github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 09:16:29 +00:00
Code Issues Projects Releases Wiki Activity
8,512 Commits 1 Branch 27 Tags 240 MiB
master
Commit Graph

451 Commits

Author SHA1 Message Date
Avi Deitcher
5d30b45cbc
Merge pull request #2942 from deitch/onboot-stream-logs 
Add logging to /var/log for onboot containers
 2018-03-02 16:47:54 +02:00
Avi Deitcher
6f524eb616 Update hashes for linuxkit/init 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2018-03-02 15:51:09 +02:00
Rolf Neugebauer
62eac7fd46 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-28 12:12:40 +00:00
Rolf Neugebauer
bed39bb6cf Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-26 15:33:51 +00:00
Rolf Neugebauer
5525c4858c Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-24 11:32:11 +00:00
Rolf Neugebauer
894bc2bad9 Switch the default kernel from 4.9.x to 4.14.x 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-21 10:36:49 +00:00
Rolf Neugebauer
0e6a5466a4 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-19 15:11:15 +00:00
Ian Campbell
b32e7471eb Bump yml to pickup containerd v1.0.2 
Also pick a newer version of runc

Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-02-14 13:50:47 +00:00
Rolf Neugebauer
1ebe545e81 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-14 09:48:57 +00:00
Rolf Neugebauer
42f4106168
Merge pull request #2905 from rn/kup 
Update kernels to 4.15.1/14.14.17/4.9.80/4.4.115
 2018-02-07 13:09:19 +00:00
Ian Campbell
72de57138b Bump yml to pickup containerd v1.0.2-rc.1 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-02-07 10:13:52 +00:00
Rolf Neugebauer
c79607a8a4 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:44:23 +00:00
Rolf Neugebauer
f6bc92666a Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Ian Campbell
c47a70aece Bump yml to pickup containerd v1.0.2-rc.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-31 09:50:15 +00:00
Rolf Neugebauer
adf5914233 Update YAML files to use the v0.2 tag for all pacakges 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 15:05:11 +00:00
Rolf Neugebauer
565a25d309 Update all YAMLs to use the latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-24 12:32:15 +00:00
Justin Cormack
c55dce77f2 update sysctl hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-01-19 11:43:40 +00:00
Justin Cormack
7478a38b8a update init hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-01-18 12:45:42 +00:00
Ian Campbell
e8f7429811 Bump yml to pickup containerd v1.0.1 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-18 11:21:19 +00:00
Rolf Neugebauer
bcb9d5ec3f Update YAML files to the latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-17 14:45:16 +00:00
Ian Campbell
c0de474e4f Bump hashes 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-15 17:28:38 +00:00
Ian Campbell
db5c8a7da8 Bump yml to pickup containerd v1.0.1-rc.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-12 10:58:07 +00:00
Ian Campbell
4f79366526 Update yaml 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-11 13:14:31 +00:00
Justin Cormack
d6d376c631 update init hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-01-10 15:03:03 +00:00
Rolf Neugebauer
aa59ffb82d Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-10 12:05:49 +00:00
Justin Cormack
421a4d3d7c
Merge pull request #2809 from stevvooe/plumb-namespace-context 
pkg/init/cmd/service: plumb containerd namespace
 2018-01-08 13:43:37 +00:00
Rolf Neugebauer
23fd00471b Update YAML files to the latests kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-06 19:53:57 +00:00
Stephen J Day
d40b86537e
examples, projects: update linuxkit hash 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-01-05 14:46:50 -08:00
Tobias Klauser
a43bfba832 Update YAML files to linuxkit/init:5a577d070817b4f17821657823082651baafd4ed 
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
 2018-01-04 14:18:53 +01:00
Rolf Neugebauer
b646fccc04 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-03 11:56:10 +00:00
Isaac Rodman
f42922f6c8 Updated image tag to linuxkit/sysctl:4c1ef93bb5eb1a877318db4b2daa6768ed002e21 
Signed-off-by: Isaac Rodman <isaac@eyz.us>
 2018-01-02 07:43:06 -07:00
Rolf Neugebauer
e50d0da7ea Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-30 16:18:41 +00:00
Rolf Neugebauer
09558c35ed Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-28 20:19:55 +00:00
Rolf Neugebauer
9b3f2b301e Update YAML files with new sysctl package 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-25 15:52:30 +01:00
Rolf Neugebauer
a3d46fd491 Update YAMLs to latest kernel 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-18 16:59:21 +00:00
Rolf Neugebauer
5bf636b9aa Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-14 12:50:05 +00:00
Rolf Neugebauer
7cd155aa6f Update YAML file to use the latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-11 12:20:01 +00:00
Rolf Neugebauer
0e1133281b Update all YAML files with new packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-08 16:25:13 +00:00
Rolf Neugebauer
e7c1824a97 Update YAML files to new kernel versions 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-06 14:10:11 +00:00
Rolf Neugebauer
2c2012cdee Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-01 15:28:10 +00:00
Rolf Neugebauer
bec7456d9b Update YAML files with latests kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-24 15:13:09 +00:00
Rolf Neugebauer
464a46d74a Update YAML files to latest kernels. 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-21 17:19:42 +00:00
Justin Cormack
f8e352d375 Replace moby build with linuxkit build throughout 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-11-20 17:06:54 +00:00
Rolf Neugebauer
d47da6b2b7 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-16 17:37:07 +00:00
Rolf Neugebauer
e1a12cd67d Update YAML files to new kernel versions 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-10 14:20:25 +00:00
Rolf Neugebauer
4866a1c4d6 Update YAML files with latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-03 15:11:07 +00:00
Rolf Neugebauer
a8b9693878 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-28 22:08:20 +01:00
Rolf Neugebauer
456f8f737d Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-22 19:49:15 +01:00
Rolf Neugebauer
1a58f16465 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-20 20:22:03 +01:00
Ian Campbell
5e6a78821b Update yaml and reenable linuxkit.packages.containerd test 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-10-12 17:29:19 +01:00
Ian Campbell
510802a245 Update yml 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-10-12 13:04:16 +01:00
Rolf Neugebauer
8173300f76 Update YAML files to new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-11 13:12:49 +01:00
Ian Campbell
4df5d394e8 Bump yml 
Done as follows:

