github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-03-19 21:18:02 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: github:v1.2.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2
...
compare: github:v1.5.0
Branches Tags
github:master
github:v1.8.2 github:v1.8.1 github:pkg-v1.2.0 github:v1.8.0 github:v1.7.1 github:pkg-v1.1.0 github:v1.7.0 github:v1.6.5 github:v1.6.4 github:v1.6.3 github:v1.6.2 github:v1.6.1 github:v1.6.0 github:v1.5.3 github:v1.5.2 github:v1.5.1 github:v1.5.0 github:v1.4.0 github:v1.3.0 github:pkg-v1.0.0 github:v1.2.0 github:v1.0.1 github:v1.0.0 github:v0.8.1 github:v0.8 github:v0.7 github:v0.6 github:v0.5 github:v0.4 github:v0.3 github:v0.2

120 Commits
v1.2.0 ... v1.5.0

Author SHA1 Message Date
Avi Deitcher
270fd1c5aa Merge pull request #4066 from deitch/ssh-support 
support for pkg build ssh
 2024-07-28 13:32:42 +03:00
Avi Deitcher
51727db254 support for pkg build ssh 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-28 11:39:55 +03:00
Avi Deitcher
34304b1e63 Merge pull request #4065 from deitch/volumes 
Volumes
 2024-07-21 20:33:02 +03:00
Avi Deitcher
38a0cb6376 test cases for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 20:02:40 +03:00
Avi Deitcher
a5085fc9ea pkg/init support for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 17:48:39 +03:00
Avi Deitcher
b953d1781c add support for volumes 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-21 17:48:38 +03:00
Avi Deitcher
fa08581fd5 Merge pull request #4064 from deitch/containerd-config-2 
containerd config.toml v2
 2024-07-19 09:54:34 +03:00
Avi Deitcher
d665a978a1 containerd config.toml v2 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-18 22:01:15 +03:00
Avi Deitcher
d68494ba4b Merge pull request #4063 from deitch/bump-containerd-1.7.20 
containerd to 1.7.20
 2024-07-18 21:40:39 +03:00
Avi Deitcher
55e13c914e containerd to 1.7.20 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-18 20:51:31 +03:00
Avi Deitcher
c3c6dc7735 Merge pull request #4062 from deitch/debug-containerd 
include example for debugging containerd
 2024-07-17 14:30:46 +03:00
Avi Deitcher
5d9f3e0aa0 include example for debugging containerd 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-17 14:29:29 +03:00
Avi Deitcher
690a4eecb5 Merge pull request #4061 from deitch/multi-pkg-deps 
Multi pkg deps
 2024-07-16 18:33:59 +03:00
Avi Deitcher
cd65ec385b Merge pull request #4060 from deitch/linuxkit-deps 
bump docker deps in linuxkit binary
 2024-07-16 12:58:01 +03:00
Avi Deitcher
f13aee1041 update rngd/extend/init usage in yml 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:29:10 +03:00
Avi Deitcher
315a1dbf20 pkg/extend bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:24:48 +03:00
Avi Deitcher
7ac157e61b pkg/host-timesync-daemon bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:23:24 +03:00
Avi Deitcher
53f848a229 pkg/rngd bump x/sys version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:23:23 +03:00
Avi Deitcher
4ad55951e1 bump docker deps in linuxkit binary 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 12:15:22 +03:00
Avi Deitcher
5d940f4770 Merge pull request #4059 from deitch/more-init-alerts 
bump pkg/init containerd, runc and image-spec to fix CVEs
 2024-07-16 12:07:32 +03:00
Avi Deitcher
1fe9d0ea76 bump pkg/init containerd, runc and image-spec to fix CVEs 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 10:55:01 +03:00
Avi Deitcher
7b114bfa36 Merge pull request #4058 from deitch/init-security-alerts 
update package versions and go version for pkg/init
 2024-07-16 09:50:54 +02:00
Avi Deitcher
6bbda93914 update package versions and go version for pkg/init 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-16 10:11:23 +03:00
Avi Deitcher
e6ffc8a8f3 Merge pull request #4057 from deitch/build-targets-all-not-macos 
make targets separated by OS
 2024-07-11 19:03:20 +02:00
Avi Deitcher
e6ac960951 make targets separated by OS 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 18:09:48 +02:00
Avi Deitcher
933445f071 Merge pull request #4056 from deitch/handle-cross-compilation-macos 
separate release builds of macOS CGO from others
 2024-07-11 17:24:05 +02:00
Avi Deitcher
7acc8262f2 separate release builds of macOS CGO from others 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 16:55:51 +02:00
Avi Deitcher
bfac135e4e Merge pull request #4055 from deitch/include-semver-in-version 
properly save linuxkit version
 2024-07-11 15:41:20 +02:00
Avi Deitcher
8bb9174b28 properly save linuxkit version 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-11 15:16:26 +02:00
Avi Deitcher
8d76ae282f Merge pull request #4054 from christoph-zededa/fix_build_command_args 
cmd: allow more than one config yaml for build
 2024-07-10 19:00:52 +03:00
Christoph Ostarek
04dc9042cf cmd: allow more than one config yaml for build 
according to the documentation the following command is valid:
`linuxkit build equinixmetal.yml equinixmetal.arm64.yml`
(docs/platform-equinixmetal.md)

So, make it valid.

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-07-10 17:24:53 +02:00
Avi Deitcher
c90f2ee8f2 Merge pull request #4052 from deitch/packet-to-metal 
Packet to metal
 2024-07-07 16:39:18 +03:00
Avi Deitcher
ad4c97c430 switch linuxkit from deprecated packngo to equinixmetal go-sdk 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-05 17:57:48 +03:00
Avi Deitcher
8f6ea3c85e switch Packet references to Equinix Metal 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-07-05 17:22:25 +03:00
Avi Deitcher
3f80ca694f Merge pull request #4049 from danrzs/master 
ensured dumpFollow of logread includes 'follow' behaviour
 2024-07-03 19:57:34 +03:00
Daniel Smith
cda7577e3c ensured dumpFollow of logread includes 'follow' behaviour 
Signed-off-by: Daniel Smith <daniel@razorsecure.com>
 2024-07-03 13:55:46 +01:00
Avi Deitcher
be7dfdd42c Merge pull request #4046 from jalaziz/4045 
Improve support for third-party registry images
 2024-06-24 11:08:04 -07:00
Jameel Al-Aziz
21e9f0fa1c add tests 
Signed-off-by: Jameel Al-Aziz <jameel@bastion.io>
 2024-06-22 01:58:37 -04:00
Jameel Al-Aziz
5e42d050a7 Improve support for third-party registry images 
Update `ReferenceExpand` to support image references from remote
registries. This fixes local image lookup and pulling with newer
versions of Docker.

fixes #4045

Signed-off-by: Jameel Al-Aziz <jameel@bastion.io>
 2024-06-18 21:57:51 -07:00
Avi Deitcher
4f89f4f67e Merge pull request #4043 from deitch/buildkit-bump 2024-06-11 18:29:11 +03:00
Avi Deitcher
977afa7510 remove no longer necessary rand.Seed 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 17:42:55 +03:00
Avi Deitcher
7c46ac8c5d bump buildkit to latest v0.13.2 with deps 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 15:55:42 +03:00
Avi Deitcher
f48e442a46 Merge pull request #4044 from deitch/go-1.22 
bump actions/setup-go to v5 and go-version to 1.22.3
 2024-06-11 15:55:13 +03:00
Avi Deitcher
4c3d189a1a bump actions/setup-go to v5 and go-version to 1.22.3 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-06-11 15:20:58 +03:00
Avi Deitcher
9e06024567 Merge pull request #4040 from deitch/export-formats 
add cache export format OCI
 2024-05-16 15:48:20 +03:00
Avi Deitcher
f5dcefc7c2 add cache export format OCI 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-05-16 14:38:19 +03:00
Avi Deitcher
6d37353ca1 Merge pull request #4039 from deitch/split-moby 
move moby components that do not have runtime dependencies to own directory
 2024-05-07 20:27:35 +03:00
Avi Deitcher
379617ca0d move moby components that do not have runtime dependencies to own directory 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-05-07 19:51:25 +03:00
Avi Deitcher
b49e32af98 Merge pull request #4036 from deitch/fix-action-script-v7 2024-04-28 16:30:14 +03:00
Avi Deitcher
5299f948e3 use proper path for github-script properties 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 15:56:53 +03:00
Avi Deitcher
e171750da6 Merge pull request #4035 from deitch/action-script-v7 2024-04-28 15:25:33 +03:00
Avi Deitcher
c32c74bc1d github script v7 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 14:43:52 +03:00
Avi Deitcher
d3257af256 Merge pull request #4034 from deitch/token-for-actions 2024-04-28 13:58:27 +03:00
Avi Deitcher
2578ae23c6 explicitly use GITHUB_TOKEN for actions script 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-28 12:58:10 +03:00
Avi Deitcher
38e62bb61d Merge pull request #4033 from jacobweinstock/cgroupsv2-as-default 
Make cgroups v2 the default in the init pkg
 2024-04-28 11:45:00 +03:00
Jacob Weinstock
2fe19f7561 Update dependencies 
Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
 2024-04-27 15:40:30 -06:00
Jacob Weinstock
803747f01a Make cgroups v2 the default: 
cgroups v2 has been out since 2015. Not having
to set a kernel parameter helps improve the user
experience by not requiring it when it is required
by services in a build. Making this the default was
discussed back in 2021.

Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
 2024-04-27 15:40:00 -06:00
Avi Deitcher
8afecd5204 Merge pull request #4031 from deitch/update-actions 
bump actions to v4 to avoid deprecation
 2024-04-25 12:19:07 +03:00
Avi Deitcher
e6b0ae05eb Merge pull request #4030 from deitch/canonicalize-pull 
use canonical ref when looking in cache
 2024-04-25 11:50:19 +03:00
Avi Deitcher
04792e0d44 bump actions to v4 to avoid deprecation 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-25 11:44:38 +03:00
Avi Deitcher
c836e54d22 use canonical ref when looking in cache 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-24 15:00:39 +03:00
Avi Deitcher
bc5d08d6a3 Merge pull request #4028 from largemouth/master 
chore: fix function name in comment
 2024-04-24 13:27:34 +03:00
largemouth
4ce13640cd chore: fix function name in comment 
Signed-off-by: largemouth <largemouth@aliyun.com>
 2024-04-22 19:45:14 +08:00
Avi Deitcher
cea4c0d419 Merge pull request #4027 from deitch/not-same-file 
prevent using same file for input tar and output tar
 2024-04-21 13:55:30 +03:00
Avi Deitcher
dc12b9be69 prevent using same file for input tar and output tar 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-21 13:19:57 +03:00
Avi Deitcher
dd1ae909d6 Merge pull request #4026 from deitch/increment-tar-output 
add support for input-tar
 2024-04-19 17:08:03 +03:00
Avi Deitcher
632b4065d4 add support for input-tar 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-19 16:30:06 +03:00
Avi Deitcher
a610332100 Merge pull request #4025 from deitch/tag-sources-in-tar 
include image reference as source in every tar file header
 2024-04-18 16:34:05 +03:00
Avi Deitcher
1fe8cba107 include image reference as source in every tar file header 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-18 16:03:34 +03:00
Avi Deitcher
47d02ecd61 Merge pull request #4024 from deitch/fix-kernel-tools-build 
fix kernel tools build.yml files to reflect correct dockerfiles
 2024-04-17 11:41:18 +03:00
Avi Deitcher
4d212000ec fix kernel tools build.yml files to reflect correct dockerfiles 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-16 19:30:28 +03:00
Avi Deitcher
9e18c9247c Merge pull request #4023 from deitch/commit-tag-arg 
add tag to args passed for package builds
 2024-04-16 15:14:25 +03:00
Avi Deitcher
6af6291afe add tag to args passed for package builds 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-04-16 13:52:49 +03:00
Avi Deitcher
de79880fff Merge pull request #3960 from Fabsolute/fix-disk-parameter-for-virtualization 2024-04-12 16:50:03 +02:00
Fabsolute
f2240fbeea FIX disk parameter usage 
Signed-off-by: Fabsolute <ahmetturk93@gmail.com>
 2024-04-12 16:07:30 +02:00
Avi Deitcher
b7bb183d49 Merge pull request #4020 from christoph-zededa/fix_doc_build_iso-efi 
README.md: fix format parameter
 2024-03-20 09:10:12 +01:00
Christoph Ostarek
6a7cea9dbd README.md: fix format parameter 
linuxkit build expects '--format' or '-f' and not
'-format'

