This is a useful read only filesystem for images that is efficient and
small as it supports compression.
For many use cases, when you are writing to media, it makes more sense than
using an initramfs as it does not require RAM, and it is more suitable for
disk media than ISO.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
/usr/libexec/kubernetes/kubelet-plugins is a new path in Kube 1.8 (related to
flexvolumes) which should be persisted. Like /etc/cni and /opt/cni we also need
to arrange for this path to be valid in the host environment (since various
system containers will try and mount bind mount it).
Signed-off-by: Ian Campbell <ijc@docker.com>
With kube 1.8 kubeadm initially configures worker nodes with a
bootstrap-kubelet.conf. Adjust our start of day scripting to DTRT.
Signed-off-by: Ian Campbell <ijc@docker.com>
- Added new argument -force to the format utility. This will force formatting of the specified single device if it exists and is a block device
- By default, the format package will no longer format the specified single device if content exists on that device
- Added new blkid-based check for content, in addition to the existing check for partitions on autoformat candidate devices.
- Cleanup of old unused code.
- Refactoring of block device verification.
- Added test/cases/040_packages/006_format_mount/005_by_device_force
- Added document of new arguments to /docs/external-disk.md. Also sorted the arguments in the doc alphabetically and added them as bullets so they do not run together on the page.
Signed-off-by: Isaac Rodman <isaac@eyz.us>
On x86_64, the blkid package gets installed as a dependency, but
not on arm64. Explicitly add it as the new format package depends
on it.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This new feature was disabled by default, enable it as it seems
sensible to have. From the documentation:
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The patches from 4.12 applied cleanly, except for 81304747d9
("Drivers: hv: vmbus: Fix rescind handling"), which was already
in upstream so has been dropped from the patch series.
The kernel config is from 4.12 run through defconfig/oldconfig to
pick up any new defaults.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
To help reduce confusion from this file (which configures our `kubelet.sh`
wrapper) vs `/var/lib/kubeadm/kubelet.conf` (which is created by `kubeadm` and
configures `kubelet` itself).
Signed-off-by: Ian Campbell <ijc@docker.com>
This vendors containerd v1.0.0-beta.1
Enable seccomp support at build time.
Requires /dev bind mount so it can use /dev/disk/by-uuid to resolve devices to
uuids.
Signed-off-by: Ian Campbell <ijc@docker.com>
Some software (such as cri-containerd and kubelet) rely on the presence of
these links, which are usually created by udev.
Inspired by 74b145b5c7/sourceroot/functions.sh (L93...L124)
but rewritten in go.
Signed-off-by: Ian Campbell <ijc@docker.com>
