Skip to content

L
lxc
Commit 579ebf12 by InformatiQ Committed by Daniel Lezcano
Options

working fedora template

Signed-off-by: 's avatarDaniel Lezcano <dlezcano@fr.ibm.com>
parent d9e2cc0e
Showing with 146 additions and 118 deletions
templates/lxc-fedora.in
...@@ -9,6 +9,7 @@ ...@@ -9,6 +9,7 @@
# Authors: # Authors:
# Daniel Lezcano <daniel.lezcano@free.fr> # Daniel Lezcano <daniel.lezcano@free.fr>
# Ramez Hanna <rhanna@informatiq.org>
# This library is free software; you can redistribute it and/or # This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public # modify it under the terms of the GNU Lesser General Public
...@@ -24,117 +25,106 @@ ...@@ -24,117 +25,106 @@
# License along with this library; if not, write to the Free Software # License along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
DISTRO=fedora-10 #Configurations
arch=$(arch)
cache_base=/var/cache/lxc/fedora/$arch
default_path=/var/lib/lxc
root_password=rooter
lxc_network_type=veth
lxc_network_link=virbr0
# is this fedora?
[ -f /etc/fedora-release ] && is_fedora=true
configure_fedora() configure_fedora()
{ {
rootfs=$1
hostname=$2
# disable selinux in fedora # disable selinux in fedora
mkdir -p $rootfs/selinux mkdir -p $rootfs_path/selinux
echo 0 > $rootfs/selinux/enforce echo 0 > $rootfs_path/selinux/enforce
# configure the network using the dhcp # configure the network using the dhcp
cat <<EOF > $rootfs/etc/network/interfaces cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
auto lo DEVICE=eth0
iface lo inet loopback BOOTPROTO=dhcp
ONBOOT=yes
auto eth0 HOSTNAME=${UTSNAME}
iface eth0 inet dhcp NM_CONTROLLED=no
TYPE=Ethernet
MTU=${MTU}
EOF EOF
# set the hostname # set the hostname
cat <<EOF > $rootfs/etc/hostname cat <<EOF > ${rootfs_path}/etc/sysconfig/network
$hostname NETWORKING=yes
EOF HOSTNAME=${UTSNAME}
# set minimal hosts
cat <<EOF > $rootfs/etc/hosts
127.0.0.1 localhost $hostname
EOF
# provide the lxc service
cat <<EOF > $rootfs/etc/init/lxc.conf
# fake some events needed for correct startup other services
description "Container Upstart"
start on startup
script
rm -rf /var/run/*.pid
rm -rf /var/run/network/*
/sbin/initctl emit stopped JOB=udevtrigger --no-wait
/sbin/initctl emit started JOB=udev --no-wait
end script
EOF
cat <<EOF > $rootfs/etc/init/console.conf
# console - getty
#
# This service maintains a console on tty1 from the point the system is
# started until it is shut down again.
start on stopped rc RUNLEVEL=[2345]
stop on runlevel [!2345]
respawn
exec /sbin/getty -8 38400 /dev/console
EOF EOF
cat <<EOF > $rootfs/lib/init/fstab # set minimal hosts
# /lib/init/fstab: lxc system fstab cat <<EOF > $rootfs_path/etc/hosts
none /spu spufs gid=spu,optional 0 0 127.0.0.1 localhost $name
none /tmp none defaults 0 0
none /var/lock tmpfs nodev,noexec,nosuid,showthrough 0 0
none /lib/init/rw tmpfs mode=0755,nosuid,optional 0 0
EOF EOF
# reconfigure some services sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.sysinit
if [ -z "$LANG" ]; then sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.d/rc.sysinit
chroot $rootfs locale-gen en_US.UTF-8 chroot ${rootfs_path} chkconfig udev-post off
chroot $rootfs update-locale LANG=en_US.UTF-8 chroot ${rootfs_path} chkconfig network on
else
chroot $rootfs locale-gen $LANG dev_path="${rootfs_path}/dev"
chroot $rootfs update-locale LANG=$LANG rm -rf $dev_path
fi mkdir -p $dev_path
mknod -m 666 ${dev_path}/null c 1 3
# remove pointless services in a container mknod -m 666 ${dev_path}/zero c 1 5
chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove mknod -m 666 ${dev_path}/random c 1 8
mknod -m 666 ${dev_path}/urandom c 1 9
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done' mkdir -m 755 ${dev_path}/pts
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done' mkdir -m 1777 ${dev_path}/shm
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done' mknod -m 666 ${dev_path}/tty c 5 0
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done' mknod -m 666 ${dev_path}/tty0 c 4 0
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done' mknod -m 666 ${dev_path}/tty1 c 4 1
mknod -m 666 ${dev_path}/tty2 c 4 2
echo "Please change root-password !" mknod -m 666 ${dev_path}/tty3 c 4 3
echo "root:root" | chroot $rootfs chpasswd mknod -m 666 ${dev_path}/tty4 c 4 4
mknod -m 600 ${dev_path}/console c 5 1
mknod -m 666 ${dev_path}/full c 1 7
mknod -m 600 ${dev_path}/initctl p
mknod -m 666 ${dev_path}/ptmx c 5 2
echo "setting root passwd to $root_password"
echo "root:$root_password" | chroot $rootfs_path chpasswd