    find -name build.yml | xargs dirname | while read d ; do
        t=$(linuxkit pkg show-tag $d)
        ./scripts/update-component-sha.sh --image ${t%:*} ${t#*:}
    done
    git commit -s test pkg tools blueprints examples projects/kubernetes projects/swarmd docs linuxkit.yml Makefile src

This explicitly excludes projects/* which I did not know whether to update.

Then:

    git reset --hard
    for i in init runc containerd ca-certificates sysctl dhcpcd getty rngd ; do
        o=$(git grep -h "\(image:\|-\) *linuxkit/$i:[0-9a-f]\{40\}" origin/master:linuxkit.yml | awk '// { print $2 }')
        n=$(linuxkit pkg show-tag pkg/$i)
        ./scripts/update-component-sha.sh "$o" "$n"
    done
    git commit --amend projects

This updates any projects which were using components with the same hash as the
top-level linuxkit.yml.

Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-10-10 13:23:45 +01:00
Rolf Neugebauer
28303f6858 Update YAML files with new getty/ip/sshd hashes 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-06 11:16:10 +01:00
Rolf Neugebauer
d3b9d06924 Update YAML files with new kernel tags 
In particular also fix the wireguard test whose kernel
tag hasn't been updated for quite some time...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-06 11:15:34 +01:00
Rolf Neugebauer
ab2333d70e Update YAML files with new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-28 15:45:23 +01:00
Ian Campbell
563ee76cb5 Update yml 
Pulling in containerd v1.0.0-beta.1.

Fixes #2533.

Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-09-25 13:54:24 +01:00
Rolf Neugebauer
cc200d296a Merge pull request #2527 from eyz/linuxkit-dhcpcd-CAP_SYS_ADMIN 
added capability to pkg/dhcpcd for sethostname
 2017-09-21 20:53:16 +01:00
Isaac Rodman
542ad766b7 switched linuxkit/dhcpcd hash to d4408777ed for PR #2527 
Signed-off-by: Isaac Rodman <isaac@eyz.us>
 2017-09-21 10:47:06 -07:00
Justin Cormack
a5054d5ad4 Update containerd hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-09-20 14:35:37 -07:00
Rolf Neugebauer
ffe6de1119 Update YAMLs to new kernel versions 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-20 12:14:40 +01:00
Rolf Neugebauer
60dd54670f Update YAML files with new getty, ip, and sshd package hashes 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-20 11:52:42 +01:00
Justin Cormack
2010d999ca update hashes for init 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-09-18 11:53:02 -07:00
Rolf Neugebauer
2d20ef1014 Update YAML files to new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-14 17:21:01 +01:00
David Scott
2b80ff5a0f Update init version in YAML files 
Signed-off-by: David Scott <dave.scott@docker.com>
 2017-09-14 11:47:38 +01:00
Rolf Neugebauer
11d9dc1e99 Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-12 11:49:52 +01:00
Rolf Neugebauer
a1dcdd6495 Update YAML files with latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-08 15:46:02 +01:00
Ian Campbell
b7ec19bb1f Update yml for containerd beta.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-09-07 18:46:40 +01:00
Rolf Neugebauer
ed8d367e2a Update 4.9.x/4.4.x kernel version in YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-04 17:58:16 +01:00
Thomas Gazagnaire
14a5b64dcc Update to latest capnp & capnp-rpc 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-09-04 16:21:53 +02:00
Rolf Neugebauer
419deee158 Update Linux kernel versions to latest 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-30 19:23:45 +01:00
Ian Campbell
d78321d701 Update hashes for init and containerd 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-08-29 01:05:50 +01:00
Justin Cormack
baf76d5e0c update hashes for init 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-23 16:43:18 +01:00
Justin Cormack
0cda27d4ef Update hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-21 15:40:17 +01:00
Rolf Neugebauer
efe8292e25 Update YAML files to new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-18 18:08:33 +01:00
Justin Cormack
2f915b8cf2 Update init, containerd, runc images 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-17 13:54:51 +01:00
Thomas Leonard
86b4f01e17 Update https-unikernel to released capnp-rpc 0.1 API 
Also, separate out RPC encoding from application logic.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
 2017-08-15 14:16:35 +01:00
Rolf Neugebauer
2007c4eef0 Update YAML files to 4.9.43/4.4.82 kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-14 11:02:30 +01:00
Rolf Neugebauer
ead41d0904 Update YAML files to 4.9.42 and 4.4.81 kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-14 10:52:15 +01:00
Ian Campbell
6f0d9d855b Update yml for containerd v1.0.0-alpha4 and runc v1.0.0-rc4 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-08-11 16:21:42 +01:00
Justin Cormack
fae7a76009 update runc and containerd images 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-10 14:33:21 +01:00
Rolf Neugebauer
9beaf45a07 Update YAML files with new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-08 17:46:22 +01:00
Justin Cormack
e61794a344 Merge pull request #2365 from deitch/test-dev-existence-getty 
Test dev existence getty
 2017-08-07 20:32:39 +01:00
Justin Cormack
9e26ffbc6c update init hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-07 15:04:42 +01:00
Ian Campbell
3a71c4a291 Update yml for new runc and containerd. 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-08-07 12:11:32 +01:00
Avi Deitcher
944fc95e31 Update example gettt hash 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2017-08-06 10:27:54 +03:00
Justin Cormack
0b2e34301b Merge pull request #2357 from justincormack/arm64-rngd 
Support rngd on arm64
 2017-08-04 16:13:46 +01:00
Justin Cormack
d164bcf283 update hashes for rngd 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-04 14:10:51 +01:00
Justin Cormack
ee349da98a update hashes for sysctl (arm and x86) 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-04 13:34:14 +01:00
Rolf Neugebauer
633195cbe3 Update YAML files with new multi-arch packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-03 17:46:11 +01:00
Justin Cormack
075dd61efe update rngd hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-08-02 21:03:46 +01:00
Justin Cormack
4daf008956 Merge pull request #2331 from justincormack/rng-golang 
Replace rngd with a Go version
 2017-08-01 10:56:10 +01:00
Justin Cormack
3bcd6b5113 update sysctl hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-31 23:10:25 +01:00
Justin Cormack
ded8ebd280 add init hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-31 21:11:33 +01:00
Justin Cormack
0a3d78e47f Update hashes for rngd and add a one shot example in sshd 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-31 20:18:20 +01:00
Justin Cormack
26b6a0cbdd update hash for init 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-31 15:27:22 +01:00
Justin Cormack
782d40bf28 update hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-31 13:57:41 +01:00
Rolf Neugebauer
c57cea4757 Merge pull request #2318 from rn/kern-up 
Update kernel to 4.9.40/4.4.79, remove 4.11.x
 2017-07-28 22:28:10 +01:00
Rolf Neugebauer
9812d0e5ea Update YAML files with new kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-07-28 20:17:13 +01:00
Justin Cormack
927028cb96 update sysctl hash 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-28 17:56:41 +01:00
Avi Deitcher
8f10f69fd3 Merge pull request #2233 from dave-tucker/ns-detect 
getty: Detect if you are in a namespace
 2017-07-27 16:50:02 +03:00
Avi Deitcher
d4f5878669 Update hashes in examples 2017-07-27 15:45:19 +03:00
Avi Deitcher
5cda493a21 Update hashes for getty 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2017-07-27 15:01:29 +03:00
Ian Campbell
017d3304fc Update yml after containerd bump 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-07-27 11:45:56 +01:00
Justin Cormack
b853e05d9c Update init, runc, containerd hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-26 16:51:11 +01:00
Justin Cormack
5194bf13d1 Merge pull request #2296 from justincormack/service-does-more 
Make service start up containerd and services
 2017-07-26 15:34:03 +01:00
Justin Cormack
74e067748a Update hashes for containerd 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-26 12:08:09 +01:00
Justin Cormack
64ba3eaaca update hashes for resolv.conf changes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-25 16:26:38 +01:00
Justin Cormack
9a79ebc0f4 Update hashes for new init 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-24 15:09:30 +01:00
Rolf Neugebauer
7ccc2786ae Update kernel version in all YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-07-24 11:05:40 +01:00
Avi Deitcher
afc1e1e970 Updated hashes for getty and sshd 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2017-07-21 19:16:38 +03:00
Ian Campbell
d01aa72670 Update ymls 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-07-20 15:08:27 +01:00
Ian Campbell
19207bb81b Update yml and moby version 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-07-20 14:13:20 +01:00
Rolf Neugebauer
118816b4c3 Merge pull request #2231 from samoht/dhcp-split 
[WIP] Split the DHCP client into three components communicating via RPCs
 2017-07-18 20:05:02 +01:00
Avi Deitcher
0f725c366e Merge pull request #2241 from deitch/fix-getty-background 
flag in init and background only if not in init
 2017-07-18 21:39:53 +03:00
Avi Deitcher
03244e3776 Change hash for getty in examples 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2017-07-18 17:47:36 +03:00
Justin Cormack
ae039ac141 update hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-18 14:22:16 +01:00
Thomas Gazagnaire
f5716ce985 Split the DHCP client into three components communicating via named pipes 
3 components:

