开源软件名称:smith
开源软件地址:https://gitee.com/mirrors/smith
开源软件介绍:
smith - microcontainer builder
What is smith ?smith is a simple command line utility for buildingmicrocontainersfrom rpm packages or oci images.
Principles of microcontainersA microcontainer only contains the process to be run and its directdependencies. The microcontainer has files with no user ownership or special permissionsbeyond the executable bit. The root filesystem of the container should be able to run read-only. Allwrites from the container should be into a directory called /write . Anyunique config that an individual container instance will need should beplaced into a directory called /read . Ephemeral files such as pid filescan be written to /run .
Building and Running smith You can build and run smith either as: Both methods are described below, but the Docker route is recommended as the simplest and easiest option. Docker based smith DependenciesMethod- Clone
smith :
git clone https://github.com/oracle/smith.git
- Build
smith Docker image using the Dockerfile provided, optionally adding your own docker-repo-id to the tag:
sudo docker build -t [<docker-repo-id>/]smith .
- Set up an alias (or script) to run
smith from the command line:
smith(){ sudo docker run -it --rm \ --privileged -v $PWD:/write \ -v cache:/var/cache \ -v /tmp:/tmp \ -v mock:/var/lib/mock [<docker-repo-id>/]smith $@} You should now be able to start building microcontainers (see below). Binary smith
Building can be done via the Makefile: DependenciesBuildTo install go run sudo yum install golang-bin or sudo apt install golang-go as appropriate Go dependencies are vendored in the vendor directory. RuntimeTo build from RPMs, smith requires: mock can have issues with non - RPM distros. If you have problems installing or running smith natively on a non - RPM distro, best advice is to build it and run it in a Docker container (see above) mock can be installed on Debian/Ubuntu with some extra care (see below). Specifically you need at least mock1.2. Version 1.1.X will not work because the -r flag does not support abspath to the mock config file.Be aware that your smith builds may still fail. Debian/Ubuntu specific instructions (Here be Dragons): sudo apt install mock createrepo yum
# Fedora rawhide chroot (which mock uses by default) does not play well with# Debian, so point /etc/mock/default.cfg to EPEL 7 (6 on Ubuntu):sudo ln -s /etc/mock/epel-7-x86_64.cfg /etc/mock/default.cfg # rpm on Debian has a patch to macros that messes up mock so undo it. Note# that updating your os will sometimes reset this file and you will have# to run this command again.sudo sed -i 's;%_dbpath\t.*;%_dbpath\t\t%{_var}/lib/rpm;g' /usr/lib/rpm/macros # on debian/ubuntu for some reason yum tries to install packages for# multiple archs, so it is necessary to update the yum.conf section in# default.cfg to prevent that. If you switch your default.cfg you may# have to do this again.sudo sed -i '/\[main\]/a multilib_policy=best' /etc/mock/default.cfg Whichever distro you are using check that your user is a member of the group mock: If your user is not a member of the group mock then add them: $ usermod -aG mock <your_username> On Oracle Linux edit your /etc/mock/site-defaults.cfg and add: config_opts['use_nspawn'] = False Installing smith Installing can be done via the Makefile: Using smith To use smith, simply create a smith.yaml defining your container and runsmith . If you want to overlay additional files or symlinks, simply place theminto a directory called rootfs beside smith.yaml. If you are building the same container multiple times without editing thepackage line, the -f parameter will rebuild the container withoutreinstalling the package. Building MicrocontainersTo build a "hello world" container with smith : - Create a new directory and cd to it
- Create a
smith.yaml file with the following contents:
package: coreutilspaths:- /usr/bin/catcmd:- /usr/bin/cat- /read/data - Create the rootfs directory. Smith will put the contents of the
./rootfs directory into the root directory of the image.
mkdir rootfs
- Create the
read directory under rootfs
mkdir rootfs/read
- Create the file
data under rootfs/read with the following content:
Hello World!
- invoke smith with no parameters:
smith
Your image will be saved as image.tar.gz. You can change the name with aparameter: Smith has a few other options which can be viewed using "--help" Build TypesSmith can build from local rpm files or repositories. You can change the yumconfig by modifying your /etc/mock/default.cfg. Smith can also build directly from oci files downloaded via the downloadcommand, or an oci directly from a docker repository. Simply specify either inyour smith.yaml as package, for example: package: https://registry-1.docker.io/library/fedorapaths:- /usr/bin/catcmd:- /usr/bin/cat- /read/data To build Smith directly from oci, the Docker command is slightly different: smith(){ docker run -it --rm \ -v $PWD:/write \ -v tmp:/tmp vishvananda/smith $@} Advanced UsageFor more detailed instructions on building containers, check out: UploadYou can upload your image to a docker repository: Images will be uploaded to the tag latest . You can specify an alternative tagname to use appending it after a colon: smith upload -r https://registry-1.docker.io/myrepo/cat:newtag It automatically uploads to registry-1.docker.io using docker media types.Otherwise it tries to upload using oci media types. If you want to upload to aprivate docker v2 registry that doesn't support oci media types, you can usethe -d switch: smith upload -d -r https://myregistry.com/myrepo/cat -i cat.tar.gz You can specify a tag name to upload to by appending it to the name Downloadsmith can also download existing images from docker repositories:
smith download -r https://registry-1.docker.io/library/hello-world -i hello-world.tar.gz It will convert these to tar.gz oci layouts. The latest tag will bedownloaded. To download an alternative tag, append it after a colon: smith download -r https://registry-1.docker.io/library/hello-world:othertag ContributingSmith is an open source project. See CONTRIBUTING fordetails. Oracle gratefully acknowledges the contributions to smith that have been madeby the community. Getting in touchThe best way to get in touch is Slack. Click here to join the the Oracle Container Tools workspace. Then join the Smith channel. LicenseCopyright (c) 2017, Oracle and/or its affiliates. All rights reserved. Smith is dual licensed under the Universal Permissive License 1.0 and theApache License 2.0. See LICENSE for more details. |
请发表评论