virt/incus: add support for running as incus container

Signed-off-by: Tobias Knöppler <[email protected]>
Reviewed-by: Christian Stewart <[email protected]>

README.md

@@ -49,37 +49,38 @@ main SkiffOS repository:
 
 | **System**            | **Config Package**        | **Bootloader**   | **Kernel**      |
 |-----------------------|---------------------------|------------------|-----------------|
-| VirtualBox            | [virt/virtualbox]         | N/A              | ✔ 6.10.7         |
+| VirtualBox            | [virt/virtualbox]         | N/A              | ✔ 6.10.7        |
 | [Docker Img]          | [virt/docker]             | N/A              | N/A             |
-| [Qemu]                | [virt/qemu]               | N/A              | ✔ 6.10.7         |
-| [UTM] on MacOS        | [apple/arm] + [virt/qemu] | N/A              | ✔ 6.10.7         |
-| [V86] on WebAssembly  | [browser/v86]             | [V86]            | ✔ 6.10.7         |
+| [Incus]               | [virt/incus]              | N/A              | ✔ 6.10.7        |
+| [Qemu]                | [virt/qemu]               | N/A              | ✔ 6.10.7        |
+| [UTM] on MacOS        | [apple/arm] + [virt/qemu] | N/A              | ✔ 6.10.7        |
+| [V86] on WebAssembly  | [browser/v86]             | [V86]            | ✔ 6.10.7        |
 | [WSL] on Windows      | [virt/wsl]                | N/A              | N/A             |
 |-----------------------|---------------------------|------------------|-----------------|
 | [Allwinner Nezha]     | [allwinner/nezha]         | ✔ U-boot 2022.10 | ✔ sm-6.1-rc3    |
-| [Apple Macbook Intel] | [apple/intel]             | ✔ [rEFInd]       | ✔ 6.10.7         |
-| [Apple Silicon]       | [apple/arm]               | ✔ UTM (as VM)    | ✔ 6.10.7         |
-| [BananaPi M1+/Pro]    | [bananapi/m1plus]         | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
-| [BananaPi M1]         | [bananapi/m1]             | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
-| [BananaPi M2]         | [bananapi/m2]             | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
-| [BananaPi M2+]        | [bananapi/m2plus]         | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
-| [BananaPi M2 Ultra]   | [bananapi/m2ultra]        | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
-| [BananaPi M3]         | [bananapi/m3]             | ✔ U-Boot 2023.07 | ✔ 6.10.7         |
+| [Apple Macbook Intel] | [apple/intel]             | ✔ [rEFInd]       | ✔ 6.10.7        |
+| [Apple Silicon]       | [apple/arm]               | ✔ UTM (as VM)    | ✔ 6.10.7        |
+| [BananaPi M1+/Pro]    | [bananapi/m1plus]         | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
+| [BananaPi M1]         | [bananapi/m1]             | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
+| [BananaPi M2]         | [bananapi/m2]             | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
+| [BananaPi M2+]        | [bananapi/m2plus]         | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
+| [BananaPi M2 Ultra]   | [bananapi/m2ultra]        | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
+| [BananaPi M3]         | [bananapi/m3]             | ✔ U-Boot 2023.07 | ✔ 6.10.7        |
 | [BeagleBoard X15]     | [beaglebone/x15]          | ✔ U-Boot 2022.04 | ✔ 5.10.168-ti   |
 | [BeagleBone AI]       | [beaglebone/ai]           | ✔ U-Boot 2022.04 | ✔ 5.10.168-ti   |
 | [BeagleBone Black]    | [beaglebone/black]        | ✔ U-Boot 2022.04 | ✔ 5.10.168-ti   |
 | [BeagleBoard BeagleV] | [starfive/visionfive]     | ✔ U-Boot 2021.04 | ✔ sv-5.19-rc3   |
-| **[Intel x86/64]**    | [intel/desktop]           | ✔ [rEFInd]       | ✔ 6.10.7         |
+| **[Intel x86/64]**    | [intel/desktop]           | ✔ [rEFInd]       | ✔ 6.10.7        |
 | [ModalAI Voxl2]       | [modalai/voxl2]           | N/A              | ✔ msm-4.19.125  |
 | [NVIDIA Jetson AGX]   | [jetson/agx]              | ✔ UEFI           | ✔ [nv-5.10.120] |
