github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-03-19 19:33:03 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: github:v1.0.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2
...
compare: github:v1.2.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2

232 Commits
v1.0.0 ... v1.2.0

Author SHA1 Message Date
Avi Deitcher
de6978908f Merge pull request #3998 from deitch/missing-builder-label-on-kernel 
in kernel build, have ARG in correct place to be usable
 2024-03-03 01:50:38 -08:00
Avi Deitcher
a40251bf14 in kernel build, have ARG in correct place to be usable 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-03 11:17:57 +02:00
Avi Deitcher
10e6d57505 Merge pull request #3993 from deitch/kernel-build-with-linuxkit 
switch kernel builds to linuxkit pkg build for simplicity
 2024-03-02 12:07:40 -08:00
Avi Deitcher
000b6f4bb1 switch kernel builds to linuxkit pkg build for simplicity 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-02 21:22:05 +02:00
Avi Deitcher
7e45f8ef2e Merge pull request #3997 from deitch/build-args-files-trim 
when reading build-args from file, always trim whitespace for key and…
 2024-03-02 11:21:22 -08:00
Avi Deitcher
a5d5bb87c2 when reading build-args from file, always trim whitespace for key and value 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-01 16:03:54 +02:00
Avi Deitcher
58c36c9eb0 Merge pull request #3995 from deitch/cache-push-options 
push arch-specific tags optional
 2024-03-01 04:50:10 -08:00
Avi Deitcher
51a4c3b3eb push arch-specific tags optional 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-01 13:41:59 +02:00
Avi Deitcher
c72f700910 Merge pull request #3994 from deitch/pkg-build-progress 
option to control progress in pkg build
 2024-02-29 05:53:12 -08:00
Avi Deitcher
354c1c31e1 option to control progress in pkg build 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-29 15:21:28 +02:00
Avi Deitcher
898039595d Merge pull request #3992 from deitch/cache-tag 
option to push local image to somewhere else
 2024-02-28 10:49:57 -08:00
Avi Deitcher
1766f61aed option to push local image to somewhere else 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-28 16:28:07 +02:00
Avi Deitcher
41cd91e0e3 Merge pull request #3991 from deitch/cache-pull-push 
add support for pushing and pulling images
 2024-02-28 04:06:00 -08:00
Avi Deitcher
54d9db8650 add support for pushing and pulling images 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-28 13:08:47 +02:00
Avi Deitcher
8b9b3f673b Merge pull request #3989 from deitch/kernel-build-dirs 
restructure kernel builds into directories
 2024-02-27 07:01:21 -08:00
Avi Deitcher
cd12a8613d restructure kernel builds into directories 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-27 15:14:06 +02:00
Avi Deitcher
51102106b3 Merge pull request #3966 from mestery/mestery/issue3965 
Enable VRF in kernel configurations
 2024-02-26 07:09:46 -08:00
Kyle Mestery
bdc15ae9f6 Enable VRF in kernel configurations 
Signed-off-by: Kyle Mestery <mestery@mestery.com>
 2024-02-26 07:59:21 -06:00
Avi Deitcher
86d11e2879 Merge pull request #3988 from deitch/yaml-template 
template in yaml file
 2024-02-25 02:03:15 -08:00
Avi Deitcher
1f57ac5280 fix yaml in test case with duplicate key 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-25 11:28:54 +02:00
Avi Deitcher
06a05badf6 template in yaml file 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-23 15:43:45 +02:00
Avi Deitcher
36f379abe5 Merge pull request #3987 from deitch/build-arg-file 
add support for build-arg files
 2024-02-22 07:24:35 -08:00
Avi Deitcher
56543ed0a2 add support for build-arg files 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-22 16:41:49 +02:00
Avi Deitcher
72be49c81c Merge pull request #3986 from deitch/dockerfile-in-build-yml 
Dockerfile in build yml and CLI; tag templates
 2024-02-21 12:21:17 -08:00
Avi Deitcher
83a8c5cae2 add support for tag templates 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-21 21:45:39 +02:00
Avi Deitcher
0c31697e10 add support for specifying dockerfile in build process 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-21 21:15:08 +02:00
Avi Deitcher
2cff5681b5 Merge pull request #3985 from deitch/cache-load 
enable import of images from tar files
 2024-02-20 04:44:16 -08:00
Avi Deitcher
f04e28d291 enable import of images from tar files 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-20 13:59:14 +02:00
Avi Deitcher
4cdfd5ff9c Merge pull request #3983 from beriberikix/usbip 
Rebased and re-implemented USBIP configs
 2024-02-18 06:31:32 -08:00
Jonathan Beri
b12a7d584f Rebased and re-implemented USBIP configs 
Signed-off-by: Jonathan Beri <jberi@golioth.io>

Revert to master

Signed-off-by: Jonathan Beri <jberi@golioth.io>

Modify USBIP modules by hand

Signed-off-by: Jonathan Beri <jberi@golioth.io>
 2024-02-18 05:39:52 -08:00
Avi Deitcher
0895d146d4 Merge pull request #3984 from deitch/fix-dev-nul 
use proper null in script and not mispelled nul
 2024-02-18 05:03:56 -08:00
Avi Deitcher
bd582fa474 use proper null in script and not mispelled nul 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-18 11:40:33 +02:00
Avi Deitcher
657b33805e Merge pull request #3982 from christoph-zededa/bump_runc_cve-2024-21626 
runc: bump to newest version
 2024-02-05 03:44:32 -08:00
Christoph Ostarek
819d83b716 runc: bump to newest version 
./scripts/update-component-sha.sh --pkg ./pkg/runc

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-02-05 11:45:39 +01:00
Christoph Ostarek
c2b9970241 runc: bump to newest version 
This version includes a fix for CVE-2024-21626 which
allowed an attacker in bad circumstances to
"escape containerized environments".

See also https://access.redhat.com/security/cve/cve-2024-21626

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-02-05 11:44:41 +01:00
Avi Deitcher
23c1b5797b Merge pull request #3981 from deitch/kernel-cross-build 
kernels Makefile support custom builders and archs
 2024-02-01 06:38:53 -08:00
Avi Deitcher
4e070077c9 kernels Makefile support custom builders and archs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-02-01 15:39:16 +02:00
Avi Deitcher
bafbf0ac0f Merge pull request #3980 from deitch/kernel-document 
updated kernel documents
 2024-01-31 01:36:09 -08:00
Avi Deitcher
c388177596 updated kernel documents 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-31 10:54:47 +02:00
Avi Deitcher
6c29f580ae Merge pull request #3971 from deitch/update-alpine-base 
bump alpine base for kernel, regenerate configs
 2024-01-30 04:10:00 -08:00
Avi Deitcher
fa4af07faf update deps of check-kernel-config 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-30 10:25:08 +02:00
Avi Deitcher
e5fbf8a972 update kernel perf 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-30 10:15:28 +02:00
Avi Deitcher
b405b39c48 bump xfs to use kernel 6.6 and latest format 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-30 10:15:28 +02:00
Avi Deitcher
480ff67ddc update bcc version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-30 10:15:28 +02:00
Avi Deitcher
4b3eb1ff38 kernel 6.6.x config 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-30 10:15:27 +02:00
Avi Deitcher
316886c946 add 6.6.13 to tests 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-29 15:28:01 +02:00
Avi Deitcher
752a35b1aa restructure kernel/Makefile 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-29 15:28:00 +02:00
Avi Deitcher
421b48d43a bump alpine base for kernel, regenerate configs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 22:27:59 +02:00
Avi Deitcher
605f09ef78 Merge pull request #3978 from deitch/zstd-static 
include zstd-static library
 2024-01-28 12:26:21 -08:00
Avi Deitcher
3a6398e351 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:53:32 +02:00
Avi Deitcher
d018c425f6 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:51:39 +02:00
Avi Deitcher
909e5c97ff Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:51:24 +02:00
Avi Deitcher
eff77819a4 tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:51:16 +02:00
Avi Deitcher
927997930b Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:51:14 +02:00
Avi Deitcher
7977310c52 tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:51:04 +02:00
Avi Deitcher
8bd896a955 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:50:01 +02:00
Avi Deitcher
7276939ad2 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 20:47:44 +02:00
Avi Deitcher
3607a34892 Merge pull request #3977 from deitch/python3-dev 
Python3 dev
 2024-01-28 09:08:19 -08:00
Avi Deitcher
0d15d8d9bb Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:32:09 +02:00
Avi Deitcher
d907c675d2 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:31:01 +02:00
Avi Deitcher
b2a3badd5f Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:30:49 +02:00
Avi Deitcher
f8f690f6f3 tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:30:36 +02:00
Avi Deitcher
449ec61222 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:30:31 +02:00
Avi Deitcher
d9027d543d tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:30:18 +02:00
Avi Deitcher
1676b1a538 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:29:14 +02:00
Avi Deitcher
59bae229c2 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 15:26:51 +02:00
Avi Deitcher
e4ba559605 Merge pull request #3976 from deitch/llvm17-gtest-again 
Llvm17 gtest again
 2024-01-28 02:44:35 -08:00
Avi Deitcher
45d7ab8fed Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:57:05 +02:00
Avi Deitcher
b71ac70742 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:55:04 +02:00
Avi Deitcher
8a23691591 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:54:43 +02:00
Avi Deitcher
1bd9e9b5a2 tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:54:20 +02:00
Avi Deitcher
9cf5d809e8 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:54:09 +02:00
Avi Deitcher
a538a1efcf tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:53:56 +02:00
Avi Deitcher
09c85aa0ad tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:53:19 +02:00
Avi Deitcher
6c4eac84c2 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 10:50:35 +02:00
Avi Deitcher
66509eb115 Merge pull request #3975 from deitch/py3-pip 
Py3 pip
 2024-01-28 00:35:59 -08:00
Avi Deitcher
5954e9308a revert xfs changes because it is kernel sensitive 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-28 09:54:43 +02:00
Avi Deitcher
6b5be65a33 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:28:11 +02:00
Avi Deitcher
cbe149e97a pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:27:54 +02:00
Avi Deitcher
68308dc20b Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:27:29 +02:00
Avi Deitcher
41311cbe2b tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:27:20 +02:00
Avi Deitcher
79e91dedf8 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:27:14 +02:00
Avi Deitcher
6db6bc84aa tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:26:58 +02:00
Avi Deitcher
86382030f5 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:25:54 +02:00
Avi Deitcher
55fe1761e3 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 22:23:03 +02:00
Avi Deitcher
44403f6f56 Merge pull request #3974 from deitch/llvm7-gtest-pkg 
Add llvm17-gtest pkg
 2024-01-27 11:41:11 -08:00
Avi Deitcher
7fa10ce83a Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:58 +02:00
Avi Deitcher
73d160e356 pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:45 +02:00
Avi Deitcher
791b4630ef Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:43 +02:00
Avi Deitcher
c6be190454 tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:30 +02:00
Avi Deitcher
7defa568a2 Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:30 +02:00
Avi Deitcher
bc1a7d60df tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:30 +02:00
Avi Deitcher
64ce82b692 tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-27 21:09:30 +02:00
Avi Deitcher
7271619a8b Merge pull request #3973 from deitch/alpine-319 
Alpine 319
 2024-01-26 03:23:21 -08:00
Avi Deitcher
ab0473d953 revert xfs changes because of kernel version sensitivity 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-26 12:49:06 +02:00
Avi Deitcher
7a0ae251c0 update alpine base comments 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-26 12:44:34 +02:00
Avi Deitcher
1b3e13c880 Update package tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:24:06 +02:00
Avi Deitcher
96df8f8fda pkgs: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:23:34 +02:00
Avi Deitcher
13926f6593 Update use of test packages to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:23:04 +02:00
Avi Deitcher
846e4c9c4e tests: Update packages to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:22:53 +02:00
Avi Deitcher
d6f9f6129e Update use of tools to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:22:41 +02:00
Avi Deitcher
22cc9343b4 tools: Update to the latest linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:20:43 +02:00
Avi Deitcher
35dbd157bb tools/alpine: Update to latest 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:19:18 +02:00
Avi Deitcher
3d20dfe386 Update linuxkit/alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 23:15:38 +02:00
Avi Deitcher
ed7dacb72b Merge pull request #3972 from deitch/dockerfile-bcc-extra-package 
Dockerfile bcc extra package
 2024-01-25 07:04:43 -08:00
Avi Deitcher
a1baf077f2 remove extra package which only is available in later alpine 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-25 16:27:43 +02:00
Avi Deitcher
b0d8897189 Merge pull request #3969 from yzewei/master 
Add support for loongarch64

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-01-24 19:11:30 +02:00
Avi Deitcher
1957c8d126 Merge pull request #3969 from yzewei/master 
Add support for loongarch64
 2024-01-09 00:55:02 -08:00
yzewei
27c08f25ad Add loongarch64 support to binfmt_misc 
Signed-off-by: yzewei <yangzewei@loongson.cn>
 2024-01-09 09:04:36 +08:00
Avi Deitcher
59245e88e8 Merge pull request #3968 from christoph-zededa/fix_logread_socket_closed_too_early 
logread: do not close socket too early
 2023-12-18 06:33:32 -08:00
Christoph Ostarek
cc374a5ea8 logread: do not close socket too early 
only close socket once reading is finished

