qemu icon indicating copy to clipboard operation
qemu copied to clipboard

Published 20 hours ago verified publisher icon moby

Docker-in-docker (dind) under QEMU emulation

Open tuonga opened this issue 5 years ago • 7 comments

Allows docker:dind to run under QEMU emulation. Can run "docker run hello-world" with this set of changes.

docker run --privileged --platform linux/arm64 -t -i -v $(pwd)/cpuinfo-aarch64.txt:/proc/cpuinfo docker:dind --ip-masq=false --iptables=false --bridge=none

Pull in Tibor's changes.

  • [ ] tibor - fix CSIGNAL andling in clone()
  • [ ] tibor - implement pivot_root syscall
  • [ ] tibor - implement pass-through fcntl for F_ADD_SEALS/F_GET_SEALS
  • [ ] tibor - linux-user: implementations of (yolo) copy_file_range and keyctl
  • [ ] tibor - handle execve of /proc/self/exe assuming binfmt P option

Add the following:

  • [ ] tim - more error checking of /proc/self/cmdline handling of above
  • [ ] tim - add CLONE_PARENT as allowed fork()
  • [ ] tim - a complete hack to fake out runc's expectation of memfd and seals.

Todo:

  • [ ] proper implementation of fcntl F_GET_SEALS
  • [ ] proper implementation of copy_file_range
  • [ ] only tested aarch64. Should probably check the other architectures including arm.

cpuinfo-aarch64.txt

tuonga avatar Aug 30 '19 19:08 tuonga

@tiborvass have you tried to upstream these fixes?

justincormack avatar Sep 02 '19 12:09 justincormack

@tiborvass have you tried to upstream these fixes?

I've pointed out Tibor's last PR to Jason. My intent was to at least consolidate them into a branch and can figure out the upstream strategy later. Some are obviously not ready for upstream at the moment.

tuonga avatar Sep 02 '19 16:09 tuonga

@tuonga I tried this step docker run --privileged --platform linux/arm64 -t -i -v $(pwd)/cpuinfo-aarch64.txt:/proc/cpuinfo docker:dind --ip-masq=false --iptables=false --bridge=none to get dind up on arm with amd host but I get this error while pulling images.

/ # docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
256ab8fe8778: Extracting [==================================================>]  3.367kB/3.367kB
failed to register layer: Error processing tar file(exit status 1):

Any inputs on this?

rajaskakodkar avatar Jun 02 '20 06:06 rajaskakodkar

@rajaskakodkar Unfortunately I haven't worked on this project in a long time and am no longer with Docker. Perhaps @justincormack can point you in the right direction.

fraggles avatar Jun 02 '20 16:06 fraggles

FWIW I've hit a similar error to you @rajaskakodkar and now I'm stuck:

failed to register layer: Error processing tar file(exit status 1):

Did you find a way to get past this issue?

vladaionescu avatar Feb 04 '21 04:02 vladaionescu

Hello @vladaionescu, no, I don't have a fix for the issue, I am still stuck.

rajaskakodkar avatar Feb 04 '21 04:02 rajaskakodkar

https://patchwork.kernel.org/project/qemu-devel/list/?series=490897&archive=both

tonistiigi avatar Jan 21 '22 04:01 tonistiigi