[Buildroot] [PATCH v3 0/8] upgrade docker-engine and associated components

[Buildroot] [PATCH v3 0/8] upgrade docker-engine and associated components

[Christian Stewart]

Hi all,

This series upgrades Docker and associated components:

 - runc to 9f9c96235cc97674e935002fc3d78361b696a69e
 - docker-containerd to v1.0.2
 - docker-engine to v2018.03.0-ce-rc1

Docker is updated to v2018.03.0-ce-rc1 due to critical bugs in 2018.02.
2018.03 full release is expected in the month of March.

It is thus suggested that this series be merged to target the next
Buildroot stable release later this year, with the plan to upgrade to
2018.03 when it is released in place.

Suggested naming changes:

 - docker-containerd -> containerd

This project has been split off from Docker, and is now hosted at:

  https://github.com/containerd/containerd

It is not specifically a docker project.

 - docker-engine -> docker-ce

Docker "Community Edition" is the name for the daemon and CLI bundled
together by the "moby" bundler/project duo.

It's still named the "Engine" but with the CLI as well, it makes more
sense to name it "Docker Community Edition" which also avoids a
collision with the "docker" package.

An old version of this series adding docker-init exists.

 - https://patchwork.ozlabs.org/patch/827886/

Changes v1 -> v2:

 - Make static default for tini and dumb-init
 - Bump package versions (as described above)
 - Added fix to not link against libsystemd without systemd
 - Removed unnecessary stack protector flags from tini
 - Fixed confusing commit messages
 - Upgraded to 18.03.0-rc1, skipping 18.02, to address critical bugs in 2018.02.
 - Tested on Raspberry Pi 3, Odroid XU4, Odroid HC2, and Raspberry Pi 0.

Changes v2 -> v3:

 - Remove unnecessary static select options for dumb-init and tini and associated comments.
 - Tini was updated to v0.17.0
 - Dumb-init was updated to v1.2.1
 - License hash files added for tini and dumb-init
 - Comment explaining -static option for tini and dumb-init added
 - Dumb-init tarball named correctly in hash file

Best,
Christian Stewart

---

Christian Stewart (8):
  tini: new package
  dumb-init: new package
  docker-engine: add support for init processes
  docker-proxy: new package
  docker-engine: add dependency on docker-proxy
  runc: bump to 9f9c96235cc
  docker-containerd: bump to v1.0.2
  docker-engine: bump to v18.03.0-ce-rc1

 package/Config.in                                |  3 ++
 package/docker-containerd/Config.in              | 12 +++++
 package/docker-containerd/docker-containerd.hash |  2 +-
 package/docker-containerd/docker-containerd.mk   | 38 +++++++++++----
 package/docker-engine/Config.in                  | 27 +++++++++++
 package/docker-engine/docker-engine.hash         |  2 +-
 package/docker-engine/docker-engine.mk           | 59 ++++++++++++++++--------
 package/docker-proxy/Config.in                   | 18 ++++++++
 package/docker-proxy/docker-proxy.hash           |  2 +
 package/docker-proxy/docker-proxy.mk             | 46 ++++++++++++++++++
 package/dumb-init/Config.in                      |  7 +++
 package/dumb-init/dumb-init.hash                 |  3 ++
 package/dumb-init/dumb-init.mk                   | 24 ++++++++++
 package/runc/runc.hash                           |  2 +-
 package/runc/runc.mk                             | 17 ++++---
 package/tini/Config.in                           | 16 +++++++
 package/tini/tini.hash                           |  3 ++
 package/tini/tini.mk                             | 35 ++++++++++++++
 18 files changed, 278 insertions(+), 38 deletions(-)
 create mode 100644 package/docker-proxy/Config.in
 create mode 100644 package/docker-proxy/docker-proxy.hash
 create mode 100644 package/docker-proxy/docker-proxy.mk
 create mode 100644 package/dumb-init/Config.in
 create mode 100644 package/dumb-init/dumb-init.hash
 create mode 100644 package/dumb-init/dumb-init.mk
 create mode 100644 package/tini/Config.in
 create mode 100644 package/tini/tini.hash
 create mode 100644 package/tini/tini.mk

-- 
2.13.6

[Buildroot] [PATCH v3 1/8] tini: new package

[Christian Stewart]

Tini is a minimal init process to act as PID 1 for containers.

Tini can be used to satisfy docker-engine's docker-init binary
requirement.

Signed-off-by: Christian Stewart <christian@paral.in>

---

Changes since v2:

 - Upgraded to v0.17.0
 - Added hash for license file
---
 package/Config.in      |  1 +
 package/tini/Config.in | 16 ++++++++++++++++
 package/tini/tini.hash |  3 +++
 package/tini/tini.mk   | 35 +++++++++++++++++++++++++++++++++++
 4 files changed, 55 insertions(+)
 create mode 100644 package/tini/Config.in
 create mode 100644 package/tini/tini.hash
 create mode 100644 package/tini/tini.mk

diff --git a/package/Config.in b/package/Config.in
index 9cd5d9c087..5bdaa24340 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1921,6 +1921,7 @@ comment "Utilities"
 	source "package/sudo/Config.in"
 	source "package/terminology/Config.in"
 	source "package/time/Config.in"
+	source "package/tini/Config.in"
 	source "package/tmux/Config.in"
 	source "package/which/Config.in"
 	source "package/xmlstarlet/Config.in"
diff --git a/package/tini/Config.in b/package/tini/Config.in
new file mode 100644
index 0000000000..235fc1a8fb
--- /dev/null
+++ b/package/tini/Config.in
@@ -0,0 +1,16 @@
+config BR2_PACKAGE_TINI
+	bool "tini"
+	help
+	  tini is a simple but valid init binary to
+	  act as PID 1 for containers.
+
+	  https://github.com/krallin/tini
+
+if BR2_PACKAGE_TINI
+
+config BR2_PACKAGE_TINI_MINIMAL
+	bool "build minimal variant"
+	help
+	  Disables argument parsing and verbose output.
+
+endif
diff --git a/package/tini/tini.hash b/package/tini/tini.hash
new file mode 100644
index 0000000000..c4f85c43b0
--- /dev/null
+++ b/package/tini/tini.hash
@@ -0,0 +1,3 @@
+# Locally computed
+sha256	5244691718f6856db74dcf6dbb3576a901e737f41412e7895747f0ccb4ccaff0	tini-v0.17.0.tar.gz
+sha256	e5f46bca81266bdd511cf08018d66866870531794569c04f9b45f50dd23c28b0	LICENSE
diff --git a/package/tini/tini.mk b/package/tini/tini.mk
new file mode 100644
index 0000000000..9f9d986745
--- /dev/null
+++ b/package/tini/tini.mk
@@ -0,0 +1,35 @@
+################################################################################
+#
+# tini
+#
+################################################################################
+
+TINI_VERSION = v0.17.0
+TINI_SITE = $(call github,krallin,tini,$(TINI_VERSION))
+
+TINI_LICENSE = MIT
+TINI_LICENSE_FILES = LICENSE
+
+TINI_CFLAGS = $(TARGET_CFLAGS) -DTINI_VERSION=\"$(TINI_VERSION)\" -DTINI_GIT=\"\"
+TINI_CFLAGS += -static
+
+ifeq ($(BR2_PACKAGE_TINI_MINIMAL),y)
+TINI_CFLAGS += -DTINI_MINIMAL
+endif
+
+define TINI_CONFIGURE_CMDS
+	printf "#pragma once\n" > $(@D)/src/tiniConfig.h
+endef
+
+define TINI_BUILD_CMDS
+	$(TARGET_CC) \
+		$(TINI_CFLAGS) \
+		-o $(@D)/tini $(@D)/src/tini.c
+endef
+
+define TINI_INSTALL_TARGET_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/tini $(TARGET_DIR)/usr/bin/tini
+endef
+
+# Tini's CMakeLists.txt is not suitable for Buildroot.
+$(eval $(generic-package))
-- 
2.13.6

