github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-03-19 23:01:11 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: github:pkg-v1.0.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2
...
compare: github:v1.6.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2

166 Commits
pkg-v1.0.0 ... v1.6.0

Author SHA1 Message Date
Avi Deitcher
89a95f958e when updating an index, remove sboms or other manifests that reference unknown digests (#4117) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-05-02 13:56:37 +03:00
Avi Deitcher
7a129b6e8d bump golangci-lint to v2.0.2 and update all lint issues (#4116) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-04-09 17:53:20 +03:00
Chris Irrgang
ec70c1246f add efi_gop module to grub (#4113) 
* add efi_gop module to grub

fixes #4075

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

* bump grub-dev package hash

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

* bump grub package hash

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

* bump mkimage hashes

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

---------

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>
 2025-03-11 21:13:19 +02:00
Avi Deitcher
14c29db5c2 Containerd v2.0.3 (#4112) 
* containerd to semver v2.0.3

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* containerd v2.0.3 plus commits to fix blkdiscard

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update containerd-dev dependencies

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* updated pkg/init and pkg/containerd deps

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-03-06 17:12:07 +02:00
Avi Deitcher
198db9089f containerd 20 (#4100) 
* bump containerd-dev to 2.0.2

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update pkg/init libs to containerd-20

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* bump linuxkit CLI containerd deps to 20

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update test/pkg/containerd to work with containerd v2.x tests

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update containerd-dev deps

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update pkg/init and pkg/containerd dependencies

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update test/pkg/containerd deps

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-24 18:40:56 +02:00
Avi Deitcher
1d96f04934 Buildkit builder 0.20.0 (#4110) 
* bump buildkit version to 0.20.0

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update library dependency of buildkit to v0.20.0

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-23 17:51:21 +02:00
Avi Deitcher
5dbd8082fb bump golangci-lint-action (#4109) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-23 16:40:29 +02:00
Avi Deitcher
2053d17564 Enable riscv64 default (#4108) 
* include riscv64 in target architectures

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* add riscv64 to explicit packages

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* cadvisor update to v0.51.0 and support for riscv64

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update tools based on latest

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* updated example dependencies of tools

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* bump all test cases and example alpine:3.19 to alpine:3.21

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-23 13:37:06 +02:00
Avi Deitcher
18e7eea86f riscv64 kernel (#4106) 
* add riscv64 kernels to kernel/Makefile and kernel/Dockerfile.*, riscv64 kernel config, bump alpine version for kernel builds

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update bcc to v0.32.0 to include needed fixes

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* bump kernel builder alpine base to version including llvm19

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* in kernel-bcc, automatically determine python path

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* in kernel-perf, suppress newer gcc errors

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* riscv path in kernel build was incorrect

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* remove bcc compilation from kernel

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update usages of kernel/6.6.13 to kernel/6.6.71

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* next run of updating kernel config

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update test dependencies on kernel hash version

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-21 11:10:35 +02:00
Avi Deitcher
efb139697e always tee test linuxkit run to tty, so if it gets stuck, we see why (#4107) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-19 19:41:06 +02:00
Avi Deitcher
76b519705b Add alpine bcc tools (#4105) 
* Update linuxkit/alpine

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* tools/alpine: Update to latest

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* tools: Update to the latest linuxkit/alpine

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* Update use of tools to latest

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* tests: Update packages to the latest linuxkit/alpine

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* Update use of test packages to latest

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* pkgs: Update packages to the latest linuxkit/alpine

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* Update package tags

Signed-off-by: Avi Deitcher <avi@deitcher.net>

---------

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-02-17 11:12:49 +02:00
Chris Irrgang
7ac34a6aec pkg/extend fix panic for empty partition tables (#4101) 
Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>
 2025-01-30 15:55:14 +02:00
Chris Irrgang
66ca00915a Try resizing all found devices (#4099) 
* Try resizing all found devices

fixes #4098

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

* Update package tags of pkg/extend

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>

---------

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>
 2025-01-27 11:24:45 +02:00
Chris Irrgang
fd6839d0fe Fix raw efi build image size calculation (#4097) 
fixes #4095

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>
 2025-01-27 10:26:18 +02:00
Avi Deitcher
9398785bec Merge pull request #4094 from deitch/alpine-llvm-update 
Update llvm in alpine and downstream
 2025-01-15 21:36:39 +02:00
Avi Deitcher
fd778c4d95 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 17:31:39 +02:00
Avi Deitcher
caf39bbfff Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 17:31:19 +02:00
Avi Deitcher
53cb098008 add riscv64 to mkimage-qcow2-efi 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 17:25:31 +02:00
Avi Deitcher
da2988c634 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 15:58:15 +02:00
Avi Deitcher
4aa891d564 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 15:58:01 +02:00
Avi Deitcher
5c2e62d2b9 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:59:47 +02:00
Avi Deitcher
ed42bcdd5e pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:59:27 +02:00
Avi Deitcher
f1117657eb Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:59:18 +02:00
Avi Deitcher
9b5742fe4b tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:59:10 +02:00
Avi Deitcher
d83a55fce3 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:59:08 +02:00
Avi Deitcher
084e2a08bc tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:58:59 +02:00
Avi Deitcher
bdda3d0ad3 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:56:21 +02:00
Avi Deitcher
c4d88d66db Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-15 14:41:33 +02:00
Avi Deitcher
5e3e7cc077 Merge pull request #4093 from deitch/unify-alpine-packages 
add missing riscv64 packages
 2025-01-12 11:06:35 +02:00
Avi Deitcher
95fcdc3fe0 node_exporter to v1.8.2 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-12 09:51:01 +02:00
Avi Deitcher
0b677673b5 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:54 +02:00
Avi Deitcher
3e2df7ec19 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:32 +02:00
Avi Deitcher
0edde24ef6 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:23 +02:00
Avi Deitcher
e625d0cdbc tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:15 +02:00
Avi Deitcher
68caa0b911 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:13 +02:00
Avi Deitcher
a7baaaa4cc tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:56:03 +02:00
Avi Deitcher
c7c3ab8c2a tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:55:17 +02:00
Avi Deitcher
7270857bdf Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-10 10:40:27 +02:00
Avi Deitcher
b929f3b46a Merge pull request #4091 from deitch/remove-grub-dev 
Add grub from alpine replacing our custom built grub, and build grub for riscv64
 2025-01-09 11:56:09 +02:00
Avi Deitcher
df4d0c0d47 update built-in images in linuxkit cmd 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-09 11:08:02 +02:00
Avi Deitcher
0579188c33 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:54:27 +02:00
Avi Deitcher
810e3c1fa8 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:54:08 +02:00
Avi Deitcher
6cbd483b5c Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:54:01 +02:00
Avi Deitcher
6f46c2060b tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:53:52 +02:00
Avi Deitcher
da5fefe094 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:53:50 +02:00
Avi Deitcher
48f5de7595 tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:53:40 +02:00
Avi Deitcher
89ed0f5089 remove grub-dev in favour of grub package 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 20:51:36 +02:00
Avi Deitcher
35ab64822d update alpine install docs with riscv64 and no grub-dev 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 19:37:04 +02:00
Avi Deitcher
1c11777daf tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 19:34:54 +02:00
Avi Deitcher
94d490235c Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-08 19:25:21 +02:00
Avi Deitcher
cfdeb545b1 Merge pull request #4090 from deitch/alpine-321-with-riscv64 
Alpine 321 with riscv64
 2025-01-07 22:13:37 +02:00
Avi Deitcher
d1b42ca0a8 update example for tss 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 21:44:21 +02:00
Avi Deitcher
0db6e01134 bump alpine in some test cases 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:50:59 +02:00
Avi Deitcher
4e384a86a4 fix tss compilation with patches 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:50:59 +02:00
Avi Deitcher
4165491275 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:50:58 +02:00
Avi Deitcher
67d6dad48a pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:50:07 +02:00
Avi Deitcher
db23fd9056 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:49:29 +02:00
Avi Deitcher
41ddfa054f tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:48:48 +02:00
Avi Deitcher
fb54321715 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:47:25 +02:00
Avi Deitcher
bd30821cbf tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:44:48 +02:00
Avi Deitcher
b7cc91e875 include riscv64 in push-manifest script 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:43:34 +02:00
Avi Deitcher
709a945207 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 18:43:32 +02:00
Avi Deitcher
59c3f62102 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2025-01-07 13:22:39 +02:00
Avi Deitcher
dc8c6d5985 Merge pull request #4089 from deitch/tag-in-build-yml 
support --tag in build.yml for packages
 2024-12-23 18:00:06 +02:00
Avi Deitcher
4f765b5da0 support --tag in build.yml for packages 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-12-23 17:28:49 +02:00
Avi Deitcher
ad95c6fc2e Merge pull request #4085 from deitch/volume-image 
additional volume support in building
 2024-10-01 15:57:17 +03:00
Avi Deitcher
76f4802ccf additional volume support in building 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-10-01 15:27:55 +03:00
Avi Deitcher
e4d41061b6 Merge pull request #4084 from deitch/cache-platform-instead-of-arch 
internal restructure to use explicit platform instead of implicit arch in cache
 2024-10-01 15:14:21 +03:00
Avi Deitcher
81f0c3eff2 internal restructure to use explicit platform instead of implicit arch in cache 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-10-01 14:30:03 +03:00
Avi Deitcher
5e3f7dd9a5 Merge pull request #4083 from deitch/restructure-logging 
restructure logging
 2024-10-01 14:00:06 +03:00
Avi Deitcher
67e9e22a36 restructure logging 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-10-01 12:50:43 +03:00
Avi Deitcher
8556f024ef Merge pull request #4082 from kolyshkin/moby-cap 
vendor: switch to moby/sys/capability
 2024-10-01 11:07:29 +03:00
Kir Kolyshkin
da3be29998 vendor: switch to moby/sys/capability 
github.com/moby/sys/capability is a fork of the (no longer maintained)
github.com/syndtr/gocapability package.

For changes since the fork took place, see
https://github.com/moby/sys/blob/main/capability/CHANGELOG.md

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2024-09-30 18:10:16 -07:00
Avi Deitcher
d7a6bc8899 Merge pull request #4077 from deitch/docker-bump 
bump docker deps to v27.2.0
 2024-09-08 13:00:19 +03:00
Avi Deitcher
2159aacb09 bump docker deps to v27.2.0 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-09-08 12:22:57 +03:00
Avi Deitcher
fa3207c86e Merge pull request #4072 from christoph-zededa/docker_cache_consider_architecture 
moby: check architecture for docker image
 2024-08-29 22:15:19 +03:00
Avi Deitcher
1d6d5fa612 Merge pull request #4074 from deitch/efi-kernel 
remove linuxefi grub EFI handover to normal linux loading
 2024-08-29 21:13:48 +03:00
Avi Deitcher
ba25e59640 remove linuxefi grub EFI handover to normal linux loading 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-08-29 17:30:57 +03:00
Avi Deitcher
6979859e76 Merge pull request #4073 from deitch/init-debug-no-control 
use only stdout/stderr or file for runc output
 2024-08-28 15:28:33 +03:00
Avi Deitcher
5848a2856f use only stdout/stderr or file for runc output 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-08-28 14:45:26 +03:00
Christoph Ostarek
cb8f36adf3 moby: check architecture for docker image 
under certain cases the container image is already in the local docker
registry, but with the wrong architecture; in this case just pretend
it is not there and let the caller decide if they want to build it

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-08-27 15:49:21 +02:00
Avi Deitcher
5f09346e1e Merge pull request #4070 from deitch/verbose-runc 
more verbose runc messages
 2024-08-22 20:55:44 +03:00
Avi Deitcher
15c808c4ee more verbose runc messages 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-08-22 20:23:44 +03:00
Avi Deitcher
745da8f4c0 Merge pull request #4069 from deitch/fix-ro-volumes 
when building read-only volumes, still use overlayfs
 2024-08-22 19:20:35 +03:00
Avi Deitcher
b36cad081b when building read-only volumes, still use overlayfs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-08-22 18:49:08 +03:00
Avi Deitcher
370bf51cdf Merge pull request #4067 from deitch/runc-debug-options 
support cmdline-driven debugging mode for runc
 2024-08-22 15:53:46 +03:00
Avi Deitcher
2af30c5503 support cmdline-driven debugging mode for runc 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-08-22 15:14:35 +03:00
Avi Deitcher
270fd1c5aa Merge pull request #4066 from deitch/ssh-support 
support for pkg build ssh
 2024-07-28 13:32:42 +03:00
Avi Deitcher
51727db254 support for pkg build ssh 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-28 11:39:55 +03:00
Avi Deitcher
34304b1e63 Merge pull request #4065 from deitch/volumes 
Volumes
 2024-07-21 20:33:02 +03:00
Avi Deitcher
38a0cb6376 test cases for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 20:02:40 +03:00
Avi Deitcher
a5085fc9ea pkg/init support for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 17:48:39 +03:00
Avi Deitcher
b953d1781c add support for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 17:48:38 +03:00
Avi Deitcher
fa08581fd5 Merge pull request #4064 from deitch/containerd-config-2 
containerd config.toml v2
 2024-07-19 09:54:34 +03:00
Avi Deitcher
d665a978a1 containerd config.toml v2 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-18 22:01:15 +03:00
Avi Deitcher
d68494ba4b Merge pull request #4063 from deitch/bump-containerd-1.7.20 
containerd to 1.7.20
 2024-07-18 21:40:39 +03:00
Avi Deitcher
55e13c914e containerd to 1.7.20 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-18 20:51:31 +03:00
Avi Deitcher
c3c6dc7735 Merge pull request #4062 from deitch/debug-containerd 
include example for debugging containerd
 2024-07-17 14:30:46 +03:00
Avi Deitcher
5d9f3e0aa0 include example for debugging containerd 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-17 14:29:29 +03:00
Avi Deitcher
690a4eecb5 Merge pull request #4061 from deitch/multi-pkg-deps 
Multi pkg deps
 2024-07-16 18:33:59 +03:00
Avi Deitcher
cd65ec385b Merge pull request #4060 from deitch/linuxkit-deps 
bump docker deps in linuxkit binary
 2024-07-16 12:58:01 +03:00
Avi Deitcher
f13aee1041 update rngd/extend/init usage in yml 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:29:10 +03:00
Avi Deitcher
315a1dbf20 pkg/extend bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:24:48 +03:00
Avi Deitcher
7ac157e61b pkg/host-timesync-daemon bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:23:24 +03:00
Avi Deitcher
53f848a229 pkg/rngd bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:23:23 +03:00
Avi Deitcher
4ad55951e1 bump docker deps in linuxkit binary 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:15:22 +03:00
Avi Deitcher
5d940f4770 Merge pull request #4059 from deitch/more-init-alerts 
bump pkg/init containerd, runc and image-spec to fix CVEs
 2024-07-16 12:07:32 +03:00
Avi Deitcher
1fe9d0ea76 bump pkg/init containerd, runc and image-spec to fix CVEs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 10:55:01 +03:00
Avi Deitcher
7b114bfa36 Merge pull request #4058 from deitch/init-security-alerts 
update package versions and go version for pkg/init
 2024-07-16 09:50:54 +02:00
Avi Deitcher
6bbda93914 update package versions and go version for pkg/init 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 10:11:23 +03:00
Avi Deitcher
e6ffc8a8f3 Merge pull request #4057 from deitch/build-targets-all-not-macos 
make targets separated by OS
 2024-07-11 19:03:20 +02:00
Avi Deitcher
e6ac960951 make targets separated by OS 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 18:09:48 +02:00
Avi Deitcher
933445f071 Merge pull request #4056 from deitch/handle-cross-compilation-macos 
separate release builds of macOS CGO from others
 2024-07-11 17:24:05 +02:00
Avi Deitcher
7acc8262f2 separate release builds of macOS CGO from others 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 16:55:51 +02:00
Avi Deitcher
bfac135e4e Merge pull request #4055 from deitch/include-semver-in-version 
properly save linuxkit version
 2024-07-11 15:41:20 +02:00
Avi Deitcher
8bb9174b28 properly save linuxkit version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 15:16:26 +02:00
Avi Deitcher
8d76ae282f Merge pull request #4054 from christoph-zededa/fix_build_command_args 
cmd: allow more than one config yaml for build
 2024-07-10 19:00:52 +03:00
Christoph Ostarek
04dc9042cf cmd: allow more than one config yaml for build 
according to the documentation the following command is valid:
`linuxkit build equinixmetal.yml equinixmetal.arm64.yml`
(docs/platform-equinixmetal.md)

So, make it valid.

