Commit Graph

380 Commits

Author SHA1 Message Date
Ian Campbell
017d3304fc Update yml after containerd bump
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-27 11:45:56 +01:00
Justin Cormack
b853e05d9c Update init, runc, containerd hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-26 16:51:11 +01:00
Justin Cormack
5194bf13d1 Merge pull request #2296 from justincormack/service-does-more
Make service start up containerd and services
2017-07-26 15:34:03 +01:00
Justin Cormack
74e067748a Update hashes for containerd
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-26 12:08:09 +01:00
Justin Cormack
64ba3eaaca update hashes for resolv.conf changes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-25 16:26:38 +01:00
Justin Cormack
9a79ebc0f4 Update hashes for new init
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-24 15:09:30 +01:00
Rolf Neugebauer
7ccc2786ae Update kernel version in all YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-24 11:05:40 +01:00
Avi Deitcher
afc1e1e970 Updated hashes for getty and sshd
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-07-21 19:16:38 +03:00
Ian Campbell
d01aa72670 Update ymls
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-20 15:08:27 +01:00
Ian Campbell
19207bb81b Update yml and moby version
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-20 14:13:20 +01:00
Avi Deitcher
0f725c366e Merge pull request #2241 from deitch/fix-getty-background
flag in init and background only if not in init
2017-07-18 21:39:53 +03:00
Avi Deitcher
03244e3776 Change hash for getty in examples
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-07-18 17:47:36 +03:00
Justin Cormack
ae039ac141 update hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-18 14:22:16 +01:00
Rolf Neugebauer
fcac29681b Update kernels in YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 11:04:18 +01:00
Justin Cormack
79f9a66027 update init hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-15 14:13:25 +01:00
Justin Cormack
07469ac60b Merge pull request #2207 from justincormack/getty-x
remove -x from getty script
2017-07-15 12:38:52 +01:00
Justin Cormack
b0800cba59 update getty hash
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 18:38:36 +01:00
Justin Cormack
497122126f update runc hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 15:54:11 +01:00
Ian Campbell
074431eebe Update yml to linuxkit/containerd:b6ffbb669248e3369081a6c4427026aa968a2385
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 13:53:51 +01:00
Justin Cormack
f8a0b332f2 Update hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 11:08:50 +01:00
Ian Campbell
fa1ac99dfb Update yml's to linuxkit/containerd:389e67c3c1fc009c1315f32b3e2b6659691a3ad4
Only those which used the same value as linuxkit.yml are updated.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-13 10:45:45 +01:00
Ian Campbell
a2d3be0e6f Update runc and containerd
pull in newer containerd v1.0.0-alpha0 via updated alpine base, update runc to
429a5387123625040bacfbb60d96b1cbd02293ab which is vendored by that version of
containerd (and also update alpine base for runc)

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-13 10:37:15 +01:00
Justin Cormack
298f4aab32 Consistently don't use quotes around image names
These are not needed, but we are inconsistent. Been waiting for a
quiet moment to fix this since I noticed while doing a presentation...

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-09 17:47:30 +01:00
Rolf Neugebauer
dca5671fc1 Update kernel version in all YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-07 18:41:33 +01:00
Thomas Leonard
815f5599fc Update https-unikernel example to latest API
Also, stop static linking for now, as it generates a lot of warnings
with glibc.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
2017-07-07 15:09:54 +01:00
Justin Cormack
779fdc9499 Update init and containerd hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-03 14:51:23 +01:00
Rolf Neugebauer
89c40eaddb Update hashes in YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-01 19:24:16 +01:00
Justin Cormack
6c837b28b6 Merge pull request #2133 from samoht/fdd
sdk: add a yml example on how to use fdd to create container channels
2017-07-01 10:51:58 +01:00
Rolf Neugebauer
4c6e0264b9 Update kernels in YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-30 18:23:29 +01:00
Thomas Gazagnaire
b4feb71f78 sdk: add a yml example on how to use fdd to create container channels
Lots of boilerplate for now on, will work on upstreaming that in the tool
properly if needed later.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-06-30 16:11:41 +02:00
Dave Tucker
71bccd6967 examples: Update to use new getty and sshd images
Signed-off-by: Dave Tucker <dt@docker.com>
2017-06-29 15:01:33 +01:00
Rolf Neugebauer
093dae22d5 Update YAML files
- Use the new style kernel tags with the full kernel version
- Update packages with new alpine base and new/simplified Makefiles.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-27 19:56:08 +01:00
Ian Campbell
b6071df200 Update getty and sshd sha's in *.yml to current.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-26 11:52:41 +01:00
Ian Campbell
ea79748830 pkg/containerd: Add /etc/localtime set to UTC
containerd/ctr includes this in the default set of bind mounts for a container.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-26 11:52:30 +01:00
Rolf Neugebauer
d3e0898fb7 Update containerd hash in all YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-19 11:04:58 -07:00
Justin Cormack
3dbcf0d053 Merge pull request #2041 from ijc/service-client
Custom containerd client for use in init.
2017-06-16 09:29:43 -07:00
Justin Cormack
88d9fb3211 Merge pull request #1981 from talex5/https-unikernel
Add https example
2017-06-16 09:18:59 -07:00
Ian Campbell
9d2da9cabc Update to containerd c215531a8f63a98a69134e804fea4ee6d354bb90
This includes https://github.com/containerd/containerd/pull/994 and hence
requires updating the various instances of `/etc/containerd/config.toml`.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-16 13:42:24 +01:00
Ian Campbell
5833d1b6bc init: replace ctr with a custom client using the containerd client library
Currently it supports only `service start <SERVICE>`, but it could grow e.g.
`stop`, `exec` etc in the future (although you can still use `ctr` for those).

