add lxc-altlinux template

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

add lxc-altlinux template
262f4e48 · Alexey Shabalin · Daniel Lezcano · be58c6b5 · 262f4e48 · 262f4e48
Commit 262f4e48 authored Aug 16, 2011 by Alexey Shabalin Committed by Daniel Lezcano Aug 31, 2011
Hide whitespace changes
Inline Side-by-side

Showing with 383 additions and 0 deletions

.gitignore .gitignore +1 -0

configure.ac configure.ac +1 -0

Makefile.am templates/Makefile.am +1 -0

lxc-altlinux.in templates/lxc-altlinux.in +380 -0

No files found.
--- a/.gitignore
+++ b/.gitignore
@@ -30,6 +30,7 @@ templates/lxc-maverick
 templates/lxc-natty
 templates/lxc-oneiric
 templates/lxc-fedora
+templates/lxc-altlinux
 templates/lxc-sshd
 templates/lxc-busybox

--- a/configure.ac
+++ b/configure.ac
@@ -143,6 +143,7 @@ AC_CONFIG_FILES([
 	templates/lxc-opensuse
 	templates/lxc-busybox
 	templates/lxc-fedora
+	templates/lxc-altlinux
 	templates/lxc-sshd
 	src/Makefile

--- a/templates/Makefile.am
+++ b/templates/Makefile.am
@@ -6,5 +6,6 @@ templates_SCRIPTS = \
 	lxc-ubuntu \
 	lxc-opensuse \
 	lxc-fedora \
+	lxc-altlinux \
 	lxc-busybox \
 	lxc-sshd
--- a/templates/lxc-altlinux.in
+++ b/templates/lxc-altlinux.in
+#!/bin/bash
+#
+# template script for generating altlinux container for LXC
+#
+#
+# lxc: linux Container library
+# Authors:
+# Alexey Shabalin <shaba@altlinux.org>
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#Configurations
+arch=$(arch)
+cache_base=/var/cache/lxc/altlinux/$arch
+default_path=/var/lib/lxc
+default_profile=default
+profile_dir=/etc/lxc/profiles
+root_password=rooter
+lxc_network_type=veth
+lxc_network_link=virbr0
+# is this altlinux?
+[ -f /etc/altlinux-release ] && is_altlinux=true
+configure_altlinux()
+{
+    # disable selinux in altlinux
+    mkdir -p $rootfs_path/selinux
+    echo 0 > $rootfs_path/selinux/enforce
+   # configure the network using the dhcp
+   mkdir -p ${rootfs_path}/etc/net/ifaces/eth0
+    cat <<EOF > ${rootfs_path}/etc/net/ifaces/eth0/options
+BOOTPROTO=dhcp
+ONBOOT=yes
+NM_CONTROLLED=no
+TYPE=eth
+EOF
+    # set the hostname
+    cat <<EOF > ${rootfs_path}/etc/sysconfig/network
+NETWORKING=yes
+CONFMETHOD=etcnet
+HOSTNAME=${UTSNAME}
+RESOLV_MODS=yes
+EOF
+    # set minimal hosts
+    cat <<EOF > $rootfs_path/etc/hosts
+127.0.0.1 localhost.localdomain localhost $name
+EOF
+    # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd.
+    sed -i 's/^.*loginuid.so.*$/\#&/' ${rootfs_path}/etc/pam.d/common-login
+    # Allow root to login at virsh console
+    echo "pts/0" >> ${rootfs_path}/etc/securetty
+    chroot ${rootfs_path} chkconfig network on
+    chroot ${rootfs_path} chkconfig syslogd on
+    chroot ${rootfs_path} chkconfig random on
+    chroot ${rootfs_path} chkconfig rawdevices off
+    chroot ${rootfs_path} chkconfig fbsetfont off
+#    chroot ${rootfs_path} chkconfig keytable off
+    subst 's/^\([0-9]\+:[0-9]\+:respawn:\/sbin\/mingetty.*\)/#\1/' ${rootfs_path}/etc/inittab
+    subst 's,\/dev\/tty12,/var/log/syslog/console,' ${rootfs_path}/etc/syslog.conf
+    dev_path="${rootfs_path}/dev"
+    rm -rf $dev_path
+    mkdir -p $dev_path
+    mknod -m 666 ${dev_path}/null c 1 3
+    mknod -m 666 ${dev_path}/zero c 1 5
+    mknod -m 644 ${dev_path}/random c 1 8
+    mknod -m 644 ${dev_path}/urandom c 1 9
+    mkdir -m 755 ${dev_path}/pts
