Add basic database setup for AWS, GCP although these are not yet used
by the setup code but will be useful later.
Currently each is gated by `mobyplatform` but this can be removed once we
construct Moby per platform, and once these are containerised so they
are not run from `openrc`.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Split GCP startup script in two:
+ One started before Docker, to set the hostname
+ Another to run the startup script
Signed-off-by: David Gageot <david@gageot.net>
- this needs an init as it does not respond to stop signals, so include tini
- needs CAP_SYS_ADMIN to write to kernel entropy estimate
- set kernel.random.write_wakeup_threshold so that rngd does not need sysctl write access
- build patches from Alpine, but statically linked
- remove rngd from base image, means we no longer need community repository
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- statically make containerd symlinks so rootfs can be read only
- run binfmt_misc in a containerd container
- ship arm, aarch64, ppc64le qemu static versions that always "just work" as this is supported in Linux 4.8
fix#53
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
These will be containerised, and were disabled anyway.
Need client, as git needs it, and docker needs git.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- use our own code rather than Alpine setup-disk
- remove alpine setup code as not needed
- do not create swap partitions
- create swap file on desktop editions for now (may remove)
Fix#619
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This reverts commit 4dd5dca106.
Fix#710 where system hangs after klogd startup on AWS. Possibly
also affects Windows too. Still unclear why but lets revert and
continue investif=gating.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
So that we can write to /var early, move filesystem formatting as early as possible.
Adds a dummy fsck service, as we already do fsck in format script.
Replaces #535
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
We are not using these anywhere, busybox provides some of them.
Avoids security warnings.
Rework of #684
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
On cloud editions eg AWS settings may come from the network, so
we need to move this to after network setup, while the Windows
network config changes need to happen before, so split the init script.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Should fix issue with not sending hostname which Azure needs.
This should be requesting all the dhcp features we currently use.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Files in `/etc/local.d/` will be executed:
If a file in this directory is executable and it has a .start extension,
it will be run when the local service is started. If a file is
executable and it has a .stop extension, it will be run when the local
service is stopped.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Tweak the config to use RDSEED or (fallback) RDRAND. Makes sure
we have initial random seed in cases where there is no other
random source if these are supported.
The default config in Alpine currently disables these, which makes
it pretty useless, as there is no motherboard rng support any more.
Replaces #517Fix#514Fix#183
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Previously we used the defaults (main and community) but we
currently only need main, but are likely to need some packages
from edge soon.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
