diff options
| author | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2016-07-09 10:23:01 +0100 |
|---|---|---|
| committer | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2016-07-09 10:38:15 +0100 |
| commit | 3a763c0647cf0e4d5e9c00d3283a3895484b23cc (patch) | |
| tree | a50a3fa6db216b72c5cfd45c66ff02804b3e9b28 /trusty-armhf-tcwg | |
| parent | 3d25b1008c22d3da2efe052adc9a5045b8ed08c9 (diff) | |
trusty-*-tcwg: Don't use VOLUME for bind-mounts
Turns out that dockerfile's VOLUME command doesn't support bind-mounts
on purpose (to stay portable). It only supports scratch mounts and
mounts from other docker containers (--volumes-from).
The ":" in the VOLUME's argument is treated as a normal character, so we
get a bunch of scratch mounts with long strange names.
So leave /tmp scratch mount in the dockerfile and remove all bind-mounts.
Also copy comments on VOLUME and "VOLUME /tmp" to amd64 and i386
dockerfiles.
Change-Id: Ic0644a93a9d7de7c2792b5ae7e56c59455488ccf
Diffstat (limited to 'trusty-armhf-tcwg')
| -rw-r--r-- | trusty-armhf-tcwg/Dockerfile | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/trusty-armhf-tcwg/Dockerfile b/trusty-armhf-tcwg/Dockerfile index 4e14d08..1c183b4 100644 --- a/trusty-armhf-tcwg/Dockerfile +++ b/trusty-armhf-tcwg/Dockerfile @@ -72,8 +72,20 @@ RUN groupadd -g 9000 tcwg-infra \ EXPOSE 22 CMD ["/usr/sbin/sshd", "-D"] -VOLUME /srv/docker/ssh/id_rsa_tcwg-buildslave.pub:/home/tcwg-buildslave/.ssh/authorized_keys:ro -VOLUME /srv/docker/ssh/tcwg-buildslave.config:/home/tcwg-buildslave/.ssh/config:ro -VOLUME /home/tcwg-buildslave/snapshots-ref:/home/tcwg-buildslave/snapshots-ref:ro -VOLUME /home/tcwg-buildslave/workspace:/home/tcwg-buildslave/workspace:rw +# Unfortunately, VOLUME doesn't support bind-mounts for portability reasons. +# Therefore, the bind-mounts for the following paths are configured in +# the ci.linaro.org's docker plugin. +# SSH credentials for tcwg-buildslave (read-only): +# /srv/docker/ssh/id_rsa_tcwg-buildslave.pub:/home/tcwg-buildslave/.ssh/authorized_keys:ro +# /srv/docker/ssh/tcwg-buildslave.config:/home/tcwg-buildslave/.ssh/config:ro +# Sources caches (read-only): +# /home/tcwg-buildslave/snapshots-ref:/home/tcwg-buildslave/snapshots-ref:ro +# Workspace (read-write): +# /home/tcwg-buildslave/workspace:/home/tcwg-buildslave/workspace:rw + +# We use ssh multiplexing, which creates sockets in /tmp. Overlayfs, +# which docker is using can't host sockets, so we use a scratch mount +# for /tmp. This requires that we add --rm option to "docker run" +# invocations (e.g., mark "Remove volumes" checkbox in docker plugin) to +# cleanup host directories used for the scratch mounts. VOLUME /tmp |