* [PATCH 2/2] arm-autonomy: Add minimal docker runtime in xenguest images
2020-10-12 10:44 [PATCH 1/2] arm-autonomy: Update Maintainers list Diego Sueiro
@ 2020-10-12 10:44 ` Diego Sueiro
2020-10-14 10:54 ` [meta-arm] [PATCH 1/2] arm-autonomy: Update Maintainers list Jon Mason
1 sibling, 0 replies; 3+ messages in thread
From: Diego Sueiro @ 2020-10-12 10:44 UTC (permalink / raw)
To: meta-arm; +Cc: nd, Diego Sueiro
This patch introduces the 'docker' DISTRO_FEATURE do control whether or not to
have a minimal docker runtime installed in xenguest images.
A new packagegroup and kernel feature were introduced to ensure the minimal
kernel config is applied as well as the packages to be installed in the image.
Change-Id: Id973ca2421c43d5b0978c6f7311e1d0b4db5edca
Issue-Id: SCM-1533
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
---
.../conf/distro/include/arm-autonomy-guest.inc | 4 ++++
.../packagegroup-docker-runtime-minimal.bb | 19 ++++++++++++++++
.../features/arm-autonomy/docker-minimal.cfg | 26 ++++++++++++++++++++++
.../features/arm-autonomy/docker-minimal.scc | 5 +++++
.../recipes-kernel/linux/linux-arm-autonomy.inc | 3 +++
5 files changed, 57 insertions(+)
create mode 100644 meta-arm-autonomy/recipes-containers/packagegroups/packagegroup-docker-runtime-minimal.bb
create mode 100644 meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.cfg
create mode 100644 meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.scc
diff --git a/meta-arm-autonomy/conf/distro/include/arm-autonomy-guest.inc b/meta-arm-autonomy/conf/distro/include/arm-autonomy-guest.inc
index 16b9f7e..8ef0a94 100644
--- a/meta-arm-autonomy/conf/distro/include/arm-autonomy-guest.inc
+++ b/meta-arm-autonomy/conf/distro/include/arm-autonomy-guest.inc
@@ -9,3 +9,7 @@ IMAGE_FSTYPES += "xenguest"
# xenguest kernel extension to handle initramfs
KERNEL_CLASSES += "kernel-xenguest"
+
+IMAGE_INSTALL_append = "${@bb.utils.contains('DISTRO_FEATURES', 'docker', \
+ ' packagegroup-docker-runtime-minimal', \
+ '', d)}"
diff --git a/meta-arm-autonomy/recipes-containers/packagegroups/packagegroup-docker-runtime-minimal.bb b/meta-arm-autonomy/recipes-containers/packagegroups/packagegroup-docker-runtime-minimal.bb
new file mode 100644
index 0000000..2cbff9c
--- /dev/null
+++ b/meta-arm-autonomy/recipes-containers/packagegroups/packagegroup-docker-runtime-minimal.bb
@@ -0,0 +1,19 @@
+# SPDX-License-Identifier: MIT
+#
+# Copyright (c) 2020 Arm Limited
+#
+
+SUMMARY = "Docker runtime minimal requirements"
+DESCRIPTION = "The minimal set of packages required for running Docker"
+
+inherit packagegroup
+
+RDEPENDS_${PN} = "\
+ docker-ce \
+ docker-ce-contrib \
+ kernel-module-xt-nat \
+ kernel-module-xt-masquerade \
+ kernel-module-xt-addrtype \
+ kernel-module-xt-conntrack \
+ kernel-module-xt-ipvs \
+ "
diff --git a/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.cfg b/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.cfg
new file mode 100644
index 0000000..7225c59
--- /dev/null
+++ b/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.cfg