- network: read eht0 and proxy only DHCP traffic
- engine: read DHCP traffic, handle DHCP client state machine, and call the
  host actuator to change the host config when a lease is obtained
  host system configuration.
- actuator: perform the acutall net syscalls, read and write host configuration
  files, etc

These three components can either be linked together in a single binary
(see src/dhcp-client/main.ml) or can be used as 3 binaries communicating
over cap-n-proto.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-07-17 17:46:17 +02:00
Rolf Neugebauer
fcac29681b Update kernels in YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-07-17 11:04:18 +01:00
Justin Cormack
79f9a66027 update init hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-15 14:13:25 +01:00
Justin Cormack
07469ac60b Merge pull request #2207 from justincormack/getty-x 
remove -x from getty script
 2017-07-15 12:38:52 +01:00
Justin Cormack
b0800cba59 update getty hash 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-14 18:38:36 +01:00
Justin Cormack
497122126f update runc hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-14 15:54:11 +01:00
Ian Campbell
074431eebe Update yml to linuxkit/containerd:b6ffbb669248e3369081a6c4427026aa968a2385 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-07-14 13:53:51 +01:00
Justin Cormack
f8a0b332f2 Update hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-14 11:08:50 +01:00
Ian Campbell
fa1ac99dfb Update yml's to linuxkit/containerd:389e67c3c1fc009c1315f32b3e2b6659691a3ad4 
Only those which used the same value as linuxkit.yml are updated.

Signed-off-by: Ian Campbell <ijc@docker.com>
 2017-07-13 10:45:45 +01:00
Ian Campbell
a2d3be0e6f Update runc and containerd 
pull in newer containerd v1.0.0-alpha0 via updated alpine base, update runc to
429a5387123625040bacfbb60d96b1cbd02293ab which is vendored by that version of
containerd (and also update alpine base for runc)

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-07-13 10:37:15 +01:00
Justin Cormack
298f4aab32 Consistently don't use quotes around image names 
These are not needed, but we are inconsistent. Been waiting for a
quiet moment to fix this since I noticed while doing a presentation...

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-09 17:47:30 +01:00
Rolf Neugebauer
dca5671fc1 Update kernel version in all YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-07-07 18:41:33 +01:00
Thomas Leonard
815f5599fc Update https-unikernel example to latest API 
Also, stop static linking for now, as it generates a lot of warnings
with glibc.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
 2017-07-07 15:09:54 +01:00
Justin Cormack
779fdc9499 Update init and containerd hashes 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-07-03 14:51:23 +01:00
Rolf Neugebauer
89c40eaddb Update hashes in YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-07-01 19:24:16 +01:00
Justin Cormack
6c837b28b6 Merge pull request #2133 from samoht/fdd 
sdk: add a yml example on how to use fdd to create container channels
 2017-07-01 10:51:58 +01:00
Rolf Neugebauer
4c6e0264b9 Update kernels in YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-06-30 18:23:29 +01:00
Thomas Gazagnaire
5525937c10 sdk: add fdd exec to map socketpair shares to local fds 
To enable this:

```
$ fdd init &
$ fdd share /tmp/foo

$ fdd exec -m /tmp/foo:1:2 -- echo hello world!

$ fdd exec -m /tmp/foo:0 -- cat
hello world!
```

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-30 16:11:41 +02:00
Thomas Gazagnaire
b4feb71f78 sdk: add a yml example on how to use fdd to create container channels 
Lots of boilerplate for now on, will work on upstreaming that in the tool
properly if needed later.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-30 16:11:41 +02:00
Rolf Neugebauer
736713dc8f Merge pull request #2120 from dave-tucker/getty 
Make it more obvious that getty/sshd are namespaced
 2017-06-29 23:30:17 +01:00
Thomas Gazagnaire
875b877047 sdk: add Dockerfile root pivot runs + static linking 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-29 18:17:02 +02:00
Thomas Gazagnaire
56229e486b sdk: add a file-descriptor sharing server 
```
$ fdd init &
$ fdd share /tmp/foo # serve a fresh socketpair on that path
$ fdd test /tmp/foo  # read the socketpair and test that it works
```