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2023-12-18 14:12:40 +01:00
Avi Deitcher
3a0405298a Merge pull request #3967 from deitch/build-after-pull-if-missing 
when pulling image to cache, if it is missing target arch, indicate an error
 2023-12-16 23:37:25 -08:00
Avi Deitcher
821dddcffc when pulling image to cache, if it is missing target arch, indicate an error 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-12-15 14:49:07 +02:00
Avi Deitcher
e115ce8dca Merge pull request #3963 from deitch/fix-image-pull-with-attestations 
Fix image pull with attestations
 2023-12-04 00:34:17 -08:00
Avi Deitcher
6e54a7bd6e properly write index when pulling image, including all manifests 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-12-03 15:44:53 +02:00
Avi Deitcher
e1d3a09976 when filling cache, ensure we include attestations 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-12-03 13:57:52 +02:00
Avi Deitcher
87bbbd184b Merge pull request #3964 from deitch/list-package-cache-during-tests 
report package cache contents at each stage of CI
 2023-12-03 03:57:14 -08:00
Avi Deitcher
782a38dcae report package cache contents at each stage 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-12-03 13:25:46 +02:00
Avi Deitcher
d1a0596bee Merge pull request #3959 from deitch/manifest-with-sboms 
fix merging indexes in pkg manifest command
 2023-11-22 04:23:40 -08:00
Avi Deitcher
4e75efc8aa fix merging indexes in pkg manifest command 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-22 12:48:34 +02:00
Avi Deitcher
4c14831d6b Merge pull request #3958 from deitch/bump-pkgs-again 
noop to force pkg rebuild
 2023-11-20 06:53:04 -08:00
Avi Deitcher
a2c6ed4205 noop to force pkg rebuild 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-20 12:05:52 +02:00
Avi Deitcher
54bd9073c2 Merge pull request #3957 from deitch/push-with-sboms 
push sboms as well
 2023-11-20 01:59:22 -08:00
Avi Deitcher
6d62579c08 push sboms as well 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-19 15:42:02 +02:00
Avi Deitcher
483e76c7f4 Merge pull request #3956 from deitch/bump-pkgs-to-generate-sbom 
changed some packages to force new package versions, rebuild with sbom
 2023-11-19 00:20:44 -08:00
Avi Deitcher
f227b73a39 changed some packages to force new package versions, rebuild with sbom 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-16 10:28:22 +02:00
Avi Deitcher
b26c169797 Merge pull request #3920 from vouch-opensource/fix/service-restarts-with-memlogd 
Allow service restarts when using memlogd
 2023-11-14 06:23:58 -08:00
Avi Deitcher
bbd9b85fc1 Merge pull request #3954 from deitch/sbom-inheritor 
sbom support
 2023-11-14 06:16:56 -08:00
Avi Deitcher
33cd7b749a sbom support 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-14 14:14:45 +02:00
Avi Deitcher
9742bfa5f7 Merge pull request #3953 from deitch/handle-cgroupsv2-last-cmdline-entry 
Handle cgroupsv2 last cmdline entry
 2023-10-26 20:26:14 +03:00
Avi Deitcher
d052901b35 update dependencies on init 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-10-25 18:34:32 +03:00
Avi Deitcher
0e2f17a05a correctly handle fields in cmdline for cgroupsv2 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-10-25 18:33:28 +03:00
Avi Deitcher
5d78de48f7 Merge pull request #3951 from deitch/proper-efi-arch 
pass target arch to final image builder as TARGETARCH; use TARGETARCH…
 2023-10-08 10:08:38 +03:00
Avi Deitcher
7ab99eac1f pass target arch to final image builder as TARGETARCH; use TARGETARCH when generating raw and iso, fallback to build arch; use updated images that read TARGETARCH; ensure grub has EFI for all archs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-10-06 12:22:09 +03:00
Avi Deitcher
6c3f3e8eb1 Merge pull request #3950 from deitch/context-for-rebuilt 
ensure passing context when creating builder runner
 2023-10-06 12:20:04 +03:00
Avi Deitcher
cb86e280b6 ensure passing context when creating builder runner 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-10-05 12:17:30 +03:00
Avi Deitcher
c72f6b49e2 Merge pull request #3948 from testwill/pkg-import 
chore: import packages only once
 2023-09-26 15:01:33 +03:00
guoguangwu
02f3bdcbe7 chore: import packages only once 
Signed-off-by: guoguangwu <guoguangwu@magic-shield.com>
 2023-09-26 18:47:25 +08:00
Rolf Neugebauer
959dce294c Merge pull request #3904 from qdeslandes/master 
Disable CONFIG_BPFILTER for 5.4.x-x86_64 kernel configuration
 2023-08-17 10:02:56 +01:00
Avi Deitcher
fec28d2493 Merge pull request #3942 from deitch/poweroff-as-package 
move poweroff to full-fledged package
 2023-07-26 12:02:47 +03:00
Avi Deitcher
5a9755a433 move poweroff to full-fledged package 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-07-24 20:06:14 +03:00
Avi Deitcher
03c97c3584 Merge pull request #3939 from deitch/logread-as-lib 
expose logread function
 2023-07-03 11:41:17 +03:00
Avi Deitcher
997c074db6 expose logread function 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-30 06:02:16 +03:00
Avi Deitcher
48e0eca4f5 Merge pull request #3938 from PIG208/doc 
Fix broken links in the documentation.
 2023-06-27 11:01:43 -07:00
Zixuan James Li
2d2df02a5a Fix broken links in the documentation. 
Arguably the long term fix is to introduce a check for links in the
documentation with tools like markdown-link-check.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
 2023-06-23 22:27:55 -04:00
Avi Deitcher
8e790a5417 Merge pull request #3937 from deitch/logread-exit-not-panic 
logread should not panic on an EOF, instead exiting gracefully
 2023-06-20 00:03:43 -07:00
Avi Deitcher
77b66b5572 Merge pull request #3936 from deitch/ctr-go-binaries 
Ctr go binaries
 2023-06-20 00:02:56 -07:00
Avi Deitcher
b7002c0eb2 logread should not panic on an EOF, instead exiting gracefully 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-19 17:50:35 +03:00
Avi Deitcher
4ee6387366 updated containerd-dev and downstream dependencies 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-19 14:17:43 +03:00
Avi Deitcher
7164b2c04d Merge pull request #3935 from deitch/ggcr-for-manifest 
replace complex manifest-tool with straight go-containerregistry
 2023-06-16 03:20:56 -07:00
Avi Deitcher
1b22e6f194 replace complex manifest-tool with straight go-containerregistry 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-16 10:13:24 +03:00
Avi Deitcher
9eef398d64 Merge pull request #3933 from deitch/main-version-binaries 
Main version binaries
 2023-06-15 00:31:24 -07:00
Avi Deitcher
3aeac872a0 update pkg/metadata with better logging 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-13 12:10:48 +03:00
Avi Deitcher
b633950059 replace ancient debian version in binfmt 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-12 15:58:04 +03:00
Avi Deitcher
0cb961e082 update examples, tests, projects, etc. 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-12 14:02:30 +03:00
Avi Deitcher
d4b5d5df79 include main.Version in binaries 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-12 14:02:30 +03:00
Avi Deitcher
655c7fb807 Merge pull request #3934 from deitch/fix-name-output-build-bug 
handle conflict with name and output
 2023-06-12 04:01:53 -07:00
Avi Deitcher
b1fa7d23c4 handle conflict with name and output 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-12 13:08:35 +03:00
Avi Deitcher
aab61a16de Merge pull request #3932 from deitch/build-args-with-versions 
include source repo, revision and go package version as build-args
 2023-06-12 01:26:08 -07:00
Avi Deitcher
de13ee521d include source repo, revision and go package version as build-args 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-06-08 18:24:25 +03:00
Avi Deitcher
aad12b570f Merge pull request #3931 from jprendes/update-capabilities 
Update capabilities
 2023-06-06 19:58:52 +03:00
Jorge Prendes
813f2a5bc1 Use gocapability/capability to get list of all capabilities 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
 2023-06-06 10:44:48 +01:00
Jorge Prendes
f8b62fd0ac Vendor gocapability/capability in cmd/linuxkit 
Signed-off-by: Jorge Prendes <jorge.prendes@gmail.com>
 2023-06-06 10:44:26 +01:00
Avi Deitcher
740787a79e Merge pull request #3927 from deitch/multi-arch-guestfs 2023-05-22 23:45:02 -07:00
Avi Deitcher
a9f432ab34 update linuxkit command with newer vhd/dynamicvhd/vmdk/gcp images 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-05-22 10:23:35 +01:00
Avi Deitcher
23d44f6084 update downstream from guestfs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-05-22 09:47:47 +01:00
Avi Deitcher
81f42a2b3b guestfs native arm64 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-05-22 09:34:44 +01:00
Frédéric Dalleau
c2df261e01 Add a target for building kernel with buildx (#3792) 
* Use latest kernel in linuxkit

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Parallelize kernel source compression

This surpringly saves a lot of time:
M1: from 340 to 90 seconds
Intel: from 527 to 222 seconds (2 cores 4 threads)

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Add buildx target

buildx can use remote builders and automatically generate the multiarch manifest.
A properly configured builder is required :

First create docker context for the remote builders :
$ docker context create node-<arch> --docker "host=ssh://<user>@<host>"

Then create a buildx configuration using the remote builders:
$ docker buildx create --name kernel_builder --platform linux/amd64
$ docker buildx create --name kernel_builder --node node-arm64 --platform linux/arm64 --append
$ docker buildx use kernel_builder
$ docker buildx ls

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Add a PLATFORMS variable to declare platforms needed for buildx

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Make image name customizable

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Do not tag use the architecture suffix for images built with buildx

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

* Add make kconfigx to upgrade configs using buildx

To update configuration for 5.10 kernels use :
make -C kernel KERNEL_VERSIONS=5.10.104 kconfigx

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>

---------

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>
 2023-04-28 11:49:08 +03:00
Stijn Opheide
247d919a81 remove file at fifo logging location if it exists 
Signed-off-by: Stijn Opheide <stijn@opheide.be>
 2023-04-18 14:28:01 +02:00
David Gageot
eb81457111 Avoid running git command 254 times (#3915) 
Signed-off-by: David Gageot <david.gageot@docker.com>
 2023-03-23 10:55:21 +02:00
Erik Nordmark
c79558cc5a Retain /lib/apk/db for SBOM tools (#3913) 
This allows SBOM tools to look at /lib/apk/db/installed to determine
which package versions are included in the container. This should
probably be applied across all of the linuxkit containers.

Signed-off-by: eriknordmark <erik@zededa.com>
 2023-03-14 18:27:09 -04:00
Birol Bilgin
d4a8e284f6 added vmware metadata provider (#3526) 
cloud-init data from vmware guest info as it described in the link below
https://github.com/vmware/cloud-init-vmware-guestinfo

Signed-off-by: Birol Bilgin <birolbilgin@gmail.com>
Co-authored-by: Birol Bilgin <birol.bilgin@basefarm.com>
 2023-03-04 19:50:46 +02:00
Rolf Neugebauer
7d9f1f03a8 Merge pull request #3891 from fredericdalleau/qemu-virtiofs 
Add virtiofs command line option for qemu run
 2023-02-28 21:32:44 +00:00
Frédéric Dalleau
e4b1a5b192 Add virtualization framework virtiofs command line option 
Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>
 2023-02-25 07:53:53 +01:00
Frédéric Dalleau
13426fe805 Add qemu virtiofs command line option 
Enables support for C version of virtiofs
A qemu option allows to specify virtiofsd path.
config.StatePath is used for storing the virtiofs sockets
Note that virtiofsd requires to start as root

Signed-off-by: Frédéric Dalleau <frederic.dalleau@docker.com>
 2023-02-25 07:52:59 +01:00
Avi Deitcher
f0f21bec52 update to latest manifest-tool, oras-v2, remove all replace in go.mod (#3912) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-02-16 14:46:29 -08:00
Rolf Neugebauer
f4e9579e4b cmd: Remove s390x as a default arch (#3911) 
* cmd: Remove s390x as a default arch

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>

* Update pkg/swap hash to latest

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>

---------

Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
 2023-02-14 06:18:01 -08:00
Avi Deitcher
c51ce2551e use latest go-compile (#3906) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-02-01 10:38:01 +02:00
Avi Deitcher
500fdb163b update go.mod deps (#3903) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-01-29 11:42:36 +02:00
Quentin Deslandes
9b9d337037 Disable CONFIG_BPFILTER for 5.4.x-x86_64 kernel configuration 
bpfilter is not meant to be used at all at this point. Only the module's
boilerplate is available on upstream kernels.

