github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-01-14 20:50:31 +00:00
Code Issues Projects Releases Wiki Activity
1,660 Commits 1 Branch 31 Tags
ba50adfc3623375e49672ac7bc18fa527752f671
Commit Graph

98 Commits

Author SHA1 Message Date
Justin Cormack
ba50adfc36 Push a copy of the Moby base image to mobylinux/mobylinux 
This will be used for ongoing security scanning.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-07 12:10:39 -08:00
Justin Cormack
960f52d18c Split the initrd into base and containers 
In future this will allow easier customisation of the containers
for each edition.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-02 18:13:45 +00:00
Justin Cormack
72d4d5aefc Align compressed initrd to 4 bytes 
Allows appending another initrd.

Also build initrd on tmpfs as should be a bit faster now we have to do
another copy.

Fix #618

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-02 16:05:49 +00:00
Justin Cormack
933372e45a Run rngd inside a system container 
- this needs an init as it does not respond to stop signals, so include tini
- needs CAP_SYS_ADMIN to write to kernel entropy estimate
- set kernel.random.write_wakeup_threshold so that rngd does not need sysctl write access
- build patches from Alpine, but statically linked
- remove rngd from base image, means we no longer need community repository

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-12-02 14:00:12 +00:00
Riyaz Faizullabhoy
4011d4842a Use digests instead of tags where possible 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-12-01 09:39:02 -08:00
Justin Cormack
8d3691fabb Containerize binfmt_misc 
- statically make containerd symlinks so rootfs can be read only
- run binfmt_misc in a containerd container
- ship arm, aarch64, ppc64le qemu static versions that always "just work" as this is supported in Linux 4.8

fix #53

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-30 12:49:37 +00:00
Justin Cormack
99a8a959b7 Add Moby git commit to image 
Fix #345

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-11-24 13:09:58 +00:00
Nathan LeClaire
b737435985 Add support for building smaller Azure VHD for development 
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
 2016-11-04 17:14:33 -07:00
Justin Cormack
cfbdc7d067 do not remove build containers 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-10-11 16:12:40 +01:00
Justin Cormack
0ac6beff82 Do not create latest tags for base images 
As we never use these, do not create them.

Also update images where applicable.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-10-10 14:55:48 +01:00
Justin Cormack
fa19d3259b Use build container id rather than tagging builds 
This means that multiple builds will not conflict, so we can
remove the lock from the CI. Also quieter when no errors.

Some still left to do, only done the ones used in build and CI
initially. Some of the others will be cleaned up anyway later.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-29 20:21:17 +01:00
Nathan LeClaire
201e806d53 Propagate AZURE_STG_ACCOUNT_NAME in build container 
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
 2016-09-27 13:38:26 -07:00
Justin Cormack
9051236f4d Fix dhcp ntp on osx 
1. Upstream issue in Alpine that default directory is not used.
2. dhcp appends ntp servers, so delete default first.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-26 21:39:20 +01:00
Rolf Neugebauer
c9594c5a02 packages: remove hvtools 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2016-09-23 11:03:40 +01:00
Justin Cormack
2d483a20b0 Standalone make iso image, rather than build+run 
Simpler to have an image that takes the kernel and initrd as input,
rather than building them into the image.

