The filesystem is supposed to be immutable, so do not try to make
a symlink; new versions of moby tool should add one anyway. But
try to make the directory a symlink points to, assuming that it
will be on a writeable filesystem.
fix#1920
see also #2288
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Unfortunately there are a lot of issues with resolv.conf as we
cannot actually write it into the image from any docker image, as docker will
always have something bind mounted in.
In addition, normally we expect the filesystem to br read only for images
that moby generates, so the actual etc/resolv.conf is likely not to be writeable.
Previously we were adding in a default resolv.conf into every image pointing at
Google's name servers but that is really a bad idea.
Instead, normal images now get an empty default, while images in the `init`
section will get a symlink, currently hard coded to `/run/resolvconf/resolv.conf`
but you can override this with the `files` section to be static or a different
link.
In future, if we have an easy way to build and extract images with user control
of this, we can drop this.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Somewhere between the various updates yesterday the hash in
'versions.x86_64' went wrong and there is no image with hash
available on hub.
This commit updates the alpine base to the latest version and
thus rectifies the issue
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This uses a more memory efficient copy, and gets us closer to
not having a shell in the base system if not required.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit refactors the OpenStack push support to make use of the
Gophercloud library in order to handle authentication and talking to the
right image service as defined in the service catalogue.
Signed-off-by: Nick Jones <nick@dischord.org>
This was added in 17.06 and allows us to avoid using `$(BASE):build` which is
not safe against parallel builds etc.
Having done this restructure the build to not always delete the built container
and to separate out the `hash` and `version` file rules so that they can be
included in both the `tag` and `push` targets.
Signed-off-by: Ian Campbell <ijc@docker.com>
Alpine is the base docker image for the LinuxKit, but currently
it only supports amd64 architecture. This patch is try to unify
the alpine tool docker image build process order to suport other
architectures, such as AArch64, by using '--build-arg' to override
the alpine base image specified by 'FROM' in the Dockerfile.
Also this patch splits the standalone packages into 2 parts:
one is common for all archs, another is arch-specific.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
People really want to play around with this, so adding them here makes
it possible. Just as iproute2 is part of these, so should
wireguard-tools.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commits an initial version of the Memorizer tracing tool. It collects and
outputs detailed data on the objects (traced from kmalloc/kmem_cache_alloc) and
accesses, tracking the context of each event with respect to thread ID, program
counter, and for allocations name of process.
Signed-off-by: Nathan Dautenhahn <ndd@cis.upenn.edu>
