" works out-of-the-box
|
||||||
|
RUN set -x \
|
||||||
|
&& addgroup -S docker \
|
||||||
|
&& addgroup -S dockremap \
|
||||||
|
&& adduser -S -G dockremap dockremap \
|
||||||
|
&& echo 'dockremap:165536:65536' >> /etc/subuid \
|
||||||
|
&& echo 'dockremap:165536:65536' >> /etc/subgid
|
||||||
|
|
||||||
ENV DOCKER_BUCKET get.docker.com
|
ENV DOCKER_BUCKET get.docker.com
|
||||||
ENV DOCKER_VERSION 17.04.0-ce
|
ENV DOCKER_VERSION 17.04.0-ce
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
.PHONY: tag push
|
.PHONY: tag push
|
||||||
|
|
||||||
BASE=alpine:3.5
|
|
||||||
IMAGE=docker-ce
|
|
||||||
|
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
hash: Dockerfile
|
IMAGE=docker-ce
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
DEPS=Dockerfile
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
||||||
docker run --entrypoint /bin/sh --rm $(IMAGE):build -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > $@
|
|
||||||
|
|
||||||
push: hash
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash
|
tag: $(DEPS)
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker build --squash --no-cache -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
push: tag
|
||||||
rm -f hash
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,13 +1,18 @@
|
|||||||
FROM alpine:3.5
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
|
||||||
|
|
||||||
RUN \
|
FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
||||||
apk update && apk upgrade -a && \
|
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
|
||||||
apk add --no-cache \
|
COPY --from=mirror /etc/apk/keys /etc/apk/keys/
|
||||||
|
COPY --from=mirror /mirror /mirror/
|
||||||
|
|
||||||
|
RUN apk add \
|
||||||
e2fsprogs \
|
e2fsprogs \
|
||||||
e2fsprogs-extra \
|
e2fsprogs-extra \
|
||||||
jq \
|
jq \
|
||||||
sfdisk \
|
sfdisk \
|
||||||
&& true
|
&& true
|
||||||
|
|
||||||
|
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
|
||||||
|
|
||||||
COPY . ./
|
COPY . ./
|
||||||
CMD ["/bin/sh", "/format.sh"]
|
CMD ["/bin/sh", "/format.sh"]
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
.PHONY: tag push
|
.PHONY: tag push
|
||||||
|
|
||||||
BASE=alpine:3.5
|
|
||||||
IMAGE=format
|
|
||||||
|
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
hash: Dockerfile format.sh
|
IMAGE=format
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
DEPS=Dockerfile format.sh
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
||||||
docker run --rm --entrypoint /bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@
|
|
||||||
|
|
||||||
push: hash
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash
|
tag: $(DEPS)
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
push: tag
|
||||||
rm -f hash
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,11 +1,15 @@
|
|||||||
FROM alpine:3.5
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
|
||||||
|
|
||||||
RUN \
|
FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
||||||
apk update && apk upgrade -a && \
|
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
|
||||||
apk add --no-cache \
|
COPY --from=mirror /etc/apk/keys /etc/apk/keys/
|
||||||
|
COPY --from=mirror /mirror /mirror/
|
||||||
|
|
||||||
|
RUN apk add --no-cache \
|
||||||
jq \
|
jq \
|
||||||
sfdisk \
|
sfdisk \
|
||||||
&& true
|
&& true
|
||||||
|
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
|
||||||
|
|
||||||
COPY . ./
|
COPY . ./
|
||||||
CMD ["/bin/sh", "/mount.sh"]
|
CMD ["/bin/sh", "/mount.sh"]
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
.PHONY: tag push
|
.PHONY: tag push
|
||||||
|
|
||||||
BASE=alpine:3.5
|
|
||||||
IMAGE=mount
|
|
||||||
|
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
hash: Dockerfile mount.sh
|
IMAGE=mount
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
DEPS=Dockerfile mount.sh
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
||||||
docker run --rm --entrypoint /bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed | sha1sum" | sed 's/ .*//' > $@
|
|
||||||
|
|
||||||
push: hash
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash
|
tag: $(DEPS)
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
push: tag
|
||||||
rm -f hash
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM prom/node-exporter:v0.14.0
|
FROM prom/node-exporter:v0.14.0@sha256:ea8396dd32be6195ef03438b2f459b2e69a88b8fc798c3fc51559f56d4b158fa
|
||||||
|
|
||||||
ENTRYPOINT ["/bin/node_exporter", "-collector.procfs", "/host/proc", \
|
ENTRYPOINT ["/bin/node_exporter", "-collector.procfs", "/host/proc", \
|
||||||
"-collector.sysfs", "/host/sys", \
|
"-collector.sysfs", "/host/sys", \
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
.PHONY: tag push clean container
|
.PHONY: tag push
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
IMAGE=node_exporter
|
IMAGE=node_exporter
|
||||||
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
DEPS=Dockerfile
|
||||||
|
|
||||||
container: Dockerfile
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
docker build --no-cache -t $(IMAGE):build .
