Hi if you are reading this document you may also want to create a kata Containers Release.
The Kata Containers Release Process is defined in the follwoing documents.
https://github.com/kata-containers/documentation/blob/master/Releases.md
To simply the process of read each release we have created a checklist for it.
Chameleon is a containerized setup for (automagically) configuring redsocks to aid in creation of a transparent proxy inside intel. Based on this, we first assume you have docker installed on the system.
You'll need to initially setup env variables for proxy such that you can install docker on the system. ex:
Kernels can be found at https://kernel.ubuntu.com/~kernel-ppa/mainline/?C=N;O=D
For installing kernel 5.0.5 :
curl -LO https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.0.5/linux-headers-5.0.5-050005_5.0.5-050005.201903271212_all.deb
curl -LO https://kernel.ubuntu.com/~kernel-ppa/mainline/v5.0.5/linux-image-unsigned-5.0.5-050005-generic_5.0.5-050005.201903271212_amd64.deb
| for table in $(echo filter nat mangle raw security); do echo $table; iptables -L -v -n --line-numbers -t $table; done | |
| tcpdump -elnXXi |
sudo add-apt-repository ppa:projectatomic/ppa
sudo apt-get update
sudo apt-get install podman uidmap
echo "$(whoami):10000:65536" | sudo tee /etc/subuid
echo "$(whoami):10000:65536" | sudo tee /etc/subgid
echo -e "[registries.search]\nregistries = ['docker.io']" | sudo tee /etc/containers/registries.conf
To check if there are any processes are running in a namepace :
$ # Run as root:
$
$ nspath=/tmp/katapod/var/run/netns/cni-4f6eb895-1dfd-cd01-b54e-05ffbef9b0c5
$ inode=$(ls -i $nspath | cut -f1 -d" ")
$ pids=$(find -L /proc/[1-9]*/task/*/ns/net -inum $inode | cut -f3 -d"/" | uniq)
$ ps -p $pids
| #!/bin/bash | |
| set -o errexit | |
| set -o nounset | |
| set -o pipefail | |
| sudo rm -rf /var/lib/containerd/devmapper/data-disk.img | |
| sudo rm -rf /var/lib/containerd/devmapper/meta-disk.img | |
| sudo mkdir -p /var/lib/containerd/devmapper | |
| sudo truncate --size 20G /var/lib/containerd/devmapper/data-disk.img |
backdoor-image can be used to easily add user with passwordless sudo access to a image or a root filesystem.
Operating on an image requires the 'mount-image-callback' tool from
cloud-utils. That can be installed on ubuntu via apt-get install -qy cloud-image-utils.
kcli is a handy tool for creating disposable VMs. You can also creata Kubernetes and OpenShift clusters with it. Refer to https://kcli.readthedocs.io/en/latest/ for more details. This gist describes the steps needed to setup kcli on an Ubuntu machine.
sudo apt-get install libvirt-daemon-driver-qemu qemu-kvm
sudo adduser $USER libvirt
The following steps describe the setup required to cross-compile a rust binary on a amd64 platform. These steps setup the cross-compile toolchain on the host itself. After going through these steps manually, I came accross a tool cross that makes the process way easier. It uses docker for the build and does not require any changes to the host. Jump to the section directly if you dont want to make any changes to the host.