2018-01-31.md

Report for 2018-01-01 to 2018-01-31

This report covers the development in the linuxkit/linuxkit linuxkit/lcow linuxkit/kubernetes linuxkit/virtsock linuxkit/rtf linuxkit/homebrew-linuxkit moby/tool repositories. There were 594 contributions (PRs/Issues/Comments) from 29 individual contributors. 69 new PRs were opened and 73 PRs were merged. 33 new issues were opened and 47 issues were closed.

This month, we did our first proper release of LinuxKit. v0.2 was released on January 25th and binaries and tarballs are available on the release page. As part for the release we clarified the governance of the project and tidied up the repository structure.

We also had a flurry of kernel updates (up to 4.14.15/4.9.78/4.4.113). Most of these included imported fixes and additions to deal with Meltdown and Spectre. To this end we also added support for updating the CPU microcode to LinuxKit and received a WireGuard bump. Furthermore, we restructured how other distributions kernels can be used with LinuxKit.

We update to containerd 1.0.0 and subsequently added a few more bumps to v1.0.2-rc.0. Other packages received some minor updates and fixes

The Kubernetes project was updated to 1.9.2, improvements to the cgroup configuration, and had several improvements to the build infrastructure.

There were numerous improvements to the tooling. Platform support was improved for packet.net; nested virt can be used on GCP; vbox, VMware, hyperkit, and Hyper-V support was updated. containerd namespace support was added and OCI annotations can be added to the config as well as various other fixes.

LCOW and Virtsock only received minor updates. There were no update to rtf.

Merged PRs:

Release related

• v0.2 release (linuxkit/linuxkit#2885 @rn @ijc @justincormack)
• Add some rules to the MAINTAINERS file. (linuxkit/linuxkit#2873 @rn @justincormack @riyazdf @ijc)
• Add code of conduct link to Github recommended location (linuxkit/linuxkit#2878 @justincormack @rn)
• build: Bump linuxkit version to v0.2+ (linuxkit/linuxkit#2888 @rn @justincormack)
• Do not print git commit if empty (linuxkit/linuxkit#2892 @justincormack @ijc)
• Add a 0.2 release formula for linuxkit (linuxkit/homebrew-linuxkit#12 @justincormack)
• Update AUTHORS (linuxkit/linuxkit#2840 @justincormack @rn)
• Re-arrange some files/directories (linuxkit/linuxkit#2876 @rn @justincormack)
• Remove projects/swarmd (linuxkit/linuxkit#2834 @ijc @rn)
• Remove some stale files/projects (linuxkit/linuxkit#2837 @rn @ijc)

Kernel updates

• Updates: kernels (4.14.15/4.9.78/4.4.113), alpine base, wireguard (linuxkit/linuxkit#2880 @rn @ijc)
• Update kernel to 4.14.14/4.9.77/4.4.112 (linuxkit/linuxkit#2870 @rn @justincormack)
• Update kernels to 4.14.13/4.9.76/4.4.111 (linuxkit/linuxkit#2846 @rn @justincormack)
• Kernel update to 4.14.12/4.9.75/4.4.110 (linuxkit/linuxkit#2839 @rn @justincormack)
• Kernel update to 4.14.11/4.9.74/4.4.109 (linuxkit/linuxkit#2831 @rn @justincormack)
• Add the intel ucode cpio archive to the kernel package (linuxkit/linuxkit#2858 @rn @justincormack)
• Use microcode-20171117 in kernel build as microcode-20180108 is no longer available (linuxkit/linuxkit#2896 @ekcasey @rn)
• wireguard: update to 0.0.20180118 (linuxkit/linuxkit#2874 @zx2c4 @rn)
• Add support for Intel ucode (moby/tool#197 @rn @ijc @justincormack)
• Add support for driver (and CPU) firmware (linuxkit/linuxkit#2867 @rn @ijc @justincormack)
• Change support for foreign kernels (linuxkit/linuxkit#2835 @rn @ijc @justincormack)

