Report for 2018-02-01 to 2018-02-28

This report covers the development in the linuxkit/linuxkit linuxkit/lcow linuxkit/kubernetes linuxkit/virtsock linuxkit/rtf linuxkit/homebrew-linuxkit moby/tool repositories. There were 378 contributions (PRs/Issues/Comments) from 29 individual contributors. 56 new PRs were opened and 52 PRs were merged. 17 new issues were opened and 15 issues were closed.

In February we merged the initial support for the RealTime Linux kernel via the PREEMPT_RT patches contributed. We also merged the first steps towards supporting s390x as a new architecture. More PRs are in the pipeline and they should get merged soon.

On the kernel side, we switched the default LinuxKit kernel to the 4.14.x series as it receives critical bug fixes quicker and has better mitigation against Meltdown/Spectre. We also had no less than 8 kernel updates as well as two updates to WireGuard. The latest supported kernels are 4.15.7/4.4.23/4.9.85/4.4.119.

On the Kubernetes front we now have a test harness to perform quick smoke tests.

The Linux Container on Windows (LCOW) project had significant additions to its test suite (and more are in the pipeline). To this end, we also updated the rtf utility to allow running test written in Powershell on macOS and Linux. The VirtSock project received a major rewrite of the Hyper-V socket implementation.

On the tooling and package side, containerd was updated to v1.0.2 and initial steps towards supporting booting from qcow2 EFI images was merged. We also added a new complete example to create a LinuxKit image for the full "TICK" stack (InfluxDB, Chronograf, Kapacitor, Telegraf).

Merged PRs:

Kernel related

• Support Preempt-RT Linux kernel (linuxkit/linuxkit#2897 @TiejunChina @rn @ijc)
• Clarify to support Preempt-RT kernel (linuxkit/linuxkit#2924 @TiejunChina @rn @thaJeztah)
• Make 4.14.x the default and reduce number of kernels build (linuxkit/linuxkit#2923 @rn @ijc @justincormack)
• Update kernels to 4.14.16/4.9.79/4.4.114 and add 4.15 kernels (linuxkit/linuxkit#2900 @rn @ijc)
• Update kernels to 4.15.1/14.14.17/4.9.80/4.4.115 (linuxkit/linuxkit#2905 @rn @ijc @justincormack)
• Extend kernel config test (linuxkit/linuxkit#2908 @cji @justincormack @rn)
• Update kernels to 4.15.2/4.14.18 (linuxkit/linuxkit#2909 @rn @ijc)
• Kernel update to 4.15.3/4.14.19/4.9.81 (linuxkit/linuxkit#2912 @rn @justincormack)
• wireguard: update to 0.0.20180202 (linuxkit/linuxkit#2902 @zx2c4 @rn)
• wireguard: update to 0.0.20180218 (linuxkit/linuxkit#2916 @zx2c4 @rn)
• Update kernels to 4.15.4/4.14.20/4.9.82/4.4.116 (linuxkit/linuxkit#2920 @rn @justincormack)
• Kernel update to 4.15.5/4.14.21/4.9.83/4.4.117 (linuxkit/linuxkit#2925 @rn @justincormack)
• Kernel updates to 4.15.6/4.14.22/4.9.84/4.4.118 (linuxkit/linuxkit#2928 @rn @ijc)
• Kernel update to 4.15.7/4.4.23/4.9.85/4.4.119 (linuxkit/linuxkit#2941 @rn @justincormack)

Kubernetes

• Convenient local test harness for quick smoke test (linuxkit/kubernetes#58 @ijc @rn)
• Revert "Drop duplicate mounts of CNI directories." (linuxkit/kubernetes#60 @ijc @rn)
• test: Retry intra-pod networking test. (linuxkit/kubernetes#61 @ijc @rn)
• Cni bridge configurability (linuxkit/kubernetes#63 @ijc @rn)
• Update to CNI 0.7.0 (linuxkit/kubernetes#65 @ijc @rn)

Tooling

• Allow choice of qemu binary and acceleration (linuxkit/linuxkit#2899 @rn @ijc)
• Make it possible to key the package tags off of top level tree hash (linuxkit/linuxkit#2901 @rvs @deitch)
• Bump rtf to f2409214ca3b719567aa15bb7b363f24876a4d98 (linuxkit/linuxkit#2914 @ijc @rn)
• This commit adds the functionality to run the qemu container detached (linuxkit/linuxkit#2915 @scotty-c @rn)
• Add s390x support for Linuxkit binary and tools (linuxkit/linuxkit#2927 @alicefr @rn @justincormack @ijc)
• Add cli option '--bridgeadapter' to 'linuxkit vbox run' (linuxkit/linuxkit#2930 @obergner @justincormack)
• Support http proxy environment variables in linuxkit build (linuxkit/linuxkit#2932 @garthy @justincormack)
• Add s390x support for linuxkit docker images (linuxkit/linuxkit#2934 @alicefr @justincormack @rn)
• Adds support for building a qcow2 EFI image (linuxkit/linuxkit#2935 @garthy @deitch)
• Add documentation about using images from private registries (moby/tool#203 @deitch @justincormack @AkihiroSuda)
• Fix typos (moby/tool#204 @deitch @justincormack)

Linux Containers on Windows (LCOW)

• Update opengcs and linuxkit components (linuxkit/lcow#8 @rn @ijc)
• Update LCOW tests (linuxkit/lcow#9 @rn @justincormack)
• Clarify where to file issues. (linuxkit/lcow#10 @rn @ijc)
• Add mostly volume sharing tests (linuxkit/lcow#11 @rn @ijc)
• Update rtf to the latest version (linuxkit/lcow#12 @rn @ijc)

