TipsAndTricks/DockerOnImage: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
This assumes you'd like to build an image that supports docker on a YP image. This is pretty straightforward due to the great work done on the meta-virtualization layer, mostly by people at Wind River. This document will show how to get docker running on a Minnowboard (Turbot). Note, these layers change, so this is accurate as of July 2017. | This assumes you'd like to build an image that supports docker on a YP image. This is pretty straightforward due to the great work done on the meta-virtualization layer, mostly by people at Wind River. This document will show how to get docker running on a Nuc. I have run the same image on a Minnowboard (Turbot) successfully as well. Note, these layers change, so this is accurate as of July 2017. | ||
== What Layers Do You Need? == | == What Layers Do You Need? == | ||
The main layer is meta-virtualization. This can be found using the layers.openembedded search app, Here's the [[https://layers.openembedded.org/layerindex/branch/master/layer/meta-virtualization/ meta-virtualiation]] entry. As you can see from the dependency list, this layer requires oe-core,meta-oe, meta-networking, and meta-filesystems. Some of these (like meta-networking) have additional dependencies. Here's the complete list of additional layers you need: | The main layer is meta-virtualization. This can be found using the layers.openembedded search app, Here's the [[https://layers.openembedded.org/layerindex/branch/master/layer/meta-virtualization/ meta-virtualiation]] entry. As you can see from the dependency list, this layer requires oe-core,meta-oe, meta-networking, and meta-filesystems. Some of these (like meta-networking) have additional dependencies. Here's the complete list of additional layers you need: | ||
Line 84: | Line 84: | ||
*** sudo chmod 666 /dev/sdX | *** sudo chmod 666 /dev/sdX | ||
*** oe-run-native bmap-tools-native bmaptool copy ./tmp/deploy/images/genericx86-64/core-image-base-genericx86-64.wic /dev/sdX | *** oe-run-native bmap-tools-native bmaptool copy ./tmp/deploy/images/genericx86-64/core-image-base-genericx86-64.wic /dev/sdX | ||
== How to Test == | |||
You can now log onto your target Minnowboard, and you can test out docker, which should be running. | |||
$root@genericx86-64:~# docker info | |||
Containers: 0 | |||
Running: 0 | |||
Paused: 0 | |||
Stopped: 0 | |||
Images: 0 | |||
Server Version: 1.13.0 | |||
Storage Driver: vfs | |||
Logging Driver: json-file | |||
Cgroup Driver: cgroupfs | |||
Plugins: | |||
Volume: local | |||
Network: bridge host macvlan null overlay | |||
Swarm: inactive | |||
Runtimes: runc | |||
Default Runtime: runc | |||
Init Binary: docker-init | |||
containerd version: 03e5862ec0d8d3b3f750e19fca3ee367e13c090e | |||
runc version: 2f7393a47307a16f8cee44a37b262e8b81021e3e | |||
init version: N/A (expected: 949e6facb77383876aeff8a6944dde66b3089574) | |||
Kernel Version: 4.9.31-yocto-standard | |||
Operating System: Poky (Yocto Project Reference Distro) 2.3 (pyro) | |||
OSType: linux | |||
Architecture: x86_64 | |||
CPUs: 4 | |||
Total Memory: 7.618 GiB | |||
Name: genericx86-64 | |||
ID: JIJP:ZUBZ:BC3J:JNVQ:3EOV:SVUP:RDO3:XGFN:WB5X:XIUH:34PX:EHBM | |||
Docker Root Dir: /var/lib/docker | |||
Debug Mode (client): false | |||
Debug Mode (server): false | |||
Http Proxy: http://proxy-chain.intel.com:911/ | |||
Registry: https://index.docker.io/v1/ | |||
WARNING: No cpu cfs quota support | |||
WARNING: No cpu cfs period support | |||
Experimental: false | |||
Insecure Registries: | |||
127.0.0.0/8 | |||
Live Restore Enabled: false | |||
$ systemctl docker status | |||
$ docker pull busybox | |||
$ docker run -it --rm busybox sh |
Revision as of 23:54, 7 July 2017
This assumes you'd like to build an image that supports docker on a YP image. This is pretty straightforward due to the great work done on the meta-virtualization layer, mostly by people at Wind River. This document will show how to get docker running on a Nuc. I have run the same image on a Minnowboard (Turbot) successfully as well. Note, these layers change, so this is accurate as of July 2017.
What Layers Do You Need?
