Adds a new option, '-keep' which will keep the machine around,
but by default remove the machine when done.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The -serve command starts a local HTTP server which serves
the kernel and initrd files. The server can then easily be
made available via ngrok or other means.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
When an AWS machine is stopped and there is no console output the CLI
panics due to a nil pointer dereference. This commit checks that the
console output is not null before attempting to decode it.
Signed-off-by: Dave Tucker <dt@docker.com>
Instances were being created in a different AZ to the one specified in
the zone variable. This could lead to situations where the disks and the
instance were in different AZs and would result in an error.
This commit adds placement information to the API call used to create
the instance.
Fixes: #2388
Signed-off-by: Dave Tucker <dt@docker.com>
The iPXE needs the hard coded value of 'kernel-params' but
we should append the kernel command line from the YAML in case
it sets other parameters.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
On 'linuxkit run packet' ssh into the SOS for the newly created
machine. This requires that you have set up your ssh keys and
have at least once logged into the ssh so that the host keys
are present in the 'known_hosts' file.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This option configures the machine to always PXE boot. By
default it would only PXE boot for the first time.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
If a packet account is shared between users, this makes it
clearer who created the machine.
Also, switch "moby" to "linuxkit"
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
To enable this bump github.com/Azure/go-ansiterm and github.com/docker/docker
to their latest version which have switched to lower case.
This in turn requires bumping golang.org/x/sys since github.com/docker/docker/pkg/term
now uses `unix.IoctlGetTermios`. I picked the revision from docker/docker's vendor.conf.
Signed-off-by: Ian Campbell <ijc@docker.com>
- When executing on aarch64, use it as the default arch
- When selecting aarch64 on a non aarch64 system set the
CPU flag to a default value (not 'host').
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This commit updates the support for pushing images into OpenStack by
inheriting environment variables for endpoint and authentication
information, when available.
It also attempts to make the `openstack run` support more consistent
with other providers (specifically GCP and AWS), i.e just take the name
of the image as the argument and launch an instance using that.
Finally, it also updates the relevant documentation for OpenStack
support.
Signed-off-by: Nick Jones <nick@dischord.org>
Rather than using an initrd, unpack full filesystem for ISO BIOS.
Stream docker output direct to file rather than via a buffer, to save
memory.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
When we converted these to cpio we were not noticing that they
were invalid as they had incorrect paths as we converted the
path to a symlink anyway. Only the busybox images have hard links
in, the Alpine ones are symlinks anyway, which is why it was
less visible too.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Also do some code cleanup.
Related to #131 we need to read the OCI config to find if the container
is read only, not rely on the yaml, as it may just be set in the label.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
To work with truly immutable filesystems, rather than ones
we sneakily remount `rw`, we are going to use overlay for
writeable containers. To leave the final mount as `rootfs`,
in the writeable case we make a new `lower` path for the read
only filesystem, and leave `rootfs` as a mount point for an
overlay, with the writable layer and workdir mounted as a tmpfs
on `tmp`.
See https://github.com/linuxkit/linuxkit/issues/2288
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit allows the GCP backend to use the familiar `-disk` behaviour
that the local hypervisors use. The `file` attribute is used as the disk
name in GCP. The size is converted to GB and is always > 1GB.
This has the benefit of allowing multiple disks to be used with GCP
instances.
Signed-off-by: Dave Tucker <dt@docker.com>
By default we want qemu to use the EFI firmware image in the qemu
container. However the logic in the code would always bind mount
the FW image into the container.
This commit changes the logic to only bind mount the FW image if
it was specified on the commandline.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This follows the model in the hyperkit runner, although the options are
different.
The options are:
- `user`: the existing user mode networking (the default).
- `tap,«device»`: replaces the previous `-tap-device «device»` option.
- `bridge,«name»`: tap device on (preexisting) named bridge.
- `none`: No networking at all.
If not running as root then `bridge` mode requires host configuration
http://wiki.qemu.org/Features/HelperNetworking. TL;DR: you need to `chmod u+s`
the `qemu-bridge-helper` and to whitelist specific bridges in
`/etc/qemu/bridge.conf`.
Pass an explicit virtio nic and configure a random MAC since QEMU seems to use
the same one by default.
In the hyperkit runner the various `networking*` constants become
`hyperkitNetworking*` to avoid namespace clashes (e.g. for `None`). The QEMU
equivalents are `qemuNetworking*`.
Both hyperkit and qemu now support an explicit `-networking default` or
`-networking ''` to make scripting easier.
Signed-off-by: Ian Campbell <ijc@docker.com>
This is the same behaviour as the LinuxKit backend.
This populates /sys/class/dmi/id/product_uuid, which newer version of weave-net
appears to require.
Signed-off-by: Ian Campbell <ijc@docker.com>
Unfortunately there are a lot of issues with resolv.conf as we
cannot actually write it into the image from any docker image, as docker will
always have something bind mounted in.
In addition, normally we expect the filesystem to br read only for images
that moby generates, so the actual etc/resolv.conf is likely not to be writeable.
Previously we were adding in a default resolv.conf into every image pointing at
Google's name servers but that is really a bad idea.
Instead, normal images now get an empty default, while images in the `init`
section will get a symlink, currently hard coded to `/run/resolvconf/resolv.conf`
but you can override this with the `files` section to be static or a different
link.
In future, if we have an easy way to build and extract images with user control
of this, we can drop this.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit refactors the OpenStack push support to make use of the
Gophercloud library in order to handle authentication and talking to the
right image service as defined in the service catalogue.
Signed-off-by: Nick Jones <nick@dischord.org>