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-03-19 18:01:22 +01:00
Avi Deitcher
3ff5dac063 Merge pull request #4018 from christoph-zededa/fix_pulling_from_localhost_registry 
util: allow pulling from local registry
 2024-03-17 00:57:54 -07:00
Christoph Ostarek
4496612c70 util: allow pulling from local registry 
before a command like
linuxkit cache pull 127.0.0.1:5000/pkgalpine

would result in trying to pull the following image:
docker.io/127.0.0.1:5000/pkgalpine

and this is wrong

Signed-off-by: Christoph Ostarek <christoph@zededa.com>
 2024-03-15 18:36:31 +01:00
Avi Deitcher
1b1007a9da Merge pull request #4017 from deitch/pkg-release-cmds 
missing pipe in package_release workflow
 2024-03-11 08:57:55 -07:00
Avi Deitcher
c3b151ea42 missing pipe in package_release workflow 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-11 17:21:22 +02:00
Avi Deitcher
7952421e2b Merge pull request #4016 from deitch/next-fix-releases 
fix pkg-release flow for building linuxkit
 2024-03-11 08:18:50 -07:00
Avi Deitcher
88ff3ac7a7 fix pkg-release flow for building linuxkit 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-11 16:47:12 +02:00
Avi Deitcher
719ae0082a Merge pull request #4015 from deitch/pkg-tag-workflow 
ensure package release flow is picked up
 2024-03-11 07:41:41 -07:00
Avi Deitcher
15730ea617 ensure package release flow is picked up 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-11 14:19:07 +02:00
Avi Deitcher
55963aa26f Merge pull request #4014 from deitch/fix-release-pkgs 
fix pkg release action workflow
 2024-03-11 03:30:17 -07:00
Avi Deitcher
14f5433943 fix pkg release action workflow 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-11 11:34:34 +02:00
Avi Deitcher
10bbf86397 Merge pull request #4013 from deitch/pkg-release 
add support for pkg release tags
 2024-03-11 01:55:24 -07:00
Avi Deitcher
4df07ddb6e add support for pkg release tags 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-11 10:07:43 +02:00
Avi Deitcher
b8b00e8c82 Merge pull request #4012 from deitch/remote-tag-with-copy 
remote-tag enable copying across repositories and registries
 2024-03-06 03:55:22 -08:00
Avi Deitcher
51696d2905 remote-tag enable copying across repositories and registries 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-06 13:23:19 +02:00
Avi Deitcher
0d89422386 Merge pull request #4011 from deitch/kernel-push-builder 
Kernel push builder
 2024-03-06 01:58:21 -08:00
Avi Deitcher
3087e9055a fix builder image tagging using new remote-tag option of linuxkit 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-06 11:28:38 +02:00
Avi Deitcher
17ed8938e0 kernel builder handle push properly 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-06 10:45:21 +02:00
Avi Deitcher
67afa5d380 Merge pull request #4010 from deitch/remote-tag-rename 
add pkg remote-tag option to tag descriptors remotely without pulling…
 2024-03-06 00:44:59 -08:00
Avi Deitcher
58b7ae5b66 add pkg remote-tag option to tag descriptors remotely without pulling and pushing 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-06 10:14:28 +02:00
Avi Deitcher
70ae026b5d Merge pull request #4009 from deitch/cache-push-nopush-option 
cache push only overrides remote if explicit
 2024-03-05 10:37:56 -08:00
Avi Deitcher
71096c4301 cache push only overrides remote if explicit 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-05 20:05:01 +02:00
Avi Deitcher
60da9b92e4 Merge pull request #4008 from deitch/kernel-publish-ci 
make kernel read/build and check part of CI
 2024-03-05 08:27:34 -08:00
Avi Deitcher
2389221c4a make kernel read/build and check part of CI 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-05 17:49:28 +02:00
Avi Deitcher
17f5ecaefd Merge pull request #4007 from deitch/fix-update-component-too-broad-match 
Fix update component too broad match
 2024-03-05 00:16:15 -08:00
Avi Deitcher
533d582bad update 6.6.x test hash versions 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 21:33:23 +02:00
Avi Deitcher
3d0cd9d5da properly handle sed for update-component-sha.sh 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 21:32:19 +02:00
Avi Deitcher
470a9287e6 Merge pull request #4006 from deitch/kernel-hash-updates 
hash for kernel changed, updating in test cases
 2024-03-04 10:29:52 -08:00
Avi Deitcher
0abb1ac179 hash for kernel changed, updating in test cases 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 19:51:57 +02:00
Avi Deitcher
413f3f3e67 Merge pull request #4005 from deitch/kernel-makefile-regex 
ensure kernel replacement matches middle of line too
 2024-03-04 06:24:06 -08:00
Avi Deitcher
81f8a91d70 ensure kernel replacement matches middle of line too 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 15:54:08 +02:00
Avi Deitcher
83efa26b65 Merge pull request #4004 from deitch/missing-kernel-hashes 
add missing hashes for kernel version-specific test cases
 2024-03-04 05:12:28 -08:00
Avi Deitcher
3f10329ec2 add missing hashes for kernel version-specific test cases 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 14:25:46 +02:00
Avi Deitcher
600e12f184 Merge pull request #4003 from deitch/fix-kernel-makefile-replace 
in kernel makefile tag update, ensure we only replace non-hashed semver
 2024-03-04 03:40:00 -08:00
Avi Deitcher
916390860d in kernel makefile tag update, ensure we only replace non-hashed semver 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 12:45:28 +02:00
Avi Deitcher
b94b3af341 Merge pull request #4002 from deitch/kernel-tag-in-tests 
Kernel tag in tests
 2024-03-04 02:29:56 -08:00
Avi Deitcher
e381f9cac2 kernel generic test cases updated 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 11:53:11 +02:00
Avi Deitcher
e297d98f81 kernel series-specific test cases reference with hash 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-04 11:08:21 +02:00
Avi Deitcher
2f81ee674d Merge pull request #4001 from deitch/kernel-makefile-all-yamls-update 
update kernel Makefile for targets for yamls
 2024-03-04 01:04:29 -08:00
Avi Deitcher
d47a9284b4 update kernel Makefile for targets for yamls 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-03 17:06:45 +02:00
Avi Deitcher
62d04af55b Merge pull request #4000 from deitch/kernel-ci 
kernel makefile target to replace tags using update-component-sha.sh
 2024-03-03 06:59:23 -08:00
Avi Deitcher
b25b82c106 kernel makefile target to replace tags using update-component-sha.sh 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-03 16:19:34 +02:00
Avi Deitcher
47bd13a5a5 Merge pull request #3999 from deitch/move-kernel-version-to-directory 
move kernel series status into series dir
 2024-03-03 03:43:09 -08:00
Avi Deitcher
3e7df6c869 move kernel series status into series dir 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2024-03-03 12:49:17 +02:00
6066 changed files with 817392 additions and 376224 deletions
Expand all files Collapse all files

77
.github/workflows/ci.yml vendored
View File

@@ -35,14 +35,14 @@ jobs:
runs-on: ${{ matrix.target.runner }}
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v3
- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.19.2
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
@@ -50,9 +50,9 @@ jobs:
GOPATH: ${{runner.workspace}}
- name: golangci-lint CLI
uses: golangci/golangci-lint-action@v3
uses: golangci/golangci-lint-action@v6
with:
version: v1.50.0
version: v1.59.0
working-directory: src/cmd/linuxkit
args: --verbose --timeout=10m
- name: go vet CLI
@@ -79,7 +79,7 @@ jobs:
GOPATH: ${{runner.workspace}}
- name: Upload binary
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: linuxkit-${{matrix.target.suffix}}
path: |
@@ -93,14 +93,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set up binfmt
# Only register arm64 as we are on amd64 already. s390x is not reliable
run: docker run --privileged --rm tonistiigi/binfmt --install arm64
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -112,7 +112,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Cache Packages
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -130,6 +130,23 @@ jobs:
run: |
make OPTIONS="-v --skip-platforms linux/s390x" -C test/pkg build
- name: Check Kernel Dependencies up to date
# checks that any kernel dependencies are up to date.
# if they are, then running `make update-kernel-yamls` will not change anything
run: |
echo "checking git diff before running make update-kernel-yamls"
git diff --exit-code
echo "running make update-kernel-yamls"
make -C kernel update-kernel-yamls
echo "checking git diff again after running make update-kernel-yamls; should be no changes"
git diff --exit-code
- name: Build Kernels
# ensures that the kernel packages are in linuxkit cache when we need them for tests later
# no need for excluding s390x, as each build.yml in the kernel explicitly lists archs
run: |
make OPTIONS="-v" -C kernel build
- name: list cache contents
run: |
linuxkit cache ls
@@ -143,7 +160,7 @@ jobs:
shard: [1/10,2/10,3/10,4/10,5/10,6/10,7/10,8/10,9/10,10/10]
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -153,7 +170,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -167,7 +184,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -179,7 +196,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -198,7 +215,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -208,7 +225,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -222,7 +239,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -234,7 +251,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -254,7 +271,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -264,13 +281,13 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -286,7 +303,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -310,7 +327,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -320,7 +337,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -334,7 +351,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -346,7 +363,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -366,7 +383,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install Pre-Requisites
run: |
@@ -376,7 +393,7 @@ jobs:
- name: Restore RTF From Cache
id: cache-rtf
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: bin
key: rtf-${{hashFiles('Makefile')}}
@@ -390,7 +407,7 @@ jobs:
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
- name: Download linuxkit
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: linuxkit-amd64-linux
path: bin
@@ -402,7 +419,7 @@ jobs:
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}

38
.github/workflows/package_release.yml vendored Normal file
View File

@@ -0,0 +1,38 @@
name: Release Tagged Packages
on:
create:
jobs:
release:
name: Release packages
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/pkg-v')
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v4
- name: Ensure bin/ directory
run: mkdir -p bin
- name: Install linuxkit
run: |
go -C ./src/cmd/linuxkit build -o $(pwd)/bin/linuxkit
sudo mv bin/linuxkit /usr/local/bin/
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Publish Packages as Release
# this should not build anything, as they all should be built already
# however, it can fail if we push the tag before the merge-to-master build is complete, since that may publish
# so *always* wait for any merge-to-master to complete before publishing pkg-v* tags
run: |
RELEASE_TAG=${GITHUB_REF#refs/tags/pkg-}
echo "RELEASE_TAG=${RELEASE_TAG}"
[ -n "${RELEASE_TAG}" ] || { echo "Not a tag"; exit 1; }
make OPTIONS="--skip-platforms linux/s390x" -C pkg push PUSHOPTIONS="--nobuild --release ${RELEASE_TAG}"

