Commit Graph

976 Commits

Author SHA1 Message Date
Avi Deitcher
414b4c5275
Merge pull request #3059 from deitch/motd-namespace-warning
Add services.linuxkit warning to motd for sshd and getty
2018-06-06 17:16:23 +03:00
Avi Deitcher
d85ce30e0e Change image sha tags to match latest
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2018-06-06 15:52:49 +03:00
Rolf Neugebauer
193c4fa4da Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-06-06 08:26:54 +01:00
Ian Campbell
56f7a8c9f3 Bump yml to pickup containerd v1.1.1-rc.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-06-01 14:24:06 +01:00
Rolf Neugebauer
dae753cf0a
Merge pull request #3053 from ndauten/memorizer-remove-poison
Memorizer: remove kasan poison on boot
2018-06-01 08:14:52 +01:00
Nathan Dautenhahn
3ddca63774 Memorizer: remove kasan poison on boot
Originally, Memorizer kernel fed inputs to add boot printouts from a debug tool, however, it creates unnecessary output. Remove the kernel boot option parameter.

Signed-off-by: Nathan Dautenhahn <ndd@cis.upenn.edu>
2018-05-31 16:49:27 -04:00
Rolf Neugebauer
932ed11e06 Update YAMLs to latest kernels.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-05-30 18:34:10 +01:00
Rolf Neugebauer
697b904803 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-05-24 14:00:34 +01:00
Rolf Neugebauer
ec82c4989c Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-05-16 19:44:07 +01:00
Rolf Neugebauer
440ec4a4c4 Update package tags to v0.4
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-05-12 14:32:14 +01:00
Rolf Neugebauer
aae1e864db Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-05-10 13:06:28 +01:00
Rolf Neugebauer
9356c0aee2 Update YAMLs to the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-05-03 19:34:03 +01:00
Rolf Neugebauer
2ad80b5b22 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-30 14:17:20 +01:00
Rolf Neugebauer
521c875a96 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-04-27 20:10:43 +01:00
Ian Campbell
4281cbf87c Bump yml to pickup containerd v1.1.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-25 10:14:52 +01:00
Robin Winkelewski
5e9b5878aa bump hashes 2018-04-24 22:35:39 +02:00
Rolf Neugebauer
e4f8b28fe3 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-19 17:11:37 +01:00
Ian Campbell
bb6f1c0f7c Bump yml to pickup containerd v1.1.0-rc.2
Also pick a newer version of runc.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-18 14:12:49 +01:00
Rolf Neugebauer
ed48e5adad Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-13 17:13:08 +01:00
Rolf Neugebauer
c45e747c81 Update YAMLs to the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-09 14:09:11 +01:00
Rolf Neugebauer
db663d30a6 Update YAMLs to released packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-05 15:23:20 +01:00
Ian Campbell
e58300388a Bump yml to pickup containerd v1.0.3
Also pick a newer version of runc.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-03 11:25:22 +01:00
Rolf Neugebauer
bad43d6eed Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-04-01 19:18:42 +01:00
Rolf Neugebauer
401df21923 Update YAMLs to the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-03-30 14:28:26 +01:00
Rolf Neugebauer
66c60d5cf9 Update YAMLs to the latest hashes
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-03-24 12:57:31 +00:00
Rolf Neugebauer
0aab05d777 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-03-22 22:25:37 +00:00
Rolf Neugebauer
e85da365aa Update YAMLs to the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-03-20 13:48:48 +00:00
Rolf Neugebauer
61a9d72c76 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-03-15 14:16:43 +00:00
Rolf Neugebauer
fa21e15e66 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
2018-03-12 20:06:32 +00:00
Rolf Neugebauer
9de11f95db Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-03-09 13:32:14 +00:00
Avi Deitcher
5d30b45cbc
Merge pull request #2942 from deitch/onboot-stream-logs
Add logging to /var/log for onboot containers
2018-03-02 16:47:54 +02:00
Avi Deitcher
6f524eb616 Update hashes for linuxkit/init
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2018-03-02 15:51:09 +02:00
Rolf Neugebauer
62eac7fd46 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-28 12:12:40 +00:00
Rolf Neugebauer
bed39bb6cf Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-26 15:33:51 +00:00
Rolf Neugebauer
5525c4858c Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-24 11:32:11 +00:00
Rolf Neugebauer
69b6947bd7 Use a specific version of nginx in all tests
There is a hopefully temporary error with nginx:alpine
not being available for amd64. Pick a version which is...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-21 14:34:07 +00:00
Rolf Neugebauer
894bc2bad9 Switch the default kernel from 4.9.x to 4.14.x
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-21 10:36:49 +00:00
Rolf Neugebauer
0e6a5466a4 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-19 15:11:15 +00:00
Ian Campbell
b32e7471eb Bump yml to pickup containerd v1.0.2
Also pick a newer version of runc

