github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

BUILDING.md: remove some bits about building runc

Browse Source 
Refer users to runc's documentation instead of duplicating
the instructions.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2021-08-10 09:31:02 +02:00
parent 42b57cc730
commit 9cc179aa77
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
2 changed files with 24 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
BUILDING.md
View File

@ -46,31 +46,13 @@ need to satisfy these dependencies in your system:
At this point you are ready to build `containerd` yourself! At this point you are ready to build `containerd` yourself!
## Build runc ## Runc
`runc` is the default container runtime used by `containerd` and is required to Runc is the default container runtime used by `containerd` and is required to
run containerd. While it is okay to download a runc binary and install that on run containerd. While it is okay to download a `runc` binary and install that on
the system, sometimes it is necessary to build runc directly when working with the system, sometimes it is necessary to build runc directly when working with
container runtime development. You can skip this step if you already have the container runtime development. Make sure to follow the guidelines for versioning
correct version of `runc` installed. in [RUNC.md](/docs/RUNC.md) for the best results.
`runc` requires `libseccomp`. You may need to install the missing dependencies:
* CentOS/Fedora: `yum install libseccomp libseccomp-devel`
* Debian/Ubuntu: `apt-get install libseccomp libseccomp-dev`
For the quick and dirty installation, you can use the following:
```
git clone https://github.com/opencontainers/runc
cd runc
make
sudo make install
```
Make sure to follow the guidelines for versioning in [RUNC.md](/docs/RUNC.md) for the
best results.
## Build containerd ## Build containerd

46
docs/RUNC.md
View File

@ -1,5 +1,7 @@
# Runc version requirements for containerd
containerd is built with OCI support and with support for advanced features containerd is built with OCI support and with support for advanced features
provided by [runc](https://github.com/opencontainers/runc). provided by the [runc container runtime](https://github.com/opencontainers/runc).
Development (`-dev`) and pre-releases of containerd may depend features in `runc` Development (`-dev`) and pre-releases of containerd may depend features in `runc`
that have not yet been released, and may require a specific runc build. The version that have not yet been released, and may require a specific runc build. The version
@ -14,35 +16,25 @@ or higher than the version of runc described in [`script/setup/runc-version`](..
If you encounter any runtime errors, make sure your runc is in sync with the If you encounter any runtime errors, make sure your runc is in sync with the
commit or tag provided in that file. commit or tag provided in that file.
## building If you do not have the correct version of `runc` installed, you can refer to the
["building" section in the runc documentation](https://github.com/opencontainers/runc#building)
to learn how to build `runc` from source.
> For more information on how to clone and build runc also refer to the runc runc builds have [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux),
> building [documentation](https://github.com/opencontainers/runc#building). [AppArmor](https://en.wikipedia.org/wiki/AppArmor), and [seccomp](https://en.wikipedia.org/wiki/seccomp)
support enabled by default.
Before building runc you may need to install additional build dependencies, which Note that "seccomp" can be disabled by passing an empty `BUILDTAGS` make
will vary by platform. For example, you may need to install `libseccomp` e.g. variable, but is highly recommended to keep enabled.
`libseccomp-dev` for Ubuntu.
From within your `opencontainers/runc` repository run: Use the output of the `runc --version` output to verify if your version of runc
has seccomp enabled. For example:
```bash
make && sudo make install
```
Starting with runc 1.0.0-rc93, the "selinux" and "apparmor" buildtags have been
removed, and runc builds have SELinux, AppArmor, and seccomp support enabled
by default. Note that "seccomp" can be disabled by passing an empty `BUILDTAGS`
make variable, but is highly recommended to keep enabled.
By default, runc is compiled with kernel-memory limiting support enabled. This
functionality is deprecated in kernel 5.4 and up, and is known to be broken on
RHEL7 and CentOS 7 3.10 kernels. For these kernels, we recommend disabling kmem
support using the `nokmem` build-tag. When doing so, be sure to set the `seccomp`
build-tag to enable seccomp support, for example:
```sh ```sh
make BUILDTAGS='nokmem seccomp' && make install $ runc --version
runc version 1.0.1
commit: v1.0.1-0-g4144b638
spec: 1.0.2-dev
go: go1.16.6
libseccomp: 2.4.4
``` ```
For details about the `nokmem` build-tag, refer to the discussion on [opencontainers/runc#2594](https://github.com/opencontainers/runc/pull/2594).
For further details on building runc, refer to the [build instructions in the runc README](https://github.com/opencontainers/runc#building).