Commit 13c50bb48fc6

Vincent Demeester <vincent@sbr.pm>
2018-09-15 15:14:28
Update containerd service and related-packages
1. Allow containerd package to be custom in the service 2. Bump containerd to 1.2.0-beta.2 to try things out 3. Bump runc to 1.0.0-rc5 because.. I want the latest Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent 2b9ded4
Changed files (6)
overlays
sbr.overlay.nix
pkgs
containerd
default.nix
runc
default.nix
default.nix
profiles
containerd.nix
service
containerd.nix
overlays/sbr.overlay.nix
@@ -1,4 +1,6 @@
 self: super: {
   ape = import ../pkgs/ape { inherit (self) stdenv lib buildGoPackage fetchFromGitHub; };
   vrsync = import ../pkgs/vrsync { inherit (self) stdenv lib; };
+  runc-edge = import ../pkgs/runc { inherit (self) stdenv lib fetchFromGitHub removeReferencesTo go-md2man go pkgconfig libapparmor apparmor-parser libseccomp; };
+  containerd-edge = import ../pkgs/containerd { inherit (self) stdenv lib fetchFromGitHub removeReferencesTo go btrfs-progs; };
 }
pkgs/containerd/default.nix
@@ -0,0 +1,54 @@
+{ stdenv, lib, fetchFromGitHub, removeReferencesTo
+, go, btrfs-progs }:
+
+with lib;
+
+stdenv.mkDerivation rec {
+  name = "containerd-${version}";
+  version = "1.2.0-beta.2";
+
+  src = fetchFromGitHub {
+    owner = "containerd";
+    repo = "containerd";
+    rev = "v${version}";
+    sha256 = "01y21fx5aidxrn3xz562sqyp9anw85hv9cbpbknj3wf2w15lmkry";
+  };
+
+  hardeningDisable = [ "fortify" ];
+
+  buildInputs = [ removeReferencesTo go btrfs-progs ];
+  buildFlags = "VERSION=v${version}";
+
+  BUILDTAGS = []
+    ++ optional (btrfs-progs == null) "no_btrfs";
+
+  preConfigure = ''
+    # Extract the source
+    cd "$NIX_BUILD_TOP"
+    mkdir -p "go/src/github.com/containerd"
+    mv "$sourceRoot" "go/src/github.com/containerd/containerd"
+    export GOPATH=$NIX_BUILD_TOP/go:$GOPATH
+'';
+
+  preBuild = ''
+    cd go/src/github.com/containerd/containerd
+    patchShebangs .
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp bin/* $out/bin
+  '';
+
+  preFixup = ''
+    find $out -type f -exec remove-references-to -t ${go} '{}' +
+  '';
+
+  meta = {
+    homepage = https://containerd.io/;
+    description = "A daemon to control runC";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ offline vdemeester ];
+    platforms = platforms.linux;
+  };
+}
pkgs/runc/default.nix
@@ -0,0 +1,69 @@
+{ stdenv, lib, fetchFromGitHub, removeReferencesTo, go-md2man
+, go, pkgconfig, libapparmor, apparmor-parser, libseccomp }:
+
+with lib;
+
+stdenv.mkDerivation rec {
+  name = "runc-${version}";
+  version = "1.0.0-rc5";
+
+  src = fetchFromGitHub {
+    owner = "opencontainers";
+    repo = "runc";
+    rev = "v${version}";
+    sha256 = "1ikqw39jn8dzb4snc4pcg3z85jb67ivskdhx028k17ss29bf4062";
+  };
+
+  outputs = [ "out" "man" ];
+
+  hardeningDisable = ["fortify"];
+
+  nativeBuildInputs = [ pkgconfig ];
+  buildInputs = [ removeReferencesTo go-md2man go libseccomp libapparmor apparmor-parser ];
+
+  makeFlags = ''BUILDTAGS+=seccomp BUILDTAGS+=apparmor'';
+
+  preConfigure = ''
+    # Extract the source
+    cd "$NIX_BUILD_TOP"
+    mkdir -p "go/src/github.com/opencontainers"
+    mv "$sourceRoot" "go/src/github.com/opencontainers/runc"
+    export GOPATH=$NIX_BUILD_TOP/go:$GOPATH
+  '';
+
+  preBuild = ''
+    cd go/src/github.com/opencontainers/runc
+    patchShebangs .
+    substituteInPlace libcontainer/apparmor/apparmor.go \
+      --replace /sbin/apparmor_parser ${apparmor-parser}/bin/apparmor_parser
+  '';
+
+  installPhase = ''
+    install -Dm755 runc $out/bin/runc
+
+    # Include contributed man pages
+    man/md2man-all.sh -q
+    manRoot="$man/share/man"
+    mkdir -p "$manRoot"
+    for manDir in man/man?; do
+      manBase="$(basename "$manDir")" # "man1"
+      for manFile in "$manDir"/*; do
+        manName="$(basename "$manFile")" # "docker-build.1"
+        mkdir -p "$manRoot/$manBase"
+        gzip -c "$manFile" > "$manRoot/$manBase/$manName.gz"
+      done
+    done
+  '';
+
+  preFixup = ''
+    find $out/bin -type f -exec remove-references-to -t ${go} '{}' +
+  '';
+
+  meta = {
+    homepage = https://runc.io/;
+    description = "A CLI tool for spawning and running containers according to the OCI specification";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ offline vdemeester ];
+    platforms = platforms.linux;
+  };
+}
pkgs/default.nix
@@ -10,4 +10,10 @@ rec {
   vrsync = import ./vrsync {
     inherit (pkgs) stdenv lib;
   };
+  runc-edge = import ./runc {
+    inherit (pkgs) stdenv lib fetchFromGitHub removeReferencesTo go-md2man go pkgconfig libapparmor apparmor-parser libseccomp;
+  };
+  containerd-edge = import ./containerd {
+    inherit (pkgs) stdenv lib fetchFromGitHub removeReferencesTo go btrfs-progs;
+  };
 }
profiles/containerd.nix
@@ -5,13 +5,14 @@
   environment.systemPackages = with pkgs; [
     cni
     # cni-plugins
-    containerd
-    runc
+    containerd-edge
+    runc-edge
   ];
   virtualisation = {
     containerd = {
       enable = true;
-      packages = [ pkgs.runc ];
+      package = pkgs.containerd-edge;
+      packages = [ pkgs.runc-edge];
     };
   };
 }
service/containerd.nix
@@ -1,4 +1,5 @@
 # Systemd services for containerd.
+
 { config, lib, pkgs, ... }:
 
