mirror of
				https://github.com/vyos/vyos-build.git
				synced 2025-10-01 20:28:40 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			281 lines
		
	
	
		
			11 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
			
		
		
	
	
			281 lines
		
	
	
		
			11 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
| VyOS toplevel build
 | |
| ===================
 | |
| 
 | |
| For the most up-to-date documentation, please read the online build guide at
 | |
| [docs.vyos.io](https://docs.vyos.io/en/latest/contributing/build-vyos.html).
 | |
| 
 | |
| # What is VyOS
 | |
| 
 | |
| VyOS is an open source operating system for network devices (routers, firewalls
 | |
| and so on). If you want to use it in your network, check out download and
 | |
| installation instructions at https://vyos.io
 | |
| 
 | |
| If you want to modify VyOS and/or join its development, read on.
 | |
| 
 | |
| VyOS is not new. It is a fork of Vyatta Core that was created when the open
 | |
| source version of it was discontinued. If you are a Vyatta Core user, you can
 | |
| upgrade your installation to VyOS.
 | |
| 
 | |
| # About this repository
 | |
| 
 | |
| VyOS is a GNU/Linux distribution based on Debian. Just like any other
 | |
| distribution, it consists of multiple packages.
 | |
| 
 | |
| Some packages are taken from the upstream, while other are modified or written
 | |
| from scratch by VyOS developers. Every package maintained by the VyOS team has
 | |
| its own git repository. VyOS image build is therefore a multi-step process.
 | |
| Packages are compiled first, then an ISO is built from Debian packages and our
 | |
| own packages.
 | |
| 
 | |
| This is the top level repository that contains links to repositories with VyOS
 | |
| specific packages (organized as Git submodules) and scripts and data that are
 | |
| used for building those packages and the installation image.
 | |
| 
 | |
| # Repository Structure
 | |
| 
 | |
| There are several directories with their own purpose:
 | |
| 
 | |
|  * `build/`   Used for temporary files used for the build and for build artifacts
 | |
|  * `scripts/` Scripts that are used for the build process
 | |
|  * `data/`    Data required for building the ISO (e.g. boot splash/configs)
 | |
|  * `tools/`   Scripts that are used for maintainer's tasks automation and other
 | |
|               purposes, but not during ISO build process
 | |
| 
 | |
| # Building images using Docker
 | |
| 
 | |
| Using our [Dockerfile](docker/Dockerfile) you create your own Docker container
 | |
| that is used to build a VyOS ISO image or other required VyOS packages. The
 | |
| [Dockerfile](docker/Dockerfile) contains some of the most used packages needed
 | |
| to build a VyOS ISO, a qemu image, and several of the submodules.
 | |
| 
 | |
| To build the docker image ensure you have a working [Docker](https://www.docker.com)
 | |
| environment and then run the following commands:
 | |
| 
 | |
| ```bash
 | |
| $ docker build -t vyos-builder docker
 | |
| ```
 | |
| 
 | |
| Run newly built container:
 | |
| ```bash
 | |
| $ docker run --rm -it --privileged -v $(pwd):/vyos -w /vyos vyos-builder bash
 | |
| ```
 | |
| 
 | |
| This will drop you into a bash shell with this vyos-build repo mounted at
 | |
| `/vyos`. Then follow the instructions bellow to build the VyOS ISO and QEMU
 | |
| image.
 | |
| 
 | |
| ```bash
 | |
| vyos_bld@948a2be7c52c:/vyos$ uname -a
 | |
| Linux 948a2be7c52c 3.16.0-7-amd64 #1 SMP Debian 3.16.59-1 (2018-10-03) x86_64 GNU/Linux
 | |
| ```
 | |
| 
 | |
| **NOTE:**
 | |
| 
 | |
| * Docker container must be run with `--privileged` flag
 | |
| * We recommended to run the container with a volume mapped in order to easy
 | |
|   export built VyOS ISO images to the "external" world
 | |
| * UNIX ownership is automatically inherited from your host directory but can be
 | |
|   altered by specifying the following environment variables when running the
 | |
|   container: `-e GOSU_UID=$(id -u)` and/or `-e GOSU_GID=$(id -g)`
 | |
| 
 | |
| After the Docker container is running you can follow up the instructions below in
 | |
| order to build the VyOS ISO image.
 | |
| 
 | |
| ## Building the ISO image
 | |
| 
 | |
| The `./configure` script will warn you if any dependencies are missing. Individual
 | |
| packages may have other build dependencies. If some dependencies are missing,
 | |
| package build scripts will tell you.
 | |
| 
 | |
| ```bash
 | |
| $ ./configure --help
 | |