Signed-off-by: Quentin Deslandes <qde@naccy.de>
 2023-01-27 11:55:50 +01:00
Itxaka
ea6268dd74 Bump go-diskfs to latest (#3902) 
Also fix cdrom provider use of the new diskfs

Signed-off-by: Itxaka <itxaka@spectrocloud.com>

Signed-off-by: Itxaka <itxaka@spectrocloud.com>
Co-authored-by: Itxaka <itxaka@spectrocloud.com>
 2023-01-23 16:19:32 +02:00
Avi Deitcher
7bba32e56c bump actions artifact upload/download and cache versions (#3901) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-01-22 14:08:25 +02:00
Avi Deitcher
6d95833759 ensure push when already found image locally (#3899) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-01-19 18:00:27 +02:00
David Gageot
f9f1ec7de4 Fix swap.sh (#3897) 
The script used to compare “10M” with “10” as if
they were both integers.

Signed-off-by: David Gageot <david.gageot@docker.com>

Signed-off-by: David Gageot <david.gageot@docker.com>
 2023-01-12 09:50:47 +00:00
Avi Deitcher
e668b25a82 Alpine 317 (#3888) 2023-01-05 07:26:50 +02:00
Avi Deitcher
ac8c24934c Test pkgs ci makefile (#3892) 
* simplify test/pkg/Makefile

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* ensure pkg and test/pkg built before downstream workflows in CI

Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-01-04 11:52:48 +02:00
Avi Deitcher
a91c4a77b0 Logwrite sync with memlogd (#3890) 
* sync logwrite with memlogd

Signed-off-by: Avi Deitcher <avi@deitcher.net>

* update linuxkit/logwrite and linuxkit/memlogd dependencies

Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-01-03 10:47:42 +02:00
Rolf Neugebauer
6062f91648 Merge pull request #3889 from deitch/troubleshooting 
start troubleshooting doc
 2022-12-30 22:45:57 +00:00
Avi Deitcher
0b6441ccbc start troubleshooting doc 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-12-30 10:41:34 +02:00
Avi Deitcher
b84548b039 fix alpine base update docs (#3886) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-12-29 16:47:29 +02:00
Rolf Neugebauer
6700de3a74 Merge pull request #3830 from jf/fix_docs_aws_example 
Fix examples/platform-aws.yml: add dhcpcd service to keep instance reachable after lease
 2022-12-29 14:44:50 +00:00
Rolf Neugebauer
eb9376ff12 Merge pull request #3887 from deitch/fix-show-tags 
allow multiple packages for show-tag
 2022-12-29 14:38:42 +00:00
Avi Deitcher
0673db4493 allow multiple packages for show-tag 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-12-29 11:45:30 +02:00
Avi Deitcher
154f943d01 switch from flags to cobra (#3884) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-12-29 10:31:57 +02:00
Petr Fedchenkov
8b04a8c92a Update buildkit to 0.11.0-rc2 (#3882) 
Seems buildkit breaks API compatibility with previous OCI implementation
 in new RC release, let's update it

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-12-15 12:53:38 +02:00
Petr Fedchenkov
893bee6b81 Fix return code of rungetty.sh (#3881) 
* Fix return code of rungetty.sh

In case of INITGETTY defined we will return exit code 1 which is not
expected

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

* Update getty sha

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

* restore package cache in LinuxKit Build Tests

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-12-15 12:12:19 +02:00
Petr Fedchenkov
c3b4a588c9 Fix handling of platform flag (#3880) 
* Update of buildkit to the last version

Commit contains the version of buildkit from output of
`go list -m -json github.com/moby/buildkit@c0ac5e8b9b51603c5a93795fcf1373d6d44d3a85`:

go get -u github.com/moby/buildkit@v0.11.0-rc1.0.20221213132957-c0ac5e8b9b51
go mod tidy
go mod vendor

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

* Fix handling of platform flag

In case of 'FROM --platform' defined I can see 'ERROR: no match for
platform in manifest: not found'. The problem was fixed on buildkit side

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-12-13 21:04:29 +02:00
Avi Deitcher
d1452385cc unify apk installed db for base layer (#3879) 2022-12-06 16:57:04 +01:00
Avi Deitcher
bbd62314ed if nothing to build, do not push (#3876) 
Signed-off-by: Avi Deitcher <avi@deitcher.net>

Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-20 10:29:28 -05:00
Avi Deitcher
7c5b1f1b30 catch new untracked and unignored files (#3875) 2022-11-20 10:29:05 -05:00
Avi Deitcher
dee4c37648 Merge pull request #3878 from giggsoff/manifest-issues 
Do not pass credentials into PushManifest
 2022-11-17 15:56:02 +02:00
Petr Fedchenkov
0c8b3c8b22 Do not pass credentials into PushManifest 
Seems we should not use own credential extraction logic as it should be
aligned with resolver internally to select correct information for the
host we want to push manifest. I.e. we may want to push manifest onto
ghcr.io, and in that case we will hit errors as we will extract
credentials for docker.io instead.

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-11-17 15:23:59 +03:00
Avi Deitcher
a9c7a126cf Merge pull request #3877 from giggsoff/propagate-manifest-option 
Propagate manifest option into push
 2022-11-16 19:35:46 +02:00
Petr Fedchenkov
d58a3fc0a3 Propagate manifest option into push 
We have distinct manifest option which is not used. Let's implement
different behavior.

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-11-16 11:54:00 +03:00
Avi Deitcher
61caf54c54 Merge pull request #3874 from giggsoff/update-buildkit-speedup 
Update buildkit version to speed up start time
 2022-11-14 19:50:39 +02:00
Petr Fedchenkov
249bc953bb Update buildkit version to speed up start time 
Let's update buildkit version to include startup speed fix
0bb8505e86

Signed-off-by: Petr Fedchenkov <giggsoff@gmail.com>
 2022-11-14 19:45:15 +03:00
Avi Deitcher
aa24821236 Merge pull request #3871 from the-maldridge/nobind 
pkg/sshd: Remove default bind of /root/.ssh
 2022-11-10 10:14:17 +02:00
Michael Aldridge
06aaba5e05 pkg/sshd: Remove default bind of /root/.ssh 
Signed-off-by: Michael Aldridge <aldridge.mac@gmail.com>
 2022-11-09 18:50:44 -06:00
Avi Deitcher
4f23407838 Merge pull request #3870 from deitch/fix-registry-check-error-handler 
when cannot get remote manifest in checking registry, that is just a …
 2022-11-09 08:59:13 +02:00
Avi Deitcher
01c444ec89 Merge pull request #3866 from deitch/cache-clean-published 
add options to clean only part of the cache
 2022-11-09 08:53:41 +02:00
Avi Deitcher
bb9a80c80a when cannot get remote manifest in checking registry, that is just a sign that it does not exist there 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-08 22:51:12 +02:00
Avi Deitcher
2090b2c2b6 add options to clean only part of the cache 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-07 13:16:40 +02:00
Avi Deitcher
860163a9c7 Merge pull request #3863 from deitch/rationalize-build-pull 
Rationalize build pull
 2022-11-07 09:54:48 +02:00
Avi Deitcher
bfa4a33b0d Merge pull request #3865 from deitch/bump-vz 
bump virtualization-framework library to v3.0.0
 2022-11-07 09:54:08 +02:00
Avi Deitcher
121002bae4 Merge pull request #3862 from deitch/canonical-tag 
option to show canonical tag
 2022-11-07 09:53:50 +02:00
Avi Deitcher
11fe19138d bump virtualization-framework library to v3.0.0 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-02 20:20:59 +02:00
Avi Deitcher
a3995bb724 build should check and only pull if requested 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-01 22:00:50 +02:00
Avi Deitcher
f870c16ea6 option to show canonical tag 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-01 15:15:09 +02:00
Avi Deitcher
9ea2d6dcd9 rationalize pull build 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-11-01 12:51:44 +02:00
Avi Deitcher
b17c93a635 Merge pull request #3860 from deitch/shard-packages-tests 
add sharding option
 2022-11-01 12:50:48 +02:00
Avi Deitcher
cf7d83bb13 add sharding option 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-10-30 11:16:42 +02:00
Avi Deitcher
f8947c6ae6 Merge pull request #3859 from deitch/safety-check-platforms 
catch error with descriptor missing platform
 2022-10-30 11:15:58 +02:00
Avi Deitcher
302c0051ec Merge pull request #3857 from deitch/fix-network-control 
fix network build modes
 2022-10-30 11:15:42 +02:00
Rolf Neugebauer
5200e52816 Merge pull request #3858 from deitch/makefile-rtf-tests 
move rtf commands from GHA into make test; remove unused artifacts
 2022-10-25 00:10:37 +01:00
Avi Deitcher
33180047f5 catch error with descriptor missing platform 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-10-24 21:44:50 +03:00
Avi Deitcher
7c2b9b3b3a move rtf commands from GHA into make test; remove unused artifacts 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-10-24 12:50:28 +03:00
Avi Deitcher
2dfc1dcf3e fix network build modes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-10-24 11:45:45 +03:00
Rolf Neugebauer
25c8e68f98 Merge pull request #3855 from dgageot/retore-pad4 
Fix initrd image padding
 2022-10-22 11:40:25 +01:00
Rolf Neugebauer
7ff1e91875 Merge pull request #3856 from deitch/update-buildkit 
update latest buildkit library to support advanced dockerfile scanning, other libs, go 1.19
 2022-10-22 11:38:04 +01:00
Avi Deitcher
eafdb0db0c update latest buildkit library to support advanced dockerfile scanning. Also go 1.19 and other libs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2022-10-20 13:47:42 +03:00
David Gageot
c61ddd0482 Remove pad4 writer because it's buggy and doesn't seem required 
According to https://docs.kernel.org/driver-api/early-userspace/buffer-format.html

Signed-off-by: David Gageot <david.gageot@docker.com>
 2022-10-18 19:03:49 +02:00
Jeffrey 'jf' Lim
3950e55e00 Fix examples/platform-aws.yml: add dhcpcd service to keep instance reachable after lease 
Signed-off-by: Jeffrey 'jf' Lim <jf@users.noreply.github.com>
 2022-10-02 17:09:16 +08:00
3053 changed files with 275176 additions and 116706 deletions
Expand all files Collapse all files

200
.github/workflows/ci.yml vendored
View File

@@ -79,7 +79,7 @@ jobs:
GOPATH: ${{runner.workspace}}
- name: Upload binary
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v3
with:
name: linuxkit-${{matrix.target.suffix}}
path: |
@@ -100,7 +100,7 @@ jobs:
run: docker run --privileged --rm tonistiigi/binfmt --install arm64
- name: Download linuxkit
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
@@ -112,7 +112,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Cache Packages
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -124,10 +124,78 @@ jobs:
run: |
make OPTIONS="-v --skip-platforms linux/s390x" -C pkg build
- name: Build Test Packages
# ensures that the test packages are in linuxkit cache when we need them for tests later
# Skip s390x as emulation is unreliable
run: |
make OPTIONS="-v --skip-platforms linux/s390x" -C test/pkg build
- name: list cache contents
run: |
linuxkit cache ls
test_packages:
name: Packages Tests
needs: [ build_packages, build ]
runs-on: ubuntu-latest
strategy:
matrix:
shard: [1/10,2/10,3/10,4/10,5/10,6/10,7/10,8/10,9/10,10/10]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Install Pre-Requisites
run: |
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
- name: Build RTF
if: steps.cache-rtf.outputs.cache-hit != 'true'
run: make bin/rtf
- name: Symlink RTF
run: |
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
- name: Symlink Linuxkit
run: |
chmod ugo+x bin/linuxkit-amd64-linux
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
restore-keys: |
${{ runner.os }}-linuxkit-
- name: list cache contents
run: |
linuxkit cache ls
- name: Run Tests
run: make test TEST_SUITE=linuxkit.packages TEST_SHARD=${{ matrix.shard }}
test_kernel:
name: Kernel Tests
needs: [ build_packages, build ]
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
@@ -140,7 +208,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -154,7 +222,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
@@ -166,67 +234,23 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
restore-keys: |
${{ runner.os }}-linuxkit-
- name: list cache contents
run: |
linuxkit cache ls
- name: Run Tests
run: |
cd test
rtf -l build -v run -x linuxkit.packages
test_kernel:
name: Kernel Tests
needs: build
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Install Pre-Requisites
run: |
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v2
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
- name: Build RTF
if: steps.cache-rtf.outputs.cache-hit != 'true'
run: make bin/rtf
- name: Symlink RTF
run: |
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v2
with:
name: linuxkit-amd64-linux
path: bin
- name: Symlink Linuxkit
run: |
chmod ugo+x bin/linuxkit-amd64-linux
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Run Tests
run: |
cd test
rtf -l build -v run -x linuxkit.kernel
run: make test TEST_SUITE=linuxkit.kernel
test_linuxkit:
name: LinuxKit Build Tests
needs: build
needs: [ build_packages, build ]
runs-on: ubuntu-latest
steps:
- name: Check out code
@@ -240,11 +264,19 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
- name: Restore Package Cache
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
restore-keys: |
${{ runner.os }}-linuxkit-
- name: Build RTF
if: steps.cache-rtf.outputs.cache-hit != 'true'
run: make bin/rtf
@@ -254,7 +286,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
@@ -265,14 +297,16 @@ jobs:
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Run Tests
- name: list cache contents
run: |
cd test
rtf -l build -v run -x linuxkit.build
linuxkit cache ls
- name: Run Tests
run: make test TEST_SUITE=linuxkit.build
test_platforms:
name: Platform Tests
needs: build
needs: [ build_packages, build ]
runs-on: ubuntu-latest
steps:
- name: Check out code
@@ -286,7 +320,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -300,7 +334,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
@@ -311,14 +345,24 @@ jobs:
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Run Tests
- name: Restore Package Cache
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
restore-keys: |
${{ runner.os }}-linuxkit-
- name: list cache contents
run: |
cd test
rtf -l build -v run -x linuxkit.platforms
linuxkit cache ls
- name: Run Tests
run: make test TEST_SUITE=linuxkit.platforms
test_security:
name: Security Tests
needs: build
needs: [ build_packages, build ]
runs-on: ubuntu-latest
steps:
- name: Check out code
@@ -332,7 +376,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -346,7 +390,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: linuxkit-amd64-linux
path: bin
@@ -357,7 +401,17 @@ jobs:
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Run Tests
- name: Restore Package Cache
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
restore-keys: |
${{ runner.os }}-linuxkit-
- name: list cache contents
run: |
cd test
rtf -l build -v run -x linuxkit.security
linuxkit cache ls
- name: Run Tests
run: make test TEST_SUITE=linuxkit.security