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-02-14 13:50:47 +00:00
Rolf Neugebauer
1ebe545e81 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-14 09:48:57 +00:00
Rolf Neugebauer
42f4106168
Merge pull request #2905 from rn/kup
Update kernels to 4.15.1/14.14.17/4.9.80/4.4.115
2018-02-07 13:09:19 +00:00
Ian Campbell
72de57138b Bump yml to pickup containerd v1.0.2-rc.1
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-02-07 10:13:52 +00:00
Rolf Neugebauer
c79607a8a4 Update YAMLs to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-06 18:44:23 +00:00
Rolf Neugebauer
f6bc92666a Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-06 13:23:40 +00:00
Ian Campbell
c47a70aece Bump yml to pickup containerd v1.0.2-rc.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-31 09:50:15 +00:00
Rolf Neugebauer
adf5914233 Update YAML files to use the v0.2 tag for all pacakges
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-25 15:05:11 +00:00
Rolf Neugebauer
565a25d309 Update all YAMLs to use the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-24 12:32:15 +00:00
Justin Cormack
c55dce77f2 update sysctl hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2018-01-19 11:43:40 +00:00
Justin Cormack
7478a38b8a update init hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2018-01-18 12:45:42 +00:00
Ian Campbell
e8f7429811 Bump yml to pickup containerd v1.0.1
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-18 11:21:19 +00:00
Rolf Neugebauer
bcb9d5ec3f Update YAML files to the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-17 14:45:16 +00:00
Ian Campbell
c0de474e4f Bump hashes
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-15 17:28:38 +00:00
Ian Campbell
db5c8a7da8 Bump yml to pickup containerd v1.0.1-rc.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-12 10:58:07 +00:00
Ian Campbell
965c678f9c
Merge pull request #2845 from ijc/example-hostmount-writeable-overlay
Add an example of setting up a writeable overlay of a host path
2018-01-11 16:03:15 +00:00
Rolf Neugebauer
e3284d50e0
Merge pull request #2847 from w9n/nvme
format: fix for nvme
2018-01-11 14:21:03 +00:00
Ian Campbell
4f79366526 Update yaml
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-11 13:14:31 +00:00
Robin Winkelewski
a7e61c4da7 bump yml format
Signed-off-by: Robin Winkelewski <w9ncontact@gmail.com>
2018-01-11 13:21:54 +01:00
Justin Cormack
d6d376c631 update init hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2018-01-10 15:03:03 +00:00
Rolf Neugebauer
aa59ffb82d Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-10 12:05:49 +00:00
Justin Cormack
421a4d3d7c
Merge pull request #2809 from stevvooe/plumb-namespace-context
pkg/init/cmd/service: plumb containerd namespace
2018-01-08 13:43:37 +00:00
Rolf Neugebauer
23fd00471b Update YAML files to the latests kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-06 19:53:57 +00:00
Stephen J Day
d40b86537e
examples, projects: update linuxkit hash
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2018-01-05 14:46:50 -08:00
Rolf Neugebauer
b565d62e68 projects: Update docs
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 15:39:26 +00:00
Rolf Neugebauer
4834def83b projects: Remove kernel-config
The scheme we currently have seems relatively usable and
this project has not been maintained for a while.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 15:36:38 +00:00
Rolf Neugebauer
db52123afc projects: Remove the etcd projects
It was last used close to a year ago and is not longer
maintained/used.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 15:19:42 +00:00
Ian Campbell
0e64c95561 Remove projects/swarmd
Support for this has stalled in the swarmkit project due to lack of maintainer
time to review and support and the existing code no longer works with the
version of containerd used in linuxkit.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-01-04 16:39:01 +00:00
Tobias Klauser
a43bfba832 Update YAML files to linuxkit/init:5a577d070817b4f17821657823082651baafd4ed
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2018-01-04 14:18:53 +01:00
Rolf Neugebauer
b646fccc04 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-03 11:56:10 +00:00
Isaac Rodman
f42922f6c8 Updated image tag to linuxkit/sysctl:4c1ef93bb5eb1a877318db4b2daa6768ed002e21
Signed-off-by: Isaac Rodman <isaac@eyz.us>
2018-01-02 07:43:06 -07:00
Rolf Neugebauer
e50d0da7ea Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-30 16:18:41 +00:00
Rolf Neugebauer
09558c35ed Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-28 20:19:55 +00:00
Rolf Neugebauer
9b3f2b301e Update YAML files with new sysctl package
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-25 15:52:30 +01:00
Rolf Neugebauer
a3d46fd491 Update YAMLs to latest kernel
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-18 16:59:21 +00:00
Rolf Neugebauer
5bf636b9aa Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-14 12:50:05 +00:00
Rolf Neugebauer
7cd155aa6f Update YAML file to use the latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-11 12:20:01 +00:00
Rolf Neugebauer
0e1133281b Update all YAML files with new packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-08 16:25:13 +00:00
Phil Estes
9212c5d589
Remove containerd config from shiftfs.yaml
No need to have a special containerd daemon config file; might have been
a vestige of earlier variants of LinuxKit? It is also out of date and
incorrect for current containerd version.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
2017-12-07 23:15:35 -06:00
Rolf Neugebauer
e7c1824a97 Update YAML files to new kernel versions
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-06 14:10:11 +00:00
Ian Campbell
3590c786bd Bump yml to pickup containerd v1.0.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-12-05 16:39:05 +00:00
Rolf Neugebauer
2c2012cdee Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-12-01 15:28:10 +00:00
Ian Campbell
0dd863716d Bump yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-12-01 13:40:16 +00:00
Ian Campbell
fd9242d5ef Bump yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-28 13:32:04 +00:00
Rolf Neugebauer
bec7456d9b Update YAML files with latests kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-24 15:13:09 +00:00
Rolf Neugebauer
464a46d74a Update YAML files to latest kernels.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-21 17:19:42 +00:00
Justin Cormack
934450c697 Update docs to only say install linuxkit tool.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-11-20 23:49:17 +00:00
Justin Cormack
f8e352d375 Replace moby build with linuxkit build throughout
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-11-20 17:06:54 +00:00
Ian Campbell
a09e6a5c7b Add pointers to the new kubernetes location
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-17 14:25:32 +00:00
Ian Campbell
6539b78a72 Remove projects/kubernetes, moved to https://github.com/linuxkit/kubernetes
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-17 10:42:18 +00:00
Rolf Neugebauer
6c34e8e8b9
Merge pull request #2748 from rn/kern-up
Update kernels to 4.13.13/4.9.62/4.4.98
2017-11-16 20:56:24 +00:00
Rolf Neugebauer
d47da6b2b7 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-16 17:37:07 +00:00
Justin Cormack
80e3072c55 Update tags for format
Update for #2743