|
|
||||||
|
|
||||||
hash: Dockerfile
|
tag: $(DEPS)
|
||||||
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
|
docker build --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
|
|
||||||
push: hash container
|
push: tag
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash container
|
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -rf hash
|
|
||||||
|
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -1,10 +1,12 @@
|
|||||||
FROM alpine:3.5
|
FROM linuxkit/alpine:f0169b60fb260d74025496ae6fd93213fecaba8f@sha256:23743c7206ebe8a609442c5ac7084a26ed45ce8f5213960428bca264225849f1 AS mirror
|
||||||
|
|
||||||
RUN \
|
FROM alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
|
||||||
apk update && apk upgrade -a && \
|
COPY --from=mirror /etc/apk/repositories /etc/apk/repositories
|
||||||
apk add --no-cache \
|
COPY --from=mirror /etc/apk/keys /etc/apk/keys/
|
||||||
openntpd \
|
COPY --from=mirror /mirror /mirror/
|
||||||
&& true
|
|
||||||
|
RUN apk add --no-cache openntpd && true
|
||||||
|
RUN rm -rf /mirror /etc/apk/repositories /etc/apk/keys
|
||||||
|
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
|
@ -1,29 +1,14 @@
|
|||||||
.PHONY: tag push clean container
|
.PHONY: tag push
|
||||||
default: push
|
default: push
|
||||||
|
|
||||||
IMAGE=openntpd
|
IMAGE=openntpd
|
||||||
|
DEPS=Dockerfile etc/ntpd.conf
|
||||||
|
|
||||||
BASE=alpine:3.5
|
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
|
||||||
|
|
||||||
hash: Dockerfile etc/ntpd.conf
|
tag: $(DEPS)
|
||||||
DOCKER_CONTENT_TRUST=1 docker pull $(BASE)
|
docker build --squash --no-cache --network=none -t linuxkit/$(IMAGE):$(HASH) .
|
||||||
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
|
|
||||||
docker run --rm $(IMAGE):build sh -c 'cat $^ /lib/apk/db/installed | sha1sum' | sed 's/ .*//' > hash
|
|
||||||
|
|
||||||
push: hash
|
push: tag
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
docker pull linuxkit/$(IMAGE):$(HASH) || \
|
||||||
(docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \
|
docker push linuxkit/$(IMAGE):$(HASH)
|
||||||
docker push linuxkit/$(IMAGE):$(shell cat hash))
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
tag: hash
|
|
||||||
docker pull linuxkit/$(IMAGE):$(shell cat hash) || \
|
|
||||||
docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)
|
|
||||||
docker rmi $(IMAGE):build
|
|
||||||
rm -f hash
|
|
||||||
|
|
||||||
clean:
|
|
||||||
rm -rf hash
|
|
||||||
|
|
||||||
.DELETE_ON_ERROR:
|
|
||||||
|
@ -16,14 +16,14 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
- CAP_MKNOD
|
- CAP_MKNOD
|
||||||
- name: mount
|
- name: mount
|
||||||
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a"
|
image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
- /var:/var:rshared,rbind
|
- /var:/var:rshared,rbind
|
||||||
@ -32,7 +32,7 @@ onboot:
|
|||||||
rootfsPropagation: shared
|
rootfsPropagation: shared
|
||||||
command: ["/mount.sh", "/var/lib/etcd"]
|
command: ["/mount.sh", "/var/lib/etcd"]
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
@ -59,7 +59,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: ntpd
|
- name: ntpd
|
||||||
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af"
|
image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_TIME
|
- CAP_SYS_TIME
|
||||||
- CAP_SYS_NICE
|
- CAP_SYS_NICE
|
||||||
|
@ -16,7 +16,7 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -18,12 +18,12 @@ onboot:
|
|||||||
- name: sysfs
|
- name: sysfs
|
||||||
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
@ -46,7 +46,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
@ -57,7 +57,7 @@ services:
|
|||||||
net: host
|
net: host
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: ntpd
|
- name: ntpd
|
||||||