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-07-10 17:24:53 +02:00
Avi Deitcher
c90f2ee8f2 Merge pull request #4052 from deitch/packet-to-metal 
Packet to metal
 2024-07-07 16:39:18 +03:00
Avi Deitcher
ad4c97c430 switch linuxkit from deprecated packngo to equinixmetal go-sdk 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-05 17:57:48 +03:00
Avi Deitcher
8f6ea3c85e switch Packet references to Equinix Metal 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-05 17:22:25 +03:00
Avi Deitcher
3f80ca694f Merge pull request #4049 from danrzs/master 
ensured dumpFollow of logread includes 'follow' behaviour
 2024-07-03 19:57:34 +03:00
Daniel Smith
cda7577e3c ensured dumpFollow of logread includes 'follow' behaviour 
Signed-off-by: Daniel Smith <daniel@razorsecure.com>
 2024-07-03 13:55:46 +01:00
Avi Deitcher
be7dfdd42c Merge pull request #4046 from jalaziz/4045 
Improve support for third-party registry images
 2024-06-24 11:08:04 -07:00
Jameel Al-Aziz
21e9f0fa1c add tests 
Signed-off-by: Jameel Al-Aziz <jameel@bastion.io>
 2024-06-22 01:58:37 -04:00
Jameel Al-Aziz
5e42d050a7 Improve support for third-party registry images 
Update `ReferenceExpand` to support image references from remote
registries. This fixes local image lookup and pulling with newer
versions of Docker.

fixes #4045

Signed-off-by: Jameel Al-Aziz <jameel@bastion.io>
 2024-06-18 21:57:51 -07:00
Avi Deitcher
4f89f4f67e Merge pull request #4043 from deitch/buildkit-bump 2024-06-11 18:29:11 +03:00
Avi Deitcher
977afa7510 remove no longer necessary rand.Seed 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 17:42:55 +03:00
Avi Deitcher
7c46ac8c5d bump buildkit to latest v0.13.2 with deps 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 15:55:42 +03:00
Avi Deitcher
f48e442a46 Merge pull request #4044 from deitch/go-1.22 
bump actions/setup-go to v5 and go-version to 1.22.3
 2024-06-11 15:55:13 +03:00
Avi Deitcher
4c3d189a1a bump actions/setup-go to v5 and go-version to 1.22.3 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 15:20:58 +03:00
Avi Deitcher
9e06024567 Merge pull request #4040 from deitch/export-formats 
add cache export format OCI
 2024-05-16 15:48:20 +03:00
Avi Deitcher
f5dcefc7c2 add cache export format OCI 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-05-16 14:38:19 +03:00
Avi Deitcher
6d37353ca1 Merge pull request #4039 from deitch/split-moby 
move moby components that do not have runtime dependencies to own directory
 2024-05-07 20:27:35 +03:00
Avi Deitcher
379617ca0d move moby components that do not have runtime dependencies to own directory 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-05-07 19:51:25 +03:00
Avi Deitcher
b49e32af98 Merge pull request #4036 from deitch/fix-action-script-v7 2024-04-28 16:30:14 +03:00
Avi Deitcher
5299f948e3 use proper path for github-script properties 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 15:56:53 +03:00
Avi Deitcher
e171750da6 Merge pull request #4035 from deitch/action-script-v7 2024-04-28 15:25:33 +03:00
Avi Deitcher
c32c74bc1d github script v7 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 14:43:52 +03:00
Avi Deitcher
d3257af256 Merge pull request #4034 from deitch/token-for-actions 2024-04-28 13:58:27 +03:00
Avi Deitcher
2578ae23c6 explicitly use GITHUB_TOKEN for actions script 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 12:58:10 +03:00
Avi Deitcher
38e62bb61d Merge pull request #4033 from jacobweinstock/cgroupsv2-as-default 
Make cgroups v2 the default in the init pkg
 2024-04-28 11:45:00 +03:00
Jacob Weinstock
2fe19f7561 Update dependencies 
Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
 2024-04-27 15:40:30 -06:00
Jacob Weinstock
803747f01a Make cgroups v2 the default: 
cgroups v2 has been out since 2015. Not having
to set a kernel parameter helps improve the user
experience by not requiring it when it is required
by services in a build. Making this the default was
discussed back in 2021.

Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
 2024-04-27 15:40:00 -06:00
Avi Deitcher
8afecd5204 Merge pull request #4031 from deitch/update-actions 
bump actions to v4 to avoid deprecation
 2024-04-25 12:19:07 +03:00
Avi Deitcher
e6b0ae05eb Merge pull request #4030 from deitch/canonicalize-pull 
use canonical ref when looking in cache
 2024-04-25 11:50:19 +03:00
Avi Deitcher
04792e0d44 bump actions to v4 to avoid deprecation 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-25 11:44:38 +03:00
Avi Deitcher
c836e54d22 use canonical ref when looking in cache 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-24 15:00:39 +03:00
Avi Deitcher
bc5d08d6a3 Merge pull request #4028 from largemouth/master 
chore: fix function name in comment
 2024-04-24 13:27:34 +03:00
largemouth
4ce13640cd chore: fix function name in comment 
Signed-off-by: largemouth <largemouth@aliyun.com>
 2024-04-22 19:45:14 +08:00
Avi Deitcher
cea4c0d419 Merge pull request #4027 from deitch/not-same-file 
prevent using same file for input tar and output tar
 2024-04-21 13:55:30 +03:00
Avi Deitcher
dc12b9be69 prevent using same file for input tar and output tar 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-21 13:19:57 +03:00
Avi Deitcher
dd1ae909d6 Merge pull request #4026 from deitch/increment-tar-output 
add support for input-tar
 2024-04-19 17:08:03 +03:00
Avi Deitcher
632b4065d4 add support for input-tar 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-19 16:30:06 +03:00
Avi Deitcher
a610332100 Merge pull request #4025 from deitch/tag-sources-in-tar 
include image reference as source in every tar file header
 2024-04-18 16:34:05 +03:00
Avi Deitcher
1fe8cba107 include image reference as source in every tar file header 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-18 16:03:34 +03:00
Avi Deitcher
47d02ecd61 Merge pull request #4024 from deitch/fix-kernel-tools-build 
fix kernel tools build.yml files to reflect correct dockerfiles
 2024-04-17 11:41:18 +03:00
Avi Deitcher
4d212000ec fix kernel tools build.yml files to reflect correct dockerfiles 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-16 19:30:28 +03:00
Avi Deitcher
9e18c9247c Merge pull request #4023 from deitch/commit-tag-arg 
add tag to args passed for package builds
 2024-04-16 15:14:25 +03:00
Avi Deitcher
6af6291afe add tag to args passed for package builds 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-16 13:52:49 +03:00
Avi Deitcher
de79880fff Merge pull request #3960 from Fabsolute/fix-disk-parameter-for-virtualization 2024-04-12 16:50:03 +02:00
Fabsolute
f2240fbeea FIX disk parameter usage 
Signed-off-by: Fabsolute <ahmetturk93@gmail.com>
 2024-04-12 16:07:30 +02:00
Avi Deitcher
b7bb183d49 Merge pull request #4020 from christoph-zededa/fix_doc_build_iso-efi 
README.md: fix format parameter
 2024-03-20 09:10:12 +01:00
Christoph Ostarek
6a7cea9dbd README.md: fix format parameter 
linuxkit build expects '--format' or '-f' and not
'-format'

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-03-19 18:01:22 +01:00
Avi Deitcher
3ff5dac063 Merge pull request #4018 from christoph-zededa/fix_pulling_from_localhost_registry 
util: allow pulling from local registry
 2024-03-17 00:57:54 -07:00
Christoph Ostarek
4496612c70 util: allow pulling from local registry 
before a command like
linuxkit cache pull 127.0.0.1:5000/pkgalpine

would result in trying to pull the following image:
docker.io/127.0.0.1:5000/pkgalpine

and this is wrong

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-03-15 18:36:31 +01:00
7385 changed files with 1056424 additions and 519614 deletions
Expand all files Collapse all files

66
.github/workflows/ci.yml vendored
View File

@@ -35,14 +35,14 @@ jobs:
runs-on: ${{ matrix.target.runner }}
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v3
- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.19.2
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
@@ -50,9 +50,9 @@ jobs:
GOPATH: ${{runner.workspace}}
- name: golangci-lint CLI
uses: golangci/golangci-lint-action@v3
uses: golangci/golangci-lint-action@v7
with:
version: v1.50.0
version: v2.0.2
working-directory: src/cmd/linuxkit
args: --verbose --timeout=10m
- name: go vet CLI
@@ -79,7 +79,7 @@ jobs:
GOPATH: ${{runner.workspace}}
- name: Upload binary
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: linuxkit-${{matrix.target.suffix}}
path: |
@@ -93,14 +93,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set up binfmt
# Only register arm64 as we are on amd64 already. s390x is not reliable
run: docker run --privileged --rm tonistiigi/binfmt --install arm64
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -112,7 +112,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Cache Packages
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -122,13 +122,13 @@ jobs:
- name: Build Packages
# Skip s390x as emulation is unreliable
run: |
make OPTIONS="-v --skip-platforms linux/s390x" -C pkg build
make OPTIONS="-v 2 --skip-platforms linux/s390x" -C pkg build
- name: Build Test Packages
# ensures that the test packages are in linuxkit cache when we need them for tests later
# Skip s390x as emulation is unreliable
run: |
make OPTIONS="-v --skip-platforms linux/s390x" -C test/pkg build
make OPTIONS="-v 2 --skip-platforms linux/s390x" -C test/pkg build
- name: Check Kernel Dependencies up to date
# checks that any kernel dependencies are up to date.
@@ -145,7 +145,7 @@ jobs:
# ensures that the kernel packages are in linuxkit cache when we need them for tests later
# no need for excluding s390x, as each build.yml in the kernel explicitly lists archs
run: |
make OPTIONS="-v" -C kernel build
make OPTIONS="-v 2" -C kernel build
- name: list cache contents
run: |
@@ -160,7 +160,7 @@ jobs:
shard: [1/10,2/10,3/10,4/10,5/10,6/10,7/10,8/10,9/10,10/10]
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -170,7 +170,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -184,7 +184,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -196,7 +196,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -215,7 +215,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -225,7 +225,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -239,7 +239,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -251,7 +251,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -271,7 +271,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -281,13 +281,13 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -303,7 +303,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -327,7 +327,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -337,7 +337,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -351,7 +351,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -363,7 +363,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -383,7 +383,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -393,7 +393,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -407,7 +407,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -419,7 +419,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}

8
.github/workflows/package_release.yml vendored
View File

@@ -9,13 +9,13 @@ jobs:
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/pkg-v')
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.21
uses: actions/setup-go@v3
- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.21.5
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Ensure bin/ directory
run: mkdir -p bin
- name: Install linuxkit

11
.github/workflows/publish.yaml vendored
View File

@@ -14,14 +14,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Ensure bin/ directory
run: mkdir -p bin
- name: Download linuxkit
uses: actions/github-script@v3.1.0
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
var artifacts = await github.actions.listWorkflowRunArtifacts({
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
@@ -29,7 +30,7 @@ jobs:
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "${{ env.linuxkit_file }}"
})[0];
var download = await github.actions.downloadArtifact({
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
@@ -45,7 +46,7 @@ jobs:
sudo ln -s $(pwd)/bin/${{ env.linuxkit_file }} /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}

73
.github/workflows/release.yml vendored
View File

@@ -4,20 +4,20 @@ on:
create:
jobs:
build:
name: Build all targets
build-all:
name: Build all targets expect macOS
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v3
- name: Set up Go 1.122
uses: actions/setup-go@v5
with:
go-version: 1.19.2
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
@@ -26,10 +26,67 @@ jobs:
- name: Build
run: |
make build-all-targets
make build-targets-linux build-targets-windows
env:
GOPATH: ${{runner.workspace}}
- uses: actions/upload-artifact@v4
with:
name: release-targets-except-cgo
path: bin/
# separate macos build because macos needs CGO, and it is very hard to cross-compile that
build-macos:
name: Build macOS target
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
runs-on: macos-latest
steps:
- name: Set up Go 1.122
uses: actions/setup-go@v5
with:
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
env:
GOPATH: ${{runner.workspace}}
- name: Build
run: |
make build-targets-macos
env:
GOPATH: ${{runner.workspace}}
- uses: actions/upload-artifact@v4
with:
name: release-targets-macos
path: bin/
release-artifacts:
needs: [build-all, build-macos]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: release-targets-except-cgo
path: bintmp/release-targets-except-cgo
- uses: actions/download-artifact@v4
with:
name: release-targets-macos
path: bintmp/release-targets-macos
- name: Combine Artifacts
run: |
mkdir -p bin/
cp bintmp/*/* bin/
- name: Checksum Artifacts
run: |
make checksum-targets
- name: GitHub Release
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
env:
@@ -37,4 +94,4 @@ jobs:
with:
draft: true
files: bin/*
generate_release_notes: true
generate_release_notes: true