Kubernetes

• Add e2e package (linuxkit/kubernetes#35 @errordeveloper @ijc)
• Build cni and cri tools (linuxkit/kubernetes#36 @ijc @errordeveloper @rn)
• Update Readme for k8s 1.9 (linuxkit/kubernetes#37 @w9n @errordeveloper @ijc)
• CI: Bump to latest linuxkit binary (linuxkit/kubernetes#39 @ijc @errordeveloper @justincormack)
• mk-image-cache-lst: fix missing $repo use (linuxkit/kubernetes#42 @w9n @ijc)
• git checkout quietly (linuxkit/kubernetes#43 @errordeveloper @ijc)
• Bump to Kubernetes 1.9.1 (linuxkit/kubernetes#45 @errordeveloper @ijc)
• Put system and runtime containers into cgroups. (linuxkit/kubernetes#46 @ijc @justincormack)
• Bump to latest linuxkit hashes, cri beta.1 & Docker 17.12 (linuxkit/kubernetes#47 @ijc @rn)
• Improved cgroup configuration (linuxkit/kubernetes#49 @ijc @justincormack)
• update metadata parameter (linuxkit/kubernetes#50 @w9n @ijc)
• Bump to Kubernetes 1.9.2 (linuxkit/kubernetes#51 @errordeveloper @ijc)
• Bump hashes to LinuxKit v0.2 (linuxkit/kubernetes#53 @ijc @justincormack)
• allow mounting of nfs volumes in k8s (linuxkit/kubernetes#54 @pgayvallet @ijc)
• Portable make update-hashes. (linuxkit/kubernetes#55 @ijc @rn)
• Portable sed expression for make update-hashes (linuxkit/kubernetes#56 @ijc @rn)
• Metadata, duplicate binds and find fixes (linuxkit/kubernetes#57 @ijc @rn)

Tooling

• Split linuxkit run -data options into string and file (linuxkit/linuxkit#2861 @deitch @ijc @rn @justincormack)
• Add option to enable nested-virt on GCP (linuxkit/linuxkit#2871 @rn @justincormack)
• Improve packet.net support (linuxkit/linuxkit#2852 @rn @justincormack @ijc)
• add the -gui flag to vbox run (linuxkit/linuxkit#2821 @rgl @justincormack)
• Update hyperkit go binding (linuxkit/linuxkit#2881 @rn @ijc)
• cmd/hyperv: Use Default Switch if present (linuxkit/linuxkit#2882 @rn @justincormack)
• Added capability to find a host if -hostname isn't specified (linuxkit/linuxkit#2853 @thebsdbox @justincormack)
• docs: Add initial qemu documentation (linuxkit/linuxkit#2883 @rn @ijc @justincormack)
• Vendor latest moby and update packet.net examples to include CPU ucode (linuxkit/linuxkit#2865 @rn @ijc)
• Add support for setting containerd namespace in runtime config (moby/tool#199 @justincormack @ijc)
• allow ImageInspect.Config to be nil when parsing (moby/tool#192 @w9n @justincormack)
• add omitempty for yml config (moby/tool#194 @w9n @justincormack)
• Prepend the rootfs mounts to the user specified runtime.mounts. (moby/tool#195 @ijc @justincormack)
• Add support for OCI annotations in config (moby/tool#198 @justincormack @ijc)
• Fix runtime mkdir (linuxkit/linuxkit#2849 @justincormack @ijc)
• Fix some issues highlighted by go vet (linuxkit/linuxkit#2863 @ijc @justincormack @rn)
• Add an example of setting up a writeable overlay of a host path (linuxkit/linuxkit#2845 @ijc @justincormack)
• Add /run to binds and use newer yml label format (linuxkit/linuxkit#2864 @deitch @ijc)
• Update LinuxKit images to the latest (moby/tool#200 @rn @ijc)
• Update Moby tool (linuxkit/linuxkit#2869 @justincormack @ijc)
• Update Moby tool (linuxkit/linuxkit#2833 @justincormack @rn @ijc)

Packages

• Bump to containerd v1.0.2-rc.0 (linuxkit/linuxkit#2898 @ijc @rn)
• Bump to Containerd v1.0.1 (linuxkit/linuxkit#2872 @ijc @justincormack)
• Bump to containerd v1.0.1-rc.0 (linuxkit/linuxkit#2857 @ijc @justincormack)
• Bump to containerd v1.0.0 (moby/tool#190 @ijc @justincormack)
• Increase size of ARP cache (linuxkit/linuxkit#2875 @justincormack @rn)
• pkg/init/cmd/service: plumb containerd namespace (linuxkit/linuxkit#2809 @stevvooe @justincormack @ijc)
• pkg/sysctl fixes: support commented KV lines, additional seperator and comment character, no post-crit KV set skips (linuxkit/linuxkit#2823 @eyz @justincormack @rn @w9n)
• Use pure Go unix.Reboot function in rc.init (linuxkit/linuxkit#2832 @tklauser @rn @justincormack)
• Move metadata to /run instead of /var (linuxkit/linuxkit#2860 @deitch @justincormack @ijc)
• Update hashes to use latest metadata (linuxkit/linuxkit#2866 @deitch @ijc)
• format: fix for nvme (linuxkit/linuxkit#2847 @w9n @justincormack @rn)
• The vmdk and dynamic-vhd packages had a bug in them (moby/tool#201 @rn @justincormack)