 | [NVIDIA Jetson Nano]  | [jetson/nano]             | ✔ U-Boot         | ✔ [nv-4.9.337]  |
 | [NVIDIA Jetson TX2]   | [jetson/tx2]              | ✔ U-Boot         | ✔ [nv-4.9.337]  |
 | [Odroid C2]           | [odroid/c2]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
 | [Odroid C4]           | [odroid/c4]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
-| [Odroid H2]           | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7         |
-| [Odroid H2+]          | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7         |
-| [Odroid H3]           | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7         |
-| [Odroid H3+]          | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7         |
+| [Odroid H2]           | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7        |
+| [Odroid H2+]          | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7        |
+| [Odroid H3]           | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7        |
+| [Odroid H3+]          | [odroid/h3]               | ✔ [rEFInd]       | ✔ 6.10.7        |
 | [Odroid HC1]          | [odroid/xu]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
 | [Odroid HC2]          | [odroid/xu]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
 | [Odroid HC4]          | [odroid/hc4]              | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
@@ -89,10 +90,10 @@ main SkiffOS repository:
 | [Odroid U]            | [odroid/u]                | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
 | [Odroid XU3]          | [odroid/xu]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
 | [Odroid XU4]          | [odroid/xu]               | ✔ U-Boot 2023.07 | ✔ tb-6.4.3      |
-| [OrangePi Lite]       | [orangepi/lite]           | ✔ U-Boot 2018.05 | ✔ 6.10.7         |
-| [OrangePi Zero]       | [orangepi/zero]           | ✔ U-Boot 2018.07 | ✔ 6.10.7         |
-| [PcDuino 3]           | [pcduino/3]               | ✔ U-Boot 2019.07 | ✔ 6.10.7         |
-| [PcEngines APU2]      | [pcengines/apu2]          | ✔ CoreBoot       | ✔ 6.10.7         |
+| [OrangePi Lite]       | [orangepi/lite]           | ✔ U-Boot 2018.05 | ✔ 6.10.7        |
+| [OrangePi Zero]       | [orangepi/zero]           | ✔ U-Boot 2018.07 | ✔ 6.10.7        |
+| [PcDuino 3]           | [pcduino/3]               | ✔ U-Boot 2019.07 | ✔ 6.10.7        |
+| [PcEngines APU2]      | [pcengines/apu2]          | ✔ CoreBoot       | ✔ 6.10.7        |
 | [Pi 0]                | [pi/0]                    | N/A              | ✔ rpi-6.6.45    |
 | [Pi 1]                | [pi/1]                    | N/A              | ✔ rpi-6.6.45    |
 | [Pi 3] + 1, 2         | [pi/3]                    | N/A              | ✔ rpi-6.6.45    |
@@ -108,11 +109,11 @@ main SkiffOS repository:
 | [RockPro64]           | [pine64/rockpro64]        | ✔ U-Boot (bin)   | ✔ megi-6.6-pre  |
 | [Sipeed LicheeRV]     | [allwinner/licheerv]      | ✔ U-Boot 2022.07 | ✔ sm-5.19-rc1   |
 | [VisionFive]          | [starfive/visionfive]     | ✔ U-Boot 2021.04 | ✔ sv-5.19-rc3   |
-| [VisionFive2] v1.2    | [starfive/visionfive2_12] | ✔ U-Boot 2021.10 | ✔ 6.10.7         |
-| [VisionFive2] v1.3    | [starfive/visionfive2]    | ✔ U-Boot 2021.10 | ✔ 6.10.7         |
-| [USBArmory Mk2]       | [usbarmory/mk2]           | ✔ U-Boot 2020.10 | ✔ 6.10.7         |
+| [VisionFive2] v1.2    | [starfive/visionfive2_12] | ✔ U-Boot 2021.10 | ✔ 6.10.7        |
+| [VisionFive2] v1.3    | [starfive/visionfive2]    | ✔ U-Boot 2021.10 | ✔ 6.10.7        |
+| [USBArmory Mk2]       | [usbarmory/mk2]           | ✔ U-Boot 2020.10 | ✔ 6.10.7        |
 | Valve [Steam Deck]    | [valve/deck]              | N/A              | ✔ valve-6.5.0   |
-| [Wandboard]           | [freescale/wandboard]     | ✔ U-Boot 2022.04 | ✔ 6.10.7         |
+| [Wandboard]           | [freescale/wandboard]     | ✔ U-Boot 2022.04 | ✔ 6.10.7        |
 