In order to be able to use go-compile.sh the containerd build needs to move
from /root/go to /go as the GOPATH.

The vendoring situation is not ideal, but since this tool wants to be an exact
match for the containerd it seems tollerable to reuse its vendoring.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-16 11:48:53 +01:00
Ian Campbell
f7b2a739ee pkg/getty: Stop bind mounting /tmp/ctr
This doesn't exist with newer ctr or in systems where service containers are
not started using the ctr tool. All it contains today are the stdio FIFOs,
which are not in general useful to access after container creation.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-06-16 11:21:40 +01:00
Riyaz Faizullabhoy
6dedac2fe9 Update getty image for setsid changes
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-06-15 09:16:12 -07:00
Thomas Gazagnaire
eb2d2ee112 sdk: update the mirage-dhcp example to use latest parts
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-06-14 16:14:27 +01:00
Thomas Leonard
387caf8df7 Ignore inlining warnings
Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
2017-06-12 12:12:06 +01:00
Mindy Preston
1ab32f9ca7 use dhcp_client_lwt instead of dhcp_client_mirage
Use the `with-cdhcpc` branch of charrua-client, which exposes `Dhcp_client_lwt`.  Dhcp_client_lwt exposes similar functions to `Dhcp_client_mirage`, but does not impose the structure of a Mirage_types_lwt.ipv4_config on the returned object, rather returning the full lease; the engine can then expose whatever information from the lease it finds to be pertinent.

Signed-off-by: Mindy Preston <mindy.preston@docker.com>
2017-06-09 13:57:07 -05:00
Thomas Leonard
c7c33b9a56 Add example https-unikernel
This is mainly a test for the Cap'n'Proto RPC support.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
2017-06-07 16:34:59 +01:00
Justin Cormack
d92e19f020 Update the yaml files with new builds
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-30 15:40:51 +01:00
Rolf Neugebauer
9bdfcb5b12 Update YAML files with new packages, config, and trust data
- Update to packages using the Alpine 3.6 base image
- Remove config for packages which now supply it
- Update/add trust section

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-26 16:23:55 +01:00
Justin Cormack
00737bd859 Remove outputs from the yaml files
The latest version of the `moby` tool now requires that the output formats
be specified in the CLI not in the yaml file.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-26 13:55:06 +01:00
Rolf Neugebauer
ae5dfc6d7d Update all YAML files to use the new binfmt, dhcpcd and rngd packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-23 15:55:40 +01:00
Justin Cormack
e52bf2f745 Update sysctl and sysfs in yaml files
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-20 11:16:48 +01:00
Justin Cormack
702ad5d9d9 Update git hashes for sysctl
And remove all the config options as they are now in the label.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-19 22:05:15 +01:00
Rolf Neugebauer
6bea56c185 Update all YAML files to use the new packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-18 18:55:22 +01:00
Rolf Neugebauer
423957cfef Update YAML files to new packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-08 16:49:39 +01:00
Rolf Neugebauer
21f1646ce2 Update YAML files with new package hashes
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-04 22:27:59 +01:00
Rolf Neugebauer
cb732e7f80 YAML: Update files to use the new binfmt package
Checked that /proc/sys/fs/binfmt_misc/status is enabled for
architectures specified.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-25 15:55:10 +01:00
Riyaz Faizullabhoy
9609010ea8 Also update ymls
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-04-13 09:17:14 -07:00
Thomas Gazagnaire
a0546bba88 miragesdk: use cap-n-proto instead of custom binary protocol for calf/priv API
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-12 16:29:49 +02:00
Thomas Gazagnaire
0a18bf3a00 miragesdk: update to latest base init
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-12 15:56:29 +02:00
Thomas Gazagnaire
dc4ff8accd miragesdk: update DHCP client example to use latest images
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-12 12:09:30 +02:00
Thomas Gazagnaire
abe96b0447 miragesdk: use the interface's MAC address instead of using a random one
The priv container populate the `/mac` key on startup, that the calf can
then read.