2
.github/workflows/publish.yaml vendored
View File

@@ -45,7 +45,7 @@ jobs:
sudo ln -s $(pwd)/bin/${{ env.linuxkit_file }} /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}

13
Makefile
View File

@@ -1,6 +1,10 @@
VERSION="v0.8+"
GO_COMPILE=linuxkit/go-compile:7b1f5a37d2a93cd4a9aa2a87db264d8145944006
# test suite to run, blank for all
TEST_SUITE ?=
TEST_SHARD ?=
GO_COMPILE=linuxkit/go-compile:c97703655e8510b7257ffc57f25e40337b0f0813
ifeq ($(OS),Windows_NT)
LINUXKIT?=$(CURDIR)/bin/linuxkit.exe
@@ -30,7 +34,7 @@ export VERSION GO_COMPILE GOOS GOARCH LOCAL_TARGET LINUXKIT
default: linuxkit $(RTF)
all: default
RTF_COMMIT=2351267f358ce6621c0c0d9a069f361268dba5fc
RTF_COMMIT=b74a4f7c78e5cddcf7e6d2e6be7be312b9f645fc
RTF_CMD=github.com/linuxkit/rtf/cmd
RTF_VERSION=0.0
$(RTF): tmp_rtf_bin.tar | bin
@@ -78,10 +82,7 @@ sign:
.PHONY: test
test:
$(MAKE) -C test
.PHONY: collect-artifacts
collect-artifacts: artifacts/test.img.tar.gz artifacts/test-ltp.img.tar.gz
$(MAKE) -C test TEST_SUITE=$(TEST_SUITE) TEST_SHARD=$(TEST_SHARD)
.PHONY: ci ci-tag ci-pr
ci: test-cross

2
contrib/open-vm-tools/open-vm-tools-ds.yaml
View File

@@ -30,7 +30,7 @@ spec:
operator: Exists
effect: NoSchedule
containers:
- image: linuxkit/open-vm-tools:4c3158c7ba27f7ad0ede5d383ca25b57c5588a26
- image: linuxkit/open-vm-tools:728ddf726474178eea97604c0baeabd52edab7e9
name: open-vm-tools
resources:
requests:

20
docs/alpine-base-update.md
View File

@@ -130,8 +130,9 @@ following which is an explanation of each one.
```sh
# Update tools packages
cd $LK_ROOT/tools
$LK_ROOT/scripts/update-component-sha.sh --pkg $LK_ROOT/tools/alpine
git checkout grub/Dockerfile
$LK_ROOT/scripts/update-component-sha.sh --image $LK_ALPINE
git checkout grub-dev/Dockerfile
git checkout mkimage-rpi3/Dockerfile
git commit -a -s -m "tools: Update to the latest linuxkit/alpine"
# Update tools dependencies
@@ -143,7 +144,7 @@ git commit -a -s -m "Update use of tools to latest"
# Update test packages
cd $LK_ROOT/test/pkg
$LK_ROOT/scripts/update-component-sha.sh --pkg $LK_ROOT/tools/alpine
$LK_ROOT/scripts/update-component-sha.sh --image $LK_ALPINE
git commit -a -s -m "tests: Update packages to the latest linuxkit/alpine"
# Update test packages dependencies
@@ -155,12 +156,12 @@ git commit -a -s -m "Update use of test packages to latest"
# Update test cases to latest linuxkit/alpine
cd $LK_ROOT/test/cases
$LK_ROOT/scripts/update-component-sha.sh --pkg $LK_ROOT/tools/alpine
$LK_ROOT/scripts/update-component-sha.sh --image $LK_ALPINE
git commit -a -s -m "tests: Update tests cases to the latest linuxkit/alpine"
# Update packages to latest linuxkit/alpine
cd $LK_ROOT/pkg
$LK_ROOT/scripts/update-component-sha.sh --pkg $LK_ROOT/tools/alpine
$LK_ROOT/scripts/update-component-sha.sh --image $LK_ALPINE
git commit -a -s -m "pkgs: Update packages to the latest linuxkit/alpine"
# update package tags - may want to include the release in it if set
@@ -179,8 +180,13 @@ On your primary build machine, update the other tools packages.
Note, the `git checkout` reverts the changes made by
`update-component-sha.sh` to files which are accidentally updated.
Important is the `git checkout` of `grub`. This is a bit old and only can be built with specific
older versions of packages like `gcc`, and should not be updated.
Important is the `git checkout` of some sensitive packages that only can be built with
specific older versions of upstream packages:
* `grub-dev`
* `mkimage-rpi3`
Only update those if you know what you are doing with them.
Then we update any dependencies of these tools.

303
docs/kernels.md
View File

@@ -10,17 +10,51 @@ The LinuxKit kernels are based on the latest stable releases and are
updated frequently to include bug and security fixes. For some
kernels we do carry additional patches, which are mostly back-ported
fixes from newer kernels. The full kernel source with patches can be
found on [github](https://github.com/linuxkit/linux). Each kernel
image is tagged with the full kernel version (e.g.,
`linuxkit/kernel:4.9.33`) and with the full kernel version plus the
hash of the files it was created from (git tree hash of the `./kernel`
directory). For selected kernels (mostly the LTS kernels and latest
stable kernels) we also compile/push kernels with additional debugging
enabled. The hub images for these kernels have the `-dbg` suffix in
the tag. For some kernels, we also provide matching packages
containing the `perf` utility for debugging and performance tracing.
The perf package is called `kernel-perf` and is tagged the same way as
the kernel packages.
found on [github](https://github.com/linuxkit/linux).
## Kernel Image Naming and Tags
We publish the following kernel images:
* primary kernel
* debug kernel
* tools for the specific kernel build - bcc and perf
* builder image for the specific kernel build, useful for compiling compatible kernel modules
### Primary Kernel Images
Each kernel image is tagged with:
* the full kernel version, e.g. `linuxkit/kernel:6.6.13`. This is a multi-arch index, and should be used whenever possible.
* the full kernel version plus hash of the files it was created from (git tree hash of the `./kernel` directory), e.g. `6.6.13-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd`. This is a multi-arch index.
* the full kernel version plus architecture, e.g. `linuxkit/kernel:6.6.13-amd64` or `linuxkit/kernel:6.6.13-arm64`. Each of these is architecture specific.
* the full kernel version plus hash of the files it was created from (git tree hash of the `./kernel` directory) plus architecture, e.g. `6.6.13-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd-arm64`.
### Debug Kernel Images
With each kernel image, we also publish kernels with additional debugging enabled.
These have the same image name and the same tags as the primary kernel, with the `-dbg`
suffix added immediately after the version. E.g.
* `linuxkit/kernel:6.6.13-dbg`
* `linuxkit/kernel:6.6.13-dbg-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd`
* `linuxkit/kernel:6.6.13-dbg-amd64`
* `linuxkit/kernel:6.6.13-dbg-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd-amd64`
### Tools
With each kernel image, we also publish images with various tools. As of this writing,
those tools are `perf` and `bcc`.
The tools images are named `linuxkit/kernel-<tool>`, followed by the same tags as the
primary kernel. For example:
* `linuxkit/kernel-perf:6.6.13`
* `linuxkit/kernel-perf:6.6.13-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd`
* `linuxkit/kernel-perf:6.6.13-amd64`
* `linuxkit/kernel-perf:6.6.13-c0d96951e9892a7447a8e7965d2d6bd7e621c3fd-amd64`
## Additional Contributions
In addition to the official images, there are also some
[scripts](../contrib/foreign-kernels) which repackage kernels packages
@@ -32,7 +66,6 @@ use cases for the promising IoT scenarios. All -rt patches are grabbed from
https://www.kernel.org/pub/linux/kernel/projects/rt/. But so far we just
enable it over 4.14.x.
## Loading kernel modules
Most kernel modules are autoloaded with `mdev` but if you need to `modprobe` a module manually you can use the `modprobe` package in the `onboot` section like this:
@@ -67,7 +100,7 @@ For example:
* `linuxkit/kernel:5.15.15` has builder `linuxkit/kernel:5.15.15-builder`
With the above in hand, you can create a multi-stage `Dockerfile` build to compile your modules.
There is an [example](../test/cases/020_kernel/011_kmod_4.9.x), but
There is an [example](../test/cases/020_kernel/113_kmod_5.10.x), but
basically one can use a multi-stage build to compile the kernel
modules:
@@ -87,7 +120,7 @@ To use the kernel module, we recommend adding a final stage to the
Dockerfile above, which copies the kernel module from the `build`
stage and performs a `insmod` as the entry point. You can add this
package to the `onboot` section in your YAML
file. [kmod.yml](../test/cases/020_kernel/010_kmod_4.9.x/kmod.yml)
file. [test.yml](../test/cases/020_kernel/113_kmod_5.10.x/test.yml)
contains an example for the configuration.
### Builder Backups
@@ -121,51 +154,235 @@ FROM linuxkit/kernel:5.10.104 AS ksrc
FROM linuxkit/alpine:2be490394653b7967c250e86fd42cef88de428ba AS build
```
## Modifying the kernel config
## Building and Modifying
Each series of kernels has a config file dedicated to it
in [../kernel/](../kernel),
e.g.
[config-4.9.x-x86_64](../kernel/config-4.9.x-x86_64),
which is applied during the kernel build process.
This section describes how to build kernels, and how to modify existing ones.
If you need to modify the kernel config, `make kconfig` in
the [kernel](../kernel) directory will create a local
`linuxkit/kconfig` Docker image, which contains the patched sources
for all support kernels and architectures in
`/linux-4.<minor>.<rev>`. The kernel source also has the kernel config
copied to the default kernel config.
Throughout the document, the terms used are:
Running the image like:
* kernel version: actual semver version of a kernel, e.g. `6.6.13` or `5.15.27`
* kernel series: major.minor version of a kernel, e.g. `6.6.x` or `5.15.x`
```sh
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
```
Throughout this document, the architecture used is the kernel-recognized one, available
on most systems as `uname -m`, e.g. `aarch64` or `x86_64`. You may be familiar with the alpine
or golang one, e.g. `amd64` or `amd64`, which are not used here.
will give you a interactive shell where you can modify the kernel
configuration you want, either by editing the config file, or via
`make menuconfig` etc. Once you are done, save the file as `.config`
and copy it back to the source tree,
e.g. `/src/kernel-config-4.9.x-x86_64`.
Each series of kernels has a dedicated directory in [../kernel/](../kernel),
e.g. [6.6.x](../kernel/6.6.x) or [5.15.x](../kernel/5.15.x).
Variants, like rt kernels, have their own directory as well, e.g. [5.11.x-rt](../kernel/5.11.x-rt).
However, for variants, the patches from _both_ the common kernel, e.g. [5.11.x](../kernel/5.11.x),
and the variant, e.g. [5.11.x-rt](../kernel/5.11.x-rt), are applied, and the configs from _both_ are combined.
You can also configure other architectures other than the native
one. For example to configure the arm64 kernel on x86_64, use:
Within the series-dedicated directory, there are:
```
make ARCH=arm64 defconfig
make ARCH=arm64 oldconfig # or menuconfig
```
* kernel config file for each architecture named `config-<arch>`, e.g. [6.6.13/config-x86_64](../kernel/6.6.13/config-x86_64), one per target architecture.
* optional patches directory, e.g. [6.6.13/patches](../kernel/6.6.13/patches), which contains patches to apply to the kernel source
The config file and patches are applied during the kernel build process.
**Note**: We try to keep the differences between kernel versions and
architectures to a minimum, so if you make changes to one
configuration also try to apply it to the others. The script [kconfig-split.py](../scripts/kconfig-split.py) can be used to compare kernel config files. For example:
```sh
../scripts/kconfig-split.py config-4.9.x-aarch64 config-4.9.x-x86_64
../scripts/kconfig-split.py 5.15.x/config-aarch64 5.15.x/config-x86_64
```
creates a file with the common and the x86_64 and arm64 specific
config options for the 4.9.x kernel series.
config options for the 5.15.x kernel series.
**Note**: The CI pipeline does *not* push out kernel images.
Anyone modifying a kernel should:
1. Follow the steps below for the desired changes and commit them.
1. Run appropriate `make build` or variants to ensure that it works.
1. Open a PR with the changes. This may fail, as the CI pipeline may not have access to the modified kernels.
1. A maintainer should run `make push` to push out the images.
1. Run (or rerun) the tests.
#### Build options
The targets and variants for building are as follows:
* `make build` - make all kernels in the version list and their variants
* `make build-<version>` - make all variants of a specific kernel version
* `make buildkernel-<version>` - make all variants of a specific kernel version
* `make buildplainkernel-<version>` - make just the provided version's kernel
* `make builddebugkernel-<version>` - make just the provided version's debug kernel
* `make buildtools-<version>` - make just the provided version's tools
To push:
* `make push` - push all kernels in the version list and their variants
* `make push-<version>` - push all variants of a specific kernel version
Finally, for convenience:
* `make list` - list all kernels in the version list
By default, it builds for all supported architectures. To build just for a specific
architecture:
```sh
make build ARCH=amd64
```
The variable `ARCH` should use the golang variants only, i.e. `amd64` and `arm64`.
To build for multiple architectures, call it multiple times:
```sh
make build ARCH=amd64
make build ARCH=arm64
```
When building for a specific architecture, the build process will use your local
Docker, passing it `--platforms` for the architecture. If you have a builder on a different
architecture, e.g. you are running on an Apple Silicon Mac (arm64) and want to build for
`x86_64` without emulating (which can be very slow), you can use the `BUILDER` variable:
```sh
make build ARCH=x86_64 BUILDER=remote-amd64-builder
```
Builder also supports a builder pattern. If `BUILDER` contains the string `{{.Arch}}`,
it will be replaced with the architecture being built.
For example:
```sh
make build ARCH=x86_64 BUILDER=remote-{{.Arch}}-builder
make build ARCH=aarch64 BUILDER=remote-{{.Arch}}-builder
```
will build `x86_64` on `remote-amd64-builder` and `aarch64` on `remote-arm64-builder`.
Finally, if no `BUILDER` is specified, the build will look for a builder named
`linuxkit-linux-{{.Arch}}-builder`, e.g. `linuxkit-linux-amd64-builder` or
`linuxkit-linux-arm64-builder`. If that builder does not exist, it will fall back to
your local Docker setup.
### Modifying the kernel config
The process of modifying the kernel configuration is as follows:
1. Create a `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Run a container based on `linuxkit/kconfig`.
1. In the container, modify the config to suit your needs using normal kernel tools like `make defconfig` or `make menuconfig`.
1. Save the config from the image.
The `linuxkit/kconfig` image contains the patched sources
for all support kernels and architectures in `/linux-<major>.<minor>.<rev>`.
The kernel source also has the kernel config copied to the default kernel config location,
so that `make menuconfig` and `make defconfig` work correctly.
Run the container as follows:
```sh
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
```
This will give you a interactive shell where you can modify the kernel
configuration you want, while mounting the directory, so that you can save the
modified config.
To create or modify the config, you must cd to the correct directory,
e.g.
```sh
cd /linux-6.6.13
# or
cd /linux-5.15.27
```
Now you can build the config.
When `make defconfig` or `make menuconfig` is done,
the modified config file will be in `.config`; save the file back to `/src`,
e.g.
```sh
cp .config /src/6.6.x/config-x86_64
```
You can also configure other architectures other than the native
one. For example to configure the arm64 kernel on x86_64, use:
```sh
make ARCH=arm64 defconfig
make ARCH=arm64 oldconfig # or menuconfig
```
Note that the generated file **must** be final. When you actually build the kernel,
it will check that running `make defconfig` will have no changes. If there are changes,
the build will fail.
The easiest way to check it is to rerun `make defconfig` inside the kconfig container.
1. Finish your creation of the config file, as above.
1. Copy the `.config` file to the target location, as above.
1. Copy the `.config` file to the source location for defconfig, e.g. `cp .config arch/x86/configs/x86_64_config` or `cp. config /linux/arch/arm64/configs/defconfig`
1. Run `make defconfig` again, and check that there are no changes, e.g. `diff .config arch/x86/configs/x86_64_config` or `diff .config /linux/arch/arm64/configs/defconfig`
If there are no differences, then you can commit the new config file.
Finally, test that you can build the kernel with that config as `make build-<version>`, e.g. `make build-5.15.148`.
## Adding a new kernel version
If you want to add a new kernel version within an existing series, e.g. `5.15.27` already exists
and you want to add (or replace it with) `5.15.148`, apply the following process.
1. Modify the list of kernels inside the `Makefile` to include the new version, and, optionally, remove the old one, or move it to deprecated.
1. Create a new `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Run a container based on `linuxkit/kconfig`.
```sh
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
```
1. In the container, change directory to the kernel source directory for the new version, e.g. `cd /linux-5.15.148`.
1. Run `make defconfig` to create the default config file.
1. If the config file has changed, copy it out of the container and check it in, e.g. `cp .config /src/5.15.x/config-x86_64`.
1. Repeat for other architectures.
1. Commit the changed config files.
1. Modify the `KERNEL_VERSION` in the `build-args` file in the series directory to the new version. E.g. `5.15.x/build-args`.
1. Test that you can build the kernel with that config as `make build-<version>`, e.g. `make build-5.15.148`.
## Adding a new kernel series
To add a new kernel series, you need to:
1. Create new directory for the series, e.g. `6.7.x`
1. Create config files for each architecture in that directory
1. Optionally, create a `patches/` subdirectory in that directory with any patches to add
1. Create a `build-args` file in that directory with at least the following settings:
```bash
KERNEL_VERSION=<version>
KERNEL_SERIES=<series>
BUILD_IMAGE=linuxkit/alpine:<builder>
```
1. Update the list of kernels to build in the `Makefile`
Since the last major series likely is the best basis for the new one, subject to additional modifications, you can use
the previous one as a starting point.
1. Modify the list of kernels inside the `Makefile` to include the new version. You do not need to specify the series anywhere, as the `Makefile` calculates it. E.g. adding `7.0.5` will cause it to calculate the series as `7.0.x` automatically.
1. Make the directory for the new series, e.g. `mkdir 7.0.x`
1. Create a new `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Run a container based on `linuxkit/kconfig`.
```sh
docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
```
1. In the container, change directory to the kernel source directory for the new version, e.g. `cd /linux-7.0.5`.
1. Copy the existing config file for the previous series, e.g. `cp /src/6.6.x/config-x86_64 .config`.
1. Run `make oldconfig` to create the config file for the new series from the old one. Answer any questions.
1. Save the newly generated config file `.config` to the source directory, e.g. `cp .config /src/7.0.x/config-x86_64`.
1. Repeat for other architectures.
1. Commit the new config files.
1. Test that you can build the kernel with that config as `make build-<version>`, e.g. `make build-7.0.5`.
In addition, there are tests that are applied to a specific kernel version, notably the tests in
[020_kernel](../test/cases/020_kernel/). You will need to add a new test case for the new series,
copying an existing one and modifying it as needed.
## Building and using custom kernels