Instead of `fdd test` (which is only useful for testing), users are expected to
connect to the unix domain socket and call `recvmsg(2)`. They will get one side
of the socketpair. Two different processes can do this and they will be able to
talk to each other.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-29 17:53:49 +02:00
Dave Tucker
71bccd6967 examples: Update to use new getty and sshd images 
Signed-off-by: Dave Tucker <dt@docker.com>
 2017-06-29 15:01:33 +01:00
Rolf Neugebauer
093dae22d5 Update YAML files 
- Use the new style kernel tags with the full kernel version
- Update packages with new alpine base and new/simplified Makefiles.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-06-27 19:56:08 +01:00
Ian Campbell
b6071df200 Update getty and sshd sha's in *.yml to current. 
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-06-26 11:52:41 +01:00
Ian Campbell
ea79748830 pkg/containerd: Add /etc/localtime set to UTC 
containerd/ctr includes this in the default set of bind mounts for a container.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-06-26 11:52:30 +01:00
Rolf Neugebauer
d3e0898fb7 Update containerd hash in all YAML files 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-06-19 11:04:58 -07:00
Rolf Neugebauer
43ac05e4dd Merge pull request #2072 from samoht/sdk-upstream-cleanup 
Sdk upstream cleanup
 2017-06-19 10:01:14 -07:00
Thomas Gazagnaire
be7a54b5c7 sdk: update Docker to pin dev versions of upstream libraries 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-19 17:33:28 +02:00
Thomas Gazagnaire
681781651f sdk: add empty mli files to executable to catch up more warnings 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-19 17:33:28 +02:00
Thomas Gazagnaire
2ef504405b sdk: remove some dead-code 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-19 17:33:28 +02:00
Thomas Gazagnaire
852468bc99 sdk: use upstream libraires for SDK helpers 
- IO has been upstreamed in mirage-flow-lwt
- Init.Flow.Fd has been upstreamed in mirage-flow-unix
- Init.Flow.Rawlink has been upstreamed in mirage-flow-rawlink
- Remove some dead-code in unikernel.ml

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-19 17:33:28 +02:00
Thomas Gazagnaire
821a9f2e06 sdk: add missing files 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-19 16:57:49 +02:00
Justin Cormack
3dbcf0d053 Merge pull request #2041 from ijc/service-client 
Custom containerd client for use in init.
 2017-06-16 09:29:43 -07:00
Justin Cormack
88d9fb3211 Merge pull request #1981 from talex5/https-unikernel 
Add https example
 2017-06-16 09:18:59 -07:00
Ian Campbell
9d2da9cabc Update to containerd c215531a8f63a98a69134e804fea4ee6d354bb90 
This includes https://github.com/containerd/containerd/pull/994 and hence
requires updating the various instances of `/etc/containerd/config.toml`.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-06-16 13:42:24 +01:00
Ian Campbell
5833d1b6bc init: replace ctr with a custom client using the containerd client library 
Currently it supports only `service start <SERVICE>`, but it could grow e.g.
`stop`, `exec` etc in the future (although you can still use `ctr` for those).

In order to be able to use go-compile.sh the containerd build needs to move
from /root/go to /go as the GOPATH.

The vendoring situation is not ideal, but since this tool wants to be an exact
match for the containerd it seems tollerable to reuse its vendoring.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-06-16 11:48:53 +01:00
Ian Campbell
f7b2a739ee pkg/getty: Stop bind mounting /tmp/ctr 
This doesn't exist with newer ctr or in systems where service containers are
not started using the ctr tool. All it contains today are the stdio FIFOs,
which are not in general useful to access after container creation.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
 2017-06-16 11:21:40 +01:00
Riyaz Faizullabhoy
6dedac2fe9 Update getty image for setsid changes 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-06-15 09:16:12 -07:00
Thomas Gazagnaire
eb2d2ee112 sdk: update the mirage-dhcp example to use latest parts 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-14 16:14:27 +01:00
Thomas Gazagnaire
fe86bad838 sdk: remove local fork of init package 
The upstream init doesn't hardcode anything about dhcpcd anymore, so we can
just use it.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-14 16:13:52 +01:00
Thomas Gazagnaire
e76d6c09a4 sdk: fix dhcp's Dockerfile 
The rootfs were containing way too much binaries and runc command where not
started in the correct directory.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-14 16:13:40 +01:00
Thomas Gazagnaire
6fb3820925 sdk: push images to miragesdk org on hub 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-14 12:09:02 +01:00
Thomas Gazagnaire
03cd4d6fd3 sdk: replace custom transport protocol by Capnproto 
Initial patch by @talex5

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-14 11:43:27 +01:00
Thomas Leonard
387caf8df7 Ignore inlining warnings 
Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
 2017-06-12 12:12:06 +01:00
Mindy Preston
1ab32f9ca7 use dhcp_client_lwt instead of dhcp_client_mirage 
Use the `with-cdhcpc` branch of charrua-client, which exposes `Dhcp_client_lwt`.  Dhcp_client_lwt exposes similar functions to `Dhcp_client_mirage`, but does not impose the structure of a Mirage_types_lwt.ipv4_config on the returned object, rather returning the full lease; the engine can then expose whatever information from the lease it finds to be pertinent.

Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-06-09 13:57:07 -05:00
Mindy Preston
bcb0c52fff nudge some build updates around 
build from (now-released) canpnproto 0.6.0; use the latest jbuilder beta.

Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-06-09 13:38:55 -05:00
Riyaz Faizullabhoy
8726adaa78 s/moby/linuxkit for run 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-06-08 17:10:14 -07:00
Thomas Leonard
c7c33b9a56 Add example https-unikernel 
This is mainly a test for the Cap'n'Proto RPC support.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
 2017-06-07 16:34:59 +01:00
Thomas Gazagnaire
c4c44253cb sdk: the tests need logs.fmt 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-06 13:42:45 +02:00
Thomas Gazagnaire
c0d999dbab sdk: use mtime 1.0 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-06-06 13:42:42 +02:00
Anil Madhavapeddy
2da4aefb37 projects/miragesdk: add a frontend yaml format for dhcp-client 
The intention with the yaml fragment is that it specifies the
set of processes that form the daemon, with minimal privileges
for each component and each running inside a separate container.