19
.github/workflows/publish.yaml vendored
View File

@@ -14,14 +14,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Ensure bin/ directory
run: mkdir -p bin
- name: Download linuxkit
uses: actions/github-script@v3.1.0
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
var artifacts = await github.actions.listWorkflowRunArtifacts({
var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: ${{github.event.workflow_run.id }},
@@ -29,7 +30,7 @@ jobs:
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
return artifact.name == "${{ env.linuxkit_file }}"
})[0];
var download = await github.actions.downloadArtifact({
var download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
@@ -45,7 +46,7 @@ jobs:
sudo ln -s $(pwd)/bin/${{ env.linuxkit_file }} /usr/local/bin/linuxkit
/usr/local/bin/linuxkit version
- name: Restore Package Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.linuxkit/cache/
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
@@ -63,3 +64,11 @@ jobs:
# Skip s390x as emulation is unreliable
run: |
make OPTIONS="--skip-platforms linux/s390x" -C pkg push PUSHOPTIONS="--nobuild"
- name: Publish Kernels
# this should only push changed ones:
# - unchanged: already in the registry
# - changed: already built and cached, so only will push
# No need to skip s390x, since kernel build.yml files all have explicit archs
run: |
make -C kernel push

80
.github/workflows/release.yml vendored
View File

@@ -1,24 +1,23 @@
name: Release a tag
name: Release Tagged Linuxkit
on:
create:
tags:
- v*
jobs:
build:
name: Build all targets
runs-on: macos-latest
build-all:
name: Build all targets expect macOS
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v3
- name: Set up Go 1.122
uses: actions/setup-go@v5
with:
go-version: 1.19.2
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
@@ -27,10 +26,67 @@ jobs:
- name: Build
run: |
make build-all-targets
make build-targets-linux build-targets-windows
env:
GOPATH: ${{runner.workspace}}
- uses: actions/upload-artifact@v4
with:
name: release-targets-except-cgo
path: bin/
# separate macos build because macos needs CGO, and it is very hard to cross-compile that
build-macos:
name: Build macOS target
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
runs-on: macos-latest
steps:
- name: Set up Go 1.122
uses: actions/setup-go@v5
with:
go-version: 1.22.3
id: go
- name: Check out code
uses: actions/checkout@v4
- name: Set path
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
env:
GOPATH: ${{runner.workspace}}
- name: Build
run: |
make build-targets-macos
env:
GOPATH: ${{runner.workspace}}
- uses: actions/upload-artifact@v4
with:
name: release-targets-macos
path: bin/
release-artifacts:
needs: [build-all, build-macos]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: release-targets-except-cgo
path: bintmp/release-targets-except-cgo
- uses: actions/download-artifact@v4
with:
name: release-targets-macos
path: bintmp/release-targets-macos
- name: Combine Artifacts
run: |
mkdir -p bin/
cp bintmp/*/* bin/
- name: Checksum Artifacts
run: |
make checksum-targets
- name: GitHub Release
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
env:
@@ -38,4 +94,4 @@ jobs:
with:
draft: true
files: bin/*
generate_release_notes: true
generate_release_notes: true

21
Makefile
View File

@@ -119,18 +119,27 @@ endif
./scripts/update-component-sha.sh --image $${img}$(image); \
done
.PHONY: build-all-targets
build-all-targets: bin
$(MAKE) GOOS=darwin GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-arm64 local-build
file bin/linuxkit-darwin-arm64
$(MAKE) GOOS=darwin GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-amd64 local-build
file bin/linuxkit-darwin-amd64
.PHONY: build-targets-all build-targets-linux build-targets-windows build-targets-macos checksum-targets
build-targets-all: build-targets-linux build-targets-windows build-targets-macos
build-targets-linux: bin
$(MAKE) GOOS=linux GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-arm64 local-build
file bin/linuxkit-linux-arm64
$(MAKE) GOOS=linux GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-amd64 local-build
file bin/linuxkit-linux-amd64
$(MAKE) GOOS=linux GOARCH=s390x LOCAL_TARGET=$(CURDIR)/bin/linuxkit-linux-s390x local-build
file bin/linuxkit-linux-s390x
build-targets-windows: bin
$(MAKE) GOOS=windows GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-windows-amd64.exe local-build
file bin/linuxkit-windows-amd64.exe
build-targets-macos: bin
$(MAKE) GOOS=darwin GOARCH=arm64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-arm64 local-build
file bin/linuxkit-darwin-arm64
$(MAKE) GOOS=darwin GOARCH=amd64 LOCAL_TARGET=$(CURDIR)/bin/linuxkit-darwin-amd64 local-build
file bin/linuxkit-darwin-amd64
checksum-targets: bin
cd bin && openssl sha256 -r linuxkit-* | tr -d '*' > checksums.txt

6
README.md
View File

@@ -63,8 +63,8 @@ Once you have built the tool, use
```
linuxkit build linuxkit.yml
```
to build the example configuration. You can also specify different output formats, eg `linuxkit build -format raw-bios linuxkit.yml` to
output a raw BIOS bootable disk image, or `linuxkit build -format iso-efi linuxkit.yml` to output an EFI bootable ISO image. See `linuxkit build -help` for more information.
to build the example configuration. You can also specify different output formats, eg `linuxkit build --format raw-bios linuxkit.yml` to
output a raw BIOS bootable disk image, or `linuxkit build --format iso-efi linuxkit.yml` to output an EFI bootable ISO image. See `linuxkit build -help` for more information.
### Booting and Testing
@@ -87,7 +87,7 @@ Currently supported platforms are:
- [OpenStack](docs/platform-openstack.md) `[x86_64]`
- [Scaleway](docs/platform-scaleway.md) `[x86_64]`
- Baremetal:
- [packet.net](docs/platform-packet.md) `[x86_64, arm64]`
- [deploy.equinix.com](docs/platform-equinixmetal.md) `[x86_64, arm64]`
- [Raspberry Pi Model 3b](docs/platform-rpi3.md) `[arm64]`

42
docs/kernels.md
View File

@@ -167,6 +167,14 @@ Throughout this document, the architecture used is the kernel-recognized one, av
on most systems as `uname -m`, e.g. `aarch64` or `x86_64`. You may be familiar with the alpine
or golang one, e.g. `amd64` or `amd64`, which are not used here.
**Note:** After changing _and committing any changes_ to the kernel directory or any
subdirectories, you must update tests, examples and other dependencies. This is done
via:
```bash
make update-kernel-yamls
```
Each series of kernels has a dedicated directory in [../kernel/](../kernel),
e.g. [6.6.x](../kernel/6.6.x) or [5.15.x](../kernel/5.15.x).
Variants, like rt kernels, have their own directory as well, e.g. [5.11.x-rt](../kernel/5.11.x-rt).
@@ -333,7 +341,8 @@ Finally, test that you can build the kernel with that config as `make build-<ver
If you want to add a new kernel version within an existing series, e.g. `5.15.27` already exists
and you want to add (or replace it with) `5.15.148`, apply the following process.
1. Modify the list of kernels inside the `Makefile` to include the new version, and, optionally, remove the old one, or move it to deprecated.
1. Determine the series, i.e. the kernel major.minor version, followed by `x`. E.g. for `5.15.148`, the series is `5.15.x`.
1. Modify the `KERNEL_VERSION` in the `build-args` file in the series directory to the new version. E.g. `5.15.x/build-args`.
1. Create a new `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Run a container based on `linuxkit/kconfig`.
```sh
@@ -344,7 +353,6 @@ docker run --rm -ti -v $(pwd):/src linuxkit/kconfig
1. If the config file has changed, copy it out of the container and check it in, e.g. `cp .config /src/5.15.x/config-x86_64`.
1. Repeat for other architectures.
1. Commit the changed config files.
1. Modify the `KERNEL_VERSION` in the `build-args` file in the series directory to the new version. E.g. `5.15.x/build-args`.
1. Test that you can build the kernel with that config as `make build-<version>`, e.g. `make build-5.15.148`.
## Adding a new kernel series
@@ -360,12 +368,10 @@ KERNEL_VERSION=<version>
KERNEL_SERIES=<series>
BUILD_IMAGE=linuxkit/alpine:<builder>
```
1. Update the list of kernels to build in the `Makefile`
Since the last major series likely is the best basis for the new one, subject to additional modifications, you can use
the previous one as a starting point.
1. Modify the list of kernels inside the `Makefile` to include the new version. You do not need to specify the series anywhere, as the `Makefile` calculates it. E.g. adding `7.0.5` will cause it to calculate the series as `7.0.x` automatically.
1. Make the directory for the new series, e.g. `mkdir 7.0.x`
1. Create a new `linuxkit/kconfig` container image: `make kconfig`. This is not pushed out.
1. Run a container based on `linuxkit/kconfig`.
@@ -608,3 +614,31 @@ Alpine `zfs` utilities are available in `linuxkit/alpine` and the
version of the kernel module should match the version of the
tools. The container where you run the `zfs` tools might also need
`CAP_SYS_MODULE` to be able to load the kernel modules.
## Kernels in examples and tests
All of the linuxkit `.yml` files use the images from `linuxkit/kernel:<tag>`.
When updating the kernel, you run commands to update the tests. The updates to any file that contains
references to `linuxkit/kernel` in this repository work as follows:
- Semver tags are replaced by the most recent kernel version. For example, `linuxkit/kernel:5.10.104` will become `6.6.13` when available, and then `6.6.15`, and then `7.0.1`, etc. The highest semver always is used.
- Semver+hash tags are replaced by the most recent hash and patch version for that series. For example, `linuxkit/kernel:5.10.104-abcdef1234` will become `5.10.104-aaaa54232` (same semver, newer hash), and then `5.10.105-bbbb12345` (newer semver, newer hash), etc. The highest semver+hash always is used.
This is not an inherent characteristic of `linuxkit` tool, which **never** will change your `.yml` files. It is part of
the update process for yml files _in this repository_.
The net of the above is the following rule:
* If you want a reference to a specific kernel series, e.g. a test or example that works only with `5.10.x`, then use a specific hash, e.g. `linuxkit/kernel:5.10.104-abcdef1234`. The hash and patch version will update, but not more. The most common use case for this is kernel version-specific tests.
* If you want a reference to the most recent kernel, whatever version it is, then use a semver tag, e.g. `linuxkit/kernel:6.6.13`. The most common use case for this is examples that work with any kernel version, which is the vast majority of cases.
You can get the current hash by executing the following:
```bash
$ cd kernel
$ make tag-plain-kernel-<version>
# for example:
$ make tag-plain-kernel-6.6.13
linuxkit/kernel:6.6.13-3a8b3faf92390265b1fbee792b9a3fe14d14c26e
```

15
docs/packages.md
View File

@@ -272,6 +272,8 @@ When building packages, the following build-args automatically are set for you:
* `SOURCE` - the source repository of the package
* `REVISION` - the git commit that was used for the build
* `GOPKGVERSION` - the go package version or pseudo-version per https://go.dev/ref/mod#glos-pseudo-version
* `PKG_HASH` - the git tree hash of the package directory, e.g. `45a1ad5919f0b6acf0f0cf730e9434abfae11fe6`; tag part of `linuxkit pkg show-tag`
* `PKG_IMAGE` - the name of the image that is being built, e.g. `linuxkit/init`; image name part of `linuxkit pkg show-tag`. Combine with `PKG_HASH` for the full tag.
Note that the above are set **only** if you do not set them in `build.yaml`. Your settings _always_
override these built-in ones.
@@ -378,3 +380,16 @@ ARG all_proxy
LinuxKit does not judge between lower-cased or upper-cased variants of these options, e.g. `http_proxy` vs `HTTP_PROXY`,
as `docker build` does not either. It just passes them through "as-is".
## Releases
Normally, whenever a package is updated, CI will build and push the package to Docker Hub by calling `linuxkit pkg push`.
This automatically creates a tag based on the git tree hash of the package's directory.
For example, the package in `./pkg/init` is tagged as `linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6`.
In addition, you can release semver tags for packages by adding a tag to the git repository that begins with `pkg-` and is
followed by a valid semver tag. For example, `pkg-v1.0.0`. This will cause CI to build and push the package to Docker Hub
with the tag `v1.0.0`.
Pure semver tags, like `v1.0.0`, are not used for package releases. They are used for the linuxkit project itself and to
publish releases of the `linuxkit` binary.

