containers: introduce image-oci

This image class creates an oci image spec directory from a generated rootfs. The contents of the rootfs do not matter (i.e. they need not be container optimized), but by using the container image type and small footprint images, we can create directly executable container images. Once the tarball (or oci image directory) has been created of the OCI image, it can be manipulated by standard tools. For example, to create a runtime bundle from the oci image, the following can be done: Assuming the image name is "container-base": If the oci image was a tarball, extract it (skip, if a directory is being directly used) % tar xvf container-base-<arch>-<stamp>.rootfs-oci-latest-x86_64-linux.oci-image.tar And then create the bundle: % oci-image-tool create --ref name=latest container-base-<arch>-<stamp>.rootfs-oci container-base-oci-bundle Or to copy (push) the oci image to a docker registry, skopeo can be used (vary the tag based on the created oci image: % skopeo copy --dest-creds <username>:<password> oci:container-base-<arch>-<stamp>:latest docker://zeddii/container-base The following image variables are available to customize the details of the constructed image (defaults as shown): OCI_IMAGE_AUTHOR ?= "${PATCH_GIT_USER_NAME}" OCI_IMAGE_AUTHOR_EMAIL ?= "${PATCH_GIT_USER_EMAIL}" OCI_IMAGE_TAG ?= "latest" OCI_IMAGE_RUNTIME_UID ?= "" OCI_IMAGE_ARCH ?= "${TARGET_ARCH}" OCI_IMAGE_SUBARCH ?= "${@oci_map_subarch(d.getVar('TARGET_ARCH'), d.getVar('TUNE_FEATURES'), d)}" OCI_IMAGE_ENTRYPOINT ?= "sh" OCI_IMAGE_ENTRYPOINT_ARGS ?= "" OCI_IMAGE_WORKINGDIR ?= "" //List of ports to expose from a container running this image: //PORT[/PROT] // format: <port>/tcp, <port>/udp, or <port> (same as <port>/tcp). OICI_IMAGE_PORTS ?= "" // key=value list of labels OCI_IMAGE_LABELS ?= "" // key=value list of environment variables OCI_IMAGE_ENV_VARS ?= "" Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
author: Bruce Ashfield <bruce.ashfield@gmail.com> 2019-02-27 10:51:26 -0500
committer: Bruce Ashfield <bruce.ashfield@gmail.com> 2019-02-27 11:46:25 -0500
commit: 29c60173e2326ba970d15e7b419601f92f447166 (patch)
tree: 5fd7d3e6268959d02c412c99c55bdde388e6bcba /classes
parent: 9c686c4bb0620ff87da6a655b552ded4f73c6e23 (diff)
download: meta-virtualization-29c60173e2326ba970d15e7b419601f92f447166.tar.gz
1 files changed, 144 insertions, 0 deletions
diff --git a/classes/image-oci.bbclass b/classes/image-oci.bbclass
new file mode 100644
index 00000000..c256b12c
--- /dev/null
+++ b/classes/image-oci.bbclass
@@ -0,0 +1,144 @@
+#
+# This image class creates an oci image spec directory from a generated
+# rootfs. The contents of the rootfs do not matter (i.e. they need not be
+# container optimized), but by using the container image type and small
+# footprint images, we can create directly executable container images.
+#
+# Once the tarball (or oci image directory) has been created of the OCI
+# image, it can be manipulated by standard tools. For example, to create a
+# runtime bundle from the oci image, the following can be done:
+#
+# Assuming the image name is "container-base":
+#
+#   If the oci image was a tarball, extract it (skip, if a directory is being directly used)
+#     % tar xvf container-base-<arch>-<stamp>.rootfs-oci-latest-x86_64-linux.oci-image.tar
+#
+#   And then create the bundle:
+#     % oci-image-tool create --ref name=latest container-base-<arch>-<stamp>.rootfs-oci container-base-oci-bundle
+#
+#   Or to copy (push) the oci image to a docker registry, skopeo can be used (vary the
+#   tag based on the created oci image:
+#
+#     % skopeo copy --dest-creds <username>:<password> oci:container-base-<arch>-<stamp>:latest docker://zeddii/container-base
+#
+# We'd probably get this through the container image typdep, but just
+# to be sure, we'll repeat it here.