15
docs/metadata.md
View File

@@ -63,6 +63,21 @@ This hierarchy can then be used by individual containers, who can bind
mount the config sub-directory into their namespace where it is
needed.
## A note on SSH
Supported providers will extract public keys from metadata to a file
located at `/run/config/ssh/authorized_keys`. You must bind this path
into the `sshd` namespace in order to make use of these keys. Use a
configuration similar to the one shown below to enable root login
based on keys from the metadata service:
```
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
```
# Metadata image creation
`linuxkit run` backends accept two options to pass metadata to the VM in a platform specific

18
docs/packages.md
View File

@@ -50,6 +50,7 @@ A package source consists of a directory containing at least two files:
- `image` _(string)_: *(mandatory)* The name of the image to build
- `org` _(string)_: The hub/registry organisation to which this package belongs
- `dockerfile` _(string)_: The dockerfile to use to build this package, must be in this directory or below (default: `Dockerfile`)
- `arches` _(list of string)_: The architectures which this package should be built for (valid entries are `GOARCH` names)
- `extra-sources` _(list of strings)_: Additional sources for the package outside the package directory. The format is `src:dst`, where `src` can be relative to the package directory and `dst` is the destination in the build context. This is useful for sharing files, such as vendored go code, between packages.
- `gitrepo` _(string)_: The git repository where the package source is kept.
@@ -264,6 +265,23 @@ linuxkit pkg build --platforms=linux/arm64 --builders linux/arm64=my-remote-arm6
linuxkit will try to build for `linux/arm64` using the context `my-remote-arm64`. Since that context does not exist, you will get an error.
##### Preset build arguments
When building packages, the following build-args automatically are set for you:
* `SOURCE` - the source repository of the package
* `REVISION` - the git commit that was used for the build
* `GOPKGVERSION` - the go package version or pseudo-version per https://go.dev/ref/mod#glos-pseudo-version
Note that the above are set **only** if you do not set them in `build.yaml`. Your settings _always_
override these built-in ones.
To use them, simply address them in your `Dockerfile`:
```dockerfile
ARG SOURCE
```
### Build packages as a maintainer
All official LinuxKit packages are multi-arch manifests and most of

2
docs/platform-hyperkit.md
View File

@@ -20,7 +20,7 @@ The HyperKit backend currently supports booting:
You need to select the boot method manually using the command line
options. The default is `kernel+initrd`. `kernel+squashfs` can be
selected using `-squashfs` and to boot a ISO with EFI you have to
specify `-iso -uefi`.
specify `--iso --uefi`.
The `kernel+initrd` uses a RAM disk for the root filesystem. If you
have RAM constraints or large images we recommend using either the

2
docs/platform-hyperv.md
View File

@@ -8,7 +8,7 @@ manage the Hyper-V VMs.
Example:
```sh
linuxkit.exe run -disk size=1 linuxkit-efi.iso
linuxkit.exe run --disk size=1 linuxkit-efi.iso
```
The Hyper-V VM, by default, is named after the prefix of the ISO, ie

6
docs/platform-qemu.md
View File

@@ -24,9 +24,9 @@ specified with `-arch` and currently accepts `x86_64`, `aarch64`, and
`linuxkit run qemu` can boot in different types of images:
- `kernel+initrd`: This is the default mode of `linuxkit run qemu` [`x86_64`, `arm64`, `s390x`]
- `kernel+squashfs`: `linuxkit run qemu -squashfs <path to directory>`. This expects a kernel and a squashfs image. [`x86_64`, `arm64`, `s390x`]
- `iso-bios`: `linuxkit run qemu -iso <path to iso>` [`x86_64`]
- `iso-efi`: `linuxkit run qemu -iso -uefi <path to iso>`. This looks in `/usr/share/ovmf/bios.bin` for the EFI firmware by default. Can be overwritten with `-fw`. [`x86_64`, `arm64`]
- `kernel+squashfs`: `linuxkit run qemu --squashfs <path to directory>`. This expects a kernel and a squashfs image. [`x86_64`, `arm64`, `s390x`]
- `iso-bios`: `linuxkit run qemu --iso <path to iso>` [`x86_64`]
- `iso-efi`: `linuxkit run qemu --iso --uefi <path to iso>`. This looks in `/usr/share/ovmf/bios.bin` for the EFI firmware by default. Can be overwritten with `-fw`. [`x86_64`, `arm64`]
- `qcow-bios`: `linuxkit run qemu disk.qcow2` [`x86_64`]
- `raw-bios`: `linuxkit run qemu disk.img` [`x86_64`]
- `aws`: `linuxkit run qemu disk.img` boots a raw AWS disk image. [`x86_64`]

2
docs/platform-virtualization-framework.md
View File

@@ -21,7 +21,7 @@ The Virtualization.Framework backend currently supports booting:
You need to select the boot method manually using the command line
options. The default is `kernel+initrd`. `kernel+squashfs` can be
selected using `-squashfs` and to boot a ISO with EFI you have to
specify `-iso -uefi`.
specify `--iso --uefi`.
The `kernel+initrd` uses a RAM disk for the root filesystem. If you
have RAM constraints or large images we recommend using either the