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Christian Stewart]

dumb-init is a minimal init process to act as PID 1 for containers.

Static compilation is used, as dumb-init will typically be executed inside a
container.

dumb-init can satisfy docker-engine's docker-init requirement.

Signed-off-by: Christian Stewart <christian@paral.in>

---

Changes since v1:

 - Upgraded to v1.2.1
 - Added license hash
---
 package/Config.in                |  1 +
 package/dumb-init/Config.in      |  7 +++++++
 package/dumb-init/dumb-init.hash |  3 +++
 package/dumb-init/dumb-init.mk   | 24 ++++++++++++++++++++++++
 4 files changed, 35 insertions(+)
 create mode 100644 package/dumb-init/Config.in
 create mode 100644 package/dumb-init/dumb-init.hash
 create mode 100644 package/dumb-init/dumb-init.mk

diff --git a/package/Config.in b/package/Config.in
index 5bdaa24340..dd42db79ec 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1906,6 +1906,7 @@ comment "Utilities"
 	source "package/crudini/Config.in"
 	source "package/dialog/Config.in"
 	source "package/dtach/Config.in"
+	source "package/dumb-init/Config.in"
 	source "package/easy-rsa/Config.in"
 	source "package/file/Config.in"
 	source "package/gnupg/Config.in"
diff --git a/package/dumb-init/Config.in b/package/dumb-init/Config.in
new file mode 100644
index 0000000000..e817493605
--- /dev/null
+++ b/package/dumb-init/Config.in
@@ -0,0 +1,7 @@
+config BR2_PACKAGE_DUMB_INIT
+	bool "dumb-init"
+	help
+	  dumb-init is a simple but valid init binary to
+	  act as PID 1 for containers.
+
+	  https://github.com/Yelp/dumb-init
diff --git a/package/dumb-init/dumb-init.hash b/package/dumb-init/dumb-init.hash
new file mode 100644
index 0000000000..9e74ff5580
--- /dev/null
+++ b/package/dumb-init/dumb-init.hash
@@ -0,0 +1,3 @@
+# Locally computed
+sha256	56858088d9d6c911c227d196fcbfca06aff31fbe83e1519f9cabe5cf6f11b242	dumb-init-v1.2.1.tar.gz
+sha256	4d74123f166ad8f147e9939bfb451578db84823f22b48fd64b1086d3654a0149  LICENSE
diff --git a/package/dumb-init/dumb-init.mk b/package/dumb-init/dumb-init.mk
new file mode 100644
index 0000000000..4ebbff1930
--- /dev/null
+++ b/package/dumb-init/dumb-init.mk
@@ -0,0 +1,24 @@
+################################################################################
+#
+# dumb-init
+#
+################################################################################
+
+DUMB_INIT_VERSION = v1.2.1
+DUMB_INIT_SITE = $(call github,Yelp,dumb-init,$(DUMB_INIT_VERSION))
+
+DUMB_INIT_LICENSE = MIT
+DUMB_INIT_LICENSE_FILES = LICENSE
+DUMB_INIT_CFLAGS += -static
+
+define DUMB_INIT_BUILD_CMDS
+	$(TARGET_CC) \
+		$(DUMB_INIT_CFLAGS) \
+		-o $(@D)/dumb-init $(@D)/dumb-init.c
+endef
+
+define DUMB_INIT_INSTALL_TARGET_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/dumb-init $(TARGET_DIR)/usr/bin/dumb-init
+endef
+
+$(eval $(generic-package))
-- 
2.13.6

[Buildroot] [PATCH v3 3/8] docker-engine: add support for init processes

[Christian Stewart]

When a docker container is run with the --init flag, the Docker engine
uses the docker-init binary as PID 1 inside the container. This is
necessary in may cases to avoid issues with signal handling, zombie
processes, and other quirks when running as PID 1.

The docker-init binary is backed by tini on default, but optionally can
be changed to docker-init by user preference.

Furthermore, this patch fixes the following Docker error:

  dockerd: level=warning msg="failed to retrieve docker-init version"

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/docker-engine/Config.in        | 26 ++++++++++++++++++++++++++
 package/docker-engine/docker-engine.mk | 11 +++++++++++
 2 files changed, 37 insertions(+)

diff --git a/package/docker-engine/Config.in b/package/docker-engine/Config.in
index 05670a716e..7d9a87f7bb 100644
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -33,6 +33,32 @@ config BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT
 
