mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-10-31 20:19:50 +00:00
218 lines
7.8 KiB
Docker
218 lines
7.8 KiB
Docker
FROM debian:jessie
|
|
|
|
RUN apt-get update && apt-get -y install unzip \
|
|
xz-utils \
|
|
curl \
|
|
bc \
|
|
git \
|
|
build-essential \
|
|
golang \
|
|
cpio \
|
|
gcc libc6 libc6-dev \
|
|
kmod \
|
|
squashfs-tools \
|
|
genisoimage \
|
|
xorriso \
|
|
syslinux \
|
|
isolinux \
|
|
automake \
|
|
pkg-config \
|
|
p7zip-full
|
|
|
|
# https://www.kernel.org/
|
|
ENV KERNEL_VERSION 4.1.10
|
|
|
|
# Fetch the kernel sources
|
|
RUN curl --retry 10 https://www.kernel.org/pub/linux/kernel/v${KERNEL_VERSION%%.*}.x/linux-$KERNEL_VERSION.tar.xz | tar -C / -xJ && \
|
|
mv /linux-$KERNEL_VERSION /linux-kernel
|
|
|
|
# http://aufs.sourceforge.net/
|
|
ENV AUFS_REPO https://github.com/sfjro/aufs4-standalone
|
|
ENV AUFS_BRANCH aufs4.1
|
|
ENV AUFS_COMMIT 4912d6da07e3e24d7a8484e0e8a4c1315adbc8fd
|
|
# we use AUFS_COMMIT to get stronger repeatability guarantees
|
|
|
|
# Download AUFS and apply patches and files, then remove it
|
|
RUN git clone -b "$AUFS_BRANCH" "$AUFS_REPO" /aufs-standalone && \
|
|
cd /aufs-standalone && \
|
|
git checkout -q "$AUFS_COMMIT" && \
|
|
cd /linux-kernel && \
|
|
cp -r /aufs-standalone/Documentation /linux-kernel && \
|
|
cp -r /aufs-standalone/fs /linux-kernel && \
|
|
cp -r /aufs-standalone/include/uapi/linux/aufs_type.h /linux-kernel/include/uapi/linux/ && \
|
|
set -e && for patch in \
|
|
/aufs-standalone/aufs*-kbuild.patch \
|
|
/aufs-standalone/aufs*-base.patch \
|
|
/aufs-standalone/aufs*-mmap.patch \
|
|
/aufs-standalone/aufs*-standalone.patch \
|
|
/aufs-standalone/aufs*-loopback.patch \
|
|
; do \
|
|
patch -p1 < "$patch"; \
|
|
done
|
|
|
|
COPY kernel_config /linux-kernel/.config
|
|
|
|
RUN jobs=$(nproc); \
|
|
cd /linux-kernel && \
|
|
make -j ${jobs} oldconfig && \
|
|
make -j ${jobs} bzImage && \
|
|
make -j ${jobs} modules
|
|
|
|
# The post kernel build process
|
|
|
|
ENV ROOTFS /rootfs
|
|
ENV TCL_REPO_BASE http://distro.ibiblio.org/tinycorelinux/6.x/x86_64
|
|
# Note that the ncurses is here explicitly so that top continues to work
|
|
ENV TCZ_DEPS iptables \
|
|
iproute2 \
|
|
openssh openssl \
|
|
tar \
|
|
gcc_libs \
|
|
ncurses \
|
|
acpid \
|
|
xz liblzma \
|
|
git expat2 libiconv libidn libgpg-error libgcrypt libssh2 \
|
|
nfs-utils tcp_wrappers portmap rpcbind libtirpc \
|
|
curl ntpclient \
|
|
procps glib2 libtirpc libffi fuse pcre \
|
|
udev-lib \
|
|
liblvm2 \
|
|
parted
|
|
|
|
# Make the ROOTFS
|
|
RUN mkdir -p $ROOTFS
|
|
|
|
# Prepare the build directory (/tmp/iso)
|
|
RUN mkdir -p /tmp/iso/boot
|
|
|
|
# Install the kernel modules in $ROOTFS
|
|
RUN cd /linux-kernel && \
|
|
make INSTALL_MOD_PATH=$ROOTFS modules_install firmware_install