72
docs/sbom.md Normal file
View File

@@ -0,0 +1,72 @@
# Software Bill-of-Materials
LinuxKit bootable images are composed of existing OCI images.
OCI images, when built, often are scanned to create a
software bill-of-materials (SBoM). The buildkit builder
system itself contains the [ability to integrate SBoM scanning and generation into the build process](https://docs.docker.com/build/attestations/sbom/).
When LinuxKit composes an operating system image using `linuxkit build`,
it will, by default, combine the SBoMs of all the OCI images used to create
the final image.
It looks for SBoMs in the following locations:
* [image attestation storage](https://docs.docker.com/build/attestations/attestation-storage/)
Future support for [OCI Image-Spec v1.1 Artifacts](https://github.com/opencontainers/image-spec)
is under consideration, and will be reviewed when it is generally available.
When building packages with `linuxkit pkg build`, it also has the ability to generate an SBoM for the
package, which later can be consumed by `linuxkit build`.
## Consuming SBoM From Packages
When `linuxkit build` is run, it does the following for dealing with SBoMs:
1. For each OCI image that it processes:
1. check if the image contains an SBoM attestation; it not, skip this step.
1. Retrieve the SBoM attestation.
1. After generating the root filesystem, combine all of the individual SBoMs into a single unified SBoM.
1. Save the output single SBoM into the root of the image as `sbom.spdx.json`.
Currently, only SPDX json format is supported.
### SBoM Scanner and Output Format
By default, linuxkit combines the SBoMs into a file with output format SPDX json,
and the file saved to the filename `sbom.spdx.json`.
In addition, in order to assist with reproducible builds, the creation date/time of the SBoM is
a fixed date/time set by linuxkit, rather than the current date/time. Note, however, that even
with a fixed date/time, reproducible builds depends on reproducible SBoMs on the underlying container images.
This is not always the case, as the unique IDs for each package and file might be deterministic, but it might not.
This can be overridden by using the CLI flags:
* `--no-sbom`: do not find and consolidate the SBoMs
* `--sbom-output <filename>`: the filename to save the output to in the image.
* `--sbom-current-time true|false`: whether or not to use the current time for the SBoM creation date/time (default `false`)
### Disable SBoM for Images
To disable SBoM generation when running `linuxkit build`, use the CLI flag `--sbom false`.
## Generating SBoM For Packages
When `linuxkit pkg build` is run, by default it enables generating an SBoM using the
[SBoM generating capabilities of buildkit](https://www.docker.com/blog/generate-sboms-with-buildkit/).
This means that it inherits all of those capabilities as well, and saves the SBoM in the same location,
as an attestation on the image.
### SBoM Scanner
By default, buildkit runs [syft](http://hub.docker.com/r/anchore/syft) with output format SPDX json,
specifically via its integration image [buildkit-syft-scanner](docker.io/docker/buildkit-syft-scanner).
You can select a different image to run a scanner, provided it complies with the
[buildkit SBoM protocol](https://github.com/moby/buildkit/blob/master/docs/attestations/sbom-protocol.md),
by passing the CLI flag `--sbom-scanner <image>`.
### Disable SBoM for Packages
To disable SBoM generation when running `linuxkit pkg build`, use the CLI flag `--sbom-scanner=false`.

36
docs/troubleshooting.md Normal file
View File

@@ -0,0 +1,36 @@
# Troubleshooting
This document contains a list of known issues related to using, building or testing linuxkit.
## Images
## Packages
### Invalid MediaType
**Problem**
```
Error: error building and pushing "linuxkit/mkimage-iso-efi-initrd:0e66171ffde9bb735b0e014f811f9626fc8b9bc9": PUT https://index.docker.io/v2/linuxkit/mkimage-iso-efi-initrd/manifests/0e66171ffde9bb735b0e014f811f9626fc8b9bc9: MANIFEST_INVALID: manifest invalid; if present, mediaType in image index should be 'application/vnd.oci.image.index.v1+json' not 'application/vnd.docker.distribution.manifest.list.v2+json'
```
The above message is caused by registries, notably docker hub, refusing to accept indexes with the
docker media type of `application/vnd.docker.distribution.manifest.list.v2+json`, rather than the OCI
one `application/vnd.oci.image.index.v1+json`.
Linuxkit _does_ use the OCI media type, however, if the image _already_ exists in the registry, linuxkit will
pull the index down, update it, and push it back up. The above error occurs because the index that exists in
the hub, the one that is pulled down, has the older media type, from when the registry accepted it.
**Solution**
The solution is to force an entirely new build, which will generate the images and index with the correct media
type.
```
linuxkit pkg build --force <path>
linuxkit pkg push <path>
```
## Testing

43
docs/yaml.md
View File

@@ -123,6 +123,9 @@ file:
metadata: yaml
```
Note that if you use templates in the yaml, the final resolved version will be included in the image,
and not the original input template.
Because a `tmpfs` is mounted onto `/var`, `/run`, and `/tmp` by default, the `tmpfs` mounts will shadow anything specified in `files` section for those directories.
## Image specification
@@ -293,3 +296,43 @@ binds:
- /var:/var:rshared,rbind
rootfsPropagation: shared
```
## Templates
The `yaml` file supports templates for the names of images. Anyplace an image is used in a file and begins
with the character `@`, it indicates that it is not an actual name, but a template. The first word after
the `@` indicates the type of template, and the rest of the line is the argument to the template. The
templates currently supported are:
* `@pkg:` - the argument is the path to a linuxkit package. For example, `@pkg:./pkg/init`.
For `pkg`, linuxkit will resolve the path to the package, and then run the equivalent of `linuxkit pkg show-tag <dir>`.
For example:
```yaml
init:
- "@pkg:../pkg/init"
```
Will cause linuxkit to resolve `../pkg/init` to a package, and then run `linuxkit pkg show-tag ../pkg/init`.
The paths are relative to the directory of the yaml file.
You can specify absolute paths, although it is not recommended, as that can make the yaml file less portable.
The `@pkg:` templating is supported **only** when the yaml file is being read from a local filesystem. It does not
support when using via stdin, e.g. `cat linuxkit.yml | linuxkit build -`, or URLs, e.g. `linuxkit build https://example.com/foo.yml`.
The `@pkg:` template currently supports only default `linuxkit pkg` options, i.e. `build.yml` and `tag` options. There
are no command-line options to override them.
**Note:** The character `@` is reserved in yaml. To use it in the beginning of a string, you must put the entire string in
quotes.
If you use the template, the actual derived value, and not the initial template, is what will be stored in the final
image when adding it via:
```yaml
files:
- path: etc/linuxkit.yml
metadata: yaml
```

16
examples/addbinds.yml
View File

@@ -2,24 +2,24 @@ kernel:
image: linuxkit/kernel:5.4.30
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
binds.add:
# this will keep all of the existing ones as well
- /var/tmp:/var/tmp
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

26
examples/cadvisor.yml
View File

@@ -2,33 +2,33 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: sysfs
image: linuxkit/sysfs:c3bdb00c5e23bf566d294bafd5f7890ca319056f
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/var/lib/docker"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: ntpd
image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
- name: docker
image: docker:20.10.6-dind
@@ -46,7 +46,7 @@ services:
- /etc/docker/daemon.json:/etc/docker/daemon.json
command: ["/usr/local/bin/docker-init", "/usr/local/bin/dockerd"]
- name: cadvisor
image: linuxkit/cadvisor:38174e03a9495a2ba8a8a049458f585a8b8e4a59
image: linuxkit/cadvisor:c57efffad1139b2c5df1c3f66c1e3d586ce9e07d
files:
- path: var/lib/docker
directory: true

26
examples/dm-crypt-loop.yml
View File

@@ -2,30 +2,30 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
command: ["/usr/bin/format", "/dev/sda"]
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/dev/sda1", "/var/external"]
- name: loop
image: linuxkit/losetup:43e40be0c82cbccf171ebd2a8065246e2e84f66e
image: linuxkit/losetup:65e3ad6336a321749394f58c3f28003cfce1e28c
command: ["/usr/bin/loopy", "--create", "/var/external/storage_file"]
- name: dm-crypt
image: linuxkit/dm-crypt:908d3a270650aff7388092a307673c44d86e1ed0
image: linuxkit/dm-crypt:d49723bc9d10c5ada9e03b0670f4e57416d5d084
command: ["/usr/bin/crypto", "crypt_loop_dev", "/dev/loop0"]
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/dev/mapper/crypt_loop_dev", "/var/secure_storage"]
- name: bbox
image: busybox
@@ -34,11 +34,11 @@ onboot:
- /var:/var
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

22
examples/dm-crypt.yml
View File

@@ -2,24 +2,24 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
command: ["/usr/bin/format", "/dev/sda"]
- name: dm-crypt
image: linuxkit/dm-crypt:908d3a270650aff7388092a307673c44d86e1ed0
image: linuxkit/dm-crypt:d49723bc9d10c5ada9e03b0670f4e57416d5d084
command: ["/usr/bin/crypto", "crypt_dev", "/dev/sda1"]
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/dev/mapper/crypt_dev", "/var/secure_storage"]
- name: bbox
image: busybox
@@ -28,11 +28,11 @@ onboot:
- /var:/var
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

2
examples/docker-for-mac.md
View File

@@ -16,7 +16,7 @@ $ linuxkit build -format iso-efi docker-for-mac.yml
To run the VM with a 4G disk:
```
linuxkit run hyperkit -networking=vpnkit -vsock-ports=2376 -disk size=4096M -data-file ./metadata.json -iso -uefi docker-for-mac-efi
linuxkit run hyperkit --networking=vpnkit --vsock-ports=2376 --disk size=4096M --data-file ./metadata.json --iso --uefi docker-for-mac-efi
```
Where the file `./metadata.json` should contain the desired docker daemon

40
examples/docker-for-mac.yml
View File

@@ -3,30 +3,30 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0 page_poison=1"
init:
- linuxkit/vpnkit-expose-port:87ac61469247b2a0483cbd1fd2915f220e078b78 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/vpnkit-expose-port:77e45e4681c78d59f1d8a48818260948d55f9d05 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
# support metadata for optional config in /run/config
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: sysfs
image: linuxkit/sysfs:c3bdb00c5e23bf566d294bafd5f7890ca319056f
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
- name: binfmt
image: linuxkit/binfmt:a17941b47f5cb262638cfb49ffc59ac5ac2bf334
image: linuxkit/binfmt:68604c81876812ca1c9e2d9f098c28f463713e61
# Format and mount the disk image in /var/lib/docker
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/var/lib"]
# make a swap file on the mounted disk
- name: swap
image: linuxkit/swap:77305236719ed7ab4be0f3bccc179c583fe7f5ff
image: linuxkit/swap:c57f3319ce770515357f0058035e40519c22b752
command: ["/swap.sh", "--path", "/var/lib/swap", "--size", "1024M"]
# mount-vpnkit mounts the 9p share used by vpnkit to coordinate port forwarding
- name: mount-vpnkit
@@ -44,41 +44,41 @@ onboot:
- /var:/host_var
command: ["sh", "-c", "mv -v /host_var/log /host_var/lib && ln -vs /var/lib/log /host_var/log"]
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
# Enable acpi to shutdown on power events
- name: acpid
image: linuxkit/acpid:c05a368754f6436b326945dc16135ba547568d8d
image: linuxkit/acpid:3b1560c81d3884e049ebbd9d9bf94ccb394e6cd3
# Enable getty for easier debugging
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
# Run ntpd to keep time synchronised in the VM
- name: ntpd
image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
# VSOCK to unix domain socket forwarding. Forwards guest /var/run/docker.sock
# to a socket on the host.
- name: vsudd
image: linuxkit/vsudd:89980cd551d3174b6d8528f39fbd7fd1ca049161
image: linuxkit/vsudd:b4d80d243733f80906cdbcf77f367a7b5744dc09
binds:
- /var/run:/var/run
command: ["/vsudd", "-inport", "2376:unix:/var/run/docker.sock"]
# vpnkit-forwarder forwards network traffic to/from the host via VSOCK port 62373.
# It needs access to the vpnkit 9P coordination share
- name: vpnkit-forwarder
image: linuxkit/vpnkit-forwarder:ea4dded7386b09dd647e854664b029be0a4f420f
image: linuxkit/vpnkit-forwarder:a89ec807d7d675dccd53773c07382bc707db3396
binds:
- /var/vpnkit:/port
net: host
command: ["/vpnkit-forwarder", "-vsockPort", "62373"]
# Monitor for image deletes and invoke a TRIM on the container filesystem
- name: trim-after-delete
image: linuxkit/trim-after-delete:533ed712cf5cede1d5aec121c3f8afc1f471f723
image: linuxkit/trim-after-delete:6ba98bfb111a808b7a1ca890aca9fc2b3709fca2
# When the host resumes from sleep, force a clock resync
- name: host-timesync-daemon
image: linuxkit/host-timesync-daemon:cc7c2f88c0e585c292624b9665412c9aca615d55
image: linuxkit/host-timesync-daemon:12d443511194774a9fdaf5457e5f2703fd5e882c
# Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
# Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
# for vpnkit coordination and /run/config/docker for the configuration file.

