diff --git a/.gitignore b/.gitignore index b8895392..e353e6f2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -.qemu.created hello-* diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml index b3970efd..7b4a55cc 100644 --- a/.semaphore/semaphore.yml +++ b/.semaphore/semaphore.yml @@ -23,10 +23,6 @@ blocks: - name: "calico/go-build image" dependencies: [] task: - agent: - machine: - type: f1-standard-4 - os_image: ubuntu2204 secrets: - name: quay-robot-calico-and-semaphoreci - name: docker @@ -66,18 +62,6 @@ blocks: - env_var: TARGET_ARCH values: ["amd64", "arm64", "ppc64le", "s390x"] - - name: "calico/qemu-user-static image" - dependencies: [] - task: - secrets: - - name: docker - jobs: - - name: Build and push qemu image - commands: - - echo $DOCKER_TOKEN | docker login --username "$DOCKER_USER" --password-stdin - - make image-qemu ARCH=$TARGET_ARCH - - if [ -z "${SEMAPHORE_GIT_PR_NUMBER}" ]; then make push-qemu ARCH=$TARGET_ARCH CONFIRM=true; fi - - name: Push multi-arch manifests skip: # Only run on branches, not PRs. diff --git a/Dockerfile b/Dockerfile index 65592f78..985c4cbe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,8 +2,6 @@ ARG TARGETARCH=${TARGETARCH} FROM calico/bpftool:v7.4.0 AS bpftool -FROM --platform=amd64 calico/qemu-user-static:latest AS qemu - FROM registry.access.redhat.com/ubi8/ubi:latest AS ubi ARG TARGETARCH @@ -25,10 +23,6 @@ ARG CALICO_CONTROLLER_TOOLS_VERSION=calico-0.1 ENV PATH=/usr/local/go/bin:$PATH -# Enable non-native runs on amd64 architecture hosts -# Supported qemu-user-static arch files are copied in Makefile `download-qemu` target -COPY --from=qemu /usr/bin/qemu-*-static /usr/bin - # Install system dependencies RUN dnf upgrade -y && dnf install -y \ autoconf \ diff --git a/Makefile b/Makefile index 8ee1f059..d5b6aeb6 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,5 @@ +include Makefile.common + # Shortcut targets default: image @@ -57,9 +59,6 @@ BASE ?= calico/base BASE_IMAGE ?= $(BASE):latest BASE_ARCH_IMAGE ?= $(BASE_IMAGE)-$(ARCH) -QEMU ?= calico/qemu-user-static -QEMU_IMAGE ?= $(QEMU):latest - ifdef CI DOCKER_PROGRESS := --progress=plain endif @@ -67,16 +66,8 @@ endif ############################################################################### # Building images ############################################################################### -QEMU_IMAGE_CREATED=.qemu.created - -.PHONY: image-qemu -image-qemu: $(QEMU_IMAGE_CREATED) -$(QEMU_IMAGE_CREATED): - docker buildx build $(DOCKER_PROGRESS) --load --platform=linux/amd64 --pull -t $(QEMU_IMAGE) -f qemu/Dockerfile qemu - touch $@ - .PHONY: image -image: register image-qemu +image: register docker buildx build $(DOCKER_PROGRESS) --load --platform=linux/$(ARCH) -t $(GOBUILD_ARCH_IMAGE) -f Dockerfile . ifeq ($(ARCH),amd64) docker tag $(GOBUILD_ARCH_IMAGE) $(GOBUILD_IMAGE) @@ -88,7 +79,7 @@ sub-image-%: $(MAKE) image ARCH=$* .PHONY: image-base -image-base: register image-qemu +image-base: register docker buildx build $(DOCKER_PROGRESS) --load --platform=linux/$(ARCH) --build-arg LDSONAME=$(LDSONAME) -t $(BASE_ARCH_IMAGE) -f base/Dockerfile base .PHONY: image-base-all @@ -96,13 +87,6 @@ image-base-all: $(addprefix sub-image-base-,$(ARCHES)) sub-image-base-%: $(MAKE) image-base ARCH=$* -# Enable binfmt adding support for miscellaneous binary formats. -.PHONY: register -register: -ifeq ($(BUILDARCH),amd64) - docker run --rm --privileged multiarch/qemu-user-static:register --reset -endif - .PHONY: push push: image docker push $(GOBUILD_ARCH_IMAGE) @@ -116,15 +100,10 @@ endif push-base: image-base docker push $(BASE_ARCH_IMAGE) -.PHONY: push-qemu -push-qemu: image-qemu - docker push $(QEMU_IMAGE) - push-all: $(addprefix sub-push-,$(ARCHES)) sub-push-%: $(MAKE) push ARCH=$* $(MAKE) push-base