In addition to the normal container capabilities, there is also
a new field which lets a startup process establish an RPC channel,
based on a Capnp specification. This allows for extremely
unprivileged components to be started, such as the `dhcp-engine`
in this example which can only communicate with the outside world
via the `dhcp-network` (to transmit) or `dhcp-actuator` (to alter
the state of the local Linux distribution).

This is a first cut at the yaml interface and the capnp, with the
intention to refine it as we combine it with the rest of the existing
prototype (which currently doesnt have an RPC layer).  Expect
more changes...

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-06-05 16:49:54 +01:00
Justin Cormack
d92e19f020 Update the yaml files with new builds 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-05-30 15:40:51 +01:00
Rolf Neugebauer
9bdfcb5b12 Update YAML files with new packages, config, and trust data 
- Update to packages using the Alpine 3.6 base image
- Remove config for packages which now supply it
- Update/add trust section

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-05-26 16:23:55 +01:00
Justin Cormack
00737bd859 Remove outputs from the yaml files 
The latest version of the `moby` tool now requires that the output formats
be specified in the CLI not in the yaml file.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-05-26 13:55:06 +01:00
Rolf Neugebauer
ae5dfc6d7d Update all YAML files to use the new binfmt, dhcpcd and rngd packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-05-23 15:55:40 +01:00
Justin Cormack
e52bf2f745 Update sysctl and sysfs in yaml files 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-05-20 11:16:48 +01:00
Justin Cormack
702ad5d9d9 Update git hashes for sysctl 
And remove all the config options as they are now in the label.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-05-19 22:05:15 +01:00
Rolf Neugebauer
6bea56c185 Update all YAML files to use the new packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-05-18 18:55:22 +01:00
Rolf Neugebauer
423957cfef Update YAML files to new packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-05-08 16:49:39 +01:00
Rolf Neugebauer
21f1646ce2 Update YAML files with new package hashes 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-05-04 22:27:59 +01:00
Justin Cormack
dae0e4efae Fix typo "ndodev" 
Not sure when this arrived but it was stopping anything running.
Appears not to be in the older test `init` containers.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-27 18:01:05 +01:00
Rolf Neugebauer
cb732e7f80 YAML: Update files to use the new binfmt package 
Checked that /proc/sys/fs/binfmt_misc/status is enabled for
architectures specified.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-25 15:55:10 +01:00
Mindy Preston
f74d9eaa7d typo fixes 
Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-04-19 13:52:18 -05:00
Thomas Gazagnaire
94583013aa miragesdk: simplify the build by using multi-stage Dockerfile 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-14 17:05:36 +02:00
Riyaz Faizullabhoy
9609010ea8 Also update ymls 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2017-04-13 09:17:14 -07:00
Rolf Neugebauer
36749ea5c4 build: Switch using c-compile from linuxkit hub org 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-04-12 21:28:17 +01:00
Thomas Gazagnaire
1e83a9f9b4 miragesdk: update roadmap 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 17:47:42 +02:00
Thomas Gazagnaire
238879f2d4 miragesdk: add temporary auto-gen files 
The capnp compiler is not yet available in alpine.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 16:29:49 +02:00
Thomas Gazagnaire
a0546bba88 miragesdk: use cap-n-proto instead of custom binary protocol for calf/priv API 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 16:29:49 +02:00
Thomas Gazagnaire
0a18bf3a00 miragesdk: update to latest base init 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 15:56:29 +02:00
Thomas Gazagnaire
dc4ff8accd miragesdk: update DHCP client example to use latest images 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 12:09:30 +02:00
Thomas Gazagnaire
2b0009ee06 miragesdk: be a bit less verbose in debug mode 
It's not very interesting to see the forwarded stdout/stderr messages as
they will end-up being printed anyway.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 12:08:32 +02:00
Thomas Gazagnaire
b18d50b5e4 miragesdk: rebase init pkg to catch up with upstream changes 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 12:06:50 +02:00
Thomas Gazagnaire
396ffabc41 miragesdk: tune down some debug code 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:33 +02:00
Thomas Gazagnaire
df9833ed68 miragesdk: add missing Sdk.Net files 
Probably my inconscient which refused to show the world these hacks.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:16 +02:00
Thomas Gazagnaire
abe96b0447 miragesdk: use the interface's MAC address instead of using a random one 
The priv container populate the `/mac` key on startup, that the calf can
then read.