+    mkdir -m 1777 ${dev_path}/shm
+    mknod -m 666 ${dev_path}/tty c 5 0
+    mknod -m 666 ${dev_path}/tty0 c 4 0
+    mknod -m 666 ${dev_path}/tty1 c 4 1
+    mknod -m 666 ${dev_path}/tty2 c 4 2
+    mknod -m 666 ${dev_path}/tty3 c 4 3
+    mknod -m 666 ${dev_path}/tty4 c 4 4
+    mknod -m 600 ${dev_path}/console c 5 1
+    mknod -m 666 ${dev_path}/full c 1 7
+    mknod -m 600 ${dev_path}/initctl p
+    mknod -m 666 ${dev_path}/ptmx c 5 2
+    echo "setting root passwd to $root_password"
+    echo "root:$root_password" | chroot $rootfs_path chpasswd
+    return 0
+}
+download_altlinux()
+{
+    # check the mini altlinux was not already downloaded
+    INSTALL_ROOT=$cache/partial
+    mkdir -p $INSTALL_ROOT
+    if [ $? -ne 0 ]; then
+	echo "Failed to create '$INSTALL_ROOT' directory"
+	return 1
+    fi
+    # download a mini altlinux into a cache
+    echo "Downloading altlinux minimal ..."
+    APT_GET="apt-get -o RPM::RootDir=$INSTALL_ROOT -y"
+    PKG_LIST="$(grep -hs '^[^#]' "$profile_dir/$profile")"
+#    PKG_LIST="basesystem apt apt-conf-sisyphus etcnet openssh-server passwd sysklogd net-tools e2fsprogs"
+    mkdir -p $INSTALL_ROOT/var/lib/rpm
+    rpm --root $INSTALL_ROOT  --initdb
+    $APT_GET install $PKG_LIST
+    if [ $? -ne 0 ]; then
+	echo "Failed to download the rootfs, aborting."
+	return 1
+    fi
+    mv "$INSTALL_ROOT" "$cache/rootfs"
+    echo "Download complete."
+    return 0
+}
+copy_altlinux()
+{
+    # make a local copy of the minialtlinux
+    echo -n "Copying rootfs to $rootfs_path ..."
+    #cp -a $cache/rootfs-$arch $rootfs_path || return 1
+    # i prefer rsync (no reason really)
+    mkdir -p $rootfs_path
+    rsync -a $cache/rootfs/ $rootfs_path/
+    return 0
+}
+update_altlinux()
+{
+    chroot $cache/rootfs apt-get update
+    chroot $cache/rootfs apt-get -y dist-upgrade
+}
+install_altlinux()
+{
+    mkdir -p /var/lock/subsys/
+    (
+	flock -n -x 200
+	if [ $? -ne 0 ]; then
+	    echo "Cache repository is busy."
+	    return 1
+	fi
+	echo "Checking cache download in $cache/rootfs ... "
+	if [ ! -e "$cache/rootfs" ]; then
+	    download_altlinux
+	    if [ $? -ne 0 ]; then
+		echo "Failed to download 'altlinux base'"
+		return 1
+	    fi
+        else
+	    echo "Cache found. Updating..."
+            update_altlinux
+	    if [ $? -ne 0 ]; then
+		echo "Failed to update 'altlinux base', continuing with last known good cache"
+            else
+                echo "Update finished"
+	    fi
+	fi
+	echo "Copy $cache/rootfs to $rootfs_path ... "
+	copy_altlinux
+	if [ $? -ne 0 ]; then
+	    echo "Failed to copy rootfs"
+	    return 1
+	fi
+	return 0
+	) 200>/var/lock/subsys/lxc
+    return $?
+}
+copy_configuration()
+{
+    mkdir -p $config_path
+    cat <<EOF >> $config_path/config
+lxc.utsname = $name
+lxc.tty = 4
+lxc.pts = 1024
+lxc.rootfs = $rootfs_path
+lxc.mount  = $config_path/fstab
+#networking
+lxc.network.type = $lxc_network_type
+lxc.network.flags = up
+lxc.network.link = $lxc_network_link
+lxc.network.name = eth0
+lxc.network.mtu = 1500
+#cgroups
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+EOF
+    cat <<EOF > $config_path/fstab
+proc            $rootfs_path/proc         proc    nodev,noexec,nosuid 0 0
+devpts          $rootfs_path/dev/pts      devpts defaults 0 0
+sysfs           $rootfs_path/sys          sysfs defaults  0 0
+EOF