| usage: configure [-h] [--build-by BUILD_BY] [--version VERSION]
 | |
|                  [--pbuilder-debian-mirror PBUILDER_DEBIAN_MIRROR]
 | |
|                  [--debian-security-mirror DEBIAN_SECURITY_MIRROR]
 | |
|                  [--architecture ARCHITECTURE] [--vyos-mirror VYOS_MIRROR]
 | |
|                  [--build-type BUILD_TYPE] [--debian-mirror DEBIAN_MIRROR]
 | |
|                  [--debug] [--custom-apt-entry CUSTOM_APT_ENTRY]
 | |
|                  [--custom-apt-key CUSTOM_APT_KEY]
 | |
|                  [--custom-package CUSTOM_PACKAGE]
 | |
| 
 | |
| optional arguments:
 | |
|   -h, --help            show this help message and exit
 | |
|   --build-by BUILD_BY   Builder identifier (e.g. jrandomhacker@example.net)
 | |
|   --version VERSION     Version number (release builds only)
 | |
|   --pbuilder-debian-mirror PBUILDER_DEBIAN_MIRROR
 | |
|                         Debian repository mirror for pbuilder env bootstrap
 | |
|   --debian-security-mirror DEBIAN_SECURITY_MIRROR
 | |
|                         Debian security updated mirror
 | |
|   --architecture ARCHITECTURE
 | |
|                         Image target architecture (amd64 or i386 or armhf)
 | |
|   --vyos-mirror VYOS_MIRROR
 | |
|                         VyOS package mirror
 | |
|   --build-type BUILD_TYPE
 | |
|                         Build type, release or development
 | |
|   --debian-mirror DEBIAN_MIRROR
 | |
|                         Debian repository mirror for ISO build
 | |
|   --debug               Enable debug output
 | |
|   --custom-apt-entry CUSTOM_APT_ENTRY
 | |
|                         Custom APT entry
 | |
|   --custom-apt-key CUSTOM_APT_KEY
 | |
|                         Custom APT key file
 | |
|   --custom-package CUSTOM_PACKAGE
 | |
|                         Custom package to install from repositories
 | |
| ```
 | |
| 
 | |
| Before you can build an image, you need to configure your build.
 | |
| 
 | |
| Each build needs to run the `./configure` step first where you can extend your
 | |
| ISO by additional packages (`--custom-package`) or specify who build this nice
 | |
| ISO image (`--build-by`). If you have local Debian mirrors, you can select them
 | |
| by `--debian-mirror` or `--debian-security-mirror`.
 | |
| 
 | |
| ```bash
 | |
| $ ./configure --custom-package vim --build-by jrandom@hacker.com
 | |
| $ sudo make iso
 | |
| ```
 | |
| 
 | |
| After some time you will find the resulting ISO image in the `build` folder.
 | |
| 
 | |
| ### Building images for virtualization platforms
 | |
| 
 | |
| #### QEMU
 | |
| 
 | |
| Run following command after building the ISO image.
 | |
| 
 | |
| ```bash
 | |
| $ make qemu
 | |
| ```
 | |
| 
 | |
| #### VMware
 | |
| 
 | |
| Run following command after building the QEMU image.
 | |
| 
 | |
| ```bash
 | |
| $ make vmware
 | |
| ```
 | |
| 
 | |
| ## Building subpackages inside Docker
 | |
| 
 | |
| VyOS requires a bunch of packages which are VyOS specific and thus can not be
 | |
| found in any Debian Upstream mirrror. Those packages can be found at the VyOS
 | |
| GitHub project (https://github.com/vyos) and there is a nice helper script
 | |
| available to build and list those individual packages.
 | |
| 
 | |
| [scripts/build-packages](scripts/build-packages) provides an easy interface
 | |
| to automate the process of building all VyOS related packages that are not part
 | |
| of the upstream Debian version. Execute it in the root of the `vyos-build`
 | |
| directory to start compilation.
 | |
| 
 | |
| ```bash
 | |
| $  scripts/build-packages -h
 | |
| usage: build-packages [-h] [-c | -k | -f] [-v] [-l] [-b BUILD [BUILD ...]]
 | |
|                       [-p] [--blacklist BLACKLIST [BLACKLIST ...]]
 | |
| 
 | |
| optional arguments:
 | |
|   -h, --help            show this help message and exit
 | |
|   -c, --clean           Re-clone required Git repositories
 | |
|   -k, --keep            Keep modified Git repositories
 | |
|   -f, --fetch           Fetch sources only, no build
 | |
|   -v, --verbose         Increase logging verbosity for each occurance
 | |
|   -l, --list-packages   List all packages to build
 | |
|   -b BUILD [BUILD ...], --build BUILD [BUILD ...]
 | |
|                         Whitespace separated list of packages to build
 | |
|   -p, --parallel        Build on all CPUs
 | |
|   --blacklist BLACKLIST [BLACKLIST ...]
 | |
|                         Do not build/report packages when calling --list
 | |
| ```
 | |
| 
 | |
| Git repositories are automatically fetched and build on demand. If you want to
