Commit Graph

4101 Commits

Author SHA1 Message Date
Ian Campbell
a08a312d1f kubernetes: Use image labels for image-cache bind mounts
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:42:11 +01:00
Ian Campbell
20c0d080df kubernetes: use image labels to simplify yaml requirements
Also `net: host` is the default, so drop.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:42:11 +01:00
Ian Campbell
f853fab1f9 kubernetes: disable content trust for gcr.io
It doesn't support it. This makes "make cache-images" work. Previously it would
fail with various:

    Error: remote trust data does not exist for gcr.io/google_containers/pause-amd64: gcr.io does not have trust data for gcr.io/google_containers/pause-amd64

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:42:11 +01:00
Ian Campbell
cd43b44e7c kubernetes: Build image using Dockerfile and standard build system
This is a pretty straight port of the previous box stuff, without much attempt
to clean things up.

Image label is a placeholder, will update once a batch of changes are complete.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:42:09 +01:00
Ian Campbell
d208078aa0 kubernetes: cmdline drop page_poison and put console=ttyS0 last
Following the trend started in a5b9464a4e.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:41:05 +01:00
Ian Campbell
4a27008397 kubernetes: Update to latest pkg/mount.
I somehow managed to miss these in #2209

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-17 13:41:05 +01:00
Ian Campbell
32506bd7f7 kubernetes: Drop custom mounts image and use standard one
Apart from the /var/lib mount itself the custom package:

- Made host /etc/cni and /opt/cni rshared. This has been handled by init make /
  rshared since 3c326bebdf ("Make / rshared").
- Make /var/lib/kubeadm after mount. For now handle this with a dedicated start
  of day container instead.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-17 13:41:03 +01:00
Ian Campbell
2cfac0e8bb kubernetes: Expose each node's ssh port on the host starting from 2222
Port base is configurable (via $KUBE_PORT_BASE envvar). Master uses this and
nodes use subsequent ports.

Check that the node number is numeric so we can add them to things, but avoid
worker node 0 since the port will clash with master.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-17 13:37:46 +01:00
Rolf Neugebauer
ce35fea83e Merge pull request #2225 from rn/kernup
Update kernels to 4.11.11/4.9.38/4.4.77
2017-07-17 13:23:06 +01:00
Rolf Neugebauer
fcac29681b Update kernels in YAML files
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 11:04:18 +01:00
Rolf Neugebauer
e1bc6e4c55 kernel: Update to 4.11.11/4.9.38/4.4.77
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 11:02:12 +01:00
Rolf Neugebauer
759e5a8a51 kernel: Update to 4.11.10/4.9.37
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 10:54:49 +01:00
Justin Cormack
c6a0423309 Merge pull request #2223 from arm64b/qemu-dockerfile-multiarch
ARM64: Multi-arch support in qemu Dockerfile
2017-07-17 10:49:17 +01:00
Rolf Neugebauer
710eb07287 Merge pull request #2222 from arm64b/tools-Makefile-fix
tools: Fix the order sequence issue in Makefile
2017-07-17 09:36:34 +01:00
Dennis Chen
6791ad986c ARM64: Multi-arch support in qemu Dockerfile
Update the qemu Dockerfile to support both amd64 and arm64.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-07-17 07:28:48 +00:00
Dennis Chen
4cdff71e05 tools: Fix the order sequence issue in Makefile
tools/qemu and toos/go-compile define the IMAGE after the
package.mk, which result in below error if 'make ORG=other_org':
...
invalid argument "other_org/:2c6d9e1d9c52167f4f2b7a8fd235eda318175c99"for t: invalid reference format
See 'docker build --help'.
../../pkg/package.mk:47: recipe for target 'tag' failed
make: *** [tag] Error 125

This because '../../pkg/package.mk' need to use IMAGE variable first.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-07-17 07:03:27 +00:00
Justin Cormack
6ed2cec4cb Merge pull request #2218 from proelbtn/master
fix that docker.yml wasn't working correctly
2017-07-16 19:46:15 +01:00
Ryoga Saito
d12983810f fix that docker.yml wasn't working correctly
Signed-off-by: Ryoga Saito <proelbtn@gmail.com>
2017-07-16 21:28:35 +09:00
Justin Cormack
5df1dbc23e Merge pull request #2219 from justincormack/sync-init
make init sequential
2017-07-15 19:20:06 +01:00
Justin Cormack
2d98c337b2 Redis 4.0 has changed the start up message
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-15 16:53:01 +01:00
Justin Cormack
79f9a66027 update init hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-15 14:13:25 +01:00
Ian Campbell
fc20fb8a2c pkg/init: Do not run inits in the background
We want them to run in sequence. For example we want mounts to be done (done by
`pkg/runc/etc/init.d/010-onboot`) before we start services (done by
`pkg/containerd/etc/init.d/020-containerd`). This was most likely introduced by
28b4245b12 ("Move onboot startup script to runc package").