The main layer is meta-virtualization. This can be found using the layers.openembedded search app, Here's the [meta-virtualiation] entry. As you can see from the dependency list, this layer requires oe-core,meta-oe, meta-networking, and meta-filesystems. Some of these (like meta-networking) have additional dependencies. Here's the complete list of additional layers you need:
- [meta-virtualization]
- [meta-openembedded]
- The meta-openembedded repo contains the rest of the needed layers:
- meta-python
- meta-networking
- meta-filesystems
- meta-oe
- The meta-openembedded repo contains the rest of the needed layers:
You need to add these (with absolute paths) to your build/conf/bblayers.conf file. BBLAYERS should look something like this:
BBLAYERS ?= " \ <AbsPath>/poky/meta \ <AbsPath>/poky/meta-poky \ <AbsPath>/poky/meta-yocto-bsp \ <AbsPath>/meta-openembedded/meta-oe \ <AbsPath>/meta-openembedded/meta-python \ <AbsPath>/meta-openembedded/meta-networking \ <AbsPath>/meta-openembedded/meta-filesystems \ <AbsPath>/meta-virtualization \
What Configuration Changes Do you Need?
There are a number of configuration settings you need in your build/conf/local.conf in order to make this work. I'll list them below and try to explain why you need them:
# this gives us the linux-yocto kernel for an x86-64 machine like minnowboard MACHINE = "genericx86-64"
# Docker presumes systemd DISTRO_FEATURES_append = " systemd" VIRTUAL-RUNTIME_init_manager = "systemd" DISTRO_FEATURES_BACKFILL_CONSIDERED = "sysvinit" VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
# we need space for images IMAGE_ROOTFS_EXTRA_SPACE = "10000000"
# The extra space takes us above 4gb, so # turn off hdd and iso images so they do # not break NOHDD="1" NOISO="1"
# pick a kernel I know works: PREFERRED_PROVIDER_virtual/kernel="linux-yocto" PREFERRED_VERSION_linux-yocto="4.9%"
# add docker to the image # connman to manage the networking IMAGE_INSTALL_append = " docker docker-contrib connman connman-client \ "
Current Hacks Needed
Some of this is not upstreamed yet, so here's some patches you may need to apply. Check and see of they have been accepted upstream or not, first...
Additional kernel module needed for docker
See [mailing list patch]. This adds a kernel config module NETFILTER_XT_MATCH_ADDRTYPE so it can start up.
Proxy problems
Once on the target board, you need to tell docker about your proxy (if you have one). This is a little hard to do by hand, so here are a couple of files you can insert into meta-virtualization to help you along.
meta-virtualization$ cat recipes-containers/docker/docker_git.bbappend
SRC_URI += "file://http-proxy.conf" do_install_append() { if [ -n "${http_proxy}" ]; then docker_config_dir=${sysconfdir}/systemd/system/docker.service.d install -d ${D}/$docker_config_dir sed -e s_{URL}_${http_proxy}_ ${WORKDIR}/http-proxy.conf > ${D}/$docker_config_dir/http-proxy.conf fi }
meta-virtualization$ cat recipes-containers/docker/files/http-proxy.conf
[Service] Environment="HTTP_PROXY={URL}/"
What To Build
Once these are all in place, you are ready to make your image. I'd suggest building core-image-base. Note: core-image-mininal will NOT work since it does not include the kernel module packages by default.
$bitbake core-image-base
How to get the image onto your usb key
You need to check (lsusb or dmesg) to see that /dev/sdX your usb key showed up as.
- sudo umount /dev/sdX1;sudo umount /dev/sdX2; <unmount any others as well>
- slow way
- sudo dd if=tmp/deploy/images/genericx86-64/core-image-base-genericx86-64.wic of=/dev/sdX
- fast way
- bitbake bmap-tools-native -caddto_recipe_sysroot
- sudo chmod 666 /dev/sdX
- oe-run-native bmap-tools-native bmaptool copy ./tmp/deploy/images/genericx86-64/core-image-base-genericx86-64.wic /dev/sdX
- slow way
How to Test
You can now log onto your target Minnowboard, and you can test out docker, which should be running.
$root@genericx86-64:~# docker info Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 1.13.0 Storage Driver: vfs Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 03e5862ec0d8d3b3f750e19fca3ee367e13c090e runc version: 2f7393a47307a16f8cee44a37b262e8b81021e3e init version: N/A (expected: 949e6facb77383876aeff8a6944dde66b3089574) Kernel Version: 4.9.31-yocto-standard Operating System: Poky (Yocto Project Reference Distro) 2.3 (pyro) OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 7.618 GiB Name: genericx86-64 ID: JIJP:ZUBZ:BC3J:JNVQ:3EOV:SVUP:RDO3:XGFN:WB5X:XIUH:34PX:EHBM Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Http Proxy: http://proxy-chain.intel.com:911/ Registry: https://index.docker.io/v1/ WARNING: No cpu cfs quota support WARNING: No cpu cfs period support Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false
$ systemctl docker status $ docker pull busybox $ docker run -it --rm busybox sh