Package: guix-patches;
Reported by: Timmy Douglas <mail <at> timmydouglas.com>
Date: Mon, 29 Nov 2021 07:03:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Timmy Douglas <mail <at> timmydouglas.com> To: guix-patches <at> gnu.org Cc: Timmy Douglas <mail <at> timmydouglas.com> Subject: [PATCH] gnu: Add podman Date: Sun, 28 Nov 2021 22:46:36 -0800
* gnu/packages/containers.scm (crun, conmon, libslirp, slirp4netns,
cni-plugins, podman): Add podman and dependencies.
---
I was going to try running some docker containers on my Guix system
today, but I noticed docker was an old version. I decided to try
packaging podman as the daemonless aspect seems appealing and was able
to run a basic alpine image (rootless) after a couple of hours of
putting this together. This is one of my first packages for Guix, so
please give me some feedback--I'm also interested if anyone else would
like to work together on this, because I'm fairly new to Guix and I
haven't used podman before either. This probably needs some more
testing since I only tried a basic scenario.
For podman to work, I needed to run this:
`sudo mount -t cgroup2 none /sys/fs/cgroup`
gnu/packages/containers.scm | 304 ++++++++++++++++++++++++++++++++++++
1 file changed, 304 insertions(+)
create mode 100644 gnu/packages/containers.scm
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
new file mode 100644
index 0000000000..1c83698c2e
--- /dev/null
+++ b/gnu/packages/containers.scm
@@ -0,0 +1,304 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2021 Timmy Douglas <mail <at> timmydouglas.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages containers)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system go)
+ #:use-module (guix build-system meson)
+ #:use-module (guix utils)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages check)
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages gnupg)
+ #:use-module (gnu packages golang)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages networking)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages selinux)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages virtualization)
+ #:use-module (gnu packages web))
+
+;; For podman to work, the user needs to run
+;; `sudo mount -t cgroup2 none /sys/fs/cgroup`
+
+(define-public crun
+ (package
+ (name "crun")
+ (version "1.3")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/crun")
+ (commit "8e5757a4e68590326dafe8a8b1b4a584b10a1370") ; 1.3
+ (recursive? #t)))
+ (sha256
+ (base32 "01yiss2d57kwlxb7zlqzjwlg9fyaf19yjngd1mw9n4hxls3dfj3k"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ '(#:tests? #f
+ #:configure-flags '("--disable-systemd")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'do-not-depend-on-git
+ (lambda _
+ (substitute* "autogen.sh"
+ (("^git submodule update.*")
+ ""))
+ (with-output-to-file "git-version.h"
+ (lambda ()
+ (display (string-append
+ "/* autogenerated. */\n#ifndef GIT_VERSION\n# define GIT_VERSION \""
+ "8e5757a4e68590326dafe8a8b1b4a584b10a1370" ; refactor this
+ "\"\n#endif\n"))))
+ #t
+ )))))
+ (inputs
+ `(("libcap" ,libcap)
+ ("libseccomp" ,libseccomp)
+ ("libyajl" ,libyajl)))
+ (native-inputs
+ `(("automake" ,automake)
+ ("autoreconf" ,autoconf)
+ ("git" ,git)
+ ("libtool" ,libtool)
+ ("pkg-config" ,pkg-config)
+ ("python-3" ,python-3)))
+ (home-page "https://github.com/containers/crun")
+ (synopsis "OCI Container runtime")
+ (description
+ "crun is a fast and low-memory footprint OCI Container Runtime fully written in C.")
+ (license license:gpl2+)))
+
+(define-public conmon
+ (package
+ (name "conmon")
+ (version "v2.0.30")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/conmon")
+ (commit version)))
+ (sha256
+ (base32 "1sxpbm01g4xak4kqwvk45gmzr6n9bjzlfp1j85wyz8rj2hg2x4rm"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags (list ,(string-append "CC=" (cc-for-target))
+ (string-append "PREFIX=" %output))
+ #:tests? #f ; currently broken as go tries to use network
+ #:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; when running go, things fail because
+ ;; HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test")))))))
+ (inputs
+ `(("glib" ,glib)
+ ("glibc" ,glibc)
+ ("libseccomp" ,libseccomp)
+ ("crun" ,crun)))
+ (native-inputs
+ `(("git" ,git)
+ ("go" ,go)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://github.com/containers/conmon")
+ (synopsis "Monitoring and communication tool between container manager and OCI runtime")
+ (description
+ "Conmon is a monitoring program and communication tool between a container
+manager (like Podman or CRI-O) and an OCI runtime (like runc or crun) for a
+single container.")
