diff --git a/Makefile b/Makefile index 12de4375..62e66b0b 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,7 @@ COMMON_ARGS += --build-arg=TAG=$(TAG) empty := space = $(empty) $(empty) -TARGETS = amd-ucode bnx2-bnx2x gvisor hello-world-service intel-ucode +TARGETS = amd-ucode bnx2-bnx2x gvisor hello-world-service intel-ucode iscsi-tools NONFREE_TARGETS = nvidia-container-toolkit all: $(TARGETS) ## Builds all known pkgs. diff --git a/README.md b/README.md index 67b895eb..5362312f 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ All system extensions provided by Sidero Labs can be found in the [ghcr.io regis | [amd-ucode](firmware/amd-ucode/) | [ghcr.io/siderolabs/amd-ucode](https://github.com/siderolabs/extensions/pkgs/container/amd-ucode) | AMD CPU microcode updates | `linux firmware version` | | [bnx2-bnx2x](firmware/bnx2-bnx2x/) | [ghcr.io/siderolabs/bnx2-bnx2x](https://github.com/siderolabs/extensions/pkgs/container/bnx2-bnx2x) | Broadcom NetXtreme firmware | `linux firmware version` | | [intel-ucode](firmware/intel-ucode/) | [ghcr.io/siderolabs/intel-ucode](https://github.com/siderolabs/extensions/pkgs/container/intel-ucode) | Intel CPU microcode updates | `upstream version` | +| [iscsi-tools](iscsi-tools/) | [ghcr.io/siderolabs/iscsi-tools](https://github.com/siderolabs/extensions/pkgs/container/iscsi-tools) | Open iSCSI tools | `0.1.0` | ### Non-free diff --git a/iscsi-tools/iscsid.yaml b/iscsi-tools/iscsid.yaml new file mode 100644 index 00000000..0eed7dd6 --- /dev/null +++ b/iscsi-tools/iscsid.yaml @@ -0,0 +1,67 @@ +name: iscsid +depends: + - service: cri + - service: ext-tgtd + - network: + - addresses + - connectivity + - hostname + - etcfiles +container: + entrypoint: /usr/local/sbin/iscsid-wrapper + mounts: + # ld-musl-x86_64.so.1 + - source: /lib + destination: /lib + type: bind + options: + - bind + - ro + # libcrypto.so and libc.so + - source: /usr/lib + destination: /usr/lib + type: bind + options: + - bind + - ro + # iscsi libs + - source: /usr/local/lib + destination: /usr/local/lib + type: bind + options: + - bind + - ro + - source: /usr/local/sbin + destination: /usr/local/sbin + type: bind + options: + - bind + - ro + # persistent storage for iscsi + - source: /system/iscsi + destination: /etc/iscsi + type: bind + options: + - rshared + - rbind + - rw + - source: /usr/local/etc/iscsi/iscsid.conf + destination: /etc/iscsi/iscsid.conf + type: bind + options: + - bind + - ro + - source: /usr/local/etc/passwd + destination: /etc/passwd + type: bind + options: + - bind + - ro + - source: /run/lock/iscsi + destination: /run/lock/iscsi + type: bind + options: + - rshared + - rbind + - rw +restart: always diff --git a/iscsi-tools/main.go b/iscsi-tools/main.go new file mode 100644 index 00000000..4d304afc --- /dev/null +++ b/iscsi-tools/main.go @@ -0,0 +1,42 @@ +package main + +import ( + "bytes" + "errors" + "fmt" + "io/ioutil" + "log" + "os" + "os/exec" + "syscall" +) + +func main() { + log.Println("iscsid-wrapper: starting...") + cmd := exec.Command("/usr/local/sbin/iscsi-iname") + + var cmdOut bytes.Buffer + + cmd.Stdout = &cmdOut + + if _, err := os.Stat("/etc/iscsi/initiatorname.iscsi"); err != nil { + if errors.Is(err, os.ErrNotExist) { + log.Println("iscsid-wrapper: /etc/iscsi/initiatorname.iscsi does not exist, creating") + if err := cmd.Run(); err != nil { + log.Printf("iscsi-iname: error generating iscsi initiatorname %v\n", err) + } + + initiatorName := fmt.Sprintf("InitiatorName=%s", cmdOut.String()) + log.Printf("iscsid-wrapper: writing %s to /etc/iscsi/initiatorname.iscsi", initiatorName) + + if err := ioutil.WriteFile("/etc/iscsi/initiatorname.iscsi", []byte(initiatorName), 0o644); err != nil { + log.Printf("iscsi-iname: error saving iscsi initiatorname %v\n", err) + } + } + } + + log.Println("iscsid-wrapper: completed..., execing into iscsid") + if err := syscall.Exec("/usr/local/sbin/iscsid", []string{"iscsid", "-f"}, os.Environ()); err != nil { + log.Fatalf("iscsid: error execing /usr/local/sbin/iscsid %v\n", err) + } +} diff --git a/iscsi-tools/manifest.yaml b/iscsi-tools/manifest.yaml new file mode 100644 index 00000000..fcf47f62 --- /dev/null +++ b/iscsi-tools/manifest.yaml @@ -0,0 +1,10 @@ +version: v1alpha1 +metadata: + name: iscsi-tools + version: "$VERSION" + author: Sidero Labs + description: | + This system extension provides iscsi-tools. + compatibility: + talos: + version: ">= v1.0.0" diff --git a/iscsi-tools/open-iscsi/files/passwd b/iscsi-tools/open-iscsi/files/passwd new file mode 100644 index 00000000..35a01eb6 --- /dev/null +++ b/iscsi-tools/open-iscsi/files/passwd @@ -0,0 +1 @@ +root:x:0:0:root:/:/sbin/false diff --git a/iscsi-tools/open-iscsi/patches/add-missing-headers.patch b/iscsi-tools/open-iscsi/patches/add-missing-headers.patch new file mode 100644 index 00000000..e3b0e044 --- /dev/null +++ b/iscsi-tools/open-iscsi/patches/add-missing-headers.patch @@ -0,0 +1,62 @@ +# https://git.alpinelinux.org/aports/plain/main/open-iscsi/add-missing-headers.patch?h=3.15-stable +diff --git a/iscsiuio/src/unix/libs/bnx2x.c b/iscsiuio/src/unix/libs/bnx2x.c +index c5e7b71..94d2663 100644 +--- a/iscsiuio/src/unix/libs/bnx2x.c ++++ b/iscsiuio/src/unix/libs/bnx2x.c +@@ -1,3 +1,4 @@ ++#include + /* + * Copyright (c) 2009-2011, Broadcom Corporation + * Copyright (c) 2014, QLogic Corporation +diff --git a/usr/idbm.c b/usr/idbm.c +index a0207e2..f347332 100644 +--- a/usr/idbm.c ++++ b/usr/idbm.c +@@ -1,3 +1,4 @@ ++#include + /* + * iSCSI Discovery Database Library + * +diff --git a/usr/iscsi_net_util.c b/usr/iscsi_net_util.c +index 6339082..2a75e62 100644 +--- a/usr/iscsi_net_util.c ++++ b/usr/iscsi_net_util.c +@@ -31,7 +31,7 @@ + #include + #include + #include +-#include ++#include + + #include "sysdeps.h" + #include "ethtool-copy.h" +--- a/iscsiuio/src/unix/libs/bnx2x.c ++++ b/iscsiuio/src/unix/libs/bnx2x.c +@@ -47,6 +47,7 @@ + #include + #include + #include ++#include + #include + #include + #include +--- a/iscsiuio/src/unix/libs/bnx2.c ++++ b/iscsiuio/src/unix/libs/bnx2.c +@@ -42,6 +42,7 @@ + #include + #include + #include ++#include + #include + #include + #include +--- a/iscsiuio/src/unix/libs/qedi.c.orig ++++ b/iscsiuio/src/unix/libs/qedi.c +@@ -46,6 +46,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/iscsi-tools/open-iscsi/patches/dont-use-lib64.patch b/iscsi-tools/open-iscsi/patches/dont-use-lib64.patch new file mode 100644 index 00000000..9bd3b9cc --- /dev/null +++ b/iscsi-tools/open-iscsi/patches/dont-use-lib64.patch @@ -0,0 +1,16 @@ +# https://git.alpinelinux.org/aports/plain/main/open-iscsi/dont-use-lib64.patch?h=3.15-stable +diff --git a/libopeniscsiusr/Makefile b/libopeniscsiusr/Makefile +index bf7c96c..eb9da59 100644 +--- a/libopeniscsiusr/Makefile ++++ b/libopeniscsiusr/Makefile +@@ -13,8 +13,8 @@ prefix ?