Modify and document the way to generate a DCP by package_id.
Update the source code of the container manager to align with.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Install the manager configuration with CC_CONTAINER_PATH as working_path.
Move Podman graphroot under installed/podman and set lxc.lxcpath under
installed/lxc for both LXC recipes.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Rename the files/references as follow:
dey-image-container-manager ---> dey-image-containers
dey-image-containers ---> dey-image-dcp
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Bluetooth init scripts depend on the `btmgmt` tool, which is provided by the
`bluez5-noinst-tools` package. Since we already include several BlueZ packages,
include the full Bluetooth stack via `packagegroup-dey-bluetooth`, consistent
with how we handle Wi-Fi.
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Our container managers depends on podman and LXC runtime tools, so add
that dependency.
As we provide a trimmed version of both tools (to keep the rootfs minimal),
add a variable so it is easily configurable by customers.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
dey-image-container is not a full image, so the regular image cleanup
does not remove old DCP artifacts from the deploy directory.
Add a dedicated cleanup task that honors RM_OLD_IMAGE and removes previous
LXC and Podman DCP artifacts before generating the new ones.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate the LXC payload tarball with config and rootfs/ at the
archive root so it matches the documented DCP format and the strict
installer expectations.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the complete Digi recommended set of Wi-Fi tools, if not wpa-cli or
hostapd are not included.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The package is no longer fetched from Git, so rename the recipe to a
versioned .bb file and fetch the proprietary artifact from Digi server.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The shutdown helper was installed and enabled, but during reboot it was
never started.
Hook the helper directly into shutdown.target.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The Cloud Connector depends on syslog for logging, so this package is
required to properly collect its messages.
https://onedigi.atlassian.net/browse/DEL-10080
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Create task temporary directories under `${T}` instead of the host `/tmp`
and remove them when the task exits.
This avoids leaving large temporary directories behind during container
artifact generation.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Generate the package if from logical name when it is not specified in
the json. If case it is set, use it.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Propagate an optional manifest name field through the DCP generator, so the
container manager can publish friendly names DRM.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Align the policy DRM block with the latest changes done in the
cc-container-mng tool.
https://onedigi.atlassian.net/browse/DEL-10075
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Keep the shutdown helper active during normal system operation and run the
managed container stop path from ExecStop when shutdown begins.
This makes the container stop happen before the general system teardown,
so network and CCCS are still available and reboot is less likely to
block waiting for late shutdown ordering.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Currently only the CCMP25 and CC95 will officially support containers.
For these platforms, "/root" is a common path with enough free space.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
As cc-containerd uses DRM to publish metrics, start the service after
cccs (this is optional, as the container will retry it) and stop our
service before cccsd (to do our best to try to upload the STOP status
to DRM)
https://onedigi.atlassian.net/browse/DEL-10035
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
There is no need to have a dedicated folder, as we only use a configuration
file. Other data is stored in a different path.
https://onedigi.atlassian.net/browse/DEL-10035
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include curl in the container-manager image so basic HTTP checks can be
run directly on target when validating containers published ports.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Enable netavark bridge networking in the trimmed Podman recipe
so container images support publish-port arguments
such as -p 80:8080 and restore iptables dependency.
It's needed to install iptables-modules because it is not
populated due to NO_RECOMMENDATIONS.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Switch the Yocto LXC bundle output to tar.gz and require the same format
in the external DCP generator so the DCP can embed the payload
without extra conversion.
This saves time on the device when installing.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Instead of using the internal logic, move to use the external
script to generate the DCP, so internal and external DCP are
using a common flow.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Mark the trimmed runtime variants as conflicting with the standard
packages so images cannot include both Podman or LXC flavors at the
same time.
This avoids ambiguous runtime layouts and configuration ownership when a
minimal container-manager image uses the trimmed packages while other
images may select the standard runtimes.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate /etc/containers/containers.conf so Podman does not depend on
its internal default network backend at runtime.
If not, at runtime, the default podman network fails with:
"""
Error: could not find "netavark" in one of {[/usr/local/libexec/podman /usr/local/l
ib/podman /usr/libexec/podman /usr/lib/podman] {<nil>}}. To resolve this error, se
t the helper_binaries_dir key in the `[engine]` section of containers.conf to the d
irectory containing your helper binaries.
"""
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The container entrypoint already runs docker-init, so there is no
need to chain a second instance.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include default registration settings in the generated DCP manifest so
future install flows can bootstrap the container configuration directly
from the package metadata.
Add registration_defaults with autostart, monitor and restart policy,
and populate those values for the lvgl and webkit container profiles.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Populate the DCP manifest for the ccmp25 lvgl and webkit profiles with
the Podman runtime arguments required to create the containers on the
target.
Keep only runtime options in CONTAINER_CREATE_ARGS_PODMAN and compose the
entrypoint automatically from CONTAINER_INIT_MANAGER and
CONTAINER_INIT_SCRIPT when generating the Podman artifact metadata.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The ccmp25 WebKit container needs a small set of extra device nodes
to run the embedded AI demos reliably.
Bind only the device nodes validated on target for the browser demos:
galcore, DRM, framebuffer, input, and the camera video/media/subdevice
nodes used by the AI examples.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Francisco Gil
Isaac Hermida
Arturo Buzarra