[Resent this message to the list without aa GPG signature, since my signature blows the message up past the 50 KB mark... meh.]
* On 12/5/20 8:15 PM, Simon Matter wrote:
[...] We are thinking about adding ARM64 based devices to our systems.
As we are using CentOS almost everywhere and have quite a number of inhouse RPM packages in our company repository, we'd like to enhance it and add ARM64 alias aarch64 to it.
What I'm still wondering is how to run the build environment for the new arch?
How does the CentOS project do it, run ARM64 hardware or using emulation? Or to ask differently, is it an option to run the build system emulated with QEMU?
I cannot speak for the CentOS project, but I'm doing something along those lines, albeit in a Debian-context with sbuild chroots (which are static, compared to mock's chroots, so getting this stuff working with mock could be painful).
Essentially, you can leverage the binfmt_misc Linux kernel feature inn tandem with qemu-static-user binaries. The Fedora package name for that is qemu-user-static, I believe it's the same for CentOS.
Basically, what you have to do is to make sure that BINFMT_MISC is enabled in the kernel (the default for any non-ancient version) and to copy the static user binary (typically /usr/bin/qemu-${arch}-static on the host system) to /usr/bin/qemu-${arch} into the chroot. Boom, suddenly you can just execute any native ${arch} binary within that chroot.
Note that this method has shortcomings. Qemu's emulation might be buggy and incomplete at times (for instance, I saw aptitude crashing due to a qemu bug, while it worked fine natively). It's also quite slow compared to native code execution and it might even be slower than a fully-emulated qemu-powered VM due to the additional overhead of having to spawn an ad-hoc VM for every new foreign-arch process.
Also, you'd better periodically update the qemu user static binary. Naturally this won't be done automatically.
In general, such a setup is doable. It has its drawbacks, but should mostly work.
The CentOS project doesn't have to work with such trickery. AFAIK, they just run native-arch builders, even for architectures such as aarch64.
Mihai