Also add more fine-grained control over read/write delete capabilities attached
to the routes, e.g. the calf can read /mac but not write to it.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:16 +02:00
Thomas Gazagnaire
0d7e584e32 miragesdk: remove dead-code and code repetition 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:16 +02:00
Thomas Gazagnaire
95d362ab7e miragesdk: clean error handling for Sdk.Ctl.Client 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:16 +02:00
Thomas Gazagnaire
703657a54f miragesdk: update Dockerfiles 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-12 11:04:16 +02:00
Justin Cormack
eb22d6909f system → onboot daemon → services 
As suggested by @shykes these are clearer

- onboot for things that are run at boot time to completion
- services for persistent services

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-08 16:56:47 +01:00
Justin Cormack
d9faecdee9 Make init accept a list of images not just a single one. 
fix #1527

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-07 14:25:28 +01:00
Thomas Gazagnaire
81debfcd74 miragesdk: update README with moby build/run instructions 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-07 12:13:06 +02:00
Thomas Gazagnaire
914d27bed9 miragesdk: remove CAP_SYS_PTRACE 
Since https://github.com/opencontainers/runc/pull/774 we don't need this anymore.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-07 12:10:35 +02:00
Thomas Gazagnaire
d289de6416 miragesdk: update to latest runc 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-07 12:10:35 +02:00
Thomas Gazagnaire
a60ac17233 miragesdk: start the calf using runc 
`nested runc` unfortunately needs a lot of caps/privileged. The removal of `readonly: true` is also a bit unfortunate.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 19:39:21 +02:00
Thomas Gazagnaire
bb536803be miragesdk: use the latest image dhcp-client image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:25 +02:00
Thomas Gazagnaire
f44e2ffbcb miragesdk: cleaner errors 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:25 +02:00
Thomas Gazagnaire
fd447ee082 miragesdk: really allow to configure the DB path with the CLI 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
4437c4a23b miragesdk: add a config.json file for the calf 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
f5306b23ef miragesdk: fix the fork/exec init code and add a test 
Make all the low-level init code synchronous to avoid weird blocks on `close`.
Also move the net and ctl file descriptor at the beginning of the fd space for
the calf.

The SDK also allow to spamn multiple exec calves, which will all have the same
fd map:

- 0: stdin  = /dev/null
- 1: stdout = pipe to parent stdout
- 2: stderr = pipe to parent stderr
- 3: net    = socketpair to parent "net" pipe
- 4: ctl    = socketpair to parent "ctl" pipe

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
3cec2b1f5e miragesdk: refactor the SDK 
Expose a non-unix dependent flow-like API, so it is easier to test/use in a
unikernel.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
a07952d4e6 miragesdk: shell out to ifconfig and ip to set the IP and routes 
This forces us to bind mount /lib but will be replaced by calling the proper
bindings later on.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
0938ae44f6 miragesdk: fail early on short read/write returning 0 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Thomas Gazagnaire
25d3e42204 miragesdk: update init image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-06 17:44:24 +02:00
Justin Cormack
01fba0f3f5 Merge pull request #1479 from justincormack/command 
Revert Command->Args but remove from yaml where not needed
 2017-04-04 10:49:32 +01:00
Justin Cormack
57c75741e9 Revert Command->Args but remove from yaml where not needed 
In the riddler change I changed "command" in the yaml to "args"
but did not change the files. In fact we basically used the
default command everywhere so this did not actually break.

Remove the unnecessary "command" lines to simplify yaml.

Revert the command to args change for now as I think I prefer
command, but its easier to switch now. Need to think if the
entrypoint/command distinction matters before finalizing.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-04 09:51:17 +01:00
Thomas Gazagnaire
2dbcf99030 miragesdk: do not force the creation of pipes when linking with the SDK 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-04 10:06:59 +02:00
Thomas Gazagnaire
4944652d37 miragesdk: improve dev README 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-04 10:05:22 +02:00
Justin Cormack
065af9707c Replace riddler with code that constructs config.json directly 
Generated largely from the specified config; small parts taken from `docker image inspect`,
such as the command line.

Renamed some of the yaml keys to match the OCI spec rather than Docker Compose as
we decided they are more readable, no more underscores.

Add some extra functionality
- tmpfs specification
- fully general mount specification
- no new privileges can be specified now

For nostalgic reasons, using engine-api to talk to the docker cli as
we only need an old API version, and it is nice and easy to vendor...

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2017-04-03 23:28:55 +01:00
Thomas Gazagnaire
e3939e03c0 miragesdk: fix the build after the switch from mirage tool to jbuilder 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
e976a6c4aa miragesdk: ship Git the init image (to debug) 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:26 +02:00
Thomas Gazagnaire
1495dabccb miragesdk: allow the command run by the privileged container to be overwritten 
Use a file (that we can drop easily into the rootfs) instead of passing the full
command on the CLI (as config.json needs to be edited otherwise).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Thomas Gazagnaire
8d3cea1980 miragesdk: do not use inotify in the privileged container 
The inotify bindings that we are using is a bit sensitive to init
conditions, and it seems to not like being run inside in a container.

