The local changes were merged, so switching back to the original
repository. A minor change in API was needed.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This contans the upstream (non busybox) version of `ip` and also the
Wireguard tools as these aere not yet integrated into `ip`. It is designed
to be used for network configuration.
For example a Wireguard interface can be setup with something like:
```
- name: wg
image: linuxkit/ip
net: new
binds:
- /etc/wireguard:/etc/wireguard
command: ["sh", "-c", "ip link set dev wg0 up; ip address add dev wg0 192.168.2.1 peer 192.168.2.2; wg setconf wg0 /etc/wireguard/wg0.conf; wg show wg0"]
runtime:
interfaces:
- name: wg0
add: wireguard
createInRoot: true
bindNS:
net: /run/netns/wg
```
This binds the net namespace so other containers can use it later.
Note that `ip` supports batch scripts with `ip -b file` which is quite convenient for
this use case.
Alas `wg-quick` requires `bash` so this is currently a bit bloated, maybe @zx2c4
might be persuaded to rewrite it without bashisms...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This adds support for a runtime configuration file that can do:
- `mkdir` to make a directory at runtime, eg in `/var` or `/tmp`, to avoid workarounds
- `interface` that can create network interfaces in a container or move them
- `bindNS` that can bind mount namespaces of an `onboot` container to a file so a service can be started in that namespace.
It merges the `service` and `onboot` tools (in `init`) to avoid duplication. This also saves some size for
eg LCOW which did not use the `onboot` code in `runc`.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Currently we depend on the qemu to detect the firmware file format
automatically, which is dangerous. This patch specify the 'raw'
format explicitly to remove the kind of restrictions.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
This add a -device option which enables the re-use of an existing
device. The device state is update to use a potentially new base-url
ro PXE boot from. This maybe faster than provisioning a new server.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Adds a new option, '-keep' which will keep the machine around,
but by default remove the machine when done.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The -serve command starts a local HTTP server which serves
the kernel and initrd files. The server can then easily be
made available via ngrok or other means.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
