diff --git a/0001-docs-man-rename-config.toml-5-to-be-more-descriptive.patch b/0001-docs-man-rename-config.toml-5-to-be-more-descriptive.patch new file mode 100644 index 0000000..8c7f5e2 --- /dev/null +++ b/0001-docs-man-rename-config.toml-5-to-be-more-descriptive.patch @@ -0,0 +1,112 @@ +From 7aa132ffc732e445a7673d1dd0612d32737cd0dd Mon Sep 17 00:00:00 2001 +From: Aleksa Sarai +Date: Wed, 8 Aug 2018 18:15:00 +1000 +Subject: [PATCH] docs: man: rename config.toml(5) to be more descriptive + +The man page namespace is global, so in order to avoid colliding with +other man pages named "config.toml" rename ours to be more descriptive. +This also helps with discoverability (now tab-completion of 'man +containerd' will return the config man page), as well as making it +much cleaner from the perspective of distributions that want to package +containerd. + +Signed-off-by: Aleksa Sarai +--- + Makefile | 2 +- + docs/man/containerd-config.1.md | 8 ++++---- + ...{config.toml.5.md => containerd-config.toml.5.md} | 12 ++++++------ + docs/man/containerd.1.md | 2 +- + docs/man/ctr.1.md | 2 +- + 5 files changed, 13 insertions(+), 13 deletions(-) + rename docs/man/{config.toml.5.md => containerd-config.toml.5.md} (90%) + +diff --git a/Makefile b/Makefile +index 3c9378254a3c..a474ace45cee 100644 +--- a/Makefile ++++ b/Makefile +@@ -72,7 +72,7 @@ TEST_REQUIRES_ROOT_PACKAGES=$(filter \ + + # Project binaries. + COMMANDS=ctr containerd containerd-stress containerd-release +-MANPAGES=ctr.1 containerd.1 config.toml.5 containerd-config.1 ++MANPAGES=ctr.1 containerd.1 containerd-config.1 containerd-config.toml.5 + + # Build tags seccomp and apparmor are needed by CRI plugin. + BUILDTAGS ?= seccomp apparmor +diff --git a/docs/man/containerd-config.1.md b/docs/man/containerd-config.1.md +index 002034478d3e..8960b0a8b637 100644 +--- a/docs/man/containerd-config.1.md ++++ b/docs/man/containerd-config.1.md +@@ -10,13 +10,13 @@ The *containerd config* command has one subcommand, named *default*, which + will display on standard output the default containerd config for this version + of the containerd daemon. + +-This output can be piped to a __config.toml(5)__ file and placed in ++This output can be piped to a __containerd-config.toml(5)__ file and placed in + **/etc/containerd** to be used as the configuration for containerd on daemon + startup. The configuration can be placed in any filesystem location and used + with the **--config** option to the containerd daemon as well. + +-See __config.toml(5)__ for more information on the containerd configuration +-options. ++See __containerd-config.toml(5)__ for more information on the containerd ++configuration options. + + ## OPTIONS + +@@ -34,4 +34,4 @@ Phil Estes + + ## SEE ALSO + +-ctr(1), config.toml(5), containerd(1) ++ctr(1), containerd(1), containerd-config.toml(5) +diff --git a/docs/man/config.toml.5.md b/docs/man/containerd-config.toml.5.md +similarity index 90% +rename from docs/man/config.toml.5.md +rename to docs/man/containerd-config.toml.5.md +index 75586e813c3a..b9c1edbde329 100644 +--- a/docs/man/config.toml.5.md ++++ b/docs/man/containerd-config.toml.5.md +@@ -1,13 +1,13 @@ +-# config.toml 5 02/02/2018 ++# /etc/containerd/config.toml 5 08/08/2018 + + ## SYNOPSIS + + The **config.toml** file is a configuration file for the containerd daemon. The +-file must be placed in **/etc/containerd/** or used with the **--config** +-option of **containerd** to be used by the daemon. If the file does not exist +-at the appropriate location or is not provided via the **--config** option +-containerd uses its default configuration settings, which can be displayed +-with the **containerd