From ab3f7a0b4912ffbb3523c8e13e3c3406058671e9 Mon Sep 17 00:00:00 2001 From: Olli Janatuinen Date: Tue, 5 Mar 2024 12:21:58 +0000 Subject: [PATCH] v2.0.0 * Downgrade system-docker to 17.06.107 (last version before rename) * Use Docker 24.0.9 by default. 25.0.3 available as alternative. * Buildroot 2023.02.10 * Kernel 5.10.211 * Always generate dhcpd.conf (not only with Wi-Fi) * Support user Docker "data_root" configuration --- Dockerfile.dapper | 11 ++++----- README.md | 2 +- cmd/control/docker_init.go | 2 +- cmd/control/user_docker.go | 4 +-- cmd/network/network.go | 4 ++- config/docker_config_test.go | 4 +-- config/schema.go | 2 +- config/types.go | 6 ++--- images/02-console/Dockerfile | 2 +- os-config.tpl.yml | 12 ++++----- pkg/dfs/scratch.go | 46 +++++++++++++++++------------------ pkg/init/recovery/recovery.go | 4 +-- scripts/layout-initrd | 4 +++ scripts/tar-images | 5 +++- 14 files changed, 58 insertions(+), 50 deletions(-) diff --git a/Dockerfile.dapper b/Dockerfile.dapper index e006a476d..bbd068626 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -39,7 +39,6 @@ RUN echo "Acquire::http { Proxy \"$APTPROXY\"; };" >> /etc/apt/apt.conf.d/01prox wget \ xorriso \ xz-utils \ - zstd \ telnet ########## Dapper Configuration ##################### @@ -62,7 +61,7 @@ ARG OS_REPO=burmilla ARG HOSTNAME_DEFAULT=burmilla ARG DISTRIB_ID=BurmillaOS -ARG KERNEL_VERSION=5.10.188-burmilla +ARG KERNEL_VERSION=5.10.211-burmilla ARG KERNEL_URL_amd64=https://github.com/burmilla/os-kernel/releases/download/v${KERNEL_VERSION}/linux-${KERNEL_VERSION}-x86.tar.gz ARG KERNEL_URL_arm64=https://github.com/burmilla/os-kernel/releases/download/v${KERNEL_VERSION}/linux-${KERNEL_VERSION}-arm64.tar.gz @@ -81,14 +80,14 @@ ARG OS_FIRMWARE=true ARG OS_BASE_URL_amd64=https://github.com/burmilla/os-base/releases/download/v2023.05-1/os-base_amd64.tar.xz ARG OS_BASE_URL_arm64=https://github.com/burmilla/os-base/releases/download/v2023.05-1/os-base_arm64.tar.xz -ARG OS_INITRD_BASE_URL_amd64=https://github.com/burmilla/os-initrd-base/releases/download/v2023.05-2/os-initrd-base-amd64.tar.gz -ARG OS_INITRD_BASE_URL_arm64=https://github.com/burmilla/os-initrd-base/releases/download/v2023.05-2/os-initrd-base-arm64.tar.gz +ARG OS_INITRD_BASE_URL_amd64=https://github.com/burmilla/os-initrd-base/releases/download/v2023.02.10-1/os-initrd-base-amd64.tar.gz +ARG OS_INITRD_BASE_URL_arm64=https://github.com/burmilla/os-initrd-base/releases/download/v2023.02.10-1/os-initrd-base-arm64.tar.gz -ARG SYSTEM_DOCKER_VERSION=17.06.109 +ARG SYSTEM_DOCKER_VERSION=17.06.107 ARG SYSTEM_DOCKER_URL_amd64=https://github.com/burmilla/os-system-docker/releases/download/${SYSTEM_DOCKER_VERSION}/docker-amd64-${SYSTEM_DOCKER_VERSION}.tgz ARG SYSTEM_DOCKER_URL_arm64=https://github.com/burmilla/os-system-docker/releases/download/${SYSTEM_DOCKER_VERSION}/docker-arm64-${SYSTEM_DOCKER_VERSION}.tgz -ARG USER_DOCKER_VERSION=24.0.7 +ARG USER_DOCKER_VERSION=24.0.9 ARG USER_DOCKER_ENGINE_VERSION=docker-${USER_DOCKER_VERSION} ARG AZURE_SERVICE=false diff --git a/README.md b/README.md index 19f0e4837..124933258 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Please submit any **BurmillaOS** bugs, issues, and feature requests to [burmilla ## License -Copyright (c) 2020 Project Burmilla +Copyright (c) 2020-2024 [BurmillaOS community](https://burmillaos.org) Copyright (c) 2014-2020 [Rancher Labs, Inc.](http://rancher.com) diff --git a/cmd/control/docker_init.go