|
|
|
|
# Remove useless kernel modules, based on unclejack/debian2docker
|
|
RUN cd $ROOTFS/lib/modules && \
|
|
rm -rf ./*/kernel/sound/* && \
|
|
rm -rf ./*/kernel/drivers/gpu/* && \
|
|
rm -rf ./*/kernel/drivers/infiniband/* && \
|
|
rm -rf ./*/kernel/drivers/isdn/* && \
|
|
rm -rf ./*/kernel/drivers/media/* && \
|
|
rm -rf ./*/kernel/drivers/staging/lustre/* && \
|
|
rm -rf ./*/kernel/drivers/staging/comedi/* && \
|
|
rm -rf ./*/kernel/fs/ocfs2/* && \
|
|
rm -rf ./*/kernel/net/bluetooth/* && \
|
|
rm -rf ./*/kernel/net/mac80211/* && \
|
|
rm -rf ./*/kernel/net/drivers/ethernet/* && \
|
|
rm -rf ./*/kernel/net/drivers/scsi/* && \
|
|
rm -rf ./*/kernel/net/drivers/mtd/* && \
|
|
rm -rf ./*/kernel/fs/btrfs/* && \
|
|
rm -rf ./*/kernel/fs/xfs/* && \
|
|
rm -rf ./*/kernel/net/wireless/*
|
|
|
|
# Install libcap
|
|
RUN curl -fL http://http.debian.net/debian/pool/main/libc/libcap2/libcap2_2.22.orig.tar.gz | tar -C / -xz && \
|
|
cd /libcap-2.22 && \
|
|
sed -i 's/LIBATTR := yes/LIBATTR := no/' Make.Rules && \
|
|
make && \
|
|
mkdir -p output && \
|
|
make prefix=`pwd`/output install && \
|
|
mkdir -p $ROOTFS/usr/local/lib && \
|
|
cp -av `pwd`/output/lib64/* $ROOTFS/usr/local/lib
|
|
|
|
# Make sure the kernel headers are installed for aufs-util, and then build it
|
|
RUN cd /linux-kernel && \
|
|
make INSTALL_HDR_PATH=/tmp/kheaders headers_install && \
|
|
cd / && \
|
|
git clone https://github.com/Distrotech/aufs-util.git && \
|
|
cd /aufs-util && \
|
|
git checkout 5e0c348bd8b1898beb1e043b026bcb0e0c7b0d54 && \
|
|
CPPFLAGS="-I/tmp/kheaders/include" CLFAGS=$CPPFLAGS LDFLAGS=$CPPFLAGS make && \
|
|
DESTDIR=$ROOTFS make install && \
|
|
rm -rf /tmp/kheaders
|
|
|
|
# Prepare the ISO directory with the kernel
|
|
RUN cp -v /linux-kernel/arch/x86_64/boot/bzImage /tmp/iso/boot/vmlinuz64
|
|
|
|
# Download the rootfs, don't unpack it though:
|
|
RUN curl -fL -o /tcl_rootfs.gz $TCL_REPO_BASE/release/distribution_files/rootfs64.gz
|
|
|
|
# Install the TCZ dependencies
|
|
RUN for dep in $TCZ_DEPS; do \
|
|
echo "Download $TCL_REPO_BASE/tcz/$dep.tcz" &&\
|
|
curl -fL -o /tmp/$dep.tcz $TCL_REPO_BASE/tcz/$dep.tcz && \
|
|
unsquashfs -f -d $ROOTFS /tmp/$dep.tcz && \
|
|
rm -f /tmp/$dep.tcz ;\
|
|
done
|
|
|
|
# Make sure that all the modules we might have added are recognized (especially VBox guest additions)
|
|
RUN depmod -a -b $ROOTFS $KERNEL_VERSION-boot2docker
|
|
|
|
COPY VERSION $ROOTFS/etc/version
|
|
RUN cp -v $ROOTFS/etc/version /tmp/iso/version
|
|
|
|
# Get the Docker version that matches our boot2docker version
|
|
# Note: `docker version` returns non-true when there is no server to ask
|
|
RUN curl -fL -o $ROOTFS/usr/local/bin/docker https://get.docker.com/builds/Linux/x86_64/docker-$(cat $ROOTFS/etc/version) && \
