1
0

- Drop packages: iptables and socat

OBS-URL: https://build.opensuse.org/package/show/Virtualization/virt-launcher-container?expand=0&rev=63
This commit is contained in:
Vasily Ulyanov 2024-09-18 11:37:31 +00:00 committed by Git OBS Bridge
commit 58e59bf2ca
6 changed files with 344 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

92
Dockerfile Normal file
View File

@ -0,0 +1,92 @@
# SPDX-License-Identifier: Apache-2.0
# Define the tags for OBS and build script builds:
#!BuildTag: %%TAGPREFIX%%/virt-launcher:%%PKG_VERSION%%
#!BuildTag: %%TAGPREFIX%%/virt-launcher:%%PKG_VERSION%%.%RELEASE%
#!BuildTag: %%TAGPREFIX%%/virt-launcher:%%PKG_VERSION%%-%%PKG_RELEASE%%
#!ExclusiveArch: x86_64 aarch64
# virt-launcher container image
# KUBEVIRTFROM defined in prjconf, e.g.
# BuildFlags: dockerarg:KUBEVIRTFROM=opensuse/tumbleweed
ARG KUBEVIRTFROM
FROM $KUBEVIRTFROM
# Mandatory labels for the build service:
# https://en.opensuse.org/Building_derived_containers
# labelprefix=%%LABELPREFIX%%
LABEL org.opencontainers.image.title="kubevirt virt-launcher container"
LABEL org.opencontainers.image.description="Container to host VM processes for kubevirt"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.version="%%PKG_VERSION%%.%RELEASE%"
LABEL org.opencontainers.image.source="%SOURCEURL%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL org.opensuse.reference="%%REGISTRY%%/%%TAGPREFIX%%/virt-launcher:%%PKG_VERSION%%.%RELEASE%"
# endlabelprefix
RUN zypper -n install \
curl \
ethtool \
gawk \
kubevirt-container-disk \
kubevirt-virt-launcher \
libcap-progs \
libvirt-client \
libvirt-daemon-driver-qemu \
netcat \
nftables \
passt \
procps \
psmisc \
qemu-hw-usb-host \
qemu-hw-usb-redirect \
qemu-img \
tar \
timezone \
vim-small \
virtiofsd \
xorriso
#!ArchExclusiveLine: x86_64
RUN if [ "$(uname -m)" = "x86_64" ]; then \
zypper -n install qemu-x86 && \
mkdir -p /usr/share/OVMF && \
ln -s ../qemu/ovmf-x86_64-code.bin /usr/share/OVMF/OVMF_CODE.fd && \
ln -s ../qemu/ovmf-x86_64-vars.bin /usr/share/OVMF/OVMF_VARS.fd && \
ln -s ../qemu/ovmf-x86_64-code.bin /usr/share/OVMF/OVMF_CODE.cc.fd && \
ln -s ../qemu/ovmf-x86_64-smm-ms-code.bin /usr/share/OVMF/OVMF_CODE.secboot.fd && \
ln -s ../qemu/ovmf-x86_64-smm-ms-vars.bin /usr/share/OVMF/OVMF_VARS.secboot.fd ; \
fi
#!ArchExclusiveLine: aarch64
RUN if [ "$(uname -m)" = "aarch64" ]; then \
zypper -n install \
qemu-arm \
qemu-uefi-aarch64 && \
mkdir -p /usr/share/AAVMF && \
ln -s ../qemu/aavmf-aarch64-code.bin /usr/share/AAVMF/AAVMF_CODE.fd && \
ln -s ../qemu/aavmf-aarch64-vars.bin /usr/share/AAVMF/AAVMF_VARS.fd ; \
fi
RUN zypper clean -a
RUN cp -f /usr/share/kube-virt/virt-launcher/virtqemud.conf /etc/libvirt/virtqemud.conf && \
cp -f /usr/share/kube-virt/virt-launcher/qemu.conf /etc/libvirt/qemu.conf
# KubeVirt expects virtiofsd to be installed in /usr/libexec
# NOTE: the value of %{_libexecdir} may vary across distros
RUN VIRTIOFSD=$(rpm --eval '%{_libexecdir}')/virtiofsd; \
[ -d ${VIRTIOFSD} ] && VIRTIOFSD=${VIRTIOFSD}/virtiofsd; \
[ -f /usr/libexec/virtiofsd ] || \
(mkdir -p /usr/libexec && ln -svrt /usr/libexec ${VIRTIOFSD})
# Setup permissions and capabilities for non-root VMIs
RUN setcap 'cap_net_bind_service=+ep' /usr/bin/virt-launcher && \
setcap 'cap_net_bind_service=+ep' /usr/bin/virt-launcher-monitor && \
setcap 'cap_net_bind_service=+ep' /usr/bin/qemu-system-$(uname -m) && \
chmod 0755 /etc/libvirt
RUN cd /var && rm -rf run && ln -s ../run .
ENTRYPOINT [ "/usr/bin/virt-launcher-monitor" ]

7
_constraints Normal file
View File

@ -0,0 +1,7 @@
<constraints>
<hardware>
<disk>
<size unit="G">10</size>
</disk>
</hardware>
</constraints>

15
_service Normal file
View File

@ -0,0 +1,15 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service mode="buildtime" name="kubevirt_containers_meta"/>
<service mode="buildtime" name="replace_using_env">
<param name="file">Dockerfile</param>
<param name="var">PKG_VERSION</param>
<param name="var">PKG_RELEASE</param>
<param name="var">REGISTRY</param>
<param name="var">TAGPREFIX</param>
<param name="var">LABELPREFIX</param>
<param name="eval">pkg=kubevirt-virt-launcher source /usr/lib/obs/service/kubevirt_containers_meta</param>
<param name="verbose">1</param>
</service>
<service mode="buildtime" name="docker_label_helper"/>
</services>

