Página inicial Explorar Ajuda
Registrar Entrar
PUBLIC_REPOS
/
buildroot
mirror de git://git.buildroot.net/buildroot
2
1
Fork 0
Arquivos
Ver código fonte

package/podman: add option to use passt as network backend

passt/pasta is the officially supported network backend, with slirp4netns
only considered a legacy solution. However, some people have experienced
corner cases when using passt/pasta (as it still is a young stack), so we
do not want to do a blanket replace of slirp4netns just yet. Still, we
make passt/pasta the default option.

As a consequence, the existing runtime tests will now test passt/pasta,
so we introduce two new tests for slirp4netns as a network backend.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Yann E. MORIN 4 meses atrás
pai
d038cc47cd
commit
54f79d804f
4 arquivos alterados com 51 adições e 11 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 17 5
      package/podman/Config.in
  2. 0 2
      package/podman/containers.conf
  3. 15 4
      package/podman/podman.mk
  4. 19 0
      support/testing/tests/package/test_podman.py

+ 17 - 5
package/podman/Config.in
Ver arquivo 

@@ -4,10 +4,10 @@ config BR2_PACKAGE_PODMAN
 
 	depends on BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS  # host-go
 
 	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS  # netavark
 
 	depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS  # libgpgme
 
-	depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS  # libseccomp, slirp4netns
 
-	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_17  # libseccomp, slirp4netns
 
-	depends on BR2_TOOLCHAIN_HAS_THREADS  # conmon, slirp4netns
 
-	depends on BR2_USE_WCHAR  # conmon, slirp4netns
 
+	depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS  # libseccomp
 
+	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_17  # libseccomp
 
+	depends on BR2_TOOLCHAIN_HAS_THREADS  # conmon
 
+	depends on BR2_USE_WCHAR  # conmon
 
 	select BR2_PACKAGE_HOST_GO
 
 	select BR2_PACKAGE_CA_CERTIFICATES  # runtime
 
 	select BR2_PACKAGE_CGROUPFS_V2_MOUNT if !BR2_PACKAGE_CGROUPFS_MOUNT && !BR2_INIT_SYSTEMD  # runtime
 
@@ -22,7 +22,6 @@ config BR2_PACKAGE_PODMAN
 
 	select BR2_PACKAGE_RUNC if !BR2_PACKAGE_CRUN  # runtime
 
 	select BR2_PACKAGE_SHADOW
 
 	select BR2_PACKAGE_SHADOW_SUBORDINATE_IDS
 
-	select BR2_PACKAGE_SLIRP4NETNS  # runtime
 
 	help
 
 	  The best free & open source container tools
 
 
@@ -67,6 +66,19 @@ config BR2_PACKAGE_PODMAN_INIT_NAME
 
 	default "tini" if BR2_PACKAGE_PODMAN_INIT_TINI
 
 	default "catatonit" if BR2_PACKAGE_PODMAN_INIT_CATATONIT
 
 
+choice
 
+	bool "Network backend"
 
+
 
+config BR2_PACKAGE_PODMAN_NET_PASST
 
+	bool "passt/pasta"
 
+	select BR2_PACKAGE_PASST  # runtime
 
+
 
+config BR2_PACKAGE_PODMAN_NET_SLIRP4NETNS
 
+	bool "slirp4netns"
 
+	select BR2_PACKAGE_SLIRP4NETNS  # runtime
 
+
 
+endchoice
 
+
 
 endif
 
 
 comment "podman needs a toolchain w/ headers >= 3.17, threads, wchar"

+ 0 - 2
package/podman/containers.conf
Ver arquivo 

@@ -1,2 +0,0 @@
 
-[network]
 
-default_rootless_network_cmd = "slirp4netns"

+ 15 - 4
package/podman/podman.mk
Ver arquivo 

@@ -62,6 +62,19 @@ define PODMAN_HELPER_INIT
 
 endef
 
 endif
 
 
+ifeq ($(BR2_PACKAGE_PODMAN_NET_PASST),y)
 
+define PODMAN_HELPER_PASST
 
+	$(Q)ln -sf ../../bin/pasta $(TARGET_DIR)/usr/libexec/podman/pasta
 
+endef
 
+else
 
+define PODMAN_HELPER_SLIRP4NETNS
 
+	$(Q)ln -sf ../../bin/slirp4netns $(TARGET_DIR)/usr/libexec/podman/slirp4netns
 
+	$(Q)mkdir -p $(TARGET_DIR)/etc/containers/containers.conf.d
 
+	$(Q)printf '[network]\ndefault_rootless_network_cmd = "slirp4netns"\n' \
 
+		>$(TARGET_DIR)/etc/containers/containers.conf.d/50-buildroot-net-backend.conf
 
+endef
 
+endif
 
+
 
 define PODMAN_LINUX_CONFIG_FIXUPS
 
 	$(call KCONFIG_ENABLE_OPT,CONFIG_CPUSETS)
 
 	$(call KCONFIG_ENABLE_OPT,CONFIG_BPF_SYSCALL)
 
@@ -87,9 +100,6 @@ define PODMAN_LINUX_CONFIG_FIXUPS
 
 endef
 
 
 define PODMAN_CONFIG
 
-	$(Q)$(INSTALL) -D -m 0644 \
 
-		$(PODMAN_PKGDIR)/containers.conf \
 
-		$(TARGET_DIR)/usr/share/containers/containers.conf
 
 	$(Q)$(INSTALL) -D -m 0644 \
 
 		$(PODMAN_PKGDIR)/policy.json \
 
 		$(TARGET_DIR)/etc/containers/policy.json
 
@@ -103,8 +113,9 @@ define PODMAN_HELPERS
 
 	$(Q)mkdir -p $(TARGET_DIR)/usr/libexec/podman
 
 	$(Q)ln -sf ../../bin/aardvark-dns $(TARGET_DIR)/usr/libexec/podman/aardvark-dns
 
 	$(Q)ln -sf ../../bin/netavark $(TARGET_DIR)/usr/libexec/podman/netavark
 
-	$(Q)ln -sf ../../bin/slirp4netns $(TARGET_DIR)/usr/libexec/podman/slirp4netns
 
 	$(PODMAN_HELPER_INIT)
 
+	$(PODMAN_HELPER_PASST)
 
+	$(PODMAN_HELPER_SLIRP4NETNS)
 
 endef
 
 PODMAN_POST_INSTALL_TARGET_HOOKS += PODMAN_HELPERS

+ 19 - 0
support/testing/tests/package/test_podman.py
Ver arquivo 

@@ -239,3 +239,22 @@ class TestPodmanTini(PodmanBase):
 
 
     def test_run(self):
 
         self.do_test()
 
+
 
+
 
+class TestPodmanSlirpIptables(PodmanBase):
 
+    config = PodmanBase.config + """
 
+    BR2_PACKAGE_PODMAN_NET_SLIRP4NETNS=y
 
+    """
 
+
 
+    def test_run(self):
 
+        self.do_test()
 
+
 
+
 
+class TestPodmanSlirpNftables(PodmanBase):
 
+    config = PodmanBase.config + """
 
+    BR2_PACKAGE_NFTABLES=y
 
+    BR2_PACKAGE_PODMAN_NET_SLIRP4NETNS=y
 
+    """
 
+
 
+    def test_run(self):
 
+        self.do_test()