feat(library): Introduce MariaDB 11.2 as library

Introduce MariaDB 11.2 image (ELF Loader) for bincompat runs.

Add `Kraftfile` to build for QMEU and Firecracker on x86_64 using
embedded initrd. The current build uses embedded initrd to build
a single image consisting of both the kernel and the initial ramdisk.

Add GitHub workflow to build and deploy the image. Add success badge in
`README.md`.

Signed-off-by: Razvan Deaconescu <[email protected]>

.github/workflows/library-mariadb11.2.yaml

@@ -0,0 +1,75 @@
+name: library/mariadb:11.2
+
+on:
+  schedule:
+  - cron: '0 0 * * *' # Everyday at 12AM
+
+  push:
+    branches: [main]
+    paths:
+    - 'library/mariadb/11.2/**'
+    - '.github/workflows/library-mariadb11.2.yaml'
+    - '!library/mariadb/11.2/README.md'
+
+  pull_request:
+    types: [opened, synchronize, reopened]
+    branches: [main]
+    paths:
+    - 'library/mariadb/11.2/**'
+    - '.github/workflows/library-mariadb11.2.yaml'
+    - '!library/mariadb/11.2/README.md'
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - plat: qemu
+          arch: x86_64
+        - plat: fc
+          arch: x86_64
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Build mariadb11.2
+      uses: unikraft/kraftkit@staging
+      with:
+        loglevel: debug
+        workdir: library/mariadb/11.2
+        runtimedir: /github/workspace/.kraftkit
+        plat: ${{ matrix.plat }}
+        arch: ${{ matrix.arch }}
+        push: false
+        output: oci://index.unikraft.io/unikraft.org/mariadb:11.2
+
+    - name: Archive OCI digests
+      uses: actions/upload-artifact@v3
+      with:
+        name: oci-digests-${{ matrix.arch }}-${{ matrix.plat }}
+        path: ${{ github.workspace }}/.kraftkit/oci/digests
+        if-no-files-found: error
+
+  push:
+    if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
+    needs: [ build ]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Login to OCI registry
+      uses: docker/login-action@v2
+      with:
+        registry: index.unikraft.io
+        username: ${{ secrets.REG_USERNAME }}
+        password: ${{ secrets.REG_TOKEN }}
+
+    - name: Retrieve, merge and push OCI digests
+      uses: ./.github/actions/merge-oci-digests
+      with:
+        name: index.unikraft.io/unikraft.org/mariadb:11.2
+        push: true

README.md

@@ -53,6 +53,7 @@ kraft pkg ls --apps --update
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-java17.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-java17.yaml) | [`unikraft.org/java:17`](library/java/17) |
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-lua5.4.4.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-lua5.4.4.yaml) | [`unikraft.org/lua:5.4.4`](library/lua/5.4.4) |
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-lua5.4.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-lua5.4.yaml) | [`unikraft.org/lua:5.4`](library/lua/5.4) |
+| [![](https://github.com/unikraft/catalog/actions/workflows/library-mariadb11.2.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-mariadb11.2.yaml) | [`unikraft.org/mariadb:11.2`](library/mariadb/11.2) |
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-memcached1.6.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-memcached1.6.yaml) | [`unikraft.org/memcached:1.6`](library/memcached/1.6) |
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-nginx1.15.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-nginx1.15.yaml) | [`unikraft.org/nginx:1.15`](library/nginx/1.15) |
 | [![](https://github.com/unikraft/catalog/actions/workflows/library-nginx1.25.yaml/badge.svg)](https://github.com/unikraft/catalog/actions/workflows/library-nginx1.25.yaml) | [`unikraft.org/nginx:1.25`](library/nginx/1.25) |