142
docs/platform-equinixmetal.md Normal file
View File

@@ -0,0 +1,142 @@
# LinuxKit with bare metal on Equinix Metal
[Equinix Metal](http://deploy.equinix.com) is a bare metal hosting provider.
You will need to [create an Equinix Metal account] and a project to
put this new machine into. You will also need to [create an API key]
with appropriate read/write permissions to allow the image to boot.
[create an Equinix Metal account]:https://console.equinix.com/sign-up
[create an API key]:https://deploy.equinix.com/developers/docs/metal/identity-access-management/api-keys/
The `linuxkit run equinixmetal` command can mostly either be configured via
command line options or with environment variables. see `linuxkit run
equinixmetal --help` for the options and environment variables.
By default, `linuxkit run` will provision a new machine and remove it
once you are done. With the `-keep` option the provisioned machine
will not be removed. You can then use the `-device` option with the
device ID on subsequent `linuxkit run` invocations to re-use an
existing machine. These subsequent runs will update the iPXE data so
you can boot alternative kernels on an existing machine.
There is an example YAML file for [x86_64](../examples/equinixmetal.yml) and
an additional YAML for [arm64](../examples/equinixmetal.arm64.yml) servers
which provide both access to the serial console and via ssh and
configures bonding for network devices via metadata (if supported).
For x86_64 builds for Intel servers we strongly recommend adding
`ucode: intel-ucode.cpio` to the kernel section in the YAML. This
updates the Intel CPU microcode to the latest by prepending it to the
generated initrd file. The `ucode` entry is only recommended when
booting on baremetal. It should be omitted (but is harmless) when
building images to boot in VMs.
**Note**: The update of the iPXE configuration sometimes may take some
time and the first boot may fail. Hitting return on the console to
retry the boot typically fixes this.
## Boot
LinuxKit on Equinix Metal boots the `kernel+initrd` output from moby via
[iPXE](https://deploy.equinix.com/developers/docs/metal/operating-systems/custom-ipxe/)
which also requires a iPXE script. iPXE booting requires a HTTP server
on which you can store your images. The `-base-url` option specifies
the URL to a HTTP server from which `<name>-kernel`,
`<name>-initrd.img`, and `<name>-equinixmetal.ipxe` can be downloaded during
boot.
If you have your own HTTP server, you can use `linuxkit push equinixmetal`
to create the files (including the iPXE script) you need to make
available.
If you don't have a public HTTP server at hand, you can use the
`-serve` option. This will create a local HTTP server which can either
be run on another Equinix Metal machine or be made accessible with tools
like [ngrok](https://ngrok.com/).
For example, to boot the [example](../examples/platform-equinixmetal.yml)
with a local HTTP server:
```sh
linuxkit build platform-equinixmetal.yml
# run the web server
# run 'ngrok http 8080' in another window
METAL_AUTH_TOKEN=<API key> METAL_PROJECT_ID=<Project ID> \
linuxkit run equinixmetal -serve :8080 -base-url <ngrok url> equinixmetal
```
To boot a `arm64` image for Type 2a machine (`-machine baremetal_2a`)
you currently need to build using `linuxkit build equinixmetal.yml
equinixmetal.arm64.yml` and then un-compress both the kernel and the initrd
before booting, e.g:
```sh
mv equinixmetal-initrd.img equinixmetal-initrd.img.gz && gzip -d equinixmetal-initrd.img.gz
mv equinixmetal-kernel equinixmetal-kernel.gz && gzip -d equinixmetal-kernel.gz
```
The LinuxKit image can then be booted with:
```sh
METAL_API_TOKEN=<API key> METAL_PROJECT_ID=<Project ID> \
linuxkit run equinixmetal -machine baremetal_2a -serve :8080 -base-url -base-url <ngrok url> equinixmetal
```
Alternatively, `linuxkit push equinixmetal` will uncompress the kernel and
initrd images on arm machines (or explicitly via the `-decompress`
flag. There is also a `linuxkit serve` command which will start a
local HTTP server serving the specified directory.
**Note**: It may take several minutes to deploy a new server. If you
are attached to the console, you should see the BIOS and the boot
messages.
## Console
By default, `linuxkit run equinixmetal ...` will connect to the
Equinix Metal
[SOS ("Serial over SSH") console](https://deploy.equinix.com/developers/docs/metal/resilience-recovery/serial-over-ssh/). This
requires `ssh` access, i.e., you must have uploaded your SSH keys to
Equinix Metal beforehand.
You can exit the console vi `~.` on a new line once you are
disconnected from the serial, e.g. after poweroff.
**Note**: We also require that the Equinix Metal SOS host is in your
`known_hosts` file, otherwise the connection to the console will
fail. There is a Equinix Metal SOS host per zone.
You can disable the serial console access with the `-console=false`
command line option.
## Disks
At this moment the Linuxkit server boots from RAM, with no persistent
storage. We are working on adding persistent storage support on Equinix Metal.
## Networking
On the baremetal type 2a system (arm64 Cavium Thunder X) the network device driver does not get autoloaded by `mdev`. Please add:
```
- name: modprobe
image: linuxkit/modprobe:<hash>
command: ["modprobe", "nicvf"]
```
to your YAML files before any containers requiring the network to be up, e.g., the `dhcpcd` container.
Some Equinix Metal server types have bonded networks; the `metadata` package has support for setting
these up, and also for adding additional IP addresses.
## Integration services and Metadata
Equinix Metal supports [user state](https://deploy.equinix.com/developers/docs/metal/server-metadata/user-data/)
during system bringup, which enables the boot process to be more informative about the
current state of the boot process once the kernel has loaded but before the
system is ready for login.

151
docs/platform-packet.md
View File

@@ -1,151 +0,0 @@
# LinuxKit with bare metal on Packet
[Packet](http://packet.net) is a bare metal hosting provider.
You will need to [create a Packet account] and a project to
put this new machine into. You will also need to [create an API key]
with appropriate read/write permissions to allow the image to boot.
[create a Packet account]:https://app.packet.net/#/registration/
[create an API key]:https://help.packet.net/quick-start/api-integrations
Linuxkit is known to boot on the [Type 0]
and [Type 1] servers at Packet.
Support for other server types, including the [Type 2A] ARM server,
is a work in progress.
[Type 0]:https://www.packet.net/bare-metal/servers/type-0/
[Type 1]:https://www.packet.net/bare-metal/servers/type-1/
[Type 2A]:https://www.packet.net/bare-metal/servers/type-2a/
The `linuxkit run packet` command can mostly either be configured via
command line options or with environment variables. see `linuxkit run
packet --help` for the options and environment variables.
By default, `linuxkit run` will provision a new machine and remove it
once you are done. With the `-keep` option the provisioned machine
will not be removed. You can then use the `-device` option with the
device ID on subsequent `linuxkit run` invocations to re-use an
existing machine. These subsequent runs will update the iPXE data so
you can boot alternative kernels on an existing machine.
There is an example YAML file for [x86_64](../examples/packet.yml) and
an additional YAML for [arm64](../examples/packet.arm64.yml) servers
which provide both access to the serial console and via ssh and
configures bonding for network devices via metadata (if supported).
For x86_64 builds for Intel servers we strongly recommend adding
`ucode: intel-ucode.cpio` to the kernel section in the YAML. This
updates the Intel CPU microcode to the latest by prepending it to the
generated initrd file. The `ucode` entry is only recommended when
booting on baremetal. It should be omitted (but is harmless) when
building images to boot in VMs.
**Note**: The update of the iPXE configuration sometimes may take some
time and the first boot may fail. Hitting return on the console to
retry the boot typically fixes this.
## Boot
LinuxKit on Packet boots the `kernel+initrd` output from moby via
[iPXE](https://help.packet.net/technical/infrastructure/custom-ipxe)
which also requires a iPXE script. iPXE booting requires a HTTP server
on which you can store your images. The `-base-url` option specifies
the URL to a HTTP server from which `<name>-kernel`,
`<name>-initrd.img`, and `<name>-packet.ipxe` can be downloaded during
boot.
If you have your own HTTP server, you can use `linuxkit push packet`
to create the files (including the iPXE script) you need to make
available.
If you don't have a public HTTP server at hand, you can use the
`-serve` option. This will create a local HTTP server which can either
be run on another Packet machine or be made accessible with tools
like [ngrok](https://ngrok.com/).
For example, to boot the [example](../examples/packet.net)
with a local HTTP server:
```sh
linuxkit build packet.yml
# run the web server
# run 'ngrok http 8080' in another window
PACKET_API_KEY=<API key> PACKET_PROJECT_ID=<Project ID> \
linuxkit run packet -serve :8080 -base-url <ngrok url> packet
```
To boot a `arm64` image for Type 2a machine (`-machine baremetal_2a`)
you currently need to build using `linuxkit build packet.yml
packet.arm64.yml` and then un-compress both the kernel and the initrd
before booting, e.g:
```sh
mv packet-initrd.img packet-initrd.img.gz && gzip -d packet-initrd.img.gz
mv packet-kernel packet-kernel.gz && gzip -d packet-kernel.gz
```
The LinuxKit image can then be booted with:
```sh
PACKET_API_KEY=<API key> PACKET_PROJECT_ID=<Project ID> \
linuxkit run packet -machine baremetal_2a -serve :8080 -base-url -base-url <ngrok url> packet
```
Alternatively, `linuxkit push packet` will uncompress the kernel and
initrd images on arm machines (or explicitly via the `-decompress`
flag. There is also a `linuxkit serve` command which will start a
local HTTP server serving the specified directory.
**Note**: It may take several minutes to deploy a new server. If you
are attached to the console, you should see the BIOS and the boot
messages.
## Console
By default, `linuxkit run packet ...` will connect to the
Packet
[SOS ("Serial over SSH") console](https://help.packet.net/technical/networking/sos-rescue-mode). This
requires `ssh` access, i.e., you must have uploaded your SSH keys to
Packet beforehand.
You can exit the console vi `~.` on a new line once you are
disconnected from the serial, e.g. after poweroff.
**Note**: We also require that the Packet SOS host is in your
`known_hosts` file, otherwise the connection to the console will
fail. There is a Packet SOS host per zone.
You can disable the serial console access with the `-console=false`
command line option.
## Disks
At this moment the Linuxkit server boots from RAM, with no persistent
storage. We are working on adding persistent storage support on Packet.
## Networking
On the baremetal type 2a system (arm64 Cavium Thunder X) the network device driver does not get autoloaded by `mdev`. Please add:
```
- name: modprobe
image: linuxkit/modprobe:<hash>
command: ["modprobe", "nicvf"]
```
to your YAML files before any containers requiring the network to be up, e.g., the `dhcpcd` container.
Some Packet server types have bonded networks; the `metadata` package has support for setting
these up, and also for adding additional IP addresses.
## Integration services and Metadata
Packet supports [user state](https://help.packet.net/technical/infrastructure/user-state)
during system bringup, which enables the boot process to be more informative about the
current state of the boot process once the kernel has loaded but before the
system is ready for login.