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-11-16 17:27:23 +00:00
Justin Cormack
4a4db4642f Create state dir before trying to touch file in it
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-11-16 14:38:11 +00:00
Riyaz Faizullabhoy
377679858e
Merge pull request #2739 from justincormack/darwin-cond
Fix darwin conditional in Kub Makefile
2017-11-15 10:13:40 -08:00
Ian Campbell
e7388f220a
Merge pull request #2732 from ijc/kubernetes
kubernetes: Update to new metadata format, rename packages
2017-11-15 17:08:52 +00:00
Justin Cormack
510f1a821b Fix darwin conditional in Kub Makefile
This was not actually detecting Darwinianism.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-11-15 16:46:50 +00:00
Ian Campbell
89d47bc9fb kubernetes: Include correct kube yaml file for weave.
I changed my mind about the name halfway through implementing #2700 and
seemingly forgot to update the most important location, but a stale local file
stopped me from noticing.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 15:48:01 +00:00
Ian Campbell
1ec48df74b kubernetes: Use file based metadata
A bit easier for debugging/inspection etc.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 13:36:51 +00:00
Ian Campbell
57171c30de kubernetes: Bump yml and rename
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 10:41:40 +00:00
Ian Campbell
815f50803c kubernetes: rename images to better reflect what they are.
`linuxkitprojects/kubernetes` → `linuxkitprojects/kubelet`
`linuxkitprojects/kubernetes-image-cache-*` → `linuxkitprojects/kubernetes-docker-image-cache-*`

`kubernetes` subdirectory is also renamed to `kubelet`.

`image-cache` subdirectory is not renamed since we may want to build other
sorts of image cache at some point.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 10:35:53 +00:00
Ian Campbell
e1da0ac2bb kubernetes: Adjust boot.sh for #2703 (multi-level metadata support)
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 10:30:04 +00:00
Ian Campbell
6659aa0815 kubernetes: refactor final metadata construction to common location
Shared between the master and node cases.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 10:30:04 +00:00
Ian Campbell
d88a1e591d Bump runc yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-15 09:34:06 +00:00
Rolf Neugebauer
879ea03277
Merge pull request #2703 from guillaumerose/multi
metadata: handle json with more than 2 levels
2017-11-14 13:39:27 +00:00
Guillaume Rose
74167a5dd1 metadata: update image
Signed-off-by: Guillaume Rose <guillaume.rose@docker.com>
2017-11-13 15:54:48 +01:00
Justin Cormack
1040a9b9ab
Merge pull request #2706 from rn/no-cma
Kernel update to 4.13.12/4.9.61/4.4.97 + disable CMA on arm64
2017-11-13 12:26:38 +01:00
David Scott
eb7eff8ad7 kubernetes: allow yaml to be provided via metadata
Previously the network policy yaml had to be hard-coded in the image.
This patch allows the policy to be added via the metadata directories:

- /var/config/cni/etc/net.d/
- /var/config/kube-system.init/

Signed-off-by: David Scott <dave.scott@docker.com>
2017-11-11 12:04:36 +00:00
Ian Campbell
e7327db49f kubernetes: bump yaml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:51:23 +00:00
Ian Campbell
c08c77e3c8 kubernetes: bump to cri-containerd master
This includes a bump to use containerd v1.0.0-beta.3.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:50:11 +00:00
Ian Campbell
cf01aa4c8d kubernetes: Add a simple bridged option for KUBE_NETWORK
This has no kube object(s) but just arranges for the CNI configuration to be
written in the right place. The CNI bridge, loopback etc binaries are already
included since they are in the reference set.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:50:11 +00:00
Ian Campbell
ed0e79aa9d kubernetes: Refactor network provider selection
KUBE_NETWORK now specifies a yml which is passed to the Moby tool, which can
introduce files into /etc/kubeadm/kube-system.init/ or do other things as it
likes.

In the case of weave this just adds the weave yaml to that directory. To avoid
too much confusion between weave.yml (Moby tool input) and `weave.yaml` (the
kubernetes `ServiceAccount`, `DeamonsSet` etc object specs) name the latter
`kube-weave.yaml`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:50:11 +00:00
Ian Campbell
22cdd22184 kubernetes: Only build the relevant image for the platform
Building both BIOS and EFI variants is a waste of time in most cases, instead
just build whichever one is relevant to the platform (which currently means EFI
on Darwin and BIOS everywhere else).

At the same time make it possible to pass "KUBE_FORMATS" (a space separated
list of targets) to the build e.g. `make KUBE_FORMATS="iso-efi iso-bios"` will
preserve the behaviour prior to this patch.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:50:11 +00:00
Ian Campbell
425553d390 kubernetes: better tolerate bad contents of /etc/kubeadm/kube-system.init/
Specifically ignore present-but-empty files entirely and ignore (but log)
failure to apply any one file.

Ignoring an empty file is useful because it means you can clobber a file which
might be referenced from an images binds without needing to override those
binds (since that generally means duplicating the whole lot which is annoying).

