This pulls in
https://github.com/kinvolk/init/pull/47
to randomize OEM filesystem UUID if mounting fails, and to avoid trying
to install the QEMU qcow2 images.
Current cross builds of perl segfault on simple operations such as `perl -V`.
This appears to be due to the cross-build not getting `-fwrapv -fno-strict-aliasing`
passed from the configure script. While we try to get this fixed upstream, we
can monkeypatch our old version of perl to fix this.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
This change results in building the pam_tty_audit additionally, nothing else.
Related to https://github.com/kinvolk/Flatcar/issues/485.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
It produces files with the same contents as the python2 version of the
script, but the filename handling is a bit different wrt. filenames
with weird, non-unicode characters. But overall, it does not affect
anything.
This change adds the "slirp" use flag to qemu (SDK only), enabling
qemu's user networking. This fixes a bug where qemu is unable to start
the Flatcar qemu image:
$ ./flatcar_production_qemu.sh
qemu-system-x86_64: Parameter 'type' expects a netdev backend type
The issue has been discussed on the qemu mailing list:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg786275.html
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
It contained some chromium version of flatcar scripts, from which we
were using the common.sh script in the cros-workon script (from the
now-removed coreos-base/cros-devutils package). It's not used any more
- we updated flatcar scripts to call into its internal copy of
cros-workon.
The package contained scripts that are not used in our workflow, are
unmaintained by us for a number of years now and it presents an
obstacle in porting the packages to python3.
Our scripts are using cert-to-efi-sig-list and flash-var from
efitools, and sbsign from sbsigntools. Currently the cros-devutils
package is pulling in the efitools package, which in turn pull in the
sbsigntools package.
We plan to drop the cros-devutils package, so better be explicit about
the dependencies.
We dropped the installation of the gmerge script a while ago, because
it was not used anywhere and that made one script less to port to
python3 at the time of updating portage to a recent version. Now we
only install the emerge-gitclone script, so rename the package to
reflect this fact.
- Drop binddist from RESTRICT variable
- Drop pkg_postinst
- Create /etc/ssl with tmpfiles (and package it for the SDK).
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
These are no longer used by anything in the tree, after removing old versions
of docker-runc/docker-proxy/containerd.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream builds with go1.16. Additionally fixup the VERSION variable specify the
current Flatcar Docker version 20.10.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream builds go through github.com/docker/docker repo and that builds
with go1.16 with module support disabled.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
I'm not sure if we ever built it - it's not a dependency of anything
at all. Also one of its dependencies, dev-python/pyxenstore, was
dropped in 2014, so the package is broken for about seven years
now. Looks like that the rackspace oem package is rather pulling
nova-agent through the coreos-base/nova-agent-container package.
The containerd config works in mysterious ways - sometimes it acts hierarchical
with respect to the section headers, other times not. In this case, setting
runc.options resets all the fields of the runc section, including
'runtime_type'. Having an unset runtime_type causes containerd to fail to spawn
containers (but the daemon itself starts succesfully) returning the error:
kubelet[13148]: E0823 11:57:17.030551 13148 remote_runtime.go:116] "RunPodSandbox from runtime service failed" err="rpc error: code = InvalidArgument desc = failed to create containerd container: create container failed validation: container.Runtime.Name must be set: invalid argument"
Explicitly set the runtime_type in all containerd configs, and bump the config
version to 2.
Reported as https://github.com/kinvolk/Flatcar/issues/484
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Now that we have dev-util/pkgconfig 0.29.2, there is no need to
keep third-party patch for avoiding cross-build issues in
dev-util/strace. Let's simply drop the patch, and move strace to
portage-stable.
Apparently the `coreos-devel/sdk-extras` was originally meant to work
as a meta package to pull in all the optional packages in the SDK at once.
It has been unmaintained since 2~3 years, so an attempt of `emerge
coreos-devel/sdk-extras` will give you a huge list of conflicts to
resolve. It is difficult to resurrect sdk-extras at the moment.
Delete `coreos-devel/sdk-extras` completely. Doing that, we can delete
more than 20 other packages from the source tree.
Now that coreos-devel/sdk-extras are gone, delete unnecessary configs
in profiles, for app-portage/repoman, dev-go/glide, dev-go/godep,
dev-python/awscli, dev-python/botocore, dev-python/s3transfer.
This version has an officially documented support for python3, so it
plays along our plans of removing python2 in favor of python3. When
the switch actually happens, we will need to update the ebuild to
mention the correct path to python modules. The path contains python
version, which is a hindrance. Would be nice to have it hidden behind
some variable.
There is also a version 2.4.0.2, but it's marked as a prerelease on
github, so decided to package 2.3.1.1 instead.
Upstream has switched to go 1.16, but still doesn't use go modules. The ebuilds
needed fixing up after the automated PR was created.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Set PYTHON_COMPAT to python 3.6 and 3.7 to be suitable for the current
code base.
Add a custom patch to replace error with warning when running autoconf
for cross builds, because libkrb5 is not able to detect
cross-compilation.
Based on 64e33c9f826d8fd951fd58ba1ed70debaf65be8d .
The SystemdCgroup=true setting is incompatible with kubelet
cgroupDriver: cgroupfs. So to prevent kube clusters from failing, we
will be freezing a nodes config.toml during an update. For that purpose,
we install a second configuration file that can then be selected using a
systemd drop-in unit.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Now that Docker has been updated to 20.10, we can use cgroupv2 so have
systemd mount the unified cgroup hierarchy by default. Other ways of
achieving the same would have been to pass 'systemd.unified_cgroup_hierarchy=1'
on the kernel cmdline, but this way the change propagates nicely to all
OEM consumers.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
The upstream docker repository location has changed to docker/docker.
Additionally, the cli component has been split out which which requires
fetching two hashes and updating two ebuilds. We also took the chance to
align the ebuild with gentoo's, which means there are is no more live ebuild
and no symlink.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
We are switching flatcar to cgroupv2 which is support by docker 20.10 and
kubernetes 1.19. This requires setting the systemd cgroup driver in the kubelet
config.
Due to the unified cgroup hierarchy, kubernetes <1.19 will not work so
remove all older versions.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Compared to previous torcx images the docker-cli package is a separate
package, following upstream Docker repo layout changes.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
The patches do the following:
* install flatcar specific wrappers and systemd config
* force some USE flags to default on
* allow injecting CFLAGS/LDFLAGS so that torcx can work
* force building with go1.13 (like upstream does) - this won't be
necessary next time because docker master already uses go1.16
This is the version needed by docker 20.10.7. ROADMAP.md doesn't exist so it
has been removed from src_install.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
This is the version used by docker-19.03. We will be updating the live
ebuild to build docker 20.10 dependencies.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
We use coreos-go* eclass so that we can override several environment
variables and build with the same go version as docker upstream. These
changes are modeled after what was previously done in app-emulation/docker,
the cli ebuild has only been split out since v20.10.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Docker upstream split the cli component into a separate repo, so there is
a separate ebuild that builds the docker utility. This is a prerequisite
of the update of docker to 20.10.
This is an import from portage commit 69d01a4273a556b1205a7a575cb3811ab7e2443d.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
We use a custom build system to remove the cmake dependency and hardcode
relevant configuration.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