77
docs/yaml.md
View File

@@ -3,7 +3,7 @@
The `linuxkit build` command assembles a set of containerised components into in image. The simplest
type of image is just a `tar` file of the contents (useful for debugging) but more useful
outputs add a `Dockerfile` to build a container, or build a full disk image that can be
booted as a linuxKit VM. The main use case is to build an assembly that includes
booted as a linuxkit VM. The main use case is to build an assembly that includes
`containerd` to run a set of containers, but the tooling is very generic.
The yaml configuration specifies the components used to build up an image . All components
@@ -16,8 +16,10 @@ The Docker images are optionally verified with Docker Content Trust.
For private registries or private repositories on a registry credentials provided via
`docker login` are re-used.
## Sections
The configuration file is processed in the order `kernel`, `init`, `onboot`, `onshutdown`,
`services`, `files`. Each section adds files to the root file system. Sections may be omitted.
`services`, `files`, `volumes`. Each section adds files to the root file system. Sections may be omitted.
Each container that is specified is allocated a unique `uid` and `gid` that it may use if it
wishes to run as an isolated user (or user namespace). Anywhere you specify a `uid` or `gid`
@@ -40,7 +42,7 @@ files:
mode: "0600"
```
## `kernel`
### `kernel`
The `kernel` section is only required if booting a VM. The files will be put into the `boot/`
directory, where they are used to build bootable images.
@@ -57,7 +59,7 @@ Kernel packages may also contain a cpio archive containing CPU microcode which n
the initrd. To select this option, recommended when booting on bare metal, add `ucode: intel-ucode.cpio`
to the kernel section.
## `init`
### `init`
The `init` section is a list of images that are used for the `init` system and are unpacked directly
into the root filesystem. This should bring up `containerd`, start the system and daemon containers,
@@ -65,14 +67,14 @@ and set up basic filesystem mounts. in the case of a LinuxKit system. For ease o
modification `runc` and `containerd` images, which just contain these programs are added here
rather than bundled into the `init` container.
## `onboot`
### `onboot`
The `onboot` section is a list of images. These images are run before any other
images. They are run sequentially and each must exit before the next one is run.
These images can be used to configure one shot settings. See [Image
specification](#image-specification) for a list of supported fields.
## `onshutdown`
### `onshutdown`
This is a list of images to run on a clean shutdown. Note that you must not rely on these
being run at all, as machines may be be powered off or shut down without having time to run
@@ -81,18 +83,67 @@ run and when they are not. Most systems are likely to be "crash only" and not ha
but you can attempt to deregister cleanly from a network service here, rather than relying
on timeouts, for example.
## `services`
### `services`
The `services` section is a list of images for long running services which are
run with `containerd`. Startup order is undefined, so containers should wait
on any resources, such as networking, that they need. See [Image
specification](#image-specification) for a list of supported fields.
## `files`
### `volumes`
The volumes section is a list of named volumes that can be used by other containers,
including those in `services`, `onboot` and `onshutdown`. The volumes are created in a directory
chosen by linuxkit at build-time. The volumes then can be referenced by other containers and
mounted into them.
Volumes normally are blank directories. If an image is provided, the contents of that image
will be used to populate the volume.
The `volumes` section can declare a volume to be read-write or read-only. If the volume is read-write,
a volume that is mounted into a container can be mounted read-only or read-write. If the volume is read-only,
it can be mounted into a container read-only; attempting to do so read-write will generate a build-time error.
By default, volumes are created read-write, and are mounted read-write.
Volume names **must** be unique, and must contain only lower-case alphanumeric characters, hyphens, and
underscores.
Sample `volumes` section:
```yml
volumes:
- name: vola
image: alpine:latest
readonly: true
- name: volb
image: alpine:latest
readonly: false
- name: volc
readonly: false
```
In the above example:
* `vola` is populated by the contents of `alpine:latest` and is read-only.
* `volb` is populated by the contents of `alpine:latest` and is read-write.
* `volc` is an empty volume and is read-write.
Sample usage of volumes in `services` section:
```yml
services:
- name: myservice
image: alpine:latest
binds:
- volA:/mnt/volA:ro
- volB:/mnt/volB
```
### `files`
The files section can be used to add files inline in the config, or from an external file.
```
```yml
files:
- path: dir
directory: true
@@ -118,7 +169,8 @@ user's home directory.
In addition there is a `metadata` option that will generate the file. Currently the only value
supported here is `"yaml"` which will output the yaml used to generate the image into the specified
file:
```
```yml
- path: etc/linuxkit.yml
metadata: yaml
```
@@ -130,7 +182,7 @@ Because a `tmpfs` is mounted onto `/var`, `/run`, and `/tmp` by default, the `tm
## Image specification
Entries in the `onboot` and `services` sections specify an OCI image and
Entries in the `onboot`, `onshutdown`, `volumes` and `services` sections specify an OCI image and
options. Default values may be specified using the `org.mobyproject.config` image label.
For more details see the [OCI specification](https://github.com/opencontainers/runtime-spec/blob/master/spec.md).
@@ -205,7 +257,8 @@ which specifies some actions to take place when the container is being started.
- `namespace` overrides the LinuxKit default containerd namespace to put the container in; only applicable to services.
An example of using the `runtime` config to configure a network namespace with `wireguard` and then run `nginx` in that namespace is shown below:
```
```yml
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:<hash>

8
examples/addbinds.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.4.30
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -19,7 +19,7 @@ services:
# this will keep all of the existing ones as well
- /var/tmp:/var/tmp
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

8
examples/cadvisor.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -26,7 +26,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: ntpd
image: linuxkit/openntpd:c90c6dd90f5dfb0ca71a73aac2dad69c8d956af3

4
examples/containerd-debug-runtime-config.toml Normal file
View File

@@ -0,0 +1,4 @@
cliopts="--log-level trace"
stderr="/var/log/containerd.err.log"
stdout="/var/log/containerd.out.log"

42
examples/containerd-debug.yml Normal file
View File

@@ -0,0 +1,42 @@
# example with volumes, both blank and populated
kernel:
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
image: busybox:latest
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: nginx
image: nginx:1.19.5-alpine
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
binds:
- /etc/resolv.conf:/etc/resolv.conf
files:
- path: etc/linuxkit-config
metadata: yaml
- path: /etc/containerd/runtime-config.toml
source: "containerd-debug-runtime-config.toml" # must include the file runtime-config.toml in this directory
mode: "0644"

8
examples/dm-crypt-loop.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -38,7 +38,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

8
examples/dm-crypt.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -32,7 +32,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
files:
- path: etc/dm-crypt/key
# the below key is just to keep the example self-contained

8
examples/docker-for-mac.yml
View File

@@ -1,12 +1,12 @@
# This is an example for building the open source components of Docker for Mac
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0 page_poison=1"
init:
- linuxkit/vpnkit-expose-port:77e45e4681c78d59f1d8a48818260948d55f9d05 # install vpnkit-expose-port and vpnkit-iptables-wrapper on host
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
# support metadata for optional config in /run/config
@@ -78,7 +78,7 @@ services:
image: linuxkit/trim-after-delete:6ba98bfb111a808b7a1ca890aca9fc2b3709fca2
# When the host resumes from sleep, force a clock resync
- name: host-timesync-daemon
image: linuxkit/host-timesync-daemon:12d443511194774a9fdaf5457e5f2703fd5e882c
image: linuxkit/host-timesync-daemon:0d351aee24b5cf853927647e4f5e6998014959db
# Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
# Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
# for vpnkit coordination and /run/config/docker for the configuration file.

8
examples/docker.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -22,7 +22,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: ntpd

8
examples/getty.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -19,7 +19,7 @@ services:
#env:
# - INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

8
examples/hostmount-writeable-overlay.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -30,7 +30,7 @@ services:
destination: writeable-host-etc
options: ["rw", "lowerdir=/etc", "upperdir=/run/hostetc/upper", "workdir=/run/hostetc/work"]
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: nginx
image: nginx:1.13.8-alpine
capabilities:

6
examples/influxdb-os.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: dhcpcd

6
examples/logging.yml
View File

@@ -1,11 +1,11 @@
# Simple example of using an external logging service
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/memlogd:cb79fd19e6485cfc61b85c607ca172cd860554c5
onboot:

6
examples/minimal.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee

8
examples/node_exporter.yml
View File

@@ -1,17 +1,17 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: node_exporter

8
examples/openstack.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -17,7 +17,7 @@ onboot:
command: ["/usr/bin/metadata", "openstack"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:

8
examples/platform-aws.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -16,7 +16,7 @@ onboot:
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd2
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf"]

8
examples/platform-azure.yml
View File

@@ -1,17 +1,17 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: sshd

14
examples/platform-equinixmetal.arm64.yml Normal file
View File

@@ -0,0 +1,14 @@
# This YAML snippet is to be used in conjunction with equinixmetal.yml to
# build a arm64 image for Equinix Metal. It adds a modprobe of the NIC
# driver and overrides the kernel section to disable prepending the
# Intel CPU microcode to the initrd. If writing a YAML specifically
# for arm64 then the 'ucode' line in the kernel section can be left
# out.
kernel:
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyAMA0"
ucode: ""
onboot:
- name: modprobe
image: linuxkit/modprobe:ab5ac4d5e7e7a5f2d103764850f7846b69230676
command: ["modprobe", "nicvf"]

38
examples/platform-equinixmetal.yml Normal file
View File

@@ -0,0 +1,38 @@
kernel:
image: linuxkit/kernel:6.6.13
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "equinixmetal"]
services:
- name: rngd
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub
mode: "0600"
optional: true

8
examples/platform-gcp.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -20,7 +20,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:

10
examples/platform-hetzner.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
@@ -22,7 +22,7 @@ onboot:
command: ["/usr/bin/metadata", "hetzner"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:

14
examples/platform-packet.arm64.yml
View File

@@ -1,14 +0,0 @@
# This YAML snippet is to be used in conjunction with packet.yml to
# build a arm64 image for packet.net. It adds a modprobe of the NIC
# driver and overrides the kernel section to disable prepending the
# Intel CPU microcode to the initrd. If writing a YAML specifically
# for arm64 then the 'ucode' line in the kernel section can be left
# out.
kernel:
image: linuxkit/kernel:5.10.104
cmdline: "console=ttyAMA0"
ucode: ""
onboot:
- name: modprobe
image: linuxkit/modprobe:ab5ac4d5e7e7a5f2d103764850f7846b69230676
command: ["modprobe", "nicvf"]

38
examples/platform-packet.yml
View File

@@ -1,38 +0,0 @@
kernel:
image: linuxkit/kernel:5.10.104
cmdline: console=ttyS1
ucode: intel-ucode.cpio
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
- linuxkit/firmware:8def159583422181ddee3704f7024ecb9c02d348
onboot:
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
command: ["/sbin/rngd", "-1"]
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
- name: metadata
image: linuxkit/metadata:b082f1bf97a9034d1e4c0e36a5d2923f4e58f540
command: ["/usr/bin/metadata", "packet"]
services:
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:
- /root/.ssh:/root/.ssh
files:
- path: root/.ssh/authorized_keys
source: ~/.ssh/id_rsa.pub
mode: "0600"
optional: true

8
examples/platform-rt-for-vmware.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.11.4-rt
image: linuxkit/kernel:6.6.13-rt
cmdline: "console=tty0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -15,7 +15,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: open-vm-tools

10
examples/platform-scaleway.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0 root=/dev/vda"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
command: ["/sbin/rngd", "-1"]
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
@@ -23,4 +23,4 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd

8
examples/platform-vmware.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -15,7 +15,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: nginx

8
examples/platform-vultr.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -21,7 +21,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: sshd
image: linuxkit/sshd:75f399fbfb6455dfccd4cb30543d0b4b494d28c8
binds.add:

6
examples/redis-os.yml
View File

@@ -1,12 +1,12 @@
# Minimal YAML to run a redis server (used at DockerCon'17)
# connect: nc localhost 6379
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee

10
examples/sshd.yml
View File

@@ -1,16 +1,16 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: rngd1
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
command: ["/sbin/rngd", "-1"]
services:
- name: getty
@@ -18,7 +18,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
- name: sshd

6
examples/static-ip.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
onboot:
- name: ip
image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252

8
examples/swap.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -28,4 +28,4 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd

8
examples/tpm.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -20,7 +20,7 @@ services:
- name: tss
image: linuxkit/tss:856286012a613598d6ef6869b196f9a72245b7d2
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
files:
- path: etc/getty.shadow
# sample sets password for root to "abcdefgh" (without quotes)

45
examples/volumes.yml Normal file
View File

@@ -0,0 +1,45 @@
# example with volumes, both blank and populated
kernel:
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
image: linuxkit/sysctl:5a374e4bf3e5a7deeacff6571d0f30f7ea8f56db
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
onshutdown:
- name: shutdown
image: busybox:latest
command: ["/bin/echo", "so long and thanks for all the fish"]
services:
- name: getty
image: linuxkit/getty:5d86a2ce2d890c14ab66b13638dcadf74f29218b
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
- name: nginx
image: nginx:1.19.5-alpine
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
binds:
- /etc/resolv.conf:/etc/resolv.conf
- blank:/blank
- alpine:/alpine
volumes:
- name: blank # blank volume
- name: alpine # populated volume
image: alpine:3.19
files:
- path: etc/linuxkit-config
metadata: yaml

6
examples/vpnkit-forwarder.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee

6
examples/vsudd-containerd.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=ttyS0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
onboot:
- name: dhcpcd
image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee

8
examples/wireguard.yml
View File

@@ -1,10 +1,10 @@
kernel:
image: linuxkit/kernel:5.10.104
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -45,7 +45,7 @@ services:
- INSECURE=true
net: /run/netns/wg1
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: nginx
image: nginx:1.13.8-alpine
net: /run/netns/wg0

0
pkg/init/vendor/github.com/vishvananda/netns/go.sum → kernel/5.10.x/deprecated
View File

0
pkg/init/vendor/github.com/willf/bitset/go.sum → kernel/5.11.x-rt/deprecated
View File

0
pkg/metadata/vendor/github.com/pierrec/lz4/v4/go.sum → kernel/5.11.x/deprecated
View File

3
kernel/5.15.x/build-args Normal file
View File

@@ -0,0 +1,3 @@
KERNEL_VERSION=5.15.27
KERNEL_SERIES=5.15.x
BUILD_IMAGE=linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e

0
kernel/5.15.x/deprecated Normal file
View File

0
kernel/5.4.x/deprecated Normal file
View File

4
kernel/Dockerfile.bcc
View File

@@ -1,6 +1,8 @@
ARG BUILD_IMAGE
ARG KERNEL_VERSION
ARG PKG_HASH
FROM ${KERNEL_VERSION}-${HASH} as ksrc
FROM linuxkit/kernel:${KERNEL_VERSION}-${PKG_HASH} as ksrc
FROM ${BUILD_IMAGE} AS build
RUN apk update && apk upgrade -a && \

4
kernel/Dockerfile.perf
View File

@@ -1,8 +1,10 @@
# This Dockerfile extracts the source code and headers from a kernel package,
# builds the perf utility, and places it into a scratch image
ARG BUILD_IMAGE
ARG KERNEL_VERSION
ARG PKG_HASH
FROM ${KERNEL_VERSION}-${HASH} AS ksrc
FROM linuxkit/kernel:${KERNEL_VERSION}-${PKG_HASH} as ksrc
FROM ${BUILD_IMAGE} AS build
RUN apk add \

73
kernel/Makefile
View File

@@ -34,19 +34,16 @@ DIRTY:=$(shell git update-index -q --refresh && git diff-index --quiet HEAD -- $
endif
endif
# Path to push-manifest.sh
PUSH_MANIFEST:=$(shell git rev-parse --show-toplevel)/scripts/push-manifest.sh
REPO_ROOT:=$(shell git rev-parse --show-toplevel)
# determine our architecture
BUILDERARCH=
ifneq ($(ARCH),)
ifeq ($(ARCH),$(filter $(ARCH),x86_64 amd64))
SUFFIX=-amd64
override ARCH=x86_64
BUILDERARCH=amd64
endif
ifeq ($(ARCH),$(filter $(ARCH),aarch64 arm64))
SUFFIX=-arm64
override ARCH=aarch64
BUILDERARCH=arm64
endif
@@ -65,7 +62,10 @@ notdirty:
# utility function
SPACE := $(eval) $(eval)
PERIOD := .
# series - convert a version to a series, e.g. 6.6.13 -> 6.6.x
series = $(word 1,$(subst ., ,$(1))).$(word 2,$(subst ., ,$(1))).x
# serieswithhash - convert a version with or without a hash to a series with a hash, e.g. 6.6.13-anbcd -> 6.6.x-[0-9a-f]+
serieswithhash = $(word 1,$(subst ., ,$(1))).$(word 2,$(subst ., ,$(1))).[0-9]+-[0-9a-f]+
# word 1 is the release, word 2 is the tool
RELEASESEP := PART
@@ -76,21 +76,25 @@ baseimage = $(ORG)/$(IMAGE)$(call baseimageextension,$(1))
uniq = $(if $1,$(firstword $1) $(call uniq,$(filter-out $(firstword $1),$1)))
# DEPRECATED : all kernel versions (actually series) marked as deprecated
# You might still be able to build them, but they are not built by default or supported
DEPRECATED_list=$(wildcard */deprecated)
DEPRECATED := $(patsubst %/deprecated,%,$(DEPRECATED_list))
#
# Kernel versions to build.
# Use all for kernels to be built on all platforms; use KERNELS_x86_64 or KERNELS_aarch64 for platform-specific kernels
KERNELS_all=6.6.13 5.15.27
KERNELS_x86_64=
KERNELS_aarch64=
# KERNELS : all potential kernel versions, based on the build-args files
# deprecated versions. You might still be able to build them, but they are not built by default or supported
# Use all for kernels to be built on all platforms; use DEPRECATED_x86_64 or DEPRECATED_aarch64 for platform-specific kernels
DEPRECATED_all=5.10.104 5.11.4-rt
DEPRECATED_x86_64=5.4.172
DEPRECATED_aarch64=
# first find all known build-args files
KERNELS_buildargfiles=$(wildcard */build-args)
# get their directories
KERNELS_alldirs=$(patsubst %/build-args,%,$(KERNELS_buildargfiles))
# remove any directories that are marked as deprecated; what is left is valid dirs
KERNELS_validdirs=$(filter-out $(DEPRECATED),$(KERNELS_alldirs))
# get the values from the valid dirs
KERNELS=$(shell awk -F= '/^KERNEL_VERSION=/ {print $$2}' $(addsuffix /build-args,$(KERNELS_validdirs)))
# get the highest supported one
KERNEL_HIGHEST=$(shell echo $(KERNELS) | tr ' ' '\n' | sort -V | tail -n 1)
KERNELS?=$(KERNELS_all) $(KERNELS_$(ARCH))
DEPRECATED?=$(DEPRECATED_all) $(DEPRECATED_$(ARCH))
# we build all tools across all platforms and kernels that we build
TOOLS=bcc perf
@@ -128,11 +132,13 @@ builddebugkernel-%: buildkerneldeps-%
push-%: notdirty build-% pushkernel-% tagbuilder-% pushtools-%;
# tagbuilder-% tags the builder image with the kernel version and `-builder` and pushes it
# checks if it already matches on the registry before pushing
# because the build may have been on a remote builder, or we may not have had to do a local build,
# we cannot assume that IMAGE_BUILDER is available locally, whether in docker image cache or limuxkit cache
tagbuilder-%: notdirty
$(eval BUILDER_IMAGE=$(call baseimage,$*)-builder)
docker tag $(IMAGE_BUILDER) $(BUILDER_IMAGE)$(SUFFIX) && \
docker push $(BUILDER_IMAGE)$(SUFFIX) && \
$(PUSH_MANIFEST) $(BUILDER_IMAGE)
linuxkit pkg remote-tag $(IMAGE_BUILDER) $(BUILDER_IMAGE)
pushkernel-%: pushplainkernel-% pushdebugkernel-%;
@@ -170,6 +176,35 @@ pushtool-%: buildtool-%
linuxkit cache push $(HASHED_IMAGE)
linuxkit cache push $(HASHED_IMAGE) --remote-name $(PLAIN_IMAGE)
#
# targets for getting names of particular tags and replacing them, like what scripts/update-component-sha.sh does
#
# get the tag for the normal kernel for a particular version. Accepts version or series
tag-plainkernel-%:
@linuxkit pkg show-tag . --build-yml ./build-kernel.yml --tag "$*-{{.Hash}}"
# get the tag for the debug kernel for a particular version. Accepts version or series
tag-debugkernel-%:
@linuxkit pkg show-tag . --build-yml ./build-kernel.yml --tag "$*-dbg-{{.Hash}}"
# find and replace any usage of the normal kernel with hash for a particular series
# will update hash for same semver and/or patch version
update-kernel-hash-yaml-%:
$(eval NEWTAG=$(shell $(MAKE) tag-plainkernel-$*))
$(eval OLDTAG=$(call serieswithhash,$(NEWTAG)))
@cd $(REPO_ROOT) && ./scripts/update-component-sha.sh --hash "$(OLDTAG)" "$(NEWTAG)"
# find and replace any usage of the normal kernel with semver for most recent series
update-kernel-semver-yaml-%:
$(eval NEWTAG=linuxkit/kernel:$*)
$(eval OLDTAG=linuxkit/kernel:[0-9]+.[0-9]+.[0-9]+)
@cd $(REPO_ROOT) && ./scripts/update-component-sha.sh --hash "$(OLDTAG)" "$(NEWTAG)"
# update-kernel-yamls updates the latest hash for each supported series,
# as well as the most recent supported semver
update-kernel-yamls: $(addprefix update-kernel-hash-yaml-,$(KERNELS)) update-kernel-semver-yaml-$(KERNEL_HIGHEST);
# Target for kernel config
kconfig:
ifeq (${KCONFIG_TAG},)

1
kernel/build-bcc.yml
View File

@@ -1,2 +1,3 @@
image: kernel-bcc
network: true
dockerfile: Dockerfile.bcc

1
kernel/build-perf.yml
View File

@@ -1,2 +1,3 @@
image: kernel-perf
network: true
dockerfile: Dockerfile.perf

6
linuxkit.yml
View File

@@ -2,9 +2,9 @@ kernel:
image: linuxkit/kernel:6.6.13
cmdline: "console=tty0 console=ttyS0 console=ttyAMA0"
init:
- linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
- linuxkit/init:872d2e1be745f1acb948762562cf31c367303a3b
- linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
- linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
- linuxkit/containerd:39301e7312f13eedf19bd5d5551af7b37001d435
- linuxkit/ca-certificates:5aaa343474e5ac3ac01f8b917e82efb1063d80ff
onboot:
- name: sysctl
@@ -22,7 +22,7 @@ services:
env:
- INSECURE=true
- name: rngd
image: linuxkit/rngd:cdb919e4aee49fed0bf6075f0a104037cba83c39
image: linuxkit/rngd:83a6481f04da73e710c1d416355920b8ff4dc1dd
- name: nginx
image: nginx:1.19.5-alpine
capabilities:

2
pkg/containerd/Dockerfile
View File

@@ -4,7 +4,7 @@ FROM linuxkit/alpine:146f540f25cd92ec8ff0c5b0c98342a9a95e479e as alpine
RUN apk add tzdata binutils
RUN mkdir -p /etc/init.d && ln -s /usr/bin/service /etc/init.d/020-containerd
FROM linuxkit/containerd-dev:25522a7fcffd14465d807fadc3d3e4f6da7b10ec as containerd-dev
FROM linuxkit/containerd-dev:af26a5c09a71b919ee8113501d783a5bf299482d as containerd-dev
FROM scratch
ENTRYPOINT []

6
pkg/containerd/etc/containerd/config.toml
View File

@@ -1,6 +1,10 @@
version = 2
state = "/run/containerd"
root = "/var/lib/containerd"
disabled_plugins = ["cri"]
[plugins."io.containerd.grpc.v1.cri"]
disabled = true
[grpc]
address = "/run/containerd/containerd.sock"

4
pkg/extend/go.mod
View File

@@ -1,5 +1,5 @@
module github.com/linuxkit/linuxkit/pkg/extend
go 1.15
go 1.21
require golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2
require golang.org/x/sys v0.22.0

4
pkg/extend/go.sum
View File

@@ -1,2 +1,2 @@
golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2 h1:rn9VfHLpovNshEHhLAFADpPdWI+EUYgtyaUcQysy5P8=
golang.org/x/sys v0.0.0-20170802141912-e312636bdaa2/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=

3
pkg/extend/vendor/golang.org/x/sys/AUTHORS generated vendored
View File

@@ -1,3 +0,0 @@
# This source code refers to The Go Authors for copyright purposes.
# The master list of authors is in the main Go distribution,
# visible at http://tip.golang.org/AUTHORS.