Ignoring any failures to apply means the rest gets applied and the rest of the
script (including untaint and the stamp file creation) still happen, resulting
in a system where the admin just has to address the failures rather than the
remaining updates. We touch a file to indicate failure generally plus one to
indicate the specific yaml which failed to apply.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-10 14:50:11 +00:00
Rolf Neugebauer
e1a12cd67d Update YAML files to new kernel versions
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-10 14:20:25 +00:00
Ian Campbell
a5f4da2ebb Bump yml for containerd v1.0.0-beta.3
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-09 10:16:33 +00:00
pgayvallet
179c82e0cb Move kubelet.sh.conf sourcing before exit checks
Signed-off-by: pgayvallet <pierre.gayvallet@gmail.com>
2017-11-06 17:32:59 +01:00
pgayvallet
ba8e01bf13 Add capability to not start kubelet depending on either a configuration file or an environment variable.
Signed-off-by: pgayvallet <pierre.gayvallet@gmail.com>
2017-11-06 15:08:22 +01:00
w9n
7b16f41540 Kubernetes: Autoinit and persistent state by default
Signed-off-by: Robin Winkelewski <w9ncontact@gmail.com>
2017-11-05 13:15:50 +01:00
Rolf Neugebauer
4866a1c4d6 Update YAML files with latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-03 15:11:07 +00:00
Rolf Neugebauer
0ab77ee843 Update YAMLs with getty/ip/sshd packages
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-11-03 15:11:06 +00:00
Ian Campbell
a30481dcfb kubernetes: s/NETWORK/KUBE_&/ in Makefile for consistency
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-02 10:51:14 +00:00
Ian Campbell
f2d94ab7f3 kubernetes: Bump hashes.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-02 10:12:35 +00:00
Ian Campbell
678c5b9b7b kubernetes: bump to k8s 1.8.2 and weave 2.0.5
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-02 10:00:34 +00:00
Ian Campbell
fb6f7eef9d kubernetes: Bump to Docker 17.10-ce
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-01 15:21:53 +00:00
Ian Campbell
8511e626fd kubernetes: bump cri-containerd yml to hash containing v1.0.0-alpha.1
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-01 10:24:29 +00:00
Ian Campbell
56ff03da2d kubernetes: bump to cri-containerd v1.0.0-alpha.1
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-01 10:21:24 +00:00
Ian Campbell
06943bb005 kubernetes: Add socat to cri-containerd package.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-11-01 10:20:12 +00:00
Theo Koulouris
10fc7997af okernel: made image building container use '--no-cache' option
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-10-30 15:25:59 +00:00
Theo Koulouris
611d3cb6fd okernel: cleaned-up kernel config
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-10-30 10:42:58 +00:00
Rolf Neugebauer
a8b9693878 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-28 22:08:20 +01:00
Ian Campbell
b170f62832 Updates for kube+swarmd projects rebuilt with new alpine
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-24 11:49:13 +01:00
Ian Campbell
d194639faf Updates for pkg/* which are rebuilt with new alpine
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-24 11:05:58 +01:00
Ian Campbell
6c7b1c0251 Bump all packages to newest alpine.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-24 10:11:24 +01:00
Ian Campbell
c7c06541a7 Merge pull request #2629 from rn/kup
Kernel updates
2017-10-23 15:24:55 +01:00
Ian Campbell
a571ae62e1 kubernetes: bump image cache hash.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-23 10:23:02 +01:00
Ian Campbell
76d655ebe4 kuberenetes: Bump image cache to v1.8.1
I forgot to do this in #2626.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-23 10:08:15 +01:00
Rolf Neugebauer
456f8f737d Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-22 19:49:15 +01:00
Rolf Neugebauer
0df77e4858 Merge pull request #2612 from rn/rpi3
Initial Raspberry Pi 3 support
2017-10-21 13:31:26 +02:00
Rolf Neugebauer
1a58f16465 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-20 20:22:03 +01:00
Ian Campbell
2dc52c6d04 kubernetes: Bump yaml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-20 15:03:06 +01:00
Ian Campbell
b93389b239 kubernetes: Update to v1.8.1
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-20 15:01:06 +01:00
Rolf Neugebauer
e80c411ffe Merge pull request #2619 from codergr/master
Update README.md to include link towards Kubernetes project
2017-10-20 15:02:31 +02:00
Sotiris Salloumis
f7677e7178 Update README.md
Addition of a link to the Kubernetes project

Signed-off-by: Sotiris Salloumis <sotiris.salloumis@gmail.com>
2017-10-20 04:54:53 -04:00
Nick Jones
2ccce690fa
Update metadata image ref
Signed-off-by: Nick Jones <nick@dischord.org>
2017-10-19 11:56:52 +01:00
Sotiris Salloumis
5d54dcc6fc Update README.md 2017-10-18 15:12:42 +02:00
Avi Deitcher
da42ced2db Move mounted file from /var/html to /etc/html
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-10-18 10:58:38 +03:00
Ian Campbell
5e6a78821b Update yaml and reenable linuxkit.packages.containerd test
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 17:29:19 +01:00
Ian Campbell
29fc12607f Update various other go base pkgs to newer alpine (go1.9)
These are those which set $GOPATH but don't use go-compile.sh.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 16:50:47 +01:00
Ian Campbell
1d030172bf Merge pull request #2600 from ijc/containerd-v1.0.0-beta.2
Bump to containerd v1.0.0-beta.2
2017-10-12 16:19:01 +01:00
Ian Campbell
504b5388bd kubernetes: Mount /etc/os-release into docker cotainer too
This makes `docker info` show the same OS as `kubectl get -o wide nodes`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 14:14:46 +01:00
Ian Campbell
510802a245 Update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 13:04:16 +01:00
Ian Campbell
27f8cb7283 Update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 11:16:46 +01:00
Ian Campbell
466e5db203 kubernetes: Add /etc/os-release to host and bind to kubelet image.
Adding a `PRETTY_NAME` to this causes it to appear in the node information:

    $ kubectl --namespace=kube-system get -o wide nodes
    NAME                    STATUS    ROLES     AGE       VERSION   EXTERNAL-IP   OS-IMAGE                      KERNEL-VERSION    CONTAINER-RUNTIME
    linuxkit-b6e09efea36e   Ready     master    29m       v1.8.0    <none>        LinuxKit Kubernetes Project   4.9.53-linuxkit   containerd://1.0.0-beta.1

Previously it would be `Unknown`.

