mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-23 23:41:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2128 from mischief/docker-1.12

Browse Source 
WIP: Docker 1.12
This commit is contained in:
Nick Owens 2016-08-19 17:03:35 -07:00 committed by GitHub
commit 0b5f049741
9 changed files with 94 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/Manifest vendored
View File

@ -1 +1 @@
DIST containerd-0.2.2.tar.gz 635882 SHA256 a21efc7ea4bb97306ae9807caadca6782358679f38d3afd606cb599b6853bc52 SHA512 db6111984ccce01e928d46f0a22aaeed8d0eb50c2578df4e0cd5f56f43f8bdea43aad3203c2afb743ccf82908bd5961792681eafe07818a4057ca5f5f31c5396 WHIRLPOOL ce80bf79970faeacc3329cb4e365973a88539508904003da3d0f32afce9966e89bdf13a8894657e1fd983392cf2ab88b053393cbbc2018f509d9cbc57ab835cc DIST containerd-0.2.3.tar.gz 997239 SHA256 247c459179b451cb235354d3f23876ad1a326a6bda430608f9306beeb0364287 SHA512 f850ea7558a3c772930d42352d7913ec00ec24536676720f8872153ec87b92785259645648d885bb5b27514ca01de7f207a931665c3074e787d8b74b48c51952 WHIRLPOOL ac5f5f38ce874146571017bb5ac0229af43782ccf7eb378c6c39ecfb4725cf6941a12a1b05b9a6840a75c85599a881d429eaea030148356a36d2b401874e01e4

0
sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.2-r1.ebuild → sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-0.2.3.ebuild vendored
View File

0
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.11.2-r1.ebuild → sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-1.12.1-r2.ebuild vendored
View File

51
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild vendored
View File

@ -12,7 +12,7 @@ if [[ ${PV} == *9999 ]]; then
DOCKER_GITCOMMIT="unknown" DOCKER_GITCOMMIT="unknown"
KEYWORDS="~amd64 ~arm64" KEYWORDS="~amd64 ~arm64"
else else
CROS_WORKON_COMMIT="4a6e2b1e56ecd816ca066f71e7632f8a0171cada" # coreos-1.11.2 CROS_WORKON_COMMIT="f1e1b832d52e004c1c55406a965265a90e2504f8" # coreos-1.12.1
DOCKER_GITCOMMIT="${CROS_WORKON_COMMIT:0:7}" DOCKER_GITCOMMIT="${CROS_WORKON_COMMIT:0:7}"
KEYWORDS="amd64 arm64" KEYWORDS="amd64 arm64"
fi fi
@ -66,12 +66,8 @@ RDEPEND="
>=dev-vcs/git-1.7 >=dev-vcs/git-1.7
>=app-arch/xz-utils-4.9 >=app-arch/xz-utils-4.9
>=app-emulation/containerd-0.2.0 >=app-emulation/containerd-0.2.3[seccomp?]
>=app-emulation/runc-0.1.0 >=app-emulation/runc-1.0.0_rc1_p20160615[apparmor?,seccomp?]
apparmor? (
sys-libs/libapparmor[static-libs]
)
" "
RESTRICT="installsources strip" RESTRICT="installsources strip"
@ -79,26 +75,28 @@ RESTRICT="installsources strip"
# see "contrib/check-config.sh" from upstream's sources # see "contrib/check-config.sh" from upstream's sources
CONFIG_CHECK=" CONFIG_CHECK="
~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
~DEVPTS_MULTIPLE_INSTANCES
~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
~KEYS ~MACVLAN ~VETH ~BRIDGE ~BRIDGE_NETFILTER ~KEYS ~MACVLAN ~VETH ~BRIDGE ~BRIDGE_NETFILTER
~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE ~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_MANGLE ~IP_NF_TARGET_MASQUERADE
~IP_VS ~IP_VS_RR
~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK ~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK
~NETFILTER_XT_MATCH_IPVS
~NETFILTER_XT_MARK ~NETFILTER_XT_TARGET_REDIRECT
~NF_NAT ~NF_NAT_NEEDED ~NF_NAT ~NF_NAT_NEEDED
~POSIX_MQUEUE ~POSIX_MQUEUE
~MEMCG_KMEM ~MEMCG_SWAP ~MEMCG_SWAP_ENABLED ~MEMCG_SWAP ~MEMCG_SWAP_ENABLED
~BLK_CGROUP ~IOSCHED_CFQ ~BLK_CGROUP ~IOSCHED_CFQ
~CGROUP_PERF ~CGROUP_PERF
~CGROUP_HUGETLB ~CGROUP_HUGETLB
~NET_CLS_CGROUP ~NET_CLS_CGROUP
~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
~XFRM_ALGO ~XFRM_USER
" "
ERROR_KEYS="CONFIG_KEYS: is mandatory, see bug 581348" ERROR_KEYS="CONFIG_KEYS: is mandatory"
ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers" ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers"
ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering" ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering"
@ -106,6 +104,8 @@ ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gather
ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering" ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering"
ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering" ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering"
ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering" ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering"
ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks"
ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks"
pkg_setup() { pkg_setup() {
if kernel_is lt 3 10; then if kernel_is lt 3 10; then
@ -145,6 +145,19 @@ pkg_setup() {
" "
fi fi
if kernel_is lt 4 5; then
CONFIG_CHECK+="
~MEMCG_KMEM
"
ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
fi
if kernel_is lt 4 7; then
CONFIG_CHECK+="
~DEVPTS_MULTIPLE_INSTANCES
"
fi
if use aufs; then if use aufs; then
CONFIG_CHECK+=" CONFIG_CHECK+="
~AUFS_FS ~AUFS_FS
@ -214,8 +227,11 @@ src_compile() {
grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
-i hack/make/dynbinary || die -i hack/make/dynbinary-client || die
grep -q -- '-fno-PIC' hack/make/dynbinary || die 'hardened sed failed' sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
-i hack/make/dynbinary-daemon || die
grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
grep -q -- '-fno-PIC' hack/make/dynbinary-client || die 'hardened sed failed'
fi fi
# let's set up some optional features :) # let's set up some optional features :)
@ -260,7 +276,12 @@ src_compile() {
src_install() { src_install() {
VERSION="$(cat VERSION)" VERSION="$(cat VERSION)"
newbin "bundles/$VERSION/dynbinary/docker-$VERSION" docker newbin "bundles/$VERSION/dynbinary-client/docker-$VERSION" docker
newbin "bundles/$VERSION/dynbinary-daemon/dockerd-$VERSION" dockerd
newbin "bundles/$VERSION/dynbinary-daemon/docker-proxy-$VERSION" docker-proxy
dosym containerd /usr/bin/docker-containerd
dosym containerd-shim /usr/bin/docker-containerd-shim
dosym runc /usr/bin/docker-runc
newinitd contrib/init/openrc/docker.initd docker newinitd contrib/init/openrc/docker.initd docker
newconfd contrib/init/openrc/docker.confd docker newconfd contrib/init/openrc/docker.confd docker