 [Allwinner Nezha]: https://linux-sunxi.org/Allwinner_Nezha
 [Apple Macbook Intel]: https://wiki.gentoo.org/wiki/Apple_Macbook_Pro_Retina_(early_2013)
@@ -162,7 +163,8 @@ main SkiffOS repository:
 [PineBook Pro]: https://www.pine64.org/pinebook-pro/
 [PinePhone]: https://www.pine64.org/pinephone/
 [PinePhone Pro]: https://www.pine64.org/pinephonepro/
-[Qemu]: ./configs/virt/qemu
+[Incus]: https://linuxcontainers.org/incus/
+[Qemu]: https://www.qemu.org/
 [Rock64]: https://www.pine64.org/devices/single-board-computers/rock64/
 [RockPro64]: https://www.pine64.org/rockpro64/
 [Sipeed LicheeRV]: https://linux-sunxi.org/Sipeed_Lichee_RV
@@ -230,6 +232,7 @@ main SkiffOS repository:
 [usbarmory/mk2]: ./configs/usbarmory
 [valve/deck]: ./configs/valve/deck
 [virt/docker]: ./configs/virt/docker
+[virt/incus]: ./configs/virt/incus
 [virt/qemu]: ./configs/virt/qemu
 [virt/virtualbox]: ./configs/virt/virtualbox
 [virt/wsl]: ./configs/virt/wsl

configs/virt/incus/README.md

@@ -0,0 +1,46 @@
+# Containerized: Incus
+
+This package builds a SkiffOS system for use as a Incus container image.
+
+[Incus] containers are versatile system containers that, as opposed to
+application containers like docker, emulate a full init system by default [more
+details here] and are therefore well suited for multi service/container
+deployments. Incus utilizes the [LXC] APIs internally and provides a powerful
+toolset on top of them.
+
+[Incus]: https://linuxcontainers.org/incus/
+[more details here]: https://linuxcontainers.org/incus/docs/main/explanation/containers_and_vms/
+[LXC]: https://linuxcontainers.org/
+
+Building and starting the container requires incus to be installed and running
+on the host and the executing user to be in the `incus-admin` group.
+
+## Example
+
+```bash
+# Compile the system
+$ SKIFF_CONFIG=virt/incus make configure compile
+$ make cmd/virt/incus/buildimage
+$ make cmd/virt/incus/run
+```
+
+Executing a shell in the container:
+
+```sh
+$ make cmd/virt/incus/exec
+# alternatively
+$ incus exec skiff -- sh
+```
+
+## Persistence
+
+When using the included command `cmd/virt/incus/run` for creating the container,
+a persistence volume will be created in the first incus storage pool available
+and attached to the container. If you want to reset the persistence volume, just
+delete it, and it will be recreated:
+
+```sh
+# You can find the right storage pool with:
+# incus storage list -c n -f csv | head -n 1
+$ incus volume delete "${STORAGE_POOL}" skiff-persist
+```

configs/virt/incus/buildroot/firmware

@@ -0,0 +1,3 @@
+# BR2_PACKAGE_LINUX_FIRMWARE is not set
+# BR2_PACKAGE_RTL8812AU_AIRCRACK_NG is not set
+# BR2_PACKAGE_RTL8821CU is not set

configs/virt/incus/buildroot/kernel

@@ -0,0 +1,2 @@
+# We don't need a kernel for Docker.
+# BR2_LINUX_KERNEL is not set

configs/virt/incus/buildroot/rootfs

@@ -0,0 +1,2 @@
+BR2_TARGET_ROOTFS_TAR=y
+# BR2_TARGET_ROOTFS_ISO9660 is not set

configs/virt/incus/buildroot/shell

@@ -0,0 +1,3 @@
+BR2_PACKAGE_BASH=y
+BR2_PACKAGE_WHICH=y
+BR2_SYSTEM_BIN_SH_BASH=y

configs/virt/incus/extensions/Makefile

@@ -0,0 +1,6 @@
+buildimage:
+	@$(SKIFF_CURRENT_CONF_DIR)/scripts/buildimage.sh
+run:
+	@$(SKIFF_CURRENT_CONF_DIR)/scripts/run.sh
+exec:
+	@$(SKIFF_CURRENT_CONF_DIR)/scripts/exec.sh