See https://github.com/samoht/irmin-watcher/issues/10

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Thomas Gazagnaire
dfb078825b miragesdk: simplify the build of the calf binary 
For now, use jbuilder to build the calf as well, this gives us a bit
more control than the mirage tool. We will switch back to the mirage
tool later on if we want to use more fancy backends (such as KVM).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-04-02 13:17:25 +02:00
Thomas Gazagnaire
6500becfea miragesdk: do not die brutally when the calf terminates 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 19:57:36 +02:00
Thomas Gazagnaire
0f0b721b19 miragesdk: better computation of the image tag 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 19:57:03 +02:00
Thomas Gazagnaire
5223c08d05 miragesdk: fix the compilation of the calf 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 19:22:41 +02:00
Thomas Gazagnaire
725a6e8070 miragesdk: update the dhcp-client example with latest image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 18:36:30 +02:00
Thomas Gazagnaire
d4db6c65a1 miragesdk: fix compilation of the dhcp-client image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 18:35:52 +02:00
Thomas Gazagnaire
faa9e1811d miragesdk: implement a simple binary RPCs for the control plane 
The protocol allows the client to send concurrent RPCs to the server.
The server replies by keeping the client ID, and the client keeps a
dispatch table of queries to route the retries. By doing things like
that, the server has a strong control over resource allocation, so
a bad client cannot exhaust all the server memory.

Also add some simple tests for the serialization + wire protocol which
are all passing. Proper concurrency/resource exhaustion usage will be
added later.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 17:22:16 +02:00
Thomas Gazagnaire
a61171e87e miragesdk: add tests for control plane messages 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 17:22:16 +02:00
Thomas Gazagnaire
c582aafe45 miragesdk: add tests for stdout/stderr pipes 
And the tests pass!

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 13:40:57 +02:00
Thomas Gazagnaire
2b48442fee miragesdk: update .gitignore 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 13:40:57 +02:00
Thomas Gazagnaire
9db898ceaf miragesdk: enable all warnings when compiling the projects 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 13:40:57 +02:00
Thomas Gazagnaire
b5a3d4b2aa miragesdk: rework the control plane protocol 
Previously, the control plane was using HTTP client/server, that various people
found way too complex to run in a privileged container (for very good reasons).

So switching to a simpler binary protocol, using c-like structures. Will
probably switch to an other serialization protocol later (eg. protobuf
or cap-n-proto).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-30 13:40:57 +02:00
Thomas Gazagnaire
df71c0f299 miragesdk: add mimimal tests for the SDK 
Very minimal so far, but the plan is to add much more of them.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 15:41:23 +02:00
Thomas Gazagnaire
c06454273b miragesdk: add a dev-clean target 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:28:19 +02:00
Thomas Gazagnaire
ec988eb93b miragesdk: fix dev target 
Paths have changed since 47b9f08b16

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 14:27:38 +02:00
Thomas Gazagnaire
7d08325c7a miragesdk: move files around 
The new hiearchy is:
- pkg/{init,mirage-compile}: additional Moby packages
- src/sdk -> the begining of the MirageOS SDK for Moby
- src/dhcp-client -> the code for the MirageOS dhcp-client service

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 13:39:20 +02:00
Thomas Gazagnaire
d008e859c6 miragesdk: first cut of a MirageSDK 
Today the SDK only contains helper code to create secure Moby services based on
MirageOS. Today the SDK only defines the architecture and the communication
pipes between the privileged service and the calf; the proper communication
API will be specified after we have a few more use-cases.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:48 +02:00
Thomas Gazagnaire
13d110e2c7 miragesdk: minor cleanups 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-29 12:34:41 +02:00
Anil Madhavapeddy
5c9d5315e5 miragesdk: more tweaks to README markdown 
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 22:07:15 +01:00
Anil Madhavapeddy
ab72dbb0e4 miragesdk: add a README explaining the background of the project 
Also link it to the roadmap and why-dhcp docs, and include review
comments from @yomimono

Signed-off-by: Anil Madhavapeddy <anil@docker.com>
 2017-03-28 19:13:17 +01:00
Thomas Gazagnaire
56085a3e6c miragesdk: re-org source code 
Split the bits which can be re-used in other services (e.g. init dance
and the server-side of the control path). `main.ml` now only contains what
is specific to the DHCP logic (+ the /caf directory).

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 14:42:02 +02:00
Thomas Gazagnaire
7fa21377b5 miragesdk: update TODO list 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:11:17 +02:00
Thomas Gazagnaire
1bee082c6c miragesdk: use a custom BPF filter to allow the calf to get a DHCP lease 
Plus a few more minor improvements:

- compile with jbuilder.
- start working on the control path.

Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:55 +02:00
Thomas Gazagnaire
b0f758a20d miragesdk: add strace in the init image 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
18635ed2e1 miragesdk: remove dhccpd in the init container 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Thomas Gazagnaire
ebdf371421 miragesdk: fork pkg/init to experiment with removal of dhcpcd 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-28 11:09:50 +02:00
Mindy Preston
46e650ede4 more documentation on why & what we're doing with dhcp 
Signed-off-by: Mindy Preston <mindy.preston@docker.com>
 2017-03-27 11:55:51 -05:00
Rolf Neugebauer
e9fbe43b34 Rename .yaml to .yml 
docker-compose and other utilities use the .yml extension.
For consistency rename all .yaml to .yml

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-03-27 09:53:26 +02:00
Thomas Gazagnaire
ad357c21b8 mirageSDK: rename README.md into roadmap.md 
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
 2017-03-20 15:00:47 +01:00