ARCH=$* - $(MAKE) push-qemu .PHONY: push-manifest push-manifest: @@ -136,10 +115,8 @@ push-manifest: .PHONY: clean clean: - rm -f $(QEMU_IMAGE_CREATED) -docker image rm -f $$(docker images $(GOBUILD) -a -q) -docker image rm -f $$(docker images $(BASE) -a -q) - -docker image rm -f $$(docker images $(QEMU) -a -q) ############################################################################### # UTs diff --git a/Makefile.common b/Makefile.common index 551c4f91..4729774c 100644 --- a/Makefile.common +++ b/Makefile.common @@ -75,7 +75,7 @@ endif # This is only needed when running non-native binaries. register: ifneq ($(BUILDARCH),$(ARCH)) - docker run --rm --privileged multiarch/qemu-user-static:register || true + docker run --privileged --rm tonistiigi/binfmt --install all || true endif # If this is a release, also tag and push additional images. diff --git a/README.md b/README.md index 61570887..7795dc5a 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ For example, if you registered the `s390x` emulator at `/usr/bin/qemu-s390x-stat To register emulators, we run: ```bash -docker run -it --rm --privileged multiarch/qemu-user-static:register +docker run --privileged --rm tonistiigi/binfmt --install all ``` or simply @@ -94,7 +94,7 @@ To _run_ a binary from a different architecture, you need to use `binfmt` and `q Register `qemu-*-static` for all supported processors except the current one using the following command: ```bash -docker run --rm --privileged multiarch/qemu-user-static:register +docker run --privileged --rm tonistiigi/binfmt --install all ``` If a cross built binary is executed in the go-build container qemu-static will automatically be used. diff --git a/base/Dockerfile b/base/Dockerfile index b7231fd6..81f627ea 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -1,10 +1,7 @@ -FROM --platform=linux/amd64 calico/qemu-user-static:latest as qemu - -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest as ubi +FROM registry.access.redhat.com/ubi8/ubi-minimal:latest AS ubi ARG LDSONAME - -COPY --from=qemu /usr/bin/qemu-*-static /usr/bin/ +ARG TARGETARCH RUN microdnf upgrade -y @@ -13,12 +10,16 @@ RUN microdnf upgrade -y RUN mkdir -p /rootfs/lib64 /rootfs/etc # Copy dynamic loader and symbolic links. -# Note: The dynamic loader name and links might be different in a future release. +# For s390x architecture, modify the /lib/${LDSONAME} symlink to ../lib64/${LDSONAME} +# instead of /usr/lib64 as the /usr/lib64 directory is not included in our base. RUN cp /lib64/ld-2.28.so /rootfs/lib64/ld-2.28.so RUN set -eux; \ cp -a /lib64/${LDSONAME} /rootfs/lib64/${LDSONAME}; \ if [ -f /lib/${LDSONAME} ]; then \ mkdir -p /rootfs/lib && cp -a /lib/${LDSONAME} /rootfs/lib/${LDSONAME}; \ + if [ "${TARGETARCH}" = "s390x" ]; then \ + ln -sf ../lib64/${LDSONAME} /rootfs/lib/${LDSONAME}; \ + fi \ fi # Required external C dependencies for CGO builds. @@ -42,6 +43,10 @@ FROM scratch as source COPY --from=ubi /rootfs / +# Verify if glibc can be properly loaded. +# This check ensures that the dynamic loader and symbolic links are copied correctly. +RUN ["/lib64/libc.so.6"] + # tmp.tar has a /tmp with the correct permissions 01777. ADD tmp.tar / diff --git a/qemu/Dockerfile b/qemu/Dockerfile deleted file mode 100644 index f7b163ef..00000000 --- a/qemu/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM fedora:latest as qemu - -RUN dnf install -y qemu-user-static - -FROM scratch as source - -COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/qemu-aarch64-static -COPY --from=qemu /usr/bin/qemu-ppc64le-static /usr/bin/qemu-ppc64le-static -COPY --from=qemu /usr/bin/qemu-s390x-static /usr/bin/qemu-s390x-static -COPY --from=qemu /usr/bin/qemu-x86_64-static /usr/bin/qemu-x86_64-static - -FROM scratch - -COPY --from=source / /