Auto-merge for PR #518 via VersionBot

Use balena 17.06 and resin-base v2.9.2 for the docker-in-docker supervisor
2025-02-01 00:45:23 +00:00 · 2017-11-03 21:26:40 +00:00 · 2017-11-03 21:26:40 +00:00 · 5613801219
commit 5613801219
parent bb350eca92 8a2852eda6
7 changed files with 49 additions and 18 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file
 automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY!
 This project adheres to [Semantic Versioning](http://semver.org/).
 ## v6.4.3 - 2017-11-03
 * Use balena 17.06 and resin-base v2.9.2 for the docker-in-docker supervisor #518 [Pablo Carranza Velez]
 ## v6.4.2 - 2017-11-03
 * Avoid an indefinite recursion that grows the call stack when reporting the current state fails #480 [Pablo Carranza Velez]
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
  "name": "resin-supervisor",
  "description": "This is resin.io's Supervisor, a program that runs on IoT devices and has the task of running user Apps (which are Docker containers), and updating them as Resin's API informs it to.",
-  "version": "6.4.2",
+  "version": "6.4.3",
  "license": "Apache-2.0",
  "repository": {
    "type": "git",
--- a/tools/dind/Dockerfile
+++ b/tools/dind/Dockerfile
@ -1,4 +1,4 @@
-FROM resin/resin-base:2
+FROM resin/resin-base:v2.9.2
 VOLUME /var/lib/docker
 VOLUME /resin-data
@ -11,7 +11,7 @@ RUN apt-get update \
 	aufs-tools \
 	&& rm -rf /var/lib/apt/lists/*
-ENV DOCKER_VERSION 1.10.3
+ENV BALENA_VERSION 17.06-rev1
 ENV RELEASE_NAME jessie
 # Change to 'true' to allow blank password dropbear logins on dind HostOS
@ -20,14 +20,10 @@ ARG PASSWORDLESS_DROPBEAR=false
 COPY config/certs/ /usr/local/share/ca-certificates/
 RUN rm -f /usr/local/share/ca-certificates/.keepme ; update-ca-certificates
-RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D \
+RUN curl -sL "https://github.com/resin-os/balena/releases/download/${BALENA_VERSION}/balena-${BALENA_VERSION}-x86_64.tar.gz" \
-	&& echo deb https://apt.dockerproject.org/repo debian-${RELEASE_NAME} main > /etc/apt/sources.list.d/docker.list \
+	| tar xzv -C /usr/bin --strip-components=1
 	&& apt-get update || true \
 	&& apt-get --force-yes install docker-engine=${DOCKER_VERSION}-0~${RELEASE_NAME} \
 	&& rm -rf /var/lib/apt/lists/*
-ENV DIND_COMMIT 3b5fac462d21ca164b3778647420016315289034
+RUN curl -sL https://raw.githubusercontent.com/resin-os/balena/${BALENA_VERSION}/hack/dind > /usr/bin/dind \
 RUN curl -sL https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind > /usr/bin/dind \
 	&& chmod +x /usr/bin/dind
 RUN passwd -d root
@ -43,6 +39,8 @@ COPY resin-vars vpn-init /usr/src/app/
 RUN if [ "$PASSWORDLESS_DROPBEAR" = "true" ]; then sed -i 's/\(DROPBEAR_EXTRA_ARGS=\).*/\1"-B"/' /etc/default/dropbear; fi
 ENV DOCKER_HOST unix:///var/run/docker.sock
 RUN groupadd docker
 RUN systemctl enable resin-supervisor-dind
 COPY supervisor-image.tar /usr/src/
--- a/tools/dind/config/services/docker.service
+++ b/tools/dind/config/services/docker.service
@ -0,0 +1,19 @@
 [Unit]
 Description=Balena Application Container Engine
 Documentation=http://docs.docker.com
 After=network.target docker.socket
 Requires=docker.socket
 [Service]
 Type=notify
 Restart=always
 ExecStart=/usr/bin/dind /usr/bin/balenad --storage-driver aufs --host=fd:// -g /var/lib/docker
 #Adjust OOMscore to -900 to make killing balena unlikely
 OOMScoreAdjust=-900
 MountFlags=slave
 LimitNOFILE=1048576
 LimitNPROC=1048576
 LimitCORE=infinity
 [Install]
 WantedBy=multi-user.target
--- a/tools/dind/config/services/docker.service.d/aufs.conf
+++ b/tools/dind/config/services/docker.service.d/aufs.conf
@ -1,3 +0,0 @@
 [Service]
 ExecStart=
 ExecStart=/usr/bin/dind /usr/bin/docker daemon --storage-driver aufs --host=fd://
--- a/tools/dind/config/services/docker.socket
+++ b/tools/dind/config/services/docker.socket
@ -0,0 +1,12 @@
 [Unit]
 Description=Docker Socket for the API
 PartOf=docker.service
 [Socket]
 ListenStream=/var/run/docker.sock
 SocketMode=0660
 SocketUser=root
 SocketGroup=docker
 [Install]
 WantedBy=sockets.target
--- a/tools/dind/config/services/resin-supervisor-dind.service
+++ b/tools/dind/config/services/resin-supervisor-dind.service
@ -6,15 +6,16 @@ Before=openvpn-resin.service
 [Service]
 WorkingDirectory=/usr/src/app
 Environment=DOCKER_HOST=unix:///var/run/docker.sock
 EnvironmentFile=/usr/src/app/config/env
 EnvironmentFile=/usr/src/app/config/localenv
-ExecStartPre=/bin/bash -c 'if [ "${PRELOADED_IMAGE}" == "true" ]; then /usr/bin/docker pull $(jq --raw-output ".[0].imageId" ${APPS_PATH}); fi'
+ExecStartPre=/bin/bash -c 'if [ "${PRELOADED_IMAGE}" == "true" ]; then /usr/bin/balena pull $(jq --raw-output ".[0].imageId" ${APPS_PATH}); fi'
-ExecStartPre=/usr/bin/docker load --input /usr/src/supervisor-image.tar
+ExecStartPre=/usr/bin/balena load --input /usr/src/supervisor-image.tar
-ExecStartPre=-/usr/bin/docker kill resin_supervisor
+ExecStartPre=-/usr/bin/balena kill resin_supervisor
-ExecStartPre=-/usr/bin/docker rm resin_supervisor
+ExecStartPre=-/usr/bin/balena rm resin_supervisor
 ExecStartPre=-/bin/touch /etc/resolv.conf
 ExecStart=/bin/bash -c 'source /usr/src/app/resin-vars && \
-	/usr/bin/docker run --rm --privileged --name resin_supervisor \
+	/usr/bin/balena run --rm --privileged --name resin_supervisor \
 	--net=host \
 	-v /var/run/docker.sock:/var/run/docker.sock \
 	-v "${CONFIG_PATH}:/boot/config.json" \