Added a new patch to the 4.11 and 4.9 kernels based on a patch
submitted to stable: https://patchwork.kernel.org/patch/9829039/
This patch fixes a off-by-one error in the VMBus code.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Use os.Mkdirall() instead of os.Mkdir() as it does not
error if the path already exists.
This enables specifying a default config file with the image
and then over writing it with metadata.
While at it, also update to the latest alpine base image.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Current implementation hardcodes the virtual machine as
"q35" for x86, this patch remove this hardcode and config
the machine type according to the arch the VM is running.
Also, in order to make sure the qemu can run on arm64 platform,
we need to specify the vcpu type in the command line.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Some hypervisors (e.g. hyperkit / xhyve) don't provide a good way to keep
the VM's clock in sync with the Host's clock. NTP will usually keep the
clocks together, but after a the host or VM is suspended and resumed the
clocks can be suddenly too far apart for NTP to work properly.
This simple daemon listens on an AF_VSOCK port and resynchronises the VM
clock from the virtualised hardware clock.
This is a Go conversion of original C code written by
Magnus Skjegstad <magnus@skjegstad.com>
Signed-off-by: David Scott <dave.scott@docker.com>
For DIRTY and RELEASED this means simply performing a static assignment with
`:=`. For HASH it is a little more complex since it is (and we want/need it to
be) a conditional assigment. However it is only used for defining TAG, so make
that a static assignment.
This reduces the number of times the complex DIRTY shell command in particular
is evaluated.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Firstly add option to disable content trust, for the use of e.g. projects which
are pushing to the linuxkitprojects org (which has no trust setup) rather than
the main linuxkit org.
Secondly, when trust _is_ enabled then enable it globally, in particular it is
now active for the `docker build` and hence containers referenced in
Dockerfiles via "FROM" will be checked.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Adds a new service for running `/sbin/acpid` that comes with busybox.
The VM will shut down if the power button is pressed.
Signed-off-by: Magnus Skjegstad <magnus@skjegstad.com>
We did not ship stable releases in Q2, and will not until `containerd` is stable and
editions are switched over which is being worked on now.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This version is more up to date and works with the current containerd packages.
swarmd needs /tmp to share /tmp/containerd with containerd.
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
