Message ID | 20170920030210.19446-2-christian@paral.in |
---|---|
State | RFC |
Headers | show |
Series | Upgrading Go to 1.9 and Docker to v2017.07 | expand |
On 20-09-17 05:02, Christian Stewart wrote: > dumb-init is a minimal init process to act as PID 1 for containers. > > dumb-init can be used to satisfy docker-engine's docker-init binary > requirement. > > In many cases docker-init backing processes like dumb-init must be static, as > they are executed inside a container in an unknown environment. I really don't understand this requirement. The container is supposed to contain this dumb-init executable as well as the rest of the Buildroot-generated filesystem, right? So all required libs + dynamic loader will be there. Why does it need to be static, then? Is it going to be executed outside of the container? For docker-client, I can understand, because there the point is that docker-engine runs outside of the container while within the container you have some other OS, and docker-client is supposed to run inside the container as well. So please improve your explanation :-) Also, add it to the help text, so that the user gets an idea why they would want to enable the option. > This > patch includes an option to specifically compile dumb-init statically, even if > the system is compiled dynamically. > > Signed-off-by: Christian Stewart <christian@paral.in> [snip] > diff --git a/package/dumb-init/Config.in b/package/dumb-init/Config.in > new file mode 100644 > index 0000000000..aaad119a15 > --- /dev/null > +++ b/package/dumb-init/Config.in > @@ -0,0 +1,16 @@ > +config BR2_PACKAGE_DUMB_INIT > + bool "dumb-init" > + help > + dumb-init is a simple but valid init binary to > + act as PID 1 for containers. Please wrap at 72 columns, not less. > + > + https://github.com/Yelp/dumb-init > + > +if BR2_PACKAGE_DUMB_INIT > + > +config BR2_PACKAGE_DUMB_INIT_STATIC > + bool "build static" > + help > + Enables static compilation for dumb-init. > + > +endif > diff --git a/package/dumb-init/dumb-init.hash b/package/dumb-init/dumb-init.hash > new file mode 100644 > index 0000000000..4705ce4368 > --- /dev/null > +++ b/package/dumb-init/dumb-init.hash > @@ -0,0 +1,2 @@ > +# Locally computed > +sha256 74486997321bd939cad2ee6af030f481d39751bc9aa0ece84ed55f864e309a3f v1.2.0.tar.gz > diff --git a/package/dumb-init/dumb-init.mk b/package/dumb-init/dumb-init.mk > new file mode 100644 > index 0000000000..cc24ffafa1 > --- /dev/null > +++ b/package/dumb-init/dumb-init.mk > @@ -0,0 +1,27 @@ > +################################################################################ > +# > +# dumb-init > +# > +################################################################################ > + > +DUMB_INIT_VERSION = v1.2.0 > +DUMB_INIT_SITE = https://github.com/Yelp/dumb-init/archive > +DUMB_INIT_SOURCE = $(DUMB_INIT_VERSION).tar.gz > +DUMB_INIT_LICENSE = MIT > +DUMB_INIT_LICENSE_FILES = LICENSE > + > +ifeq ($(BR2_PACKAGE_DUMB_INIT_STATIC),y) > +DUMB_INIT_CFLAGS += -static > +endif > + > +define DUMB_INIT_BUILD_CMDS > + $(TARGET_CC) \ > + $(DUMB_INIT_CFLAGS) \ You also have to pass TARGET_CFLAGS and TARGET_LDFLAGS. Probably the easiest is to collect those in DUMB_INIT_CFLAGS as well. Well, that's assuming you don't remove that option :-) Regards, Arnout > + -o $(@D)/dumb-init $(@D)/dumb-init.c > +endef > + > +define DUMB_INIT_INSTALL_TARGET_CMDS > + $(INSTALL) -D -m 0755 $(@D)/dumb-init $(TARGET_DIR)/usr/bin/dumb-init > +endef > + > +$(eval $(generic-package)) >
