See `docs/ebpf.md` for how to use. This is built by CI or you can build
manually if you customise the kernel.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
These headers are needed for defining kernel probes etc, tested with
eBPF. Could also be used for perf, building kernel modules etc. Saved
to the media tarball at present, may add to base image or container.
Also rationalise the paths in the headers tarball a little to match.
Will add an eBPF container using these later.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This builds both the standard and AUFS versions of Moby,
and does `make clean` carefully.
- `make ci` for branches (pushes artifacts)
- `make pr` for PRs
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This seems the best option, although none are great
- build with `make AUFS=1` to build with AUFS support, currently with 4.8 kernel
- default is to build without AUFS support, with 4.9 kernel
This recognises that AUFS supprot is temporary #620 and only there until
we can phase it out on desktop editions, and allow the other editions that
never shipped with AUFS to ship something very close to mainline.
However we do still apply the patches so that the non AUFS branch runs fine on
all platforms, so it can be tested elsewhere.
We may be able to move the kernel versions back in line when 4.9 aufs support is out.
Plan is to shift CI to build both sets of images, and get the Desktop editions to
pick up the aufs set automatically, once this is merged.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- this is a raw 1GB filesystem image with syslinux for booting
- built with libguestfs so does not need any privileges
- need not be built on GCE
- there is a target that runs the image in qemu for local tests
Does not yet have a script to upload the image to cloud storage or create image from it.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- The scanning process was not ignoring the kernel extraversion before,
so was only sometimes picking up issues.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- run test suite under containerd
- in future this should be converted to Go not shell see #860
- test suite is now in its own initrd, can be run on any platform not just qemu
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
We are not using this for editions.
We should be able to make a dual boot ISO, or you can create from the other
artefacts anyway.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This means that multiple builds will not conflict, so we can
remove the lock from the CI. Also quieter when no errors.
Some still left to do, only done the ones used in build and CI
initially. Some of the others will be cleaned up anyway later.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
See #443
We now use qemu for testing, having a copy of xhyve in the tree is no
longer useful. Should add documentation for how to run in hyperkit instead.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Incrementally output log, and exit as soon as tests pass
or fail. Will still timeout on a kernel panic or suchlike
though...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Beginning of a proper test suite, using qemu. Test just runs docker
for now, will add further integration tests.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Linux xargs calls the command with no arguments if it gets no inputs, which
`docker rmi` complains about. It provides -r / --no-run-if-empty to prevent
this but unfortunately this isn't supported on OSX.
Ignore errors from `docker rmi` so that `make clean` will keep going and clean
up later stuff.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
