[meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

Avery, Brian brian.avery at intel.com
Mon Jul 10 08:53:56 PDT 2017 

/usr/share/docker/check-config.sh
works and is in docker-contrib :).
My miss,
-b

From: Bruce Ashfield <bruce.ashfield at gmail.com>
Date: Monday, July 10, 2017 at 8:44 AM
To: "Avery, Brian" <brian.avery at intel.com>
Cc: "meta-virtualization at yoctoproject.org" <meta-virtualization at yoctoproject.org>
Subject: Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m



On Mon, Jul 10, 2017 at 11:40 AM, Avery, Brian <brian.avery at intel.com<mailto:brian.avery at intel.com>> wrote:
One other thought/question: should we include the docker check-config tool? would make it easier for people to track these things down if it changes in the future.


It is currently in the docker-contrib package, since we didn't want it to be always on target. Have you tried including that and it is otherwise broken ?

Bruce

-b

From: <meta-virtualization-bounces at yoctoproject.org<mailto:meta-virtualization-bounces at yoctoproject.org>> on behalf of "Avery, Brian" <brian.avery at intel.com<mailto:brian.avery at intel.com>>
Date: Monday, July 10, 2017 at 8:37 AM
To: Bruce Ashfield <bruce.ashfield at gmail.com<mailto:bruce.ashfield at gmail.com>>

Cc: "meta-virtualization at yoctoproject.org<mailto:meta-virtualization at yoctoproject.org>" <meta-virtualization at yoctoproject.org<mailto:meta-virtualization at yoctoproject.org>>
Subject: Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

Works for me.
ty :)
-b

p.s. working on this did hit bug https://bugzilla.yoctoproject.org/show_bug.cgi?id=8191 when I tried to use linux-intel instead of linux-yocto.


From: Bruce Ashfield <bruce.ashfield at gmail.com<mailto:bruce.ashfield at gmail.com>>
Date: Monday, July 10, 2017 at 8:24 AM
To: "Avery, Brian" <brian.avery at intel.com<mailto:brian.avery at intel.com>>
Cc: "meta-virtualization at yoctoproject.org<mailto:meta-virtualization at yoctoproject.org>" <meta-virtualization at yoctoproject.org<mailto:meta-virtualization at yoctoproject.org>>
Subject: Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m



On Fri, Jul 7, 2017 at 7:38 PM, brian avery <brian.avery at intel.com<mailto:brian.avery at intel.com>> wrote:
Docker needs ths _NETFILTER_XT_MATCH_ADDRTYPE module in order to start
up successfully. This patch adds it to the supported kernels.

Signed-off-by: brian avery <brian.avery at intel.com<mailto:brian.avery at intel.com>>
---
 recipes-kernel/linux/linux-yocto/docker.cfg    | 1 +
 recipes-kernel/linux/linux-yocto/docker.scc    | 4 ++++
 recipes-kernel/linux/linux-yocto_4.1.bbappend  | 1 +
 recipes-kernel/linux/linux-yocto_4.10.bbappend | 1 +
 recipes-kernel/linux/linux-yocto_4.4.bbappend  | 1 +
 recipes-kernel/linux/linux-yocto_4.9.bbappend  | 1 +
 6 files changed, 9 insertions(+)
 create mode 100644 recipes-kernel/linux/linux-yocto/docker.cfg
 create mode 100644 recipes-kernel/linux/linux-yocto/docker.scc

diff --git a/recipes-kernel/linux/linux-yocto/docker.cfg b/recipes-kernel/linux/linux-yocto/docker.cfg
new file mode 100644
index 0000000..d0ebb66
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/docker.cfg
@@ -0,0 +1 @@
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m


I could have sworn that I already ported and merged my docker fragment to meta-virt,
but it looks like I only staged it and never actually did the patch.

To make the fragment as standalone as possible, I'm running with this:

------------
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_NF_NAT=m
CONFIG_NF_CONNTRACK_IPV4=y
CONFIG_DM_THIN_PROVISIONING=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_OVERLAY_FS=y
-------------

I propose to update your fragment with those options and merge the changes that
way.

Any objections ?

Bruce

diff --git a/recipes-kernel/linux/linux-yocto/docker.scc b/recipes-kernel/linux/linux-yocto/docker.scc
new file mode 100644
index 0000000..e317456
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/docker.scc
@@ -0,0 +1,4 @@
+define KFEATURE_DESCRIPTION "Enable Features needed by docker in addition to LXC features"
+define KFEATURE_COMPATIBILITY board
+
+kconf non-hardware docker.cfg
diff --git a/recipes-kernel/linux/linux-yocto_4.1.bbappend b/recipes-kernel/linux/linux-yocto_4.1.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-yocto_4.1.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.1.bbappend
@@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
             file://ebtables.scc \
            file://vswitch.scc \
            file://lxc.scc \
+            file://docker.scc \
            "
 KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"

diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend b/recipes-kernel/linux/linux-yocto_4.10.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-yocto_4.10.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.10.bbappend
@@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
             file://ebtables.scc \
            file://vswitch.scc \
            file://lxc.scc \
+            file://docker.scc \
            "
 KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"

diff --git a/recipes-kernel/linux/linux-yocto_4.4.bbappend b/recipes-kernel/linux/linux-yocto_4.4.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-yocto_4.4.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.4.bbappend
@@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
             file://ebtables.scc \
            file://vswitch.scc \
            file://lxc.scc \
+            file://docker.scc \
            "
 KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"

diff --git a/recipes-kernel/linux/linux-yocto_4.9.bbappend b/recipes-kernel/linux/linux-yocto_4.9.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-yocto_4.9.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.9.bbappend
@@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
             file://ebtables.scc \
            file://vswitch.scc \
            file://lxc.scc \
+            file://docker.scc \
            "
 KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"

--
1.9.1

--
_______________________________________________
meta-virtualization mailing list
meta-virtualization at yoctoproject.org<mailto:meta-virtualization at yoctoproject.org>
https://lists.yoctoproject.org/listinfo/meta-virtualization



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"



--
"Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20170710/00d78ca1/attachment-0001.html>

More information about the meta-virtualization mailing list