+ (license license:asl2.0)))
+
+(define-public libslirp
+ (package
+ (name "libslirp")
+ (version "v4.6.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://gitlab.freedesktop.org/slirp/libslirp")
+ (commit version)))
+ (sha256
+ (base32 "1b4cn51xvzbrxd63g6w1033prvbxfxsnsn1l0fa5i311xv28vkh0"))
+ (file-name (git-file-name name version))))
+
+ (build-system meson-build-system)
+ (arguments '(#:tests? #f))
+ (inputs
+ `(("glib" ,glib)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (home-page "https://gitlab.freedesktop.org/slirp/libslirp")
+ (synopsis "User-mode networking library")
+ (description
+ "libslirp is a user-mode networking library used by virtual machines,
+containers or various tools.")
+ (license license:non-copyleft))) ;fixme what is this?
+
+(define-public slirp4netns
+ (package
+ (name "slirp4netns")
+ (version "v1.1.12")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/rootless-containers/slirp4netns")
+ (commit version)))
+ (sha256
+ (base32 "03llv4dlf7qqxwz4zdyk926g4bigfj2gb50glm70ciflpvzs8081"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments '(#:tests? #f))
+ (inputs
+ `(("glib" ,glib)
+ ("libcap" ,libcap)
+ ("libseccomp" ,libseccomp)
+ ("libslirp" ,libslirp)))
+ (native-inputs
+ `(("automake" ,automake)
+ ("autoreconf" ,autoconf)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://github.com/rootless-containers/slirp4netns")
+ (synopsis "User-mode networking for unprivileged network namespaces")
+ (description
+ "slirp4netns provides user-mode networking (\"slirp\") for unprivileged network namespaces.")
+ (license license:gpl2+)))
+
+(define-public cni-plugins
+ (package
+ (name "cni-plugins")
+ (version "v1.0.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containernetworking/plugins")
+ (commit version)))
+ (sha256
+ (base32 "1j91in0mg4nblpdccyq63ncbnn2pc2zzjp1fh3jy0bsndllgv0nc"))
+ (file-name (git-file-name name version))))
+
+ (build-system go-build-system)
+ (arguments
+ `(#:unpack-path "github.com/containernetworking/plugins"
+ #:tests? #f
+ #:phases (modify-phases %standard-phases
+ (replace 'build
+ (lambda _
+ (with-directory-excursion "src/github.com/containernetworking/plugins"
+ (invoke "./build_linux.sh"))))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (copy-recursively "src/github.com/containernetworking/plugins/bin"
+ (string-append (assoc-ref outputs "out") "/bin"))
+ #t)))))
+ (home-page "https://github.com/containernetworking/plugins")
+ (synopsis "CNI network plugins")
+ (description
+ "Some CNI network plugins, maintained by the containernetworking team.")
+ (license license:asl2.0)))
+
+(define-public podman
+ (package
+ (name "podman")
+ (version "v3.4.2")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/podman")
+ (commit version)))
+ (sha256
+ (base32 "0v1xpd1q6ym9ibaj6242v4mp0wwdmj4dd9l7zfyydbxrx6a8ahjn"))
+ (file-name (git-file-name name version))))
+
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags (list ,(string-append "CC=" (cc-for-target))
+ (string-append "PREFIX=" %output))
+ #:tests? #f ; need to setup ginkgo
+ #:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; when running go, things fail because
+ ;; HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")))
+ (add-after 'unpack 'fix-hardcoded-paths
+ (lambda _
+ (substitute* (find-files "libpod" "\\.go")
+ (("exec.LookPath[(][\"]slirp4netns[\"][)]")
+ (string-append "exec.LookPath(\"" (which "slirp4netns") "\")")))
+ (substitute* "vendor/github.com/containers/common/pkg/config/config_linux.go"
+ (("/usr/local/libexec/podman")
+ (string-append (assoc-ref %outputs "out") "/bin")))
+ (substitute* "vendor/github.com/containers/common/pkg/config/default.go"
+ (("/usr/libexec/podman/conmon") (which "conmon"))
+ (("/usr/local/libexec/cni")
+ (string-append (assoc-ref %build-inputs "cni-plugins") "/bin"))
+ (("/usr/bin/crun") (which "crun")))
+ #true))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test")))))))
+ (inputs
+ `(("btrfs-progs" ,btrfs-progs)
+ ("cni-plugins" ,cni-plugins)
+ ("conmon" ,conmon)
+ ("gpgme" ,gpgme)
+ ("go-md2man" ,go-github-com-go-md2man)
+ ("iptables" ,iptables) ; fixme not sure if podman will call this using $PATH
+ ("libassuan" ,libassuan)
+ ("libseccomp" ,libseccomp)
+ ("libselinux" ,libselinux)
+ ("slirp4netns" ,slirp4netns)
+ ("crun" ,crun)))
+ (native-inputs
+ `(("git" ,git)
+ ("go" ,go)
+ ("pkg-config" ,pkg-config)))
+ (home-page "https://podman.io")
+ (synopsis "Manage containers, images, pods, and their volumes")
+ (description
+ "Podman (the POD MANager) is a tool for managing containers and images,
+volumes mounted into those containers, and pods made from groups of
+containers.")
+ (license license:asl2.0)))
--
2.33.1
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.