Hi Arnout, On Thu, Sep 21, 2017 at 10:23 PM, Arnout Vandecappelle: > I really don't understand this requirement. The container is supposed to > contain this dumb-init executable as well as the rest of the Buildroot-generated > filesystem, right? So all required libs + dynamic loader will be there. Why does > it need to be static, then? Is it going to be executed outside of the container? The container is NOT supposed to contain this. Putting dumb-init and tini inside the container was a workaround for when Docker did not init the containers properly with a pid 1 manager. Docker has fixed this "issue" by adding the --init option to the run command which uses the provided docker-init binary as the PID 1. It will be executed INSIDE the container as the Pid 1, and has no access to the parent system. > So please improve your explanation :-) Also, add it to the help text, so that > the user gets an idea why they would want to enable the option. The option is enabled automatically by docker-engine as a dependency because it will not work at all without building it statically. The option is there so that if you decide for some reason you want tini or dumb-init in your target system with the absence of docker, which is valid in some cases where you might be doing a cgroup isolation / jail / other pid 1 situation without Docker and still want the init process. Christian
diff --git a/package/Config.in b/package/Config.in index 48d1381921..96f04dec7a 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1835,6 +1835,7 @@ comment "Utilities" source "package/crudini/Config.in" source "package/dialog/Config.in" source "package/dtach/Config.in" + source "package/dumb-init/Config.in" source "package/file/Config.in" source "package/easy-rsa/Config.in" source "package/gnupg/Config.in" diff --git a/package/dumb-init/Config.in b/package/dumb-init/Config.in new file mode 100644 index 0000000000..aaad119a15 --- /dev/null +++ b/package/dumb-init/Config.in @@ -0,0 +1,16 @@ +config BR2_PACKAGE_DUMB_INIT + bool "dumb-init" + help + dumb-init is a simple but valid init binary to + act as PID 1 for containers. + + https://github.com/Yelp/dumb-init + +if BR2_PACKAGE_DUMB_INIT + +config BR2_PACKAGE_DUMB_INIT_STATIC + bool "build static" + help + Enables static compilation for dumb-init. + +endif diff --git a/package/dumb-init/dumb-init.hash b/package/dumb-init/dumb-init.hash new file mode 100644 index 0000000000..4705ce4368 --- /dev/null +++ b/package/dumb-init/dumb-init.hash @@ -0,0 +1,2 @@ +# Locally computed +sha256 74486997321bd939cad2ee6af030f481d39751bc9aa0ece84ed55f864e309a3f v1.2.0.tar.gz diff --git a/package/dumb-init/dumb-init.mk b/package/dumb-init/dumb-init.mk new file mode 100644 index 0000000000..cc24ffafa1 --- /dev/null +++ b/package/dumb-init/dumb-init.mk @@ -0,0 +1,27 @@ +################################################################################ +# +# dumb-init +# +################################################################################ + +DUMB_INIT_VERSION = v1.2.0 +DUMB_INIT_SITE = https://github.com/Yelp/dumb-init/archive +DUMB_INIT_SOURCE = $(DUMB_INIT_VERSION).tar.gz +DUMB_INIT_LICENSE = MIT +DUMB_INIT_LICENSE_FILES = LICENSE + +ifeq ($(BR2_PACKAGE_DUMB_INIT_STATIC),y) +DUMB_INIT_CFLAGS += -static +endif + +define DUMB_INIT_BUILD_CMDS + $(TARGET_CC) \ + $(DUMB_INIT_CFLAGS) \ + -o $(@D)/dumb-init $(@D)/dumb-init.c +endef + +define DUMB_INIT_INSTALL_TARGET_CMDS + $(INSTALL) -D -m 0755 $(@D)/dumb-init $(TARGET_DIR)/usr/bin/dumb-init +endef + +$(eval $(generic-package))
dumb-init is a minimal init process to act as PID 1 for containers. dumb-init can be used to satisfy docker-engine's docker-init binary requirement. In many cases docker-init backing processes like dumb-init must be static, as they are executed inside a container in an unknown environment. This patch includes an option to specifically compile dumb-init statically, even if the system is compiled dynamically. Signed-off-by: Christian Stewart <christian@paral.in> --- package/Config.in | 1 + package/dumb-init/Config.in | 16 ++++++++++++++++ package/dumb-init/dumb-init.hash | 2 ++ package/dumb-init/dumb-init.mk | 27 +++++++++++++++++++++++++++ 4 files changed, 46 insertions(+) create mode 100644 package/dumb-init/Config.in create mode 100644 package/dumb-init/dumb-init.hash create mode 100644 package/dumb-init/dumb-init.mk