Mirror of git.yoctoproject.org/meta-virtualization https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=master 2026-03-14T15:16:57+00:00 2026-03-14T15:16:57+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2026-03-14T10:31:09+00:00 urn:sha1:4162f89853eeeec194530dfbbb2210143ede1ca9 OE-Core made changes to the way dummy providers work, update the container-dummy-provides to match them. It now needs a hint in layer.conf to make the core components aware of the presence of the dummy recipe. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:02+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-25T04:38:28+00:00 urn:sha1:506d5af230f0b41809dfe754e84d5611b75c6585 README-xen.md: - Add vxn and containerd integration section describing all execution paths (containerd, vxn standalone, vdkr/vpdmn, native Docker/Podman) - Add memory requirements section explaining QB_MEM_VALUE=1024 is insufficient for vxn/vctr and documenting qemuparams="-m 4096" - Add runtime tests section with build prerequisites, test commands, and skip behavior - Fix x86-64 runqemu command to include qemuparams="-m 4096" vxn/README.md: - Add testing section referencing the pytest runtime test suite Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-19T16:08:45+00:00 urn:sha1:c734621380aed127ee515839aeeb8126f2dcf9ad Add a host-side OCI image cache at ~/.vxn/images/ for the vdkr/vpdmn standalone Xen path. Images pulled via skopeo are stored in a content-addressed layout (refs/ symlinks + store/ OCI dirs) so subsequent runs hit the cache without network access. New commands on Xen: pull, images, rmi, tag, inspect, image <subcmd>. The run path is unchanged — cache integration into hv_prepare_container is deferred to a follow-up. Also fix Docker iptables conflict: when docker-moby and vxn-docker-config coexist on Dom0, Docker's default FORWARD DROP policy blocks DHCP for Xen DomU vifs on xenbr0. Adding "iptables": false to daemon.json prevents Docker from modifying iptables since VM-based containers manage their own network stack. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-19T01:53:36+00:00 urn:sha1:035e0daebeb53880ea2a6bd0f0e31785f3ec9e55 Add vdkr/vpdmn as Dom0 target packages with Xen auto-detection, native Docker/Podman config sub-packages, and OCI runtime fixes for Docker compatibility (JSON logging, root.path, kill --all, monitor PID lifecycle). Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-19T19:14:22+00:00 urn:sha1:ba23ccd3390b7fbebfed641ebfcd978a0ba406dd Update SUMMARY and DESCRIPTION to note that runx is unmaintained (upstream dormant since 2022) and that vxn provides the same Xen DomU container functionality with pluggable hypervisor backends. go-build is the serial FD handler companion to runx and is similarly superseded. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-18T14:07:49+00:00 urn:sha1:9377aede3157a3e7b702dc389c15f27523b673e7 Add shell-based OCI runtime (vxn-oci-runtime) that enables containerd to manage Xen DomU containers through the standard runc shim. Non-terminal container output flows back to ctr via the shim's pipe mechanism. New files: - vxn-oci-runtime: OCI runtime (create/start/state/kill/delete/features/logs) - vxn-sendtty.c: SCM_RIGHTS helper for terminal mode PTY passing - containerd-shim-vxn-v2: PATH trick wrapper for runc shim coexistence - containerd-config-vxn.toml: CRI config (vxn default, runc fallback) - vctr: convenience wrapper injecting --runtime io.containerd.vxn.v2 Key design: - Monitor subprocess uses wait on xl console (not sleep-polling) for instant reaction when domain dies, then extracts output markers and writes to stdout (shim pipe -> containerd FIFO -> ctr client) - cmd_state checks monitor PID liveness (not domain status) to prevent premature cleanup race that killed monitor before output - cmd_delete always destroys remnant domains (no --force needed) - Coexists with runc: /usr/libexec/vxn/shim/runc symlink + PATH trick Verified: vctr run --rm, vctr run -d, vxn standalone, vxn daemon mode. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-16T16:11:54+00:00 urn:sha1:dec4b4dfc719e095c0b3dcbff638896282c389af To avoid check layer issues, and distros without systemd trying to build this package group, add a check and requirement for systemd to be defined. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26T01:05:01+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-15T04:35:55+00:00 urn:sha1:57d267db7878180d1ecd1936df5284550d0031c3 vxn runs OCI containers as Xen DomU guests — the VM IS the container. No Docker/containerd runs inside the guest; the init script directly mounts the container rootfs and execs the entrypoint via chroot. Host-side (Dom0): - vxn.sh: Docker-like CLI wrapper (sets HYPERVISOR=xen) - vrunner-backend-xen.sh: Xen xl backend for vrunner - hv_prepare_container(): pulls OCI images via skopeo, resolves entrypoint from OCI config using jq on host - xl create for VM lifecycle (PVH on aarch64, PV on x86_64) - Bridge networking with iptables DNAT for port forwards - Console capture via xl console for ephemeral mode Guest-side (DomU): - vxn-init.sh: mounts container rootfs from input disk, extracts OCI layers, execs entrypoint via chroot - Supports containers with or without /bin/sh - grep/sed fallback for OCI config parsing (no jq needed) - Daemon mode with command loop on hvc1 - vcontainer-init-common.sh: hypervisor detection, head -n fix - vcontainer-preinit.sh: init selection via vcontainer.init= Build system: - vxn-initramfs-create.inc: assembles boot blobs from vruntime multiconfig, injects vxn-init.sh into rootfs squashfs - vxn_1.0.bb: Dom0 package with scripts + blobs - nostamp on install/package chain (blobs from DEPLOY_DIR are untracked by sstate) - vxn.cfg: Xen PV kernel config fragment Tested: vxn -it --no-daemon run --rm hello-world Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-10T21:04:20+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-02-10T04:33:48+00:00 urn:sha1:6f53d7763906f24d86e89da4da744421c52d591c Multi-layer OCI container image that can compile the Yocto Project. Three layers: systemd-base, build-tools, yocto-extras. Features CROPS-style dynamic user creation matching /workdir volume owner UID/GID. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-09T03:34:12+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-01-23T21:15:25+00:00 urn:sha1:1d53c86794b202bb9f42eb45f476ab08208ca8d8 Add packagegroup recipes to simplify building all container-related artifacts: - packagegroup-container-images: Build all OCI container images (recipes inheriting image-oci) - packagegroup-container-bundles: Build all container bundles (recipes inheriting container-bundle) - packagegroup-container-demo: Build all demo containers and bundles Usage: bitbake packagegroup-container-images bitbake packagegroup-container-bundles bitbake packagegroup-container-demo Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>