 if BR2_PACKAGE_DOCKER_ENGINE_DAEMON
 
+choice
+	bool "docker-init to use"
+	default BR2_PACKAGE_DOCKER_ENGINE_INIT_TINI
+	help
+	  The docker engine uses a minimal init process as PID 1
+	  inside containers. There are several implementations
+	  of this init process.
+
+config BR2_PACKAGE_DOCKER_ENGINE_INIT_TINI
+	bool "tini"
+	select BR2_PACKAGE_TINI
+	help
+	  Use Tini as the container init process.
+
+	  https://github.com/krallin/tini
+
+config BR2_PACKAGE_DOCKER_ENGINE_INIT_DUMB_INIT
+	bool "dumb-init"
+	select BR2_PACKAGE_DUMB_INIT
+	help
+	  Use dumb-init as the container init process.
+
+	  https://github.com/Yelp/dumb-init
+
+endchoice
+
 config BR2_PACKAGE_DOCKER_ENGINE_DRIVER_BTRFS
 	bool "btrfs filesystem driver"
 	depends on BR2_USE_MMU # btrfs-progs
diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk
index 8928f072e7..a2776ed78c 100644
--- a/package/docker-engine/docker-engine.mk
+++ b/package/docker-engine/docker-engine.mk
@@ -50,6 +50,13 @@ endif
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y)
 DOCKER_ENGINE_BUILD_TAGS += daemon
 DOCKER_ENGINE_BUILD_TARGETS += dockerd
+
+ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_INIT_DUMB_INIT),y)
+DOCKER_ENGINE_INIT = dumb-init
+else
+DOCKER_ENGINE_INIT = tini
+endif
+
 endif
 
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_EXPERIMENTAL),y)
@@ -119,6 +126,10 @@ define DOCKER_ENGINE_INSTALL_TARGET_CMDS
 	$(foreach target,$(DOCKER_ENGINE_BUILD_TARGETS), \
 		$(INSTALL) -D -m 0755 $(@D)/bin/$(target) $(TARGET_DIR)/usr/bin/$(target)
 	)
+
+	$(if $(filter $(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y), \
+		ln -fs $(DOCKER_ENGINE_INIT) $(TARGET_DIR)/usr/bin/docker-init
+	)
 endef
 
 $(eval $(generic-package))
-- 
2.13.6

[Buildroot] [PATCH v3 4/8] docker-proxy: new package

[Christian Stewart]

Add docker-proxy package to Buildroot. Needed by docker-engine at
runtime, and previously not included. This leads to the following error
when attempting to port-map ports to a container:

  $ docker run -p 8080:8080 nginx
  docker: Error response from daemon: driver failed programming external
  connectivity on endpoint:
  exec: "docker-proxy": executable file not found in $PATH.

Docker expects the docker-proxy binary to exist in the PATH.

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/Config.in                      |  1 +
 package/docker-proxy/Config.in         | 18 +++++++++++++
 package/docker-proxy/docker-proxy.hash |  2 ++
 package/docker-proxy/docker-proxy.mk   | 46 ++++++++++++++++++++++++++++++++++
 4 files changed, 67 insertions(+)
 create mode 100644 package/docker-proxy/Config.in
 create mode 100644 package/docker-proxy/docker-proxy.hash
 create mode 100644 package/docker-proxy/docker-proxy.mk

diff --git a/package/Config.in b/package/Config.in
index dd42db79ec..181edfb5b7 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1947,6 +1947,7 @@ menu "System tools"
 	source "package/debianutils/Config.in"
 	source "package/docker-containerd/Config.in"
 	source "package/docker-engine/Config.in"
+	source "package/docker-proxy/Config.in"
 	source "package/dsp-tools/Config.in"
 	source "package/efibootmgr/Config.in"
 	source "package/efivar/Config.in"
diff --git a/package/docker-proxy/Config.in b/package/docker-proxy/Config.in
new file mode 100644
index 0000000000..4f414b24b1
--- /dev/null
+++ b/package/docker-proxy/Config.in
@@ -0,0 +1,18 @@
+config BR2_PACKAGE_DOCKER_PROXY
+	bool "docker-proxy"
+	depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	help
+	  Libnetwork is a Container Network Model that provides a
+	  consistent programming interface and the required network
+	  abstractions for applications.
+
+	  This package provides docker-proxy, a run-time dependency of Docker.
+
+	  https://github.com/docker/libnetwork
+
+comment "docker-proxy needs a toolchain w/ threads"
+	depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
+	depends on !BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/docker-proxy/docker-proxy.hash b/package/docker-proxy/docker-proxy.hash
new file mode 100644
index 0000000000..3ec184f54f
--- /dev/null
+++ b/package/docker-proxy/docker-proxy.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256	2eee331b6ded567a36e7db708405b34032b93938682cf049025f48b96d755bf6	docker-proxy-7b2b1feb1de4817d522cc372af149ff48d25028e.tar.gz
diff --git a/package/docker-proxy/docker-proxy.mk b/package/docker-proxy/docker-proxy.mk
new file mode 100644
index 0000000000..3bf6546d26
--- /dev/null
+++ b/package/docker-proxy/docker-proxy.mk
@@ -0,0 +1,46 @@
+################################################################################
+#
+# docker-proxy
+#
+################################################################################
+
+DOCKER_PROXY_VERSION = 7b2b1feb1de4817d522cc372af149ff48d25028e
+DOCKER_PROXY_SITE = $(call github,docker,libnetwork,$(DOCKER_PROXY_VERSION))
+
+DOCKER_PROXY_LICENSE = Apache-2.0
+DOCKER_PROXY_LICENSE_FILES = LICENSE
+
+DOCKER_PROXY_DEPENDENCIES = host-go host-pkgconf
+
+DOCKER_PROXY_GOPATH = "$(@D)/gopath"
+DOCKER_PROXY_MAKE_ENV = $(HOST_GO_TARGET_ENV) \
+	CGO_ENABLED=1 \
+	CGO_NO_EMULATION=1 \
+	GOBIN="$(@D)/bin" \
+	GOPATH="$(DOCKER_PROXY_GOPATH)" \
+	PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" \
+	$(TARGET_MAKE_ENV)
+
+ifeq ($(BR2_STATIC_LIBS),y)
+DOCKER_PROXY_GLDFLAGS += -extldflags '-static'
+endif
+
+define DOCKER_PROXY_CONFIGURE_CMDS
+	mkdir -p $(DOCKER_PROXY_GOPATH)/src/github.com/docker
+	ln -fs $(@D) $(DOCKER_PROXY_GOPATH)/src/github.com/docker/libnetwork
+endef
+
+define DOCKER_PROXY_BUILD_CMDS
+	cd $(@D)/gopath/src/github.com/docker/libnetwork; \
+	$(DOCKER_PROXY_MAKE_ENV) \
+	$(HOST_DIR)/usr/bin/go build -v \
+		-o $(@D)/bin/docker-proxy \
+		-ldflags "$(DOCKER_PROXY_GLDFLAGS)" \
+		github.com/docker/libnetwork/cmd/proxy
+endef
+
+define DOCKER_PROXY_INSTALL_TARGET_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/bin/docker-proxy $(TARGET_DIR)/usr/bin/docker-proxy
+endef
+
+$(eval $(generic-package))
-- 
2.13.6

[Buildroot] [PATCH v3 5/8] docker-engine: add dependency on docker-proxy

[Christian Stewart]

docker-proxy is needed by docker-engine at runtime, and was
previously not included. This leads to the following error
when attempting to port-map ports to a container:

  $ docker run -p 8080:8080 nginx
  docker: Error response from daemon: driver failed programming external
  connectivity on endpoint:
  exec: "docker-proxy": executable file not found in $PATH.

