From 07b042c53ed0e81d894810002162f7c0d92a68c5 Mon Sep 17 00:00:00 2001 From: Gerard Ryan Date: Sat, 20 Jun 2020 18:02:29 +1000 Subject: [PATCH 1/3] docker-ce: Simplified config layout for menuconfig cgroupfs-mount: Replaced dependency with cgroup config option Signed-off-by: Gerard Ryan --- utils/cgroupfs-mount/Makefile | 12 ++- utils/docker-ce/Config.in | 151 ++++++++++++++++++---------------- 2 files changed, 88 insertions(+), 75 deletions(-) diff --git a/utils/cgroupfs-mount/Makefile b/utils/cgroupfs-mount/Makefile index 03d1088a6..e5c3eabe1 100644 --- a/utils/cgroupfs-mount/Makefile +++ b/utils/cgroupfs-mount/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cgroupfs-mount PKG_VERSION:=1.4 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/tianon/cgroupfs-mount/tar.gz/${PKG_VERSION}? @@ -12,11 +12,19 @@ PKG_MAINTAINER:=Gerard Ryan include $(INCLUDE_DIR)/package.mk +define Package/cgroupfs-mount/config + config CGROUPFS_MOUNT_KERNEL_CGROUPS + bool "Enable kernel cgroups support" + depends on PACKAGE_cgroupfs-mount + default y if ( DOCKER_KERNEL_OPTIONS || LXC_KERNEL_OPTIONS ) + select KERNEL_CGROUPS +endef + define Package/cgroupfs-mount SECTION:=utils CATEGORY:=Utilities TITLE:=cgroup mount scripts - DEPENDS:=@KERNEL_CGROUPS +mount-utils + DEPENDS:=+mount-utils MENU:=1 endef diff --git a/utils/docker-ce/Config.in b/utils/docker-ce/Config.in index dba32c45a..56f1e0b57 100644 --- a/utils/docker-ce/Config.in +++ b/utils/docker-ce/Config.in @@ -1,85 +1,90 @@ -menu "Kernel features for Docker" - config DOCKER_KERNEL_OPTIONS - bool "Enable Basic kernel support for Docker" +config DOCKER_KERNEL_OPTIONS + bool "Enable Basic kernel support for Docker" + depends on PACKAGE_docker-ce + default n + select KERNEL_CGROUPS + select KERNEL_CGROUP_CPUACCT + select KERNEL_CGROUP_SCHED + select KERNEL_NAMESPACES + select KERNEL_CPUSETS + select KERNEL_MEMCG + select KERNEL_KEYS + select KERNEL_DEVPTS_MULTIPLE_INSTANCES + select KERNEL_POSIX_MQUEUE + help + Select needed kernel options for Docker. Options include + cgroups, namespaces and other miscellaneous options. + see also https://github.com/docker/engine/blob/master/contrib/check-config.sh + +config DOCKER_SECCOMP + bool "Enable support for seccomp in Docker" + depends on PACKAGE_docker-ce + default n + select KERNEL_SECCOMP + select PACKAGE_libseccomp + help + Build Docker with support for seccomp filters. + Select libseccomp which also pulls-in the needed kernel features. + +config DOCKER_RES_SHAPE + bool "Enables support for resource shaping" + depends on PACKAGE_docker-ce + default n + select KERNEL_MEMCG_SWAP + select KERNEL_MEMCG_SWAP_ENABLED + select KERNEL_BLK_DEV_THROTTLING + select KERNEL_CFQ_GROUP_IOSCHED + select KERNEL_CGROUP_PERF + select KERNEL_FAIR_GROUP_SCHED + select KERNEL_CFS_BANDWIDTH + select KERNEL_RT_GROUP_SCHED + +menu "Network" + depends on PACKAGE_docker-ce + + config DOCKER_NET_OVERLAY + bool "Enables the Overlay network feature" default n - select KERNEL_CGROUPS - select KERNEL_CGROUP_CPUACCT - select KERNEL_CGROUP_SCHED - select KERNEL_NAMESPACES - select KERNEL_CPUSETS - select KERNEL_MEMCG - select KERNEL_KEYS - select KERNEL_DEVPTS_MULTIPLE_INSTANCES - select KERNEL_POSIX_MQUEUE + select PACKAGE_kmod-udptunnel4 help - Select needed kernel options for Docker. Options include - cgroups, namespaces and other miscellaneous options. - see also https://github.com/docker/engine/blob/master/contrib/check-config.sh + Selects kernel options for