[meta-virtualization] [PATCH v2 0/7] podman: add initial recipe

Stefan Agner stefan at agner.ch
Thu Oct 3 06:41:04 PDT 2019


On 2019-10-03 15:23, Bruce Ashfield wrote:
> On Thu, Sep 26, 2019 at 10:37 AM Bruce Ashfield
> <bruce.ashfield at gmail.com> wrote:
>>
>>
>> In message: [meta-virtualization] [PATCH v2 0/7] podman: add initial recipe
>> on 20/09/2019 Stefan Agner wrote:
>>
>> > From: Stefan Agner <stefan.agner at toradex.com>
>> >
>> > This adds Podman a daemonless container engine for developing,
>> > managing, and running OCI Containers on your Linux System.
>> > Containers can either be run as root or in rootless mode.
>> > Simply put: `alias docker=podman`.
>> >
>> > Currently the build tags systemd (if in DISTRO_FEATURES),
>> > seccomp, varlink and remoteclient are enabled which allows to
>> > run podman with overlayfs as root and vfs in rootless mode.
>> > The storage drivers btrfs and device-mapper have not been
>> > tested and are disabled at the moment.
>> >
>> > --
>> > Stefan
>> >
>> > Changes in v2:
>> > - Add slirp4netns recipe for rootless networking support
>> > - Fix podman recipe to build properly (set GOARCH properly)
>> > - Fix podman recipe commit message and comments
>> > - Add varlink and remoteclient to build tags
>> > - Move cni binaries to /usr/libexec/cni and create symlink for /opt/cni/bin
>>
>>
>> FYI: I have this queued and under test. I'll follow up to the
>> individual patches if i have questions or issues that I can't fix
>> myself.
> 
> I just pushed the queue this morning. I stacked some commits on top to
> tweak things a bit, but otherwise, they are as sent in this series.
> 
> I wasn't able to fully test podman due to a CNI networking issue, so
> if you have a podman setup or log, I wouldn't mind seeing it so I can
> run some additional tests.

If it is just network, this should run:
podman run -it --net=none registry.hub.docker.com/arm32v7/debian:buster 

I remember I had also issues with networking at first and had to enable
some kernel configs which were missing in my config, maybe related to
that in your case as well?

CONFIG_MACVLAN=m
CONFIG_MACVTAP=m
CONFIG_VXLAN=m
CONFIG_IPVLAN=m

CONFIG_TUN=m
CONFIG_TAP=m
CONFIG_NLMON=m

CONFIG_BRIDGE_VLAN_FILTERING=y


Also I had to disable static building for proper cgroup support and add
seccomp by overwriting runc PACKAGECONFIG:

PACKAGECONFIG_pn-${PREFERRED_PROVIDER_virtual/runc} = "seccomp"

I will do some builds and tests with latest meta-virtualization.

--
Stefan


> 
> Bruce
> 
>>
>> Bruce
>>
>> >
>> > Stefan Agner (7):
>> >   conmon: initial add
>> >   go-metalinter: add recipe for gometalinter
>> >   go-md2man: add md2man
>> >   skopeo: add skopeo
>> >   cni: move cni tools to /usr/libexec/cni
>> >   slirp4netns: add slirp4netns user-mode networking
>> >   podman: add the Pod Manager tool
>> >
>> >  recipes-containers/conmon/conmon_2.0.0.bb     | 30 ++++++
>> >  ...ail-if-clean-is-called-without-a-bui.patch | 31 +++++++
>> >  recipes-containers/cri-o/files/crio.conf      |  2 +-
>> >  recipes-containers/podman/podman_git.bb       | 93 +++++++++++++++++++
>> >  recipes-containers/skopeo/skopeo_git.bb       | 73 +++++++++++++++
>> >  recipes-devtools/go/go-md2man_git.bb          | 20 ++++
>> >  recipes-devtools/go/go-metalinter_git.bb      | 24 +++++
>> >  recipes-networking/cni/cni_git.bb             |  8 +-
>> >  .../slirp4netns/slirp4netns_0.4.1.bb          | 16 ++++
>> >  9 files changed, 294 insertions(+), 3 deletions(-)
>> >  create mode 100644 recipes-containers/conmon/conmon_2.0.0.bb
>> >  create mode 100644 recipes-containers/conmon/files/0001-Makefile-don-t-fail-if-clean-is-called-without-a-bui.patch
>> >  create mode 100644 recipes-containers/podman/podman_git.bb
>> >  create mode 100644 recipes-containers/skopeo/skopeo_git.bb
>> >  create mode 100644 recipes-devtools/go/go-md2man_git.bb
>> >  create mode 100644 recipes-devtools/go/go-metalinter_git.bb
>> >  create mode 100644 recipes-networking/slirp4netns/slirp4netns_0.4.1.bb
>> >
>> > --
>> > 2.20.1
>> >
>> > --
>> > _______________________________________________
>> > meta-virtualization mailing list
>> > meta-virtualization at yoctoproject.org
>> > https://lists.yoctoproject.org/listinfo/meta-virtualization


More information about the meta-virtualization mailing list