Add a new flag to set the VPNKit ethernet socket path. Defaults to the
standard location for the socket in Docker for Mac.
This flag can be used to connect to the VPNKit instance started by
another linuxkit VM launched with `-start-vpnkit`. VMs connected to the
same VPNKit instance will be on the same virtual internal network.
Signed-off-by: Magnus Skjegstad <magnus@skjegstad.com>
Adds a flag to launch a new vpnkit instance. This enables port
forwarding via a 9p mount (tag:port) if the guest supports it. Vsock
port 62373 is also opened so vpnkit can forward connections back to the
guest.
If -start-vpnkit is not specified HyperKit will connect to the
vpnkit instance managed by Docker for Mac, as before.
Signed-off-by: Magnus Skjegstad <magnus@skjegstad.com>
* make each relevant heading a link
* HP->HPE, fix spelling of Arxan
* add mainline linuxkit insecure blurb
Signed-off-by: Tycho Andersen <tycho@docker.com>
This goes against collective responsibility for code. If you want to know the
author use git.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- '-disk-size' is now defaults to MB (but can be GB when appending 'G')
- The disk will be created if it doesn't exist (didn't happen in qemu)
Update the documentation.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This specifies the capabilities and bind mounts the dhcpcd daemon
needs.
While at it also update the Alpine base image
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
For all output formats except kernel+initrd, you must use the full path of
the file they want to run. Make the options auto detect.
Split the uefi option to mean "use uefi firmware" not be ISO specific.
Allow specifying a bootable disk image, so we can test disk image output
formats with qemu too.
Add a test case for qcow2 boot under qemu.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
The kernel configs themselves are stored as diffs of what we want vs. each
version's defconfig.
Thus, things like e.g. CONFIG_DEVKMEM drop out after it was made
non-default. The implication of this is (I hope) that as upstream adopts
security features, our delta can shrink (or more realistically, only
include the next-next gen features).
Signed-off-by: Tycho Andersen <tycho@docker.com>
This is the script I used with [1] to generate the config diffs and
separate out the arch specific bits. Included mostly just so people can
play around with it if they want to generate their own diffs.
[1]: https://github.com/ulfalizer/Kconfiglib
Signed-off-by: Tycho Andersen <tycho@docker.com>