25
Makefile
View File

@@ -4,7 +4,7 @@ VERSION="v0.8+"
TEST_SUITE ?=
TEST_SHARD ?=
GO_COMPILE=linuxkit/go-compile:c97703655e8510b7257ffc57f25e40337b0f0813
GO_COMPILE=linuxkit/go-compile:985a9db72a7e6941de5e1eb71c2b41b76bf0556f
ifeq ($(OS),Windows_NT)
LINUXKIT?=$(CURDIR)/bin/linuxkit.exe
@@ -34,7 +34,7 @@ export VERSION GO_COMPILE GOOS GOARCH LOCAL_TARGET LINUXKIT
default: linuxkit $(RTF)
all: default
RTF_COMMIT=b74a4f7c78e5cddcf7e6d2e6be7be312b9f645fc
RTF_COMMIT=1118e08445438dc37ec62b4c1e216918b3d804d2
RTF_CMD=github.com/linuxkit/rtf/cmd
RTF_VERSION=0.0
$(RTF): tmp_rtf_bin.tar | bin
@@ -119,18 +119,27 @@ endif
./scripts/update-component-sha.sh --image $${img}$(image); \
done
.PHONY: build-all-targets
build-all-targets: bin
$(MAKE) GOOS=darwin GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-arm64 local-build
file bin/linuxkit-darwin-arm64
$(MAKE) GOOS=darwin GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-amd64 local-build
file bin/linuxkit-darwin-amd64
.PHONY: build-targets-all build-targets-linux build-targets-windows build-targets-macos checksum-targets
build-targets-all: build-targets-linux build-targets-windows build-targets-macos
build-targets-linux: bin
$(MAKE) GOOS=linux GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-arm64 local-build
file bin/linuxkit-linux-arm64
$(MAKE) GOOS=linux GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-amd64 local-build
file bin/linuxkit-linux-amd64
$(MAKE) GOOS=linux GOARCH=s390x LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-s390x local-build
file bin/linuxkit-linux-s390x
build-targets-windows: bin
$(MAKE) GOOS=windows GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-windows-amd64.exe local-build
file bin/linuxkit-windows-amd64.exe
build-targets-macos: bin
$(MAKE) GOOS=darwin GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-arm64 local-build
file bin/linuxkit-darwin-arm64
$(MAKE) GOOS=darwin GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-amd64 local-build
file bin/linuxkit-darwin-amd64
checksum-targets: bin
cd bin && openssl sha256 -r linuxkit-* | tr -d '*' > checksums.txt

6
README.md
View File

@@ -63,8 +63,8 @@ Once you have built the tool, use
```
linuxkit build linuxkit.yml
```
to build the example configuration. You can also specify different output formats, eg `linuxkit build -format raw-bios linuxkit.yml` to
output a raw BIOS bootable disk image, or `linuxkit build -format iso-efi linuxkit.yml` to output an EFI bootable ISO image. See `linuxkit build -help` for more information.
to build the example configuration. You can also specify different output formats, eg `linuxkit build --format raw-bios linuxkit.yml` to
output a raw BIOS bootable disk image, or `linuxkit build --format iso-efi linuxkit.yml` to output an EFI bootable ISO image. See `linuxkit build -help` for more information.
### Booting and Testing
@@ -87,7 +87,7 @@ Currently supported platforms are:
- [OpenStack](docs/platform-openstack.md) `[x86_64]`
- [Scaleway](docs/platform-scaleway.md) `[x86_64]`
- Baremetal:
- [packet.net](docs/platform-packet.md) `[x86_64, arm64]`
- [deploy.equinix.com](docs/platform-equinixmetal.md) `[x86_64, arm64]`
- [Raspberry Pi Model 3b](docs/platform-rpi3.md) `[arm64]`

2
contrib/open-vm-tools/open-vm-tools-ds.yaml
View File

@@ -30,7 +30,7 @@ spec:
operator: Exists
effect: NoSchedule
containers:
- image: linuxkit/open-vm-tools:728ddf726474178eea97604c0baeabd52edab7e9
- image: linuxkit/open-vm-tools:8a320f7453711f0544f4b03558aaf0b80c7c23f1
name: open-vm-tools
resources:
requests:

8
docs/alpine-base-update.md
View File

@@ -101,9 +101,9 @@ In the below, replace `linuxkit-arch` with each build machine's name:
```sh
# one of these will not be necessary, as you will likely be executing it on one of these machines
scp linuxkit-s390x:$LK_ROOT/tools/alpine/versions.s390x $LK_ROOT/tools/alpine/versions.s390x
scp linuxkit-aarch64:$LK_ROOT/tools/alpine/versions.aarch64 $LK_ROOT/tools/alpine/versions.aarch64
scp linuxkit-x86_64:$LK_ROOT/tools/alpine/versions.x86_64 $LK_ROOT/tools/alpine/versions.x86_64
for arch in x86_64 aarch64 riscv64; do
scp linuxkit-$arch:$LK_ROOT/tools/alpine/versions.$arch $LK_ROOT/tools/alpine/versions.$arch
done
git commit -a -s -m "tools/alpine: Update to latest"
git push $LK_REMOTE $LK_BRANCH
```
@@ -131,7 +131,6 @@ following which is an explanation of each one.
# Update tools packages
cd $LK_ROOT/tools
$LK_ROOT/scripts/update-component-sha.sh --image $LK_ALPINE
git checkout grub-dev/Dockerfile
git checkout mkimage-rpi3/Dockerfile
git commit -a -s -m "tools: Update to the latest linuxkit/alpine"
@@ -183,7 +182,6 @@ Note, the `git checkout` reverts the changes made by
Important is the `git checkout` of some sensitive packages that only can be built with
specific older versions of upstream packages:
* `grub-dev`
* `mkimage-rpi3`
Only update those if you know what you are doing with them.

19
docs/cmdline.md Normal file
View File

@@ -0,0 +1,19 @@
# Kernel command-line options
The kernel command-line is a string of text that the kernel parses as it is starting up. It is passed by the boot loader
to the kernel and specifies parameters that the kernel uses to configure the system. The command-line is a list of command-line
options separated by spaces. The options are parsed by the kernel and can be used to enable or disable certain features.
LinuxKit passes all command-line options to the kernel, which uses them in the usual way.
There are several options that can be used to control the behaviour of linuxkit itself, or specifically packages
within linuxkit. Unless standard Linux options exist, these all are prefaced with `linuxkit.`.
| Option | Description |
|---|---|
| `linuxkit.unified_cgroup_hierarchy=0` | Start up cgroups v1. If not present or set to 1, default to cgroups v1. |
| `linuxkit.runc_debug=1` | Start runc for `onboot` and `onshutdown` containers to run with `--debug`, and add extra logging messages for each stage of starting those containers. If not present or set to 0, default to usual mode. |
| `linuxkit.runc_console=1` | Send logs for runc for `onboot` and `onshutdown` containers, as well as the output of the containers themselves, to the console, instead of the normal output to logfiles. If not present or set to 0, default to usual mode. |
It often is useful to combine both of the `linuxkit.runc_debug` and `linuxkit.runc_console` options to get the most
information about what is happening with `onboot` containers.

