A comprehensive containerized build system for cross-compiling ARM64 binaries for the Goldentooth Raspberry Pi cluster. This toolkit addresses memory alignment issues and provides reproducible build environments for complex software like Envoy proxy.
- Cross-compile Envoy with ARM64 compatibility and tcmalloc fixes
- Containerized builds for reproducibility and isolation
- Multi-architecture support for various cluster software
- CI/CD integration with GitHub Actions
- Scalable architecture for future cross-compilation needs
cross-compile-toolkit/
├── containers/ # Docker build environments
│ ├── base-builder/ # Common ARM64 cross-compilation base
│ ├── envoy/ # Envoy-specific build container
│ └── ci-builder/ # GitHub Actions runner
├── packer/ # VM images for complex builds
├── ansible/ # Deployment orchestration
├── .github/workflows/ # Automated builds and testing
└── artifacts/ # Build outputs
# Clone the repository
git clone https://github.com/goldentooth/cross-compile-toolkit.git
cd cross-compile-toolkit
# Build the Envoy container
docker build -t goldentooth/envoy-builder containers/envoy/
# Cross-compile Envoy with Pi-compatible settings
docker run --rm -v $PWD/artifacts:/artifacts goldentooth/envoy-builder
# Deploy to cluster
ansible-playbook ansible/playbooks/deploy-envoy.yml| Container | Purpose | Status |
|---|---|---|
base-builder |
Common cross-compilation tools | ✅ Ready |
envoy-builder |
Envoy proxy with tcmalloc fixes | ✅ Ready |
consul-builder |
Consul with ARM64 optimizations | 🚧 Planned |
vault-builder |
HashiCorp Vault cross-compilation | 🚧 Planned |
The toolkit addresses Envoy issue #23339 with multiple approaches:
- Disabled tcmalloc:
--define tcmalloc=disabledfor Raspberry Pi compatibility - Alternative allocators: gperftools and jemalloc options
- Kernel compatibility: Works with standard Raspberry Pi OS (39-bit VA)
- Multi-stage builds for minimal container size
- Build caching for faster incremental builds
- Parallel compilation optimized for CI/CD resources
- ARM64 emulation via QEMU for testing
Pre-built images are available on GitHub Container Registry:
docker pull ghcr.io/goldentooth/base-builder:latest
docker pull ghcr.io/goldentooth/envoy-builder:latest- Create container directory:
containers/my-software/ - Add Dockerfile with cross-compilation setup
- Include build script and patches
- Add GitHub Actions workflow
- Update documentation
# Build development environment
docker-compose up dev-environment
# Test cross-compilation
make test-cross-compile
# Build all containers
make build-allAutomated builds trigger on:
- Push to main: Build and test all containers
- Pull requests: Build and test changed containers
- Weekly schedule: Rebuild with latest dependencies
- Manual triggers: On-demand builds with custom parameters
- Docker Engine 20.10+ with buildx support
- 16GB+ RAM for Envoy builds
- 100GB+ storage for build cache
- Internet connectivity for dependencies
- Raspberry Pi 4B with 4GB+ RAM
- Raspberry Pi OS (64-bit) or Ubuntu 22.04 ARM64
- Kubernetes cluster or Docker runtime
- Minimal containers with only required dependencies
- Non-root execution where possible
- Signed container images with cosign
- Vulnerability scanning in CI pipeline
- SBOM generation for supply chain security
- Fork the repository
- Create feature branch
- Add/modify containers or scripts
- Test cross-compilation locally
- Submit pull request with tests
This project is licensed under the MIT License - see the LICENSE file for details.
- Envoy Proxy community for ARM64 support
- Bazel team for cross-compilation improvements
- Raspberry Pi community for kernel compatibility insights
Built with ❤️ for the Goldentooth cluster