library/mariadb/11.2/.dockerignore

@@ -0,0 +1,3 @@
+/Makefile.uk
+/.unikraft/
+/.config*

library/mariadb/11.2/.gitignore

@@ -0,0 +1,3 @@
+/Makefile.uk
+/.unikraft/
+/.config*

library/mariadb/11.2/Dockerfile

@@ -0,0 +1,62 @@
+FROM mariadb:11.2.2-jammy as build
+
+ENV MARIADB_ROOT_PASSWORD="unikraft"
+
+RUN /usr/bin/sed -i '/^[ \t]\+exec "\$@"/d' /usr/local/bin/docker-entrypoint.sh
+RUN /usr/local/bin/docker-entrypoint.sh mariadbd
+RUN /usr/bin/sed -i 's/^#\(user[ \t]\+\).*$/\1= root/g' /etc/mysql/mariadb.conf.d/50-server.cnf
+RUN /usr/bin/sed -i 's/^#\(bind-address[ \t]\+\).*$/\1= 0.0.0.0/g' /etc/mysql/mariadb.conf.d/50-server.cnf
+
+RUN mkdir -p /home/run/mysqld
+
+FROM alpine:3 AS sys
+
+RUN set -xe; \
+    mkdir -p /target/etc; \
+    mkdir -p /blank; \
+    apk --no-cache add \
+      ca-certificates \
+      tzdata \
+    ; \
+    update-ca-certificates; \
+    ln -sf ../usr/share/zoneinfo/Etc/UTC /target/etc/localtime; \
+    echo "Etc/UTC" > /target/etc/timezone;
+
+FROM scratch
+
+COPY --from=sys /target/etc /etc
+COPY --from=sys /usr/share/zoneinfo/Etc/UTC /usr/share/zoneinfo/Etc/UTC
+COPY --from=sys /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+COPY --from=sys /blank /tmp
+
+COPY --from=build /usr/sbin/mariadbd /usr/sbin/mariadbd
+COPY --from=build /home/run/mysqld /run/mysqld
+
+COPY --from=build /var/lib /var/lib
+COPY --from=build /etc/mysql /etc/mysql
+COPY --from=build /usr/lib/mysql /usr/lib/mysql
+
+COPY --from=build /lib/x86_64-linux-gnu/libpcre2-8.so.0 /lib/x86_64-linux-gnu/libpcre2-8.so.0
+COPY --from=build /lib/x86_64-linux-gnu/libcrypt.so.1 /lib/x86_64-linux-gnu/libcrypt.so.1
+COPY --from=build /lib/x86_64-linux-gnu/liburing.so.2 /lib/x86_64-linux-gnu/liburing.so.2
+COPY --from=build /lib/x86_64-linux-gnu/libpmem.so.1 /lib/x86_64-linux-gnu/libpmem.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libsystemd.so.0 /lib/x86_64-linux-gnu/libsystemd.so.0
+COPY --from=build /lib/x86_64-linux-gnu/libz.so.1 /lib/x86_64-linux-gnu/libz.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libssl.so.3 /lib/x86_64-linux-gnu/libssl.so.3
+COPY --from=build /lib/x86_64-linux-gnu/libcrypto.so.3 /lib/x86_64-linux-gnu/libcrypto.so.3
+COPY --from=build /lib/x86_64-linux-gnu/libstdc++.so.6 /lib/x86_64-linux-gnu/libstdc++.so.6
+COPY --from=build /lib/x86_64-linux-gnu/libm.so.6 /lib/x86_64-linux-gnu/libm.so.6
+COPY --from=build /lib/x86_64-linux-gnu/libc.so.6 /lib/x86_64-linux-gnu/libc.so.6
+COPY --from=build /lib64/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2
+COPY --from=build /lib/x86_64-linux-gnu/libndctl.so.6 /lib/x86_64-linux-gnu/libndctl.so.6
+COPY --from=build /lib/x86_64-linux-gnu/libdaxctl.so.1 /lib/x86_64-linux-gnu/libdaxctl.so.1
+COPY --from=build /lib/x86_64-linux-gnu/liblzma.so.5 /lib/x86_64-linux-gnu/liblzma.so.5
+COPY --from=build /lib/x86_64-linux-gnu/libzstd.so.1 /lib/x86_64-linux-gnu/libzstd.so.1
+COPY --from=build /lib/x86_64-linux-gnu/liblz4.so.1 /lib/x86_64-linux-gnu/liblz4.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libcap.so.2 /lib/x86_64-linux-gnu/libcap.so.2
+COPY --from=build /lib/x86_64-linux-gnu/libgcrypt.so.20 /lib/x86_64-linux-gnu/libgcrypt.so.20
+COPY --from=build /lib/x86_64-linux-gnu/libgcc_s.so.1 /lib/x86_64-linux-gnu/libgcc_s.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libudev.so.1 /lib/x86_64-linux-gnu/libudev.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libuuid.so.1 /lib/x86_64-linux-gnu/libuuid.so.1
+COPY --from=build /lib/x86_64-linux-gnu/libkmod.so.2 /lib/x86_64-linux-gnu/libkmod.so.2
+COPY --from=build /lib/x86_64-linux-gnu/libgpg-error.so.0 /lib/x86_64-linux-gnu/libgpg-error.so.0