+ROOTFS_BOOTSTRAP_INSTALL = ""
+# we want container and tar.bz2's to be created
+IMAGE_TYPEDEP_oci = "container tar.bz2"
+# sloci is the script/project that will create the oci image
+do_image_oci[depends] += "sloci-image-native:do_populate_sysroot"
+#
+# image type configuration block
+#
+OCI_IMAGE_AUTHOR ?= "${PATCH_GIT_USER_NAME}"
+OCI_IMAGE_AUTHOR_EMAIL ?= "${PATCH_GIT_USER_EMAIL}"
+OCI_IMAGE_TAG ?= "latest"
+OCI_IMAGE_RUNTIME_UID ?= ""
+OCI_IMAGE_ARCH ?= "${TARGET_ARCH}"
+OCI_IMAGE_SUBARCH ?= "${@oci_map_subarch(d.getVar('TARGET_ARCH'), d.getVar('TUNE_FEATURES'), d)}"
+OCI_IMAGE_ENTRYPOINT ?= "sh"
+OCI_IMAGE_ENTRYPOINT_ARGS ?= ""
+OCI_IMAGE_WORKINGDIR ?= ""
+# List of ports to expose from a container running this image:
+#  PORT[/PROT]  
+#     format: <port>/tcp, <port>/udp, or <port> (same as <port>/tcp).
+OCI_IMAGE_PORTS ?= ""
+# key=value list of labels
+OCI_IMAGE_LABELS ?= ""
+# key=value list of environment variables
+OCI_IMAGE_ENV_VARS ?= ""
+# whether the oci image dir should be left as a directory, or
+# bundled into a tarball.
+OCI_IMAGE_TAR_OUTPUT ?= "true"
+# Generate a subarch that is appropriate to OCI image
+# types. This is typically only ARM architectures at the
+# moment.
+def oci_map_subarch(a, f, d):
+    import re
+    if re.match('arm.*', a):
+        if 'armv7' in f:
+            return 'v7'
+        elif 'armv6' in f:
+            return 'v6'
+        elif 'armv5' in f:
+            return 'v5'
+            return ''
+    return ''
+IMAGE_CMD_oci() {
+    sloci_options=""
+    bbdebug 1 "OCI image settings:"
+    bbdebug 1 "  author: ${OCI_IMAGE_AUTHOR}"
+    bbdebug 1 "  author email: ${OCI_IMAGE_AUTHOR_EMAIL}"
+    bbdebug 1 "  tag: ${OCI_IMAGE_TAG}"
+    bbdebug 1 "  arch: ${OCI_IMAGE_ARCH}"
+    bbdebug 1 "  subarch: ${OCI_IMAGE_SUBARCH}"
+    bbdebug 1 "  entrypoint: ${OCI_IMAGE_ENTRYPOINT}"
+    bbdebug 1 "  entrypoing args: ${OCI_IMAGE_ENTRYPOINT_ARGS}"
+    bbdebug 1 "  labels: ${OCI_IMAGE_LABELS}"
+    bbdebug 1 "  uid: ${OCI_IMAGE_RUNTIME_UID}"
+    bbdebug 1 "  working dir: ${OCI_IMAGE_WORKINGDIR}"
+    bbdebug 1 "  env vars: ${OCI_IMAGE_ENV_VARS}"
+    bbdebug 1 "  ports: ${OCI_IMAGE_PORTS}"
+    # Change into the image deploy dir to avoid having any output operations capture
+    # long directories or the location.
+    cd ${IMGDEPLOYDIR}
+    oci_image_label_options=""
+    if [ -n "${OCI_IMAGE_LABELS}" ]; then
+        for l in ${OCI_IMAGE_LABELS}; do
+            oci_image_label_options="${oci_image_label_options} --label ${l}"
+        done
+    fi
+    oci_image_env_options=""
+    if [ -n "${OCI_IMAGE_ENV_VARS}" ]; then
+        for l in ${OCI_IMAGE_ENV_VARS}; do
+            oci_image_env_options="${oci_image_env_options} --env ${l}"
+        done
+    fi
+    oci_image_port_options=""
+    if [ -n "${OCI_IMAGE_PORTS}" ]; then
+        for l in ${OCI_IMAGE_PORTS}; do
+            oci_image_port_options="${oci_image_port_options} --port ${l}"
+        done
+    fi
+    if [ -n "${OCI_IMAGE_RUNTIME_UID}" ]; then
+        oci_image_user_options="--user ${OCI_IMAGE_RUNTIME_UID}"
+    fi
+    if [ -n "${OCI_IMAGE_WORKINGDIR}" ]; then
+        oci_image_working_dir_options="--working-dir ${OCI_IMAGE_WORKINGDIR}"
+    fi
+    if [ -n "${OCI_IMAGE_TAR_OUTPUT}" ]; then
+        sloci_options="$sloci_options --tar"
+    fi
+    # options that always appear are required for a valid oci container image
+    # others are optional based on settings.
+    sloci-image $sloci_options \
+                --arch ${OCI_IMAGE_ARCH} \
+                --arch-variant "${OCI_IMAGE_SUBARCH}" \
+                --entrypoint ${OCI_IMAGE_ENTRYPOINT} \
+                --cmd "${OCI_IMAGE_ENTRYPOINT_ARGS}" \
+                --author ${OCI_IMAGE_AUTHOR_EMAIL} \
+                ${oci_image_user_options} \
+                ${oci_image_label_options} \
+                ${oci_image_env_options} \
+                ${oci_image_working_dir_options} \
+                ${oci_image_port_options} \
+                ${IMAGE_ROOTFS} ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}-oci:${OCI_IMAGE_TAG}
+}
author	Bruce Ashfield <bruce.ashfield@gmail.com>	2019-02-27 10:51:26 -0500
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2019-02-27 11:46:25 -0500
commit	29c60173e2326ba970d15e7b419601f92f447166 (patch)
tree	5fd7d3e6268959d02c412c99c55bdde388e6bcba /classes
parent	9c686c4bb0620ff87da6a655b552ded4f73c6e23 (diff)
download	meta-virtualization-29c60173e2326ba970d15e7b419601f92f447166.tar.gz

diff --git a/classes/image-oci.bbclass b/classes/image-oci.bbclass new file mode 100644 index 00000000..c256b12c --- /dev/null +++ b/classes/image-oci.bbclass
@@ -0,0 +1,144 @@
	1	#
	2	# This image class creates an oci image spec directory from a generated
	3	# rootfs. The contents of the rootfs do not matter (i.e. they need not be
	4	# container optimized), but by using the container image type and small
	5	# footprint images, we can create directly executable container images.
	6	#
	7	# Once the tarball (or oci image directory) has been created of the OCI
	8	# image, it can be manipulated by standard tools. For example, to create a
	9	# runtime bundle from the oci image, the following can be done:
	10	#
	11	# Assuming the image name is "container-base":
	12	#
	13	# If the oci image was a tarball, extract it (skip, if a directory is being directly used)
	14	# % tar xvf container-base-<arch>-<stamp>.rootfs-oci-latest-x86_64-linux.oci-image.tar
	15	#
	16	# And then create the bundle:
	17	# % oci-image-tool create --ref name=latest container-base-<arch>-<stamp>.rootfs-oci container-base-oci-bundle
	18	#
	19	# Or to copy (push) the oci image to a docker registry, skopeo can be used (vary the
	20	# tag based on the created oci image:
	21	#
	22	# % skopeo copy --dest-creds <username>:<password> oci:container-base-<arch>-<stamp>:latest docker://zeddii/container-base
	23	#
	24
	25	# We'd probably get this through the container image typdep, but just
	26	# to be sure, we'll repeat it here.
	27	ROOTFS_BOOTSTRAP_INSTALL = ""
	28	# we want container and tar.bz2's to be created
	29	IMAGE_TYPEDEP_oci = "container tar.bz2"
	30	# sloci is the script/project that will create the oci image
	31	do_image_oci[depends] += "sloci-image-native:do_populate_sysroot"
	32
	33	#
	34	# image type configuration block
	35	#
	36	OCI_IMAGE_AUTHOR ?= "${PATCH_GIT_USER_NAME}"
	37	OCI_IMAGE_AUTHOR_EMAIL ?= "${PATCH_GIT_USER_EMAIL}"
	38
	39	OCI_IMAGE_TAG ?= "latest"
	40	OCI_IMAGE_RUNTIME_UID ?= ""
	41
	42	OCI_IMAGE_ARCH ?= "${TARGET_ARCH}"
	43	OCI_IMAGE_SUBARCH ?= "${@oci_map_subarch(d.getVar('TARGET_ARCH'), d.getVar('TUNE_FEATURES'), d)}"
	44
	45	OCI_IMAGE_ENTRYPOINT ?= "sh"
	46	OCI_IMAGE_ENTRYPOINT_ARGS ?= ""
	47	OCI_IMAGE_WORKINGDIR ?= ""
	48
	49	# List of ports to expose from a container running this image:
	50	# PORT[/PROT]
	51	# format: <port>/tcp, <port>/udp, or <port> (same as <port>/tcp).
	52	OCI_IMAGE_PORTS ?= ""
	53
	54	# key=value list of labels
	55	OCI_IMAGE_LABELS ?= ""
	56	# key=value list of environment variables
	57	OCI_IMAGE_ENV_VARS ?= ""
	58
	59	# whether the oci image dir should be left as a directory, or
	60	# bundled into a tarball.
	61	OCI_IMAGE_TAR_OUTPUT ?= "true"
	62
	63	# Generate a subarch that is appropriate to OCI image
	64	# types. This is typically only ARM architectures at the
	65	# moment.
	66	def oci_map_subarch(a, f, d):
	67	import re
	68	if re.match('arm.*', a):
	69	if 'armv7' in f:
	70	return 'v7'
	71	elif 'armv6' in f:
	72	return 'v6'
	73	elif 'armv5' in f:
	74	return 'v5'
	75	return ''
	76	return ''
	77
	78	IMAGE_CMD_oci() {
	79	sloci_options=""
	80
	81	bbdebug 1 "OCI image settings:"
	82	bbdebug 1 " author: ${OCI_IMAGE_AUTHOR}"
	83	bbdebug 1 " author email: ${OCI_IMAGE_AUTHOR_EMAIL}"
	84	bbdebug 1 " tag: ${OCI_IMAGE_TAG}"
	85	bbdebug 1 " arch: ${OCI_IMAGE_ARCH}"
	86	bbdebug 1 " subarch: ${OCI_IMAGE_SUBARCH}"
	87	bbdebug 1 " entrypoint: ${OCI_IMAGE_ENTRYPOINT}"
	88	bbdebug 1 " entrypoing args: ${OCI_IMAGE_ENTRYPOINT_ARGS}"
	89	bbdebug 1 " labels: ${OCI_IMAGE_LABELS}"
	90	bbdebug 1 " uid: ${OCI_IMAGE_RUNTIME_UID}"
	91	bbdebug 1 " working dir: ${OCI_IMAGE_WORKINGDIR}"
	92	bbdebug 1 " env vars: ${OCI_IMAGE_ENV_VARS}"
	93	bbdebug 1 " ports: ${OCI_IMAGE_PORTS}"
	94
	95	# Change into the image deploy dir to avoid having any output operations capture
	96	# long directories or the location.
	97	cd ${IMGDEPLOYDIR}
	98
	99	oci_image_label_options=""
	100	if [ -n "${OCI_IMAGE_LABELS}" ]; then
	101	for l in ${OCI_IMAGE_LABELS}; do
	102	oci_image_label_options="${oci_image_label_options} --label ${l}"
	103	done
	104	fi
	105	oci_image_env_options=""
	106	if [ -n "${OCI_IMAGE_ENV_VARS}" ]; then
	107	for l in ${OCI_IMAGE_ENV_VARS}; do
	108	oci_image_env_options="${oci_image_env_options} --env ${l}"
	109	done
	110	fi
	111	oci_image_port_options=""
	112	if [ -n "${OCI_IMAGE_PORTS}" ]; then
	113	for l in ${OCI_IMAGE_PORTS}; do
	114	oci_image_port_options="${oci_image_port_options} --port ${l}"
	115	done
	116	fi
	117
	118	if [ -n "${OCI_IMAGE_RUNTIME_UID}" ]; then
	119	oci_image_user_options="--user ${OCI_IMAGE_RUNTIME_UID}"
	120	fi
	121
	122	if [ -n "${OCI_IMAGE_WORKINGDIR}" ]; then
	123	oci_image_working_dir_options="--working-dir ${OCI_IMAGE_WORKINGDIR}"
	124	fi
	125
	126	if [ -n "${OCI_IMAGE_TAR_OUTPUT}" ]; then
	127	sloci_options="$sloci_options --tar"
	128	fi
	129
	130	# options that always appear are required for a valid oci container image
	131	# others are optional based on settings.
	132	sloci-image $sloci_options \
	133	--arch ${OCI_IMAGE_ARCH} \
	134	--arch-variant "${OCI_IMAGE_SUBARCH}" \
	135	--entrypoint ${OCI_IMAGE_ENTRYPOINT} \
	136	--cmd "${OCI_IMAGE_ENTRYPOINT_ARGS}" \
	137	--author ${OCI_IMAGE_AUTHOR_EMAIL} \
	138	${oci_image_user_options} \
	139	${oci_image_label_options} \
	140	${oci_image_env_options} \
	141	${oci_image_working_dir_options} \
	142	${oci_image_port_options} \
	143	${IMAGE_ROOTFS} ${IMAGE_NAME}${IMAGE_NAME_SUFFIX}-oci:${OCI_IMAGE_TAG}
	144	}