18
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service vendored
View File

@ -5,11 +5,25 @@ After=docker.socket early-docker.target network.target
Requires=docker.socket early-docker.target Requires=docker.socket early-docker.target
[Service] [Service]
Type=notify
EnvironmentFile=-/run/flannel_docker_opts.env EnvironmentFile=-/run/flannel_docker_opts.env
MountFlags=slave MountFlags=slave
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/lib/coreos/dockerd --host=fd:// $DOCKER_OPTS $DOCKER_CGROUPS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576 LimitNOFILE=1048576
LimitNPROC=1048576 # Having non-zero Limit*s causes performance problems due to accounting overhead
ExecStart=/usr/lib/coreos/dockerd daemon --host=fd:// $DOCKER_OPTS $DOCKER_CGROUPS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ # in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

2
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/dockerd vendored
View File

@ -87,4 +87,4 @@ if [[ -z "${ARG_SELINUX}" ]]; then
maybe_enable_selinux maybe_enable_selinux
fi fi
exec docker "$@" ${USE_SELINUX} exec dockerd "$@" ${USE_SELINUX}

18
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/early-docker.service vendored
View File

@ -5,11 +5,25 @@ After=early-docker.socket
Requires=early-docker.socket Requires=early-docker.socket
[Service] [Service]
Type=notify
Environment=TMPDIR=/var/tmp Environment=TMPDIR=/var/tmp
MountFlags=slave MountFlags=slave
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/lib/coreos/dockerd --host=fd:// --bridge=none --iptables=false --ip-masq=false --exec-root=/var/run/early-docker --graph=/var/lib/early-docker --pidfile=/var/run/early-docker.pid $DOCKER_OPTS $DOCKER_CGROUPS
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576 LimitNOFILE=1048576
LimitNPROC=1048576 # Having non-zero Limit*s causes performance problems due to accounting overhead
ExecStart=/usr/lib/coreos/dockerd daemon --host=fd:// --bridge=none --iptables=false --ip-masq=false --exec-root=/var/run/early-docker --graph=/var/lib/early-docker --pidfile=/var/run/early-docker.pid $DOCKER_OPTS $DOCKER_CGROUPS # in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
[Install] [Install]
WantedBy=early-docker.target WantedBy=early-docker.target

2
sdk_container/src/third_party/coreos-overlay/app-emulation/runc/Manifest vendored
View File

@ -1 +1 @@
DIST runc-0.1.0.tar.gz 496358 SHA256 681d6d89541ae2e06757f999a242a1f97bbcb1ad6e10f4cdee287ec4a9d2bff9 SHA512 8a9ff02b0161eda0a730194b0fbf7ad76e8f379992e74061ef49302da3492fd0c53f06db9153ded4d934d67bbf6f4291d6154254f1b924ef73c97c44cd14ffcf WHIRLPOOL 81f488a4f1e23e8704a9fa8404965b2f12f74a875ba8e67dc15de93f43b075dc538cd0d89c7a1187cb74ac6320317b5985855945fb8bf8f749d6736df47b844a DIST runc-1.0.0_rc1_p20160615.tar.gz 535401 SHA256 196b78c6caf1a4c6257314b393381baffa7c82bb2690ac02a7b3d6cd6cfe7776 SHA512 0bf8ce3bb15caaf09214f23a411003fd5b660d291662ad513c3d944647a0fa9b270d18902706b7e6aa3c30eb0f676e73af46b8249d1e2484e1dc40d6ffd5a80d WHIRLPOOL 9d15d069e00fe38e2bbda84b477dc0cf9f3431d3587919a80164d550a6d882d8742a5c2a8cdb7645509dec8d55b545912c0287785d0ca7e79acc0a08eace6f47

38
sdk_container/src/third_party/coreos-overlay/app-emulation/runc/runc-0.1.0.ebuild → sdk_container/src/third_party/coreos-overlay/app-emulation/runc/runc-1.0.0_rc1_p20160615.ebuild vendored
View File

@ -1,31 +1,36 @@
# Copyright 1999-2015 Gentoo Foundation # Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
# $Id$ # $Header: $
EAPI=5 EAPI=5
GITHUB_URI="github.com/opencontainers/runc" GITHUB_URI="github.com/opencontainers/runc"
COREOS_GO_PACKAGE="${GITHUB_URI}" COREOS_GO_PACKAGE="${GITHUB_URI}"
# the commit of runc that docker uses.
# see https://github.com/docker/docker/blob/v1.12.0/Dockerfile#L236
COMMIT_ID="cc29e3dded8e27ba8f65738f40d251c885030a28"
inherit eutils multilib coreos-go inherit eutils multilib coreos-go vcs-snapshot
DESCRIPTION="runc container cli tools" DESCRIPTION="runc container cli tools"
HOMEPAGE="http://runc.io" HOMEPAGE="http://runc.io"
if [[ ${PV} == *9999* ]]; then SRC_URI="https://${GITHUB_URI}/archive/${COMMIT_ID}.tar.gz -> ${P}.tar.gz"
EGIT_REPO_URI="git://${GITHUB_URI}.git" KEYWORDS="amd64 arm64"
inherit git-r3
else
SRC_URI="https://${GITHUB_URI}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
KEYWORDS="amd64 arm64"
fi
LICENSE="Apache-2.0" LICENSE="Apache-2.0"
SLOT="0" SLOT="0"
IUSE="+seccomp" IUSE="apparmor +seccomp"
DEPEND=">=dev-lang/go-1.4:=" DEPEND=""
RDEPEND="seccomp? ( sys-libs/libseccomp )" RDEPEND="
apparmor? ( sys-libs/libapparmor )
seccomp? ( sys-libs/libseccomp )
"
src_prepare() {
eapply_user
}
src_compile() { src_compile() {
# fix up cross-compiling variables # fix up cross-compiling variables
@ -45,9 +50,12 @@ src_compile() {
export GOPATH="${PWD}/.gopath:${PWD}/vendor" export GOPATH="${PWD}/.gopath:${PWD}/vendor"
# build up optional flags # build up optional flags
local options=( $(usex seccomp "seccomp") ) local options=(
$(usex apparmor 'apparmor')
$(usex seccomp 'seccomp')
)
emake BUILDTAGS="${options[@]}" emake BUILDTAGS="${options[*]}"
} }
src_install() { src_install() {