Skip to content

Commit

Permalink
feat(*): run system services via containerd (#149)
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewrynhard
andrewrynhard authored Sep 20, 2018
1 parent b370ce0 commit 8f09202
Show file tree
Hide file tree
Showing 45 changed files with 2,629 additions and 1,093 deletions.
2 changes: 1 addition & 1 deletion .conform.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ script:
rm -rf ./build/*
cd ./src/tools && conform enforce
cd ../kernel && conform enforce
cd ../initramfs && conform enforce
cd ../rootfs && conform enforce
cd ../initramfs && conform enforce
cd ../image && conform enforce
cd ../
1 change: 1 addition & 0 deletions .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
build
vendor
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
.DS_Store
build
vendor
1 change: 1 addition & 0 deletions hack/debug.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ metadata:
name: debug
spec:
hostPID: true
hostIPC: true
hostNetwork: true
# nodeSelector:
# kubernetes.io/hostname: ${HOSTNAME}
Expand Down
6 changes: 2 additions & 4 deletions src/image/.conform.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ script:
set -e
docker save {{ .Docker.Image.Name }}:{{ .Docker.Image.Tag }} -o ../../build/dianemo.tar
{{ if and (.Git.IsClean) (or (.Git.IsTag) (eq .Git.Branch "master")) }}
docker login --username=$DOCKER_USERNAME --password=$DOCKER_PASSWORD
docker tag {{ .Docker.Image.Name }}:{{ .Docker.Image.Tag }} {{ .Docker.Image.Name }}:latest
Expand Down Expand Up @@ -63,8 +65,4 @@ tasks:
template: |
COPY --from=dianemo/rootfs:{{ .Docker.Image.Tag }} /rootfs /generated/rootfs
COPY --from=dianemo/kernel:{{ .Docker.Image.Tag }} /tmp/lib/modules /generated/rootfs/lib/modules
COPY --from=dianemo/initramfs:{{ .Docker.Image.Tag }} /tmp/osd /generated/rootfs/bin/osd
COPY --from=dianemo/initramfs:{{ .Docker.Image.Tag }} /tmp/proxyd /generated/rootfs/bin/proxyd
COPY --from=dianemo/initramfs:{{ .Docker.Image.Tag }} /tmp/trustd /generated/rootfs/bin/trustd
COPY --from=dianemo/initramfs:{{ .Docker.Image.Tag }} /tmp/init /generated/rootfs/bin/init
RUN {{if .Git.IsClean}}XZ_OPT=-9e{{else}}XZ_OPT=-0{{end}} tar -cvpJf /generated/rootfs.tar.xz -C /generated/rootfs .
38 changes: 20 additions & 18 deletions src/image/src/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,33 +11,33 @@ function create_image() {

if [ "$FULL" = true ] ; then
if [ "$RAW" = true ] ; then
parted -s -a optimal ${RAW_IMAGE} mkpart ESP fat32 0 50M
parted -s -a optimal ${RAW_IMAGE} mkpart ROOT xfs 50M $(($(size) + 100))M
parted -s -a optimal ${RAW_IMAGE} mkpart DATA xfs $(($(size) + 100))M 100%
parted -s -a optimal ${RAW_IMAGE} mkpart ESP fat32 0 $((${INITRAMFS_SIZE} + 50))M
parted -s -a optimal ${RAW_IMAGE} mkpart ROOT xfs $((${INITRAMFS_SIZE} + 50))M $((${ROOTFS_SIZE} + ${INITRAMFS_SIZE} + 100))M
parted -s -a optimal ${RAW_IMAGE} mkpart DATA xfs $((${ROOTFS_SIZE} + ${INITRAMFS_SIZE} + 100))M 100%
losetup ${DEVICE} ${RAW_IMAGE}
partx -av ${DEVICE}
extract_boot_partition ${DEVICE}p1
extract_root_partition ${DEVICE}p2
extract_data_partition ${DEVICE}p3
else
parted -s -a optimal ${DEVICE} mkpart ESP fat32 0 50M
parted -s -a optimal ${DEVICE} mkpart ROOT xfs 50M $(($(size) + 100))M
parted -s -a optimal ${DEVICE} mkpart DATA xfs $(($(size) + 100))M 100%
parted -s -a optimal ${DEVICE} mkpart ESP fat32 0 $((${INITRAMFS_SIZE} + 50))M
parted -s -a optimal ${DEVICE} mkpart ROOT xfs $((${INITRAMFS_SIZE} + 50))M $((${ROOTFS_SIZE} + ${INITRAMFS_SIZE} + 100))M
parted -s -a optimal ${DEVICE} mkpart DATA xfs $((${ROOTFS_SIZE} + ${INITRAMFS_SIZE} + 100))M 100%
extract_boot_partition ${DEVICE}1
extract_root_partition ${DEVICE}2
extract_data_partition ${DEVICE}3
fi
else
if [ "$RAW" = true ] ; then
parted -s -a optimal ${RAW_IMAGE} mkpart ROOT xfs 0 $(($(size) + 50))M
parted -s -a optimal ${RAW_IMAGE} mkpart DATA xfs $(($(size) + 50))M 100%
parted -s -a optimal ${RAW_IMAGE} mkpart ROOT xfs 0 $((${ROOTFS_SIZE} + 50))M
parted -s -a optimal ${RAW_IMAGE} mkpart DATA xfs $((${ROOTFS_SIZE} + 50))M 100%
losetup ${DEVICE} ${RAW_IMAGE}
partx -av ${DEVICE}
extract_root_partition ${DEVICE}p1
extract_data_partition ${DEVICE}p2
else
parted -s -a optimal ${DEVICE} mkpart ROOT xfs 0 $(($(size) + 50))M
parted -s -a optimal ${DEVICE} mkpart DATA xfs $(($(size) + 50))M 100%
parted -s -a optimal ${DEVICE} mkpart ROOT xfs 0 $((${ROOTFS_SIZE} + 50))M
parted -s -a optimal ${DEVICE} mkpart DATA xfs $((${ROOTFS_SIZE} + 50))M 100%
extract_root_partition ${DEVICE}1
extract_data_partition ${DEVICE}2
fi
Expand All @@ -58,8 +58,8 @@ function create_vmdk() {