A later yaml passed to `moby build` can override this by simply duplicating
the path.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 11:15:50 +01:00
Ian Campbell
26d93d613c kubernetes: use copy --from=image-ref
I hadn't realised this was possible, it means we don't need the dummy `FROM ...
AS docker`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-12 11:09:10 +01:00
Rolf Neugebauer
8173300f76 Update YAML files to new kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-11 13:12:49 +01:00
Ian Campbell
4df5d394e8 Bump yml
Done as follows:

    find -name build.yml | xargs dirname | while read d ; do
        t=$(linuxkit pkg show-tag $d)
        ./scripts/update-component-sha.sh --image ${t%:*} ${t#*:}
    done
    git commit -s test pkg tools blueprints examples projects/kubernetes projects/swarmd docs linuxkit.yml Makefile src

This explicitly excludes projects/* which I did not know whether to update.

Then:

    git reset --hard
    for i in init runc containerd ca-certificates sysctl dhcpcd getty rngd ; do
        o=$(git grep -h "\(image:\|-\) *linuxkit/$i:[0-9a-f]\{40\}" origin/master:linuxkit.yml | awk '// { print $2 }')
        n=$(linuxkit pkg show-tag pkg/$i)
        ./scripts/update-component-sha.sh "$o" "$n"
    done
    git commit --amend projects

This updates any projects which were using components with the same hash as the
top-level linuxkit.yml.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-10 13:23:45 +01:00
Ian Campbell
a237b51511 Bump alpine base across the board.
By running:

    ./scripts/update-component-sha.sh --image linuxkit/alpine ad35b6ddbc70faa07e59a9d7dee7707c08122e8d

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-10 09:55:45 +01:00
Ian Campbell
13d11f49ba Rename "tag*" Makefile targets to "build*"
This better matches the `linuxkit pkg build` nomenclature.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-09 16:48:48 +01:00
Ian Campbell
298ef8520d Convert some of projects/kubernetes/* to linuxkit pkg build
This just covers those using pkg/package.mk.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-09 16:40:00 +01:00
Justin Cormack
d0882b9674 Merge pull request #2571 from ijc/linuxkit-pkg
Implement package build, push and show-tag in linuxkit tool
2017-10-09 13:59:02 +01:00
Nick Jones
d73092adca
Update metadata image references
Signed-off-by: Nick Jones <nick@dischord.org>
2017-10-09 12:27:00 +01:00
Ian Campbell
4cdc90e221 Build fields default to false, rename accordingly
Added some test cases for the boolean fields because I kept getting confused.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-06 17:43:38 +01:00
Ian Campbell
ba60937754 Implement package build, push and show-tag in linuxkit tool
This implements the proposal in #2564 and converts a handful of representative
or especially interesting (from a build PoV) packages to use it.

For now those pkg/* affected get a stub-`Makefile`, once all packages are
converted then `pkg/Makefile` can be adjusted and those stubs can be removed.

For now only `pkg/package.mk`'s functionality is implemented. In particular:

- `push-manifest.sh` remains a separate script, to enable calling it on systems
  with just the LinuxKit tools installed arrange to install it under a less
  generic name.
- `kernel` and `tools/alpine` do not use `pkg/package.mk` and those cases are
  not yet fully considered/covered.

I have updated the documentation assuming that the existing uses of
`pkg/package.mk` will be removed quite soon in a follow up PR rather than
trying to document the situation which results after just this commit.

Due to `cmd/linuxkit` now gaining a library the build needs adjusting slightly to
allow both `make bin/linuxkit` and `go build` to work.

`go vet` has forced me to write some rather asinine comments for things that
are rather obvious from the name.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-06 12:59:25 +01:00
Rolf Neugebauer
28303f6858 Update YAML files with new getty/ip/sshd hashes
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-06 11:16:10 +01:00
Rolf Neugebauer
d3b9d06924 Update YAML files with new kernel tags
In particular also fix the wireguard test whose kernel
tag hasn't been updated for quite some time...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-10-06 11:15:34 +01:00
David Scott
cecb5a65b7 kubernetes: add optional support for a kubeadm.yaml
Unfortunately some options (such as enabling dynamic registration of
initializers) can only be enabled by a `--config foo.yaml` argument.
Furthermore some command-line options (such as the kubernetes version)
cannot be used in combination with the config file.

This patch checks for a supplied  /etc/kubeadm/kubeadm.yaml and uses
it if it exists, otherwise it falls back to the original command-line.
Note it is safe to use the `--skip-*` options in combination with the
`--config` option.

