subject:"Re\: \[meta\-virtualization\] \[PATCH\] docker\: add NETFILTER_XT_MATCH

Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

2017-07-10 Thread Avery, Brian

/usr/share/docker/check-config.sh
works and is in docker-contrib :).
My miss,
-b

From: Bruce Ashfield <bruce.ashfi...@gmail.com>
Date: Monday, July 10, 2017 at 8:44 AM
To: "Avery, Brian" <brian.av...@intel.com>
Cc: "meta-virtualization@yoctoproject.org" 
<meta-virtualization@yoctoproject.org>
Subject: Re: [meta-virtualization] [PATCH] docker: add 
NETFILTER_XT_MATCH_ADDRTYPE=m



On Mon, Jul 10, 2017 at 11:40 AM, Avery, Brian 
<brian.av...@intel.com<mailto:brian.av...@intel.com>> wrote:
One other thought/question: should we include the docker check-config tool? 
would make it easier for people to track these things down if it changes in the 
future.


It is currently in the docker-contrib package, since we didn't want it to be 
always on target. Have you tried including that and it is otherwise broken ?

Bruce

-b

From: 
<meta-virtualization-boun...@yoctoproject.org<mailto:meta-virtualization-boun...@yoctoproject.org>>
 on behalf of "Avery, Brian" 
<brian.av...@intel.com<mailto:brian.av...@intel.com>>
Date: Monday, July 10, 2017 at 8:37 AM
To: Bruce Ashfield <bruce.ashfi...@gmail.com<mailto:bruce.ashfi...@gmail.com>>

Cc: 
"meta-virtualization@yoctoproject.org<mailto:meta-virtualization@yoctoproject.org>"
 
<meta-virtualization@yoctoproject.org<mailto:meta-virtualization@yoctoproject.org>>
Subject: Re: [meta-virtualization] [PATCH] docker: add 
NETFILTER_XT_MATCH_ADDRTYPE=m

Works for me.
ty :)
-b

p.s. working on this did hit bug 
https://bugzilla.yoctoproject.org/show_bug.cgi?id=8191 when I tried to use 
linux-intel instead of linux-yocto.


From: Bruce Ashfield <bruce.ashfi...@gmail.com<mailto:bruce.ashfi...@gmail.com>>
Date: Monday, July 10, 2017 at 8:24 AM
To: "Avery, Brian" <brian.av...@intel.com<mailto:brian.av...@intel.com>>
Cc: 
"meta-virtualization@yoctoproject.org<mailto:meta-virtualization@yoctoproject.org>"
 
<meta-virtualization@yoctoproject.org<mailto:meta-virtualization@yoctoproject.org>>
Subject: Re: [meta-virtualization] [PATCH] docker: add 
NETFILTER_XT_MATCH_ADDRTYPE=m



On Fri, Jul 7, 2017 at 7:38 PM, brian avery 
<brian.av...@intel.com<mailto:brian.av...@intel.com>> wrote:
Docker needs ths _NETFILTER_XT_MATCH_ADDRTYPE module in order to start
up successfully. This patch adds it to the supported kernels.

Signed-off-by: brian avery <brian.av...@intel.com<mailto:brian.av...@intel.com>>
---
 recipes-kernel/linux/linux-yocto/docker.cfg| 1 +
 recipes-kernel/linux/linux-yocto/docker.scc| 4 
 recipes-kernel/linux/linux-yocto_4.1.bbappend  | 1 +
 recipes-kernel/linux/linux-yocto_4.10.bbappend | 1 +
 recipes-kernel/linux/linux-yocto_4.4.bbappend  | 1 +
 recipes-kernel/linux/linux-yocto_4.9.bbappend  | 1 +
 6 files changed, 9 insertions(+)
 create mode 100644 recipes-kernel/linux/linux-yocto/docker.cfg
 create mode 100644 recipes-kernel/linux/linux-yocto/docker.scc

diff --git a/recipes-kernel/linux/linux-yocto/docker.cfg 
b/recipes-kernel/linux/linux-yocto/docker.cfg
new file mode 100644
index 000..d0ebb66
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/docker.cfg
@@ -0,0 +1 @@
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m


I could have sworn that I already ported and merged my docker fragment to 
meta-virt,
but it looks like I only staged it and never actually did the patch.

To make the fragment as standalone as possible, I'm running with this:


CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_NF_NAT=m
CONFIG_NF_CONNTRACK_IPV4=y
CONFIG_DM_THIN_PROVISIONING=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_OVERLAY_FS=y
-

I propose to update your fragment with those options and merge the changes that
way.

Any objections ?

Bruce

diff --git a/recipes-kernel/linux/linux-yocto/docker.scc 
b/recipes-kernel/linux/linux-yocto/docker.scc
new file mode 100644
index 000..e317456
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/docker.scc
@@ -0,0 +1,4 @@
+define KFEATURE_DESCRIPTION "Enable Features needed by docker in addition to 
LXC features"
+define KFEATURE_COMPATIBILITY board
+
+kconf non-hardware docker.cfg
diff --git a/recipes-kernel/linux/linux-yocto_4.1.bbappend 
b/recipes-kernel/linux/linux-yocto_4.1.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-yocto_4.1.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.1.bbappend
@@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
 file://ebtables.scc \
file://vswitch.scc \
file://lxc.scc \
+file://docker.scc \
"
 KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"

diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend 
b/recipes-kernel/linux/linux-yocto_4.10.bbappend
index f3be89e..f163fdf 100644
--- a/recipes-kernel/linux/linux-

Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

2017-07-10 Thread Bruce Ashfield

On Mon, Jul 10, 2017 at 11:37 AM, Avery, Brian <brian.av...@intel.com>
wrote:

> Works for me.
>
> ty :)
>
> -b
>
>
>
> p.s. working on this did hit bug https://bugzilla.yoctoproject.
> org/show_bug.cgi?id=8191 when I tried to use linux-intel instead of
> linux-yocto.
>

Indeed. The requirement is still that linux-yocto's class is inherited. The
new implementation
removes that requirement but still has some issues.

Bruce


>
>
>
>
> *From: *Bruce Ashfield <bruce.ashfi...@gmail.com>
> *Date: *Monday, July 10, 2017 at 8:24 AM
> *To: *"Avery, Brian" <brian.av...@intel.com>
> *Cc: *"meta-virtualization@yoctoproject.org" <meta-virtualization@
> yoctoproject.org>
> *Subject: *Re: [meta-virtualization] [PATCH] docker: add
> NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
>
>
>
>
> On Fri, Jul 7, 2017 at 7:38 PM, brian avery <brian.av...@intel.com> wrote:
>
> Docker needs ths _NETFILTER_XT_MATCH_ADDRTYPE module in order to start
> up successfully. This patch adds it to the supported kernels.
>
> Signed-off-by: brian avery <brian.av...@intel.com>
> ---
>  recipes-kernel/linux/linux-yocto/docker.cfg| 1 +
>  recipes-kernel/linux/linux-yocto/docker.scc| 4 
>  recipes-kernel/linux/linux-yocto_4.1.bbappend  | 1 +
>  recipes-kernel/linux/linux-yocto_4.10.bbappend | 1 +
>  recipes-kernel/linux/linux-yocto_4.4.bbappend  | 1 +
>  recipes-kernel/linux/linux-yocto_4.9.bbappend  | 1 +
>  6 files changed, 9 insertions(+)
>  create mode 100644 recipes-kernel/linux/linux-yocto/docker.cfg
>  create mode 100644 recipes-kernel/linux/linux-yocto/docker.scc
>
> diff --git a/recipes-kernel/linux/linux-yocto/docker.cfg
> b/recipes-kernel/linux/linux-yocto/docker.cfg
> new file mode 100644
> index 000..d0ebb66
> --- /dev/null
> +++ b/recipes-kernel/linux/linux-yocto/docker.cfg
> @@ -0,0 +1 @@
> +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
>
>
>
>
>
> I could have sworn that I already ported and merged my docker fragment to
> meta-virt,
>
> but it looks like I only staged it and never actually did the patch.
>
>
>
> To make the fragment as standalone as possible, I'm running with this:
>
>
>
> 
>
> CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
>
> CONFIG_IP_NF_FILTER=m
>
> CONFIG_NF_NAT=m
>
> CONFIG_NF_CONNTRACK_IPV4=y
>
> CONFIG_DM_THIN_PROVISIONING=m
>
> CONFIG_IP_NF_NAT=m
>
> CONFIG_IP_NF_TARGET_MASQUERADE=m
>
> CONFIG_OVERLAY_FS=y
>
> -
>
>
>
> I propose to update your fragment with those options and merge the changes
> that
>
> way.
>
>
>
> Any objections ?
>
>
>
> Bruce
>
>
>
> diff --git a/recipes-kernel/linux/linux-yocto/docker.scc
> b/recipes-kernel/linux/linux-yocto/docker.scc
> new file mode 100644
> index 000..e317456
> --- /dev/null
> +++ b/recipes-kernel/linux/linux-yocto/docker.scc
> @@ -0,0 +1,4 @@
> +define KFEATURE_DESCRIPTION "Enable Features needed by docker in addition
> to LXC features"
> +define KFEATURE_COMPATIBILITY board
> +
> +kconf non-hardware docker.cfg
> diff --git a/recipes-kernel/linux/linux-yocto_4.1.bbappend
> b/recipes-kernel/linux/linux-yocto_4.1.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.1.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.1.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>  file://ebtables.scc \
> file://vswitch.scc \
> file://lxc.scc \
> +file://docker.scc \
> "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend
> b/recipes-kernel/linux/linux-yocto_4.10.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.10.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.10.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>  file://ebtables.scc \
> file://vswitch.scc \
> file://lxc.scc \
> +file://docker.scc \
> "
>  KERNEL_FEATURES_append = " features/kvm/qemu-kvm-enable.scc"
>
> diff --git a/recipes-kernel/linux/linux-yocto_4.4.bbappend
> b/recipes-kernel/linux/linux-yocto_4.4.bbappend
> index f3be89e..f163fdf 100644
> --- a/recipes-kernel/linux/linux-yocto_4.4.bbappend
> +++ b/recipes-kernel/linux/linux-yocto_4.4.bbappend
> @@ -4,6 +4,7 @@ SRC_URI += "file://xt-checksum.scc \
>  file://ebtables.scc \
> file://vswitch.scc \
> file://lxc.scc \
> +file://d

Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

Re: [meta-virtualization] [PATCH] docker: add NETFILTER_XT_MATCH_ADDRTYPE=m

2 matches

Site Navigation

Mail list logo

Footer information