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af"
|
image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_TIME
|
- CAP_SYS_TIME
|
||||||
- CAP_SYS_NICE
|
- CAP_SYS_NICE
|
||||||
|
@ -18,12 +18,12 @@ onboot:
|
|||||||
- name: sysfs
|
- name: sysfs
|
||||||
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
image: linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
@ -46,7 +46,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
@ -57,7 +57,7 @@ services:
|
|||||||
net: host
|
net: host
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: ntpd
|
- name: ntpd
|
||||||
image: "linuxkit/openntpd:a570316d7fc49ca1daa29bd945499f4963d227af"
|
image: "linuxkit/openntpd:1eb0c05499500c8e44df6160524b79b776bbaa9e"
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_TIME
|
- CAP_SYS_TIME
|
||||||
- CAP_SYS_NICE
|
- CAP_SYS_NICE
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
import 'common.rb'
|
import 'common.rb'
|
||||||
|
|
||||||
from "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a"
|
from "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
|
||||||
|
|
||||||
script = [
|
script = [
|
||||||
mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"),
|
mount_bind_hostns_self("/etc/cni"), mount_make_hostns_rshared("/etc/cni"),
|
||||||
|
@ -17,12 +17,12 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -16,7 +16,7 @@ onboot:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd
|
image: linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
|
@ -21,7 +21,7 @@ services:
|
|||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -20,7 +20,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -18,19 +18,19 @@ onboot:
|
|||||||
- name: sysfs
|
- name: sysfs
|
||||||
image: "linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c"
|
image: "linuxkit/sysfs:6c1d06f28ddd9681799d3950cddf044b930b221c"
|
||||||
- name: binfmt
|
- name: binfmt
|
||||||
image: "linuxkit/binfmt:c7e69ebd918a237dd086a5c58dd888df772746bd"
|
image: "linuxkit/binfmt:aebd6ed6cc29921371ca78314697881086f4577a"
|
||||||
binds:
|
binds:
|
||||||
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
- /proc/sys/fs/binfmt_misc:/binfmt_misc
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: format
|
- name: format
|
||||||
image: "linuxkit/format:53748000acf515549d398e6ae68545c26c0f3a2e"
|
image: "linuxkit/format:a16f2bd94a83dd0cea4d490f710567a0cc60be33"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
capabilities:
|
capabilities:
|
||||||
- CAP_SYS_ADMIN
|
- CAP_SYS_ADMIN
|
||||||
- CAP_MKNOD
|
- CAP_MKNOD
|
||||||
- name: mount
|
- name: mount
|
||||||
image: "linuxkit/mount:d2669e7c8ddda99fa0618a414d44261eba6e299a"
|
image: "linuxkit/mount:ad138d252798d9d0d6779f7f4d35b7fbcbbeefb9"
|
||||||
binds:
|
binds:
|
||||||
- /dev:/dev
|
- /dev:/dev
|
||||||
- /var:/var:rshared,rbind
|
- /var:/var:rshared,rbind
|
||||||
@ -46,7 +46,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:0d4012269cb142972fed8542fbdc3ff5a7b695cd"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp/etc:/etc
|
- /tmp/etc:/etc
|
||||||
|
@ -8,7 +8,7 @@ init:
|
|||||||
- linuxkit/ca-certificates:5fc6ba7f91534ddbfef975404c33e44581e6ed7a
|
- linuxkit/ca-certificates:5fc6ba7f91534ddbfef975404c33e44581e6ed7a
|
||||||
onboot:
|
onboot:
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
@ -27,7 +27,7 @@ services:
|
|||||||
oomScoreAdj: -800
|
oomScoreAdj: -800
|
||||||
readonly: true
|
readonly: true
|
||||||
- name: dhcpcd
|
- name: dhcpcd
|
||||||
image: "linuxkit/dhcpcd:48e249ebef6a521eed886b3bce032db69fbb4afa"
|
image: "linuxkit/dhcpcd:8837289b78ecd80f59524883085424e115dd0b3a"
|
||||||
binds:
|
binds:
|
||||||
- /var:/var
|
- /var:/var
|
||||||
- /tmp:/etc
|
- /tmp:/etc
|
||||||
|
Loading…
Reference in New Issue
Block a user