3
pkg/extend/vendor/golang.org/x/sys/CONTRIBUTORS generated vendored
View File

@@ -1,3 +0,0 @@
# This source code was written by the Go contributors.
# The master list of contributors is in the main Go distribution,
# visible at http://tip.golang.org/CONTRIBUTORS.

1
pkg/extend/vendor/golang.org/x/sys/unix/.gitignore generated vendored
View File

@@ -1 +1,2 @@
_obj/
unix.test

41
pkg/extend/vendor/golang.org/x/sys/unix/README.md generated vendored
View File

@@ -14,7 +14,7 @@ migrating the build system to use containers so the builds are reproducible.
This is being done on an OS-by-OS basis. Please update this documentation as
components of the build system change.
### Old Build System (currently for `GOOS != "Linux" || GOARCH == "sparc64"`)
### Old Build System (currently for `GOOS != "linux"`)
The old build system generates the Go files based on the C header files
present on your system. This means that files
@@ -32,9 +32,9 @@ To build the files for your current OS and architecture, make sure GOOS and
GOARCH are set correctly and run `mkall.sh`. This will generate the files for
your specific system. Running `mkall.sh -n` shows the commands that will be run.
Requirements: bash, perl, go
Requirements: bash, go
### New Build System (currently for `GOOS == "Linux" && GOARCH != "sparc64"`)
### New Build System (currently for `GOOS == "linux"`)
The new build system uses a Docker container to generate the go files directly
from source checkouts of the kernel and various system libraries. This means
@@ -52,14 +52,14 @@ system and have your GOOS and GOARCH set accordingly. Running `mkall.sh` will
then generate all of the files for all of the GOOS/GOARCH pairs in the new build
system. Running `mkall.sh -n` shows the commands that will be run.
Requirements: bash, perl, go, docker
Requirements: bash, go, docker
## Component files
This section describes the various files used in the code generation process.
It also contains instructions on how to modify these files to add a new
architecture/OS or to add additional syscalls, types, or constants. Note that
if you are using the new build system, the scripts cannot be called normally.
if you are using the new build system, the scripts/programs cannot be called normally.
They must be called from within the docker container.
### asm files
@@ -76,30 +76,30 @@ arguments can be passed to the kernel. The third is for low-level use by the
ForkExec wrapper. Unlike the first two, it does not call into the scheduler to
let it know that a system call is running.
When porting Go to an new architecture/OS, this file must be implemented for
When porting Go to a new architecture/OS, this file must be implemented for
each GOOS/GOARCH pair.
### mksysnum
Mksysnum is a script located at `${GOOS}/mksysnum.pl` (or `mksysnum_${GOOS}.pl`
for the old system). This script takes in a list of header files containing the
Mksysnum is a Go program located at `${GOOS}/mksysnum.go` (or `mksysnum_${GOOS}.go`
for the old system). This program takes in a list of header files containing the
syscall number declarations and parses them to produce the corresponding list of
Go numeric constants. See `zsysnum_${GOOS}_${GOARCH}.go` for the generated
constants.
Adding new syscall numbers is mostly done by running the build on a sufficiently
new installation of the target OS (or updating the source checkouts for the
new build system). However, depending on the OS, you make need to update the
new build system). However, depending on the OS, you may need to update the
parsing in mksysnum.
### mksyscall.pl
### mksyscall.go
The `syscall.go`, `syscall_${GOOS}.go`, `syscall_${GOOS}_${GOARCH}.go` are
hand-written Go files which implement system calls (for unix, the specific OS,
or the specific OS/Architecture pair respectively) that need special handling
and list `//sys` comments giving prototypes for ones that can be generated.
The mksyscall.pl script takes the `//sys` and `//sysnb` comments and converts
The mksyscall.go program takes the `//sys` and `//sysnb` comments and converts
them into syscalls. This requires the name of the prototype in the comment to
match a syscall number in the `zsysnum_${GOOS}_${GOARCH}.go` file. The function
prototype can be exported (capitalized) or not.
@@ -107,7 +107,7 @@ prototype can be exported (capitalized) or not.
Adding a new syscall often just requires adding a new `//sys` function prototype
with the desired arguments and a capitalized name so it is exported. However, if
you want the interface to the syscall to be different, often one will make an
unexported `//sys` prototype, an then write a custom wrapper in
unexported `//sys` prototype, and then write a custom wrapper in
`syscall_${GOOS}.go`.
### types files
@@ -137,7 +137,7 @@ some `#if/#elif` macros in your include statements.
This script is used to generate the system's various constants. This doesn't
just include the error numbers and error strings, but also the signal numbers
an a wide variety of miscellaneous constants. The constants come from the list
and a wide variety of miscellaneous constants. The constants come from the list
of include files in the `includes_${uname}` variable. A regex then picks out
the desired `#define` statements, and generates the corresponding Go constants.
The error numbers and strings are generated from `#include <errno.h>`, and the
@@ -149,10 +149,21 @@ To add a constant, add the header that includes it to the appropriate variable.
Then, edit the regex (if necessary) to match the desired constant. Avoid making
the regex too broad to avoid matching unintended constants.
### internal/mkmerge
This program is used to extract duplicate const, func, and type declarations
from the generated architecture-specific files listed below, and merge these
into a common file for each OS.
The merge is performed in the following steps:
1. Construct the set of common code that is idential in all architecture-specific files.
2. Write this common code to the merged file.
3. Remove the common code from all architecture-specific files.
## Generated files
### `zerror_${GOOS}_${GOARCH}.go`
### `zerrors_${GOOS}_${GOARCH}.go`
A file containing all of the system's generated error numbers, error strings,
signal numbers, and constants. Generated by `mkerrors.sh` (see above).
@@ -160,7 +171,7 @@ signal numbers, and constants. Generated by `mkerrors.sh` (see above).
### `zsyscall_${GOOS}_${GOARCH}.go`
A file containing all the generated syscalls for a specific GOOS and GOARCH.
Generated by `mksyscall.pl` (see above).
Generated by `mksyscall.go` (see above).
### `zsysnum_${GOOS}_${GOARCH}.go`

86
pkg/extend/vendor/golang.org/x/sys/unix/affinity_linux.go generated vendored Normal file
View File

@@ -0,0 +1,86 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// CPU affinity functions
package unix
import (
"math/bits"
"unsafe"
)
const cpuSetSize = _CPU_SETSIZE / _NCPUBITS
// CPUSet represents a CPU affinity mask.
type CPUSet [cpuSetSize]cpuMask
func schedAffinity(trap uintptr, pid int, set *CPUSet) error {
_, _, e := RawSyscall(trap, uintptr(pid), uintptr(unsafe.Sizeof(*set)), uintptr(unsafe.Pointer(set)))
if e != 0 {
return errnoErr(e)
}
return nil
}
// SchedGetaffinity gets the CPU affinity mask of the thread specified by pid.
// If pid is 0 the calling thread is used.
func SchedGetaffinity(pid int, set *CPUSet) error {
return schedAffinity(SYS_SCHED_GETAFFINITY, pid, set)
}
// SchedSetaffinity sets the CPU affinity mask of the thread specified by pid.
// If pid is 0 the calling thread is used.
func SchedSetaffinity(pid int, set *CPUSet) error {
return schedAffinity(SYS_SCHED_SETAFFINITY, pid, set)
}
// Zero clears the set s, so that it contains no CPUs.
func (s *CPUSet) Zero() {
for i := range s {
s[i] = 0
}
}
func cpuBitsIndex(cpu int) int {
return cpu / _NCPUBITS
}
func cpuBitsMask(cpu int) cpuMask {
return cpuMask(1 << (uint(cpu) % _NCPUBITS))
}
// Set adds cpu to the set s.
func (s *CPUSet) Set(cpu int) {
i := cpuBitsIndex(cpu)
if i < len(s) {
s[i] |= cpuBitsMask(cpu)
}
}
// Clear removes cpu from the set s.
func (s *CPUSet) Clear(cpu int) {
i := cpuBitsIndex(cpu)
if i < len(s) {
s[i] &^= cpuBitsMask(cpu)
}
}
// IsSet reports whether cpu is in the set s.
func (s *CPUSet) IsSet(cpu int) bool {
i := cpuBitsIndex(cpu)
if i < len(s) {
return s[i]&cpuBitsMask(cpu) != 0
}
return false
}
// Count returns the number of CPUs in the set s.
func (s *CPUSet) Count() int {
c := 0
for _, b := range s {
c += bits.OnesCount64(uint64(b))
}
return c
}

13
pkg/extend/vendor/golang.org/x/sys/unix/aliases.go generated vendored Normal file
View File

@@ -0,0 +1,13 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
package unix
import "syscall"
type Signal = syscall.Signal
type Errno = syscall.Errno
type SysProcAttr = syscall.SysProcAttr

17
pkg/extend/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s generated vendored Normal file
View File

@@ -0,0 +1,17 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build gc
#include "textflag.h"
//
// System calls for ppc64, AIX are implemented in runtime/syscall_aix.go
//
TEXT ·syscall6(SB),NOSPLIT,$0-88
JMP syscall·syscall6(SB)
TEXT ·rawSyscall6(SB),NOSPLIT,$0-88
JMP syscall·rawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_386.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for 386 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || dragonfly || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for AMD64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_arm.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for ARM BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for ARM64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s generated vendored Normal file
View File

@@ -0,0 +1,29 @@
// Copyright 2022 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
//
// System call support for ppc64, BSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

27
pkg/extend/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s generated vendored Normal file
View File

@@ -0,0 +1,27 @@
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build (darwin || freebsd || netbsd || openbsd) && gc
#include "textflag.h"
// System call support for RISCV64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

30
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_arm.s generated vendored
View File

@@ -1,30 +0,0 @@
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
// +build arm,darwin
#include "textflag.h"
//
// System call support for ARM, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

30
pkg/extend/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s generated vendored
View File