function create_iso() {
mkdir -p /mnt/boot/isolinux
cp /usr/local/src/syslinux/bios/core/isolinux.bin /mnt/boot/isolinux/isolinux.bin
cp /usr/local/src/syslinux/bios/com32/elflink/ldlinux/ldlinux.c32 /mnt/boot/isolinux/ldlinux.c32
cp -v /usr/local/src/syslinux/bios/core/isolinux.bin /mnt/boot/isolinux/isolinux.bin
cp -v /usr/local/src/syslinux/bios/com32/elflink/ldlinux/ldlinux.c32 /mnt/boot/isolinux/ldlinux.c32
create_extlinux_conf /mnt/boot/isolinux/isolinux.conf
tar -xpvJf /generated/rootfs.tar.xz -C /mnt
mkisofs -o ${ISO_IMAGE} -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table .
Expand All @@ -69,8 +69,8 @@ function create_ami() {
packer build -var "version=${VERSION}" "${@}" /packer.json
}

function size() {
xz --robot --list /generated/rootfs.tar.xz | sed -n '3p' | cut -d$'\t' -f5 | awk '{printf("%.0f", $1*0.000001)}'
function size_xz() {
xz --robot --list $1 | sed -n '3p' | cut -d$'\t' -f5 | awk '{printf("%.0f", $1*0.000001)}'
}

function extract_boot_partition() {
Expand All @@ -80,8 +80,8 @@ function extract_boot_partition() {
mkdir -pv /mnt/boot/extlinux
extlinux --install /mnt/boot/extlinux
create_extlinux_conf /mnt/boot/extlinux/extlinux.conf
cp /generated/boot/vmlinuz /mnt/boot
cp /generated/boot/initramfs.xz /mnt/boot
cp -v /generated/boot/vmlinuz /mnt/boot
cp -v /generated/boot/initramfs.xz /mnt/boot
umount -v /mnt
}

Expand Down Expand Up @@ -128,6 +128,8 @@ VMDK_IMAGE="/out/image.vmdk"
ISO_IMAGE="/out/image.iso"
FULL=false
RAW=false
ROOTFS_SIZE=$(size_xz /generated/rootfs.tar.xz)
INITRAMFS_SIZE=$(size_xz /generated/boot/initramfs.xz)

case "$1" in
image)
Expand All @@ -144,7 +146,7 @@ case "$1" in
;;
l )
trap cleanup ERR
dd if=/dev/zero of=${RAW_IMAGE} bs=1M count=$(($(size) + 150))
dd if=/dev/zero of=${RAW_IMAGE} bs=1M count=$(($(size_xz) + 150))
DEVICE=$(losetup -f)
RAW=true
echo "Using loop device ${RAW_IMAGE} as installation media"
Expand Down Expand Up @@ -177,7 +179,7 @@ case "$1" in
echo "The userdata flag '-u' must be specified"
exit 1
fi