|
|
chmod +x $ROOTFS/usr/local/bin/docker && \
|
|
{ $ROOTFS/usr/local/bin/docker version || true; }
|
|
|
|
# .git directory is not available because it's in ../..
|
|
RUN echo "pinata: unknown-sha %(date)" > $ROOTFS/etc/boot2docker
|
|
|
|
# Install Tiny Core Linux rootfs
|
|
RUN cd $ROOTFS && zcat /tcl_rootfs.gz | cpio -f -i -H newc -d --no-absolute-filenames
|
|
|
|
# Copy our custom rootfs
|
|
COPY rootfs/rootfs $ROOTFS
|
|
|
|
# setup acpi config dir &
|
|
# tcl6's sshd is compiled without `/usr/local/sbin` in the path
|
|
# Boot2Docker and Docker Machine need `ip`, so I'm linking it in here
|
|
RUN cd $ROOTFS \
|
|
&& ln -s /usr/local/etc/acpi etc/ \
|
|
&& ln -s /usr/local/sbin/ip usr/sbin/
|
|
|
|
# These steps can only be run once, so can't be in make_iso.sh (which can be run in chained Dockerfiles)
|
|
# see https://github.com/boot2docker/boot2docker/blob/master/doc/BUILD.md
|
|
|
|
# Make sure init scripts are executable
|
|
RUN find $ROOTFS/etc/rc.d/ $ROOTFS/usr/local/etc/init.d/ -exec chmod +x '{}' ';'
|
|
|
|
# move dhcp.sh out of init.d as we're triggering it manually so its ready a bit faster
|
|
RUN mv $ROOTFS/etc/init.d/dhcp.sh $ROOTFS/etc/rc.d/
|
|
|
|
# Change MOTD
|
|
RUN mv $ROOTFS/usr/local/etc/motd $ROOTFS/etc/motd
|
|
|
|
# Make sure we have the correct bootsync
|
|
RUN mv $ROOTFS/boot*.sh $ROOTFS/opt/ && \
|
|
chmod +x $ROOTFS/opt/*.sh
|
|
|
|
# Make sure we have the correct shutdown
|
|
RUN mv $ROOTFS/shutdown.sh $ROOTFS/opt/shutdown.sh && \
|
|
chmod +x $ROOTFS/opt/shutdown.sh
|
|
|
|
# Add serial console
|
|
RUN echo "#!/bin/sh" > $ROOTFS/usr/local/bin/autologin && \
|
|
echo "/bin/login -f docker" >> $ROOTFS/usr/local/bin/autologin && \
|
|
chmod 755 $ROOTFS/usr/local/bin/autologin && \
|
|
echo 'ttyS0:2345:respawn:/sbin/getty -l /usr/local/bin/autologin 9600 ttyS0 vt100' >> $ROOTFS/etc/inittab && \
|
|
echo 'ttyS1:2345:respawn:/sbin/getty -l /usr/local/bin/autologin 9600 ttyS1 vt100' >> $ROOTFS/etc/inittab
|
|
|
|
# fix "su -"
|
|
RUN echo root > $ROOTFS/etc/sysconfig/superuser
|
|
|
|
# crontab
|
|
COPY rootfs/crontab $ROOTFS/var/spool/cron/crontabs/root
|
|
|
|
# avahi
|
|
# RUN apt-get install -y openssh-server avahi-daemon
|
|
# RUN echo "UseDNS no" >> /etc/ssh/sshd_config
|
|
|
|
# Copy boot params
|
|
COPY rootfs/isolinux /tmp/iso/boot/isolinux
|
|
|
|
COPY rootfs/make_iso.sh /
|
|
|
|
RUN /make_iso.sh
|
|
|