13
docs/kernels.md
View File

@@ -274,7 +274,7 @@ your local Docker setup.
The process of modifying the kernel configuration is as follows:
1. Create a `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Create a `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out. By default, this will be for your local architecture, but you can override it with `make kconfig ARCH=${ARCH}`, e.g. `make kconfig ARCH=arm64`. The image is tagged with the architecture, e.g. `linuxkit/kconfig:arm64`.
1. Run a container based on `linuxkit/kconfig`.
1. In the container, modify the config to suit your needs using normal kernel tools like `make defconfig` or `make menuconfig`.
1. Save the config from the image.
@@ -287,7 +287,11 @@ so that `make menuconfig` and `make defconfig` work correctly.
Run the container as follows:
```sh
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig:aarch64
# or
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig:x86_64
# or
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig:riscv64
```
This will give you a interactive shell where you can modify the kernel
@@ -321,6 +325,11 @@ make ARCH=arm64 defconfig
make ARCH=arm64 oldconfig # or menuconfig
```
It is important to note that sometimes the configuration can be subtly different
when running `make defconfig` across architectures. Of note is that `make ARCH=riscv` on
x86_64 or aarch64 comes out slightly differently than when run natively on riscv64.
Feel free to try it cross, but do not be surprised if it generates outputs that are not the same.
Note that the generated file **must** be final. When you actually build the kernel,
it will check that running `make defconfig` will have no changes. If there are changes,
the build will fail.

3
docs/packages.md
View File

@@ -50,6 +50,7 @@ A package source consists of a directory containing at least two files:
- `image` _(string)_: *(mandatory)* The name of the image to build
- `org` _(string)_: The hub/registry organisation to which this package belongs
- `tag` _(string)_: The tag to use for the image, can be fixed string or template (default: `{{.Hash}}`)
- `dockerfile` _(string)_: The dockerfile to use to build this package, must be in this directory or below (default: `Dockerfile`)
- `arches` _(list of string)_: The architectures which this package should be built for (valid entries are `GOARCH` names)
- `extra-sources` _(list of strings)_: Additional sources for the package outside the package directory. The format is `src:dst`, where `src` can be relative to the package directory and `dst` is the destination in the build context. This is useful for sharing files, such as vendored go code, between packages.
@@ -272,6 +273,8 @@ When building packages, the following build-args automatically are set for you:
* `SOURCE` - the source repository of the package
* `REVISION` - the git commit that was used for the build
* `GOPKGVERSION` - the go package version or pseudo-version per https://go.dev/ref/mod#glos-pseudo-version
* `PKG_HASH` - the git tree hash of the package directory, e.g. `45a1ad5919f0b6acf0f0cf730e9434abfae11fe6`; tag part of `linuxkit pkg show-tag`
* `PKG_IMAGE` - the name of the image that is being built, e.g. `linuxkit/init`; image name part of `linuxkit pkg show-tag`. Combine with `PKG_HASH` for the full tag.
Note that the above are set **only** if you do not set them in `build.yaml`. Your settings _always_
override these built-in ones.

142
docs/platform-equinixmetal.md Normal file
View File

@@ -0,0 +1,142 @@
# LinuxKit with bare metal on Equinix Metal
[Equinix Metal](http://deploy.equinix.com) is a bare metal hosting provider.
You will need to [create an Equinix Metal account] and a project to
put this new machine into. You will also need to [create an API key]
with appropriate read/write permissions to allow the image to boot.
[create an Equinix Metal account]:https://console.equinix.com/sign-up
[create an API key]:https://deploy.equinix.com/developers/docs/metal/identity-access-management/api-keys/
The `linuxkit run equinixmetal` command can mostly either be configured via
command line options or with environment variables. see `linuxkit run
equinixmetal --help` for the options and environment variables.
By default, `linuxkit run` will provision a new machine and remove it
once you are done. With the `-keep` option the provisioned machine
will not be removed. You can then use the `-device` option with the
device ID on subsequent `linuxkit run` invocations to re-use an
existing machine. These subsequent runs will update the iPXE data so
you can boot alternative kernels on an existing machine.
There is an example YAML file for [x86_64](../examples/equinixmetal.yml) and
an additional YAML for [arm64](../examples/equinixmetal.arm64.yml) servers
which provide both access to the serial console and via ssh and
configures bonding for network devices via metadata (if supported).
For x86_64 builds for Intel servers we strongly recommend adding
`ucode: intel-ucode.cpio` to the kernel section in the YAML. This
updates the Intel CPU microcode to the latest by prepending it to the
generated initrd file. The `ucode` entry is only recommended when
booting on baremetal. It should be omitted (but is harmless) when
building images to boot in VMs.
**Note**: The update of the iPXE configuration sometimes may take some
time and the first boot may fail. Hitting return on the console to
retry the boot typically fixes this.
## Boot
LinuxKit on Equinix Metal boots the `kernel+initrd` output from moby via
[iPXE](https://deploy.equinix.com/developers/docs/metal/operating-systems/custom-ipxe/)
which also requires a iPXE script. iPXE booting requires a HTTP server
on which you can store your images. The `-base-url` option specifies
the URL to a HTTP server from which `<name>-kernel`,
`<name>-initrd.img`, and `<name>-equinixmetal.ipxe` can be downloaded during
boot.
If you have your own HTTP server, you can use `linuxkit push equinixmetal`
to create the files (including the iPXE script) you need to make
available.
If you don't have a public HTTP server at hand, you can use the
`-serve` option. This will create a local HTTP server which can either
be run on another Equinix Metal machine or be made accessible with tools
like [ngrok](https://ngrok.com/).
For example, to boot the [example](../examples/platform-equinixmetal.yml)
with a local HTTP server:
```sh
linuxkit build platform-equinixmetal.yml
# run the web server
# run 'ngrok http 8080' in another window
METAL_AUTH_TOKEN=<API key> METAL_PROJECT_ID=<Project ID> \
linuxkit run equinixmetal -serve :8080 -base-url <ngrok url> equinixmetal
```
To boot a `arm64` image for Type 2a machine (`-machine baremetal_2a`)
you currently need to build using `linuxkit build equinixmetal.yml
equinixmetal.arm64.yml` and then un-compress both the kernel and the initrd
before booting, e.g:
```sh
mv equinixmetal-initrd.img equinixmetal-initrd.img.gz && gzip -d equinixmetal-initrd.img.gz
mv equinixmetal-kernel equinixmetal-kernel.gz && gzip -d equinixmetal-kernel.gz
```
The LinuxKit image can then be booted with:
```sh
METAL_API_TOKEN=<API key> METAL_PROJECT_ID=<Project ID> \
linuxkit run equinixmetal -machine baremetal_2a -serve :8080 -base-url -base-url <ngrok url> equinixmetal
```
Alternatively, `linuxkit push equinixmetal` will uncompress the kernel and
initrd images on arm machines (or explicitly via the `-decompress`
flag. There is also a `linuxkit serve` command which will start a
local HTTP server serving the specified directory.
**Note**: It may take several minutes to deploy a new server. If you
are attached to the console, you should see the BIOS and the boot
messages.
## Console
By default, `linuxkit run equinixmetal ...` will connect to the
Equinix Metal
[SOS ("Serial over SSH") console](https://deploy.equinix.com/developers/docs/metal/resilience-recovery/serial-over-ssh/). This
requires `ssh` access, i.e., you must have uploaded your SSH keys to
Equinix Metal beforehand.
You can exit the console vi `~.` on a new line once you are
disconnected from the serial, e.g. after poweroff.
**Note**: We also require that the Equinix Metal SOS host is in your
`known_hosts` file, otherwise the connection to the console will
fail. There is a Equinix Metal SOS host per zone.
You can disable the serial console access with the `-console=false`
command line option.
## Disks
At this moment the Linuxkit server boots from RAM, with no persistent
storage. We are working on adding persistent storage support on Equinix Metal.
## Networking
On the baremetal type 2a system (arm64 Cavium Thunder X) the network device driver does not get autoloaded by `mdev`. Please add:
```
- name: modprobe
image: linuxkit/modprobe:<hash>
command: ["modprobe", "nicvf"]
```
to your YAML files before any containers requiring the network to be up, e.g., the `dhcpcd` container.
Some Equinix Metal server types have bonded networks; the `metadata` package has support for setting
these up, and also for adding additional IP addresses.
## Integration services and Metadata
Equinix Metal supports [user state](https://deploy.equinix.com/developers/docs/metal/server-metadata/user-data/)
during system bringup, which enables the boot process to be more informative about the
current state of the boot process once the kernel has loaded but before the
system is ready for login.

151
docs/platform-packet.md
View File

@@ -1,151 +0,0 @@
# LinuxKit with bare metal on Packet
[Packet](http://packet.net) is a bare metal hosting provider.
You will need to [create a Packet account] and a project to
put this new machine into. You will also need to [create an API key]
with appropriate read/write permissions to allow the image to boot.
[create a Packet account]:https://app.packet.net/#/registration/
[create an API key]:https://help.packet.net/quick-start/api-integrations
Linuxkit is known to boot on the [Type 0]
and [Type 1] servers at Packet.
Support for other server types, including the [Type 2A] ARM server,
is a work in progress.
[Type 0]:https://www.packet.net/bare-metal/servers/type-0/
[Type 1]:https://www.packet.net/bare-metal/servers/type-1/
[Type 2A]:https://www.packet.net/bare-metal/servers/type-2a/
The `linuxkit run packet` command can mostly either be configured via
command line options or with environment variables. see `linuxkit run
packet --help` for the options and environment variables.
By default, `linuxkit run` will provision a new machine and remove it
once you are done. With the `-keep` option the provisioned machine
will not be removed. You can then use the `-device` option with the
device ID on subsequent `linuxkit run` invocations to re-use an
existing machine. These subsequent runs will update the iPXE data so
you can boot alternative kernels on an existing machine.
There is an example YAML file for [x86_64](../examples/packet.yml) and
an additional YAML for [arm64](../examples/packet.arm64.yml) servers
which provide both access to the serial console and via ssh and
configures bonding for network devices via metadata (if supported).
For x86_64 builds for Intel servers we strongly recommend adding
`ucode: intel-ucode.cpio` to the kernel section in the YAML. This
updates the Intel CPU microcode to the latest by prepending it to the
generated initrd file. The `ucode` entry is only recommended when
booting on baremetal. It should be omitted (but is harmless) when
building images to boot in VMs.
**Note**: The update of the iPXE configuration sometimes may take some
time and the first boot may fail. Hitting return on the console to
retry the boot typically fixes this.
## Boot
LinuxKit on Packet boots the `kernel+initrd` output from moby via
[iPXE](https://help.packet.net/technical/infrastructure/custom-ipxe)
which also requires a iPXE script. iPXE booting requires a HTTP server
on which you can store your images. The `-base-url` option specifies
the URL to a HTTP server from which `<name>-kernel`,
`<name>-initrd.img`, and `<name>-packet.ipxe` can be downloaded during
boot.
If you have your own HTTP server, you can use `linuxkit push packet`
to create the files (including the iPXE script) you need to make
available.
If you don't have a public HTTP server at hand, you can use the
`-serve` option. This will create a local HTTP server which can either
be run on another Packet machine or be made accessible with tools
like [ngrok](https://ngrok.com/).
For example, to boot the [example](../examples/packet.net)
with a local HTTP server:
```sh
linuxkit build packet.yml
# run the web server
# run 'ngrok http 8080' in another window
PACKET_API_KEY=<API key> PACKET_PROJECT_ID=<Project ID> \
linuxkit run packet -serve :8080 -base-url <ngrok url> packet
```
To boot a `arm64` image for Type 2a machine (`-machine baremetal_2a`)
you currently need to build using `linuxkit build packet.yml
packet.arm64.yml` and then un-compress both the kernel and the initrd
before booting, e.g:
```sh
mv packet-initrd.img packet-initrd.img.gz && gzip -d packet-initrd.img.gz
mv packet-kernel packet-kernel.gz && gzip -d packet-kernel.gz
```
The LinuxKit image can then be booted with:
```sh
PACKET_API_KEY=<API key> PACKET_PROJECT_ID=<Project ID> \
linuxkit run packet -machine baremetal_2a -serve :8080 -base-url -base-url <ngrok url> packet
```
Alternatively, `linuxkit push packet` will uncompress the kernel and
initrd images on arm machines (or explicitly via the `-decompress`
flag. There is also a `linuxkit serve` command which will start a
local HTTP server serving the specified directory.
**Note**: It may take several minutes to deploy a new server. If you
are attached to the console, you should see the BIOS and the boot
messages.
## Console
By default, `linuxkit run packet ...` will connect to the
Packet
[SOS ("Serial over SSH") console](https://help.packet.net/technical/networking/sos-rescue-mode). This
requires `ssh` access, i.e., you must have uploaded your SSH keys to
Packet beforehand.
You can exit the console vi `~.` on a new line once you are
disconnected from the serial, e.g. after poweroff.
**Note**: We also require that the Packet SOS host is in your
`known_hosts` file, otherwise the connection to the console will
fail. There is a Packet SOS host per zone.
You can disable the serial console access with the `-console=false`
command line option.
## Disks
At this moment the Linuxkit server boots from RAM, with no persistent
storage. We are working on adding persistent storage support on Packet.
## Networking
On the baremetal type 2a system (arm64 Cavium Thunder X) the network device driver does not get autoloaded by `mdev`. Please add:
```
- name: modprobe
image: linuxkit/modprobe:<hash>
command: ["modprobe", "nicvf"]
```
to your YAML files before any containers requiring the network to be up, e.g., the `dhcpcd` container.
Some Packet server types have bonded networks; the `metadata` package has support for setting
these up, and also for adding additional IP addresses.
## Integration services and Metadata
Packet supports [user state](https://help.packet.net/technical/infrastructure/user-state)
during system bringup, which enables the boot process to be more informative about the
current state of the boot process once the kernel has loaded but before the
system is ready for login.

173
docs/yaml.md
View File

@@ -3,7 +3,7 @@
The `linuxkit build` command assembles a set of containerised components into in image. The simplest
type of image is just a `tar` file of the contents (useful for debugging) but more useful
outputs add a `Dockerfile` to build a container, or build a full disk image that can be
booted as a linuxKit VM. The main use case is to build an assembly that includes
booted as a linuxkit VM. The main use case is to build an assembly that includes
`containerd` to run a set of containers, but the tooling is very generic.
The yaml configuration specifies the components used to build up an image . All components
@@ -16,8 +16,19 @@ The Docker images are optionally verified with Docker Content Trust.
For private registries or private repositories on a registry credentials provided via
`docker login` are re-used.
The configuration file is processed in the order `kernel`, `init`, `onboot`, `onshutdown`,
`services`, `files`. Each section adds files to the root file system. Sections may be omitted.
## Sections
The configuration file is processed in the order:
1. `kernel`
1. `init`
1. `volumes`
1. `onboot`
1. `onshutdown`
1. `services`
1. `files`
Each section adds files to the root file system. Sections may be omitted.
Each container that is specified is allocated a unique `uid` and `gid` that it may use if it
wishes to run as an isolated user (or user namespace). Anywhere you specify a `uid` or `gid`
@@ -40,7 +51,7 @@ files:
mode: "0600"
```
## `kernel`
### `kernel`
The `kernel` section is only required if booting a VM. The files will be put into the `boot/`
directory, where they are used to build bootable images.
@@ -50,6 +61,9 @@ which should contain a `kernel` file that will be booted (eg a `bzImage` for `am
called `kernel.tar` which is a tarball that is unpacked into the root, which should usually
contain a kernel modules directory. `cmdline` specifies the kernel command line options if required.
The contents of `cmdline` are passed to the kernel as-is. There are several special values that are
used to control the behaviour of linuxkit packages. See [kernel command line options](../docs/cmdline.md).
To override the names, you can specify the kernel image name with `binary: bzImage` and the tar image
with `tar: kernel.tar` or the empty string or `none` if you do not want to use a tarball at all.
@@ -57,7 +71,7 @@ Kernel packages may also contain a cpio archive containing CPU microcode which n
the initrd. To select this option, recommended when booting on bare metal, add `ucode: intel-ucode.cpio`
to the kernel section.
## `init`
### `init`
The `init` section is a list of images that are used for the `init` system and are unpacked directly
into the root filesystem. This should bring up `containerd`, start the system and daemon containers,
@@ -65,14 +79,14 @@ and set up basic filesystem mounts. in the case of a LinuxKit system. For ease o
modification `runc` and `containerd` images, which just contain these programs are added here
rather than bundled into the `init` container.
## `onboot`
### `onboot`
The `onboot` section is a list of images. These images are run before any other
images. They are run sequentially and each must exit before the next one is run.
These images can be used to configure one shot settings. See [Image
specification](#image-specification) for a list of supported fields.
## `onshutdown`
### `onshutdown`
This is a list of images to run on a clean shutdown. Note that you must not rely on these
being run at all, as machines may be be powered off or shut down without having time to run
@@ -81,18 +95,149 @@ run and when they are not. Most systems are likely to be "crash only" and not ha
but you can attempt to deregister cleanly from a network service here, rather than relying
on timeouts, for example.
## `services`
### `services`
The `services` section is a list of images for long running services which are
run with `containerd`. Startup order is undefined, so containers should wait
on any resources, such as networking, that they need. See [Image
specification](#image-specification) for a list of supported fields.
## `files`
### `volumes`
The volumes section is a list of named volumes that can be used by other containers,
including those in `services`, `onboot` and `onshutdown`. The volumes are created in a directory
chosen by linuxkit at build-time. The volumes then can be referenced by other containers and
mounted into them.
Volumes can be in one of several formats:
* Blank directory: This is the default, and is an empty directory that is created at build-time. It is an overlayfs mount, and can be shared among multiple containers.
* Image laid out as filesystem: The contents of the image are used to populate the volume. Default format when an image is provided.
* Image as OCI v1-layout: The image is used as an [OCI v1-layout](https://github.com/opencontainers/image-spec/blob/main/image-layout.md). Indicated by `format: oci`.
Examples of each are given later in this section.
The `volumes` section can declare a volume to be read-write or read-only. If the volume is read-write,
a volume that is mounted into a container can be mounted read-only or read-write. If the volume is read-only,
it can be mounted into a container read-only; attempting to do so read-write will generate a build-time error.
By default, volumes are created read-write, and are mounted read-write.
Volume names **must** be unique, and must contain only lower-case alphanumeric characters, hyphens, and
underscores.
#### Samples of `volumes`
##### Empty directory
Yaml showing both read-only and read-write:
```yml
volumes:
- name: dira
readonly: true
- name: dirb
readonly: true
```
Contents:
```sh
$ cd dir && ls -la
drwxr-xr-x 19 root wheel 608 Sep 30 15:03 .
drwxrwxrwt 130 root wheel 4160 Sep 30 15:03 ..
```
In the above example:
* `dira` is empty and is read-only.
* `volb` is empty and is read-write.
##### Image directory
Yaml showing both read-only and read-write:
```yml
volumes:
- name: vola
image: alpine:latest
readonly: true
- name: volb
image: alpine:latest
format: filesystem # optional, as this is the default format
readonly: false
```
In the above example:
* `vola` is populated by the contents of `alpine:latest` and is read-only.
* `volb` is populated by the contents of `alpine:latest` and is read-write.
Contents:
```sh
$ cd dir && ls -la
drwxr-xr-x 19 root wheel 608 Sep 30 15:03 .
drwxrwxrwt 130 root wheel 4160 Sep 30 15:03 ..
drwxr-xr-x 84 root wheel 2688 Sep 6 14:34 bin
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 dev
drwxr-xr-x 37 root wheel 1184 Sep 6 14:34 etc
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 home
drwxr-xr-x 13 root wheel 416 Sep 6 14:34 lib
drwxr-xr-x 5 root wheel 160 Sep 6 14:34 media
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 mnt
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 opt
dr-xr-xr-x 2 root wheel 64 Sep 6 14:34 proc
drwx------ 2 root wheel 64 Sep 6 14:34 root
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 run
drwxr-xr-x 63 root wheel 2016 Sep 6 14:34 sbin
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 srv
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 sys
drwxr-xr-x 2 root wheel 64 Sep 6 14:34 tmp
drwxr-xr-x 7 root wheel 224 Sep 6 14:34 usr
drwxr-xr-x 13 root wheel 416 Sep 6 14:34 var
```
##### Image OCI Layout
Yaml showing both read-only and read-write, and both all architectures and a limited subset:
```yml
volumes:
- name: volo
image: alpine:latest
format: oci
readonly: true
- name: volp
image: alpine:latest
readonly: false
format: oci
platforms:
- linux/amd64
```
In the above example:
* `volo` is populated by the contents of `alpine:latest` as an OCI v1-layout for all architectures and is read-only.
* `volb` is populated by the contents of `alpine:latest` as an OCI v1-layout just for linux/amd64 and is read-write.
##### Volumes in `services`
Sample usage of volumes in `services` section:
```yml
services:
- name: myservice
image: alpine:latest
binds:
- volA:/mnt/volA:ro
- volB:/mnt/volB
```
### `files`
The files section can be used to add files inline in the config, or from an external file.
```
```yml
files:
- path: dir
directory: true
@@ -118,7 +263,8 @@ user's home directory.
In addition there is a `metadata` option that will generate the file. Currently the only value
supported here is `"yaml"` which will output the yaml used to generate the image into the specified
file:
```
```yml
- path: etc/linuxkit.yml
metadata: yaml
```
@@ -130,7 +276,7 @@ Because a `tmpfs` is mounted onto `/var`, `/run`, and `/tmp` by default, the `tm
## Image specification
Entries in the `onboot` and `services` sections specify an OCI image and
Entries in the `onboot`, `onshutdown`, `volumes` and `services` sections specify an OCI image and
options. Default values may be specified using the `org.mobyproject.config` image label.
For more details see the [OCI specification](https://github.com/opencontainers/runtime-spec/blob/master/spec.md).
@@ -205,7 +351,8 @@ which specifies some actions to take place when the container is being started.
- `namespace` overrides the LinuxKit default containerd namespace to put the container in; only applicable to services.
An example of using the `runtime` config to configure a network namespace with `wireguard` and then run `nginx` in that namespace is shown below:
```
```yml
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:<hash>

18
examples/addbinds.yml
View File

@@ -1,25 +1,25 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
binds.add:
# this will keep all of the existing ones as well
- /var/tmp:/var/tmp
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

28
examples/cadvisor.yml
View File

@@ -1,34 +1,34 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: sysfs
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
image: linuxkit/sysfs:7345172dbf4d436c861adfc27150af474194289b
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/var/lib/docker"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: ntpd
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
image: linuxkit/openntpd:f99c4117763480815553b72022b426639a13ce86
- name: docker
image: docker:20.10.6-dind
@@ -46,7 +46,7 @@ services:
- /etc/docker/daemon.json:/etc/docker/daemon.json
command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"]
- name: cadvisor
image: linuxkit/cadvisor:c57efffad1139b2c5df1c3f66c1e3d586ce9e07d
image: linuxkit/cadvisor:8dfefe0f9593ba21aca5d08fadac16de907d470d
files:
- path: var/lib/docker
directory: true

4
examples/containerd-debug-runtime-config.toml Normal file
View File

@@ -0,0 +1,4 @@
cliopts="--log-level trace"
stderr="/var/log/containerd.err.log"
stdout="/var/log/containerd.out.log"

42
examples/containerd-debug.yml Normal file
View File

@@ -0,0 +1,42 @@
# example with volumes, both blank and populated
kernel:
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
image: busybox:latest
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: nginx
image: nginx:1.19.5-alpine
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
binds:
- /etc/resolv.conf:/etc/resolv.conf
files:
- path: etc/linuxkit-config
metadata: yaml
- path: /etc/containerd/runtime-config.toml
source: "containerd-debug-runtime-config.toml" # must include the file runtime-config.toml in this directory
mode: "0644"

28
examples/dm-crypt-loop.yml
View File

@@ -1,31 +1,31 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
command: ["/usr/bin/format", "/dev/sda"]
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/dev/sda1", "/var/external"]
- name: loop
image: linuxkit/losetup:65e3ad6336a321749394f58c3f28003cfce1e28c
image: linuxkit/losetup:095ff80d8e8fad1707741ea2584a36f3b80e787d
command: ["/usr/bin/loopy", "--create", "/var/external/storage_file"]
- name: dm-crypt
image: linuxkit/dm-crypt:d49723bc9d10c5ada9e03b0670f4e57416d5d084
image: linuxkit/dm-crypt:981fde241bb84616a5ba94c04cdefa1489431a25
command: ["/usr/bin/crypto", "crypt_loop_dev", "/dev/loop0"]
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/dev/mapper/crypt_loop_dev", "/var/secure_storage"]
- name: bbox
image: busybox
@@ -34,11 +34,11 @@ onboot:
- /var:/var
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

24
examples/dm-crypt.yml
View File

@@ -1,25 +1,25 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
command: ["/usr/bin/format", "/dev/sda"]
- name: dm-crypt
image: linuxkit/dm-crypt:d49723bc9d10c5ada9e03b0670f4e57416d5d084
image: linuxkit/dm-crypt:981fde241bb84616a5ba94c04cdefa1489431a25
command: ["/usr/bin/crypto", "crypt_dev", "/dev/sda1"]
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/dev/mapper/crypt_dev", "/var/secure_storage"]
- name: bbox
image: busybox
@@ -28,11 +28,11 @@ onboot:
- /var:/var
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

42
examples/docker-for-mac.yml
View File

@@ -1,32 +1,32 @@
# This is an example for building the open source components of Docker for Mac
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0 page_poison=1"
init:
- linuxkit/vpnkit-expose-port:77e45e4681c78d59f1d8a48818260948d55f9d05 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/vpnkit-expose-port:b30e8456ac128b2ac360329898368b309ea6e477 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
# support metadata for optional config in /run/config
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: sysfs
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
image: linuxkit/sysfs:7345172dbf4d436c861adfc27150af474194289b
- name: binfmt
image: linuxkit/binfmt:68604c81876812ca1c9e2d9f098c28f463713e61
image: linuxkit/binfmt:ce9509ccfa25002227ccd7ed8dd48d6947854427
# Format and mount the disk image in /var/lib/docker
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/var/lib"]
# make a swap file on the mounted disk
- name: swap
image: linuxkit/swap:c57f3319ce770515357f0058035e40519c22b752
image: linuxkit/swap:f4b8ffef87c8c72165bd8a92b790ac252ccf1821
command: ["/swap.sh", "--path", "/var/lib/swap", "--size", "1024M"]
# mount-vpnkit mounts the 9p share used by vpnkit to coordinate port forwarding
- name: mount-vpnkit
@@ -44,41 +44,41 @@ onboot:
- /var:/host_var
command: ["sh", "-c", "mv -v /host_var/log /host_var/lib && ln -vs /var/lib/log /host_var/log"]
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
# Enable acpi to shutdown on power events
- name: acpid
image: linuxkit/acpid:3b1560c81d3884e049ebbd9d9bf94ccb394e6cd3
image: linuxkit/acpid:6cb5575e487a8fcbd4c3eb6721c23299e6ea452f
# Enable getty for easier debugging
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
# Run ntpd to keep time synchronised in the VM
- name: ntpd
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
image: linuxkit/openntpd:f99c4117763480815553b72022b426639a13ce86
# VSOCK to unix domain socket forwarding. Forwards guest /var/run/docker.sock
# to a socket on the host.
- name: vsudd
image: linuxkit/vsudd:b4d80d243733f80906cdbcf77f367a7b5744dc09
image: linuxkit/vsudd:127acd1453f7bfda791491ac4c55be0d2b9223cc
binds:
- /var/run:/var/run
command: ["/vsudd", "-inport", "2376:unix:/var/run/docker.sock"]
# vpnkit-forwarder forwards network traffic to/from the host via VSOCK port 62373.
# It needs access to the vpnkit 9P coordination share
- name: vpnkit-forwarder
image: linuxkit/vpnkit-forwarder:a89ec807d7d675dccd53773c07382bc707db3396
image: linuxkit/vpnkit-forwarder:e22bb70abdb5550c369f91ae7068c24e19beff73
binds:
- /var/vpnkit:/port
net: host
command: ["/vpnkit-forwarder", "-vsockPort", "62373"]
# Monitor for image deletes and invoke a TRIM on the container filesystem
- name: trim-after-delete
image: linuxkit/trim-after-delete:6ba98bfb111a808b7a1ca890aca9fc2b3709fca2
image: linuxkit/trim-after-delete:fe73247abd4ab7584a75e95083543af97fe90d4d
# When the host resumes from sleep, force a clock resync
- name: host-timesync-daemon
image: linuxkit/host-timesync-daemon:12d443511194774a9fdaf5457e5f2703fd5e882c
image: linuxkit/host-timesync-daemon:548bfe9d35c930ee42d6c0485bb4bf25d2729bad
# Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
# Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
# for vpnkit coordination and /run/config/docker for the configuration file.

26
examples/docker.yml
View File

@@ -1,32 +1,32 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: sysfs
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