VirtSock

• Major rewrite of 'pkg/hvsock' and some other changes (linuxkit/virtsock#53 @rn)
• hvsock: Adjust windows code to be more like go-winio (linuxkit/virtsock#56 @rn)
• Improve debugging (linuxkit/virtsock#57 @rn)
• linuxkit: Tweak the linuxkit image (linuxkit/virtsock#58 @rn)
• c: Fix c programs to work with the vsock implementation of Hyper-V sockets (linuxkit/virtsock#59 @rn)
• Update Linuxkit (linuxkit/virtsock#60 @rn)

Packages

• Containerd v1.0.2 (linuxkit/linuxkit#2913 @ijc @justincormack @rn)
• Bump to Containerd v1.0.2-rc.1 (linuxkit/linuxkit#2904 @ijc @rn)

Project/Docs/Examples

• reports: Add Jan 2018 report (linuxkit/linuxkit#2938 @rn @justincormack)
• Added InfluxDB OS an example (linuxkit/linuxkit#2926 @gianarb @eyz @rn)
• A minor update/hint to the docker-for-mac example documentation. (linuxkit/linuxkit#2931 @functor @rn @deitch)
• Update AUTHORS (linuxkit/linuxkit#2937 @rn @justincormack)
• Update Authors (linuxkit/linuxkit#2907 @justincormack @ijc @rn @deitch)
• Update Authors (linuxkit/linuxkit#2919 @rn @justincormack)

Testing

• Preserve full precision in nanoseconds part of log timestamp (linuxkit/rtf#38 @ijc @rn)
• Fix bad link in USER_GUIDE.md. (linuxkit/rtf#39 @morris-jason @justincormack)
• Add support for running powershell tests on Unix (well macOS) (linuxkit/rtf#40 @rn @dave-tucker)

Closed Issues:

• To start the already installed kubernetes cluster (linuxkit/kubernetes#41 @aadhik @ijc)

• cri-containerd: hostpath mounted read only (linuxkit/kubernetes#59 @yvespp @ijc)

• WARN[0003] certificate with CN ABC DEF is near expiry (linuxkit/kubernetes#62 @rodlogic @ijc)

• Bind mount host to container: very slow write speed (linuxkit/lcow#7 @Yivan @rn)

• linuxkit/test-ltp does not build (linuxkit/linuxkit#2342 @rn @cji)

• Make it possible to key the package tags off of top level tree hash (linuxkit/linuxkit#2887 @rvs @justincormack @deitch @rn)

• Improve/extend kernel config test (linuxkit/linuxkit#2890 @rn)

• 4.9.79 kernel crash on GCP (linuxkit/linuxkit#2903 @rn)

• Improve kernel patching (linuxkit/linuxkit#2906 @rn @tjfontaine)

• Backport vmbus trace points (linuxkit/linuxkit#2910 @rn)

• Switch default kernel to 4.14 (linuxkit/linuxkit#2918 @rn @justincormack)

• Per arch selection of kernel builds (linuxkit/linuxkit#2921 @rn)

• Running linuxkit run vbox --networking bridged does not start VM in bridged mode on Mac (linuxkit/linuxkit#2929 @obergner @justincormack)

• Remove support for Hyper-V socket pre Windows build 14393 (linuxkit/virtsock#51 @rn)

• Implement accept()/Listen() for windows (linuxkit/virtsock#52 @rn)

New or updated PRs and Issues (not closed):

• Flakey rtf tests (linuxkit/kubernetes#64 @ijc)

• Reorganise the test to follow 'docker <command>' (linuxkit/lcow#13 @rn)

• onboot logs not showing up anywhere (linuxkit/linuxkit#1688 @deitch @riyazdf @eyz @ernoaapa)

• Combine linuxkit and Docker Swarm Mode (linuxkit/linuxkit#1989 @nrocco @kencochrane @dweomer @jtvhk @asbjornenge @justincormack)

• Passing config options for image build (linuxkit/linuxkit#2817 @rvs @deitch @errordeveloper @justincormack @w9n)

• Support Preempt-RT Linux kernel (linuxkit/linuxkit#2856 @TiejunChina)

• Resolve certificate with CN ABC DEF is near expiry messages (linuxkit/linuxkit#2911 @ijc @justincormack)

• 4.16 Jailhouse non-root cell support flag for x86-64 (linuxkit/linuxkit#2917 @fntlnz @rn)

• switch to Alpine Edge again? (linuxkit/linuxkit#2922 @justincormack)

• Configure guest with 9P mount and vsock port when using existing VPNKit instance (linuxkit/linuxkit#2933 @ekcasey)

• Convert manifest signing to use docker manifest and docker trust sign (linuxkit/linuxkit#2936 @rn)

• Add s390 support for linuxkit kernel (linuxkit/linuxkit#2939 @alicefr)

• Script to generate s390 kernel configs (linuxkit/linuxkit#2940 @alicefr)

• Add logging to /var/log for onboot containers (linuxkit/linuxkit#2942 @deitch @justincormack)

• Update tools/alpine (wireguard tools and s390x) (linuxkit/linuxkit#2943 @rn @justincormack @ijc)

• NVIDIA driver with LinuxKit host (linuxkit/linuxkit#2944 @jbremmer @rn @justincormack)

• go: client on Linux get EOF on read (linuxkit/virtsock#55 @rn)

• Enable 'moby build' for private repos (moby/tool#202 @rn)