Docker expects the docker-proxy binary to exist in the PATH.

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/docker-engine/Config.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/docker-engine/Config.in b/package/docker-engine/Config.in
index 7d9a87f7bb..a76940b6c0 100644
--- a/package/docker-engine/Config.in
+++ b/package/docker-engine/Config.in
@@ -16,6 +16,7 @@ config BR2_PACKAGE_DOCKER_ENGINE_DAEMON
 	default y
 	depends on BR2_USE_MMU # docker-containerd
 	select BR2_PACKAGE_DOCKER_CONTAINERD # runtime dependency
+	select BR2_PACKAGE_DOCKER_PROXY # runtime dependency
 	select BR2_PACKAGE_IPTABLES # runtime dependency
 	select BR2_PACKAGE_SQLITE # runtime dependency
 	help
-- 
2.13.6

[Buildroot] [PATCH v3 6/8] runc: bump to 9f9c96235cc

[Christian Stewart]

This commit bumps runc to the requisite version for Docker 2018.03.

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/runc/runc.hash |  2 +-
 package/runc/runc.mk   | 17 +++++++++++------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/package/runc/runc.hash b/package/runc/runc.hash
index 3e188c5c79..f762707869 100644
--- a/package/runc/runc.hash
+++ b/package/runc/runc.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256	b5c50d7d9a5f610d5424f96196efa306ec708fd9299302dd919545099c16b7c1	runc-9c2d8d184e5da67c95d601382adf14862e4f2228.tar.gz
+sha256	df8e7cd1d332d97b468ee455164f3959246bb5fc639dd8042d0db3bded621ad7	runc-6c55f98695e902427906eed2c799e566e3d3dfb5.tar.gz
diff --git a/package/runc/runc.mk b/package/runc/runc.mk
index fb3fec20f5..f19fc5f068 100644
--- a/package/runc/runc.mk
+++ b/package/runc/runc.mk
@@ -4,14 +4,14 @@
 #
 ################################################################################
 
-RUNC_VERSION = 9c2d8d184e5da67c95d601382adf14862e4f2228
+RUNC_VERSION = 6c55f98695e902427906eed2c799e566e3d3dfb5
 RUNC_SITE = $(call github,opencontainers,runc,$(RUNC_VERSION))
 RUNC_LICENSE = Apache-2.0
 RUNC_LICENSE_FILES = LICENSE
 
 RUNC_DEPENDENCIES = host-go
 
-RUNC_GOPATH = "$(@D)/Godeps/_workspace"
+RUNC_GOPATH = $(@D)/gopath
 RUNC_MAKE_ENV = $(HOST_GO_TARGET_ENV) \
 	CGO_ENABLED=1 \
 	GOBIN="$(@D)/bin" \
@@ -23,9 +23,10 @@ RUNC_GLDFLAGS = \
 
 ifeq ($(BR2_STATIC_LIBS),y)
 RUNC_GLDFLAGS += -extldflags '-static'
+RUNC_GOTAGS += static_build
 endif
 
-RUNC_GOTAGS = cgo static_build
+RUNC_GOTAGS = cgo
 
 ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
 RUNC_GOTAGS += seccomp
@@ -38,9 +39,13 @@ define RUNC_CONFIGURE_CMDS
 endef
 
 define RUNC_BUILD_CMDS
-	cd $(@D) && $(RUNC_MAKE_ENV) $(HOST_DIR)/bin/go \
-		build -v -o $(@D)/bin/runc \
-		-tags "$(RUNC_GOTAGS)" -ldflags "$(RUNC_GLDFLAGS)" .
+	cd $(RUNC_GOPATH)/src/github.com/opencontainers/runc; \
+		$(RUNC_MAKE_ENV) \
+		$(HOST_DIR)/bin/go build -v -i \
+		-o $(@D)/bin/runc \
+		-tags "$(RUNC_GOTAGS)" \
+		-ldflags "$(RUNC_GLDFLAGS)" \
+		./
 endef
 
 define RUNC_INSTALL_TARGET_CMDS
-- 
2.13.6

[Buildroot] [PATCH v3 7/8] docker-containerd: bump to v1.0.2

[Christian Stewart]

This commit bumps docker-containerd to v1.0.2.

This is a requisite bump for the upgrade of docker-engine to 2018.03.

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/docker-containerd/Config.in              | 12 ++++++++
 package/docker-containerd/docker-containerd.hash |  2 +-
 package/docker-containerd/docker-containerd.mk   | 38 ++++++++++++++++++------
 3 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/package/docker-containerd/Config.in b/package/docker-containerd/Config.in
index 2f7bf71af1..851345f73e 100644
--- a/package/docker-containerd/Config.in
+++ b/package/docker-containerd/Config.in
@@ -15,6 +15,18 @@ config BR2_PACKAGE_DOCKER_CONTAINERD
 
 	  https://github.com/docker/containerd
 
+if BR2_PACKAGE_DOCKER_CONTAINERD
+
+config BR2_PACKAGE_DOCKER_CONTAINERD_DRIVER_BTRFS
+	bool "btrfs snapshot driver"
+	depends on BR2_USE_MMU # btrfs-progs
+	depends on BR2_TOOLCHAIN_HAS_THREADS # btrfs-progs
+	select BR2_PACKAGE_BTRFS_PROGS
+	help
+	  Build the btrfs snapshot driver for containerd.
+
+endif
+
 comment "docker-containerd needs a toolchain w/ threads"
 	depends on BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_HOST_GO_CGO_LINKING_SUPPORTS
diff --git a/package/docker-containerd/docker-containerd.hash b/package/docker-containerd/docker-containerd.hash
index 992eb5b01a..bc67fe50dc 100644
--- a/package/docker-containerd/docker-containerd.hash
+++ b/package/docker-containerd/docker-containerd.hash
@@ -1,2 +1,2 @@
 # Computed locally
-sha256	da89086a7c643702a2ddecec67a45d3d8e4b0d610dd19036be63e6bd54cc1a85	docker-containerd-9048e5e50717ea4497b757314bad98ea3763c145.tar.gz
+sha256	a31a12846a7a2f697f8fdd82cedd1626fc5f6345e59ae880664196c73e4c2226	docker-containerd-v1.0.2.tar.gz
diff --git a/package/docker-containerd/docker-containerd.mk b/package/docker-containerd/docker-containerd.mk
index ffbadb0c3f..230307d6b4 100644
--- a/package/docker-containerd/docker-containerd.mk
+++ b/package/docker-containerd/docker-containerd.mk
@@ -4,37 +4,57 @@
 #
 ################################################################################
 
