It is pretty close to our docker package, if we adjust the command
that is run to avoid the actual dind startup script. We can't use
the normal docker image as it does not have mkfs and so on.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Still a flat/unstructured config space, but at least uses the mounting
machinery.
`boot.sh` continues to just work without modification.
Signed-off-by: Ian Campbell <ijc@docker.com>
These were originally generated by some box builder runes and then taken
wholesale here. Format them to be more readable.
Signed-off-by: Ian Campbell <ijc@docker.com>
It doesn't support it. This makes "make cache-images" work. Previously it would
fail with various:
Error: remote trust data does not exist for gcr.io/google_containers/pause-amd64: gcr.io does not have trust data for gcr.io/google_containers/pause-amd64
Signed-off-by: Ian Campbell <ijc@docker.com>
This is a pretty straight port of the previous box stuff, without much attempt
to clean things up.
Image label is a placeholder, will update once a batch of changes are complete.
Signed-off-by: Ian Campbell <ijc@docker.com>
Apart from the /var/lib mount itself the custom package:
- Made host /etc/cni and /opt/cni rshared. This has been handled by init make /
rshared since 3c326bebdf ("Make / rshared").
- Make /var/lib/kubeadm after mount. For now handle this with a dedicated start
of day container instead.
Signed-off-by: Ian Campbell <ijc@docker.com>
Port base is configurable (via $KUBE_PORT_BASE envvar). Master uses this and
nodes use subsequent ports.
Check that the node number is numeric so we can add them to things, but avoid
worker node 0 since the port will clash with master.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
pull in newer containerd v1.0.0-alpha0 via updated alpine base, update runc to
429a5387123625040bacfbb60d96b1cbd02293ab which is vendored by that version of
containerd (and also update alpine base for runc)
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
These are not needed, but we are inconsistent. Been waiting for a
quiet moment to fix this since I noticed while doing a presentation...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Firstly add option to disable content trust, for the use of e.g. projects which
are pushing to the linuxkitprojects org (which has no trust setup) rather than
the main linuxkit org.
Secondly, when trust _is_ enabled then enable it globally, in particular it is
now active for the `docker build` and hence containers referenced in
Dockerfiles via "FROM" will be checked.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
This version is more up to date and works with the current containerd packages.
swarmd needs /tmp to share /tmp/containerd with containerd.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Lots of boilerplate for now on, will work on upstreaming that in the tool
properly if needed later.
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