image: linuxkit/sysfs:7345172dbf4d436c861adfc27150af474194289b
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/var/lib/docker"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: ntpd
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
image: linuxkit/openntpd:f99c4117763480815553b72022b426639a13ce86
- name: docker
image: docker:20.10.6-dind
capabilities:

18
examples/getty.yml
View File

@@ -1,25 +1,25 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
# to make insecure with passwordless root login, uncomment following lines
#env:
# - INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

18
examples/hostmount-writeable-overlay.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
@@ -18,7 +18,7 @@ onshutdown:
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
runtime:
@@ -30,7 +30,7 @@ services:
destination: writeable-host-etc
options: ["rw", "lowerdir=/etc", "upperdir=/run/hostetc/upper", "workdir=/run/hostetc/work"]
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

14
examples/influxdb-os.yml
View File

@@ -1,18 +1,18 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: influxdb

22
examples/logging.yml
View File

@@ -1,23 +1,23 @@
# Simple example of using an external logging service
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/memlogd:cb79fd19e6485cfc61b85c607ca172cd860554c5
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
- linuxkit/memlogd:e28ecaa23a3693ae96575fb3bc421bc1d9f46c4f
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
# Inside the getty type `/proc/1/root/usr/bin/logread -F` to follow the log
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
# A service which generates log messages for testing
@@ -25,6 +25,6 @@ services:
image: alpine:3.13
command: ["/bin/sh", "-c", "while /bin/true; do echo hello $(date); sleep 1; done" ]
- name: write-and-rotate-logs
image: linuxkit/logwrite:c1c66d246080a40658903916d650206f2dcd707a
image: linuxkit/logwrite:3f138a010098862845b7270fc3715a03d0e3871e
- name: kmsg
image: linuxkit/kmsg:423844f262467e1199480dc93d69e38610c78133
image: linuxkit/kmsg:9b0a33abebde8de005a3bfaf8dc06f183a9ba7b8

12
examples/minimal.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true

16
examples/node_exporter.yml
View File

@@ -1,18 +1,18 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: node_exporter
image: linuxkit/node_exporter:9bcd8479b7ba2844773ef4f01a60c901c4800982
image: linuxkit/node_exporter:1415b52c08ddc5799b2fc83cf3f080c56c3ff5a9

20
examples/openstack.yml
View File

@@ -1,25 +1,25 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
command: ["/usr/bin/metadata", "openstack"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx

22
examples/platform-aws.yml
View File

@@ -1,27 +1,27 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd2
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx

18
examples/platform-azure.yml
View File

@@ -1,21 +1,21 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /root/.ssh:/root/.ssh
files:

14
examples/platform-equinixmetal.arm64.yml Normal file
View File

@@ -0,0 +1,14 @@
# This YAML snippet is to be used in conjunction with equinixmetal.yml to
# build a arm64 image for Equinix Metal. It adds a modprobe of the NIC
# driver and overrides the kernel section to disable prepending the
# Intel CPU microcode to the initrd. If writing a YAML specifically
# for arm64 then the 'ucode' line in the kernel section can be left
# out.
kernel:
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyAMA0"
ucode: ""
onboot:
- name: modprobe
image: linuxkit/modprobe:773ee174006ecbb412830e48889795bae40b62f9
command: ["modprobe", "nicvf"]

38
examples/platform-equinixmetal.yml Normal file
View File

@@ -0,0 +1,38 @@
kernel:
image: linuxkit/kernel:6.6.71
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
- linuxkit/firmware:bfc7802f909c4b760de5dd2bc02a7f52e86b78f7
onboot:
- name: rngd1
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
command: ["/usr/bin/metadata", "equinixmetal"]
services:
- name: rngd
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: getty
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub
mode: "0600"
optional: true

22
examples/platform-gcp.yml
View File

@@ -1,28 +1,28 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx

26
examples/platform-hetzner.yml
View File

@@ -1,34 +1,34 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
- linuxkit/firmware:bfc7802f909c4b760de5dd2bc02a7f52e86b78f7
onboot:
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
command: ["/usr/bin/metadata", "hetzner"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /root/.ssh:/root/.ssh
files:

14
examples/platform-packet.arm64.yml
View File

@@ -1,14 +0,0 @@
# This YAML snippet is to be used in conjunction with packet.yml to
# build a arm64 image for packet.net. It adds a modprobe of the NIC
# driver and overrides the kernel section to disable prepending the
# Intel CPU microcode to the initrd. If writing a YAML specifically
# for arm64 then the 'ucode' line in the kernel section can be left
# out.
kernel:
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyAMA0"
ucode: ""
onboot:
- name: modprobe
image: linuxkit/modprobe:ab5ac4d5e7e7a5f2d103764850f7846b69230676
command: ["modprobe", "nicvf"]

38
examples/platform-packet.yml
View File

@@ -1,38 +0,0 @@
kernel:
image: linuxkit/kernel:6.6.13
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "packet"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub
mode: "0600"
optional: true

20
examples/platform-rt-for-vmware.yml
View File

@@ -1,25 +1,25 @@
kernel:
image: linuxkit/kernel:6.6.13-rt
image: linuxkit/kernel:6.6.71-rt
cmdline: "console=tty0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: open-vm-tools
image: linuxkit/open-vm-tools:728ddf726474178eea97604c0baeabd52edab7e9
image: linuxkit/open-vm-tools:8a320f7453711f0544f4b03558aaf0b80c7c23f1
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

22
examples/platform-scaleway.yml
View File

@@ -1,26 +1,26 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0 root=/dev/vda"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
command: ["/sbin/rngd", "-1"]
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032

18
examples/platform-vmware.yml
View File

@@ -1,23 +1,23 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

22
examples/platform-vultr.yml
View File

@@ -1,29 +1,29 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
image: linuxkit/metadata:4f81c0c3a2b245567fd7d32d799018c9614a9907
command: ["/usr/bin/metadata", "vultr"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx

12
examples/redis-os.yml
View File

@@ -1,19 +1,19 @@
# Minimal YAML to run a redis server (used at DockerCon'17)
# connect: nc localhost 6379
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
# Currently redis:4.0.6-alpine has trust issue with multi-arch

22
examples/sshd.yml
View File

@@ -1,28 +1,28 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
command: ["/sbin/rngd", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /root/.ssh:/root/.ssh
files:

12
examples/static-ip.yml
View File

@@ -1,19 +1,19 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
onboot:
- name: ip
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
image: linuxkit/ip:9696394a7d57b384ae919662ae162c9152029156
binds:
- /etc/ip:/etc/ip
command: ["ip", "-b", "/etc/ip/eth0.conf"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
files:

24
examples/swap.yml
View File

@@ -1,31 +1,31 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
image: linuxkit/format:3fb088f60ed73ba4a15be41e44654b74112fd3f9
- name: mount
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
image: linuxkit/mount:cb8caa72248f7082fc2074ce843d53cdc15df04a
command: ["/usr/bin/mountie", "/var/external"]
- name: swap
image: linuxkit/swap:c57f3319ce770515357f0058035e40519c22b752
image: linuxkit/swap:f4b8ffef87c8c72165bd8a92b790ac252ccf1821
# to use unencrypted swap, use:
# command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G"]
command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032

20
examples/tpm.yml
View File

@@ -1,26 +1,26 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: tss
image: linuxkit/tss:856286012a613598d6ef6869b196f9a72245b7d2
image: linuxkit/tss:dbdcce4c3a840f8337d20991807439b2096a1457
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

45
examples/volumes.yml Normal file
View File

@@ -0,0 +1,45 @@
# example with volumes, both blank and populated
kernel:
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
image: busybox:latest
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: nginx
image: nginx:1.19.5-alpine
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
binds:
- /etc/resolv.conf:/etc/resolv.conf
- blank:/blank
- alpine:/alpine
volumes:
- name: blank # blank volume
- name: alpine # populated volume
image: alpine:3.21
files:
- path: etc/linuxkit-config
metadata: yaml

14
examples/vpnkit-forwarder.yml
View File

@@ -1,13 +1,13 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: mount-vpnkit
image: alpine:3.13
@@ -19,11 +19,11 @@ onboot:
command: ["sh", "-c", "mkdir /host_var/vpnkit && mount -v -t 9p -o trans=virtio,dfltuid=1001,dfltgid=50,version=9p2000 port /host_var/vpnkit"]
services:
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
image: linuxkit/sshd:9bdd85427ef99640276d97a32a7a3cc31bb017b3
binds.add:
- /root/.ssh:/root/.ssh
- name: vpnkit-forwarder
image: linuxkit/vpnkit-forwarder:a89ec807d7d675dccd53773c07382bc707db3396
image: linuxkit/vpnkit-forwarder:e22bb70abdb5550c369f91ae7068c24e19beff73
binds:
- /var/vpnkit:/port
net: host

12
examples/vsudd-containerd.yml
View File

@@ -1,17 +1,17 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: vsudd
image: linuxkit/vsudd:b4d80d243733f80906cdbcf77f367a7b5744dc09
image: linuxkit/vsudd:127acd1453f7bfda791491ac4c55be0d2b9223cc
binds:
- /run/containerd/containerd.sock:/run/containerd/containerd.sock
command: ["/vsudd",

22
examples/wireguard.yml
View File

@@ -1,19 +1,19 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: wg0
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
image: linuxkit/ip:9696394a7d57b384ae919662ae162c9152029156
net: new
binds:
- /etc/wireguard:/etc/wireguard
@@ -26,7 +26,7 @@ onboot:
bindNS:
net: /run/netns/wg0
- name: wg1
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
image: linuxkit/ip:9696394a7d57b384ae919662ae162c9152029156
net: new
binds:
- /etc/wireguard:/etc/wireguard
@@ -40,12 +40,12 @@ onboot:
net: /run/netns/wg1
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
net: /run/netns/wg1
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: nginx
image: nginx:1.13.8-alpine
net: /run/netns/wg0

4
kernel/6.6.x/build-args
View File

@@ -1,3 +1,3 @@
KERNEL_VERSION=6.6.13
KERNEL_VERSION=6.6.71
KERNEL_SERIES=6.6.x
BUILD_IMAGE=linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e
BUILD_IMAGE=linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a

31
kernel/6.6.x/config-aarch64
View File

@@ -1,20 +1,21 @@
#
# Automatically generated file; DO NOT EDIT.
# Linux/arm64 6.6.13 Kernel Configuration
# Linux/arm64 6.6.71 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Alpine 13.2.1_git20231014) 13.2.1 20231014"
CONFIG_CC_VERSION_TEXT="gcc (Alpine 14.2.0) 14.2.0"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=130201
CONFIG_GCC_VERSION=140200
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
CONFIG_AS_VERSION=24100
CONFIG_AS_VERSION=24301
CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24100
CONFIG_LD_VERSION=24301
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y
CONFIG_TOOLS_SUPPORT_RELR=y
CONFIG_CC_HAS_ASM_INLINE=y
CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
CONFIG_PAHOLE_VERSION=0
@@ -157,7 +158,7 @@ CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
CONFIG_CC_HAS_INT128=y
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
CONFIG_GCC11_NO_ARRAY_BOUNDS=y
CONFIG_GCC10_NO_ARRAY_BOUNDS=y
CONFIG_CC_NO_ARRAY_BOUNDS=y
CONFIG_ARCH_SUPPORTS_INT128=y
CONFIG_CGROUPS=y
@@ -371,7 +372,10 @@ CONFIG_ARM64_ERRATUM_2067961=y
CONFIG_ARM64_ERRATUM_2441009=y
CONFIG_ARM64_ERRATUM_2457168=y
CONFIG_ARM64_ERRATUM_2645198=y
CONFIG_ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD=y
CONFIG_ARM64_ERRATUM_2966298=y
CONFIG_ARM64_ERRATUM_3117295=y
CONFIG_ARM64_ERRATUM_3194386=y
CONFIG_CAVIUM_ERRATUM_22375=y
CONFIG_CAVIUM_ERRATUM_23154=y
CONFIG_CAVIUM_ERRATUM_27456=y
@@ -488,7 +492,6 @@ CONFIG_ARM64_EPAN=y
# end of ARMv8.7 architectural features
CONFIG_ARM64_SVE=y
CONFIG_ARM64_SME=y
# CONFIG_ARM64_PSEUDO_NMI is not set
CONFIG_RELOCATABLE=y
CONFIG_RANDOMIZE_BASE=y
@@ -631,6 +634,7 @@ CONFIG_KVM_GENERIC_HARDWARE_ENABLING=y
CONFIG_VIRTUALIZATION=y
CONFIG_KVM=y
# CONFIG_NVHE_EL2_DEBUG is not set
CONFIG_CPU_MITIGATIONS=y
#
# General architecture-dependent options
@@ -730,6 +734,7 @@ CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y
CONFIG_ARCH_USE_MEMREMAP_PROT=y
# CONFIG_LOCK_EVENT_COUNTS is not set
CONFIG_ARCH_HAS_RELR=y
CONFIG_RELR=y
CONFIG_HAVE_PREEMPT_DYNAMIC=y
CONFIG_HAVE_PREEMPT_DYNAMIC_KEY=y
CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y
@@ -905,6 +910,7 @@ CONFIG_PAGE_REPORTING=y
CONFIG_MIGRATION=y
CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y
CONFIG_ARCH_ENABLE_THP_MIGRATION=y
CONFIG_PCP_BATCH_SCALE_MAX=5
CONFIG_PHYS_ADDR_T_64BIT=y
CONFIG_MMU_NOTIFIER=y
CONFIG_KSM=y
@@ -3354,7 +3360,6 @@ CONFIG_MFD_CORE=y
# CONFIG_MFD_SKY81452 is not set
# CONFIG_MFD_STMPE is not set
CONFIG_MFD_SYSCON=y
# CONFIG_MFD_TI_AM335X_TSCADC is not set
# CONFIG_MFD_LP3943 is not set
# CONFIG_MFD_LP8788 is not set
# CONFIG_MFD_TI_LMU is not set
@@ -3413,6 +3418,7 @@ CONFIG_MFD_VEXPRESS_SYSREG=y
# Graphics support
#
CONFIG_APERTURE_HELPERS=y
CONFIG_SCREEN_INFO=y
CONFIG_VIDEO_CMDLINE=y
# CONFIG_AUXDISPLAY is not set
# CONFIG_DRM is not set
@@ -3474,6 +3480,7 @@ CONFIG_FB_SYS_IMAGEBLIT=y
# CONFIG_FB_FOREIGN_ENDIAN is not set
CONFIG_FB_SYS_FOPS=y
CONFIG_FB_DEFERRED_IO=y
CONFIG_FB_IOMEM_FOPS=y
CONFIG_FB_IOMEM_HELPERS=y
CONFIG_FB_SYSMEM_HELPERS=y
CONFIG_FB_SYSMEM_HELPERS_DEFERRED=y
@@ -3600,6 +3607,7 @@ CONFIG_HID_GENERIC=y
# CONFIG_HID_ZYDACRON is not set
# CONFIG_HID_SENSOR_HUB is not set
# CONFIG_HID_ALPS is not set
# CONFIG_HID_MCP2200 is not set
# CONFIG_HID_MCP2221 is not set
# end of Special HID drivers
@@ -3821,8 +3829,6 @@ CONFIG_MMC_SDHCI_PLTFM=m
# CONFIG_MMC_TOSHIBA_PCI is not set
# CONFIG_MMC_MTK is not set
# CONFIG_MMC_SDHCI_XENON is not set
# CONFIG_MMC_SDHCI_OMAP is not set
# CONFIG_MMC_SDHCI_AM654 is not set
# CONFIG_SCSI_UFSHCD is not set
# CONFIG_MEMSTICK is not set
# CONFIG_NEW_LEDS is not set
@@ -4726,6 +4732,9 @@ CONFIG_ENCRYPTED_KEYS=y
# CONFIG_USER_DECRYPTED_DATA is not set
CONFIG_KEY_DH_OPERATIONS=y
CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_PROC_MEM_ALWAYS_FORCE=y
# CONFIG_PROC_MEM_FORCE_PTRACE is not set
# CONFIG_PROC_MEM_NO_FORCE is not set
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
@@ -4821,6 +4830,7 @@ CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_AEAD2=y
CONFIG_CRYPTO_SIG=y
CONFIG_CRYPTO_SIG2=y
CONFIG_CRYPTO_SKCIPHER=y
CONFIG_CRYPTO_SKCIPHER2=y
@@ -5191,7 +5201,6 @@ CONFIG_DMA_DIRECT_REMAP=y
# CONFIG_DMA_MAP_BENCHMARK is not set
CONFIG_SGL_ALLOC=y
CONFIG_CHECK_SIGNATURE=y
# CONFIG_FORCE_NR_CPUS is not set
CONFIG_CPU_RMAP=y
CONFIG_DQL=y
CONFIG_GLOB=y

4968
kernel/6.6.x/config-riscv64 Normal file
View File

File diff suppressed because it is too large Load Diff

28
kernel/6.6.x/config-x86_64
View File

@@ -1,15 +1,15 @@
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86 6.6.13 Kernel Configuration
# Linux/x86 6.6.71 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Alpine 13.2.1_git20231014) 13.2.1 20231014"
CONFIG_CC_VERSION_TEXT="gcc (Alpine 14.2.0) 14.2.0"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=130201
CONFIG_GCC_VERSION=140200
CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y
