* [bug#52174] [PATCH] gnu: Add podman
[not found] <CMD7WNOQ95S7.2N4ASFNPGIJXS@nix>
@ 2022-08-23 7:14 ` guix-patches--- via
0 siblings, 0 replies; 5+ messages in thread
From: guix-patches--- via @ 2022-08-23 7:14 UTC (permalink / raw)
To: 52174
> For podman to work, the user needs to run
> `sudo mount -t cgroup2 none /sys/fs/cgroup`
I mounted /sys/fs/cgroup as v2 but podman info still shows
host:
...
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
and (expectedly) podman run fails:
Error: OCI runtime error: cgroups in hybrid mode not supported,
drop all controllers from cgroupv2
How do I look for a fix?
^ permalink raw reply [flat|nested] 5+ messages in thread
* [bug#52174] [PATCH] gnu: Add podman
@ 2021-11-29 6:46 Timmy Douglas via Guix-patches via
2021-12-18 17:57 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Timmy Douglas via Guix-patches via @ 2021-11-29 6:46 UTC (permalink / raw)
To: 52174; +Cc: Timmy Douglas
* gnu/packages/containers.scm (crun, conmon, libslirp, slirp4netns,
cni-plugins, podman): Add podman and dependencies.
---
I was going to try running some docker containers on my Guix system
today, but I noticed docker was an old version. I decided to try
packaging podman as the daemonless aspect seems appealing and was able
to run a basic alpine image (rootless) after a couple of hours of
putting this together. This is one of my first packages for Guix, so
please give me some feedback--I'm also interested if anyone else would
like to work together on this, because I'm fairly new to Guix and I
haven't used podman before either. This probably needs some more
testing since I only tried a basic scenario.
For podman to work, I needed to run this:
`sudo mount -t cgroup2 none /sys/fs/cgroup`
gnu/packages/containers.scm | 304 ++++++++++++++++++++++++++++++++++++
1 file changed, 304 insertions(+)
create mode 100644 gnu/packages/containers.scm
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
new file mode 100644
index 0000000000..1c83698c2e
--- /dev/null
+++ b/gnu/packages/containers.scm
@@ -0,0 +1,304 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2021 Timmy Douglas <mail@timmydouglas.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages containers)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system go)
+ #:use-module (guix build-system meson)
+ #:use-module (guix utils)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages check)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnupg)
+ #:use-module (gnu packages golang)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages networking)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages selinux)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages virtualization)
+ #:use-module (gnu packages web))
+
+;; For podman to work, the user needs to run
+;; `sudo mount -t cgroup2 none /sys/fs/cgroup`
+
+(define-public crun
+ (package
+ (name "crun")
+ (version "1.3")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/crun")
+ (commit "8e5757a4e68590326dafe8a8b1b4a584b10a1370") ; 1.3
+ (recursive? #t)))
+ (sha256
+ (base32 "01yiss2d57kwlxb7zlqzjwlg9fyaf19yjngd1mw9n4hxls3dfj3k"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ '(#:tests? #f
+ #:configure-flags '("--disable-systemd")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'do-not-depend-on-git
+ (lambda _
+ (substitute* "autogen.sh"
+ (("^git submodule update.*")
+ ""))
+ (with-output-to-file "git-version.h"
+ (lambda ()
+ (display (string-append
+ "/* autogenerated. */\n#ifndef GIT_VERSION\n# define GIT_VERSION \""
+ "8e5757a4e68590326dafe8a8b1b4a584b10a1370" ; refactor this
+ "\"\n#endif\n"))))
+ #t
+ )))))
+ (inputs
+ `(("libcap" ,libcap)
+ ("libseccomp" ,libseccomp)
+ ("libyajl" ,libyajl)))
+ (native-inputs
+ `(("automake" ,automake)
+ ("autoreconf" ,autoconf)
+ ("git" ,git)
+ ("libtool" ,libtool)
+ ("pkg-config" ,pkg-config)
+ ("python-3" ,python-3)))
+ (home-page "https://github.com/containers/crun")
+ (synopsis "OCI Container runtime")
+ (description
+ "crun is a fast and low-memory footprint OCI Container Runtime fully written in C.")
