[meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

Bruce Ashfield bruce.ashfield at gmail.com
Mon Jul 10 09:04:03 PDT 2017 

On Mon, Jul 10, 2017 at 11:53 AM, Avery, Brian <brian.avery at intel.com>
wrote:

> /usr/share/docker/check-config.sh
>
> works and is in docker-contrib :).
>


Cool. And no worries .. I never doubt that a bug has crept in and I didn't
notice it.

Also, there are some pending updates to docker/moby bits and the plumbing,
but they are causing
issues at the system level, so its going to be  bit longer for updates. But
the packaging will stay
the same.

Cheers,

Bruce


My miss,
>
> -b
>
>
>
> *From: *Bruce Ashfield <bruce.ashfield at gmail.com>
> *Date: *Monday, July 10, 2017 at 8:44 AM
>
> *To: *"Avery, Brian" <brian.avery at intel.com>
> *Cc: *"meta-virtualization at yoctoproject.org" <meta-virtualization@
> yoctoproject.org>
> *Subject: *Re: [meta-virtualization] [PATCH] docker: add
> NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
>
>
>
>
> On Mon, Jul 10, 2017 at 11:40 AM, Avery, Brian <brian.avery at intel.com>
> wrote:
>
> One other thought/question: should we include the docker check-config
> tool? would make it easier for people to track these things down if it
> changes in the future.
>
>
>
>
>
> It is currently in the docker-contrib package, since we didn't want it to
> be always on target. Have you tried including that and it is otherwise
> broken ?
>
>
>
> Bruce
>
>
>
> -b
>
>
>
> *From: *<meta-virtualization-bounces at yoctoproject.org> on behalf of
> "Avery, Brian" <brian.avery at intel.com>
> *Date: *Monday, July 10, 2017 at 8:37 AM
> *To: *Bruce Ashfield <bruce.ashfield at gmail.com>
>
>
> *Cc: *"meta-virtualization at yoctoproject.org" <meta-virtualization@
> yoctoproject.org>
> *Subject: *Re: [meta-virtualization] [PATCH] docker: add
> NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
> Works for me.
>
> ty :)
>
> -b
>
>
>
> p.s. working on this did hit bug https://bugzilla.yoctoproject.
> org/show_bug.cgi?id=8191 when I tried to use linux-intel instead of
> linux-yocto.
>
>
>
>
>
> *From: *Bruce Ashfield <bruce.ashfield at gmail.com>
> *Date: *Monday, July 10, 2017 at 8:24 AM
> *To: *"Avery, Brian" <brian.avery at intel.com>
> *Cc: *"meta-virtualization at yoctoproject.org" <meta-virtualization@
> yoctoproject.org>
> *Subject: *Re: [meta-virtualization] [PATCH] docker: add
> NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
>
>
>
>
> On Fri, Jul 7, 2017 at 7:38 PM, brian avery <brian.avery at intel.com> wrote:
>
> Docker needs ths _NETFILTER_XT_MATCH_ADDRTYPE module in order to start
> up successfully. This patch adds it to the supported kernels.
>
> Signed-off-by: brian avery <brian.avery at intel.com>
> ---
>  recipes-kernel/linux/linux-yocto/docker.cfg    | 1 +
>  recipes-kernel/linux/linux-yocto/docker.scc    | 4 ++++
>  recipes-kernel/linux/linux-yocto_4.1.bbappend  | 1 +
>  recipes-kernel/linux/linux-yocto_4.10.bbappend | 1 +
>  recipes-kernel/linux/linux-yocto_4.4.bbappend  | 1 +
>  recipes-kernel/linux/linux-yocto_4.9.bbappend  | 1 +
>  6 files changed, 9 insertions(+)
>  create mode 100644 recipes-kernel/linux/linux-yocto/docker.cfg
>  create mode 100644 recipes-kernel/linux/linux-yocto/docker.scc
>
> diff --git a/recipes-kernel/linux/linux-yocto/docker.cfg
> b/recipes-kernel/linux/linux-yocto/docker.cfg
> new file mode 100644
> index 0000000..d0ebb66
> --- /dev/null
> +++ b/recipes-kernel/linux/linux-yocto/docker.cfg
> @@ -0,0 +1 @@
> +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
>
>
> I could have sworn that I already ported and merged my docker fragment to
> meta-virt,
>
> but it looks like I only staged it and never actually did the patch.
>
>
>
> To make the fragment as standalone as possible, I'm running with this:
>
>
>
> ------------
>
> CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
>
> CONFIG_IP_NF_FILTER=m
>
> CONFIG_NF_NAT=m
>
> CONFIG_NF_CONNTRACK_IPV4=y
>
> CONFIG_DM_THIN_PROVISIONING=m
>
> CONFIG_IP_NF_NAT=m
>
> CONFIG_IP_NF_TARGET_MASQUERADE=m
>
> CONFIG_OVERLAY_FS=y
>
> -------------
>
>
>
> I propose to update your fragment with those options and merge the changes
> that
>
> way.
>
>
>
> Any objections ?
>
>
>
> Bruce
>
>
>
> diff --git a/recipes-kernel/linux/linux-yocto/docker.scc
> b/recipes-kernel/linux/linux-yocto/docker.scc
> new file mode 100644
> index 0000000..e317456
> --- /dev/null
> +++ b/recipes-kernel/linux/linux-yocto/docker.scc
> @@ -0,0 +1,4 @@
> +define KFEATURE_DESCRIPTION "Enable Features needed by docker in addition
> to LXC features"
> +define KFEATURE_COMPATIBILITY board
> +
> +kconf non-hardware docker.cfg
> diff --git a/recipes-kernel/linux/linux-yocto_4.1.bbappend
> b/recipes-kernel/linux/linux-yocto_4.1.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.1.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.1.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>              file://ebtables.scc \
>             file://vswitch.scc \
>             file://lxc.scc \
> +            file://docker.scc \
>             "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend
> b/recipes-kernel/linux/linux-yocto_4.10.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.10.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.10.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>              file://ebtables.scc \
>             file://vswitch.scc \
>             file://lxc.scc \
> +            file://docker.scc \
>             "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> diff --git a/recipes-kernel/linux/linux-yocto_4.4.bbappend
> b/recipes-kernel/linux/linux-yocto_4.4.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.4.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.4.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>              file://ebtables.scc \
>             file://vswitch.scc \
>             file://lxc.scc \
> +            file://docker.scc \
>             "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> diff --git a/recipes-kernel/linux/linux-yocto_4.9.bbappend
> b/recipes-kernel/linux/linux-yocto_4.9.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.9.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.9.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>              file://ebtables.scc \
>             file://vswitch.scc \
>             file://lxc.scc \
> +            file://docker.scc \
>             "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> --
> 1.9.1
>
> --
> _______________________________________________
> meta-virtualization mailing list
> meta-virtualization at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/meta-virtualization
>
>
>
>
>
> --
>
> "Thou shalt not follow the NULL pointer, for chaos and madness await thee
> at its end"
>
>
>
>
>
> --
>
> "Thou shalt not follow the NULL pointer, for chaos and madness await thee
> at its end"
>



-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/meta-virtualization/attachments/20170710/0477fe66/attachment-0001.html>

More information about the meta-virtualization mailing list