Commit Graph

96 Commits

Author SHA1 Message Date
Rolf Neugebauer
1de059188b pkgs: Update packages to latest alpine base
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-05-12 13:18:03 +01:00
Rolf Neugebauer
2d00440351 pkg: Update to latest alpine base
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-05 14:05:39 +01:00
Rolf Neugebauer
eb9e6cda93 pkg: Update to latest alpine base
This should enable s390x support for all package

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-03-23 20:20:13 +00:00
Rolf Neugebauer
7cf2c5abf7 pkg: Update all packages to the latest linuxkit/alpine
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-25 13:42:33 +00:00
Avi Deitcher
c0ff9cf6f0
Merge pull request #2864 from deitch/fix-metadata-label
Add /run to binds and use newer yml label format
2018-01-16 11:36:49 +02:00
Avi Deitcher
0d4b2742e2 Add /run to binds and use newer yml label format
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2018-01-15 19:51:35 +02:00
Ian Campbell
826ee28c8d metadata: print Entry objects with %+v not %s
go_vet (via https://goreportcard.com/report/github.com/linuxkit/linuxkit)
reported:

    error: arg current for printf verb %s of wrong type: main.Entry (vet)

For each of these.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-15 17:24:36 +00:00
Avi Deitcher
2af908d1b7 Move metadata to /run instead of /var
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2018-01-15 14:23:03 +02:00
Rolf Neugebauer
fa51c915ba pkg: Update all package to the alpine:3.7 base
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-08 16:25:13 +00:00
Guillaume Rose
06e86154b6 metadata: handle json with more than 2 levels
Signed-off-by: Guillaume Rose <guillaume.rose@docker.com>
2017-11-13 14:35:17 +01:00
Ian Campbell
6c7b1c0251 Bump all packages to newest alpine.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-24 10:11:24 +01:00
Nick Jones
5663112822
Fix typo which broke metadata retrieval
Signed-off-by: Nick Jones <nick@dischord.org>
2017-10-18 22:47:03 +01:00
Ian Campbell
a9b03c3f95 Update all users of go-compile.sh to new alpine (go1.9)
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 16:47:35 +01:00
Ian Campbell
a237b51511 Bump alpine base across the board.
By running:

    ./scripts/update-component-sha.sh --image linuxkit/alpine ad35b6ddbc70faa07e59a9d7dee7707c08122e8d

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-10 09:55:45 +01:00
Ian Campbell
fc3e659f0e Convert all of pkg/* to linuxkit pkg build
This was done with the following "script":

    git rm pkg/{auditd,binfmt,init}/Makefile
    sed -e 's/IMAGE=/image: /g' -i pkg/*/Makefile
    sed -e 's/NETWORK=1/network: true/g' -i pkg/*/Makefile
    sed -e 's/ARCHES=x86_64/arches:\n  - amd64/g' -i pkg/*/Makefile
    sed -e '/DEPS:\?=/d' -i pkg/*/Makefile
    sed -e '/ARCHES=SKIP/d' -i pkg/node_exporter/Makefile
    sed -e 's/include \.\.\/package.mk//g' -i pkg/*/Makefile
    sed -e '/^$/d' -i pkg/*/Makefile
    git mv pkg/node_exporter/Makefile pkg/node_exporter/build.yml-skip
    for i in pkg/*/Makefile ; do git mv $i ${i%Makefile}build.yml ; done

and manual update of pkg/Makefile.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-09 16:20:26 +01:00
Nick Jones
6deabe8a2f
[OpenStack] Metadata service support
This commit adds support for retrieving instance metadata on OpenStack
public clouds.

Signed-off-by: Nick Jones <nick@dischord.org>
2017-10-08 17:08:00 +01:00
Justin Cormack
a808808ce1 Add vendoring needed for netlink, packet
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-19 19:25:21 +01:00
Justin Cormack
92451cf2e4 Add packet metadata support, with bonding
Use the packet metadata to set up bonding, also get ssh keys and hostname.

This does not yet do anything with disk metadata.

Userdata is not used if it has been used for ipxe, but is otherwise available.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-19 19:25:14 +01:00
Justin Cormack
9d8f1bd900 Allow specifying a set of metadata providers
run with `cmd: ["metadata", "aws"]` to just check for AWS metadata for example.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-17 14:50:50 +01:00
Rolf Neugebauer
e44783fea1 pkg: Update alpine base for all packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-03 17:46:10 +01:00
Justin Cormack
4434ecc4af Support multiple CDROMS in metadata
This checks if any CDROM in the system has metadata. Useful if
you boot off CDROM and also have a metadata CDROM.

Also switch the metadata container to read only, as it is only
writing to bind mounted in directories, and /tmp.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-03 14:16:02 +01:00
Justin Cormack
1e236e9f0c Update build labels for new resolv.conf bind mount
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-25 15:30:24 +01:00
David Scott
5bf6526380 metadata: avoid printing large chunks of configuration json to the console
If the configuration .json has contents like:

{
  "etc": {
    "ssl": {
      "certs": {
        "ca-certificates.crt": {
          "perm": "0644",
          "content": "large amount of certificate text"
        }
      }
    }
  },
...
}

then we print a warning because the node "ssl" has no "perm".
Previously the warning would include the contents of "ssl", which
would be large (and in theory could include secret information).

This patch modifies the warning print to only print the key and
not the value.