+ (license license:gpl2+)))
+
+(define-public conmon
+ (package
+ (name "conmon")
+ (version "v2.0.30")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/conmon")
+ (commit version)))
+ (sha256
+ (base32 "1sxpbm01g4xak4kqwvk45gmzr6n9bjzlfp1j85wyz8rj2hg2x4rm"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags (list ,(string-append "CC=" (cc-for-target))
+ (string-append "PREFIX=" %output))
+ #:tests? #f ; currently broken as go tries to use network
+ #:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; when running go, things fail because
+ ;; HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test")))))))
+ (inputs
+ `(("glib" ,glib)
+ ("glibc" ,glibc)
+ ("libseccomp" ,libseccomp)
+ ("crun" ,crun)))
+ (native-inputs
+ `(("git" ,git)
+ ("go" ,go)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://github.com/containers/conmon")
+ (synopsis "Monitoring and communication tool between container manager and OCI runtime")
+ (description
+ "Conmon is a monitoring program and communication tool between a container
+manager (like Podman or CRI-O) and an OCI runtime (like runc or crun) for a
+single container.")
+ (license license:asl2.0)))
+
+(define-public libslirp
+ (package
+ (name "libslirp")
+ (version "v4.6.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.freedesktop.org/slirp/libslirp")
+ (commit version)))
+ (sha256
+ (base32 "1b4cn51xvzbrxd63g6w1033prvbxfxsnsn1l0fa5i311xv28vkh0"))
+ (file-name (git-file-name name version))))
+
+ (build-system meson-build-system)
+ (arguments '(#:tests? #f))
+ (inputs
+ `(("glib" ,glib)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (home-page "https://gitlab.freedesktop.org/slirp/libslirp")
+ (synopsis "User-mode networking library")
+ (description
+ "libslirp is a user-mode networking library used by virtual machines,
+containers or various tools.")
+ (license license:non-copyleft))) ;fixme what is this?
+
+(define-public slirp4netns
+ (package
+ (name "slirp4netns")
+ (version "v1.1.12")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/rootless-containers/slirp4netns")
+ (commit version)))
+ (sha256
+ (base32 "03llv4dlf7qqxwz4zdyk926g4bigfj2gb50glm70ciflpvzs8081"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments '(#:tests? #f))
+ (inputs
+ `(("glib" ,glib)
+ ("libcap" ,libcap)
+ ("libseccomp" ,libseccomp)
+ ("libslirp" ,libslirp)))
+ (native-inputs
+ `(("automake" ,automake)
+ ("autoreconf" ,autoconf)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://github.com/rootless-containers/slirp4netns")
+ (synopsis "User-mode networking for unprivileged network namespaces")
+ (description
+ "slirp4netns provides user-mode networking (\"slirp\") for unprivileged network namespaces.")
+ (license license:gpl2+)))
+
+(define-public cni-plugins
+ (package
+ (name "cni-plugins")
+ (version "v1.0.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containernetworking/plugins")
+ (commit version)))
+ (sha256
+ (base32 "1j91in0mg4nblpdccyq63ncbnn2pc2zzjp1fh3jy0bsndllgv0nc"))
+ (file-name (git-file-name name version))))
+
+ (build-system go-build-system)
+ (arguments
+ `(#:unpack-path "github.com/containernetworking/plugins"
+ #:tests? #f
+ #:phases (modify-phases %standard-phases
+ (replace 'build
+ (lambda _
+ (with-directory-excursion "src/github.com/containernetworking/plugins"
+ (invoke "./build_linux.sh"))))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (copy-recursively "src/github.com/containernetworking/plugins/bin"
+ (string-append (assoc-ref outputs "out") "/bin"))
+ #t)))))
+ (home-page "https://github.com/containernetworking/plugins")
+ (synopsis "CNI network plugins")
+ (description
+ "Some CNI network plugins, maintained by the containernetworking team.")