24
examples/docker.yml
View File

@@ -2,31 +2,31 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: sysfs
image: linuxkit/sysfs:c3bdb00c5e23bf566d294bafd5f7890ca319056f
image: linuxkit/sysfs:ec174e06ca756f492e7a3fd6200d5c1672b97511
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/var/lib/docker"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: ntpd
image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3
- name: docker
image: docker:20.10.6-dind
capabilities:

16
examples/getty.yml
View File

@@ -2,24 +2,24 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
# to make insecure with passwordless root login, uncomment following lines
#env:
# - INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

16
examples/hostmount-writeable-overlay.yml
View File

@@ -2,15 +2,15 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
@@ -18,7 +18,7 @@ onshutdown:
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
runtime:
@@ -30,7 +30,7 @@ services:
destination: writeable-host-etc
options: ["rw", "lowerdir=/etc", "upperdir=/run/hostetc/upper", "workdir=/run/hostetc/work"]
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

12
examples/influxdb-os.yml
View File

@@ -2,17 +2,17 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: influxdb

20
examples/logging.yml
View File

@@ -3,21 +3,21 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/memlogd:014f86dce2ea4bb2ec13e92ae5c1e854bcefec40
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/memlogd:cb79fd19e6485cfc61b85c607ca172cd860554c5
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
# Inside the getty type `/proc/1/root/usr/bin/logread -F` to follow the log
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
# A service which generates log messages for testing
@@ -25,6 +25,6 @@ services:
image: alpine:3.13
command: ["/bin/sh", "-c", "while /bin/true; do echo hello $(date); sleep 1; done" ]
- name: write-and-rotate-logs
image: linuxkit/logwrite:4d8aa07d4a7130239fc62b09f33e3401ecf62a38
image: linuxkit/logwrite:c1c66d246080a40658903916d650206f2dcd707a
- name: kmsg
image: linuxkit/kmsg:b2f6cd4ce9041120e30a4b5ab36bb8db4f5eb458
image: linuxkit/kmsg:423844f262467e1199480dc93d69e38610c78133

10
examples/minimal.yml
View File

@@ -2,15 +2,15 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true

14
examples/node_exporter.yml
View File

@@ -2,17 +2,17 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: node_exporter
image: linuxkit/node_exporter:bd11bc62e0cdf7a600556c0cb9f6582bf055f245
image: linuxkit/node_exporter:9bcd8479b7ba2844773ef4f01a60c901c4800982

20
examples/openstack.yml
View File

@@ -2,25 +2,25 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "openstack"]
services:
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
binds:
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx
image: nginx:1.13.8-alpine

23
examples/platform-aws.yml
View File

@@ -2,24 +2,27 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
services:
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd2
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
binds:
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx
image: nginx:1.13.8-alpine

18
examples/platform-azure.yml
View File

@@ -2,20 +2,22 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
services:
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub

22
examples/platform-gcp.yml
View File

@@ -2,28 +2,28 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
binds:
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx
image: nginx:1.13.8-alpine

26
examples/platform-hetzner.yml
View File

@@ -3,32 +3,34 @@ kernel:
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/firmware:8f89601312327c78999a880ee104ceae9a25d20e
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "hetzner"]
services:
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub

2
examples/platform-packet.arm64.yml
View File

@@ -10,5 +10,5 @@ kernel:
ucode: ""
onboot:
- name: modprobe
image: linuxkit/modprobe:1b59b4f2ebb877085ea0d8d3a41cf06f64c09a15
image: linuxkit/modprobe:ab5ac4d5e7e7a5f2d103764850f7846b69230676
command: ["modprobe", "nicvf"]

26
examples/platform-packet.yml
View File

@@ -3,32 +3,34 @@ kernel:
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/firmware:8f89601312327c78999a880ee104ceae9a25d20e
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "packet"]
services:
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub

18
examples/platform-rt-for-vmware.yml
View File

@@ -2,24 +2,24 @@ kernel:
image: linuxkit/kernel:5.11.4-rt
cmdline: "console=tty0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: open-vm-tools
image: linuxkit/open-vm-tools:4c3158c7ba27f7ad0ede5d383ca25b57c5588a26
image: linuxkit/open-vm-tools:728ddf726474178eea97604c0baeabd52edab7e9
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

20
examples/platform-scaleway.yml
View File

@@ -2,25 +2,25 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0 root=/dev/vda"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: rngd1
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39

16
examples/platform-vmware.yml
View File

@@ -2,22 +2,22 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

22
examples/platform-vultr.yml
View File

@@ -2,29 +2,29 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:646c00ad6c0b3fc246b6af9ccfcd6b1eb6b6da8a
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "vultr"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
binds:
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /run/config/ssh/authorized_keys:/root/.ssh/authorized_keys
- name: nginx
image: nginx:1.13.8-alpine

10
examples/redis-os.yml
View File

@@ -4,16 +4,16 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
# Currently redis:4.0.6-alpine has trust issue with multi-arch

22
examples/sshd.yml
View File

@@ -2,27 +2,29 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: rngd1
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub

10
examples/static-ip.yml
View File

@@ -2,18 +2,18 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
onboot:
- name: ip
image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
binds:
- /etc/ip:/etc/ip
command: ["ip", "-b", "/etc/ip/eth0.conf"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
files:

22
examples/swap.yml
View File

@@ -2,30 +2,30 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: format
image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
image: linuxkit/format:e040f4f045f03138a1ee8a22bb6feae7fd5596a6
- name: mount
image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
image: linuxkit/mount:19ff89c251a4156bda8ed11c95faad2f40eb770e
command: ["/usr/bin/mountie", "/var/external"]
- name: swap
image: linuxkit/swap:77305236719ed7ab4be0f3bccc179c583fe7f5ff
image: linuxkit/swap:c57f3319ce770515357f0058035e40519c22b752
# to use unencrypted swap, use:
# command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G"]
command: ["/swap.sh", "--path", "/var/external/swap", "--size", "1G", "--encrypt"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39

18
examples/tpm.yml
View File

@@ -2,25 +2,25 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: tss
image: linuxkit/tss:9cfa8c15f2120415aab35efcfdede5b3b5fe5b4c
image: linuxkit/tss:856286012a613598d6ef6869b196f9a72245b7d2
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

14
examples/vpnkit-forwarder.yml
View File

@@ -2,12 +2,12 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: mount-vpnkit
image: alpine:3.13
@@ -19,9 +19,11 @@ onboot:
command: ["sh", "-c", "mkdir /host_var/vpnkit && mount -v -t 9p -o trans=virtio,dfltuid=1001,dfltgid=50,version=9p2000 port /host_var/vpnkit"]
services:
- name: sshd
image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
- name: vpnkit-forwarder
image: linuxkit/vpnkit-forwarder:ea4dded7386b09dd647e854664b029be0a4f420f
image: linuxkit/vpnkit-forwarder:a89ec807d7d675dccd53773c07382bc707db3396
binds:
- /var/vpnkit:/port
net: host

10
examples/vsudd-containerd.yml
View File

@@ -2,16 +2,16 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyS0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: vsudd
image: linuxkit/vsudd:89980cd551d3174b6d8528f39fbd7fd1ca049161
image: linuxkit/vsudd:b4d80d243733f80906cdbcf77f367a7b5744dc09
binds:
- /run/containerd/containerd.sock:/run/containerd/containerd.sock
command: ["/vsudd",

20
examples/wireguard.yml
View File

@@ -2,18 +2,18 @@ kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:8f1e6a0747acbbb4d7e24dc98f97faa8d1c6cec7
- linuxkit/runc:f01b88c7033180d50ae43562d72707c6881904e4
- linuxkit/containerd:de1b18eed76a266baa3092e5c154c84f595e56da
- linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: wg0
image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
net: new
binds:
- /etc/wireguard:/etc/wireguard
@@ -26,7 +26,7 @@ onboot:
bindNS:
net: /run/netns/wg0
- name: wg1
image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
net: new
binds:
- /etc/wireguard:/etc/wireguard
@@ -40,12 +40,12 @@ onboot:
net: /run/netns/wg1
services:
- name: getty
image: linuxkit/getty:76951a596aa5e0867a38e28f0b94d620e948e3e8
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
net: /run/netns/wg1
- name: rngd
image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: nginx
image: nginx:1.13.8-alpine
net: /run/netns/wg0

15
kernel/config-5.10.x-aarch64 → kernel/5.10.x/config-aarch64
View File

@@ -2,15 +2,16 @@
# Automatically generated file; DO NOT EDIT.
# Linux/arm64 5.10.104 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Alpine 10.2.1_pre1) 10.2.1 20201203"
CONFIG_CC_VERSION_TEXT="gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=100201
CONFIG_LD_VERSION=235020000
CONFIG_GCC_VERSION=120201
CONFIG_LD_VERSION=239000000
CONFIG_CLANG_VERSION=0
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
CONFIG_CC_HAS_ASM_INLINE=y
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_TABLE_SORT=y
@@ -389,6 +390,7 @@ CONFIG_SYS_SUPPORTS_HUGETLBFS=y
CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
CONFIG_CC_HAVE_SHADOW_CALL_STACK=y
CONFIG_PARAVIRT=y
# CONFIG_PARAVIRT_TIME_ACCOUNTING is not set
# CONFIG_KEXEC_FILE is not set
@@ -706,6 +708,7 @@ CONFIG_HAVE_ARCH_STACKLEAK=y
CONFIG_HAVE_STACKPROTECTOR=y
CONFIG_STACKPROTECTOR=y
CONFIG_STACKPROTECTOR_STRONG=y
CONFIG_ARCH_SUPPORTS_SHADOW_CALL_STACK=y
CONFIG_HAVE_CONTEXT_TRACKING=y
CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
@@ -4513,10 +4516,14 @@ CONFIG_GCC_PLUGIN_STRUCTLEAK=y
#
# Memory initialization
#
CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y
CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y
# CONFIG_INIT_STACK_NONE is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
# CONFIG_INIT_STACK_ALL_PATTERN is not set
# CONFIG_INIT_STACK_ALL_ZERO is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
CONFIG_GCC_PLUGIN_STACKLEAK=y
CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
@@ -4932,6 +4939,7 @@ CONFIG_UBSAN_MISC=y
# CONFIG_UBSAN_SANITIZE_ALL is not set
# CONFIG_UBSAN_ALIGNMENT is not set
# CONFIG_TEST_UBSAN is not set
CONFIG_HAVE_KCSAN_COMPILER=y
# end of Generic Kernel Debugging Instruments
CONFIG_DEBUG_KERNEL=y
@@ -4968,6 +4976,7 @@ CONFIG_DEBUG_MEMORY_INIT=y
CONFIG_HAVE_ARCH_KASAN=y
CONFIG_HAVE_ARCH_KASAN_SW_TAGS=y
CONFIG_CC_HAS_KASAN_GENERIC=y
CONFIG_CC_HAS_KASAN_SW_TAGS=y
CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y
# CONFIG_KASAN is not set
# end of Memory Debugging

19
kernel/config-5.10.x-x86_64 → kernel/5.10.x/config-x86_64
View File

@@ -2,15 +2,16 @@
# Automatically generated file; DO NOT EDIT.
# Linux/x86 5.10.104 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Alpine 10.2.1_pre1) 10.2.1 20201203"
CONFIG_CC_VERSION_TEXT="gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=100201
CONFIG_LD_VERSION=235020000
CONFIG_GCC_VERSION=120201
CONFIG_LD_VERSION=239000000
CONFIG_CLANG_VERSION=0
CONFIG_LLD_VERSION=0
CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
CONFIG_CC_HAS_ASM_INLINE=y
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_TABLE_SORT=y
@@ -421,8 +422,7 @@ CONFIG_X86_INTEL_TSX_MODE_OFF=y
# CONFIG_X86_INTEL_TSX_MODE_ON is not set
# CONFIG_X86_INTEL_TSX_MODE_AUTO is not set
CONFIG_EFI=y
CONFIG_EFI_STUB=y
CONFIG_EFI_MIXED=y
# CONFIG_EFI_STUB is not set
# CONFIG_HZ_100 is not set
# CONFIG_HZ_250 is not set
# CONFIG_HZ_300 is not set
@@ -620,12 +620,9 @@ CONFIG_EFI_VARS_PSTORE=y
# CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE is not set
# CONFIG_EFI_FAKE_MEMMAP is not set
CONFIG_EFI_RUNTIME_WRAPPERS=y
CONFIG_EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER=y
# CONFIG_EFI_BOOTLOADER_CONTROL is not set
# CONFIG_EFI_CAPSULE_LOADER is not set
# CONFIG_EFI_TEST is not set
# CONFIG_APPLE_PROPERTIES is not set
CONFIG_RESET_ATTACK_MITIGATION=y
# CONFIG_EFI_RCI2_TABLE is not set
# CONFIG_EFI_DISABLE_PCI_DMA is not set
# end of EFI (Extensible Firmware Interface) Support
@@ -4089,10 +4086,14 @@ CONFIG_GCC_PLUGIN_STRUCTLEAK=y
#
# Memory initialization
#
CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y
CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y
# CONFIG_INIT_STACK_NONE is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
# CONFIG_INIT_STACK_ALL_PATTERN is not set
# CONFIG_INIT_STACK_ALL_ZERO is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
CONFIG_GCC_PLUGIN_STACKLEAK=y
CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
@@ -4520,6 +4521,8 @@ CONFIG_UBSAN_MISC=y
# CONFIG_UBSAN_ALIGNMENT is not set
# CONFIG_TEST_UBSAN is not set
CONFIG_HAVE_ARCH_KCSAN=y
CONFIG_HAVE_KCSAN_COMPILER=y
# CONFIG_KCSAN is not set
# end of Generic Kernel Debugging Instruments
CONFIG_DEBUG_KERNEL=y

