From af6c0cffea95803aa34bb44d3ef1dfbd72963d59 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Mon, 29 Mar 2021 22:05:10 +0100 Subject: [PATCH 1/4] libseccomp: don't build on ARC ARC architecture is not yet supported by libseccomp. Signed-off-by: Daniel Golle --- libs/libseccomp/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/libs/libseccomp/Makefile b/libs/libseccomp/Makefile index e82ec751b714a..355841df424ea 100644 --- a/libs/libseccomp/Makefile +++ b/libs/libseccomp/Makefile @@ -56,6 +56,7 @@ endef define Package/libseccomp $(call Package/libseccomp/Default) TITLE+= (library) + DEPENDS+= @!arc endef define Package/scmp_sys_resolver From 9e0d7190984df84ad2eeb4eee14d971e0f22efbf Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Mon, 29 Mar 2021 22:23:54 +0100 Subject: [PATCH 2/4] cni-plugins: depend on kmod-veth cni-plugins makes use of veth, make sure kernel module is installed. Signed-off-by: Daniel Golle --- utils/cni-plugins/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/cni-plugins/Makefile b/utils/cni-plugins/Makefile index 279625e4b83a7..7db7f9498c843 100644 --- a/utils/cni-plugins/Makefile +++ b/utils/cni-plugins/Makefile @@ -31,7 +31,7 @@ define Package/cni-plugins CATEGORY:=Utilities TITLE:=cni-plugins URL:=https://github.com/containernetworking/cni-plugins - DEPENDS:=$(GO_ARCH_DEPENDS) +ip-full + DEPENDS:=$(GO_ARCH_DEPENDS) +ip-full +kmod-veth endef define Package/cni-plugins/description From a63aa33b97d123761d4e587e6a23e85231edf23c Mon Sep 17 00:00:00 2001 From: Oskari Rauta Date: Tue, 30 Mar 2021 00:42:15 +0300 Subject: [PATCH 3/4] crun: add package crun crun is the prefered container run-time of podman, it's faster than runc and has a much lower memory footprint. Signed-off-by: Daniel Golle Signed-off-by: Oskari Rauta --- utils/crun/Makefile | 82 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 utils/crun/Makefile diff --git a/utils/crun/Makefile b/utils/crun/Makefile new file mode 100644 index 0000000000000..4a6b75854a447 --- /dev/null +++ b/utils/crun/Makefile @@ -0,0 +1,82 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=crun +PKG_VERSION:=0.18 +PKG_RELEASE:=$(AUTORELEASE) + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/containers/crun.git +PKG_SOURCE_DATE:=2021-03-18 +PKG_SOURCE_VERSION:=496e81bdd69f117f10e4477e4204e4611a94b68f +PKG_MIRROR_HASH:=26941b0d84bbeabeb5e982af48d131f55d0aa16f4a2f2ca3279a5c812cdeea8b + +PKG_BUILD_DEPENDS:=argp-standalone +PKG_BUILD_PARALLEL:=1 +PKG_FIXUP:=autoreconf +PKG_INSTALL:=1 + +PKG_MAINTAINER:=Oskari Rauta +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +include $(INCLUDE_DIR)/package.mk + +define Package/crun + SECTION:=utils + CATEGORY:=Utilities + TITLE:=crun + URL:=https://github.com/containers/crun + DEPENDS:=+libseccomp +libcap +endef + +define Package/crun/description + A fast and low-memory footprint OCI Container Runtime fully written in C. +endef + +CONFIGURE_ARGS+= \ + --disable-systemd \ + --enable-embedded-yajl \ + --enable-caps \ + --enable-dl \ + --enable-seccomp \ + --enable-bpf + +define Build/Prepare + $(call Build/Prepare/Default) + $(SED) '/#include /d' $(PKG_BUILD_DIR)/src/crun.c +endef + +define Build/Configure + $(call Build/Configure/Default) + + $(SED) '/#define PACKAGE \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define VERSION \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define GIT_VERSION \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define PACKAGE_BUGREPORT \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define PACKAGE_NAME \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define PACKAGE_STRING \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define PACKAGE_TARNAME \"/d' $(PKG_BUILD_DIR)/config.h + $(SED) '/#define PACKAGE_VERSION \"/d' $(PKG_BUILD_DIR)/config.h + + echo "#define PACKAGE \"$(PKG_NAME)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define VERSION \"$(PKG_VERSION)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define PACKAGE_NAME \"$(PKG_NAME)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define PACKAGE_VERSION \"$(PKG_VERSION)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define PACKAGE_STRING \"$(PKG_NAME) $(PKG_VERSION)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define PACKAGE_TARNAME \"$(PKG_NAME)\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define PACKAGE_BUGREPORT \"bugs@openwrt.org\"" >> $(PKG_BUILD_DIR)/config.h + echo "#define GIT_VERSION \"$(PKG_SOURCE_VERSION)\"" >> $(PKG_BUILD_DIR)/config.h +endef + +define Package/crun/install + $(INSTALL_DIR) $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/crun $(1)/usr/bin/ +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/bin $(1)/usr/lib + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/crun $(1)/usr/bin/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcrun.* $(1)/usr/lib/ +endef + +$(eval $(call BuildPackage,crun)) From f68fdecfc6789f30d3fccb92deb1b20da2bfd0a0 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Mon, 29 Mar 2021 23:14:41 +0100 Subject: [PATCH 4/4] podman: add 'crun' to containers.conf Now that 'crun' has been packaged, add support for it in podman. Signed-off-by: Daniel Golle --- utils/podman/files/containers.conf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/utils/podman/files/containers.conf b/utils/podman/files/containers.conf index 8730f1a4884fd..c06e4b6247f18 100644 --- a/utils/podman/files/containers.conf +++ b/utils/podman/files/containers.conf @@ -7,7 +7,8 @@ network_config_dir="/etc/cni/net.d/" default_network="podman" [engine] -runtime="/usr/sbin/runc" +runtime="/usr/sbin/crun" +# runtime="/usr/sbin/runc" # runtime="/sbin/uxc" # runtime_supports_nocgroups = ["crun", "uxc"] # runtime_supports_json = ["crun", "runc", "kata", "uxc"] @@ -17,6 +18,10 @@ runc = [ "/usr/sbin/runc", ] +crun = [ + "/usr/bin/crun", +] + uxc = [ "/sbin/uxc", ]