vxn: add Docker/Podman integration and CLI frontends

Add vdkr/vpdmn as Dom0 target packages with Xen auto-detection, native Docker/Podman config sub-packages, and OCI runtime fixes for Docker compatibility (JSON logging, root.path, kill --all, monitor PID lifecycle). Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
author: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-19 01:53:36 +0000
committer: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-02-26 01:05:01 +0000
commit: 035e0daebeb53880ea2a6bd0f0e31785f3ec9e55 (patch)
tree: 1ae711e61d79ad2f7b0afba6fc4489f61d1a6202 /recipes-containers/container-registry/docker-registry-config.bb
parent: bf5abfe3d55604c6b22416cc23cbfaba1ff7bee2 (diff)
download: meta-virtualization-035e0daebeb53880ea2a6bd0f0e31785f3ec9e55.tar.gz
1 files changed, 22 insertions, 2 deletions
diff --git a/recipes-containers/container-registry/docker-registry-config.bb b/recipes-containers/container-registry/docker-registry-config.bb
index 0e8d66ad..e558cccb 100644
--- a/recipes-containers/container-registry/docker-registry-config.bb
+++ b/recipes-containers/container-registry/docker-registry-config.bb
@@ -60,6 +60,13 @@ DOCKER_REGISTRY_INSECURE ?= ""
 # NOT stored in bitbake - should point to external file
 CONTAINER_REGISTRY_AUTHFILE ?= ""
+# OCI runtime configuration for Docker daemon
+# JSON object mapping runtime names to paths, e.g.:
+#   DOCKER_OCI_RUNTIMES = '{"vxn": {"path": "/usr/bin/vxn-oci-runtime"}}'
+DOCKER_OCI_RUNTIMES ?= ""
+# Default OCI runtime name (must be a key in DOCKER_OCI_RUNTIMES or "runc")
+DOCKER_DEFAULT_RUNTIME ?= ""
 def get_insecure_registries(d):
    """Get insecure registries from either Docker-specific or generic config"""
    # Prefer explicit DOCKER_REGISTRY_INSECURE if set
@@ -87,8 +94,10 @@ python() {
        bb.fatal("CONTAINER_REGISTRY_SECURE='1' conflicts with insecure registry settings. "
                 "Use secure mode (TLS+auth) OR insecure mode (HTTP), not both.")
-    if not secure and not registries:
+    oci_runtimes = (d.getVar('DOCKER_OCI_RUNTIMES') or "").strip()
-        raise bb.parse.SkipRecipe("No registry configured - recipe is opt-in only")
+    if not secure and not registries and not oci_runtimes:
+        raise bb.parse.SkipRecipe("No registry or OCI runtime configured - recipe is opt-in only")
    # In secure mode, depend on PKI generation
    if secure:
@@ -137,6 +146,17 @@ python do_install() {
            config["insecure-registries"] = registries
            bb.note(f"Created Docker config with insecure registries: {registries}")
+    # OCI runtime configuration
+    oci_runtimes = (d.getVar('DOCKER_OCI_RUNTIMES') or "").strip()
+    default_runtime = (d.getVar('DOCKER_DEFAULT_RUNTIME') or "").strip()
+    if oci_runtimes:
+        config["runtimes"] = json.loads(oci_runtimes)
+        bb.note("Added OCI runtimes to Docker config: %s" % oci_runtimes)
+    if default_runtime:
+        config["default-runtime"] = default_runtime
+        bb.note("Set default Docker runtime: %s" % default_runtime)
    # Install authfile if provided (for baked credentials)
    if authfile and os.path.exists(authfile):
        docker_dir = os.path.join(dest, 'root/.docker')
author	Bruce Ashfield <bruce.ashfield@gmail.com>	2026-02-19 01:53:36 +0000
committer	Bruce Ashfield <bruce.ashfield@gmail.com>	2026-02-26 01:05:01 +0000
commit	035e0daebeb53880ea2a6bd0f0e31785f3ec9e55 (patch)