library/mariadb/11.2/Kraftfile

@@ -0,0 +1,135 @@
+spec: v0.6
+
+name: mariadb
+
+rootfs: ./Dockerfile
+
+cmd: ["/usr/sbin/mariadbd", "--user=root", "--log-bin"]
+
+template:
+  source: https://github.com/unikraft/app-elfloader.git
+  version: staging
+
+unikraft:
+  source: https://github.com/unikraft/unikraft.git
+  version: staging
+  kconfig:
+    # Configurations options for app-elfloader
+    # (they can't be part of the template atm)
+    CONFIG_APPELFLOADER_ARCH_PRCTL: 'y'
+    CONFIG_APPELFLOADER_BRK: 'y'
+    CONFIG_APPELFLOADER_CUSTOMAPPNAME: 'y'
+    CONFIG_APPELFLOADER_STACK_NBPAGES: 128
+    CONFIG_APPELFLOADER_VFSEXEC_EXECBIT: 'n'
+    CONFIG_APPELFLOADER_VFSEXEC: 'y'
+    CONFIG_APPELFLOADER_AUTOGEN_REPLACEEXIST: 'y'
+    # Unikraft options
+    CONFIG_HAVE_PAGING_DIRECTMAP: 'y'
+    CONFIG_HAVE_PAGING: 'y'
+    CONFIG_I8042: 'y'
+    CONFIG_LIBDEVFS_AUTOMOUNT: 'y'
+    CONFIG_LIBDEVFS_DEV_NULL: 'y'
+    CONFIG_LIBDEVFS_DEV_STDOUT: 'y'
+    CONFIG_LIBDEVFS_DEV_ZERO: 'y'
+    CONFIG_LIBDEVFS: 'y'
+    CONFIG_LIBPOSIX_ENVIRON_ENVP0: "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+    CONFIG_LIBPOSIX_ENVIRON_ENVP1: "LD_LIBRARY_PATH=/usr/local/lib:/usr/lib:/lib"
+    CONFIG_LIBPOSIX_ENVIRON_ENVP2: "HOME=/"
+    CONFIG_LIBPOSIX_ENVIRON: 'y'
+    CONFIG_LIBPOSIX_ENVIRON_LIBPARAM: 'y'
+    CONFIG_LIBPOSIX_ENVIRON_LIBPARAM_MAXCOUNT: '64'
+    CONFIG_LIBPOSIX_EVENTFD: 'y'
+    CONFIG_LIBPOSIX_FDIO: 'y'
+    CONFIG_LIBPOSIX_FDTAB: 'y'
+    CONFIG_LIBPOSIX_FUTEX: 'y'
+    CONFIG_LIBPOSIX_MMAP: 'y'
+    CONFIG_LIBPOSIX_PIPE: 'y'
+    CONFIG_LIBPOSIX_POLL: 'y'
+    CONFIG_LIBPOSIX_PROCESS_CLONE: 'y'
+    CONFIG_LIBPOSIX_SOCKET: 'y'
+    CONFIG_LIBPOSIX_SYSINFO: 'y'
+    CONFIG_LIBPOSIX_TIME: 'y'
+    CONFIG_LIBPOSIX_TIMERFD: 'y'
+    CONFIG_LIBPOSIX_UNIXSOCKET: 'y'
+    CONFIG_LIBPOSIX_USER_GID: 0
+    CONFIG_LIBPOSIX_USER_GROUPNAME: "root"
+    CONFIG_LIBPOSIX_USER_UID: 0
+    CONFIG_LIBPOSIX_USER_USERNAME: "root"
+    CONFIG_LIBPOSIX_USER: 'y'
+    CONFIG_LIBRAMFS: 'y'
+    CONFIG_LIBSYSCALL_SHIM_HANDLER_ULTLS: 'y'
+    CONFIG_LIBSYSCALL_SHIM_HANDLER: 'y'
+    CONFIG_LIBSYSCALL_SHIM_LEGACY_VERBOSE: 'y'
+    CONFIG_LIBSYSCALL_SHIM: 'y'
+    CONFIG_LIBUKALLOCPOOL: 'y'
+    CONFIG_LIBUKBLKDEV_MAXNBQUEUES: '1'