-DOCKER_CONTAINERD_VERSION = 9048e5e50717ea4497b757314bad98ea3763c145
-DOCKER_CONTAINERD_SITE = $(call github,docker,containerd,$(DOCKER_CONTAINERD_VERSION))
+DOCKER_CONTAINERD_VERSION = v1.0.2
+DOCKER_CONTAINERD_COMMIT = cfd04396dc68220d1cecbe686a6cc3aa5ce3667c
+DOCKER_CONTAINERD_SITE = $(call github,containerd,containerd,$(DOCKER_CONTAINERD_VERSION))
 DOCKER_CONTAINERD_LICENSE = Apache-2.0
 DOCKER_CONTAINERD_LICENSE_FILES = LICENSE.code
 
 DOCKER_CONTAINERD_DEPENDENCIES = host-go
 
-DOCKER_CONTAINERD_GOPATH = "$(@D)/vendor"
+DOCKER_CONTAINERD_GOPATH = "$(@D)/gopath"
 DOCKER_CONTAINERD_MAKE_ENV = $(HOST_GO_TARGET_ENV) \
 	CGO_ENABLED=1 \
 	GOBIN="$(@D)/bin" \
 	GOPATH="$(DOCKER_CONTAINERD_GOPATH)"
 
 DOCKER_CONTAINERD_GLDFLAGS = \
-	-X github.com/docker/containerd.GitCommit=$(DOCKER_CONTAINERD_VERSION)
+	-X github.com/containerd/containerd.GitCommit=$(DOCKER_CONTAINERD_COMMIT)
+
+ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
+DOCKER_CONTAINERD_BUILD_TAGS += seccomp
+DOCKER_CONTAINERD_DEPENDENCIES += libseccomp
+endif
+
+ifeq ($(BR2_PACKAGE_DOCKER_CONTAINERD_DRIVER_BTRFS),y)
+DOCKER_CONTAINERD_DEPENDENCIES += btrfs-progs
+else
+DOCKER_CONTAINERD_BUILD_TAGS += no_btrfs
+endif
 
 ifeq ($(BR2_STATIC_LIBS),y)
-DOCKER_CONTAINERD_GLDFLAGS += -extldflags '-static'
+DOCKER_CONTAINERD_GLDFLAGS += -extldflags '-static -fno-PIC'
+DOCKER_CONTAINERD_BUILD_TAGS += static_build
+DOCKER_CONTAINERD_BUILD_FLAGS += -buildmode pie
 endif
 
 define DOCKER_CONTAINERD_CONFIGURE_CMDS
-	mkdir -p $(DOCKER_CONTAINERD_GOPATH)/src/github.com/docker
-	ln -s $(@D) $(DOCKER_CONTAINERD_GOPATH)/src/github.com/docker/containerd
+	mkdir -p $(DOCKER_CONTAINERD_GOPATH)/src/github.com/containerd
+	ln -s $(@D) $(DOCKER_CONTAINERD_GOPATH)/src/github.com/containerd/containerd
 	mkdir -p $(DOCKER_CONTAINERD_GOPATH)/src/github.com/opencontainers
 	ln -s $(RUNC_SRCDIR) $(DOCKER_CONTAINERD_GOPATH)/src/github.com/opencontainers/runc
 endef
 
 define DOCKER_CONTAINERD_BUILD_CMDS
 	$(foreach d,ctr containerd containerd-shim,\
-		cd $(@D); $(DOCKER_CONTAINERD_MAKE_ENV) $(HOST_DIR)/bin/go build \
-			-v -o $(@D)/bin/$(d) -ldflags "$(DOCKER_CONTAINERD_GLDFLAGS)" ./$(d)$(sep))
+		cd $(DOCKER_CONTAINERD_GOPATH)/src/github.com/containerd/containerd; \
+			$(DOCKER_CONTAINERD_MAKE_ENV) $(HOST_DIR)/bin/go build \
+			-v -i -o $(@D)/bin/$(d) \
+			-tags "$(DOCKER_CONTAINERD_BUILD_TAGS)" \
+			-ldflags "$(DOCKER_CONTAINERD_GLDFLAGS)" \
+			$(DOCKER_CONTAINERD_BUILD_FLAGS) \
+			./cmd/$(d)$(sep)
+	)
 endef
 
 define DOCKER_CONTAINERD_INSTALL_TARGET_CMDS
-- 
2.13.6

[Buildroot] [PATCH v3 8/8] docker-engine: bump to v18.03.0-ce-rc1

[Christian Stewart]

This commit bumps docker-engine to v18.03.0-ce-rc1

The docker-engine repository has now been moved to:

  https://github.com/docker/docker-ce

The CLI and the daemon have been split into separate repositories:

  - https://github.com/docker/cli
  - https://github.com/moby/moby

The daemon codebase lives in the "moby" repo, but the import paths in Go are:

  github.com/docker/docker

As before. Presumably, the maintainers will eventually split the engine out
to a different repository as well.

Please note that the entire docker/cli and moby/moby repositories are copied
into the docker-ce repository, as well as all of their dependencies in the
vendor directories. This means that downloading the docker-ce source tarball
contains:

 - The cli sources
 - The daemon sources
 - Two copies of all of the dependencies of both

At the moment this is unavoidable, but does produce a working build.

Signed-off-by: Christian Stewart <christian@paral.in>

---

Changes since initial series:

 - Upgrade to 2018.03-ce-rc1 due to critical bugs in 2018.02.