CONFIG_AS_VERSION=24100
CONFIG_AS_VERSION=24301
CONFIG_LD_IS_BFD=y
CONFIG_LD_VERSION=24100
CONFIG_LD_VERSION=24301
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
@@ -180,7 +180,7 @@ CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
CONFIG_CC_HAS_INT128=y
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
CONFIG_GCC11_NO_ARRAY_BOUNDS=y
CONFIG_GCC10_NO_ARRAY_BOUNDS=y
CONFIG_CC_NO_ARRAY_BOUNDS=y
CONFIG_ARCH_SUPPORTS_INT128=y
CONFIG_CGROUPS=y
@@ -470,7 +470,6 @@ CONFIG_PHYSICAL_ALIGN=0x1000000
CONFIG_DYNAMIC_MEMORY_LAYOUT=y
CONFIG_RANDOMIZE_MEMORY=y
CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa
# CONFIG_ADDRESS_MASKING is not set
CONFIG_HOTPLUG_CPU=y
# CONFIG_COMPAT_VDSO is not set
# CONFIG_LEGACY_VSYSCALL_XONLY is not set
@@ -490,7 +489,7 @@ CONFIG_CALL_PADDING=y
CONFIG_HAVE_CALL_THUNKS=y
CONFIG_CALL_THUNKS=y
CONFIG_PREFIX_SYMBOLS=y
CONFIG_SPECULATION_MITIGATIONS=y
CONFIG_CPU_MITIGATIONS=y
CONFIG_PAGE_TABLE_ISOLATION=y
CONFIG_RETPOLINE=y
CONFIG_RETHUNK=y
@@ -502,6 +501,8 @@ CONFIG_CPU_IBRS_ENTRY=y
CONFIG_CPU_SRSO=y
# CONFIG_SLS is not set
# CONFIG_GDS_FORCE_MITIGATION is not set
CONFIG_MITIGATION_RFDS=y
CONFIG_MITIGATION_SPECTRE_BHI=y
CONFIG_ARCH_HAS_ADD_PAGES=y
#
@@ -684,6 +685,7 @@ CONFIG_AS_SHA256_NI=y
CONFIG_AS_TPAUSE=y
CONFIG_AS_GFNI=y
CONFIG_AS_WRUSS=y
CONFIG_ARCH_CONFIGURES_CPU_MITIGATIONS=y
#
# General architecture-dependent options
@@ -1004,6 +1006,7 @@ CONFIG_DEVICE_MIGRATION=y
CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y
CONFIG_ARCH_ENABLE_THP_MIGRATION=y
CONFIG_CONTIG_ALLOC=y
CONFIG_PCP_BATCH_SCALE_MAX=5
CONFIG_PHYS_ADDR_T_64BIT=y
CONFIG_MMU_NOTIFIER=y
CONFIG_KSM=y
@@ -3177,7 +3180,6 @@ CONFIG_LPC_SCH=y
CONFIG_MFD_SM501=y
# CONFIG_MFD_SKY81452 is not set
# CONFIG_MFD_SYSCON is not set
# CONFIG_MFD_TI_AM335X_TSCADC is not set
# CONFIG_MFD_LP3943 is not set
# CONFIG_MFD_LP8788 is not set
# CONFIG_MFD_TI_LMU is not set
@@ -3219,6 +3221,7 @@ CONFIG_MFD_VX855=y
# Graphics support
#
CONFIG_APERTURE_HELPERS=y
CONFIG_SCREEN_INFO=y
CONFIG_VIDEO_CMDLINE=y
CONFIG_VIDEO_NOMODESET=y
# CONFIG_AUXDISPLAY is not set
@@ -3290,6 +3293,7 @@ CONFIG_FB_SYS_IMAGEBLIT=y
# CONFIG_FB_FOREIGN_ENDIAN is not set
CONFIG_FB_SYS_FOPS=y
CONFIG_FB_DEFERRED_IO=y
CONFIG_FB_IOMEM_FOPS=y
CONFIG_FB_IOMEM_HELPERS=y
CONFIG_FB_SYSMEM_HELPERS=y
CONFIG_FB_SYSMEM_HELPERS_DEFERRED=y
@@ -4352,6 +4356,9 @@ CONFIG_ENCRYPTED_KEYS=y
# CONFIG_USER_DECRYPTED_DATA is not set
CONFIG_KEY_DH_OPERATIONS=y
CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_PROC_MEM_ALWAYS_FORCE=y
# CONFIG_PROC_MEM_FORCE_PTRACE is not set
# CONFIG_PROC_MEM_NO_FORCE is not set
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
@@ -4447,6 +4454,7 @@ CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_ALGAPI2=y
CONFIG_CRYPTO_AEAD=y
CONFIG_CRYPTO_AEAD2=y
CONFIG_CRYPTO_SIG=y
CONFIG_CRYPTO_SIG2=y
CONFIG_CRYPTO_SKCIPHER=y
CONFIG_CRYPTO_SKCIPHER2=y
@@ -4798,7 +4806,6 @@ CONFIG_SWIOTLB=y
# CONFIG_DMA_MAP_BENCHMARK is not set
CONFIG_SGL_ALLOC=y
CONFIG_CHECK_SIGNATURE=y
# CONFIG_FORCE_NR_CPUS is not set
CONFIG_CPU_RMAP=y
CONFIG_DQL=y
CONFIG_GLOB=y
@@ -4957,6 +4964,7 @@ CONFIG_ARCH_SUPPORTS_KMAP_LOCAL_FORCE_MAP=y
CONFIG_HAVE_ARCH_KASAN=y
CONFIG_HAVE_ARCH_KASAN_VMALLOC=y
CONFIG_CC_HAS_KASAN_GENERIC=y
CONFIG_CC_HAS_KASAN_SW_TAGS=y
CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y
# CONFIG_KASAN is not set
CONFIG_HAVE_ARCH_KFENCE=y

6
kernel/Dockerfile
View File

@@ -115,6 +115,9 @@ RUN case $(uname -m) in \
aarch64) \
KERNEL_DEF_CONF=/linux/arch/arm64/configs/defconfig; \
;; \
riscv64) \
KERNEL_DEF_CONF=/linux/arch/riscv/configs/defconfig; \
;; \
esac && \
cp /src/${KERNEL_SERIES}/config-$(uname -m) ${KERNEL_DEF_CONF}; \
if [ -n "${EXTRA}" ] && [ -f "/src/${KERNEL_SERIES}-${EXTRA}/config-$(uname -m)" ]; then \
@@ -139,6 +142,9 @@ RUN make -j "$(getconf _NPROCESSORS_ONLN)" KCFLAGS="-fno-pie" && \
aarch64) \
cp arch/arm64/boot/Image.gz /out/kernel; \
;; \
riscv64) \
cp arch/riscv/boot/Image.gz /out/kernel; \
;; \
esac && \
cp System.map /out && \
([ -n "${DEBUG}" ] && cp vmlinux /out || true)

52
kernel/Dockerfile.bcc
View File

@@ -1,6 +1,8 @@
ARG BUILD_IMAGE
ARG KERNEL_VERSION
ARG PKG_HASH
FROM ${KERNEL_VERSION}-${HASH} as ksrc
FROM linuxkit/kernel:${KERNEL_VERSION}-${PKG_HASH} as ksrc
FROM ${BUILD_IMAGE} AS build
RUN apk update && apk upgrade -a && \
@@ -22,11 +24,11 @@ RUN apk update && apk upgrade -a && \
iperf3 \
libedit-dev \
libtool \
llvm \
llvm-dev \
llvm-static \
llvm17-gtest \
luajit-dev \
libxml2 \
llvm19 \
llvm19-dev \
llvm19-static \
llvm19-gtest \
m4 \
musl-fts-dev \
python3 \
@@ -36,21 +38,8 @@ RUN apk update && apk upgrade -a && \
zlib-dev \
&& true
# this is just here to make later copies easier; do not forget to change this if the python version updates
ENV PYTHON_VERSION=3.11
RUN ln -s /usr/lib/cmake/llvm10/ /usr/lib/cmake/llvm && \
ln -s /usr/include/llvm10/llvm-c/ /usr/include/llvm-c && \
ln -s /usr/include/llvm10/llvm/ /usr/include/llvm
WORKDIR /build
ENV BCC_COMMIT=v0.29.1
RUN git clone https://github.com/iovisor/bcc.git && \
cd bcc && \
git checkout $BCC_COMMIT && \
sed -i 's/<error.h>/<errno.h>/' examples/cpp/KModRetExample.cc
COPY --from=ksrc /kernel-headers.tar /build
COPY --from=ksrc /kernel-dev.tar /build
COPY --from=ksrc /kernel.tar /build
@@ -58,15 +47,6 @@ RUN tar xf /build/kernel-headers.tar && \
tar xf /build/kernel-dev.tar && \
tar xf /build/kernel.tar
RUN mkdir -p bcc/build && cd bcc/build && \
cmake .. -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON \
-DCMAKE_C_FLAGS="-I/build/usr/include" \
-DPYTHON_CMD=python3 \
-DCMAKE_CXX_FLAGS="-I/build/usr/include" \
-DCMAKE_INSTALL_PREFIX=/usr && \
make && \
make install
RUN mkdir -p /out/usr/ && \
cp -a /build/usr/src /out/usr/ && \
cp -a /build/usr/include /out/usr
@@ -74,23 +54,25 @@ RUN mkdir -p /out/usr/lib && \
cp -a /usr/lib/libelf* /out/usr/lib/ && \
cp -a /usr/lib/libstdc* /out/usr/lib/ && \
cp -a /usr/lib/libintl* /out/usr/lib/
RUN mkdir -p /out/usr/lib/python${PYTHON_VERSION} && \
cp -a /usr/lib/python${PYTHON_VERSION}/site-packages /out/usr/lib/python${PYTHON_VERSION}/
RUN mkdir -p /out/usr/share && \
cp -a /usr/share/bcc /out/usr/share/
RUN mkdir -p /out/usr/bin && \
cp -a /usr/bin/bcc-lua /out/usr/bin/
RUN PYTHONPATH=$(python3 -c "import sysconfig; print(sysconfig.get_path('stdlib'))") && mkdir -p /out${PYTHONPATH} && \
cp -a ${PYTHONPATH}/site-packages /out/${PYTHONPATH}
FROM ${BUILD_IMAGE} as mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk update && apk upgrade -a && \
apk add --no-cache --initdb -p /out \
bcc \
bcc-dev \
bcc-tools \
busybox \
luajit \
python3 \
zlib \
&& true
# lua/luajit is not available on all platforms, but we do not consider it blocking
RUN apk add --no-cache -p /out luajit || true
RUN apk add --no-cache -p /out bcc-lua || true
FROM scratch
ENTRYPOINT []
CMD []

3
kernel/Dockerfile.kconfig
View File

@@ -43,8 +43,9 @@ RUN set -e && \
patch -t -F0 -N -u -p1 < "$patch"; \
done; \
fi && \
[ ! -f /config-${SERIES}-x86_64 ] || mv /config-${SERIES}-x86_64 arch/x86/configs/x86_64_defconfig && \
[ ! -f /config-${SERIES}-x86_64 ] || mv /config-${SERIES}-x86_64 arch/x86/configs/x86_64_defconfig ; \
[ ! -f /config-${SERIES}-aarch64 ] || mv /config-${SERIES}-aarch64 arch/arm64/configs/defconfig ; \
[ ! -f /config-${SERIES}-riscv64 ] || mv /config-${SERIES}-riscv64 arch/riscv64/configs/riscv64_defconfig ; \
done
ENTRYPOINT ["/bin/sh"]

3
kernel/Dockerfile.kconfigx
View File

@@ -58,6 +58,9 @@ for VERSION in ${KERNEL_VERSIONS}; do
elif [ ${TARGETARCH} = "arm64" ] ; then
cp /config-${SERIES}-aarch64 .config
ARCH=arm64 make oldconfig
elif [ ${TARGETARCH} = "riscv64" ] ; then
cp /config-${SERIES}-riscv64 .config
ARCH=riscv64 make oldconfig
fi
done
EOF

6
kernel/Dockerfile.perf
View File

@@ -1,8 +1,10 @@
# This Dockerfile extracts the source code and headers from a kernel package,
# builds the perf utility, and places it into a scratch image
ARG BUILD_IMAGE
ARG KERNEL_VERSION
ARG PKG_HASH
FROM ${KERNEL_VERSION}-${HASH} AS ksrc
FROM linuxkit/kernel:${KERNEL_VERSION}-${PKG_HASH} as ksrc
FROM ${BUILD_IMAGE} AS build
RUN apk add \
@@ -51,7 +53,7 @@ RUN make -C libtraceevent all install V=1
WORKDIR /linux
RUN mkdir -p /out && \
make -C tools/perf LDFLAGS=-static V=1 && \
make -C tools/perf EXTRA_CFLAGS="-Wno-alloc-size -Wno-calloc-transposed-args" LDFLAGS=-static V=1 && \
strip tools/perf/perf && \
cp tools/perf/perf /out

52
kernel/Makefile
View File

@@ -16,7 +16,7 @@ RM = rm -f
# Name and Org on Hub
ORG?=linuxkit
IMAGE?=kernel
IMAGE_BUILDER=linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e
IMAGE_BUILDER=linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a
# You can specify an extra options for the Makefile. This will:
# - append a config$(EXTRA) to the kernel config for your kernel/arch
@@ -37,21 +37,23 @@ endif
REPO_ROOT:=$(shell git rev-parse --show-toplevel)
# determine our architecture
BUILDERARCH=
ARCH?=$(shell uname -m)
BUILDERARCH=$(ARCH)
ifneq ($(ARCH),)
ifeq ($(ARCH),$(filter $(ARCH),x86_64 amd64))
override ARCH=x86_64
BUILDERARCH=amd64
override BUILDERARCH=amd64
endif
ifeq ($(ARCH),$(filter $(ARCH),aarch64 arm64))
override ARCH=aarch64
BUILDERARCH=arm64
override BUILDERARCH=arm64
endif
ifeq ($(ARCH),riscv64)
override BUILDERARCH=riscv64
endif
endif
ifneq ($(BUILDERARCH),)
PLATFORMS=--platforms linux/$(BUILDERARCH)
endif
BUILD_PLATFORM=linux/$(BUILDERARCH)
HASHTAG=$(HASH)$(DIRTY)
@@ -124,11 +126,11 @@ buildkerneldeps-%: Dockerfile Makefile $(wildcard patches-$(call series,$*)/*) $
buildplainkernel-%: buildkerneldeps-%
$(eval KERNEL_SERIES=$(call series,$*))
linuxkit pkg build . $(FORCE) $(PLATFORMS) --build-yml ./build-kernel.yml --tag "$*-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args
linuxkit pkg build . $(FORCE) --platforms $(BUILD_PLATFORM) --build-yml ./build-kernel.yml --tag "$*-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args
builddebugkernel-%: buildkerneldeps-%
$(eval KERNEL_SERIES=$(call series,$*))
linuxkit pkg build . $(FORCE) $(PLATFORMS) --build-yml ./build-kernel.yml --tag "$*-dbg-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args --build-arg-file build-args-debug
linuxkit pkg build . $(FORCE) --platforms $(BUILD_PLATFORM) --build-yml ./build-kernel.yml --tag "$*-dbg-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args --build-arg-file build-args-debug
push-%: notdirty build-% pushkernel-% tagbuilder-% pushtools-%;
@@ -163,7 +165,7 @@ buildtool-%:
$(eval TOOL=$(call toolname,$*))
$(eval KERNEL_VERSION=$(call toolkernel,$*))
$(eval KERNEL_SERIES=$(call series,$(KERNEL_VERSION)))
linuxkit pkg build . $(FORCE) $(PLATFORMS) --build-yml ./build-$(TOOL).yml --tag "$(KERNEL_VERSION)-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args
linuxkit pkg build . $(FORCE) --platforms $(BUILD_PLATFORM) --build-yml ./build-$(TOOL).yml --tag "$(KERNEL_VERSION)-{{.Hash}}" --build-arg-file $(KERNEL_SERIES)/build-args
pushtools-%: $(addprefix pushtool-%$(RELEASESEP),$(TOOLS));
@@ -206,34 +208,34 @@ update-kernel-semver-yaml-%:
update-kernel-yamls: $(addprefix update-kernel-hash-yaml-,$(KERNELS)) update-kernel-semver-yaml-$(KERNEL_HIGHEST);
# Target for kernel config
kconfig:
ifeq (${KCONFIG_TAG},)
docker build --no-cache -f Dockerfile.kconfig \
--build-arg KERNEL_VERSIONS="$(KERNEL_VERSIONS)" \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
-t linuxkit/kconfig .
else
docker build --no-cache -f Dockerfile.kconfig \
--build-arg KERNEL_VERSIONS="$(KERNEL_VERSIONS)" \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
-t linuxkit/kconfig:${KCONFIG_TAG} .
KCONFIG_TAG_EXTENSION=
ifneq (${KCONFIG_TAG},)
KCONFIG_TAG_EXTENSION=-${KCONFIG_TAG}
endif
kconfig:
docker build --no-cache -f Dockerfile.kconfig \
--build-arg KERNEL_VERSIONS="$(KERNEL_VERSIONS)" \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
--platform $(BUILD_PLATFORM) \
-t linuxkit/kconfig:$(ARCH)${KCONFIG_TAG_EXTENSION} .
kconfigx:
ifeq (${KCONFIG_TAG},)
docker buildx build --no-cache -f Dockerfile.kconfigx \
--platform=$(PLATFORMS) \
--platform $(BUILD_PLATFORM) \
--output . \
--build-arg KERNEL_VERSIONS="$(KERNEL_VERSIONS)" \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
-t linuxkit/kconfigx .
-t linuxkit/kconfigx:$(ARCH) .
cp linux_arm64/config-${KERNEL_VERSIONS}-arm64 config-${KERNEL_SERIES}-aarch64
cp linux_amd64/config-${KERNEL_VERSIONS}-amd64 config-${KERNEL_SERIES}-x86_64
cp linux_amd64/config-${KERNEL_VERSIONS}-riscv64 config-${KERNEL_SERIES}-riscv64
else
docker buildx build --no-cache -f Dockerfile.kconfigx \
--platform=$(PLATFORMS) --push \
--platform $(BUILD_PLATFORM) --push \
--output . \
--build-arg KERNEL_VERSIONS="$(KERNEL_VERSIONS)" \
--build-arg BUILD_IMAGE=$(IMAGE_BUILDER) \
-t linuxkit/kconfigx:${KCONFIG_TAG} .
-t linuxkit/kconfigx:$(ARCH)${KCONFIG_TAG_EXTENSION} .
endif

1
kernel/build-bcc.yml
View File

@@ -1,2 +1,3 @@
image: kernel-bcc
network: true
dockerfile: Dockerfile.bcc

1
kernel/build-perf.yml
View File

@@ -1,2 +1,3 @@
image: kernel-perf
network: true
dockerfile: Dockerfile.perf

2
linuxkit-template.yml
View File

@@ -1,5 +1,5 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- "@pkg:./pkg/init"

18
linuxkit.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:6.6.13
image: linuxkit/kernel:6.6.71
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/init:8eea386739975a43af558eec757a7dcb3a3d2e7b
- linuxkit/runc:667e7ea2c426a2460ca21e3da065a57dbb3369c9
- linuxkit/containerd:a988a1a8bcbacc2c0390ca0c08f949e2b4b5915d
- linuxkit/ca-certificates:7b32a26ca9c275d3ef32b11fe2a83dbd2aee2fdb
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
image: linuxkit/sysctl:5f56434b81004b50b47ed629b222619168c2bcdf
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
image: linuxkit/dhcpcd:157df9ef45a035f1542ec2270e374f18efef98a5
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
@@ -18,11 +18,11 @@ onshutdown:
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
image: linuxkit/getty:05eca453695984a69617f1f1f0bcdae7f7032967
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:1a18f2149e42a0a1cb9e7d37608a494342c26032
- name: nginx
image: nginx:1.19.5-alpine
capabilities:

4
pkg/acpid/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
@@ -6,7 +6,7 @@ RUN apk add --no-cache --initdb -p /out \
busybox
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror2
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror2
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
acpid

2
pkg/auditd/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --initdb -p /out alpine-baselayout apk-tools audit busybox tini

2
pkg/binfmt/Dockerfile
View File

@@ -9,7 +9,7 @@ RUN apt-get update && apt-get install -y qemu-user-static && \
mv /usr/bin/qemu-loongarch64-static /usr/bin/qemu-loongarch64 && \
rm /usr/bin/qemu-*-static
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN apk add --no-cache go musl-dev
ENV GOPATH=/go PATH=$PATH:/go/bin

2
pkg/bpftrace/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS build
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS build
RUN apk add --update \
bison \
build-base \

2
pkg/ca-certificates/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e as alpine
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a as alpine
RUN apk add ca-certificates

8
pkg/cadvisor/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e as build
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a as build
RUN apk add --no-cache bash go git musl-dev linux-headers make patch
# Hack to work around an issue with go on arm64 requiring gcc
@@ -7,7 +7,7 @@ RUN [ $(uname -m) = aarch64 ] && apk add --no-cache gcc || true
ENV GOPATH=/go PATH=$PATH:/go/bin
ENV GITBASE=github.com/google
ENV GITREPO=github.com/google/cadvisor
ENV COMMIT=v0.36.0
ENV COMMIT=v0.51.0
ADD /static.patch /tmp/
@@ -18,10 +18,10 @@ RUN mkdir -p /go/src/${GITBASE} \