@@ -0,0 +1,26 @@
+CONFIG_NAMESPACES=y
+CONFIG_NET_NS=y
+CONFIG_PID_NS=y
+CONFIG_IPC_NS=y
+CONFIG_UTS_NS=y
+CONFIG_CGROUPS=y
+CONFIG_CGROUP_CPUACCT=y
+CONFIG_CGROUP_DEVICE=y
+CONFIG_CGROUP_FREEZER=y
+CONFIG_CGROUP_SCHED=y
+CONFIG_CPUSETS=y
+CONFIG_MEMCG=y
+CONFIG_KEYS=y
+CONFIG_POSIX_MQUEUE=y
+CONFIG_VETH=y
+CONFIG_IPV6=y
+CONFIG_BRIDGE=y
+CONFIG_BRIDGE_NETFILTER=y
+CONFIG_IP_NF_FILTER=m
+CONFIG_IP_NF_NAT=m
+CONFIG_NF_NAT=m
+CONFIG_IP_NF_TARGET_MASQUERADE=m
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
+CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
+CONFIG_IP_VS=y
+CONFIG_NETFILTER_XT_MATCH_IPVS=m
diff --git a/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.scc b/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.scc
new file mode 100644
index 0000000..780f661
--- /dev/null
+++ b/meta-arm-autonomy/recipes-kernel/linux/arm-autonomy-kmeta/features/arm-autonomy/docker-minimal.scc
@@ -0,0 +1,5 @@
+define KFEATURE_DESCRIPTION "Minimal Kernel configs for Docker runtime"
+
+include features/netfilter/netfilter.scc
+
+kconf non-hardware docker-minimal.cfg
diff --git a/meta-arm-autonomy/recipes-kernel/linux/linux-arm-autonomy.inc b/meta-arm-autonomy/recipes-kernel/linux/linux-arm-autonomy.inc
index 5f55d9b..d59ca8f 100644
--- a/meta-arm-autonomy/recipes-kernel/linux/linux-arm-autonomy.inc
+++ b/meta-arm-autonomy/recipes-kernel/linux/linux-arm-autonomy.inc
@@ -24,3 +24,6 @@ KERNEL_FEATURES += "${@bb.utils.contains('DISTRO_FEATURES', \
COMPATIBLE_MACHINE_arm64-autonomy-guest = "arm64-autonomy-guest"
KMACHINE_arm64-autonomy-guest = "arm64-autonomy-guest"
+# Add Minimal Kernel Configs for Docker runtime
+KERNEL_FEATURES += "${@bb.utils.contains('DISTRO_FEATURES', \
+ 'docker', 'features/arm-autonomy/docker-minimal.scc', '', d)}"
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [meta-arm] [PATCH 1/2] arm-autonomy: Update Maintainers list
2020-10-12 10:44 [PATCH 1/2] arm-autonomy: Update Maintainers list Diego Sueiro
2020-10-12 10:44 ` [PATCH 2/2] arm-autonomy: Add minimal docker runtime in xenguest images Diego Sueiro
@ 2020-10-14 10:54 ` Jon Mason
1 sibling, 0 replies; 3+ messages in thread
From: Jon Mason @ 2020-10-14 10:54 UTC (permalink / raw)
To: Diego Sueiro; +Cc: meta-arm, nd
On Mon, Oct 12, 2020 at 11:44:07AM +0100, Diego Sueiro wrote:
> Change-Id: If01fcd1aaf971d0e58894661df7fe9f6ab7e5f4a
> Issue-Id: SCM-1520
> Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Both patches pulled into master.
Thanks,
Jon
> ---
> meta-arm-autonomy/README.md | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta-arm-autonomy/README.md b/meta-arm-autonomy/README.md
> index 785f278..f882b7c 100644
> --- a/meta-arm-autonomy/README.md
> +++ b/meta-arm-autonomy/README.md
> @@ -88,5 +88,5 @@ would like to contribute, please contact the maintainers
>
> Maintainer(s)
> -------------
> +* Diego Sueiro <diego.sueiro@arm.com>
> * Bertrand Marquis <bertrand.marquis@arm.com>
> -* Filipe Rinaldi <filipe.rinaldi@arm.com>
> --
> 2.7.4
>
>
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread