linux/meta-virtualization.git/classes/container-cross-install.bbclass, branch master

vcontainer: fix yocto-check-layer mcdepends parse error

2026-02-09T20:03:27+00:00

Fix yocto-check-layer failure: ERROR: Multiconfig dependency mc::vruntime-x86-64:vpdmn-initramfs-create:do_deploy depends on nonexistent multiconfig configuration named configuration vruntime-x86-64 Several recipes and classes declared static mcdepends referencing vruntime-aarch64 and vruntime-x86-64 multiconfigs. When parsed without BBMULTICONFIG set (e.g. yocto-check-layer), BitBake validates these and fails because the referenced multiconfigs don't exist. Move mcdepends into anonymous python functions and only set them when the target multiconfig exists in BBMULTICONFIG, following the pattern established in meta/classes-recipe/kernel-fit-image.bbclass. Signed-off-by: Bruce Ashfield

container-registry: add target image TLS integration

2026-02-09T03:34:12+00:00

Install CA certificates and registry configuration into target images so they can pull from the secure registry at runtime. docker-registry-config.bb: When CONTAINER_REGISTRY_SECURE=1, install the CA cert to /etc/docker/certs.d/{host}/ca.crt instead of adding insecure-registries to daemon.json. Translates localhost/127.0.0.1 to 10.0.2.2 for QEMU targets where the host registry is accessed via slirp networking. container-oci-registry-config.bb: Same secure mode support for podman/CRI-O with insecure=false in registries.conf. container-registry-ca.bb: New recipe that installs the CA certificate to Docker, podman/CRI-O, and system trust store paths on the target. container-cross-install.bbclass: Auto-add docker-registry-config or container-oci-registry-config to IMAGE_INSTALL when CONTAINER_REGISTRY_SECURE=1, based on the configured container engine. Signed-off-by: Bruce Ashfield

container-cross-install: add CONTAINER_SERVICE_FILE support

2026-02-09T03:34:12+00:00

Add support for custom systemd service files (Docker) or Quadlet container files (Podman) instead of auto-generated ones for container autostart. For containers requiring specific startup configuration (ports, volumes, capabilities, dependencies), users can now provide custom service files using the CONTAINER_SERVICE_FILE varflag: CONTAINER_SERVICE_FILE[container-name] = "${UNPACKDIR}/myservice.service" For BUNDLED_CONTAINERS in image recipes: SRC_URI += "file://myapp.service" BUNDLED_CONTAINERS = "myapp-container:docker:autostart" CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service" For container-bundle packages: SRC_URI = "file://myapp.service" CONTAINER_BUNDLES = "myapp-container:autostart" CONTAINER_SERVICE_FILE[myapp-container] = "${UNPACKDIR}/myapp.service" Implementation: - container-cross-install.bbclass: Add get_container_service_file_map() to build varflag map, install_custom_service() for BUNDLED_CONTAINERS, and install_custom_service_from_bundle() for bundle packages - container-bundle.bbclass: Install custom service files to ${datadir}/container-bundles/${runtime}/services/ Signed-off-by: Bruce Ashfield

vcontainer: add sanity checks and auto-enable virtfs for QEMU

2026-02-09T03:34:12+00:00

Fix virtio-9p (virtfs) support for container-cross-install batch imports which provides ~50x speedup over base64-over-serial. The issue was that native recipes don't see target DISTRO_FEATURES, so qemu-system-native wasn't getting virtfs enabled. Fix by: - layer.conf: Propagate virtualization to DISTRO_FEATURES_NATIVE when vcontainer or virtualization is in target DISTRO_FEATURES - qemu-system-native: Check DISTRO_FEATURES_NATIVE for virtfs enable - container-cross-install: Prepend native sysroot to PATH so vrunner finds the QEMU with virtfs support Signed-off-by: Bruce Ashfield

container-cross-install: fix image naming and default runtime

2026-02-09T03:32:52+00:00

Fix extract_container_info() to properly handle multi-part container names and add automatic runtime detection based on CONTAINER_PROFILE. - Fix multi-part name parsing (app-container-multilayer-latest-oci now correctly becomes app-container-multilayer:latest) - Add CONTAINER_DEFAULT_RUNTIME from CONTAINER_PROFILE - Add CONTAINER_IMPORT_TIMEOUT_BASE/PER for dynamic timeout scaling Signed-off-by: Bruce Ashfield

vcontainer: add auto-start daemon with idle timeout

2026-02-09T03:32:52+00:00

Add automatic daemon startup and idle timeout cleanup for vdkr/vpdmn: - vmemres daemon auto-starts on first command (no manual start needed) - Daemon auto-stops after idle timeout (default: 30 minutes) - --no-daemon flag for ephemeral mode (single-shot QEMU) - New config keys: idle-timeout, auto-daemon Changes: - vcontainer-init-common.sh: Parse idle_timeout from cmdline, add read -t timeout to daemon loop for auto-shutdown - vrunner.sh: Add --idle-timeout option, pass to kernel cmdline - vcontainer-common.sh: Auto-start logic in run_runtime_command(), --no-daemon flag, config defaults - container-cross-install.bbclass: Add --no-daemon for explicit ephemeral mode during Yocto builds Configuration: vdkr vconfig idle-timeout 3600 # 1 hour timeout vdkr vconfig auto-daemon false # Disable auto-start Signed-off-by: Bruce Ashfield

classes: factor out shared functions to container-common.bbclass

2026-02-09T03:32:52+00:00

Create container-common.bbclass with shared Python functions used by both container-bundle.bbclass and container-cross-install.bbclass: - get_vruntime_multiconfig(d): Maps TARGET_ARCH to multiconfig name - get_vruntime_machine(d): Maps TARGET_ARCH to MACHINE for deploy path - get_blob_arch(d): Maps TARGET_ARCH to blob directory name This removes ~55 lines of duplicated code and ensures consistency between the two bbclass files. Signed-off-by: Bruce Ashfield

container-cross-install: add bbclass for bundling containers into images

2026-02-09T03:32:52+00:00

This class enables bundling pre-built OCI containers into Yocto images at build time. It uses vdkr/vpdmn to process containers via QEMU, producing properly formatted storage that can be merged into the target rootfs. Two mechanisms for bundling containers: 1. BUNDLED_CONTAINERS variable (direct specification): - Set in local.conf or image recipe - Format: "name:runtime[:autostart][:external]" - Dependencies auto-generated at parse time - Example: BUNDLED_CONTAINERS = "container-base:docker:autostart" 2. container-bundle packages (package-based): - Recipes inherit container-bundle.bbclass to create packages - Installing packages via IMAGE_INSTALL triggers processing - merge_installed_bundles() scans installed OCI directories - Runs vrunner once in batch-import mode for efficiency Automatic dependency generation for BUNDLED_CONTAINERS: - Parses entries at recipe parse time via python __anonymous() - Derives recipe name from OCI dir names (strips -latest-oci/-oci suffix) - Generates do_rootfs[depends] on recipe:do_image_complete - Use :external tag to skip dependency for third-party blobs - Single "bitbake container-image-host" builds containers + image Usage in image recipe: inherit container-cross-install Features: - Automatic detection of target architecture - Support for both Docker and Podman runtimes - Batch import mode for efficiency with multiple containers - Autostart support via systemd services (Docker) or Quadlet (Podman) - Integration with vrunner for QEMU-based processing - Backwards compatible with legacy -latest-oci naming convention The class processes containers during do_rootfs and merges the resulting storage into /var/lib/docker or /var/lib/containers. Signed-off-by: Bruce Ashfield