1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
|
# Build Profiles — Configuration Fragments for meta-virtualization
## Overview
meta-virtualization provides configuration fragments in `conf/distro/include/`
that replace the manual DISTRO_FEATURES, CONTAINER_PROFILE, and related
settings typically scattered across `local.conf`. Each fragment is a small
`.conf` file that sets the minimum variables needed for a specific build
profile.
The fragments are organized in layers:
```
meta-virt-host.conf <- base (always required first)
container-host-docker.conf <- container profiles (pick one)
container-host-podman.conf
container-host-containerd.conf
container-host-k3s.conf
container-host-k3s-node.conf
xen-host.conf <- Xen support (composable)
meta-virt-dev.conf <- QEMU dev settings (opt-in)
container-registry.conf <- registry config (opt-in)
```
## Quick Start
Add to `local.conf`:
```bash
# Base (always first)
require conf/distro/include/meta-virt-host.conf
# Container profile — change BUILD_PROFILE to switch
BUILD_PROFILE ?= "podman"
require conf/distro/include/container-host-${BUILD_PROFILE}.conf
# Optional: Xen support (composable with any container profile)
require conf/distro/include/xen-host.conf
# Optional: QEMU development settings
require conf/distro/include/meta-virt-dev.conf
# Optional: Container registry
require conf/distro/include/container-registry.conf
MACHINE = "qemux86-64"
```
Then build:
```bash
bitbake container-image-host # container host image
bitbake xen-image-minimal # Xen image (if xen-host.conf included)
```
## Switching Profiles
Change one variable to switch the entire container stack:
```bash
BUILD_PROFILE ?= "docker" # Docker + runc + CNI
BUILD_PROFILE ?= "podman" # Podman + crun + netavark
BUILD_PROFILE ?= "containerd" # Containerd + crun + CNI
BUILD_PROFILE ?= "k3s" # K3s server + embedded containerd + CNI
BUILD_PROFILE ?= "k3s-node" # K3s agent node
```
Or override from the command line:
```bash
BUILD_PROFILE=docker bitbake container-image-host
```
## Fragment Reference
### meta-virt-host.conf (Base — Required)
The foundation for all virtualization work. Must be included first.
**Sets:**
- `DISTRO_FEATURES:append = " virtualization systemd seccomp vmsep vcontainer"`
- `PREFERRED_PROVIDER_virtual/runc ?= "runc"`
- `BBMULTICONFIG ?= "vruntime-aarch64 vruntime-x86-64"`
**Use standalone** for custom/mixed configurations where you want to set
CONTAINER_PROFILE and other variables manually.
### container-host-docker.conf
Docker engine stack.
**Sets:**
- `CONTAINER_PROFILE = "docker"`
**Results in:** docker-moby, runc, CNI networking.
### container-host-podman.conf
Podman engine stack.
**Sets:**
- `CONTAINER_PROFILE = "podman"`
- `DISTRO_FEATURES:append = " ipv6"` (required by podman packagegroup)
**Results in:** podman, crun, netavark + aardvark-dns networking.
### container-host-containerd.conf
Standalone containerd stack.
**Sets:**
- `CONTAINER_PROFILE = "containerd"`
**Results in:** containerd, crun, CNI networking.
### container-host-k3s.conf
K3s server (control plane + agent).
**Sets:**
- `CONTAINER_PROFILE = "k3s-host"`
- `DISTRO_FEATURES:append = " k3s"`
**Results in:** k3s-server, embedded containerd, CNI plugins.
### container-host-k3s-node.conf
K3s agent (worker node). Joins an existing k3s server cluster.
**Sets:**
- `CONTAINER_PROFILE = "k3s-node"`
- `DISTRO_FEATURES:append = " k3s"`
**Results in:** k3s-agent, embedded containerd, CNI plugins.
### xen-host.conf
Xen hypervisor support. Composable with any container profile.
**Sets:**
- `DISTRO_FEATURES:append = " xen vxn"`
- `IMAGE_INSTALL:append:pn-xen-image-minimal = " vxn containerd-opencontainers"`
**Use with:** `bitbake xen-image-minimal`
### meta-virt-dev.conf
QEMU development and testing settings. Only include when developing
and testing with runqemu.
**Sets:**
- `IMAGE_FSTYPES = "ext4"` (raw ext4 for persistent boots, no snapshots)
- `QB_XEN_CMDLINE_EXTRA ?= "dom0_mem=512M"`
- `QB_MEM ?= "-m 1024"`
- `EXTRA_IMAGE_FEATURES ?= "allow-empty-password empty-root-password allow-root-login post-install-logging"`
### container-registry.conf
Local development container registry. Defaults to insecure HTTP at
localhost:5000 with namespace "yocto".
**Sets:**
- `CONTAINER_REGISTRY_URL ?= "localhost:5000"`
- `CONTAINER_REGISTRY_NAMESPACE ?= "yocto"`
- `CONTAINER_REGISTRY_INSECURE ?= "1"`
- `IMAGE_FEATURES:append = " container-registry"`
**For secure (TLS) registries,** override after the require:
```bash
require conf/distro/include/container-registry.conf
CONTAINER_REGISTRY_URL = "registry.example.com:5000"
CONTAINER_REGISTRY_SECURE = "1"
CONTAINER_REGISTRY_USERNAME = "myuser"
```
## Design Notes
**Profiles are pure deltas.** They do not include `meta-virt-host.conf`
themselves. This avoids BitBake duplicate inclusion warnings when
combining multiple fragments (e.g., a container profile + xen-host.conf).
The user must always include `meta-virt-host.conf` first.
**`meta-virt-dev.conf` is separate** from the build profiles. It contains
settings that only matter for QEMU-based development (image format,
memory, debug features) and should not be included in production builds.
**Fragments use weak assignments (`?=`)** for most settings so they can
be overridden in `local.conf`. The exceptions are `CONTAINER_PROFILE`
and profile-specific `DISTRO_FEATURES:append` which use strong
assignments since they define the profile's identity.
## Example: Full Development local.conf
```bash
# After the standard Poky local.conf boilerplate...
CONF_VERSION = "2"
###############################################################################
# Virtualization Profile & Development Configuration
###############################################################################
# Base: virtualization systemd seccomp vmsep vcontainer + BBMULTICONFIG
require conf/distro/include/meta-virt-host.conf
# Container profile (switch BUILD_PROFILE to change)
BUILD_PROFILE ?= "podman"
require conf/distro/include/container-host-${BUILD_PROFILE}.conf
# Xen support (composable with any container profile)
require conf/distro/include/xen-host.conf
# QEMU development settings (IMAGE_FSTYPES, QB_MEM, debug features)
require conf/distro/include/meta-virt-dev.conf
# Container registry (insecure localhost:5000)
require conf/distro/include/container-registry.conf
# Additional local settings
DISTRO_FEATURES:append = " pam"
INIT_MANAGER = "systemd"
MACHINE = "qemux86-64"
# Provider overrides
include bruce-providers.inc
# Xen guest bundles
IMAGE_INSTALL:append:pn-xen-image-minimal = " example-xen-guest-bundle"
IMAGE_INSTALL:append:pn-xen-image-minimal = " alpine-xen-guest-bundle"
```
## Launch Commands
```bash
# Container host (podman/docker/containerd/k3s)
runqemu qemux86-64 container-image-host ext4 nographic kvm slirp
# Xen Dom0
runqemu qemux86-64 xen-image-minimal wic nographic kvm qemuparams="-m 4096"
# K3s with extra memory
runqemu qemux86-64 container-image-host ext4 nographic kvm slirp qemuparams="-m 4096"
```
|