echo -e "Creating image\n\t/: ${ROOTFS_SIZE}Mb\n\t/boot: ${INITRAMFS_SIZE}Mb"
create_image
;;
vmdk)
Expand Down
107 changes: 86 additions & 21 deletions src/initramfs/.conform.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,27 +1,73 @@
metadata:
repository: dianemo/initramfs
variables:
rootfs: /rootfs
versionPath: github.com/autonomy/dianemo/src/initramfs/pkg/version
script:
template: |
#!/bin/sh
set -e
docker tag {{ .Repository }}:osd autonomy/osd:{{ .Git.SHA }}
docker save autonomy/osd:{{ .Git.SHA }} -o ../../build/osd.tar
docker tag {{ .Repository }}:trustd autonomy/trustd:{{ .Git.SHA }}
docker save autonomy/trustd:{{ .Git.SHA }} -o ../../build/trustd.tar
docker tag {{ .Repository }}:proxyd autonomy/proxyd:{{ .Git.SHA }}
docker save autonomy/proxyd:{{ .Git.SHA }} -o ../../build/proxyd.tar
{{ if and (.Git.IsClean) (or (.Git.IsTag) (eq .Git.Branch "master")) }}
docker login --username=$DOCKER_USERNAME --password=$DOCKER_PASSWORD
docker tag autonomy/osd:{{ .Git.SHA }} autonomy/osd:latest
docker push autonomy/osd:{{ .Git.SHA }}
docker push autonomy/osd:latest
docker tag autonomy/trustd:{{ .Git.SHA }} autonomy/trustd:latest
docker push autonomy/trustd:{{ .Git.SHA }}
docker push autonomy/trustd:latest
docker tag autonomy/proxyd:{{ .Git.SHA }} autonomy/proxyd:latest
docker push autonomy/proxyd:{{ .Git.SHA }}
docker push autonomy/proxyd:latest
{{ end }}
pipeline:
stages:
- generate
- build
- base
- osd
- osctl
- trustd
- proxyd
- initramfs
stages:
build:
base:
tasks:
- src
- test
osd:
tasks:
- osd
osctl:
artifacts:
- source: /tmp/osctl-linux-amd64
- source: /osctl-linux-amd64
destination: ../../build/osctl-linux-amd64
- source: /tmp/osctl-darwin-amd64
- source: /osctl-darwin-amd64
destination: ../../build/osctl-darwin-amd64
tasks:
- src
- init
- initramfs
- osctl
trustd:
tasks:
- trustd
proxyd:
tasks:
- proxyd
- osd
- osctl
- test
initramfs:
tasks:
- init
- initramfs
- image
generate:
artifacts:
Expand All @@ -36,33 +82,38 @@ tasks:
template: |
FROM scratch
WORKDIR /tmp
COPY --from=src /initramfs/init init
COPY --from=src /initramfs/initramfs.xz initramfs.xz
COPY --from=src /trustd trustd
COPY --from=src /proxyd proxyd
COPY --from=src /osd osd
COPY --from=src /osctl-linux-amd64 osctl-linux-amd64
COPY --from=src /osctl-darwin-amd64 osctl-darwin-amd64
COPY --from=init /initramfs/initramfs.xz initramfs.xz
CMD false
init:
template: |
FROM {{ .Repository }}:base AS {{ .Docker.CurrentStage }}
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs/cmd/{{ .Docker.CurrentStage }}
{{ if and .Git.IsClean .Git.IsTag }}
RUN GOOS=linux GOARCH=amd64 go build \
-ldflags "-s -w -linkmode external -extldflags \"-static -L/usr/lib -lblkid -luuid\" -X {{ index .Variables "versionPath" }}.Name=Dianemo -X {{ index .Variables "versionPath" }}.Tag={{ .Git.Tag }} -X {{ index .Variables "versionPath" }}.SHA={{ .Git.SHA }} -X \"{{ index .Variables "versionPath" }}.Built={{ .Built }}\"" \
-ldflags "-s -w -linkmode external -extldflags \"-L/lib -lblkid -luuid\" -X {{ index .Variables "versionPath" }}.Name=Dianemo -X {{ index .Variables "versionPath" }}.Tag={{ .Git.Tag }} -X {{ index .Variables "versionPath" }}.SHA={{ .Git.SHA }} -X \"{{ index .Variables "versionPath" }}.Built={{ .Built }}\"" \
-o /initramfs/init
{{ else }}
RUN GOOS=linux GOARCH=amd64 go build \
-ldflags "-s -w -linkmode external -extldflags \"-static -L/usr/lib -lblkid -luuid\" -X {{ index .Variables "versionPath" }}.Name=Dianemo -X {{ index .Variables "versionPath" }}.Tag=none -X {{ index .Variables "versionPath" }}.SHA={{ .Git.SHA }}" \
