[Buildroot] [PATCH v1 1/1] package/crio: new package

Fri Aug 4 21:30:07 UTC 2023

Hi Thomas, Christian, All,

On 01/08/2023 00:38, Thomas Petazzoni wrote:
> Hello Christian,
> 
> Thanks for the patch. See below some review.
> 
> On Thu, 11 May 2023 18:40:56 -0700
> Christian Stewart via buildroot <buildroot at buildroot.org> wrote:
> 
>>  package/Config.in      |  1 +
>>  package/crio/Config.in | 54 ++++++++++++++++++++++++++++
>>  package/crio/crio.hash |  3 ++
>>  package/crio/crio.mk   | 82 
>> ++++++++++++++++++++++++++++++++++++++++++
>>  4 files changed, 140 insertions(+)
> 
> Entry in DEVELOPERS file missing.
> 
>> diff --git a/package/crio/Config.in b/package/crio/Config.in
>> new file mode 100644
>> index 0000000000..35a38c587e
>> --- /dev/null
>> +++ b/package/crio/Config.in
>> @@ -0,0 +1,54 @@
>> +config BR2_PACKAGE_CRIO
>> +	bool "crio"
>> +	depends on BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS
>> +	depends on BR2_PACKAGE_HOST_GO_TARGET_CGO_LINKING_SUPPORTS
>> +	depends on BR2_TOOLCHAIN_HAS_THREADS
>> +	depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_4 # iproute2, 
>> __kernel_{u,}long_t
>> +	depends on !BR2_TOOLCHAIN_USES_UCLIBC # no fexecve
> 
> uClibc has fexecve() now
> 
>> +	depends on BR2_USE_MMU # libgpgme, iproute2, fork()
> 
> 	depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgpgme
> 
> is missing
> 
>> +	select BR2_PACKAGE_IPROUTE2
>> +	select BR2_PACKAGE_IPTABLES
> 
> Neither of these are referenced in the .mk file. Are these runtime
> dependencies? If so, please indicate this via a comment.
> 
> For this kind of package, a runtime test in support/testing/ would be
> very good. You can ask Julien Olivain for help here :-)

I will be glad to help! For a good runtime test, we need:

1. a simple reference Buildroot configuration that compiles the
package, and

2. a simple reference "known working" sequence that is sufficiently
stable in time (to require minimum maintenance after package updates).

I was thinking about this CRI-O tutorial:
https://github.com/cri-o/cri-o/blob/main/tutorials/crictl.md

But it requires crictl, from the cri-tools package:
https://github.com/kubernetes-sigs/cri-tools/tree/master

Christian:
Are you planning to add this package later?  Or do you know a
better/simpler way to start a small container?

Moreover, when I quickly tried this patch, starting from
qemu_aarch64_virt_defconfig. (without systemd) I observed
the following:

I had a build failure due to a missing libseccomp. Maybe a build
dependency is missing?

Once built, the service failed to start (by running "crio" manually),
due to missing runtime dependencies to: conmon, runc, nsenter (from
util-linux). Could you check those are mandatory (and add those as
runtime dependency), or if they can be disabled by configuration?

Once installed, I finally got an error due to the missing
/var/lib/crio directory on the target filesystem. Maybe it is missing
in CRIO_INSTALL_TARGET_CMDS?  Please also check if specific
permissions are needed, and define a CRIO_PERMISSIONS if needed. See:
https://nightly.buildroot.org/manual.html#generic-package-reference

Best regards,

Julien.