Also add more fine-grained control over read/write delete capabilities attached
to the routes, e.g. the calf can read /mac but not write to it.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-12 11:04:16 +02:00
Justin Cormack
eb22d6909f system → onboot daemon → services
As suggested by @shykes these are clearer

- onboot for things that are run at boot time to completion
- services for persistent services

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-04-08 16:56:47 +01:00
Justin Cormack
d9faecdee9 Make init accept a list of images not just a single one.
fix #1527

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-04-07 14:25:28 +01:00
Thomas Gazagnaire
914d27bed9 miragesdk: remove CAP_SYS_PTRACE
Since https://github.com/opencontainers/runc/pull/774 we don't need this anymore.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-07 12:10:35 +02:00
Thomas Gazagnaire
a60ac17233 miragesdk: start the calf using runc
`nested runc` unfortunately needs a lot of caps/privileged. The removal of `readonly: true` is also a bit unfortunate.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-06 19:39:21 +02:00
Thomas Gazagnaire
bb536803be miragesdk: use the latest image dhcp-client image
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-06 17:44:25 +02:00
Thomas Gazagnaire
3cec2b1f5e miragesdk: refactor the SDK
Expose a non-unix dependent flow-like API, so it is easier to test/use in a
unikernel.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
a07952d4e6 miragesdk: shell out to ifconfig and ip to set the IP and routes
This forces us to bind mount /lib but will be replaced by calling the proper
bindings later on.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
25d3e42204 miragesdk: update init image
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-06 17:44:24 +02:00
Justin Cormack
57c75741e9 Revert Command->Args but remove from yaml where not needed
In the riddler change I changed "command" in the yaml to "args"
but did not change the files. In fact we basically used the
default command everywhere so this did not actually break.

Remove the unnecessary "command" lines to simplify yaml.

Revert the command to args change for now as I think I prefer
command, but its easier to switch now. Need to think if the
entrypoint/command distinction matters before finalizing.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-04-04 09:51:17 +01:00
Justin Cormack
065af9707c Replace riddler with code that constructs config.json directly
Generated largely from the specified config; small parts taken from `docker image inspect`,
such as the command line.

Renamed some of the yaml keys to match the OCI spec rather than Docker Compose as
we decided they are more readable, no more underscores.

Add some extra functionality
- tmpfs specification
- fully general mount specification
- no new privileges can be specified now

For nostalgic reasons, using engine-api to talk to the docker cli as
we only need an old API version, and it is nice and easy to vendor...

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-04-03 23:28:55 +01:00
Thomas Gazagnaire
e3939e03c0 miragesdk: fix the build after the switch from mirage tool to jbuilder
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
e976a6c4aa miragesdk: ship Git the init image (to debug)
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
6500becfea miragesdk: do not die brutally when the calf terminates
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-30 19:57:36 +02:00
Thomas Gazagnaire
5223c08d05 miragesdk: fix the compilation of the calf
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-30 19:22:41 +02:00
Thomas Gazagnaire
725a6e8070 miragesdk: update the dhcp-client example with latest image
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-30 18:36:30 +02:00
Thomas Gazagnaire
56085a3e6c miragesdk: re-org source code
Split the bits which can be re-used in other services (e.g. init dance
and the server-side of the control path). `main.ml` now only contains what
is specific to the DHCP logic (+ the /caf directory).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-28 14:42:02 +02:00
Thomas Gazagnaire
1bee082c6c miragesdk: use a custom BPF filter to allow the calf to get a DHCP lease
Plus a few more minor improvements:

- compile with jbuilder.
- start working on the control path.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-28 11:09:55 +02:00
Thomas Gazagnaire
b0f758a20d miragesdk: add strace in the init image
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-28 11:09:50 +02:00
Rolf Neugebauer
e9fbe43b34 Rename .yaml to .yml
docker-compose and other utilities use the .yml extension.
For consistency rename all .yaml to .yml

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-03-27 09:53:26 +02:00
Thomas Gazagnaire
30be4647ad Restructure the mirage/dhcp container into the new project structure
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-03-17 17:43:20 +01:00