@@ -1,30 +0,0 @@
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
// +build arm64,darwin
#include "textflag.h"
//
// System call support for AMD64, Darwin
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
B syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, DragonFly
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-64
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-88
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-112
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-64
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-88
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_freebsd_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, FreeBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, FreeBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2012 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for ARM, FreeBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

38
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_386.s generated vendored
View File

@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
//go:build gc
#include "textflag.h"
@@ -10,21 +10,51 @@
// System calls for 386, Linux
//
// See ../runtime/sys_linux_386.s for the reason why we always use int 0x80
// instead of the glibc-specific "CALL 0x10(GS)".
#define INVOKE_SYSCALL INT $0x80
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-24
CALL runtime·entersyscall(SB)
MOVL trap+0(FP), AX // syscall entry
MOVL a1+4(FP), BX
MOVL a2+8(FP), CX
MOVL a3+12(FP), DX
MOVL $0, SI
MOVL $0, DI
INVOKE_SYSCALL
MOVL AX, r1+16(FP)
MOVL DX, r2+20(FP)
CALL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-24
MOVL trap+0(FP), AX // syscall entry
MOVL a1+4(FP), BX
MOVL a2+8(FP), CX
MOVL a3+12(FP), DX
MOVL $0, SI
MOVL $0, DI
INVOKE_SYSCALL
MOVL AX, r1+16(FP)
MOVL DX, r2+20(FP)
RET
TEXT ·socketcall(SB),NOSPLIT,$0-36
JMP syscall·socketcall(SB)

32
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_amd64.s generated vendored
View File

@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
//go:build gc
#include "textflag.h"
@@ -13,17 +13,45 @@
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
CALL runtime·entersyscall(SB)
MOVQ a1+8(FP), DI
MOVQ a2+16(FP), SI
MOVQ a3+24(FP), DX
MOVQ $0, R10
MOVQ $0, R8
MOVQ $0, R9
MOVQ trap+0(FP), AX // syscall entry
SYSCALL
MOVQ AX, r1+32(FP)
MOVQ DX, r2+40(FP)
CALL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVQ a1+8(FP), DI
MOVQ a2+16(FP), SI
MOVQ a3+24(FP), DX
MOVQ $0, R10
MOVQ $0, R8
MOVQ $0, R9
MOVQ trap+0(FP), AX // syscall entry
SYSCALL
MOVQ AX, r1+32(FP)
MOVQ DX, r2+40(FP)
RET
TEXT ·gettimeofday(SB),NOSPLIT,$0-16
JMP syscall·gettimeofday(SB)

37
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_arm.s generated vendored
View File

@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
//go:build gc
#include "textflag.h"
@@ -13,17 +13,44 @@
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-24
BL runtime·entersyscall(SB)
MOVW trap+0(FP), R7
MOVW a1+4(FP), R0
MOVW a2+8(FP), R1
MOVW a3+12(FP), R2
MOVW $0, R3
MOVW $0, R4
MOVW $0, R5
SWI $0
MOVW R0, r1+16(FP)
MOVW $0, R0
MOVW R0, r2+20(FP)
BL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)
TEXT ·seek(SB),NOSPLIT,$0-32
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-24
MOVW trap+0(FP), R7 // syscall entry
MOVW a1+4(FP), R0
MOVW a2+8(FP), R1
MOVW a3+12(FP), R2
SWI $0
MOVW R0, r1+16(FP)
MOVW $0, R0
MOVW R0, r2+20(FP)
RET
TEXT ·seek(SB),NOSPLIT,$0-28
B syscall·seek(SB)

34
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_arm64.s generated vendored
View File

@@ -2,23 +2,49 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build linux
// +build arm64
// +build !gccgo
//go:build linux && arm64 && gc
#include "textflag.h"
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
TEXT ·Syscall(SB),NOSPLIT,$0-56
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
B syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
BL runtime·entersyscall(SB)
MOVD a1+8(FP), R0
MOVD a2+16(FP), R1
MOVD a3+24(FP), R2
MOVD $0, R3
MOVD $0, R4
MOVD $0, R5
MOVD trap+0(FP), R8 // syscall entry
SVC
MOVD R0, r1+32(FP) // r1
MOVD R1, r2+40(FP) // r2
BL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
B syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVD a1+8(FP), R0
MOVD a2+16(FP), R1
MOVD a3+24(FP), R2
MOVD $0, R3
MOVD $0, R4
MOVD $0, R5
MOVD trap+0(FP), R8 // syscall entry
SVC
MOVD R0, r1+32(FP)
MOVD R1, r2+40(FP)
RET

51
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_loong64.s generated vendored Normal file
View File

@@ -0,0 +1,51 @@
// Copyright 2022 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build linux && loong64 && gc
#include "textflag.h"
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
JAL runtime·entersyscall(SB)
MOVV a1+8(FP), R4
MOVV a2+16(FP), R5
MOVV a3+24(FP), R6
MOVV R0, R7
MOVV R0, R8
MOVV R0, R9
MOVV trap+0(FP), R11 // syscall entry
SYSCALL
MOVV R4, r1+32(FP)
MOVV R0, r2+40(FP) // r2 is not used. Always set to 0
JAL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVV a1+8(FP), R4
MOVV a2+16(FP), R5
MOVV a3+24(FP), R6
MOVV R0, R7
MOVV R0, R8
MOVV R0, R9
MOVV trap+0(FP), R11 // syscall entry
SYSCALL
MOVV R4, r1+32(FP)
MOVV R0, r2+40(FP) // r2 is not used. Always set to 0
RET

40
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s generated vendored
View File

@@ -2,9 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build linux
// +build mips64 mips64le
// +build !gccgo
//go:build linux && (mips64 || mips64le) && gc
#include "textflag.h"
@@ -15,14 +13,42 @@
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
JAL runtime·entersyscall(SB)
MOVV a1+8(FP), R4
MOVV a2+16(FP), R5
MOVV a3+24(FP), R6
MOVV R0, R7
MOVV R0, R8
MOVV R0, R9
MOVV trap+0(FP), R2 // syscall entry
SYSCALL
MOVV R2, r1+32(FP)
MOVV R3, r2+40(FP)
JAL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVV a1+8(FP), R4
MOVV a2+16(FP), R5
MOVV a3+24(FP), R6
MOVV R0, R7
MOVV R0, R8
MOVV R0, R9
MOVV trap+0(FP), R2 // syscall entry
SYSCALL
MOVV R2, r1+32(FP)
MOVV R3, r2+40(FP)
RET

37
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s generated vendored
View File

@@ -2,9 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build linux
// +build mips mipsle
// +build !gccgo
//go:build linux && (mips || mipsle) && gc
#include "textflag.h"
@@ -15,17 +13,40 @@
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
TEXT ·SyscallNoError(SB),NOSPLIT,$0-24
JAL runtime·entersyscall(SB)
MOVW a1+4(FP), R4
MOVW a2+8(FP), R5
MOVW a3+12(FP), R6
MOVW R0, R7
MOVW trap+0(FP), R2 // syscall entry
SYSCALL
MOVW R2, r1+16(FP) // r1
MOVW R3, r2+20(FP) // r2
JAL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-24
MOVW a1+4(FP), R4
MOVW a2+8(FP), R5
MOVW a3+12(FP), R6
MOVW trap+0(FP), R2 // syscall entry
SYSCALL
MOVW R2, r1+16(FP)
MOVW R3, r2+20(FP)
RET

40
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s generated vendored
View File

@@ -2,9 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build linux
// +build ppc64 ppc64le
// +build !gccgo
//go:build linux && (ppc64 || ppc64le) && gc
#include "textflag.h"
@@ -15,14 +13,30 @@
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
BR syscall·Syscall(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
BL runtime·entersyscall(SB)
MOVD a1+8(FP), R3
MOVD a2+16(FP), R4
MOVD a3+24(FP), R5
MOVD R0, R6
MOVD R0, R7
MOVD R0, R8
MOVD trap+0(FP), R9 // syscall entry
SYSCALL R9
MOVD R3, r1+32(FP)
MOVD R4, r2+40(FP)
BL runtime·exitsyscall(SB)
RET
TEXT ·Syscall6(SB),NOSPLIT,$0-80
BR syscall·Syscall6(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
BR syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
BR syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVD a1+8(FP), R3
MOVD a2+16(FP), R4
MOVD a3+24(FP), R5
MOVD R0, R6
MOVD R0, R7
MOVD R0, R8
MOVD trap+0(FP), R9 // syscall entry
SYSCALL R9
MOVD R3, r1+32(FP)
MOVD R4, r2+40(FP)
RET

47
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s generated vendored Normal file
View File

@@ -0,0 +1,47 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build riscv64 && gc
#include "textflag.h"
//
// System calls for linux/riscv64.
//
// Where available, just jump to package syscall's implementation of
// these functions.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
CALL runtime·entersyscall(SB)
MOV a1+8(FP), A0
MOV a2+16(FP), A1
MOV a3+24(FP), A2
MOV trap+0(FP), A7 // syscall entry
ECALL
MOV A0, r1+32(FP) // r1
MOV A1, r2+40(FP) // r2
CALL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOV a1+8(FP), A0
MOV a2+16(FP), A1
MOV a3+24(FP), A2
MOV trap+0(FP), A7 // syscall entry
ECALL
MOV A0, r1+32(FP)
MOV A1, r2+40(FP)
RET

32
pkg/extend/vendor/golang.org/x/sys/unix/asm_linux_s390x.s generated vendored
View File

@@ -2,9 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build s390x
// +build linux
// +build !gccgo
//go:build linux && s390x && gc
#include "textflag.h"
@@ -21,8 +19,36 @@ TEXT ·Syscall(SB),NOSPLIT,$0-56
TEXT ·Syscall6(SB),NOSPLIT,$0-80
BR syscall·Syscall6(SB)
TEXT ·SyscallNoError(SB),NOSPLIT,$0-48
BL runtime·entersyscall(SB)
MOVD a1+8(FP), R2
MOVD a2+16(FP), R3
MOVD a3+24(FP), R4
MOVD $0, R5
MOVD $0, R6
MOVD $0, R7
MOVD trap+0(FP), R1 // syscall entry
SYSCALL
MOVD R2, r1+32(FP)
MOVD R3, r2+40(FP)
BL runtime·exitsyscall(SB)
RET
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
BR syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
BR syscall·RawSyscall6(SB)
TEXT ·RawSyscallNoError(SB),NOSPLIT,$0-48
MOVD a1+8(FP), R2
MOVD a2+16(FP), R3
MOVD a3+24(FP), R4
MOVD $0, R5
MOVD $0, R6
MOVD $0, R7
MOVD trap+0(FP), R1 // syscall entry
SYSCALL
MOVD R2, r1+32(FP)
MOVD R3, r2+40(FP)
RET

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_netbsd_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, NetBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, NetBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2013 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for ARM, NetBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
B syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
B syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
B syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
B syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
B syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_openbsd_386.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for 386, OpenBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-28
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-40
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s generated vendored
View File

@@ -1,29 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build !gccgo
#include "textflag.h"
//
// System call support for AMD64, OpenBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

29
pkg/extend/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s generated vendored Normal file
View File

@@ -0,0 +1,29 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build gc
#include "textflag.h"
//
// System call support for mips64, OpenBSD
//
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
TEXT ·Syscall(SB),NOSPLIT,$0-56
JMP syscall·Syscall(SB)
TEXT ·Syscall6(SB),NOSPLIT,$0-80
JMP syscall·Syscall6(SB)
TEXT ·Syscall9(SB),NOSPLIT,$0-104
JMP syscall·Syscall9(SB)
TEXT ·RawSyscall(SB),NOSPLIT,$0-56
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
JMP syscall·RawSyscall6(SB)

Some files were not shown because too many files have changed in this diff Show More