 | |
| work offline you can fetch all source code first with the `-f` option.
 | |
| 
 | |
| The easiest way to compile is with the above mentioned [Docker](docker/Dockerfile)
 | |
| container, it includes all dependencies for compiling supported packages.
 | |
| 
 | |
| ```bash
 | |
| $ docker run --rm -it -v $(pwd):/vyos -w /vyos \
 | |
|              --sysctl net.ipv6.conf.lo.disable_ipv6=0 \
 | |
|              vyos-builder scripts/build-packages
 | |
| ```
 | |
| 
 | |
| **NOTE:** `--sysctl net.ipv6.conf.lo.disable_ipv6=0` is required to build the
 | |
| `vyos-strongswan` package
 | |
| 
 | |
| **NOTE:** Prior to executing this script you need to create or build the Docker
 | |
| container and checkout all packages you want to compile.
 | |
| 
 | |
| ### Building single package(s)
 | |
| 
 | |
| To build a single package use the same script as above but specify packages with `-b`:
 | |
| 
 | |
| Executed from the root of `vyos-build`
 | |
| 
 | |
| ```bash
 | |
| $ docker run --rm -it -v $(pwd):/vyos -w /vyos/packages/PACKAGENAME \
 | |
|              --sysctl net.ipv6.conf.lo.disable_ipv6=0 \
 | |
|              vyos-builder scripts/build-packages -b <package>
 | |
| ```
 | |
| 
 | |
| **NOTE:** `--sysctl net.ipv6.conf.lo.disable_ipv6=0` is only needed when
 | |
| building `vyos-strongswan` and can be ignored on other packages.
 | |
| 
 | |
| **NOTE:** `vyos-strongswan` will only compile on a Linux system, running on macOS
 | |
| or Windows might result in a unittest deadlock (it never exits).
 | |
| 
 | |
| #### Building single packages from your own repositories
 | |
| 
 | |
| You can also build packages that are not from the default git repositories,
 | |
| for example from your own forks of the official vyos repositories.
 | |
| 
 | |
| First create a directory "packages" at the top level of the vyos-build repository
 | |
| and clone your package into it (creating a subdirectory with the package contents).
 | |
| Then checkout the correct branch or commit you want to build before building the package.
 | |
| 
 | |
| Example using `git@github.com:myname/vyos-1x.git` repository to build vyos-1x:
 | |
| 
 | |
| ```bash
 | |
| $ mkdir packages
 | |
| $ cd packages
 | |
| $ git clone git@github.com:myname/vyos-1x.git
 | |
| $ cd ..
 | |
| $ docker run --rm -it -v $(pwd):/vyos -w /vyos/packages/PACKAGENAME \
 | |
|              --sysctl net.ipv6.conf.lo.disable_ipv6=0 \
 | |
|              vyos-builder scripts/build-packages -b vyos-1x
 | |
| ```
 | |
| 
 | |
| **NOTE:** You need to git pull manually after you commit to the remote and before rebuilding,
 | |
| the local repository won't be updated automatically.
 | |
| 
 | |
| **WARNING:** Any packages in the packages directory will be added to the iso during build,
 | |
| replacing the upstream ones. Make sure you delete them (both the source directories and built
 | |
| deb packages) if you want to build an iso from purely upstream packages.
 | |
| 
 | |
| # Development process
 | |
| 
 | |
| ## Git branches
 | |
| 
 | |
| The default branch that contains the most recent VyOS code is called `current`
 | |
| rather than `master`. We know it's confusing, but it's not easy to fix. In a
 | |
| nutshell, the code we inherited from Vyatta Core had its `master` branch so out
 | |
| of sync with everything it was beyond any repair. Vyatta developers used to create
 | |
| a new branch not when a release is ready for code freeze, but rather before
 | |
| starting to work on a new release. This is hard to change in existing code, so
 | |
| this is just the way it is, for now.
 | |
| 
 | |
| All new code goes to the `current` branch. When it's time for a code freeze, a
 | |
| new branch is created for the release, and new code from `current` is backported
 | |
| to the release branch as needed.
 | |
| 
 | |
| In packages that originate from VyOS the master branch is kept in sync with
 | |
| `current`, but we still use `current` as default branch for uniformity. When the
 | |
| last legacy package is gone, we will switch to using the `master` branch and
 | |
| retire `current`.
 | |
| 
 | |
| Post-1.2.0 branches are named after constellations sorted by from smallest to largest.
 | |
| There are 88 of them, here's the [complete list](https://en.wikipedia.org/wiki/IAU_designated_constellations_by_area).
 | |
| 
 | |
| * 1.2.x: `crux` (Southern Cross)
 | |
| * 1.3.x: `equuleus` (Little Horse)
 | |
| * 1.4.x: `sagitta` (Arrow)
 | |
| * ...
 |