the Overlay network feature. + Includes udptunnel4 - config DOCKER_SECCOMP - bool "Enable support for seccomp in Docker" + config DOCKER_NET_ENCRYPT + bool "Enable encrypted networking kernel support" + depends on DOCKER_NET_OVERLAY default n - select KERNEL_SECCOMP - select PACKAGE_libseccomp + select PACKAGE_kmod-ipsec + select PACKAGE_kmod-ipsec4 + select PACKAGE_kmod-crypto-gcm + select PACKAGE_kmod-crypto-ghash help - Build Docker with support for seccomp filters. - Select libseccomp which also pulls-in the needed kernel features. + Select needed kernel options for encrypted networking support. - config DOCKER_RES_SHAPE - bool "Enables support for resource shaping" + config DOCKER_NET_MACVLAN + bool "Enables macvlan kernel support" default n - select KERNEL_MEMCG_SWAP - select KERNEL_MEMCG_SWAP_ENABLED - select KERNEL_BLK_DEV_THROTTLING - select KERNEL_CFQ_GROUP_IOSCHED - select KERNEL_CGROUP_PERF - select KERNEL_FAIR_GROUP_SCHED - select KERNEL_CFS_BANDWIDTH - select KERNEL_RT_GROUP_SCHED - - menu "Network" - config DOCKER_NET_OVERLAY - bool "Enables the Overlay network feature" - default n - select PACKAGE_kmod-udptunnel4 - help - Selects kernel options for the Overlay network feature. - Includes udptunnel4 + select PACKAGE_kmod-macvlan + select PACKAGE_kmod-dummy - config DOCKER_NET_ENCRYPT - bool "Enable encrypted networking kernel support" - depends on DOCKER_NET_OVERLAY - default n - select PACKAGE_kmod-ipsec - select PACKAGE_kmod-ipsec4 - select PACKAGE_kmod-crypto-gcm - select PACKAGE_kmod-crypto-ghash - help - Select needed kernel options for encrypted networking support. - - config DOCKER_NET_MACVLAN - bool "Enables macvlan kernel support" - default n - select PACKAGE_kmod-macvlan - select PACKAGE_kmod-dummy + config DOCKER_NET_TFTP + bool "Enable ftp/tftp client kernel support" + default n + select PACKAGE_kmod-nf-nathelper + select PACKAGE_kmod-nf-nathelper-extra +endmenu - config DOCKER_NET_TFTP - bool "Enable ftp/tftp client kernel support" - default n - select PACKAGE_kmod-nf-nathelper - select PACKAGE_kmod-nf-nathelper-extra - endmenu +menu "Storage" + depends on PACKAGE_docker-ce - menu "Storage" - config DOCKER_STO_EXT4 - bool "Enables support for ext3 or ext4 as the backing filesystem" - default n - select KERNEL_EXT4_FS_POSIX_ACL + config DOCKER_STO_EXT4 + bool "Enables support for ext3 or ext4 as the backing filesystem" + default n + select KERNEL_EXT4_FS_POSIX_ACL - config DOCKER_STO_BTRFS - bool "Enables support for btrfs as the backing filesystem" - default n - select PACKAGE_kmod-fs-btrfs - select KERNEL_BTRFS_FS_POSIX_ACL - endmenu + config DOCKER_STO_BTRFS + bool "Enables support for btrfs as the backing filesystem" + default n + select PACKAGE_kmod-fs-btrfs + select KERNEL_BTRFS_FS_POSIX_ACL endmenu From 845cc4e5721211ba31476ef390e06eeb84a0bad5 Mon Sep 17 00:00:00 2001 From: Gerard Ryan Date: Sat, 20 Jun 2020 17:01:30 +1000 Subject: [PATCH 2/3] libnetwork: Updated to 153d0769 for docker 19.03.11 Signed-off-by: Gerard Ryan --- utils/libnetwork/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/libnetwork/Makefile b/utils/libnetwork/Makefile index 84a369dfd..ceae9c996 100644 --- a/utils/libnetwork/Makefile +++ b/utils/libnetwork/Makefile @@ -12,9 +12,9 @@ GO_PKG_BUILD_PKG:= \ PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://$(GO_PKG) -PKG_SOURCE_VERSION:=0941c3f409260d5f05cfa6fc68420d8ad45ee483 -PKG_SOURCE_DATE:=2020-03-19 -PKG_MIRROR_HASH:=678e1d3175fd78833fddd38965baa3784993dbf53c3f56f5f7d39364eeaf93e1 +PKG_SOURCE_VERSION:=153d0769a1181bf591a9637fd487a541ec7db1e6 +PKG_SOURCE_DATE:=2020-04-04 +PKG_MIRROR_HASH:=72d540bd6a3681dbc6eb4d271beb57d030b501c2e4bca33e82b6027a3e523ac6 PKG_MAINTAINER:=Gerard Ryan From 10652158cf5bf0eca9a2488af42e5bf0d068b0cf Mon Sep 17 00:00:00 2001 From: Gerard Ryan Date: Sat, 20 Jun 2020 17:05:23 +1000 Subject: [PATCH 3/3] docker-ce: Updated to 19.03.11 * Automated dependency version checking Signed-off-by: Gerard Ryan --- utils/docker-ce/Makefile | 37 +++++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/utils/docker-ce/Makefile b/utils/docker-ce/Makefile index 56ac8564e..89e7cdd94 100644 --- a/utils/docker-ce/Makefile +++ b/utils/docker-ce/Makefile @@ -1,32 +1,31 @@ include $(TOPDIR)/rules.mk PKG_NAME:=docker-ce -PKG_VERSION:=19.03.9 +PKG_VERSION:=19.03.11 PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=components/cli/LICENSE components/engine/LICENSE PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/docker/docker-ce/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=f1b9e28e789516b4ba741cc4683c2c088e8c4893e2acbd7ac272a75ddeccc1a1 -PKG_SOURCE_VERSION:=9d988398e7 # SHA1 used within the docker executables +PKG_HASH:=5821b189056d64ca7961c4c93cfa60c1805d0fbe4a1ea2d57ff2122b3dc61ea1 +PKG_SOURCE_VERSION:=42e35e61f3 # SHA1 used within the docker executables PKG_MAINTAINER:=Gerard Ryan -define CheckExpectedSrcVer - $(eval SRC_VER:=$(shell grep --only-matching --perl-regexp '(?<=PKG_SOURCE_VERSION:=)(.*)' $(1))) - $(if $(subst $(2),,$(SRC_VER)), \ - $(error ERROR: Expected $(1) source version '$(2)', found '$(SRC_VER)'), \ - $(info OK: Expected $(1) source version '$(2)', found '$(SRC_VER)') \ +# $(1) = path to dependent package 'Makefile' +# $(2) = relevant docker-ce '.installer' file +define EnsureVendoredVersion + ( \ + DEP_VER=$$$$( grep --only-matching --perl-regexp '(?<=PKG_SOURCE_VERSION:=)(.*)' "$(1)" ); \ + VEN_VER=$$$$( grep --only-matching --perl-regexp '(?<=_COMMIT:=)(.*)(?=})' "$(PKG_BUILD_DIR)/components/engine/hack/dockerfile/install/$(2)" ); \ + if [ $$$$VEN_VER != $$$$DEP_VER ]; then \ + echo "ERROR: Expected 'PKG_SOURCE_VERSION:=$$$$VEN_VER' in '$(1)', found 'PKG_SOURCE_VERSION:=$$$$DEP_VER'"; \ + exit 1; \ + fi \ ) endef -# values from respective '.installer' files at https://github.com/docker/docker-ce/blob/v$(PKG_VERSION)/components/engine/hack/dockerfile/install/ -$(eval $(call CheckExpectedSrcVer,../containerd/Makefile,7ad184331fa3e55e52b890ea95e65ba581ae3429)) -$(eval $(call CheckExpectedSrcVer,../libnetwork/Makefile,0941c3f409260d5f05cfa6fc68420d8ad45ee483)) -$(eval $(call CheckExpectedSrcVer,../runc/Makefile,dc9208a3303feef5b3839f4323d9beb36df0a9dd)) -$(eval $(call CheckExpectedSrcVer,../tini/Makefile,fec3683b971d9c3ef73f284f176672c44b448662)) - PKG_BUILD_DEPENDS:=golang/host PKG_BUILD_PARALLEL:=1 @@ -55,6 +54,16 @@ define Package/docker-ce/description to run anywhere consistently on any infrastructure. endef +define Build/Prepare + $(Build/Prepare/Default) + + # Verify dependencies are the vendored version + $(call EnsureVendoredVersion,../containerd/Makefile,containerd.installer) + $(call EnsureVendoredVersion,../libnetwork/Makefile,proxy.installer) + $(call EnsureVendoredVersion,../runc/Makefile,runc.installer) + $(call EnsureVendoredVersion,../tini/Makefile,tini.installer) +endef + define Build/Configure # move so GoPackage/Build/Configure will get the correct path mv $(PKG_BUILD_DIR)/components/engine $(PKG_BUILD_DIR)/