Commit Graph

417 Commits

Author SHA1 Message Date
Avi Deitcher
e668b25a82 Alpine 317 (#3888) 2023-01-05 07:26:50 +02:00
Davide Brini
860934d5d9 New output format: iso-efi-initrd
This option was previously not available and required postprocessing of a `tar-kernel-initrd` output.

Comparison with `iso-efi`:

`iso-efi` only loads the kernel at boot, and the root filesystem is mounted from the actual boot media (eg, a CD-ROM - physical or emulated). This can often cause trouble (it has for us) for multiple reasons:
- the linuxkit kernel might not have the correct drivers built-in for the hardware (see #3154)
- especially with virtual or emulated CD-ROMs, performance can be abysmal: we saw the case where the server IPMI allowed using a ISO stored in AWS S3 over HTTP...you can imagine what happens when you start doing random I/O on the root fs in that case.
- The ISO image has the root device name baked in (ie, `/dev/sr0`) which fails if for some reason the CD-ROM we're running from doesn't end up using that device, so manual tweaking is required (see #2375)

`iso-efi-initrd`, on the other hand, packs the root filesystem as an initramfs (ie similar to what the raw output does, except that in this case we're preparing an ISO image), so both the kernel and the initramfs are loaded in memory by the boot loader and, once running, we don't need to worry about root devices or kernel drivers (and the speed is good, as everything runs in RAM).

Also, the generated ISO can be copied verbatim (eg with `dd`) onto a USB media and it still works.

Finally, the image size is much smaller compared to `iso-efi`.

IMHO, `iso-efi-initrd` could be used almost anywhere `iso-efi` would be used, or might even supersede it. I can't think of a scenario where one might explicitly want to use `iso-efi`.

Points to consider:

- Not tested under aarch64 as I don't have access to that arch. If the automated CI tests also test that, then it should be fine.
- I'm not sure what to put inside `images.yaml` for the `iso-efi-initrd` image. As it is it works of course (my personal image on docker hub), but I guess it'll have to be some more "official" image. However, that cannot be until this PR is merged, so it's kind of a chicken and egg situation. Please advise.
- I can look into adding the corresponding `iso-bios-initrd` builder if there is interest.

![cute seal](https://sites.psu.edu/siowfa16/files/2016/09/baby-seal-29vsgyf-288x300.jpg)

Signed-off-by: Davide Brini <waldner@katamail.com>
2022-07-11 20:26:14 +02:00
Avi Deitcher
0b39a484b1 containerd-dev separate
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2022-03-21 01:20:45 +02:00
Avi Deitcher
0e69ea8f5d tools: Update to the latest linuxkit/alpine
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-11-07 16:39:16 +02:00
Avi Deitcher
c0ef25e4b7 tools/alpine: Update to latest
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-11-07 13:43:45 +02:00
Avi Deitcher
cc57d67c99 bump alpine to 3.14, remove go version hack
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-11-07 13:43:45 +02:00
David Scott
42670404f5 alpine: Update versions file
Signed-off-by: David Scott <dave@recoil.org>
2021-10-21 11:34:59 +01:00
David Scott
34d0aef7d4 Update containerd to 1.4.11
We can remove the workaround for musl using faccessat(2) and breaking
runc, because the fix is in rc93:

https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2

Signed-off-by: David Scott <dave@recoil.org>
2021-10-21 11:34:55 +01:00
Rolf Neugebauer
0e00eddd6b alpine: Fix push-manifest.sh
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-10-16 16:57:15 +01:00
Rolf Neugebauer
d2307ebae3 alpine: Update versions file
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-10-16 16:57:15 +01:00
David Scott
5124698b47 alpine: update containerd to 1.4.6
As suggested on https://github.com/linuxkit/linuxkit/pull/3554#issuecomment-852910630

Signed-off-by: David Scott <dave@recoil.org>
2021-10-16 16:57:15 +01:00
Danny Bessems
098f5c86c0 Include lvm2
Signed-off-by: djpbessems <danny@bessems.eu>
2021-08-06 15:14:38 +02:00
Avi Deitcher
4adc04a24d calculate manifest hash-tag using git ls-tree
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-05-21 01:31:14 +03:00
Rolf Neugebauer
8c16d6ac3a Merge pull request #3664 from rn/open-vm
Include open-vm-tools packages
2021-05-15 10:46:34 +01:00
Avi Deitcher
4d9de9a583 correctly use target-arch
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-05-10 12:21:33 +03:00
Rolf Neugebauer
7b836c2bd8 Include open-vm-tools packages
In alpine version 3.12, the open-vm-tools package got split into new
smaller sub-packages. The implication of this is that features such as
reporting of hostname and ip address to vCenter stopped working.

Signed-off-by: Edvin Eriksson <edvin.erikson@leovegas.com>
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-05-09 11:22:12 +00:00
Avi Deitcher
ceef6b1ca2 Merge pull request #3650 from deitch/alpine-hash
alpine carry its own hash
2021-05-06 13:11:41 -04:00
Rolf Neugebauer
c6d2933b48 alpine: Add libelf-static for perf builds
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-05-03 13:51:41 +00:00
Avi Deitcher
1e99ba3dce alpine carry its own hash
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-05-02 19:44:39 +03:00
Avi Deitcher
d091f90f81 pass linkmode=external only for Linux
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-04-29 16:52:44 +03:00
Avi Deitcher
8576579f60 Update use of tools to latest
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-04-27 19:52:35 +03:00
Avi Deitcher
1270e27ba6 tools: Update to the latest linuxkit/alpine
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-04-27 19:14:22 +03:00
Avi Deitcher
95ce6386aa Update Alpine base to 3.13; go-compile rebuilt with mod=vendor option, go bumped to 1.16
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-04-27 17:38:22 +03:00
Rolf Neugebauer
765e5f0b88 gp-compile: Use '-mod=vendor' when using go modules
fixes https://github.com/linuxkit/linuxkit/issues/3599

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2021-04-02 18:45:38 +01:00
Dave Tucker
561ce6f4be Remove Notary and Content Trust
This commit removes Notary and Content Trust.
Notary v1 is due to be replaced with Notary v2 soon.
There is no clean migration path from one to the other.
For now, this removes all signing from LinuxKit.
We will look to add this back once a new Notary alternative
becomes available.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2021-03-30 14:51:11 +01:00
Avi Deitcher
fd45bc2ead bump alpine version, add openssh-client, wireguard apk, containerd 1.4.1
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2020-10-07 16:08:15 +03:00
Rolf Neugebauer
1c4a4060f1 tools/alpine: Update package
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-26 17:38:54 -04:00
Rolf Neugebauer
bec1041534 tools/alpine: Update containerd to v1.3.4
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-26 18:18:32 +01:00
Rolf Neugebauer
bd336ef94d tools/alpine: Add zlib-static
Needed for kernel perf builds

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-26 18:15:05 +01:00
Rolf Neugebauer
0f844541cb Revert "Removed size arg from GCP make-fs command."
This reverts commit 1653e9dffb.

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 22:40:21 +01:00
Rolf Neugebauer
3eb9a75f9e tools/go-compile: Workaround for go requiring gcc on arm64
See: https://github.com/linuxkit/linuxkit/issues/3496

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
45dcbc38af tools: Update to the latest linuxkit/alpine
with the exception of grub. It does not compile
with the latest version, see: https://github.com/linuxkit/linuxkit/issues/3494

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
2817cdac7c alpine: Update packages
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
2ad6a61079 alpine: Bump containerd to v1.3.3
Note this release has the workaround for the disabling tests.

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
2320529f3d alpine/go-compile: Fix go-compile
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
2e0e0fb5e7 alpine: Bump base to 3.11
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-04-17 10:36:03 +01:00
Rolf Neugebauer
44e27a1dfb tools/alpine: Update containerd to v1.3.2
- Disable the devmapper snapshotter. We are not using it
- Cherry-pick and upstream commit to be able to disable
  the devmapper integration tests

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-01-21 23:17:17 +00:00
Rolf Neugebauer
f7e0dcba0b tools/alpine: Update wireguard-tools to 0.0.20191219
Also update other packages while at it.

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-01-03 00:11:23 +00:00
Rolf Neugebauer
27f829f4f5 tools/alpine: Fix WireGuard tools build
The alpine patch is no longer needed

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2020-01-02 23:32:27 +00:00
Rolf Neugebauer
868d14803e Merge pull request #3300 from danrzs/bugfix-make-gcp-size-limit
Removed fixed size arg from mkimage-gcp script.
2019-12-19 18:02:58 +00:00
Dave Tucker
9a91435076 linuxkit: Remove QEMU Container Backend
This commit removes the container backend for QEMU.
QEMU and it's tools are available on all platforms.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2019-11-27 18:02:12 +00:00
Rolf Neugebauer
71f0cb364d alpine: Update alpine package
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2019-08-25 08:56:49 -04:00
Rolf Neugebauer
8940ba5e34 alpine: Bump containerd to v1.2.8
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2019-08-25 13:21:29 +01:00
Rolf Neugebauer
e927e25c0e alpine: Update alpine package
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2019-06-27 20:53:08 -04:00
Rolf Neugebauer
8b9d510467 alpine: Use community instead of testing for wireguard-tools
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2019-06-28 01:20:43 +01:00
Rolf Neugebauer
8fd4e7c2fd alpine: Bump contianerd to v1.2.7
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
2019-06-28 01:13:17 +01:00
Richard Connon
5ffbfbbf67 Support loading correct DTB for RPi 3 model B+
U-Boot sets the variable fdtfile to the correct file name for the
detected hardware revision. Use this in the boot script to load either
the 3-b or 3-b-plus DTB

Signed-off-by: Richard Connon <richard@connon.me.uk>
2019-06-04 08:03:31 +00:00
Richard Connon
b97f47b0aa Update rpi3 u-boot to detect newer hardware
Update the u-boot image included in the mkimage-rpi3 image to support
detecting newer hardware versions and setting the fdtfile variable
accordingly
Shallow clone the u-boot repository during docker build to improve build
efficiency

Signed-off-by: Richard Connon <richard@connon.me.uk>
2019-06-04 08:03:31 +00:00
Richard Connon
2f6876b2c1 Update referenced Raspberry Pi firmware
Update Raspberry Pi firmware used in mkimage-rpi3 to the latest stable
version to support newer hardware models such as the 3B+

Signed-off-by: Richard Connon <richard@connon.me.uk>
2019-05-26 08:14:14 +01:00
Avi Deitcher
0cb9d79b51 Simplify to static kernel file location
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2019-05-05 12:28:17 +03:00