Recommended merge to next branch.
---
 package/docker-engine/docker-engine.hash |  2 +-
 package/docker-engine/docker-engine.mk   | 48 +++++++++++++++++++-------------
 2 files changed, 29 insertions(+), 21 deletions(-)

diff --git a/package/docker-engine/docker-engine.hash b/package/docker-engine/docker-engine.hash
index 6c0ed338a5..add0b89d39 100644
--- a/package/docker-engine/docker-engine.hash
+++ b/package/docker-engine/docker-engine.hash
@@ -1,2 +1,2 @@
 # Locally calculated
-sha256	4716df117d867b82ddab2e82395cd40aa3d0925a689eedcec8919729e4c9f121	docker-engine-v17.05.0-ce.tar.gz
+sha256	45cda237a2eea4f0415bfb1f755ba64724833ac026328b765ee82aedfcfa36f3	docker-engine-v18.03.0-ce-rc1.tar.gz
diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk
index a2776ed78c..f9cb4b8879 100644
--- a/package/docker-engine/docker-engine.mk
+++ b/package/docker-engine/docker-engine.mk
@@ -4,9 +4,8 @@
 #
 ################################################################################
 
-DOCKER_ENGINE_VERSION = v17.05.0-ce
-DOCKER_ENGINE_COMMIT = 89658bed64c2a8fe05a978e5b87dbec409d57a0f
-DOCKER_ENGINE_SITE = $(call github,docker,docker,$(DOCKER_ENGINE_VERSION))
+DOCKER_ENGINE_VERSION = v18.03.0-ce-rc1
+DOCKER_ENGINE_SITE = $(call github,docker,docker-ce,$(DOCKER_ENGINE_VERSION))
 
 DOCKER_ENGINE_LICENSE = Apache-2.0
 DOCKER_ENGINE_LICENSE_FILES = LICENSE
@@ -19,37 +18,43 @@ DOCKER_ENGINE_MAKE_ENV = $(HOST_GO_TARGET_ENV) \
 	CGO_NO_EMULATION=1 \
 	GOBIN="$(@D)/bin" \
 	GOPATH="$(DOCKER_ENGINE_GOPATH)" \
-	PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" \
+	PKG_CONFIG="$(PKG_CONFIG)" \
 	$(TARGET_MAKE_ENV)
 
 DOCKER_ENGINE_GLDFLAGS = \
 	-X main.GitCommit=$(DOCKER_ENGINE_VERSION) \
-	-X main.Version=$(DOCKER_ENGINE_VERSION)
+	-X main.Version=$(DOCKER_ENGINE_VERSION) \
+	-X github.com/docker/cli/cli.GitCommit=$(DOCKER_ENGINE_VERSION) \
+	-X github.com/docker/cli/cli.Version=$(DOCKER_ENGINE_VERSION)
+
+DOCKER_ENGINE_BUILD_TAGS = cgo exclude_graphdriver_zfs autogen
+DOCKER_ENGINE_BUILD_TARGETS = cli:docker
+DOCKER_ENGINE_BUILD_TARGET_PARSE = \
+		export targetpkg=$$(echo $(target) | cut -d: -f1); \
+		export targetbin=$$(echo $(target) | cut -d: -f2)
 
 ifeq ($(BR2_STATIC_LIBS),y)
 DOCKER_ENGINE_GLDFLAGS += -extldflags '-static'
+DOCKER_ENGINE_BUILD_TAGS += static_build
 else
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT),y)
 DOCKER_ENGINE_GLDFLAGS_DOCKER += -extldflags '-static'
 endif
 endif
 
-DOCKER_ENGINE_BUILD_TAGS = cgo exclude_graphdriver_zfs autogen
-DOCKER_ENGINE_BUILD_TARGETS = docker
-
 ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
 DOCKER_ENGINE_BUILD_TAGS += seccomp
 DOCKER_ENGINE_DEPENDENCIES += libseccomp
 endif
 
 ifeq ($(BR2_INIT_SYSTEMD),y)
-DOCKER_ENGINE_BUILD_TAGS += journald
 DOCKER_ENGINE_DEPENDENCIES += systemd
+DOCKER_ENGINE_BUILD_TAGS += systemd journald
 endif
 
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y)
 DOCKER_ENGINE_BUILD_TAGS += daemon
-DOCKER_ENGINE_BUILD_TARGETS += dockerd
+DOCKER_ENGINE_BUILD_TARGETS += docker:dockerd
 
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_INIT_DUMB_INIT),y)
 DOCKER_ENGINE_INIT = dumb-init
@@ -83,10 +88,11 @@ endif
 
 define DOCKER_ENGINE_CONFIGURE_CMDS
 	mkdir -p $(DOCKER_ENGINE_GOPATH)/src/github.com/docker
-	ln -fs $(@D) $(DOCKER_ENGINE_GOPATH)/src/github.com/docker/docker
-	cd $(@D) && \
-		GITCOMMIT="$$(echo $(DOCKER_ENGINE_COMMIT) | head -c7)" \
+	ln -fs $(@D)/components/engine $(DOCKER_ENGINE_GOPATH)/src/github.com/docker/docker
+	ln -fs $(@D)/components/cli $(DOCKER_ENGINE_GOPATH)/src/github.com/docker/cli
+	cd $(@D)/components/engine && \
 		BUILDTIME="$$(date)" \
+		IAMSTATIC="true" \
 		VERSION="$(patsubst v%,%,$(DOCKER_ENGINE_VERSION))" \
 		PKG_CONFIG="$(PKG_CONFIG_HOST_BINARY)" $(TARGET_MAKE_ENV) \
 		bash ./hack/make/.go-autogen
@@ -95,9 +101,9 @@ endef
 ifeq ($(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y)
 
 define DOCKER_ENGINE_INSTALL_INIT_SYSTEMD
-	$(INSTALL) -D -m 0644 $(@D)/contrib/init/systemd/docker.service \
+	$(INSTALL) -D -m 0644 $(@D)/components/engine/contrib/init/systemd/docker.service \
 		$(TARGET_DIR)/usr/lib/systemd/system/docker.service
-	$(INSTALL) -D -m 0644 $(@D)/contrib/init/systemd/docker.socket \
+	$(INSTALL) -D -m 0644 $(@D)/components/engine/contrib/init/systemd/docker.socket \
 		$(TARGET_DIR)/usr/lib/systemd/system/docker.socket
 	mkdir -p $(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/
 	ln -fs ../../../../usr/lib/systemd/system/docker.service \
@@ -112,19 +118,21 @@ endif
 