b/cmd/control/docker_init.go index 0ad41c783..0d89fe436 100644 --- a/cmd/control/docker_init.go +++ b/cmd/control/docker_init.go @@ -96,7 +96,7 @@ func dockerInitAction(c *cli.Context) error { } } - err = checkZfsBackingFS(cfg.Rancher.Docker.StorageDriver, cfg.Rancher.Docker.Graph) + err = checkZfsBackingFS(cfg.Rancher.Docker.StorageDriver, cfg.Rancher.Docker.DataRoot) if err != nil { log.Fatal(err) } diff --git a/cmd/control/user_docker.go b/cmd/control/user_docker.go index cb01b37fe..8adecfd35 100644 --- a/cmd/control/user_docker.go +++ b/cmd/control/user_docker.go @@ -186,14 +186,14 @@ func startDocker(cfg *config.CloudConfig) error { return err } - cmd := []string{"system-engine-rc", "exec", "--", info.ID, "env"} + cmd := []string{"system-docker-runc", "exec", "--", info.ID, "env"} log.Info(dockerCfg.AppendEnv()) cmd = append(cmd, dockerCfg.AppendEnv()...) cmd = append(cmd, dockerCommand...) cmd = append(cmd, args...) log.Infof("Running %v", cmd) - return syscall.Exec("/usr/bin/system-engine-rc", cmd, os.Environ()) + return syscall.Exec("/usr/bin/system-docker-runc", cmd, os.Environ()) } func waitForPid(service string, project *project.Project) (int, error) { diff --git a/cmd/network/network.go b/cmd/network/network.go index 010771b5d..8d7de5e54 100644 --- a/cmd/network/network.go +++ b/cmd/network/network.go @@ -63,10 +63,12 @@ func ApplyNetworkConfig(cfg *config.CloudConfig) { cfg.Rancher.Network.DHCPTimeout = cfg.Rancher.Defaults.Network.DHCPTimeout } + // Always generate dhcpcd.conf to support NTP and hostname configuration coming from DHCP + generateDhcpcdFiles(cfg) + // In order to handle the STATIC mode in Wi-Fi network, we have to update the dhcpcd.conf file. // https://wiki.archlinux.org/index.php/dhcpcd#Static_profile if len(cfg.Rancher.Network.WifiNetworks) > 0 { - generateDhcpcdFiles(cfg) generateWpaFiles(cfg) } diff --git a/config/docker_config_test.go b/config/docker_config_test.go index a7e118690..c646b8e3b 100644 --- a/config/docker_config_test.go +++ b/config/docker_config_test.go @@ -39,10 +39,10 @@ func TestGenerateEngineOptsString(t *testing.T) { testContains(t, fmt.Sprint(generateEngineOptsSlice(EngineOpts{ Host: []string{ - "unix:///var/run/system-engine.sock", + "unix:///var/run/system-docker.sock", "unix:///var/run/docker.sock", }, - })), "--host unix:///var/run/system-engine.sock", "--host unix:///var/run/docker.sock") + })), "--host unix:///var/run/system-docker.sock", "--host unix:///var/run/docker.sock") testContains(t, fmt.Sprint(generateEngineOptsSlice(EngineOpts{ LogOpts: map[string]string{ diff --git a/config/schema.go b/config/schema.go index 6f682ee11..dec5fc1a3 100644 --- a/config/schema.go +++ b/config/schema.go @@ -132,7 +132,7 @@ var schema = `{ "debug": {"type": ["boolean", "null"]}, "exec_root": {"type": "string"}, "group": {"type": "string"}, - "graph": {"type": "string"}, + "data_root": {"type": "string"}, "host": {"type": "array"}, "live_restore": {"type": ["boolean", "null"]}, "log_driver": {"type": "string"}, diff --git a/config/types.go b/config/types.go index 625eb625f..a009948c0 100644 --- a/config/types.go +++ b/config/types.go @@ -18,14 +18,14 @@ const ( StateDir = "/state" RosBin = "/usr/bin/ros" SysInitBin = "/usr/bin/ros-sysinit" - SystemDockerHost = "unix:///var/run/system-engine.sock" + SystemDockerHost = "unix:///var/run/system-docker.sock" DockerHost = "unix:///var/run/docker.sock" ImagesPath = "/usr/share/ros" InitImages = "images-init.tar" SystemImages = "images-system.tar" UserImages = "images-user.tar" Debug = false - SystemDockerBin = "/usr/bin/system-engine" + SystemDockerBin = "/usr/bin/system-dockerd" DefaultDind = "burmilla/os-dind:17.12.1" DetachLabel = "io.rancher.os.detach" @@ -171,7 +171,7 @@ type EngineOpts struct { Debug *bool `yaml:"debug,omitempty" opt:"debug"` ExecRoot string `yaml:"exec_root,omitempty" opt:"exec-root"` Group string `yaml:"group,omitempty" opt:"group"` - Graph string `yaml:"graph,omitempty" opt:"graph"` + DataRoot string `yaml:"data_root,omitempty" opt:"data-root"` Host []string `yaml:"host,omitempty" opt:"host"` InsecureRegistry []string `yaml:"insecure_registry" opt:"insecure-registry"` LiveRestore *bool `yaml:"live_restore,omitempty" opt:"live-restore"` diff --git a/images/02-console/Dockerfile b/images/02-console/Dockerfile index fbf9129e1..7b41e20c2 100644 --- a/images/02-console/Dockerfile +++ b/images/02-console/Dockerfile @@ -4,7 +4,7 @@ COPY build/sshd_config.append.tpl /etc/ssh/ COPY build/lsb-release /etc/ RUN apt-get update \ - && apt-get install -y --no-install-recommends fdisk ipset iptables openssh-server rsync locales \ + && apt-get install -y --no-install-recommends fdisk eject ipset iptables openssh-server rsync locales \ sudo less curl ca-certificates psmisc htop kmod iproute2 \ net-tools bash-completion wget \ nano open-iscsi iputils-ping nvi \ diff --git a/os-config.tpl.yml b/os-config.tpl.yml index b1947de95..52050d09f 100644 --- a/os-config.tpl.yml +++ b/os-config.tpl.yml @@ -77,9 +77,9 @@ rancher: bridge: none storage_driver: overlay2 restart: false - graph: /var/lib/system-docker + data_root: /var/lib/system-docker group: root - host: ["unix:///var/run/system-engine.sock"] + host: ["unix:///var/run/system-docker.sock"] userland_proxy: false console: {{.OS_CONSOLE}} cloud_init: @@ -123,7 +123,7 @@ rancher: volumes: - /usr/bin/ros:/usr/bin/ros:ro - /usr/bin/system-docker:/usr/bin/system-docker:ro - - /usr/bin/system-engine-rc:/usr/bin/system-engine-rc:ro + - /usr/bin/system-docker-runc:/usr/bin/system-docker-runc:ro system-volumes: image: {{.OS_REPO}}/os-base:{{.VERSION}}{{.SUFFIX}} command: echo @@ -342,7 +342,7 @@ rancher: privileged: true restart: always volumes: - - /var/run/system-engine.sock:/var/run/docker.sock + - /var/run/system-docker.sock:/var/run/docker.sock environment: DOCKER_API_VERSION: "1.22" udev-cold: @@ -401,9 +401,9 @@ rancher: storage_driver: overlay2 bridge: none restart: false - graph: /var/lib/system-docker + data_root: /var/lib/system-docker group: root - host: ["unix:///var/run/system-engine.sock"] + host: ["unix:///var/run/system-docker.sock"] pid_file: /var/run/system-docker.pid exec_root: /var/run/system-docker config_file: /etc/docker/system-docker.json diff --git a/pkg/dfs/scratch.go b/pkg/dfs/scratch.go index 1e3c1723c..f928f72f6 100644 --- a/pkg/dfs/scratch.go +++ b/pkg/dfs/scratch.go @@ -42,20 +42,20 @@ var ( ) type Config struct { - Fork bool - PidOne bool - CommandName string - DNSConfig netconf.DNSConfig - BridgeName string - BridgeAddress string - BridgeMtu int - CgroupHierarchy map[string]string - LogFile string - NoLog bool - NoFiles uint64 - Environment []string - GraphDirectory string - DaemonConfig string + Fork bool + PidOne bool + CommandName string + DNSConfig netconf.DNSConfig + BridgeName string + BridgeAddress string + BridgeMtu int + CgroupHierarchy map[string]string + LogFile string + NoLog bool + NoFiles uint64 + Environment []string + DataRootDirectory string + DaemonConfig string } func createMounts(mounts ...