This output produces a kernel and a root filesystem
in squashfs format. squashfs is a read-only, compressed
filesystem.
The 'kernel+squashfs' output can be used in a similar way as
the default 'kernel+initrd' output format with the benefit
that the rootfs does not consume any memory.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
We currently hardcode the Linuxkit/mkimage- images. This has the
unfortunate consequence that, if we update the LinuxKit image used
to generate the output, we have to update the Moby tool and then
vendor it back into the LinuxKit repository.
This commit introduces UpdateOutputImages() which allows a client
of the Moby tools package to selectively overwrite the packages
used to generate the outputs.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
If you happen to be exactly on a tag then:
$ linuxkit pkg build --dev pkg/init
Building "ijc/init:dev"
Cannot release "v0.3" if not pushing
Do not try and infer a release if not pushing so this is possible again.
The subsequent check for `bo.release != "" && !bo.push` remains since the
caller could have used `WithRelease` but not `WithPush`. Our CLI never does
this, but a hypothetical other user of the library might.
Signed-off-by: Ian Campbell <ijc@docker.com>
It is quite confusing that from the host or another container that
binds `/containers` you cannot see the bind mounts, you have to enter
the container namespace. I think `rshared` is a better default. You
can always be explicit and add `private` if you want a private bind mount.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Starting a virtualbox vm in bridged networking mode requires the host's
network interface to attach to the bridge being specified. This commit
adds command line option '--bridgeadapter iface' to 'linuxkit vbox run',
where 'iface' is the host's network interface to use in bridged mode.
Fixes: #2929
Signed-off-by: Olaf Bergner <olaf.bergner@gmx.de>
Upstream qemu supports accelerators other than kvm. Allow the user
to choose. On Linux we still default to 'lvm' if available. On
macOS we try the new 'hvf' accelerator, if available.
Disable acceleration if the host arch does not match requested
qemu arch.
Also change the LINUXKIT_QEMU_KVM env var to LINUXKIT_QEMU_ACCEL
and use the functions in utils.go for env var overrides.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
It still defaults to whatever is in your PATH but it's
useful to override when experimenting with different
qemu builds.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The Windows 10 Fall Creators Update added a new 'Default
Switch' (which is a NAT switch). Use it if present and the
user has not specified a switch.
Also, handle External switches with spaces in them.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This adds a namespace field to override the LinuxKit containerd
default namespace, in case you want to run a container in another
namespace.
Needs a patch in LinuxKit to implement this that I will open soon.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
If the flag is set on push, then the image will have the license
set to enabled the currently experimental netsted virtualisation
feature. The flag currently also needs to be set on run to make
sure the right CPU model (at least Haswell) is selected.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Annotations do not do anything by default but get passed through to the runtime,
which can be useful. I never metadata I didn't like...
Also fix sysctl to be a map in the validation, not an array. I can't see any
examples using this in LinuxKit, but this matches OCI so is correct.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This prepends 'ucode.cpio' to the initrd if present. Padding
should not be necessary as the ucode.cpio should be padded
to the right size.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
