Docker Containers on RISC-V Architecture

Carlos Eduardo
Jun 23 · 7 min read
Me presenting at the Systems Summit in Switzerland

Risc-V Virtual Machine

Install Golang

# Copy the tarball to the VM
scp -P 22222 go-1.13dev-riscv.tar.gz root@localhost:
# In the VM, unpack (in root dir for example)
tar vxf go-1.13dev-riscv.tar.gz
# Link the files
rmdir /usr/local/go
ln -sf /root/riscv-go/ /usr/local/go
# Add to your PATH
export PATH="/usr/local/go/bin:$PATH"
# Addto bashrc
echo "export PATH=/usr/local/go/bin:$PATH" >> ~/.bashrc

Install Docker

Running Containers

Building Containers


Build instructions

Go

git clone https://github.com/4a6f656c/riscv-go
cd riscv-go/src
GOOS=linux GOARCH=riscv64 ./bootstrap.bash
# Copy the generated boostrap pack to the VM/SBC
scp -P 22222 ../../go-linux-riscv64-bootstrap.tbz root@localhost:
tar vxf go-linux-riscv64-bootstrap.tbz
git clone https://github.com/4a6f656c/riscv-go
cd riscv-go
export GOROOT_BOOTSTRAP=$HOME/go-linux-riscv64-bootstrap
export PATH="$(pwd)/misc/riscv:$(pwd)/bin:$PATH"
cd src
# Builds go on $HOME/riscv-go/bin that can be added to your path
GOGC=off ./make.bash
# Tests the build (optional)
GOGC=off GO_TEST_TIMEOUT_SCALE=10 ./run.bash

Build Docker and it’s requirements

mkdir -p $HOME/riscv-docker
cd $HOME/riscv-docker

libseccomp

git clone git://github.com/seccomp/libseccomp
pushd libseccomp
git fetch origin pull/134/head:riscv64
git checkout riscv64
./autogen.sh
./configure
make
make install
popd

crun

# Install pre-reqs
sudo apt install pkgconf libtool libsystemd-dev libcap-dev libyajl-dev libselinux1-dev go-md2man libtool
git clone https://github.com/giuseppe/crun
pushd crun
./autogen.sh
./configure
make
sudo cp crun /usr/local/bin
sudo ln -sf /usr/local/bin/crun /usr/local/bin/runc
popd

containerd

mkdir -p $GOPATH/src/github.com/containerd/
pushd $GOPATH/src/github.com/containerd/
git clone https://github.com/containerd/containerd
pushd containerd
go build ./cmd/ctr
go build ./cmd/containerd-shim
go build -tags no_btrfs ./cmd/containerd
sudo cp ctr containerd-shim containerd /usr/local/bin/
popd
popd

docker-cli

mkdir -p $GOPATH/src/github.com/docker/
pushd $GOPATH/src/github.com/docker/
git clone https://github.com/docker/cli
pushd cli
./scripts/build/binary
sudo cp ./build/docker-linux-riscv64 /usr/local/bin
sudo ln -sf /usr/local/bin/docker-linux-riscv64 /usr/local/bin/docker
popd
popd

dockerd

mkdir -p $GOPATH/src/github.com/docker/
pushd $GOPATH/src/github.com/docker/
git clone git://github.com/tonistiigi/docker
pushd docker
git checkout 3de77084d559055e87414c2669b22091a8396990
go build -tags "no_quota_support exclude_graphdriver_devicemapper" ./cmd/dockerd/
#go build -tags "exclude_disk_quota exclude_graphdriver_devicemapper" ./cmd/dockerd/ # On new trees
sudo cp dockerd /usr/local/bin

docker-init

git clone https://github.com/krallin/tini
pushd tini
export CFLAGS="-DPR_SET_CHILD_SUBREAPER=36 -DPR_GET_CHILD_SUBREAPER=37"
cmake . && make
sudo cp tini-static /usr/local/bin/docker-init
popd

docker-proxy

mkdir $GOPATH/src/github.com/docker
pushd docker
git clone https://github.com/docker/libnetwork/
pushd libnetwork
go get github.com/ishidawataru/sctp
go build ./cmd/proxy
sudo cp proxy /usr/local/bin/docker-proxy
popd
popd

Running

# Execute containerd
sudo containerd
# Execute dockerd
sudo dockerd #or with the proxy parameter
# Run docker client
sudo docker version
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
KillMode=process
Delegate=yes
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
[Install]
WantedBy=multi-user.target
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/local/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
[Unit]
Description=Docker Socket for the API
PartOf=docker.service
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
sudo systemctl daemon-reload
sudo systemctl start containerd
sudo systemctl start docker
sudo systemctl enable containerd
sudo systemctl enable docker

Conclusion

Carlos Eduardo

Written by

Writing everything cloud and all the tech behind it. If you like my projects and would like to support me, check my Patreon on https://www.patreon.com/carlosedp

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade