Enable netavark bridge networking in the trimmed Podman recipe
so container images support publish-port arguments
such as -p 80:8080 and restore iptables dependency.
It's needed to install iptables-modules because it is not
populated due to NO_RECOMMENDATIONS.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Switch the Yocto LXC bundle output to tar.gz and require the same format
in the external DCP generator so the DCP can embed the payload
without extra conversion.
This saves time on the device when installing.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Instead of using the internal logic, move to use the external
script to generate the DCP, so internal and external DCP are
using a common flow.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Mark the trimmed runtime variants as conflicting with the standard
packages so images cannot include both Podman or LXC flavors at the
same time.
This avoids ambiguous runtime layouts and configuration ownership when a
minimal container-manager image uses the trimmed packages while other
images may select the standard runtimes.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate /etc/containers/containers.conf so Podman does not depend on
its internal default network backend at runtime.
If not, at runtime, the default podman network fails with:
"""
Error: could not find "netavark" in one of {[/usr/local/libexec/podman /usr/local/l
ib/podman /usr/libexec/podman /usr/lib/podman] {<nil>}}. To resolve this error, se
t the helper_binaries_dir key in the `[engine]` section of containers.conf to the d
irectory containing your helper binaries.
"""
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The container entrypoint already runs docker-init, so there is no
need to chain a second instance.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include default registration settings in the generated DCP manifest so
future install flows can bootstrap the container configuration directly
from the package metadata.
Add registration_defaults with autostart, monitor and restart policy,
and populate those values for the lvgl and webkit container profiles.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Populate the DCP manifest for the ccmp25 lvgl and webkit profiles with
the Podman runtime arguments required to create the containers on the
target.
Keep only runtime options in CONTAINER_CREATE_ARGS_PODMAN and compose the
entrypoint automatically from CONTAINER_INIT_MANAGER and
CONTAINER_INIT_SCRIPT when generating the Podman artifact metadata.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The ccmp25 WebKit container needs a small set of extra device nodes
to run the embedded AI demos reliably.
Bind only the device nodes validated on target for the browser demos:
galcore, DRM, framebuffer, input, and the camera video/media/subdevice
nodes used by the AI examples.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The WebKit container profile was missing runtime pieces that are
present in the native WebKit image and required by the embedded
ConnectCore demos.
Add the font and icon packages needed by the fish tank WebGL demo,
include the Weston and GStreamer runtime packages used by the browser
demo stack, and switch the ccmp25 profile to the GCNano userspace
packages used by the native image.
Keep the machine learning packagegroup scoped to ccmp25, since the
ST X-LINUX-AI subset and its demo integration are specific to that
platform.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Standalone GPU and video tests perform as expected in the WebKit
container, but rendering degrades once Cog runs on top of Weston.
Align the container Weston startup with the native setup by
loading the default Weston options, enabling the systemd-notify
module and exporting WL_EGL_GBM_FENCE=0 before starting the compositor.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Package recommendations are disable, so some recommended packages might
be missed.
For HW detecting add the next explicit packages, which solves the
microSD card detection.
https://onedigi.atlassian.net/browse/DEL-10042
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Set KillMode=process in the systemd unit so 'systemctl stop
cc-containerd' only terminates the daemon itself.
Without this, systemd uses the default control-group kill mode and
can terminate container processes that share the service cgroup,
which changes container runtime state when the service is stopped.
https://onedigi.atlassian.net/browse/DEL-9963https://onedigi.atlassian.net/browse/DEL-10005
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Document dey-image-container-manager in meta-digi-containers and
update the ccmp25-dvk and ccimx95-dvk build template notes so the
image is listed during environment setup together with its
virtualization requirement.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the dey-image-container-manager image recipe to provide a
dedicated DEY image for container management using the trimmed LXC
and Podman runtimes from meta-digi-containers.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add dedicated trimmed runtime wrappers for LXC and Podman in
meta-digi-containers so dey-image-container-manager can install
reduced container runtimes without affecting other DEY images.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the artifact packaging stage that assembles deployable LXC/Podman
bundles with a normalized layout (manifest, payload, checksums, metadata).
The task also computes digests/metadata and removes intermediate build
outputs once final artifacts are produced.
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Introduce the base dey-image-container recipe and split core logic into
dedicated include files for rootfs overlays, LXC bundle generation and
Podman archive conversion.
This commit defines the profile-driven variables/overrides and the
native build tasks required to produce runtime-specific container outputs.
Also allow the recipe to overwrite WAYLAND_DISPLAY on init scripts to match
with different platforms.
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the new meta-digi-containers layer skeleton for Yocto 5.0 and wire it into bitbake layer discovery.
This initial layer commit provides:
- layer metadata and compatibility/dependency declarations
- recipe/bbappend file discovery for container-related content
- base structure used by subsequent commits for container images and runtime integration
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Isaac Hermida
Francisco Gil