= /usr + INSTALL ?= install + + ifndef LIB_DIR +- ifeq ($(shell test -d /lib64 && echo 1),1) +- LIB_DIR=$(prefix)/lib64 ++ ifeq ($(shell test -d /lib && echo 1),1) ++ LIB_DIR=$(prefix)/lib + else + LIB_DIR=$(prefix)/lib + endif diff --git a/iscsi-tools/open-iscsi/patches/musl-fixes.patch b/iscsi-tools/open-iscsi/patches/musl-fixes.patch new file mode 100644 index 00000000..5a4a841c --- /dev/null +++ b/iscsi-tools/open-iscsi/patches/musl-fixes.patch @@ -0,0 +1,34 @@ +# https://git.alpinelinux.org/aports/plain/main/open-iscsi/musl-fixes.patch?h=3.15-stable +--- a/usr/iscsiadm.c 2016-09-29 20:33:24.000000000 +0200 ++++ b/usr/iscsiadm.c 2017-01-08 03:03:20.648496369 +0100 +@@ -3263,7 +3263,8 @@ + int packet_size=32, ping_count=1, ping_interval=0; + int do_discover = 0, sub_mode = -1; + int portal_type = -1; + int timeout = ISCSID_REQ_TIMEOUT; ++ int argerror = 0; + struct sigaction sa_old; + struct sigaction sa_new; + struct list_head ifaces; +@@ -3426,6 +3427,11 @@ + break; + case 'h': + usage(0); ++ break; ++ case '?': ++ log_error("unrecognized character '%c'", optopt); ++ argerror = 1; ++ break; + } + + if (name && value) { +@@ -3441,8 +3446,7 @@ + } + } + +- if (optopt) { +- log_error("unrecognized character '%c'", optopt); ++ if (argerror) { + rc = ISCSI_ERR_INVAL; + goto free_ifaces; + } diff --git a/iscsi-tools/open-iscsi/patches/remove-werror.patch b/iscsi-tools/open-iscsi/patches/remove-werror.patch new file mode 100644 index 00000000..c56f0a71 --- /dev/null +++ b/iscsi-tools/open-iscsi/patches/remove-werror.patch @@ -0,0 +1,14 @@ +# https://git.alpinelinux.org/aports/plain/main/open-iscsi/remove-werror.patch?h=3.15-stable +diff --git a/libopeniscsiusr/Makefile b/libopeniscsiusr/Makefile +index 6757527..7715344 100644 +--- a/libopeniscsiusr/Makefile ++++ b/libopeniscsiusr/Makefile +@@ -44,7 +44,7 @@ EXTRA_MAN_FILES = libopeniscsiusr.h.3 + OBJS = context.o misc.o session.o sysfs.o iface.o idbm.o node.o default.o + + CFLAGS ?= -O2 -g +-CFLAGS += -Wall -Werror -Wextra -fvisibility=hidden -fPIC ++CFLAGS += -Wall -Wextra -fvisibility=hidden -fPIC + CFLAGS += $(shell $(PKG_CONFIG) --cflags libkmod) + + LDFLAGS += $(shell $(PKG_CONFIG) --libs libkmod) diff --git a/iscsi-tools/open-iscsi/pkg.yaml b/iscsi-tools/open-iscsi/pkg.yaml new file mode 100644 index 00000000..38e876b1 --- /dev/null +++ b/iscsi-tools/open-iscsi/pkg.yaml @@ -0,0 +1,61 @@ +name: open-iscsi +variant: scratch +shell: /toolchain/bin/bash +dependencies: + - stage: base + - image: "{{ .PKGS_PREFIX }}/kmod:{{ .PKGS_VERSION }}" + - image: "{{ .PKGS_PREFIX }}/openssl:{{ .PKGS_VERSION }}" + - image: "{{ .PKGS_PREFIX }}/util-linux:{{ .PKGS_VERSION }}" + - stage: open-isns + from: /rootfs +steps: + - sources: + - url: https://github.com/open-iscsi/open-iscsi/archive/refs/tags/2.1.6.tar.gz + destination: open-iscsi.tar.gz + sha256: b67350d106696779c6bee421c60a64ade2a9dabe247dc4bd44f59c751e22d7f7 + sha512: 