The rest need converting.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-22 13:12:23 +01:00
Ken Cochrane
c1b826d248 Added missing ENV variables to AMI build 
Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2016-09-20 19:09:09 -04:00
Justin Cormack
f8315e40b4 better dependency checking for etc 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-16 17:02:53 +01:00
Nathan LeClaire
a6e3f92b95 Migrate cloud build off of bind mounts 
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
 2016-09-14 15:38:05 -07:00
Justin Cormack
72a2e4b90f No log driver for large copies 
Takes 75% of the time without logs.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-14 09:05:36 +01:00
Justin Cormack
318660fae3 fix dependency loop 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-13 22:14:49 +01:00
Justin Cormack
2ca2b399be Merge pull request #501 from kencochrane/cloud-clean 
Added ability to make ami-clean-mount to clean up AMI volume mount
 2016-09-13 21:26:48 +01:00
Ken Cochrane
3a5d68acbf Added ability to make ami-clean-mount to clean up AMI volume mount 
Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2016-09-13 16:22:46 -04:00
Justin Cormack
85158fec4d make bios iso by default 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-12 16:36:01 +01:00
Justin Cormack
7d08c3f9c1 we never use uncompressed initrd, so always compress 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
a99eec5151 Set CMD to mkinitrd 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
5d2ad6db2b do not need to delete reproducible images 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
71e33e3a08 smaller contexts for efi and bios 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
c498f7ac23 remove broken arm functionality - will rework 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
347328f348 clean up main Dockerfile and Makefile to use exact correct context, tar input 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
b605c70ce5 move mkinitrd to / 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:02:07 +01:00
Justin Cormack
5ae109fc23 build packages in parallel 
Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2016-09-12 16:00:53 +01:00
Simon Ferquel
12c528c089 Fix the source of the generate iso for efi version of moby 
Signed-off-by: Simon Ferquel <simon.ferquel@hotmail.fr>
 2016-09-08 14:49:02 +02:00
Justin Cormack
0337f80297 Use docker and cat not compose and volumes for arm 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-07 00:22:21 +01:00
Justin Cormack
5c38729d26 Use docker and cat not compose and volumes for efi, bios 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-07 00:17:29 +01:00
Justin Cormack
f907a57adc Stop using volume and compose to build initrd 
This makes remote builds work, and simplifies build.

See #469

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-09-06 23:59:38 +01:00
Justin Cormack
000a78076f clean up images built by compose to avoid cacheing 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-08-12 13:43:52 +01:00
Justin Cormack
3dd0aa67d9 Stop using container for gzip 
Issue fixed in upstream alpine, gzip -9 now works correctly.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-08-10 15:07:11 +01:00
Justin Cormack
398ade787e Mount /run as shared 
This is needed for volume drivers as they will mount their
volumes under here, and if they are running in a container
docker on the host will need to see these.

Also provide our own fstab, removes the media devices that were
there previously.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-08-09 11:46:08 +01:00
Justin Cormack
8fbee7e0b8 Use a container for doing gzip compression 
The CI uses Alpine with busybox and that version is not good
at compression.

ALso use `.DELETE_ON_ERROR` so empty files are not created on failure.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-07-29 16:00:49 +01:00
David Sheets
c3793ff745 finish removal of llmnrd from #311 
Signed-off-by: David Sheets <dsheets@docker.com>
 2016-07-20 17:03:51 +01:00
Nathan LeClaire
70cb4f82a2 Add Azure provider support 
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
 2016-07-18 16:22:21 -07:00
Nathan LeClaire
abb968c538 Add AWS build support 
Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
 2016-07-18 11:08:44 -07:00
Justin Cormack
3d6ba289d1 fix arm build 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-07-15 17:02:14 +01:00
Justin Cormack
07fb25c8eb do not remove inittab in clean 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-07-15 16:51:57 +01:00
Justin Cormack
96489524e7 Use upstream /etc/securetty 
Now we modify the file if we use a different console, can use
upstream unmodified.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-07-15 11:58:01 +01:00
Natanael Copa
9bbf27cb66 merge inittab.x86_64 and inittab.armhf 
with the login tty generated from boot cmdline the inittab will be equal
on all archs and platforms so we can merge and move to etc/

Signed-off-by: Natanael Copa <natanael.copa@docker.com>
 2016-07-13 18:48:26 +02:00
Natanael Copa
34bd1e9322 fix initrd.img dependencies 
trigger rebuild if init or inittab was changed

Signed-off-by: Natanael Copa <natanael.copa@docker.com>
 2016-07-13 18:28:46 +02:00
Justin Cormack
0ffc54bfaa Revert "Revert "Merge pull request #184 from justincormack/repositories" (#195)" 
This reverts commit 34d44e20d4.
 2016-06-10 10:52:13 +01:00
David Sheets
7219b18964 Revert "Merge pull request #184 from justincormack/repositories" (#195) 
This reverts commit ae1e96055c, reversing
changes made to 99dfa4e4c1.
 2016-06-10 10:28:07 +01:00
Justin Cormack
76d71e035d Move to 3.4 repositories, openrc 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2016-06-08 12:45:07 +01:00