LCOW

• Assorted updates (linuxkit/lcow#6 @rn @justincormack)

Virtsock

• Update LinuxKit bits (linuxkit/virtsock#54 @rn)

Closed Issues:

• Failed to get cgroup stats for docker and kubelet in kubelet container (linuxkit/kubernetes#11 @w9n @justincormack @ijc)

• Docker daemon dies on boot when cgroupsPath used (linuxkit/kubernetes#23 @ijc @justincormack)

• all cadvisor metrics have id="/" (linuxkit/kubernetes#38 @errordeveloper @w9n @ijc)

• e2e tests make apiserver crash on d4m (linuxkit/kubernetes#40 @errordeveloper)

• kubelet reports version and v1.9.0-dirty (linuxkit/kubernetes#44 @ijc @errordeveloper)

• make update-hashes is not portable (linuxkit/kubernetes#52 @errordeveloper @ijc)

• audio support (linuxkit/linuxkit#592 @justincormack @rn)

• better way to manage kernel config (linuxkit/linuxkit#635 @justincormack @ijc @tych0 @rn @riyazdf)

• kernel hang in fchownat? (linuxkit/linuxkit#1376 @djs55 @justincormack @rn @dsheets)

• qemu boot is sometimes hanging (linuxkit/linuxkit#1403 @samoht @justincormack @rn @rkgade @ijc @SvenDowideit)

• kernel: Should we allow patches that are not destined for upstream? (linuxkit/linuxkit#1628 @tych0 @justincormack @riyazdf @rn @avsm)

• Kernel 4.4.75/4.9.35 crash "unable to handle kernel paging request" in "sk_filter_uncharge" (linuxkit/linuxkit#2156 @rn @ijc @perlun)

• kernel 4.9.36_dbg crash in __lock_acquire() with IPv6 tests (linuxkit/linuxkit#2174 @rn)

• No releases? (linuxkit/linuxkit#2199 @uberhacker @rn @justincormack)

• containerd: Not able to use /etc/security/limits.conf to set ulimits (linuxkit/linuxkit#2214 @dave-tucker @justincormack @rn @ijc)

• NFS Performance and Attribute Caching on LinuxKit (linuxkit/linuxkit#2251 @davefreitag @tych0 @rn @justincormack @ijc)

• 4.12 kernel support (linuxkit/linuxkit#2322 @rn @arm64b)

• add a 'check-manifest' to package.mk (linuxkit/linuxkit#2366 @rn)

• modprobe onboot pkg (linuxkit/linuxkit#2367 @pwFoo @justincormack @eyz @rn)

• hyper-v run does not like external switch names with spaces in them (linuxkit/linuxkit#2373 @rn)

• Support nested virt for GCP push/run (linuxkit/linuxkit#2695 @rn)

• Enable nested virt for CI (linuxkit/linuxkit#2696 @rn @ijc @justincormack)

• Alternative for including firmware blobs (linuxkit/linuxkit#2714 @rn @eyz @w9n @ijc @pwFoo)

• metadata parameter crashes on long inline content (linuxkit/linuxkit#2721 @w9n @deitch)

• kernel: inclusion of KSPP patches that are still in development (linuxkit/linuxkit#2745 @tixxdz @rn)

• supported kernels (linuxkit/linuxkit#2763 @zlim @rn)

• Feature Request: Enable ENA kernel module (linuxkit/linuxkit#2820 @FrenchBen @rn @justincormack)

• Problem to build custom kernel modules (linuxkit/linuxkit#2827 @pwFoo @rn)

• create metadata under /run not /var (linuxkit/linuxkit#2829 @justincormack @deitch)

• Need help to build kernel modules from kernel tree to extend /lib/modules (linuxkit/linuxkit#2830 @pwFoo @rn)

• Error writing outputs: Error writing iso-efi output: docker pull failed: exit status 1 output: (linuxkit/linuxkit#2838 @pwFoo @deitch)

• Add functionlity CPU micrcode updates (linuxkit/linuxkit#2843 @rn @ijc @justincormack)

• mount: not working on nvme (linuxkit/linuxkit#2844 @w9n @ijc @justincormack)

• Clarify Code of conduct/governance model (linuxkit/linuxkit#2848 @rn)

• Add a contrib directory (linuxkit/linuxkit#2850 @rn)

• Add qemu documentation (linuxkit/linuxkit#2851 @rn)

• gcp builder fatal error (linuxkit/linuxkit#2854 @Gabology @rn)