+ (license license:asl2.0)))
+
+(define-public podman
+ (package
+ (name "podman")
+ (version "v3.4.2")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/podman")
+ (commit version)))
+ (sha256
+ (base32 "0v1xpd1q6ym9ibaj6242v4mp0wwdmj4dd9l7zfyydbxrx6a8ahjn"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags (list ,(string-append "CC=" (cc-for-target))
+ (string-append "PREFIX=" %output))
+ #:tests? #f ; need to setup ginkgo
+ #:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; when running go, things fail because
+ ;; HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")))
+ (add-after 'unpack 'fix-hardcoded-paths
+ (lambda _
+ (substitute* (find-files "libpod" "\\.go")
+ (("exec.LookPath[(][\"]slirp4netns[\"][)]")
+ (string-append "exec.LookPath(\"" (which "slirp4netns") "\")")))
+ (substitute* "vendor/github.com/containers/common/pkg/config/config_linux.go"
+ (("/usr/local/libexec/podman")
+ (string-append (assoc-ref %outputs "out") "/bin")))
+ (substitute* "vendor/github.com/containers/common/pkg/config/default.go"
+ (("/usr/libexec/podman/conmon") (which "conmon"))
+ (("/usr/local/libexec/cni")
+ (string-append (assoc-ref %build-inputs "cni-plugins") "/bin"))
+ (("/usr/bin/crun") (which "crun")))
+ #true))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test")))))))
+ (inputs
+ `(("btrfs-progs" ,btrfs-progs)
+ ("cni-plugins" ,cni-plugins)
+ ("conmon" ,conmon)
+ ("gpgme" ,gpgme)
+ ("go-md2man" ,go-github-com-go-md2man)
+ ("iptables" ,iptables) ; fixme not sure if podman will call this using $PATH
+ ("libassuan" ,libassuan)
+ ("libseccomp" ,libseccomp)
+ ("libselinux" ,libselinux)
+ ("slirp4netns" ,slirp4netns)
+ ("crun" ,crun)))
+ (native-inputs
+ `(("git" ,git)
+ ("go" ,go)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://podman.io")
+ (synopsis "Manage containers, images, pods, and their volumes")
+ (description
+ "Podman (the POD MANager) is a tool for managing containers and images,
+volumes mounted into those containers, and pods made from groups of
+containers.")
+ (license license:asl2.0)))
--
2.33.1
^ permalink raw reply related [flat|nested] 5+ messages in thread* [bug#52174] [PATCH] gnu: Add podman
2021-11-29 6:46 Timmy Douglas via Guix-patches via
@ 2021-12-18 17:57 ` Ludovic Courtès
2021-12-19 4:58 ` [bug#52174] [PATCH v2 1/6] gnu: add crun Timmy Douglas via Guix-patches via
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2021-12-18 17:57 UTC (permalink / raw)
To: Timmy Douglas; +Cc: 52174
Hi Timmy,
Timmy Douglas <mail@timmydouglas.com> skribis:
> * gnu/packages/containers.scm (crun, conmon, libslirp, slirp4netns,
> cni-plugins, podman): Add podman and dependencies.
> ---
>
> I was going to try running some docker containers on my Guix system
> today, but I noticed docker was an old version. I decided to try
> packaging podman as the daemonless aspect seems appealing and was able
> to run a basic alpine image (rootless) after a couple of hours of
> putting this together. This is one of my first packages for Guix, so
> please give me some feedback--I'm also interested if anyone else would
> like to work together on this, because I'm fairly new to Guix and I
> haven't used podman before either. This probably needs some more
> testing since I only tried a basic scenario.
>
> For podman to work, I needed to run this:
> `sudo mount -t cgroup2 none /sys/fs/cgroup`
Woow, that’s a great start, and it’ll certainly be useful to many.
Overall it LGTM. Here are some minor issues that would be nice
addressing:
> gnu/packages/containers.scm | 304 ++++++++++++++++++++++++++++++++++++
> 1 file changed, 304 insertions(+)
> create mode 100644 gnu/packages/containers.scm
We usually have one patch per new package; IWBN if you could split this
patch accordingly.
Make sure to add ‘containers.scm’ to ‘gnu/local.mk’ too.
> + (arguments
> + '(#:tests? #f
> + #:configure-flags '("--disable-systemd")
> + #:phases
Please align keywords, as in:
'(#:tests? #f
#:configure-flags …
#:phases …)
> + (display (string-append
> + "/* autogenerated. */\n#ifndef GIT_VERSION\n# define GIT_VERSION \""
> + "8e5757a4e68590326dafe8a8b1b4a584b10a1370" ; refactor this
You can write “,commit” (read: “unquote commit”), assuming there’s a
‘commit’ local variable above.
> + (inputs
> + `(("libcap" ,libcap)
> + ("libseccomp" ,libseccomp)
> + ("libyajl" ,libyajl)))
> + (native-inputs
> + `(("automake" ,automake)
> + ("autoreconf" ,autoconf)
> + ("git" ,git)
> + ("libtool" ,libtool)
> + ("pkg-config" ,pkg-config)
> + ("python-3" ,python-3)))
IWBN if you could run packages through ‘guix style’:
https://guix.gnu.org/manual/devel/en/html_node/Invoking-guix-style.html
> + (name "conmon")
> + (version "v2.0.30")
Please remove “v” from the version number (here and elsewhere), and…
> + (uri (git-reference
> + (url "https://github.com/containers/conmon")
> + (commit version)))
^
… add it here, with (string-append "v" version).
> + (home-page "https://gitlab.freedesktop.org/slirp/libslirp")
> + (synopsis "User-mode networking library")
> + (description
> + "libslirp is a user-mode networking library used by virtual machines,
> +containers or various tools.")
> + (license license:non-copyleft))) ;fixme what is this?
It’s ‘license:bsd-3’, per
<https://gitlab.freedesktop.org/slirp/libslirp/-/blob/master/COPYRIGHT>.
That’s it.
Could you send updated patches?
Thank you, and apologies for the delay!
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread* [bug#52174] [PATCH v2 1/6] gnu: add crun
2021-12-18 17:57 ` Ludovic Courtès
@ 2021-12-19 4:58 ` Timmy Douglas via Guix-patches via
[not found] ` <875yrjl8a5.fsf@gnu.org>
0 siblings, 1 reply; 5+ messages in thread
From: Timmy Douglas via Guix-patches via @ 2021-12-19 4:58 UTC (permalink / raw)
To: 52174; +Cc: ludo, mail
* gnu/packages/containers.scm: new file
* gnu/local.mk: add containers.scm
---
gnu/local.mk | 1 +
gnu/packages/containers.scm | 87 +++++++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+)
create mode 100644 gnu/packages/containers.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index 33e108c752..8ffcf662ce 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -157,6 +157,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/configuration-management.scm \
%D%/packages/conky.scm \
%D%/packages/connman.scm \
+ %D%/packages/containers.scm \
%D%/packages/convmv.scm \
%D%/packages/cook.scm \
%D%/packages/coq.scm \
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
new file mode 100644
index 0000000000..7ffe6e95d0
--- /dev/null
+++ b/gnu/packages/containers.scm
@@ -0,0 +1,87 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2021 Timmy Douglas <mail@timmydouglas.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages containers)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system go)
+ #:use-module (guix build-system meson)
+ #:use-module (guix utils)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages check)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnupg)
+ #:use-module (gnu packages golang)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages networking)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages selinux)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages virtualization)
+ #:use-module (gnu packages web))
+
+(define-public crun
+ (let ((commit "8e5757a4e68590326dafe8a8b1b4a584b10a1370"))
+ (package
+ (name "crun")
+ (version "1.3")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/crun")
+ (commit commit)
+ (recursive? #t)))
+ (sha256
+ (base32 "01yiss2d57kwlxb7zlqzjwlg9fyaf19yjngd1mw9n4hxls3dfj3k"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f
+ #:configure-flags '("--disable-systemd")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'do-not-depend-on-git
+ (lambda _
+ (substitute* "autogen.sh"
+ (("^git submodule update.*")
+ ""))
+ (with-output-to-file "git-version.h"
+ (lambda ()
+ (display (string-append
+ "/* autogenerated. */\n#ifndef GIT_VERSION\n# define GIT_VERSION \""
+ ,commit
+ "\"\n#endif\n"))))
+ #t)))))
+ (inputs
+ (list libcap libseccomp libyajl))
+ (native-inputs
+ (list automake autoconf git libtool pkg-config python-3))
+ (home-page "https://github.com/containers/crun")
+ (synopsis "OCI Container runtime")
+ (description
+ "crun is a fast and low-memory footprint OCI Container Runtime fully written in C.")
+ (license license:gpl2+))))
--
2.34.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-08-23 7:15 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CMD7WNOQ95S7.2N4ASFNPGIJXS@nix>
2022-08-23 7:14 ` [bug#52174] [PATCH] gnu: Add podman guix-patches--- via
2021-11-29 6:46 Timmy Douglas via Guix-patches via
2021-12-18 17:57 ` Ludovic Courtès
2021-12-19 4:58 ` [bug#52174] [PATCH v2 1/6] gnu: add crun Timmy Douglas via Guix-patches via
[not found] ` <875yrjl8a5.fsf@gnu.org>
2021-12-21 20:17 ` Timmy Douglas via Guix-patches via
2021-12-24 15:23 ` Ludovic Courtès
2021-12-25 0:22 ` Timmy Douglas via Guix-patches via
2022-01-01 18:11 ` bug#52174: [PATCH] gnu: Add podman Ludovic Courtès
2022-01-01 19:59 ` [bug#52174] " Timmy Douglas via Guix-patches via
2022-01-03 11:14 ` Ludovic Courtès
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.