Without this patch, I see on the console:

2017/07/20 10:03:04 CDROM: Probe succeeded
2017/07/20 10:03:04 No permission provided ssl:map[certs:map[ca-certificates.crt:map[perm:0644 content:large amount of certificate text]]]
 - 000-metadata

With this patch, I see on the console:

2017/07/20 09:54:18 CDROM: Probe succeeded
2017/07/20 09:54:18 No permission provided ssl
 - 000-metadata

Signed-off-by: David Scott <dave.scott@docker.com>
2017-07-20 11:10:59 +01:00
Rolf Neugebauer
f021bb8aaa pkg: In the metadata package, don't error if a dir exists
Use os.Mkdirall() instead of os.Mkdir() as it does not
error if the path already exists.

This enables specifying a default config file with the image
and then over writing it with metadata.

While at it, also update to the latest alpine base image.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-07 18:29:02 +01:00
Rolf Neugebauer
699a864302 pkg: Update to new Alpine base
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-01 18:11:45 +01:00
Dave Tucker
5a225b9dc5 Makefile: Fix bug where network was not disabled
This commit moves the include statement to the bottom of the file to
ensure that all variables are set before conditionals are evaluated.

I also changed the ifndef NETWORK to ifdef NETWORK as the former was
incorrect. We want `NET_OPTS="--network=none"` in cases where NETWORK is
not defined.

Fixes: #2134

Signed-off-by: Dave Tucker <dt@docker.com>
2017-06-30 11:55:08 +01:00
Rolf Neugebauer
cab27698f4 pkg: Update all packages to the new alpine base
In a subsequent commit, all YAML files will be updated with
new package hashes since all packages needed rebuild due to
build system changes in commit adae27b8d1 ("Simplify
Makefiles for Packages"). So, we might as well bring all
packages up to the latest alpine base package.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-27 17:43:57 +01:00
Luke Hodkinson
3dc23b96ac Add a metadata provider for Vultr
Vultr uses a very similar approach to AWS, including using the
same IP address for serving metadata. In fact, it seems
as though if AWS appears first in the list of providers, that
provider mistakenly believes to be running on AWS (hence the
insertion of `NewVultr` in between GCP and AWS. I don't believe
AWS servers will accidentally try to use the Vultr provider,
as it seems that the `/v1/` endpoint doesn't exist on AWS.

Signed-off-by: Luke Hodkinson <furious.luke@gmail.com>
2017-06-24 07:43:07 +10:00
Dave Tucker
adae27b8d1 Simplify Makefiles for Packages
These now inherit from a top-level package.mk
Options like use of the network can be enabled on a per package basis
This removes a lot of duplicate code and make the maintenace of these
Makefiles much easier

Signed-off-by: Dave Tucker <dt@docker.com>
2017-06-22 12:40:03 +01:00
Ken Cochrane
7dafc3be01 Added more AWS metadata to /var/config
Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
2017-06-10 10:54:43 -04:00
Ken Cochrane
60d099176c Added AWS provider to metadata package
Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
2017-06-01 16:44:58 -04:00
Justin Cormack
d9aada88dc Update for new default namespaces
See https://github.com/moby/tool/pull/56

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-30 15:06:30 +01:00
Rolf Neugebauer
6d59041daa pkg: Update the metadata package to multi-stage build and alpine base
- Use the alpine base to compile the go program
- Use a multi-stage build

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-29 17:30:57 +01:00
Riyaz Faizullabhoy
05f1c282d5 Update images that have been newly setup for signing to use content trust on push
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-05-25 11:06:08 -07:00
Rolf Neugebauer
d2c32e2e38 pkg: Make Hub org/repository build time configurable
Update the Makefiles of the remaining packages.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-18 18:55:22 +01:00
Ian Campbell
800badea42 metadata: Allow simple string keys
If a file is a simple string (as opposed to a map) then write it with the
default perms. This makes for slightly terser metadata when creating a simple
datafile.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-05-11 01:39:03 +01:00
Ian Campbell
8fd1a3cbdb metadata: Fix parsing of JSON
`ok` was not assigned when type casting to `map[string]interface{}` so the
subsequent check was testing a stale value.

Also, the error message upon failure had the wrong sense.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-05-10 17:37:45 +01:00
Riyaz Faizullabhoy
3d91a7be86 Bump go-compile with ineffassign
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-04-12 16:54:51 -07:00
Rolf Neugebauer
0a0786d49e pkg: Update packages to push to linuxkit hub org
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 21:28:17 +01:00
Rolf Neugebauer
a06e6bbb37 build: Switch using go-compile from linuxkit hub org
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 21:28:17 +01:00
Rolf Neugebauer
105cb48ad6 metadata: Simplify the GCP SSH code
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 16:19:24 +01:00
Rolf Neugebauer
a21c566777 metadata: Make sure the ssh directory exists before writing to it
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 15:39:08 +01:00
Rolf Neugebauer
ce52c28cf6 metadata: Write the provider to /var/config/provider
This will be useful for testing.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 15:39:08 +01:00
Rolf Neugebauer
b0a0b4ceb7 metadata: Make JSON parser more robust
Make sure the type conversions are OK.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 15:39:08 +01:00
Rolf Neugebauer
626f02def2 metadata: Improve logging
Implementing a String() interface for each provider makes it
easier for users to prefix log strings with the provider.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 15:39:08 +01:00
Rolf Neugebauer
766e1d95d3 pkg: Add a generic metadata package
This package handles meta and user data for different cloud
and other platforms. It should be easy to extend to new
platforms.

Currently, it handles GCP metadata and a simple CDROM userdata
provider.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-11 15:32:17 +01:00