+    CONFIG_LIBUKBLKDEV_DISPATCHERTHREADS: 'y'
+    CONFIG_LIBUKBLKDEV_SYNC_IO_BLOCKED_WAITING: 'y'
+    CONFIG_LIBUKBLKDEV: 'y'
+    CONFIG_LIBUKBOOT_BANNER_MINIMAL: 'y'
+    CONFIG_LIBUKBOOT_HEAP_BASE: '0x400000000'
+    CONFIG_LIBUKBOOT_MAINTHREAD: 'y'
+    CONFIG_LIBUKBOOT_SHUTDOWNREQ_HANDLER: 'y'
+    CONFIG_LIBUKCPIO: 'y'
+    CONFIG_LIBUKDEBUG_CRASH_SCREEN: 'y'
+    CONFIG_LIBUKDEBUG_ENABLE_ASSERT: 'y'
+    CONFIG_LIBUKDEBUG_PRINT_SRCNAME: 'n'
+    CONFIG_LIBUKDEBUG_PRINT_TIME: 'y'
+    CONFIG_LIBUKDEBUG_PRINTK_ERR: 'y'
+    CONFIG_LIBUKDEBUG_PRINTK: 'y'
+    CONFIG_LIBUKDEBUG: 'y'
+    CONFIG_LIBUKFALLOC: 'y'
+    CONFIG_LIBUKMPI: 'n'
+    CONFIG_LIBUKSIGNAL: 'y'
+    CONFIG_LIBUKSWRAND_DEVFS: 'y'
+    CONFIG_LIBUKSWRAND: 'y'
+    CONFIG_LIBUKVMEM_DEFAULT_BASE: '0x0000001000000000'
+    CONFIG_LIBUKVMEM_DEMAND_PAGE_IN_SIZE: 12
+    CONFIG_LIBUKVMEM_PAGEFAULT_HANDLER_PRIO: 4
+    CONFIG_LIBUKVMEM: 'y'
+    CONFIG_LIBVFSCORE_AUTOMOUNT_CI: 'y'
+    CONFIG_LIBVFSCORE_AUTOMOUNT_CI_EINITRD: 'y'
+    CONFIG_LIBVFSCORE_NONLARGEFILE: 'y'
+    CONFIG_LIBVFSCORE: 'y'
+    CONFIG_OPTIMIZE_DEADELIM: 'y'
+    CONFIG_OPTIMIZE_LTO: 'y'
+    CONFIG_PAGING: 'y'
+    CONFIG_STACK_SIZE_PAGE_ORDER: 4 # 128 * 4K = 512K
+    CONFIG_UKPLAT_MEMREGION_MAX_COUNT: 64
+    CONFIG_LIBUKNETDEV_EINFO_LIBPARAM: 'y'
+
+    # mariadb specific
+    CONFIG_LIBPOSIX_PROCESS_CLONE_PREFER_CHILD: 'y'
+
+    # Debug options
+    # CONFIG_LIBUKDEBUG_PRINTD: 'y'
+    # CONFIG_LIBUKDEBUG_PRINTK_INFO: 'y'
+    # CONFIG_LIBSYSCALL_SHIM_STRACE: 'y'
+    # CONFIG_LIBSYSCALL_SHIM_DEBUG: 'y'
+
+libraries:
+  lwip:
+    source: https://github.com/unikraft/lib-lwip.git
+    version: staging
+    kconfig:
+      CONFIG_LWIP_TCP: 'y'
+      CONFIG_LWIP_UDP: 'y'
+      CONFIG_LWIP_RAW: 'y'
+      CONFIG_LWIP_WND_SCALE: 'y'
+      CONFIG_LWIP_TCP_KEEPALIVE: 'y'
+      CONFIG_LWIP_THREADS: 'y'
+      CONFIG_LWIP_HEAP: 'y'
+      CONFIG_LWIP_SOCKET: 'y'
+      CONFIG_LWIP_AUTOIFACE: 'y'
+      CONFIG_LWIP_NUM_TCPCON: 64
+      CONFIG_LWIP_NUM_TCPLISTENERS: 64
+      CONFIG_LWIP_ICMP: 'y'
+      CONFIG_LWIP_DHCP: 'y'
+      CONFIG_LWIP_DNS: 'n'
+  libelf:
+    source: https://github.com/unikraft/lib-libelf.git
+    version: staging
+
+targets:
+- fc/x86_64
+- qemu/x86_64