 with lib;
@@ -6,7 +7,6 @@ with lib;
 let
 
   cfg = config.virtualisation.containerd;
-#   proxy_env = optionalAttrs (pro != null) { Environment = "\"http_proxy=${pro}\""; };
 
 in
 
@@ -25,12 +25,6 @@ in
       '';
     };
 
-    packages = mkOption {
-      type = types.listOf types.package;
-      default = [];
-      description = "List of packages to be added to containerd service path";
-    };
-
     listenOptions =
       mkOption {
       type = types.listOf types.str;
@@ -42,6 +36,21 @@ in
       '';
     };
 
+    package = mkOption {
+      default = pkgs.containerd;
+      type = types.package;
+      example = pkgs.containerd;
+      description = ''
+        Containerd package to be used in the module
+      '';
+    };
+
+    packages = mkOption {
+      type = types.listOf types.package;
+      default = [ pkgs.runc ];
+      description = "List of packages to be added to containerd service path";
+    };
+
     extraOptions =
       mkOption {
       type = types.separatedString " ";
@@ -57,9 +66,8 @@ in
   ###### implementation
 
   config = mkIf cfg.enable {
-    environment.systemPackages = [ pkgs.containerd ];
-    #   users.extraGroups.docker.gid = config.ids.gids.docker;
-    systemd.packages = [ pkgs.containerd ];
+    environment.systemPackages = [ cfg.package];
+    systemd.packages = [ cfg.package];
 
     systemd.services.containerd = {
       wantedBy = [ "multi-user.target" ];
@@ -67,19 +75,14 @@ in
         ExecStart = [
           ""
         ''
-          ${pkgs.containerd}/bin/containerd \
+          ${cfg.package}/bin/containerd \
           ${cfg.extraOptions}
         ''];
-        /*
-        ExecReload=[
-        ""
-        "${pkgs.procps}/bin/kill -s HUP $MAINPID"
-        ];
-        */
-        };
-      path = [ pkgs.containerd ] ++ cfg.packages;
+      };
+      path = [cfg.package] ++ cfg.packages;
     };
 
+
     systemd.sockets.containerd = {
       description = "Containerd Socket for the API";
       wantedBy = [ "sockets.target" ];
@@ -90,5 +93,8 @@ in
         SocketGroup = "root";
       };
     };
+
   };
+
+
 }