4a32a76c1c32d7d1a01fe3a0f88ce9616a54323ec043757be73051eb41ebae8de90ce057acce72fb6fe07aa47e814c9bc6ee88b13fa7d7769ca10c5175974f1d + prepare: + - | + tar -xzf open-iscsi.tar.gz --strip-components=1 + + # Create symlinks for binaries required by libtoolize. + ln -s /toolchain/bin/sed /bin/sed + ln -s /toolchain/bin/sed /usr/bin/sed + ln -s /toolchain/bin/grep /bin/grep + + # Create symlinks for files used when building. + mkdir -p /usr/bin + ln -s /toolchain/bin/pkg-config /usr/bin/pkg-config + ln -s /toolchain/bin/file /usr/bin/file + + patch -p1 < /pkg/patches/musl-fixes.patch + patch -p1 < /pkg/patches/add-missing-headers.patch + patch -p1 < /pkg/patches/dont-use-lib64.patch + patch -p1 < /pkg/patches/remove-werror.patch + build: + - | + export PKG_CONFIG_PATH=/usr/lib/pkgconfig + + LDFLAGS="$LDFLAGS -L/usr/local/lib" \ + make -j $(nproc) \ + prefix=/usr/local \ + exec_prefix=/usr/local \ + localstatedir=/var \ + sysconfdir=/usr/local/etc \ + mandir=/usr/local/share/man \ + OPTFLAGS="$CFLAGS -I/usr/local/include -DNO_SYSTEMD" + install: + - | + mkdir -p /usr/local/etc + make prefix=/usr/local exec_prefix=/usr/local/ etcdir=/usr/local/etc DESTDIR=/rootfs install + + # cleanup + rm -rf /rootfs/usr/local/share + rm -rf /rootfs/usr/local/include + rm -rf /rootfs/usr/local/lib/pkgconfig + rm -rf /rootfs/usr/local/etc/iscsi/ifaces + + cp /pkg/files/passwd /rootfs/usr/local/etc/passwd +finalize: + - from: /rootfs + to: /rootfs diff --git a/iscsi-tools/open-isns/pkg.yaml b/iscsi-tools/open-isns/pkg.yaml new file mode 100644 index 00000000..efe71645 --- /dev/null +++ b/iscsi-tools/open-isns/pkg.yaml @@ -0,0 +1,50 @@ +name: open-isns +variant: scratch +shell: /toolchain/bin/bash +dependencies: + - stage: base + - image: "{{ .PKGS_PREFIX }}/openssl:{{ .PKGS_VERSION }}" +steps: + - sources: + - url: https://github.com/open-iscsi/open-isns/archive/refs/tags/v0.101.tar.gz + destination: open-isns.tar.gz + sha256: f672ec86b6c9e984843a7a28d76f07e26393499c486f86034b8b18caa8deb556 + sha512: e5a392127b0d85f36e9e4aa963c0c502af8c5aea0aba6d12abb4425649969dcc20ba6e87a99083626d981438439b17b71a86320f816042d82ed5dbe7e7a63e77 + prepare: + - | + tar -xzf open-isns.tar.gz --strip-components=1 + + - | + cp /toolchain/share/automake-1.16/config.guess aclocal/ + autoreconf -fi + + - | + mkdir build + cd build + + ../configure \ + --prefix=/usr/local \ + --sysconfdir=/usr/local/etc \ + --mandir=/usr/local/share/man \ + --infodir=/usr/local/share/info \ + --enable-shared \ + CFLAGS="$CFLAGS -Wno-error" + build: + - | + cd build + make -j $(nproc) + install: + - | + cd build + # open-isns libraries only needed + # make prefix=/usr/local etcdir=/usr/local/etc DESTDIR=/rootfs install + make prefix=/usr/local DESTDIR=/rootfs install_hdrs + make prefix=/usr/local DESTDIR=/rootfs install_lib + + # cleanup + rm -rf /rootfs/usr/local/lib/systemd + rm -rf /rootfs/usr/local/lib/*.a + rm -rf /rootfs/usr/local/lib/pkgconfig +finalize: + - from: /rootfs + to: /rootfs diff --git a/iscsi-tools/pkg.yaml b/iscsi-tools/pkg.yaml new file mode 100644 index 00000000..7c3bb810 --- /dev/null +++ b/iscsi-tools/pkg.yaml @@ -0,0 +1,37 @@ +name: iscsi-tools +variant: scratch +shell: /toolchain/bin/bash +dependencies: + # `base` dependency is used for doing cleanups + # not copied to rootfs + - stage: base + - stage: open-isns + - stage: open-iscsi + - stage: tgt +steps: + - build: + - | + cp /pkg/main.go main.go + + export PATH=${PATH}:${TOOLCHAIN}/go/bin + + CGO_ENABLED=0 go build -o iscsid-wrapper main.go + install: + - | + mkdir -p /rootfs/usr/local/lib/containers/{iscsid,tgtd} + + cp iscsid-wrapper /rootfs/usr/local/sbin/iscsid-wrapper + + sed -i 's#$VERSION#{{ .VERSION }}#' /pkg/manifest.yaml + + # cleanup + rm -rf /rootfs/usr/local/include +finalize: + - from: /pkg/iscsid.yaml + to: /rootfs/usr/local/etc/containers/iscsid.yaml + - from: /pkg/tgtd.yaml + to: /rootfs/usr/local/etc/containers/tgtd.yaml + - from: /rootfs + to: /rootfs + - from: /pkg/manifest.yaml + to: / diff --git a/iscsi-tools/tgt/musl.patch b/iscsi-tools/tgt/musl.patch new file mode 100644 index 00000000..8973a9d3 --- /dev/null +++ b/iscsi-tools/tgt/musl.patch @@ -0,0 +1,25 @@ +diff --git a/usr/tgtd.h b/usr/tgtd.h +index 6e517f6..a41d0e5 100644 +--- a/usr/tgtd.h ++++ b/usr/tgtd.h +@@ -1,6 +1,8 @@ + #ifndef __TARGET_DAEMON_H + #define __TARGET_DAEMON_H + ++#include ++ + #include "log.h" + #include "scsi_cmnd.h" + #include "tgtadm_error.h" +diff --git a/usr/util.h b/usr/util.h +index eefce74..1e60fd5 100644 +--- a/usr/util.h ++++ b/usr/util.h +@@ -15,6 +15,7 @@ + #include + #include + #include ++#include + + #include "be_byteshift.h" + diff --git a/iscsi-tools/tgt/pkg.yaml b/iscsi-tools/tgt/pkg.yaml new file mode 100644 index 00000000..a3b59319 --- /dev/null +++ b/iscsi-tools/tgt/pkg.yaml @@ -0,0 +1,27 @@ +name: tgt +variant: scratch +shell: /toolchain/bin/bash +dependencies: + - stage: base +steps: + - sources: + - url: https://github.com/fujita/tgt/archive/refs/tags/v1.0.82.tar.gz + destination: tgtadm.tar.gz + sha256: 35156277465e0ced5f3ca7e301110a937a7a2b90bbb5aecbca1349b91ada1c2c + sha512: e81a56fae8010ee2af8643b6accc1e51f6667e27b07c986e6a5412dcb483b46ccc0e4fe1aeb399c352282284fe516f3fc1cab5d8cbb431cc9f97f00d5faa0430 + env: + PREFIX: /usr/local + prepare: + - | + tar -xzf tgtadm.tar.gz --strip-components=1 + - | + patch -p1 < /pkg/musl.patch + build: + - | + make -j $(nproc) + install: + - | + make install-programs DESTDIR=/rootfs +finalize: + - from: /rootfs + to: /rootfs diff --git a/iscsi-tools/tgtd.yaml b/iscsi-tools/tgtd.yaml new file mode 100644 index 00000000..3156e3ed --- /dev/null +++ b/iscsi-tools/tgtd.yaml @@ -0,0 +1,48 @@ +name: tgtd +depends: + - service: cri + - network: + - addresses + - connectivity + - hostname + - etcfiles +container: + entrypoint: /usr/local/sbin/tgtd + args: + - -f + mounts: + # ld-musl-x86_64.so.1 + - source: /lib + destination: /lib + type: bind + options: + - bind + - ro + # libcrypto.so and libc.so + - source: /usr/lib + destination: /usr/lib + type: bind + options: + - bind + - ro + - source: /var/run/tgtd + destination: /var/run/tgtd + type: bind + options: + - rshared + - rbind + - rw + - source: /proc + destination: /proc + type: bind + options: + - rshared + - rbind + - rw + - source: /usr/local/sbin + destination: /usr/local/sbin + type: bind + options: + - bind + - ro +restart: always diff --git a/iscsi-tools/vars.yaml b/iscsi-tools/vars.yaml new file mode 100644 index 00000000..4e027a73 --- /dev/null +++ b/iscsi-tools/vars.yaml @@ -0,0 +1 @@ +VERSION: 0.1.0