Signed-off-by: David Scott <dave.scott@docker.com>
2017-10-04 16:24:16 +01:00
Ian Campbell
8d69ed14f4 kubernetes: Update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-04 12:22:17 +01:00
Ian Campbell
4386cbcdf9 kubernetes: bookend kubeadm-init with stamp files.
It is possible to get rebooted halfway through the init process, after key
files like `/etc/kubernetes/kubelet.conf` have been created but before full
cluster setup is complete or networking is applied.

Right now the idempotency of kubeadm (or backing out from this half-way state
and resuming the initialisation) is not something I have investigated. By
dropped stamps before and after at least the situation will be somewhat
detectable/diagnosable so the user can e.g. nuke their persistent disk and
start again.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-04 12:17:14 +01:00
Ian Campbell
164c4a30f5 kubernetes: support untainting master via metadata
If a stamp file is present in the metadata then untaint.

This is useful for dev environments where you only want to start a single vm.

The construction of the metadata becomes a little more complex to produce
correct json syntax now that there are two (independent) possible options.

Likewise the kubelet.sh script now takes the presence of /var/config/kubeadm
(rather than /var/config/kubeadm/init) as the signal to use the more structured
setup, since we may now have /var/config/kubeadm/untaint-master but not
/var/config/kubeadm/init so would otherwise end up passing the contents of
`/var/config/userdata` (something like `{ "kubeadm": { "untaint-master": "" }
}`) to `kubeadm` and confusing it enormously.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-04 11:28:48 +01:00
Ian Campbell
eb0fde3a10 kubernetes: update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 15:18:21 +01:00
Ian Campbell
c0a3656eb3 kubernetes: update to kub dns 1.14.5
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 15:08:43 +01:00
Ian Campbell
72dff9059d kubernetes: arrange for kubelet-plugins directory to be persistent
/usr/libexec/kubernetes/kubelet-plugins is a new path in Kube 1.8 (related to
flexvolumes) which should be persisted. Like /etc/cni and /opt/cni we also need
to arrange for this path to be valid in the host environment (since various
system containers will try and mount bind mount it).

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 15:08:43 +01:00
Ian Campbell
57a2ae4318 kubernetes: adjust for v1.8 bootstrapping arrangements.
With kube 1.8 kubeadm initially configures worker nodes with a
bootstrap-kubelet.conf. Adjust our start of day scripting to DTRT.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 15:08:43 +01:00
Ian Campbell
f85208c74a kubernetes: Bump to v1.8.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 15:08:37 +01:00
Ian Campbell
9a99164cf7 kubernetes: Use /etc/kubernetes rather than /var/lib/kubelet
This is a bind mount, but /etc/kubernetes is the path formally expected/create
by kubeadm.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-03 14:59:54 +01:00
Rolf Neugebauer
6e58dc2940 Merge pull request #2532 from eyz/linuxkit-format-device-filter
format: blkid content check, format argument, and verbose argument
2017-10-03 11:30:00 +01:00
Isaac Rodman
0c23a5f3ce updated linuxkit/format tag to linuxkit/format:f180a74d878c8c0c86f6208f9311474c91452a79
Signed-off-by: Isaac Rodman <isaac@eyz.us>
2017-10-02 15:11:13 -07:00
Ian Campbell
9f414f429c kubernetes: bump yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-02 10:53:12 +01:00
Ian Campbell
6d387bf59d kubernetes: do not try to re-init the cluster on subsequent boots
If `kubelet.conf` already exits then don't try to redo `kubeadm`, no matter
what the metadata requests.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-02 10:50:06 +01:00
Ian Campbell
6ae72e8f50 kubernetes: update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-29 10:07:11 +01:00
Ian Campbell
f02c79e733 kubernetes: cri-containerd v1.0.0-alpha.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-29 10:04:16 +01:00
Ian Campbell
5804f9db3c kubernetes: rename /etc/kubelet.conf to /etc/kubelet.sh.conf
To help reduce confusion from this file (which configures our `kubelet.sh`
wrapper) vs `/var/lib/kubeadm/kubelet.conf` (which is created by `kubeadm` and
configures `kubelet` itself).

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-29 10:04:16 +01:00
Rolf Neugebauer
ab2333d70e Update YAML files with new kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-28 15:45:23 +01:00
Ian Campbell
f626f0ee65 kubernetes: Update yml for cri-containerd
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-27 17:04:37 +01:00
Ian Campbell
2e5b1579e0 kubernetes: bump to latest cri-containerd
This vendors containerd v1.0.0-beta.1

Enable seccomp support at build time.

Requires /dev bind mount so it can use /dev/disk/by-uuid to resolve devices to
uuids.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-27 17:01:07 +01:00
Ian Campbell
c227c31e75 kubernetes: try and make exec-id unique
Hopefully hostname + local pid should be unlikely to clash.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-27 17:01:07 +01:00
Ian Campbell
1bdf0df8b6 Update yml for new linuxkit/mount package.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-27 16:44:40 +01:00
Ian Campbell
f30996438d kubernetes: bump yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-26 11:11:28 +01:00
Ian Campbell
a2d052b3df kubernetes: disable cAdvisor (in kubelet) from listening on 0.0.0.0:4194
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-26 11:00:51 +01:00
Ian Campbell
dcd01314c7 kubernetes: add openssl to kubelet container
This is needed for certificate operations, such as signing a new user's csr.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-26 11:00:51 +01:00
Ian Campbell
f6f23cbb0b kubernetes: build kube{let,adm,ctl} from source
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-26 11:00:44 +01:00
Ian Campbell
563ee76cb5 Update yml
Pulling in containerd v1.0.0-beta.1.