-ldflags "-s -w -linkmode external -extldflags \"-L/lib -lblkid -luuid\" -X {{ index .Variables "versionPath" }}.Name=Dianemo -X {{ index .Variables "versionPath" }}.Tag=none -X {{ index .Variables "versionPath" }}.SHA={{ .Git.SHA }}" \
-o /initramfs/init
{{ end }}
RUN chmod +x /initramfs/init
RUN mkdir -p /initramfs/lib \
&& cp /tools/lib/libblkid.* /initramfs/lib \
&& cp /tools/lib/libuuid.* /initramfs/lib
initramfs:
template: |
WORKDIR /initramfs
RUN find . 2>/dev/null | cpio -H newc -o | xz -v -C crc32 -9 -e -T 0 -z >/initramfs/initramfs.xz
RUN cp -R {{ index .Variables "rootfs" }}/* ./
{{ if .Git.IsClean }}
RUN find . 2>/dev/null | cpio -H newc -o | xz -v -C crc32 -9 -e -T 0 -z >/tmp/initramfs.xz
{{ else }}
RUN find . 2>/dev/null | cpio -H newc -o | xz -v -C crc32 -0 -e -T 0 -z >/tmp/initramfs.xz
{{ end }}
RUN cp /tmp/initramfs.xz /initramfs/initramfs.xz
osctl:
template: |
FROM {{ .Repository }}:base AS {{ .Docker.CurrentStage }}
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs/cmd/{{ .Docker.CurrentStage }}
{{ if and .Git.IsClean .Git.IsTag }}
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -a \
Expand All @@ -81,8 +132,10 @@ tasks:
{{ end }}
RUN chmod +x /{{ .Docker.CurrentStage }}-linux-amd64
RUN chmod +x /{{ .Docker.CurrentStage }}-darwin-amd64
CMD false
osd:
template: |
FROM {{ .Repository }}:base AS {{ .Docker.CurrentStage }}
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs/cmd/{{ .Docker.CurrentStage }}
{{ if and .Git.IsClean .Git.IsTag }}
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -a \
Expand All @@ -94,6 +147,9 @@ tasks:
-o /{{ .Docker.CurrentStage }}
{{ end }}
RUN chmod +x /{{ .Docker.CurrentStage }}
FROM scratch
COPY --from={{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }}
ENTRYPOINT ["/{{ .Docker.CurrentStage }}"]
proto:
template: |
FROM golang:1.11.0 AS {{ .Docker.CurrentStage }}
Expand All @@ -112,6 +168,7 @@ tasks:
RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto
proxyd:
template: |
FROM {{ .Repository }}:base AS {{ .Docker.CurrentStage }}
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs/cmd/{{ .Docker.CurrentStage }}
{{ if and .Git.IsClean .Git.IsTag }}
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -a \
Expand All @@ -123,16 +180,20 @@ tasks:
-o /{{ .Docker.CurrentStage }}
{{ end }}
RUN chmod +x /{{ .Docker.CurrentStage }}
FROM scratch
COPY --from={{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }}
ENTRYPOINT ["/{{ .Docker.CurrentStage }}"]
src:
template: |
FROM dianemo/tools:{{ .Docker.Image.Tag }} AS {{ .Docker.CurrentStage }}
RUN ln -s /tools/lib64 /lib64
RUN mkdir -p /etc/ssl/certs
RUN ln -s /tools/etc/ssl/certs/ca-certificates /etc/ssl/certs/ca-certificates
RUN mkdir /tmp
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b $GOPATH/bin v1.10.1
ENV GO111MODULE auto
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs
RUN cp /tools/lib/libblkid.* /lib \
&& cp /tools/lib/libuuid.* /lib
COPY ./ ./
RUN go mod download
RUN go mod verify
Expand All @@ -144,6 +205,7 @@ tasks:
RUN ./hack/test.sh --unit
trustd:
template: |
FROM {{ .Repository }}:base AS {{ .Docker.CurrentStage }}
WORKDIR /src/github.com/autonomy/dianemo/src/initramfs/cmd/{{ .Docker.CurrentStage }}
{{ if and .Git.IsClean .Git.IsTag }}
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -a \
Expand All @@ -155,3 +217,6 @@ tasks:
-o /{{ .Docker.CurrentStage }}
{{ end }}
RUN chmod +x /{{ .Docker.CurrentStage }}
FROM scratch
COPY --from={{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }} /{{ .Docker.CurrentStage }}
ENTRYPOINT ["/{{ .Docker.CurrentStage }}"]
Loading

0 comments on commit 8f09202

Please sign in to comment.