0
kernel/patches-5.10.x/0001-include-uapi-linux-swab-Fix-potentially-missing-__al.patch → kernel/5.10.x/patches/0001-include-uapi-linux-swab-Fix-potentially-missing-__al.patch
View File

0
kernel/config-5.11.x-aarch64-rt → kernel/5.11.x-rt/config-aarch64
View File

0
kernel/config-5.11.x-x86_64-rt → kernel/5.11.x-rt/config-x86_64
View File

0
kernel/patches-5.11.x-rt/0001-highmem-Don-t-disable-preemption-on-RT-in-kmap_atomi.patch → kernel/5.11.x-rt/patches/0001-highmem-Don-t-disable-preemption-on-RT-in-kmap_atomi.patch
View File

0
kernel/patches-5.11.x-rt/0002-timers-Move-clearing-of-base-timer_running-under-bas.patch → kernel/5.11.x-rt/patches/0002-timers-Move-clearing-of-base-timer_running-under-bas.patch
View File

0
kernel/patches-5.11.x-rt/0003-0001-mm-zswap-add-a-flag-to-indicate-if-zpool-can-do-slee.patch → kernel/5.11.x-rt/patches/0003-0001-mm-zswap-add-a-flag-to-indicate-if-zpool-can-do-slee.patch
View File

0
kernel/patches-5.11.x-rt/0004-0002-mm-set-the-sleep_mapped-to-true-for-zbud-and-z3fold.patch → kernel/5.11.x-rt/patches/0004-0002-mm-set-the-sleep_mapped-to-true-for-zbud-and-z3fold.patch
View File

0
kernel/patches-5.11.x-rt/0005-blk-mq-Always-complete-remote-completions-requests-i.patch → kernel/5.11.x-rt/patches/0005-blk-mq-Always-complete-remote-completions-requests-i.patch
View File

0
kernel/patches-5.11.x-rt/0006-blk-mq-Use-llist_head-for-blk_cpu_done.patch → kernel/5.11.x-rt/patches/0006-blk-mq-Use-llist_head-for-blk_cpu_done.patch
View File

0
kernel/patches-5.11.x-rt/0007-0001-kthread-Move-prio-affinite-change-into-the-newly-cre.patch → kernel/5.11.x-rt/patches/0007-0001-kthread-Move-prio-affinite-change-into-the-newly-cre.patch
View File

0
kernel/patches-5.11.x-rt/0008-0002-genirq-Move-prio-assignment-into-the-newly-created-t.patch → kernel/5.11.x-rt/patches/0008-0002-genirq-Move-prio-assignment-into-the-newly-created-t.patch
View File

0
kernel/patches-5.11.x-rt/0009-notifier-Make-atomic_notifiers-use-raw_spinlock.patch → kernel/5.11.x-rt/patches/0009-notifier-Make-atomic_notifiers-use-raw_spinlock.patch
View File

0
kernel/patches-5.11.x-rt/0010-0001-rcu-Make-RCU_BOOST-default-on-CONFIG_PREEMPT_RT.patch → kernel/5.11.x-rt/patches/0010-0001-rcu-Make-RCU_BOOST-default-on-CONFIG_PREEMPT_RT.patch
View File

0
kernel/patches-5.11.x-rt/0011-0002-rcu-Unconditionally-use-rcuc-threads-on-PREEMPT_RT.patch → kernel/5.11.x-rt/patches/0011-0002-rcu-Unconditionally-use-rcuc-threads-on-PREEMPT_RT.patch
View File

0
kernel/patches-5.11.x-rt/0012-0003-rcu-Enable-rcu_normal_after_boot-unconditionally-for.patch → kernel/5.11.x-rt/patches/0012-0003-rcu-Enable-rcu_normal_after_boot-unconditionally-for.patch
View File

0
kernel/patches-5.11.x-rt/0013-0004-doc-Update-RCU-s-requirements-page-about-the-PREEMPT.patch → kernel/5.11.x-rt/patches/0013-0004-doc-Update-RCU-s-requirements-page-about-the-PREEMPT.patch
View File

0
kernel/patches-5.11.x-rt/0014-0005-doc-Use-CONFIG_PREEMPTION.patch → kernel/5.11.x-rt/patches/0014-0005-doc-Use-CONFIG_PREEMPTION.patch
View File

0
kernel/patches-5.11.x-rt/0015-0001-tracing-Merge-irqflags-preempt-counter.patch → kernel/5.11.x-rt/patches/0015-0001-tracing-Merge-irqflags-preempt-counter.patch
View File

0
kernel/patches-5.11.x-rt/0016-0002-tracing-Inline-tracing_gen_ctx_flags.patch → kernel/5.11.x-rt/patches/0016-0002-tracing-Inline-tracing_gen_ctx_flags.patch
View File

0
kernel/patches-5.11.x-rt/0017-0003-tracing-Use-in_serving_softirq-to-deduct-softirq-sta.patch → kernel/5.11.x-rt/patches/0017-0003-tracing-Use-in_serving_softirq-to-deduct-softirq-sta.patch
View File

0
kernel/patches-5.11.x-rt/0018-0004-tracing-Remove-NULL-check-from-current-in-tracing_ge.patch → kernel/5.11.x-rt/patches/0018-0004-tracing-Remove-NULL-check-from-current-in-tracing_ge.patch
View File

0
kernel/patches-5.11.x-rt/0019-tpm-remove-tpm_dev_wq_lock.patch → kernel/5.11.x-rt/patches/0019-tpm-remove-tpm_dev_wq_lock.patch
View File

0
kernel/patches-5.11.x-rt/0020-powerpc-mm-Move-the-linear_mapping_mutex-to-the-ifde.patch → kernel/5.11.x-rt/patches/0020-powerpc-mm-Move-the-linear_mapping_mutex-to-the-ifde.patch
View File

0
kernel/patches-5.11.x-rt/0021-0002-printk-limit-second-loop-of-syslog_print_all.patch → kernel/5.11.x-rt/patches/0021-0002-printk-limit-second-loop-of-syslog_print_all.patch
View File

0
kernel/patches-5.11.x-rt/0022-0003-printk-kmsg_dump-remove-unused-fields.patch → kernel/5.11.x-rt/patches/0022-0003-printk-kmsg_dump-remove-unused-fields.patch
View File

0
kernel/patches-5.11.x-rt/0023-0004-printk-refactor-kmsg_dump_get_buffer.patch → kernel/5.11.x-rt/patches/0023-0004-printk-refactor-kmsg_dump_get_buffer.patch
View File

0
kernel/patches-5.11.x-rt/0024-0005-printk-consolidate-kmsg_dump_get_buffer-syslog_print.patch → kernel/5.11.x-rt/patches/0024-0005-printk-consolidate-kmsg_dump_get_buffer-syslog_print.patch
View File

0
kernel/patches-5.11.x-rt/0025-0006-printk-introduce-CONSOLE_LOG_MAX-for-improved-multi-.patch → kernel/5.11.x-rt/patches/0025-0006-printk-introduce-CONSOLE_LOG_MAX-for-improved-multi-.patch
View File

0
kernel/patches-5.11.x-rt/0026-0007-printk-use-seqcount_latch-for-clear_seq.patch → kernel/5.11.x-rt/patches/0026-0007-printk-use-seqcount_latch-for-clear_seq.patch
View File

0
kernel/patches-5.11.x-rt/0027-0008-printk-use-atomic64_t-for-devkmsg_user.seq.patch → kernel/5.11.x-rt/patches/0027-0008-printk-use-atomic64_t-for-devkmsg_user.seq.patch
View File

0
kernel/patches-5.11.x-rt/0028-0009-printk-add-syslog_lock.patch → kernel/5.11.x-rt/patches/0028-0009-printk-add-syslog_lock.patch
View File

0
kernel/patches-5.11.x-rt/0029-0010-printk-introduce-a-kmsg_dump-iterator.patch → kernel/5.11.x-rt/patches/0029-0010-printk-introduce-a-kmsg_dump-iterator.patch
View File

0
kernel/patches-5.11.x-rt/0030-0011-um-synchronize-kmsg_dumper.patch → kernel/5.11.x-rt/patches/0030-0011-um-synchronize-kmsg_dumper.patch
View File

0
kernel/patches-5.11.x-rt/0031-0012-printk-remove-logbuf_lock.patch → kernel/5.11.x-rt/patches/0031-0012-printk-remove-logbuf_lock.patch
View File

0
kernel/patches-5.11.x-rt/0032-0013-printk-kmsg_dump-remove-_nolock-variants.patch → kernel/5.11.x-rt/patches/0032-0013-printk-kmsg_dump-remove-_nolock-variants.patch
View File

0
kernel/patches-5.11.x-rt/0033-0014-printk-kmsg_dump-use-kmsg_dump_rewind.patch → kernel/5.11.x-rt/patches/0033-0014-printk-kmsg_dump-use-kmsg_dump_rewind.patch
View File

0
kernel/patches-5.11.x-rt/0034-0015-printk-console-remove-unnecessary-safe-buffer-usage.patch → kernel/5.11.x-rt/patches/0034-0015-printk-console-remove-unnecessary-safe-buffer-usage.patch
View File

0
kernel/patches-5.11.x-rt/0035-0016-printk-track-limit-recursion.patch → kernel/5.11.x-rt/patches/0035-0016-printk-track-limit-recursion.patch
View File

0
kernel/patches-5.11.x-rt/0036-0017-printk-remove-safe-buffers.patch → kernel/5.11.x-rt/patches/0036-0017-printk-remove-safe-buffers.patch
View File

0
kernel/patches-5.11.x-rt/0037-0018-printk-convert-syslog_lock-to-spin_lock.patch → kernel/5.11.x-rt/patches/0037-0018-printk-convert-syslog_lock-to-spin_lock.patch
View File

0
kernel/patches-5.11.x-rt/0038-0019-console-add-write_atomic-interface.patch → kernel/5.11.x-rt/patches/0038-0019-console-add-write_atomic-interface.patch
View File

0
kernel/patches-5.11.x-rt/0039-0020-serial-8250-implement-write_atomic.patch → kernel/5.11.x-rt/patches/0039-0020-serial-8250-implement-write_atomic.patch
View File

0
kernel/patches-5.11.x-rt/0040-0021-printk-relocate-printk_delay-and-vprintk_default.patch → kernel/5.11.x-rt/patches/0040-0021-printk-relocate-printk_delay-and-vprintk_default.patch
View File

0
kernel/patches-5.11.x-rt/0041-0022-printk-combine-boot_delay_msec-into-printk_delay.patch → kernel/5.11.x-rt/patches/0041-0022-printk-combine-boot_delay_msec-into-printk_delay.patch
View File

0
kernel/patches-5.11.x-rt/0042-0023-printk-change-console_seq-to-atomic64_t.patch → kernel/5.11.x-rt/patches/0042-0023-printk-change-console_seq-to-atomic64_t.patch
View File

0
kernel/patches-5.11.x-rt/0043-0024-printk-introduce-kernel-sync-mode.patch → kernel/5.11.x-rt/patches/0043-0024-printk-introduce-kernel-sync-mode.patch
View File

0
kernel/patches-5.11.x-rt/0044-0025-printk-move-console-printing-to-kthreads.patch → kernel/5.11.x-rt/patches/0044-0025-printk-move-console-printing-to-kthreads.patch
View File

0
kernel/patches-5.11.x-rt/0045-0026-printk-remove-deferred-printing.patch → kernel/5.11.x-rt/patches/0045-0026-printk-remove-deferred-printing.patch
View File

0
kernel/patches-5.11.x-rt/0046-0027-printk-add-console-handover.patch → kernel/5.11.x-rt/patches/0046-0027-printk-add-console-handover.patch
View File

0
kernel/patches-5.11.x-rt/0047-0028-printk-add-pr_flush.patch → kernel/5.11.x-rt/patches/0047-0028-printk-add-pr_flush.patch
View File

0
kernel/patches-5.11.x-rt/0048-kcov-Remove-kcov-include-from-sched.h-and-move-it-to.patch → kernel/5.11.x-rt/patches/0048-kcov-Remove-kcov-include-from-sched.h-and-move-it-to.patch
View File

Some files were not shown because too many files have changed in this diff Show More