 define DOCKER_ENGINE_BUILD_CMDS
 	$(foreach target,$(DOCKER_ENGINE_BUILD_TARGETS), \
-		cd $(@D)/gopath/src/github.com/docker/docker; \
+		$(DOCKER_ENGINE_BUILD_TARGET_PARSE); \
+		cd $(@D)/gopath/src/github.com/docker/$${targetpkg}; \
 		$(DOCKER_ENGINE_MAKE_ENV) \
 		$(HOST_DIR)/bin/go build -v \
-			-o $(@D)/bin/$(target) \
+			-o $(@D)/bin/$${targetbin} \
 			-tags "$(DOCKER_ENGINE_BUILD_TAGS)" \
-			-ldflags "$(DOCKER_ENGINE_GLDFLAGS) $(DOCKER_ENGINE_GLDFLAGS_$(call UPPERCASE,$(target)))" \
-			github.com/docker/docker/cmd/$(target)
+			-ldflags "$(DOCKER_ENGINE_GLDFLAGS)" \
+			./cmd/$${targetbin}
 	)
 endef
 
 define DOCKER_ENGINE_INSTALL_TARGET_CMDS
 	$(foreach target,$(DOCKER_ENGINE_BUILD_TARGETS), \
-		$(INSTALL) -D -m 0755 $(@D)/bin/$(target) $(TARGET_DIR)/usr/bin/$(target)
+		$(DOCKER_ENGINE_BUILD_TARGET_PARSE); \
+		$(INSTALL) -D -m 0755 $(@D)/bin/$${targetbin} $(TARGET_DIR)/usr/bin/$${targetbin}
 	)
 
 	$(if $(filter $(BR2_PACKAGE_DOCKER_ENGINE_DAEMON),y), \
-- 
2.13.6

[Buildroot] [PATCH v3 4/8] docker-proxy: new package

[Peter Korsgaard]

>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:

 > Add docker-proxy package to Buildroot. Needed by docker-engine at
 > runtime, and previously not included. This leads to the following error
 > when attempting to port-map ports to a container:

 >   $ docker run -p 8080:8080 nginx
 >   docker: Error response from daemon: driver failed programming external
 >   connectivity on endpoint:
 >   exec: "docker-proxy": executable file not found in $PATH.

 > Docker expects the docker-proxy binary to exist in the PATH.

 > Signed-off-by: Christian Stewart <christian@paral.in>
 > ---
 >  package/Config.in                      |  1 +
 >  package/docker-proxy/Config.in         | 18 +++++++++++++
 >  package/docker-proxy/docker-proxy.hash |  2 ++
 >  package/docker-proxy/docker-proxy.mk   | 46 ++++++++++++++++++++++++++++++++++

You forgot to add a DEVELOPERS entry, so I took the liberty to add one
for you.

Committed, thanks.

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH v3 5/8] docker-engine: add dependency on docker-proxy

[Peter Korsgaard]

>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:

 > docker-proxy is needed by docker-engine at runtime, and was
 > previously not included. This leads to the following error
 > when attempting to port-map ports to a container:

 >   $ docker run -p 8080:8080 nginx
 >   docker: Error response from daemon: driver failed programming external
 >   connectivity on endpoint:
 >   exec: "docker-proxy": executable file not found in $PATH.

 > Docker expects the docker-proxy binary to exist in the PATH.

 > Signed-off-by: Christian Stewart <christian@paral.in>

Committed, thanks.

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Romain Naour]

Hi Christian,

Le 04/03/2018 ? 01:43, Christian Stewart a ?crit?:
> dumb-init is a minimal init process to act as PID 1 for containers.
> 
> Static compilation is used, as dumb-init will typically be executed inside a
> container.
> 
> dumb-init can satisfy docker-engine's docker-init requirement.
> 
> Signed-off-by: Christian Stewart <christian@paral.in>
> 
> ---
> 
> Changes since v1:
> 
>  - Upgraded to v1.2.1
>  - Added license hash
> ---
>  package/Config.in                |  1 +
>  package/dumb-init/Config.in      |  7 +++++++
>  package/dumb-init/dumb-init.hash |  3 +++
>  package/dumb-init/dumb-init.mk   | 24 ++++++++++++++++++++++++
>  4 files changed, 35 insertions(+)
>  create mode 100644 package/dumb-init/Config.in
>  create mode 100644 package/dumb-init/dumb-init.hash
>  create mode 100644 package/dumb-init/dumb-init.mk
> 
> diff --git a/package/Config.in b/package/Config.in
> index 5bdaa24340..dd42db79ec 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -1906,6 +1906,7 @@ comment "Utilities"
>  	source "package/crudini/Config.in"
>  	source "package/dialog/Config.in"
>  	source "package/dtach/Config.in"
> +	source "package/dumb-init/Config.in"
>  	source "package/easy-rsa/Config.in"
>  	source "package/file/Config.in"
>  	source "package/gnupg/Config.in"
> diff --git a/package/dumb-init/Config.in b/package/dumb-init/Config.in
> new file mode 100644
> index 0000000000..e817493605
> --- /dev/null
> +++ b/package/dumb-init/Config.in
> @@ -0,0 +1,7 @@
> +config BR2_PACKAGE_DUMB_INIT

The code use fork(), so a depends on BR2_USE_MMU must be added here.

> +	bool "dumb-init"
> +	help
> +	  dumb-init is a simple but valid init binary to
> +	  act as PID 1 for containers.
> +
> +	  https://github.com/Yelp/dumb-init
> diff --git a/package/dumb-init/dumb-init.hash b/package/dumb-init/dumb-init.hash
> new file mode 100644
> index 0000000000..9e74ff5580
> --- /dev/null
> +++ b/package/dumb-init/dumb-init.hash
> @@ -0,0 +1,3 @@
> +# Locally computed
> +sha256	56858088d9d6c911c227d196fcbfca06aff31fbe83e1519f9cabe5cf6f11b242	dumb-init-v1.2.1.tar.gz
> +sha256	4d74123f166ad8f147e9939bfb451578db84823f22b48fd64b1086d3654a0149  LICENSE
> diff --git a/package/dumb-init/dumb-init.mk b/package/dumb-init/dumb-init.mk
> new file mode 100644
> index 0000000000..4ebbff1930
> --- /dev/null
> +++ b/package/dumb-init/dumb-init.mk
> @@ -0,0 +1,24 @@
> +################################################################################
> +#
> +# dumb-init
> +#
> +################################################################################
> +
> +DUMB_INIT_VERSION = v1.2.1
> +DUMB_INIT_SITE = $(call github,Yelp,dumb-init,$(DUMB_INIT_VERSION))
> +
> +DUMB_INIT_LICENSE = MIT
> +DUMB_INIT_LICENSE_FILES = LICENSE
> +DUMB_INIT_CFLAGS += -static

Why you need to add -static ?
Also $(TARGET_CFLAGS) may be used here.