configs/virt/incus/metadata/commands

@@ -0,0 +1 @@
+run Start the incus container

configs/virt/incus/metadata/dependencies

@@ -0,0 +1 @@
+util/rootlogin

configs/virt/incus/metadata/description

@@ -0,0 +1 @@
+Run Skiff in an inucs container

configs/virt/incus/scripts/buildimage.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+set -ex
+
+IMAGE_NAME=skiffos/testing
+CONTAINER=skiff
+OUTPUT_PATH="$BUILDROOT_DIR/output"
+IMAGES_PATH="$BUILDROOT_DIR/images"
+WORKING_PATH="${BUILDROOT_DIR}/nspawn-run"
+PERSIST_PATH="${WORKING_PATH}/nspawn-persist"
+INCUS_IMAGE_PATH="${IMAGE_PATH}/incus.tar.gz"
+roottar="${IMAGES_PATH}/rootfs.tar"
+
+if ! command -v incus >/dev/null 2>&1; then
+	echo "Failed to find the incus command. Is incus installed on your host system?"
+	exit 1
+fi
+
+mkdir -p "${PERSIST_PATH}"
+TMPDIR="${WORKING_PATH}/incus-tmp"
+trap 'rm -rf "$TMPDIR";' EXIT
+rm -rf "$TMPDIR"
+mkdir -p "${TMPDIR}/rootfs"
+tar -xf "$roottar" -C "$TMPDIR/rootfs"
+pushd "$TMPDIR"
+creationtime="$(date +%s)"
+default_metadata="architecture: x86_64
+creation_date: $creationtime
+properties:
+  description: SkiffOS
+  os: Linux x86
+  release: unknown"
+echo "${INCUS_METADATA:-"${default_metadata}"}" >"${TMPDIR}/metadata.yaml"
+tar caf "${INCUS_IMAGE_PATH}" rootfs metadata.yaml
+popd
+
+echo "Incus image generated successfully as ${IMAGE_NAME}"

configs/virt/incus/scripts/exec.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -e
+
+command -v incus >/dev/null 2>&1 || {
+	echo "Failed to find the incus command. Is incus installed on your host system?"
+	exit 1
+}
+
+incus show skiff >/dev/null || {
+	echo "Failed to find the skiff container. Did you execute \`make cmd/virt/incus/run\`?"
+	exit 1
+}
+
+incus exec skiff -- sh

configs/virt/incus/scripts/run.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+set -e
+
+IMAGE_NAME=skiffos/testing
+CONTAINER=skiff
+IMAGES_PATH="$BUILDROOT_DIR/images"
+INCUS_IMAGE_PATH="${IMAGE_PATH}/incus.tar.gz"
+
+if ! command -v incus >/dev/null 2>&1; then
+	echo "Failed to find the incus command. Is incus installed on your host system?"
+	exit 1
+fi
+
+if ! [[ -f "${INCUS_IMAGE_PATH}" ]] >/dev/null; then
+	echo "${INCUS_IMAGE_PATH} not found. Did you execute \`make cmd/virt/incus/buildimage\`?"
+	exit 1
+fi
+
+if incus image show "${IMAGE_NAME}" >/dev/null 2>&1; then
+	incus image delete "${IMAGE_NAME}"
+fi
+incus image import --alias "${IMAGE_NAME}" "${INCUS_IMAGE_PATH}"
+
+storage_pool="$(incus storage list -c n -f csv | head -n 1)"
+
+if ! incus storage volume show "$storage_pool" skiff-persist >/dev/null 2>&1; then
+	incus storage volume create "$storage_pool" "skiff-persist"
+fi
+
+if incus show "${CONTAINER}"; then
+	incus stop "${CONTAINER}" || :
+	incus rm -f "${CONTAINER}" || :
+fi
+
+incus create "${IMAGE_NAME}" "${CONTAINER}"
+incus storage volume attach "$storage_pool" skiff-persist skiff /mnt/persist
+#incus config device add "${CONTAINER}" images-disk source="${IMAGES_PATH}" path=/mnt/rootfs
+incus start "${CONTAINER}"
+
+echo "Incus container started as ${CONTAINER}."