These are no longer used by anything in the tree, after removing old versions
of docker-runc/docker-proxy/containerd.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream builds with go1.16. Additionally fixup the VERSION variable specify the
current Flatcar Docker version 20.10.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream builds go through github.com/docker/docker repo and that builds
with go1.16 with module support disabled.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Upstream has switched to go 1.16, but still doesn't use go modules. The ebuilds
needed fixing up after the automated PR was created.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Set PYTHON_COMPAT to python 3.6 and 3.7 to be suitable for the current
code base.
Add a custom patch to replace error with warning when running autoconf
for cross builds, because libkrb5 is not able to detect
cross-compilation.
Based on 64e33c9f826d8fd951fd58ba1ed70debaf65be8d .
The SystemdCgroup=true setting is incompatible with kubelet
cgroupDriver: cgroupfs. So to prevent kube clusters from failing, we
will be freezing a nodes config.toml during an update. For that purpose,
we install a second configuration file that can then be selected using a
systemd drop-in unit.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Now that Docker has been updated to 20.10, we can use cgroupv2 so have
systemd mount the unified cgroup hierarchy by default. Other ways of
achieving the same would have been to pass 'systemd.unified_cgroup_hierarchy=1'
on the kernel cmdline, but this way the change propagates nicely to all
OEM consumers.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
The upstream docker repository location has changed to docker/docker.
Additionally, the cli component has been split out which which requires
fetching two hashes and updating two ebuilds. We also took the chance to
align the ebuild with gentoo's, which means there are is no more live ebuild
and no symlink.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
We are switching flatcar to cgroupv2 which is support by docker 20.10 and
kubernetes 1.19. This requires setting the systemd cgroup driver in the kubelet
config.
Due to the unified cgroup hierarchy, kubernetes <1.19 will not work so
remove all older versions.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Compared to previous torcx images the docker-cli package is a separate
package, following upstream Docker repo layout changes.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
The patches do the following:
* install flatcar specific wrappers and systemd config
* force some USE flags to default on
* allow injecting CFLAGS/LDFLAGS so that torcx can work
* force building with go1.13 (like upstream does) - this won't be
necessary next time because docker master already uses go1.16
This is the version needed by docker 20.10.7. ROADMAP.md doesn't exist so it
has been removed from src_install.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
This is the version used by docker-19.03. We will be updating the live
ebuild to build docker 20.10 dependencies.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
We use coreos-go* eclass so that we can override several environment
variables and build with the same go version as docker upstream. These
changes are modeled after what was previously done in app-emulation/docker,
the cli ebuild has only been split out since v20.10.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Docker upstream split the cli component into a separate repo, so there is
a separate ebuild that builds the docker utility. This is a prerequisite
of the update of docker to 20.10.
This is an import from portage commit 69d01a4273a556b1205a7a575cb3811ab7e2443d.
Signed-off-by: Jeremi Piotrowski <jeremi.piotrowski@gmail.com>
We use a custom build system to remove the cmake dependency and hardcode
relevant configuration.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Now that runc version follows simple semver semantics, we do not have to
care about number of patches up to an rc version. Remove the obsolete
comments.
flannel will write into /run/flannel/... so we need to provide
correct labelling for dir created by docker daemon
Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
flannel uses an init container to pull CNI from container to the host
system in `/etc/cni`.
With SELinux, the permission is denied because `/etc/cni` is labelled
with `etc_t` so it can't be access by Docker since it expects `svirt_lxc_file_t`.
Using `filetrans_pattern` we can define a mechanism to create `/etc/cni`
with the correct labels even if it's not yet created - which avoid to
run `restorecon` on `/etc/cni`.
Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