View File

@ -0,0 +1,206 @@
-------------------------------------------------------------------
Wed Sep 18 06:49:02 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Drop packages: iptables and socat
-------------------------------------------------------------------
Mon Jul 15 06:47:42 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install passt package
-------------------------------------------------------------------
Fri Jun 21 07:38:50 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Ensure procps is installed (provides ps for tests)
-------------------------------------------------------------------
Wed May 22 08:12:59 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Add LABEL with source URL
-------------------------------------------------------------------
Tue Mar 19 16:18:45 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install qemu-hw-usb-host to enable USB passthrough (bsc#1221538)
- Install psmisc (provides killall for tests)
-------------------------------------------------------------------
Wed Mar 6 08:16:34 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Use predefined configuration files for libvirt
-------------------------------------------------------------------
Fri Feb 23 08:53:39 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Handle various virtiofsd install paths (bsc#1219772)
- Group together arch specific parts of the code
- Cleanup after writing config files with augtool
-------------------------------------------------------------------
Wed Jan 3 12:29:33 UTC 2024 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Fix firmware path for aarch64 (/usr/share/AAVMF)
-------------------------------------------------------------------
Wed Nov 8 14:08:15 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Do not chown /var/run
-------------------------------------------------------------------
Mon Oct 23 12:28:27 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Add license header
-------------------------------------------------------------------
Fri Oct 13 15:27:52 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install qemu-img explicitly
-------------------------------------------------------------------
Wed Jul 12 06:53:31 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Drop TARGETARCH argument (detect arch during build)
-------------------------------------------------------------------
Thu Jun 15 16:59:48 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install virtiofsd explicitly instead of qemu-tools
-------------------------------------------------------------------
Thu Mar 2 07:49:24 UTC 2023 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Update the container image for KubeVirt v0.59.0
-------------------------------------------------------------------
Wed Dec 21 08:26:09 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Allow qemu/slirp to bind sockets to privileged ports
- Install ncat, curl, ethtool and gawk (required for network tests)
-------------------------------------------------------------------
Mon Oct 10 13:49:10 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Ensure /usr/libexec/virtiofsd is present
-------------------------------------------------------------------
Thu Sep 1 08:23:01 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install only libvirt-daemon-driver-qemu and do not pull unneeded deps
-------------------------------------------------------------------
Thu Aug 4 06:27:58 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Use standard LABEL directive to add mandatory labels
-------------------------------------------------------------------
Wed Apr 27 16:30:17 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Setup permissions and capabilities for non-root VMIs
-------------------------------------------------------------------
Fri Apr 15 10:50:30 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install vim-small instread of vim
- Cleanup redundant stuff
-------------------------------------------------------------------
Sun Mar 6 16:55:26 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Add _constraints (storage)
-------------------------------------------------------------------
Wed Feb 23 13:42:52 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Enable USB redirection support for QEMU
-------------------------------------------------------------------
Tue Feb 22 11:46:38 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Fix 'have choice for systemd-container...' build error
-------------------------------------------------------------------
Wed Jan 19 06:48:50 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Set default TARGETARCH=amd64
- Adjust indent
-------------------------------------------------------------------
Mon Jan 10 10:56:39 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Handle aarch64
- Enable build only on aarch64 and x86_64
-------------------------------------------------------------------
Mon Jan 10 09:52:56 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Symlink UEFI firmware with AMD SEV support
-------------------------------------------------------------------
Fri Nov 26 05:42:11 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install tar package to enable kubectl cp ...
-------------------------------------------------------------------
Wed Sep 29 11:26:27 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install timezone package (bsc#1190587)
-------------------------------------------------------------------
Wed Sep 29 08:35:32 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Send libvirtd debug logs to stderr (bsc#1190839)
-------------------------------------------------------------------
Tue Aug 3 08:23:50 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Reset cgroup_controllers in /etc/libvirt/qemu.conf
-------------------------------------------------------------------
Mon Jul 12 14:40:33 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Install xorriso instead of mkisofs
-------------------------------------------------------------------
Fri Jun 4 12:20:51 UTC 2021 - Fabian Vogt <fvogt@suse.com>
- Include the registry in org.opensuse.reference
-------------------------------------------------------------------
Fri Apr 23 06:59:34 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Tag the image with <version>-<release>
- Create symlinks for OVMF binaries in expected location
-------------------------------------------------------------------
Sun Apr 18 07:57:40 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Run zypper clean after installation
- Sort installed packages alphabetically
-------------------------------------------------------------------
Wed Mar 17 07:08:54 UTC 2021 - Vasily Ulyanov <vasily.ulyanov@suse.com>
- Add placeholder vars to be replaced during build
- Fix mixed tabs and spaces
-------------------------------------------------------------------
Tue Nov 17 23:03:31 UTC 2020 - James Fehlig <jfehlig@suse.com>
- use ARG for defining base image
-------------------------------------------------------------------
Tue Sep 15 03:21:06 UTC 2020 - James Fehlig <jfehlig@suse.com>
- Adjust Dockerfile to conform to "Building Official Container
Images" documentation
-------------------------------------------------------------------
Wed Jul 22 19:59:10 UTC 2020 - James Fehlig <jfehlig@suse.com>
- Install kubevirt-container-disk package to get the container-disk
binary
-------------------------------------------------------------------
Mon Jun 22 21:48:23 UTC 2020 - James Fehlig <jfehlig@suse.com>
- Initial container for virt-launcher