Fixes #2533.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-25 13:54:24 +01:00
Rolf Neugebauer
cc200d296a Merge pull request #2527 from eyz/linuxkit-dhcpcd-CAP_SYS_ADMIN
added capability to pkg/dhcpcd for sethostname
2017-09-21 20:53:16 +01:00
Isaac Rodman
542ad766b7 switched linuxkit/dhcpcd hash to d4408777ed for PR #2527
Signed-off-by: Isaac Rodman <isaac@eyz.us>
2017-09-21 10:47:06 -07:00
Justin Cormack
a5054d5ad4 Update containerd hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-09-20 14:35:37 -07:00
Ian Campbell
ac6b8dcf6a kubernetes: more flexible selection of network stack
Also move to 50 in the ordering so things can be added before as well as after.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 16:45:56 +01:00
Ian Campbell
451fe22c82 kubernetes: update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 15:26:41 +01:00
Ian Campbell
615f135d61 kubernetes: use coreutils in kubelet container for full fat du
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 15:24:18 +01:00
Ian Campbell
5c4c25cac6 kubernetes: support auto-init via metadata
Set KUBE_MASTER_AUTOINIT when using boot.sh to enable. User will need to pick
up the token for other nodes using `kubeadm token list`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 15:23:27 +01:00
Ian Campbell
3ce260cb9a kubernetes: rework kubelet and kubeadm start of day interations
Rework the kubelet.sh script by adding an explicit step which waits for the
configuration to be valid, either by finding appropriate metadata or by waiting
explicitly for kubelet.conf to be created (e.g. by kubeadm) before launching
kubelet. The previous construct was implicitly waiting for kubelet.conf to be
created since kubelet fails if that file is not present.

Pull the set of start of day yaml files to be applied (currently just weave)
out of the kubelet image and into the LinuxKit yaml by providing a directory
which is searched for *.yaml after init.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 15:23:27 +01:00
Ian Campbell
7145b40947 kubernetes: bump to cri-containerd a2dbc6ec1ce6
Adds some bug fixes and support for copy up of anonymous volume contents from
the underlying image.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-20 15:23:27 +01:00
Rolf Neugebauer
ffe6de1119 Update YAMLs to new kernel versions
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-20 12:14:40 +01:00
Rolf Neugebauer
60dd54670f Update YAML files with new getty, ip, and sshd package hashes
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-20 11:52:42 +01:00
Ian Campbell
7d7b65aa19 kubernetes: simpler rune to get image digest
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 13:31:38 +01:00
Ian Campbell
b7721daa69 kubernetes: bump yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:55:56 +01:00
Ian Campbell
965635ab86 kubernetes: Bump to latest cri-containerd
Fixes access to GCR private registries and implements mount point propagation.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:52:51 +01:00
Ian Campbell
3018c8add1 kubernetes: Add force{tag,push} targets to image-cache build
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:34:18 +01:00
Ian Campbell
faecbffff2 kubernetes: Bump to v1.7.6
Also pickup Weave 2.0.6 and CNI 0.6.0. Note that the CNI plugins have moved to
a new directory.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:28:18 +01:00
Ian Campbell
50ddffb1a5 kubernetes: Autogenerate file with image cache digests
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:28:14 +01:00
Ian Campbell
605c4b6675 kubernetes: Move images for caches into separate file
Will be auto-generated.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-19 11:28:14 +01:00
Justin Cormack
2010d999ca update hashes for init
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-09-18 11:53:02 -07:00
Ian Campbell
5ab6c03a08 kubernetes: Add yaml metadata
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:44:40 +01:00
Ian Campbell
7e19d38821 kubernetes: use a common base kube yml file
With the master tailoring for docker now being in docker-master.yml,
kube-master and kube-node are identical, so just use a single kube.yml.

The reference to kube-master.yml in README.md is obsolete, so just drop it.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:44:27 +01:00
Ian Campbell
1fa059bbd2 kubernetes: allow selection of runtime engine (docker vs cri-containerd)
Currently this is at build time

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:43:23 +01:00
Ian Campbell
445dcc0ac2 kubernetes: Add cri-containerd package
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:39:22 +01:00
Ian Campbell
80dff9fe99 kubernetes: update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:37:39 +01:00
Ian Campbell
b6fbc82e41 kubernetes: Configuration of kubelet via file
This allows cri-containerd and docker based systems to pass the correct options
via composition of yml files, while keeping the kubelet service stanza common.

Since bind mounts are not conditional on the presence of the source we need to
create an empty file in the docker case.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
b6d7f769be kubernetes: Link /etc/kubernetes to /var/lib/kubeadm
In some configurations /etc/kubernetes needs to be a valid host path.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
1e15243b11 kubernetes: Enable net.ipv4.ip_forward
This doesn't seem to be necessary when using Docker Engine as the CRI backend,
but in general it is.

The sysctl container must be writeable to allow the
/etc/sysctl.d/01-kubernetes.conf mount point to be created. See #2503.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
825e43f7c4 kubernetes: bind /run with rshared,rbind
Depending on the configuration/components used the system can expect to be able
to share `/var/run/netns` (=`/run/netns` via symlink) bind mounts with other
system level containers, which requires exposing those to the host.

This doesn't appear to be needed when using Docker engine but it is with
cri-containerd.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
9397b9480a kubernetes: populate host CNI paths by binding from kubernetes service.
Kubernetes assumes (for now) that various paths are valid at the host level to
be mounted into containers, including /opt/cni and /etc/cni.

We cannot (easily) use symlinks here because the weave.yml mounts /opt and /etc
rather than /opt/cni and /etc/cni (this seems likely to be common pattern). So
if /etc/cni were a symlink to the persistent disk (under /var/lib) then it will
be dangling link within the weave container.