• Bump containerd to v1.0.1 (when applicable) (linuxkit/linuxkit#2855 @eyz)

• Question: Use linuxkit parser to build service tar archives? (linuxkit/linuxkit#2859 @pwFoo @justincormack @rn)

• Update hyperkit go bindings (linuxkit/linuxkit#2868 @rn @justincormack @dprotaso)

• Include pigz in alpine package list (linuxkit/linuxkit#2879 @guillaumerose @justincormack @eyz)

• inerd log (linuxkit/linuxkit#2886 @mmatur)

• New binaries not executable (linuxkit/linuxkit#2889 @uberhacker @rn)

• don't print COMMIT on linuxkit tool if empty (linuxkit/linuxkit#2891 @justincormack)

• Remove i8042 from x86_64 kernel config (linuxkit/linuxkit#2893 @rn @justincormack @eyz)

• Intel microcode breaks building of kernel on x86_64 (linuxkit/linuxkit#2894 @AxelVoitier @rn)

• Checkout Go support for AF_VSOCK (linuxkit/virtsock#24 @rn)

New or updated PRs and Issues (not closed):

• cri-containerd doesnt successfully reboot kubelet (linuxkit/kubernetes#26 @w9n @ijc)

• CI: bump linuxkit (linuxkit/kubernetes#34 @ijc)

• To start the already installed kubernetes cluster (linuxkit/kubernetes#41 @aadhik @ijc)

• Upgrade to new version (linuxkit/kubernetes#48 @hwinkel @ijc @justincormack)

• kernel: should we disable BPF_JIT? (linuxkit/linuxkit#1739 @tych0 @gitz-braunschweig-rash @rn @justincormack)

• generic "linuxkit push scp" front end to scp to support iPXE based booting (linuxkit/linuxkit#2049 @vielmetti @rn @alexellis @justincormack)

• [tracking] Packet provider support open issues and missing features (linuxkit/linuxkit#2064 @vielmetti @rn @justincormack)

• Unable to use terraform-provider-vsphere to specify vm network information using open-vm-tools container (linuxkit/linuxkit#2243 @stealthybox @aboyett @rn)

• Support Ignition? (linuxkit/linuxkit#2303 @kevinschoon @SvenDowideit @justincormack @rn)

• new linuxkit pkg push throws non-fatal .docker/config.json warning (linuxkit/linuxkit#2590 @eyz @ijc @rn)

• linuxkit bake (linuxkit/linuxkit#2648 @w9n @ijc @rn)

• qemu-user-static executables from alpine are broken, use debian instead (linuxkit/linuxkit#2710 @oflebbe @justincormack @ijc)

• Fix disk/format tests for arm64 (linuxkit/linuxkit#2808 @rn @eyz @deitch)

• Should builds be reproducible? (linuxkit/linuxkit#2813 @dprotaso @ijc @deitch @justincormack @xtuc)

• Passing config options for image build (linuxkit/linuxkit#2817 @rvs @justincormack @w9n @deitch @errordeveloper)

• Investigate eudev (linuxkit/linuxkit#2836 @rn)

• Investigate using LinuxKit system containerd for examples/docker.yml via dockerd --containerd option (linuxkit/linuxkit#2841 @eyz @justincormack @pwFoo)

• Using user namespace features via system containerd fails (linuxkit/linuxkit#2842 @estesp @justincormack)

• Support Preempt-RT Linux kernel (linuxkit/linuxkit#2856 @TiejunChina)

• DO NOT MERGE (linuxkit/linuxkit#2862 @rn)

• Problem to share a container mount with host (linuxkit/linuxkit#2877 @pwFoo)

• Better way to enable Intel CPU Microcode (linuxkit/linuxkit#2884 @rn @ijc)

• Make it possible to key the package tags off of top level tree hash (linuxkit/linuxkit#2887 @rvs @justincormack @deitch @rn)

• Improve/extend kernel config test (linuxkit/linuxkit#2890 @rn)

• Use microcode-20171117 in kernel build as microcode-20180108 is no longer available (linuxkit/linuxkit#2895 @ekcasey)

• Support Preempt-RT Linux kernel (linuxkit/linuxkit#2897 @TiejunChina @rn @ijc)

• implement accept for hvsock (linuxkit/virtsock#49 @ebriney @rn)

• Remove support for Hyper-V socket pre Windows build 14393 (linuxkit/virtsock#51 @rn)

• Implement accept()/Listen() for windows (linuxkit/virtsock#52 @rn)

• Major rewrite of 'pkg/hvsock' and some other changes (linuxkit/virtsock#53 @rn)

• gometalinter broken (moby/tool#196 @rn @justincormack @ijc)