tree	1ae711e61d79ad2f7b0afba6fc4489f61d1a6202 /recipes-containers/container-registry/docker-registry-config.bb
parent	bf5abfe3d55604c6b22416cc23cbfaba1ff7bee2 (diff)
download	meta-virtualization-035e0daebeb53880ea2a6bd0f0e31785f3ec9e55.tar.gz

diff --git a/recipes-containers/container-registry/docker-registry-config.bb b/recipes-containers/container-registry/docker-registry-config.bb index 0e8d66ad..e558cccb 100644 --- a/recipes-containers/container-registry/docker-registry-config.bb +++ b/recipes-containers/container-registry/docker-registry-config.bb
@@ -60,6 +60,13 @@ DOCKER_REGISTRY_INSECURE ?= ""
60	# NOT stored in bitbake - should point to external file	60	# NOT stored in bitbake - should point to external file
61	CONTAINER_REGISTRY_AUTHFILE ?= ""	61	CONTAINER_REGISTRY_AUTHFILE ?= ""
62		62
		63	# OCI runtime configuration for Docker daemon
		64	# JSON object mapping runtime names to paths, e.g.:
		65	# DOCKER_OCI_RUNTIMES = '{"vxn": {"path": "/usr/bin/vxn-oci-runtime"}}'
		66	DOCKER_OCI_RUNTIMES ?= ""
		67	# Default OCI runtime name (must be a key in DOCKER_OCI_RUNTIMES or "runc")
		68	DOCKER_DEFAULT_RUNTIME ?= ""
		69
63	def get_insecure_registries(d):	70	def get_insecure_registries(d):
64	"""Get insecure registries from either Docker-specific or generic config"""	71	"""Get insecure registries from either Docker-specific or generic config"""
65	# Prefer explicit DOCKER_REGISTRY_INSECURE if set	72	# Prefer explicit DOCKER_REGISTRY_INSECURE if set
@@ -87,8 +94,10 @@ python() {
87	bb.fatal("CONTAINER_REGISTRY_SECURE='1' conflicts with insecure registry settings. "	94	bb.fatal("CONTAINER_REGISTRY_SECURE='1' conflicts with insecure registry settings. "
88	"Use secure mode (TLS+auth) OR insecure mode (HTTP), not both.")	95	"Use secure mode (TLS+auth) OR insecure mode (HTTP), not both.")
89		96
90	if not secure and not registries:	97	oci_runtimes = (d.getVar('DOCKER_OCI_RUNTIMES') or "").strip()
91	raise bb.parse.SkipRecipe("No registry configured - recipe is opt-in only")	98
		99	if not secure and not registries and not oci_runtimes:
		100	raise bb.parse.SkipRecipe("No registry or OCI runtime configured - recipe is opt-in only")
92		101
93	# In secure mode, depend on PKI generation	102	# In secure mode, depend on PKI generation
94	if secure:	103	if secure:
@@ -137,6 +146,17 @@ python do_install() {
137	config["insecure-registries"] = registries	146	config["insecure-registries"] = registries
138	bb.note(f"Created Docker config with insecure registries: {registries}")	147	bb.note(f"Created Docker config with insecure registries: {registries}")
139		148
		149	# OCI runtime configuration
		150	oci_runtimes = (d.getVar('DOCKER_OCI_RUNTIMES') or "").strip()
		151	default_runtime = (d.getVar('DOCKER_DEFAULT_RUNTIME') or "").strip()
		152
		153	if oci_runtimes:
		154	config["runtimes"] = json.loads(oci_runtimes)
		155	bb.note("Added OCI runtimes to Docker config: %s" % oci_runtimes)
		156	if default_runtime:
		157	config["default-runtime"] = default_runtime
		158	bb.note("Set default Docker runtime: %s" % default_runtime)
		159
140	# Install authfile if provided (for baked credentials)	160	# Install authfile if provided (for baked credentials)
141	if authfile and os.path.exists(authfile):	161	if authfile and os.path.exists(authfile):
142	docker_dir = os.path.join(dest, 'root/.docker')	162	docker_dir = os.path.join(dest, 'root/.docker')