[]string) error { @@ -400,8 +400,8 @@ func ParseConfig(config *Config, args ...string) []string { if err != nil { config.BridgeMtu = mtu } - } else if strings.HasPrefix(arg, "-g") || strings.HasPrefix(arg, "--graph") { - config.GraphDirectory = GetValue(i, args) + } else if strings.HasPrefix(arg, "--data-root") { + config.DataRootDirectory = GetValue(i, args) } } @@ -495,12 +495,12 @@ func createDaemonConfig(config *Config) error { return nil } -func cleanupFiles(graphDirectory string) { +func cleanupFiles(dataRootDirectory string) { zeroFiles := []string{ "/etc/docker/key.json", "/etc/docker/daemon.json", "/etc/docker/system-daemon.json", - path.Join(graphDirectory, "image/overlay/repositories.json"), + path.Join(dataRootDirectory, "image/overlay/repositories.json"), } for _, file := range zeroFiles { @@ -518,13 +518,13 @@ func createLayout(config *Config) error { return err } - graphDirectory := config.GraphDirectory + dataRootDirectory := config.DataRootDirectory - if config.GraphDirectory == "" { - graphDirectory = "/var/lib/docker" + if config.DataRootDirectory == "" { + dataRootDirectory = "/var/lib/docker" } - if err := createDirs(graphDirectory); err != nil { + if err := createDirs(dataRootDirectory); err != nil { return err } @@ -532,7 +532,7 @@ func createLayout(config *Config) error { return err } - cleanupFiles(graphDirectory) + cleanupFiles(dataRootDirectory) symlinks := [][]string{ {"usr/lib", "/lib"}, diff --git a/pkg/init/recovery/recovery.go b/pkg/init/recovery/recovery.go index 0bb2e3fae..fbb32b71c 100644 --- a/pkg/init/recovery/recovery.go +++ b/pkg/init/recovery/recovery.go @@ -75,9 +75,9 @@ func Recovery(initFailure error) { Bridge: "none", StorageDriver: "overlay2", Restart: &[]bool{false}[0], - Graph: "/var/lib/recovery-docker", + DataRoot: "/var/lib/recovery-docker", Group: "root", - Host: []string{"unix:///var/run/system-engine.sock"}, + Host: []string{"unix:///var/run/system-docker.sock"}, UserlandProxy: &[]bool{false}[0], }, } diff --git a/scripts/layout-initrd b/scripts/layout-initrd index 789bc7b53..5378620ef 100755 --- a/scripts/layout-initrd +++ b/scripts/layout-initrd @@ -32,6 +32,10 @@ ln -s bin ${INITRD_DIR}/usr/sbin ln -s usr/sbin ${INITRD_DIR}/sbin curl -SL ${!SYSTEM_DOCKER_URL} | tar --strip-components=1 -xzvf - -C ${INITRD_DIR}/usr/bin/ +# we have diabled the user-proxy so we get rid of system-docker-proxy +rm -f ${INITRD_DIR}/usr/bin/system-docker-proxy +# reduce size by removing debugging tool system-docker-containerd-ctr +rm -f ${INITRD_DIR}/usr/bin/system-docker-containerd-ctr cat < ${INITRD_DIR}/usr/share/ros/os-release NAME="BurmillaOS" diff --git a/scripts/tar-images b/scripts/tar-images index 8435bc587..f5c66513c 100755 --- a/scripts/tar-images +++ b/scripts/tar-images @@ -49,7 +49,10 @@ echo "tar-image: SYSTEM_IMAGES=$SYSTEM_IMAGES" echo "tar-image: INIT_IMAGES=$INIT_IMAGES" echo "tar-image: USER_IMAGES=$USER_IMAGES" -ARCHIVE_CMD="zstd -19 -c" +# system-docker can not load images which compressed by xz with a compression level of 9 +# decompression consumes more memory if using level 9 +# the default compression level for xz is 6 +ARCHIVE_CMD="xz -4 -e" docker save ${INIT_IMAGES} | ${ARCHIVE_CMD} > ${INIT_IMAGES_DST} docker save ${SYSTEM_IMAGES} | ${ARCHIVE_CMD} > ${SYSTEM_IMAGES_DST}