+    if [ $? -ne 0 ]; then
+	echo "Failed to add configuration"
+	return 1
+    fi
+    return 0
+}
+clean()
+{
+    if [ ! -e $cache ]; then
+	exit 0
+    fi
+    # lock, so we won't purge while someone is creating a repository
+    (
+	flock -n -x 200
+	if [ $? != 0 ]; then
+	    echo "Cache repository is busy."
+	    exit 1
+	fi
+	echo -n "Purging the download cache for ALTLinux-$release..."
+	rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
+	exit 0
+    ) 200>/var/lock/subsys/lxc
+}
+usage()
+{
+    cat <<EOF
+usage:
+    $1 -n|--name=<container_name>
+        [-p|--path=<path>] [-c|--clean] [-R|--release=<ALTLinux_release>]
+        [-P|--profile=<name of the profile>]
+        [-A|--arch=<arch of the container>]
+        [-h|--help]
+Mandatory args:
+  -n,--name         container name, used to as an identifier for that container from now on
+Optional args:
+  -p,--path         path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in and case
+  -c,--clean        clean the cache
+  -R,--release      ALTLinux release for the new container. if the host is ALTLinux, then it will defaultto the host's release.
+  -P,--profile      Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
+  -A,--arch         NOT USED YET. Define what arch the container will be [i686,x86_64]
+  -h,--help         print this help
+EOF
+    return 0
+}
+options=$(getopt -o hp:n:P:cR: -l help,path:,name:,profile:,clean,release: -- "$@")
+if [ $? -ne 0 ]; then
+    usage $(basename $0)
+    exit 1
+fi
+eval set -- "$options"
+while true
+do
+    case "$1" in
+	-h|--help)      usage $0 && exit 0;;
+	-p|--path)      path=$2; shift 2;;
+	-n|--name)      name=$2; shift 2;;
+	-P|--profile)   profile=$2; shift 2;;
+	-c|--clean)     clean=$2; shift 2;;
+        -R|--release)   release=$2; shift 2;;
+	--)             shift 1; break ;;
+        *)              break ;;
+    esac
+done
+if [ ! -z "$clean" -a -z "$path" ]; then
+    clean || exit 1
+    exit 0
+fi
+type apt-get >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "'apt-get' command is missing"
+    exit 1
+fi
+if [ -z "$path" ]; then
+    path=$default_path
+fi
+if [ -z "$profile" ]; then
+    profile=$default_profile
+fi
+if [ -z "$release" ]; then
+    if [ "$is_altlinux" ]; then
+        release=$(cat /etc/altlinux-release |awk '/^ALT/ {print $3}')
+    else
+        echo "This is not a ALTLinux host and release missing, use -R|--release to specify release"
+        exit 1
+    fi
+fi
+if [ "$(id -u)" != "0" ]; then
+    echo "This script should be run as 'root'"
+    exit 1
+fi
+rootfs_path=$path/$name/rootfs
+config_path=$default_path/$name
+cache=$cache_base/$release/$profile
+if [ -f $config_path/config ]; then
+    echo "A container with that name exists, chose a different name"
+    exit 1
+fi
+install_altlinux
+if [ $? -ne 0 ]; then
+    echo "failed to install altlinux"
+    exit 1
+fi
+configure_altlinux
+if [ $? -ne 0 ]; then
+    echo "failed to configure altlinux for a container"
+    exit 1
+fi
+copy_configuration
+if [ $? -ne 0 ]; then
+    echo "failed write configuration file"
+    exit 1
+fi
+if [ ! -z $clean ]; then
+    clean || exit 1
+    exit 0
+fi
+echo "container rootfs and config created"
+echo "container is configured for lxc.network.type=veth and lxc.network.link=virbr0 (which is default if you have libvirt runnig)"