&& git checkout ${COMMIT} \
&& patch -p1 build/build.sh </tmp/static.patch \
&& make build \
&& mv cadvisor /usr/bin/
&& mv _output/cadvisor /usr/bin/
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \

1
pkg/cadvisor/build.yml
View File

@@ -3,6 +3,7 @@ network: true
arches:
- amd64
- arm64
- riscv64
config:
pid: host
binds:

2
pkg/cadvisor/static.patch
View File

@@ -1,6 +1,6 @@
--- build/build.sh.orig 2017-11-16 16:29:18.281342577 +0000
+++ build/build.sh 2017-11-16 16:29:55.534787421 +0000
@@ -44,6 +44,7 @@
@@ -47,6 +47,7 @@
-X ${repo_path}/version.BuildDate${ldseparator}${BUILD_DATE}
-X ${repo_path}/version.GoVersion${ldseparator}${go_version}"

6
pkg/containerd/Dockerfile
View File

@@ -1,15 +1,15 @@
# Dockerfile to build linuxkit/containerd for linuxkit
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e as alpine
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a as alpine
RUN apk add tzdata binutils
RUN mkdir -p /etc/init.d && ln -s /usr/bin/service /etc/init.d/020-containerd
FROM linuxkit/containerd-dev:25522a7fcffd14465d807fadc3d3e4f6da7b10ec as containerd-dev
FROM linuxkit/containerd-dev:fb4bf37a114ce1eb8a2c4ed3db91a50301805e2c as containerd-dev
FROM scratch
ENTRYPOINT []
WORKDIR /
COPY --from=containerd-dev /usr/bin/containerd /usr/bin/ctr /usr/bin/containerd-shim /usr/bin/containerd-shim-runc-v2 /usr/bin/
COPY --from=containerd-dev /usr/bin/containerd /usr/bin/ctr /usr/bin/containerd-shim-runc-v2 /usr/bin/
COPY --from=alpine /usr/share/zoneinfo/UTC /etc/localtime
COPY --from=alpine /etc/init.d/ /etc/init.d/
COPY etc etc/

6
pkg/containerd/etc/containerd/config.toml
View File

@@ -1,6 +1,10 @@
version = 2
state = "/run/containerd"
root = "/var/lib/containerd"
disabled_plugins = ["cri"]
[plugins."io.containerd.grpc.v1.cri"]
disabled = true
[grpc]
address = "/run/containerd/containerd.sock"

2
pkg/dhcpcd/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \

2
pkg/dm-crypt/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
alpine-baselayout \

2
pkg/dummy/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS build
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS build
RUN apk add --no-cache --initdb make
FROM scratch

4
pkg/extend/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS mirror
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS mirror
RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
RUN apk add --no-cache --initdb -p /out \
@@ -15,7 +15,7 @@ RUN apk add --no-cache --initdb -p /out \
&& true
RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache
FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e AS build
FROM linuxkit/alpine:35b33c6b03c40e51046c3b053dd131a68a26c37a AS build
RUN apk add --no-cache go musl-dev
ENV GOPATH=/go PATH=$PATH:/go/bin

19
pkg/extend/extend.go
View File

@@ -22,8 +22,9 @@ import (
const timeout = 60
var (
fsTypeVar string
driveKeys []string
fsTypeVar string
stopOnError bool
driveKeys []string
)
// Fdisk is the JSON output from libfdisk
@@ -57,7 +58,12 @@ func autoextend(fsType string) error {
continue
}
if err := extend(d, fsType); err != nil {
return err
if stopOnError {
return err
}
log.Printf("Could not extend partition on device %s. Skipping", d)
continue
}
}
return nil
@@ -76,6 +82,11 @@ func extend(d, fsType string) error {
return fmt.Errorf("Unable to unmarshal partition table from sfdisk: %v", err)
}
if len(f.PartitionTable.Partitions) == 0 {
log.Printf("Disk %s has no partitions. Skipping", d)
return nil
}
if len(f.PartitionTable.Partitions) > 1 {
log.Printf("Disk %s has more than 1 partition. Skipping", d)
return nil
@@ -312,11 +323,13 @@ func findDrives() {
func init() {
flag.StringVar(&fsTypeVar, "type", "ext4", "Type of filesystem to create")
flag.BoolVar(&stopOnError, "stop-on-error", true, "Stops extending the remaining devices on first error")
}
func main() {
flag.Parse()
findDrives()
if flag.NArg() == 0 {
if err := autoextend(fsTypeVar); err != nil {
log.Fatalf("%v", err)

4
pkg/extend/go.mod
View File

@@ -1,5 +1,5 @@
module github.com/linuxkit/linuxkit/pkg/extend
go 1.15
go 1.21
require golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2
require golang.org/x/sys v0.22.0

4
pkg/extend/go.sum
View File

@@ -1,2 +1,2 @@
golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2 h1:rn9VfHLpovNshEHhLAFADpPdWI+EUYgtyaUcQysy5P8=
golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=

3
pkg/extend/vendor/golang.org/x/sys/AUTHORS generated vendored
View File

@@ -1,3 +0,0 @@
# This source code refers to The Go Authors for copyright purposes.
# The master list of authors is in the main Go distribution,
# visible at http://tip.golang.org/AUTHORS.

3
pkg/extend/vendor/golang.org/x/sys/CONTRIBUTORS generated vendored
View File

@@ -1,3 +0,0 @@
# This source code was written by the Go contributors.
# The master list of contributors is in the main Go distribution,
# visible at http://tip.golang.org/CONTRIBUTORS.

1
pkg/extend/vendor/golang.org/x/sys/unix/.gitignore generated vendored
View File

@@ -1 +1,2 @@
_obj/
unix.test

41
pkg/extend/vendor/golang.org/x/sys/unix/README.md generated vendored
View File

@@ -14,7 +14,7 @@ migrating the build system to use containers so the builds are reproducible.
This is being done on an OS-by-OS basis. Please update this documentation as
components of the build system change.
### Old Build System (currently for `GOOS != "Linux" || GOARCH == "sparc64"`)
### Old Build System (currently for `GOOS != "linux"`)
The old build system generates the Go files based on the C header files
present on your system. This means that files
@@ -32,9 +32,9 @@ To build the files for your current OS and architecture, make sure GOOS and
GOARCH are set correctly and run `mkall.sh`. This will generate the files for
your specific system. Running `mkall.sh -n` shows the commands that will be run.
Requirements: bash, perl, go
Requirements: bash, go
### New Build System (currently for `GOOS == "Linux" && GOARCH != "sparc64"`)
### New Build System (currently for `GOOS == "linux"`)
The new build system uses a Docker container to generate the go files directly
from source checkouts of the kernel and various system libraries. This means
@@ -52,14 +52,14 @@ system and have your GOOS and GOARCH set accordingly. Running `mkall.sh` will
then generate all of the files for all of the GOOS/GOARCH pairs in the new build
system. Running `mkall.sh -n` shows the commands that will be run.
Requirements: bash, perl, go, docker
Requirements: bash, go, docker
## Component files
This section describes the various files used in the code generation process.
It also contains instructions on how to modify these files to add a new
architecture/OS or to add additional syscalls, types, or constants. Note that
if you are using the new build system, the scripts cannot be called normally.
if you are using the new build system, the scripts/programs cannot be called normally.
They must be called from within the docker container.
### asm files
@@ -76,30 +76,30 @@ arguments can be passed to the kernel. The third is for low-level use by the
ForkExec wrapper. Unlike the first two, it does not call into the scheduler to
let it know that a system call is running.
When porting Go to an new architecture/OS, this file must be implemented for
When porting Go to a new architecture/OS, this file must be implemented for
each GOOS/GOARCH pair.
### mksysnum
Mksysnum is a script located at `${GOOS}/mksysnum.pl` (or `mksysnum_${GOOS}.pl`
for the old system). This script takes in a list of header files containing the
Mksysnum is a Go program located at `${GOOS}/mksysnum.go` (or `mksysnum_${GOOS}.go`
for the old system). This program takes in a list of header files containing the
syscall number declarations and parses them to produce the corresponding list of
Go numeric constants. See `zsysnum_${GOOS}_${GOARCH}.go` for the generated
constants.
Adding new syscall numbers is mostly done by running the build on a sufficiently
new installation of the target OS (or updating the source checkouts for the
new build system). However, depending on the OS, you make need to update the
new build system). However, depending on the OS, you may need to update the
parsing in mksysnum.
### mksyscall.pl
### mksyscall.go
The `syscall.go`, `syscall_${GOOS}.go`, `syscall_${GOOS}_${GOARCH}.go` are
hand-written Go files which implement system calls (for unix, the specific OS,
or the specific OS/Architecture pair respectively) that need special handling
and list `//sys` comments giving prototypes for ones that can be generated.
The mksyscall.pl script takes the `//sys` and `//sysnb` comments and converts
The mksyscall.go program takes the `//sys` and `//sysnb` comments and converts
them into syscalls. This requires the name of the prototype in the comment to
match a syscall number in the `zsysnum_${GOOS}_${GOARCH}.go` file. The function
prototype can be exported (capitalized) or not.
@@ -107,7 +107,7 @@ prototype can be exported (capitalized) or not.
Adding a new syscall often just requires adding a new `//sys` function prototype
with the desired arguments and a capitalized name so it is exported. However, if
you want the interface to the syscall to be different, often one will make an
unexported `//sys` prototype, an then write a custom wrapper in
unexported `//sys` prototype, and then write a custom wrapper in
`syscall_${GOOS}.go`.
### types files
@@ -137,7 +137,7 @@ some `#if/#elif` macros in your include statements.
This script is used to generate the system's various constants. This doesn't
just include the error numbers and error strings, but also the signal numbers
an a wide variety of miscellaneous constants. The constants come from the list
and a wide variety of miscellaneous constants. The constants come from the list
of include files in the `includes_${uname}` variable. A regex then picks out
the desired `#define` statements, and generates the corresponding Go constants.
The error numbers and strings are generated from `#include <errno.h>`, and the
@@ -149,10 +149,21 @@ To add a constant, add the header that includes it to the appropriate variable.
Then, edit the regex (if necessary) to match the desired constant. Avoid making
the regex too broad to avoid matching unintended constants.
### internal/mkmerge
This program is used to extract duplicate const, func, and type declarations
from the generated architecture-specific files listed below, and merge these
into a common file for each OS.
The merge is performed in the following steps:
1. Construct the set of common code that is idential in all architecture-specific files.
2. Write this common code to the merged file.
3. Remove the common code from all architecture-specific files.
## Generated files
### `zerror_${GOOS}_${GOARCH}.go`
### `zerrors_${GOOS}_${GOARCH}.go`
A file containing all of the system's generated error numbers, error strings,
signal numbers, and constants. Generated by `mkerrors.sh` (see above).
@@ -160,7 +171,7 @@ signal numbers, and constants. Generated by `mkerrors.sh` (see above).
### `zsyscall_${GOOS}_${GOARCH}.go`
A file containing all the generated syscalls for a specific GOOS and GOARCH.
Generated by `mksyscall.pl` (see above).
Generated by `mksyscall.go` (see above).
### `zsysnum_${GOOS}_${GOARCH}.go`

86
pkg/extend/vendor/golang.org/x/sys/unix/affinity_linux.go generated vendored Normal file
View File

@@ -0,0 +1,86 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// CPU affinity functions
package unix
import (
"math/bits"
"unsafe"
)
const cpuSetSize = _CPU_SETSIZE / _NCPUBITS
// CPUSet represents a CPU affinity mask.
type CPUSet [cpuSetSize]cpuMask
func schedAffinity(trap uintptr, pid int, set *CPUSet) error {
_, _, e := RawSyscall(trap, uintptr(pid), uintptr(unsafe.Sizeof(*set)), uintptr(unsafe.Pointer(set)))
if e != 0 {
return errnoErr(e)
}
return nil
}
// SchedGetaffinity gets the CPU affinity mask of the thread specified by pid.
// If pid is 0 the calling thread is used.
func SchedGetaffinity(pid int, set *CPUSet) error {
return schedAffinity(SYS_SCHED_GETAFFINITY, pid, set)
}
// SchedSetaffinity sets the CPU affinity mask of the thread specified by pid.
// If pid is 0 the calling thread is used.
func SchedSetaffinity(pid int, set *CPUSet) error {
return schedAffinity(SYS_SCHED_SETAFFINITY, pid, set)
}
// Zero clears the set s, so that it contains no CPUs.
func (s *CPUSet) Zero() {
for i := range s {
s[i] = 0
}
}
func cpuBitsIndex(cpu int) int {
return cpu / _NCPUBITS
}
func cpuBitsMask(cpu int) cpuMask {
return cpuMask(1 << (uint(cpu) % _NCPUBITS))
}
// Set adds cpu to the set s.
func (s *CPUSet) Set(cpu int) {
i := cpuBitsIndex(cpu)
if i < len(s) {
s[i] |= cpuBitsMask(cpu)
}
}
// Clear removes cpu from the set s.
func (s *CPUSet) Clear(cpu int) {
i := cpuBitsIndex(cpu)
if i < len(s) {
s[i] &^= cpuBitsMask(cpu)
}
}
// IsSet reports whether cpu is in the set s.
func (s *CPUSet) IsSet(cpu int) bool {
i := cpuBitsIndex(cpu)
if i < len(s) {
return s[i]&cpuBitsMask(cpu) != 0
}
return false
}
// Count returns the number of CPUs in the set s.
func (s *CPUSet) Count() int {
c := 0
for _, b := range s {
c += bits.OnesCount64(uint64(b))
}
return c
}

13
pkg/extend/vendor/golang.org/x/sys/unix/aliases.go generated vendored Normal file
View File

@@ -0,0 +1,13 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
package unix
import "syscall"
type Signal = syscall.Signal
type Errno = syscall.Errno
type SysProcAttr = syscall.SysProcAttr

17
pkg/extend/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s generated vendored Normal file
View File

@@ -0,0 +1,17 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build gc
#include "textflag.h"
//
// System calls for ppc64, AIX are implemented in runtime/syscall_aix.go
//
TEXT ·syscall6(SB),NOSPLIT,$0-88
JMP syscall·syscall6(SB)
TEXT ·rawSyscall6(SB),NOSPLIT,$0-88
JMP syscall·rawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_386.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for 386 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || dragonfly || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for AMD64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_arm.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for ARM BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for ARM64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s generated vendored Normal file
View File

@@ -0,0 +1,29 @@
// Copyright 2022 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
//
// System call support for ppc64, BSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for RISCV64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

30
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_arm.s generated vendored
View File

@@ -1,30 +0,0 @@
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
// +build arm,darwin
#include "textflag.h"
//
// System call support for ARM, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

30
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s generated vendored
View File

@@ -1,30 +0,0 @@
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
// +build arm64,darwin
#include "textflag.h"
//
// System call support for AMD64, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
B syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, DragonFly
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-64
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-88
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-112
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-64
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-88
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_freebsd_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, FreeBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

Some files were not shown because too many files have changed in this diff Show More