None of the initscripts in pkg/* block, but some in projects (selinux and
logging, not updated here) do.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-15 12:39:12 +01:00
Justin Cormack
07469ac60b Merge pull request #2207 from justincormack/getty-x
remove -x from getty script
2017-07-15 12:38:52 +01:00
Justin Cormack
d31600d17d Merge pull request #2216 from liqdfire/fix_guestfs_makefile
fix BASE in Makefile to match Dockerfile
2017-07-14 20:02:00 +01:00
Liqdfire
457f9a61c6 fix BASE in makefile to match Dockerfile
Signed-off-by: Liqdfire <liqdfire@gmail.com>
2017-07-14 14:00:43 -04:00
Justin Cormack
b0800cba59 update getty hash
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 18:38:36 +01:00
Justin Cormack
98ed378dbd Add a securetty file
Do not copy host securetty file - this one should be comprehensive
or bind mount host one in yourself.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 18:34:52 +01:00
Riyaz Faizullabhoy
469ba103db Merge pull request #2209 from ijc/expurgate-set--x
pkg/mount: Remove set -x
2017-07-14 09:58:36 -07:00
Riyaz Faizullabhoy
66e328e38d Merge pull request #2211 from justincormack/runc-static-pie
Make runc a static pie executable
2017-07-14 09:56:56 -07:00
Justin Cormack
36df256177 Merge pull request #2202 from rn/lcow2
Add experimental support for LCOW
2017-07-14 16:58:01 +01:00
Justin Cormack
497122126f update runc hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 15:54:11 +01:00
Justin Cormack
53d5ea42c4 Build runc as static pie
This was waiting on the runc update which added ability to add extra flags.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 15:38:32 +01:00
Ian Campbell
0fbea002dc Update yml
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 15:21:09 +01:00
Ian Campbell
77ec9bced3 pkg/mount: Remove set -x
Noisy.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 15:21:01 +01:00
Justin Cormack
fe8084d5d1 Merge pull request #2204 from ijc/service-sod-cleanup
Service start of day cleanup
2017-07-14 15:19:37 +01:00
Justin Cormack
33a220ac1b Merge pull request #2208 from justincormack/config-test-modprobe
Allow config test modprobe to fail
2017-07-14 15:19:18 +01:00
Rolf Neugebauer
5dca5db06b blueprints: Add blueprint for LCOW
See the README for instructions on how to use

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-14 15:07:35 +01:00
Rolf Neugebauer
cbc8d4a21c pkg: Add LCOW init package
This package build the init filesystem for LCOW (Linux Containers
on Windows) based on the instructions from:
https://github.com/Microsoft/opengcs.git

We also pull in a udhcpd config script from a specific version of
busybox which was the tip of master at the time this was added.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-14 15:02:42 +01:00
Rolf Neugebauer
b79f677418 build: Upda moby tool to the latest
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-14 15:02:42 +01:00
Ian Campbell
59e71c1821 alpine: Record image has in versions file
Otherwise the only record is if the pusher happens to remember to put it in the
commit message (tollerable) or the github PR (not great).

Also add the same show-tag target as `pkg/package.mk` supports, although with a
very different implementation.

The actual hash is unchanged from the previous commit.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 15:02:42 +01:00
Ian Campbell
92e180c985 alpine: stash the original /etc/apk/repositories for downstream use
If a user of linuxkit/alpine wants to produce an image with apk in it then it
is useful for them to have the original upstream repository list.

The new hash is linuxkit/alpine:3744607156e6b67e3e7d083b15be9e7722215e73

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 15:02:42 +01:00
Dennis Chen
3ef5f27e49 ARM64: specify external firware binary for containerized qemu
Current implementation uses a fixed firmware(bios) binary
installed by the build process of the qemu container image,
which will prevent us from providing an external firmware binary
outside the container. This patch removes this limitation, thus we
can assign a firware binary image file with "-fw" option.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-07-14 15:02:42 +01:00
Justin Cormack
a6b1718490 Merge pull request #2205 from ijc/alpine-repo-and-hash
Small alpine mirror improvements
2017-07-14 14:24:55 +01:00
Justin Cormack
9d423204f7 Merge pull request #2203 from arm64b/firmware-file-in-container
ARM64: specify external firware binary for containerized qemu
2017-07-14 14:17:02 +01:00
Justin Cormack
fa8f5aa7e6 update hashes
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 14:06:05 +01:00
Justin Cormack
88c63ad389 Do not fail if some modules not found
May be built in to kernel.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 14:04:32 +01:00
Ian Campbell
074431eebe Update yml to linuxkit/containerd:b6ffbb669248e3369081a6c4427026aa968a2385
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 13:53:51 +01:00
Justin Cormack
ecaa7f9c68 Remove the -x from the rungetty script
Its annoyingly verbose!

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-14 13:53:45 +01:00
Ian Campbell
538c8b5a7b containerd: Add a service command to cleanup stale containers on boot
This may occur if /var/lib/container happens to be on persistent storage.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-07-14 13:50:46 +01:00
Justin Cormack
4eb0f00db6 Merge pull request #2191 from justincormack/runc-only
Move onboot startup script to runc package
2017-07-14 13:36:36 +01:00