So add bind mounts to the runtime configuration of the kubernetes image. This
also means we must create the target mount points in the yml.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
07e4f515a4 kubernetes: add basic cni plugins dynamically
This avoids a slightly tricky sequence of nested bind mounts by just unpacking
a tarball on boot (with a stamp so it only happens once).

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:54 +01:00
Ian Campbell
1074b4a8d4 kubernetes: point kubelet at /var/lib/cni directly
Still need the /opt bind to host for weave.yaml but no need for etc any longer.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 14:25:25 +01:00
Ian Campbell
35542e493c kubernetes: drop /rootfs from kubelet container
Since 424203cd9c we can use /var/lib/cni/{etc,opt} directly.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 12:24:59 +01:00
Ian Campbell
67fa0ad662 kubernetes: allow users to add kubelet options by overriding the command
For example to tell kubelet to use cri-containerd:

    command: ["/usr/bin/kubelet.sh", "--container-runtime=remote", "--container-runtime-endpoint=unix:///var/run/cri-containerd.sock"]

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 12:24:59 +01:00
Ian Campbell
32e53cf769 kubernetes: Add boot.sh options to preserve state dir and to set MAC
Not having to redo the kubeadm-init.sh step massively speeds up the test/dev
cycle. Having the same MAC (and hence same IP) is useful there too since you
don't need to figure out the mac on each boot.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 12:24:59 +01:00
Ian Campbell
b6725a1b11 kubernetes: give more resources to worker nodes.
The sock-shop demo[0] requires around 5G of images on a worker node and 3G of
RAM (if there is only one worker node and therefore everything runs on that
node).

Since the master is more than happy with the 4G disk and 1G RAM it is given
today split the settings into master and node specific and bump only the
latter.

KUBE_PORT_BASE is unused and was already removed in 54ddde0d43 but
accidentally reintroduced (by me) in 62aa9248a4, whack it again.

[0] https://microservices-demo.github.io/microservices-demo

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-18 12:24:59 +01:00
Rolf Neugebauer
2d20ef1014 Update YAML files to new kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-14 17:21:01 +01:00
David Scott
2b80ff5a0f Update init version in YAML files
Signed-off-by: David Scott <dave.scott@docker.com>
2017-09-14 11:47:38 +01:00
Rolf Neugebauer
11d9dc1e99 Update YAML files to latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-12 11:49:52 +01:00
Rolf Neugebauer
a1dcdd6495 Update YAML files with latest kernels
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-08 15:46:02 +01:00
Ian Campbell
b7ec19bb1f Update yml for containerd beta.0
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-09-07 18:46:40 +01:00
Rolf Neugebauer
ed8d367e2a Update 4.9.x/4.4.x kernel version in YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-09-04 17:58:16 +01:00
Thomas Gazagnaire
14a5b64dcc Update to latest capnp & capnp-rpc
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2017-09-04 16:21:53 +02:00
Justin Cormack
e27807b733 Merge pull request #2478 from justincormack/formats
Change "output" to "format" in moby tool
2017-09-02 12:00:13 +01:00
Justin Cormack
91207540e4 Change "output" to "format" in moby tool
This is less confusing as there is also an output option to set the file.

See https://github.com/moby/tool/pull/146

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-09-01 23:52:25 +01:00
Theo Koulouris
1c14f278b2 okernel build dockerfile now gets openssl package from alpine base image
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-09-01 14:26:00 +01:00
Riyaz Faizullabhoy
fb8a1bf39f Merge pull request #2464 from rn/dock-up
Update DinD from 17.06.1-ce to 17.07.0-ce
2017-08-31 09:43:53 -07:00
Rolf Neugebauer
2d1242e271 Merge pull request #2465 from t-koulouris/ok_build_updates
Updates to okernel project build files
2017-08-31 15:47:22 +01:00
Theo Koulouris
27e8c1145c Streamlined how Makefile handles okernel versions
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-08-31 14:31:41 +01:00
Theo Koulouris
c51f89a600 Removed unused device drivers and options from okernel config file
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-08-31 13:43:39 +01:00
Theo Koulouris
88a2415ff5 Stop using deprecated linuxkit/kernel-compile in okernel build Dockerfile
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-08-31 13:42:07 +01:00
Rolf Neugebauer
419deee158 Update Linux kernel versions to latest
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-30 19:23:45 +01:00
Rolf Neugebauer
94cdc5aee8 Update DinD from 17.06.1-ce to 17.07.0-ce
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-30 16:52:15 +01:00
Theo Koulouris
2b6f533891 Updates to okernel project build files (multi-stage builds, clean-ups, etc)
Signed-off-by: Theo Koulouris <theo.koulouris@hpe.com>
2017-08-30 15:33:34 +01:00
Ian Campbell
b34aaee4db kubernetes: document the final step for bridged networking
Having described all the setup describing the acgual usage seems useful!

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-08-29 21:25:09 +01:00
Ian Campbell
d78321d701 Update hashes for init and containerd
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-08-29 01:05:50 +01:00
Justin Cormack
baf76d5e0c update hashes for init
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-23 16:43:18 +01:00
Justin Cormack
1c4e8c3ae2 Update Docker CE image to 17.06.1
Bug fix update.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-22 10:54:26 +01:00
Justin Cormack
6f1e4add2e Merge pull request #2444 from justincormack/cni-persistence
Kubernetes improvements
2017-08-21 20:03:30 +01:00
Justin Cormack
4fec826d22 Update kube hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-08-21 17:57:08 +01:00