[meta-virtualization] [PATCH 6/6] podmon: add the Pod Manager tool

Stefan Agner stefan at agner.ch
Mon Sep 9 14:30:42 PDT 2019 

On 2019-09-03 19:26, Bruce Ashfield wrote:
> I'm assuming the subject should be "podman" and not "podmon".

Whoops, thanks for pointing out.

> 
> On Sun, Sep 1, 2019 at 4:34 PM Stefan Agner <stefan at agner.ch> wrote:
>>
>> From: Stefan Agner <stefan.agner at toradex.com>
>>
>> Podman is a daemonless container engine for developing, managing, and
>> running OCI Containers on your Linux System. Containers can either be
>> run as root or in rootless mode.
>>
>> This patch adds the initial recipe for podman. Currently a minimal
>> feature set is supported. It seems that libseccomp is mandatory, which
>> makes meta-security a mandatory dependency for this recipe.
>>
>> Signed-off-by: Stefan Agner <stefan.agner at toradex.com>
>> ---
>>  recipes-containers/podman/podman_git.bb | 91 +++++++++++++++++++++++++
>>  1 file changed, 91 insertions(+)
>>  create mode 100644 recipes-containers/podman/podman_git.bb
>>
>> diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
>> new file mode 100644
>> index 0000000..6f4e7d4
>> --- /dev/null
>> +++ b/recipes-containers/podman/podman_git.bb
>> @@ -0,0 +1,91 @@
>> +HOMEPAGE = "https://podman.io/"
>> +SUMMARY =  "A daemonless container engine"
>> +DESCRIPTION = "Podman is a daemonless container engine for developing, \
>> +    managing, and running OCI Containers on your Linux System. Containers can \
>> +    either be run as root or in rootless mode. Simply put: \
>> +    `alias docker=podman`. \
>> +    "
>> +
>> +DEPENDS = " \
>> +    go-metalinter-native \
>> +    go-md2man-native \
>> +    gpgme \
>> +    libseccomp \
>> +    ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
>> +"
>> +
>> +SRCREV = "00057929f5acfd98341964d85722383363376d52"
>> +SRC_URI = " \
>> +    git://github.com/containers/libpod.git;branch=master \
>> +"
>> +
>> +LICENSE = "Apache-2.0"
>> +LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e"
>> +
>> +GO_IMPORT = "import"
>> +
>> +S = "${WORKDIR}/git"
>> +
>> +PV = "1.5.1+git${SRCREV}"
>> +
>> +PACKAGES =+ "${PN}-contrib"
>> +
>> +PODMAN_PKG = "github.com/containers/libpod"
>> +BUILDTAGS = "seccomp systemd exclude_graphdriver_btrfs exclude_graphdriver_devicemapper"
> 
> On my other similar recipes, I've been asked to make this a ?= so it
> can be easily overridden. Is that possible here ?
> 

Yes, seems to work just fine.

>> +
>> +# overide LDFLAGS to allow criu to build without: "x86_64-poky-linux-ld: unrecognized option '-Wl,-O1'"
> 
> Is this a debug statement left in, or is it relevant to podman ?
> 

This actually applies to podman as well, so I copied the export and the
comment from the criu recipe.

Will fix the comment though to mention podman.


>> +export LDFLAGS=""
>> +
>> +inherit go goarch
>> +inherit systemd pkgconfig
>> +
>> +do_configure[noexec] = "1"
>> +
>> +EXTRA_OEMAKE = " \
>> +     PREFIX=${prefix} BINDIR=${bindir} LIBEXECDIR=${libexecdir} \
>> +     ETCDIR=${sysconfdir} TMPFILESDIR=${nonarch_libdir}/tmpfiles.d \
>> +     SYSTEMDDIR=${systemd_unitdir}/system USERSYSTEMDDIR=${systemd_unitdir}/user \
>> +"
>> +
>> +do_compile() {
>> +       # Set GOPATH. See 'PACKAGERS.md'. Don't rely on
>> +       # docker to download its dependencies but rather
>> +       # use dependencies packaged independently.

This comment is actually a leftover so removed this.

>> +       cd ${S}/src
>> +       rm -rf .gopath
>> +       mkdir -p .gopath/src/"$(dirname "${PODMAN_PKG}")"
>> +       ln -sf ../../../../import/ .gopath/src/"${PODMAN_PKG}"
>> +
>> +       ln -sf "../../../import/vendor/github.com/varlink/" ".gopath/src/github.com/varlink"
>> +
>> +       export GOPATH="${S}/src/.gopath"
>> +       export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
>> +
>> +       cd ${S}/src/.gopath/src/"${PODMAN_PKG}"
>> +
>> +       make cmd/podman/varlink/iopodman.go GO=go
> 

After cleaning and rebuilding I actually noticed that the current state
does not build. I must have interfered manually to make it build and
forgot to fix-up.

This make call needs this before executing:
export GOARCH="${BUILD_GOARCH}"

> I've been trying to squash out all the raw calls to make. Does this
> work if oe_runmake is used ?

With the above, oe_runmake seems to work just fine.

> 
> Also, out of curiosity, if GO=go isn't set .. what executable does it
> try to run ?

Without GO=go it seems to use "arm-...-linux-gnueabi-go", and fails with
a exec format error:

NOTE: make -j 40 PREFIX=/usr BINDIR=/usr/bin LIBEXECDIR=/usr/libexec
ETCDIR=/etc TMPFILESDIR=/usr/lib/tmpfiles.d
SYSTEMDDIR=/usr/lib/systemd/system USERSYSTEMDDIR=/usr/lib/systemd/user
cmd/podman/varlink/iopodman.go
GO111MODULE=off arm-tdx-linux-gnueabi-go generate
./cmd/podman/varlink/...
fork/exec
/home/ags/torizoncore/build-colibri-imx7/tmp-torizon/work/cortexa7t2hf-neon-tdx-linux-gnueabi/podman/1.5.1+git00057929f5acfd98341964d85722383363376d52-r0/go-tmp/go-build868339522/b001/exe/main:
exec format error
cmd/podman/varlink/generate.go:3: running "go": exit status 1
make: *** [Makefile:475: cmd/podman/varlink/iopodman.go] Error 1
ERROR: oe_runmake failed



> 
>> +
>> +       # Pass the needed cflags/ldflags so that cgo
>> +       # can find the needed headers files and libraries
>> +       export GOARCH=${TARGET_GOARCH}
>> +       export CGO_ENABLED="1"
>> +       export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
>> +       export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
>> +
>> +       make BUILDTAGS="${BUILDTAGS}"
> 
> Same here. Does oe_runmake work ?

Yes, also here oe_runmake seems to do no harm.

Thanks for reviewing!

--
Stefan

> 
> Bruce
> 
>> +}
>> +
>> +do_install() {
>> +       cd ${S}/src/.gopath/src/"${PODMAN_PKG}"
>> +
>> +       oe_runmake install install.docker DESTDIR="${D}"
>> +}
>> +
>> +FILES_${PN} += " \
>> +    ${systemd_unitdir}/system/* \
>> +    ${systemd_unitdir}/user/* \
>> +    ${nonarch_libdir}/tmpfiles.d/* \
>> +    ${sysconfdir}/docker \
>> +"
>> +
>> +RDEPENDS_${PN} += "conmon runc-opencontainers iptables cni skopeo"
>> --
>> 2.20.1
>>
>> --
>> _______________________________________________
>> meta-virtualization mailing list
>> meta-virtualization at yoctoproject.org
>> https://lists.yoctoproject.org/listinfo/meta-virtualization

More information about the meta-virtualization mailing list