Best regards,
Romain

> +
> +define DUMB_INIT_BUILD_CMDS
> +	$(TARGET_CC) \
> +		$(DUMB_INIT_CFLAGS) \
> +		-o $(@D)/dumb-init $(@D)/dumb-init.c
> +endef
> +
> +define DUMB_INIT_INSTALL_TARGET_CMDS
> +	$(INSTALL) -D -m 0755 $(@D)/dumb-init $(TARGET_DIR)/usr/bin/dumb-init
> +endef
> +
> +$(eval $(generic-package))
> 

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Christian Stewart]

Hi Romain,

On Sat, Mar 31, 2018, 11:42 AM Romain Naour <romain.naour@smile.fr> wrote:

> Le 04/03/2018 ? 01:43, Christian Stewart a ?crit :
> > Static compilation is used, as dumb-init will typically be executed
> inside a
> > container.
>

See above.

> +config BR2_PACKAGE_DUMB_INIT
>
> The code use fork(), so a depends on BR2_USE_MMU must be added here.
>

Noted.

Also $(TARGET_CFLAGS) may be used here.
>

Also noted :)

Best,
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20180331/4d717afa/attachment.html>

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Thomas Petazzoni]

Hello,

On Sat,  3 Mar 2018 19:43:40 -0500, Christian Stewart wrote:
> dumb-init is a minimal init process to act as PID 1 for containers.
> 
> Static compilation is used, as dumb-init will typically be executed inside a
> container.

For the poor souls that are not Docker gurus, it is not immediately
clear why static linking is needed. dumb-init runs inside the
container, but the container is going to contain (!) other programs.
Will all those programs be statically linked ? Probably not.

So maybe what's happening is that dumb-init is *executed* inside the
container but is actually provided by the host environment outside the
container, and you want to be able to use the same dumb-init binary
regardless of what the container contains. Is that the use case ?

If so, extending the commit log would be nice.

The next issue is that your package assumes that static linking is
possible. But Buildroot defaults to BR2_SHARED_LIBS, which means that
the toolchain may not necessarily provide libc.a and allow static
linking.

So probably dumb-init should "depends on !BR2_SHARED_LIBS", which means
it wouldn't be visible by default. A Config.in comment would be needed,
like:

comment "dumb-init needs a toolchain w/ static library"
	depends on BR2_SHARED_LIBS

Alternatively, you could decide to build dumb-init statically only
if !BR2_SHARED_LIBS, but that means that in the default Buildroot
configurations, dumb-init would be linked dynamically.

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Christian Stewart]

Hi Thomas,

Revisiting this now.

Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:
> On Sat,  3 Mar 2018 19:43:40 -0500, Christian Stewart wrote:
>> dumb-init is a minimal init process to act as PID 1 for containers.
>> 
>> Static compilation is used, as dumb-init will typically be executed inside a
>> container.

> So maybe what's happening is that dumb-init is *executed* inside the
> container but is actually provided by the host environment outside the
> container, and you want to be able to use the same dumb-init binary
> regardless of what the container contains. Is that the use case ?

The dumb-init process is executed inside the container and has no access
to the host environment. If it is compiled dynamically, the container
environment must match the target environment in terms of dynamically
linked parts.

> The next issue is that your package assumes that static linking is
> possible. But Buildroot defaults to BR2_SHARED_LIBS, which means that
> the toolchain may not necessarily provide libc.a and allow static
> linking.

I'm able to compile with BR2_SHARED_LIBS and still produce a static
output with -static. Why is this possible? I remember seeing an email
about this at some point, where it was stated that glibc.a or so was not
produced with BR2_SHARED_LIBS. Why can I then compile this package in
this way?

> Alternatively, you could decide to build dumb-init statically only
> if !BR2_SHARED_LIBS, but that means that in the default Buildroot
> configurations, dumb-init would be linked dynamically.

This wouldn't work unfortunately in 95% of the intended cases where
dumb-init would be used.

Best,
Christian Stewart

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Thomas Petazzoni]

Hello,

On Fri, 06 Apr 2018 17:50:30 -0400, Christian Stewart wrote:

> > So maybe what's happening is that dumb-init is *executed* inside the
> > container but is actually provided by the host environment outside the
> > container, and you want to be able to use the same dumb-init binary
> > regardless of what the container contains. Is that the use case ?  
> 
> The dumb-init process is executed inside the container and has no access
> to the host environment. If it is compiled dynamically, the container
> environment must match the target environment in terms of dynamically
> linked parts.

What is important here is that even though dumb-init is executed
*inside* the container, it is provided by the system *outside* the
container.

> > The next issue is that your package assumes that static linking is
> > possible. But Buildroot defaults to BR2_SHARED_LIBS, which means that
> > the toolchain may not necessarily provide libc.a and allow static
> > linking.  
> 
> I'm able to compile with BR2_SHARED_LIBS and still produce a static
> output with -static. Why is this possible? I remember seeing an email
> about this at some point, where it was stated that glibc.a or so was not
> produced with BR2_SHARED_LIBS. Why can I then compile this package in
> this way?

Could you try a completely dynamic build with uClibc and musl ?

Something like this:

BR2_arm=y
BR2_cortex_a8=y
BR2_SHARED_LIBS=y

> > Alternatively, you could decide to build dumb-init statically only
> > if !BR2_SHARED_LIBS, but that means that in the default Buildroot
> > configurations, dumb-init would be linked dynamically.  
> 
> This wouldn't work unfortunately in 95% of the intended cases where
> dumb-init would be used.

Let's see what the above test does. If it's able to build a static
binary even though BR2_SHARED_LIBS=y, then OK, we're good. Otherwise,
we'll have to find a different solution.

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH v3 2/8] dumb-init: new package

[Christian Stewart]

Hi Thomas,

Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:
> Could you try a completely dynamic build with uClibc and musl ?
>
> Something like this:
>
> BR2_arm=y
> BR2_cortex_a8=y
> BR2_SHARED_LIBS=y

I completed the test with this defconfig:

BR2_arm=y
BR2_cortex_a8=y
BR2_SHARED_LIBS=y
BR2_PACKAGE_DUMB_INIT=y

The build passed. 

> Let's see what the above test does. If it's able to build a static
> binary even though BR2_SHARED_LIBS=y, then OK, we're good. Otherwise,
> we'll have to find a different solution.

Looks OK to me.

Best,
Christian