library/mariadb/11.2/README.md

@@ -0,0 +1,100 @@
+# MariaDB
+
+This directory contains the [MariaDB](https://mariadb.org/) runtime on Unikraft, in binary compatibility mode.
+It implements a simple HTTP server running on Unikraft that provides a simple response to each request.
+
+## Run and Use
+
+Use `kraft` to run the image and start a Unikraft instance:
+
+```bash
+kraft run --rm -M 1024M -p 3306:3306 --plat qemu --arch x86_64 unikraft.org/mariadb:11.2
+```
+
+If the `--plat` argument is left out, it defaults to `qemu`.
+If the `--arch` argument is left out, it defaults to your system's CPU architecture.
+
+Once executed, it will open port `3306` and wait for connections.
+To test it, you can use the `mysql` client.
+The `root` password is configured in the `Dockerfile` to `unikraft`:
+
+```bash
+mysql -u root -punikraft -h 127.0.0.1
+```
+
+```text
+Welcome to the MariaDB monitor.  Commands end with ; or \g.
+Your MariaDB connection id is 4
+Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204-log mariadb.org binary distribution
+
+Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
+
+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+
+MariaDB [(none)]> show databases;
++--------------------+
+| Database           |
++--------------------+
+| information_schema |
+| mysql              |
+| performance_schema |
+| sys                |
++--------------------+
+4 rows in set (0.001 sec)
+
+MariaDB [(none)]> exit
+```
+
+You receive a shell that you can use to run MySQL / MariaDB commands.
+
+## Inspect and Close
+
+To list information about the Unikraft instance, use:
+
+```bash
+kraft ps -a
+```
+
+```text
+NAME            KERNEL                         ARGS                                      CREATED        STATUS   MEM   PORTS                   PLAT
+distracted_moe  project://mariadb:qemu/x86_64  /usr/sbin/mariadbd --user=root --log-bin  5 seconds ago  running  976M  0.0.0.0:3306->3306/tcp  qemu/x86_64
+```
+
+The instance name is `distracted_moe`.
+To close the Unikraft instance, close the `kraft` process (e.g., via `Ctrl+c`) or run:
+
+```bash
+kraft rm distracted_moe
+```
+
+## Build and Run Locally
+
+The commands so far used the pre-built MariaDB image available in the Unikraft registry.
+
+In oder to to build a local MariaDB image, clone this repository and `cd` into this directory.
+Then use `kraft` to build an image locally:
+
+```bash
+kraft build --no-cache --no-update --plat qemu --arch x86_64
+```
+
+Similar to the `kraft run` command, if the `--plat` argument is left out, it defaults to `qemu`.
+If the `--arch` argument is left out, it defaults to your system's CPU architecture.
+
+In order to run the locally built image, use `.` (_dot_, the current directory)  as the final argument to the `kraft run` command:
+
+```bash
+kraft run --rm -M 1024M -p 3306:3306 --plat qemu --arch x86_64 .
+```
+
+Same as above, it will open port `3306` and wait for connections.
+
+## `kraft` and `sudo`
+
+Mixing invocations of `kraft` and `sudo` can lead to unexpected behavior.
+Read more about how to start `kraft` without `sudo` at [https://unikraft.org/sudoless](https://unikraft.org/sudoless).
+
+## Learn More
+
+- [How to run unikernels locally](https://unikraft.org/docs/cli/running)
+- [How to build `Dockerfile` root filesystems with BuildKit](https://unikraft.org/guides/building-dockerfile-images-with-buildkit)