config(1)** command. ++file must be placed at **/etc/containerd/config.toml** or specified with the ++**--config** option of **containerd** to be used by the daemon. If the file ++does not exist at the appropriate location or is not provided via the ++**--config** option containerd uses its default configuration settings, which ++can be displayed with the **containerd config(1)** command. + + ## DESCRIPTION + +diff --git a/docs/man/containerd.1.md b/docs/man/containerd.1.md +index b919d3da6ae5..691c909eb5c1 100644 +--- a/docs/man/containerd.1.md ++++ b/docs/man/containerd.1.md +@@ -53,4 +53,4 @@ Phil Estes + + ## SEE ALSO + +-ctr(1), config.toml(5), containerd-config(1) ++ctr(1), containerd-config(1), containerd-config.toml(5) +diff --git a/docs/man/ctr.1.md b/docs/man/ctr.1.md +index e69d535fd0a0..1febde5b4439 100644 +--- a/docs/man/ctr.1.md ++++ b/docs/man/ctr.1.md +@@ -91,4 +91,4 @@ Phil Estes + + ## SEE ALSO + +-containerd(1), config.toml(5), containerd-config(1) ++containerd(1), containerd-config(1), containerd-config.toml(5) +-- +2.18.0 + diff --git a/_service b/_service index cb7a655..fa0dd61 100644 --- a/_service +++ b/_service @@ -4,7 +4,7 @@ git containerd git.%h - 06b9cb35161009dcb7123345749fef02f7cea8e0 + d64c661f1d51c48782c9cec8fda7604785f93587 .git diff --git a/bsc1065109-0001-makefile-add-support-for-build_flags.patch b/bsc1065109-0001-makefile-add-support-for-build_flags.patch deleted file mode 100644 index 0c0d162..0000000 --- a/bsc1065109-0001-makefile-add-support-for-build_flags.patch +++ /dev/null @@ -1,62 +0,0 @@ -From e805baf7240fbd2ba7eb12dd64a251cd7d272b7e Mon Sep 17 00:00:00 2001 -From: Aleksa Sarai -Date: Fri, 27 Oct 2017 04:21:24 +1100 -Subject: [PATCH] makefile: add support for build_flags - -This is quite necessary in order for us to be able to build RPMs using -the upstream Makefile. -buildmode=pie in particular is quite an -important flag to use by default. - -SUSE-Bugfix: http://bugzilla.suse.com/show_bug.cgi?id=1065109 -SUSE-Bugfix: https://bugzilla.opensuse.org/show_bug.cgi?id=1053532 -SUSE-Backport: https://github.com/containerd/containerd/pull/1686 -Signed-off-by: Aleksa Sarai ---- - Makefile | 14 ++++++++------ - 1 file changed, 8 insertions(+), 6 deletions(-) - -diff --git a/Makefile b/Makefile -index c822bf762c8c..23f21a1ce402 100644 ---- a/Makefile -+++ b/Makefile -@@ -5,6 +5,8 @@ PROJECT=github.com/containerd/containerd - GIT_COMMIT := $(shell git rev-parse HEAD 2> /dev/null || true) - GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2> /dev/null) - -+DYN_BUILD_FLAGS := -buildmode=pie -+STATIC_BUILD_FLAGS := - LDFLAGS := -X github.com/containerd/containerd.GitCommit=${GIT_COMMIT} ${LDFLAGS} - - TEST_TIMEOUT ?= 5m -@@ -42,22 +44,22 @@ clean: - rm -rf bin && rm -rf output - - client: bin -- cd ctr && go build -ldflags "${LDFLAGS}" -o ../bin/ctr -+ cd ctr && go build $(DYN_BUILD_FLAGS) -ldflags "${LDFLAGS}" -o ../bin/ctr - - client-static: -- cd ctr && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/ctr -+ cd ctr && go build $(STATIC_BUILD_FLAGS) -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/ctr - - daemon: bin -- cd containerd && go build -ldflags "${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd -+ cd containerd && go build $(DYN_BUILD_FLAGS) -ldflags "${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd - - daemon-static: -- cd containerd && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd -+ cd containerd && go build $(STATIC_BUILD_FLAGS) -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd - - shim: bin -- cd containerd-shim && go build -tags "$(BUILDTAGS)" -ldflags "-w ${LDFLAGS}" -o ../bin/containerd-shim -+ cd containerd-shim && go build $(DYN_BUILD_FLAGS) -tags "$(BUILDTAGS)" -ldflags "-w ${LDFLAGS}" -o ../bin/containerd-shim - - shim-static: -- cd containerd-shim && go build -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd-shim -+ cd containerd-shim && go build $(STATIC_BUILD_FLAGS) -ldflags "-w -extldflags -static ${LDFLAGS}" -tags "$(BUILDTAGS)" -o ../bin/containerd-shim - - $(TESTBENCH_BUNDLE_DIR)/busybox.tar: - mkdir -p $(TESTBENCH_BUNDLE_DIR) --- -2.14.2 - diff --git a/containerd-git.06b9cb351610.tar.xz b/containerd-git.06b9cb351610.tar.xz deleted file mode 100644 index 11da171..0000000 --- a/containerd-git.06b9cb351610.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6962fa86dd1396c4a8d0c0509ec26a8f3b9911bf5884bfd6a5ec6e2d2119f73f -size 529504 diff --git a/containerd-git.d64c661f1d51.tar.xz b/containerd-git.d64c661f1d51.tar.xz new file mode 100644 index 0000000..e39c379 --- /dev/null +++ b/containerd-git.d64c661f1d51.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d02f6877663c11da7bda5e153655001a2f762f935ce98c5dd3e67b7554b290b6 +size 3369840 diff --git a/containerd-rpmlintrc b/containerd-rpmlintrc new file mode 100644 index 0000000..82083a5 --- /dev/null +++ b/containerd-rpmlintrc @@ -0,0 +1,2 @@ +addFilter ("^containerd(-kubic)?.*: W: statically-linked-binary /usr/sbin/containerd-shim") +addFilter ("^containerd(-kubic)?-test.noarch: [WE]: (hidden-file-or-dir|script-without-shebang|devel-file-in-non-devel-package|env-script-interpreter).* /usr/src/containerd/.*") diff --git a/containerd.changes b/containerd.changes index 5e5ed20..3081971 100644 --- a/containerd.changes +++ b/containerd.changes @@ -1,7 +1,31 @@ +------------------------------------------------------------------- +Wed Aug 1 09:40:59 UTC 2018 - asarai@suse.com + +- Enable seccomp support on SLE12, since libseccomp is now a new enough vintage + to work with Docker and containerd. fate#325877 + +------------------------------------------------------------------- +Wed Jul 25 08:54:33 UTC 2018 - asarai@suse.com + +- Update to containerd v1.1.1, which is the required version for the Docker + v18.06.0-ce upgrade. bsc#1102522 +- Add backport of https://github.com/containerd/containerd/pull/2534 to make + the man page no longer pollute the global namespace. + + 0001-docs-man-rename-config.toml-5-to-be-more-descriptive.patch +- Remove the following patch since it has already been merged upstream. + - bsc1065109-0001-makefile-add-support-for-build_flags.patch +- Remove systemd-related files and add docker-containerd-* symlinks; this + aligns with the upstream defaults where dockerd will execute + docker-containerd. Version upgrades of docker are expected to work more + smoothly as much of the upgrade logic is implemented in dockerd. +- Add containerd-rpmlintrc (or containerd-kubic-rpmlintrc) to deal with + /usr/src/containerd/* rpmlint errors (which don't affect normal users of this + package). + ------------------------------------------------------------------- Wed Jun 13 10:15:51 UTC 2018 - dcassany@suse.com -- Make use of %license macro +- Make use of %license macro ------------------------------------------------------------------- Tue Jun 5 06:38:40 UTC 2018 - asarai@suse.com diff --git a/containerd.service b/containerd.service deleted file mode 100644 index 39b526c..0000000 --- a/containerd.service +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=Containerd Standalone OCI Container Daemon -Documentation=https://containerd.tools/ -After=network.target containerd.socket -Requires=containerd.socket - -[Service] -EnvironmentFile=/etc/sysconfig/containerd -ExecStart=/usr/sbin/containerd --listen fd:// --start-timeout=2m $CONTAINERD_OPTS -LimitNOFILE=1048576 -LimitNPROC=1048576 -LimitCORE=infinity - -# While containerd doesn't directly modify cgroups, we have to make sure that -# systemd doesn't suddenly decide to mess around with runC's cgroup setup. -Delegate=true - -# TasksMax is set to a silly value by default, so we need to bump it up to -# infinity so that containers don't randomly fail to spawn. -TasksMax=infinity - -[Install] -WantedBy=multi-user.target - diff --git a/containerd.socket b/containerd.socket deleted file mode 100644 index 79f875c..0000000 --- a/containerd.socket +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=GRPC Socket for Containerd API -PartOf=containerd.service - -[Socket] -ListenStream=/run/containerd/containerd.sock -SocketMode=0660 -SocketUser=root -SocketGroup=root - -[Install] -WantedBy=sockets.target diff --git a/containerd.spec b/containerd.spec index 8210a09..e718d39 100644 --- a/containerd.spec +++ b/containerd.spec @@ -22,39 +22,40 @@ %define _fillupdir /var/adm/fillup-templates %endif -%define go_tool go -%define GO_BUILD_FLAGS -buildmode=pie - # MANUAL: Update the git_version and git_revision -%define git_version 06b9cb35161009dcb7123345749fef02f7cea8e0 -%define git_short 06b9cb351610 +%define containerd_version 1.1.1 +%define git_version d64c661f1d51c48782c9cec8fda7604785f93587 +%define git_short d64c661f1d51 # How to get the git_revision # git clone https://github.com/containerd/containerd.git containerd-upstream # cd containerd # git checkout $git_version # git_revision=r$(git rev-list HEAD | wc -l) -%define git_revision r706 +%define git_revision r3586 # These are the git commits required. We verify them against the source to make # sure we didn't miss anything important when doing upgrades. This MUST match # required_dockerrunc in docker.spec! -%define required_dockerrunc 3f2f8b84a77f73d38244dd690525642a72156c64 +%define required_dockerrunc 69663f0bd4b60df09991c08812a60108003fa340 Name: containerd -Version: 0.2.9+git%{git_revision}_%{git_short} +Version: 1.1.1 Release: 0 Summary: Standalone OCI Container Daemon License: Apache-2.0 Group: System/Management Url: https://containerd.tools Source: %{name}-git.%{git_short}.tar.xz -Source1: %{name}.service -Source2: %{name}.socket -Source3: sysconfig.%{name} -# OPENSUSE-FIX-UPSTREAM: Backport of https://github.com/containerd/containerd/pull/1686. bsc#1065109 boo#1053532 -Patch100: bsc1065109-0001-makefile-add-support-for-build_flags.patch +Source1: %{name}-rpmlintrc +# OPENSUSE-BACKPORT: Backport of https://github.com/containerd/containerd/pull/2534. +Patch1: 0001-docs-man-rename-config.toml-5-to-be-more-descriptive.patch BuildRequires: fdupes -BuildRequires: golang(API) = 1.8 +BuildRequires: glibc-devel-static +BuildRequires: go-go-md2man +BuildRequires: libbtrfs-devel >= 3.8 +BuildRequires: libseccomp-devel >= 2.2 +BuildRequires: pkg-config +BuildRequires: golang(API) = 1.10 BuildRoot: %{_tmppath}/%{name}-%{version}-build # We provide a git revision so that Docker can require it properly. Provides: %{name}-git = %{git_version} @@ -75,7 +76,7 @@ migration of containers. Summary: Client for %{name} Group: System/Management Requires: %{name} = %{version} -BuildRequires: golang(API) = 1.8 +BuildRequires: golang(API) = 1.10 %description ctr Standalone client for containerd, which allows management of containerd containers @@ -84,7 +85,7 @@ separately from Docker. %package test Summary: Test package for containerd Group: System/Management -BuildRequires: golang(API) = 1.8 +BuildRequires: golang(API) = 1.10 BuildArch: noarch %description test @@ -92,8 +93,7 @@ Test package for containerd. It contains the source code and the tests. %prep %setup -q -n %{name}-git.%{git_short} -# bsc#1065109 boo#1053532 -%patch100 -p1 +%patch1 -p1 %build # Do not use symlinks. If you want to run the unit tests for this package at @@ -105,7 +105,13 @@ mkdir -p $PROJECT rm -rf $PROJECT/* cp -ar * $PROJECT -make -C $PROJECT GIT_COMMIT=%{git_version} +BUILDTAGS="apparmor selinux seccomp" +make -C $PROJECT \ + BUILDTAGS="$BUILDTAGS" \ + VERSION="v%{version}" \ + REVISION="%{git_version}" +make man + cp $PROJECT/bin/ctr ctr-%{version} cp $PROJECT/bin/containerd containerd-%{version} cp $PROJECT/bin/containerd-shim containerd-shim-%{version} @@ -118,49 +124,53 @@ cp $PROJECT/bin/containerd-shim containerd-shim-%{version} # boo#1095817 %install -install -D -m755 containerd-%{version} %{buildroot}/%{_sbindir}/containerd -install -D -m755 containerd-shim-%{version} %{buildroot}/%{_sbindir}/containerd-shim +# Install binaries. +install -D -m755 containerd-%{version} %{buildroot}/%{_sbindir}/%{name} +install -D -m755 containerd-shim-%{version} %{buildroot}/%{_sbindir}/%{name}-shim install -D -m755 ctr-%{version} %{buildroot}/%{_sbindir}/%{name}-ctr -# Add service and sysconfig. -install -D -m644 %SOURCE1 %{buildroot}/%{_unitdir}/%{name}.service -install -D -m644 %SOURCE2 %{buildroot}/%{_unitdir}/%{name}.socket -ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rccontainerd -install -D -m644 %SOURCE3 %{buildroot}%{_fillupdir}/sysconfig.%{name} +# Install docker-* symlinks to said binaries, since in order to use the +# upstream setup, Docker needs to spawn containerd and needs to have the +# binaries have specific names. +ln -s %{_sbindir}/%{name} %{buildroot}/%{_sbindir}/docker-%{name} +ln -s %{_sbindir}/%{name}-shim %{buildroot}/%{_sbindir}/docker-%{name}-shim +# Set up dummy configuration. +install -d -m755 %{buildroot}/%{_sysconfdir}/%{name} +echo "# See containerd-config.toml(5) for documentation." >%{buildroot}/%{_sysconfdir}/%{name}/config.toml + +# Man pages. +for file in man/* +do + section="${file##*.}" + install -D -m644 "$file" "%{buildroot}/%{_mandir}/man$section/$(basename "$file")" +done +ln -s ctr.1 %{buildroot}/%{_mandir}/man1/%{name}-ctr.1 + +# Source tree for containerd-test. install -d -m755 %{buildroot}/usr/src/containerd/ cp -ar $HOME/go/src/github.com/containerd/containerd/* %{buildroot}/usr/src/containerd/ -# remove files we don't want to ship - exclude is the wrong usage here +# Remove files we don't want to ship - exclude is the wrong usage here. rm -rf %{buildroot}/usr/src/containerd/bin %fdupes %{buildroot} -%pre -%service_add_pre %{name}.service %{name}.socket - -%post -%service_add_post %{name}.service %{name}.socket -%{fillup_only -n containerd} - -%preun -%service_del_preun %{name}.service %{name}.socket - -%postun -%service_del_postun %{name}.service %{name}.socket - %files %defattr(-,root,root) %doc README.md -%license LICENSE.code LICENSE.docs -%{_sbindir}/containerd -%{_sbindir}/containerd-shim -%{_unitdir}/%{name}.service -%{_unitdir}/%{name}.socket -%{_fillupdir}/sysconfig.%{name} -%{_sbindir}/rccontainerd +%license LICENSE +%dir %{_sysconfdir}/%{name} +%config %{_sysconfdir}/%{name}/config.toml +%{_sbindir}/%{name} +%{_sbindir}/docker-%{name} +%{_sbindir}/%{name}-shim +%{_sbindir}/docker-%{name}-shim +%{_mandir}/man*/%{name}* +%exclude %{_mandir}/man1/*ctr.1* %files ctr %{_sbindir}/%{name}-ctr +%{_mandir}/man1/*ctr.1* %files test %defattr(-,root,root) diff --git a/sysconfig.containerd b/sysconfig.containerd deleted file mode 100644 index ce98d10..0000000 --- a/sysconfig.containerd +++ /dev/null @@ -1,8 +0,0 @@ - -## Path : System/Management -## Description : Extra cli switches for containerd -## Type : string -## Default : "" -## ServiceRestart : containerd -# -CONTAINERD_OPTS=""