return 0 return 0
} }
download_fedora() download_fedora()
{ {
cache=$1
arch=$2
# check the mini fedora was not already downloaded # check the mini fedora was not already downloaded
mkdir -p "$cache/partial-$arch" INSTALL_ROOT=$cache/partial
mkdir -p $INSTALL_ROOT
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed to create '$cache/partial-$arch' directory" echo "Failed to create '$INSTALL_ROOT' directory"
return 1 return 1
fi fi
# download a mini fedora into a cache # download a mini fedora into a cache
echo "Downloading fedora minimal ..." echo "Downloading fedora minimal ..."
febootstrap $DISTRO $cache/partial-$arch YUM="yum --installroot $INSTALL_ROOT -y --nogpgcheck"
PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient chkconfig rootfiles policycoreutils"
RELEASE_URL="http://ftp.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/releases/$release/Everything/x86_64/os/Packages/fedora-release-$release-1.noarch.rpm"
curl $RELEASE_URL > $INSTALL_ROOT/fedora-release-$release.noarch.rpm
mkdir -p $INSTALL_ROOT/var/lib/rpm
rpm --root $INSTALL_ROOT --initdb
rpm --root $INSTALL_ROOT -ivh $INSTALL_ROOT/fedora-release-$release.noarch.rpm
$YUM install $PKG_LIST
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed to download the rootfs, aborting." echo "Failed to download the rootfs, aborting."
return 1 return 1
fi fi
mv "$1/partial-$arch" "$1/rootfs-$arch" mv "$INSTALL_ROOT" "$cache/rootfs"
echo "Download complete." echo "Download complete."
return 0 return 0
...@@ -142,20 +132,23 @@ download_fedora() ...@@ -142,20 +132,23 @@ download_fedora()
copy_fedora() copy_fedora()
{ {
cache=$1
arch=$2
rootfs=$3
# make a local copy of the minifedora # make a local copy of the minifedora
echo -n "Copying rootfs to $rootfs ..." echo -n "Copying rootfs to $rootfs_path ..."
cp -a $cache/rootfs-$arch $rootfs || return 1 #cp -a $cache/rootfs-$arch $rootfs_path || return 1
# i prefer rsync (no reason really)
mkdir -p $rootfs_path
rsync -a $cache/rootfs/ $rootfs_path/
return 0 return 0
} }
update_fedora()
{
chroot $cache/rootfs yum -y update
}
install_fedora() install_fedora()
{ {
cache="/var/cache/lxc/fedora"
rootfs=$1
mkdir -p /var/lock/subsys/ mkdir -p /var/lock/subsys/
( (
flock -n -x 200 flock -n -x 200
...@@ -164,19 +157,25 @@ install_fedora() ...@@ -164,19 +157,25 @@ install_fedora()
return 1 return 1
fi fi
arch=$(arch) echo "Checking cache download in $cache/rootfs ... "
if [ ! -e "$cache/rootfs" ]; then
echo "Checking cache download in $cache/rootfs-$arch ... " download_fedora
if [ ! -e "$cache/rootfs-$arch" ]; then
download_fedora $cache $arch
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed to download 'fedora base'" echo "Failed to download 'fedora base'"
return 1 return 1
fi fi
else
echo "Cache found. Updating..."
update_fedora
if [ $? -ne 0 ]; then
echo "Failed to update 'fedora base', continuing with last known good cache"
else
echo "Update finished"
fi
fi fi
echo "Copy $cache/rootfs-$arch to $rootfs ... " echo "Copy $cache/rootfs to $rootfs_path ... "
copy_fedora $cache $arch $rootfs copy_fedora
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed to copy rootfs" echo "Failed to copy rootfs"
return 1 return 1
...@@ -191,20 +190,21 @@ install_fedora() ...@@ -191,20 +190,21 @@ install_fedora()
copy_configuration() copy_configuration()
{ {
path=$1
rootfs=$2
name=$3
cat <<EOF >> $path/config mkdir -p $config_path
cat <<EOF >> $config_path/config
lxc.utsname = $name lxc.utsname = $name
lxc.tty = 4 lxc.tty = 4
lxc.pts = 1024 lxc.pts = 1024
lxc.rootfs = $rootfs lxc.rootfs = $rootfs_path
lxc.mount = $path/fstab lxc.mount = $config_path/fstab
#networking
lxc.console = /dev/console lxc.network.type = $lxc_network_type
lxc.network.flags = up
lxc.network.link = $lxc_network_link
lxc.network.name = eth0
lxc.network.mtu = 1500
#cgroups
lxc.cgroup.devices.deny = a lxc.cgroup.devices.deny = a
# /dev/null and zero # /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:3 rwm
...@@ -223,10 +223,10 @@ lxc.cgroup.devices.allow = c 5:2 rwm ...@@ -223,10 +223,10 @@ lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 254:0 rwm lxc.cgroup.devices.allow = c 254:0 rwm
EOF EOF
cat <<EOF > $path/fstab cat <<EOF > $config_path/fstab
proc $rootfs/proc proc nodev,noexec,nosuid 0 0 +proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0
sysfs $rootfs/sys sysfs defaults 0 0 +devpts $rootfs_path/dev/pts devpts defaults 0 0
EOF +sysfs $rootfs_path/sys sysfs defaults 0 0
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Failed to add configuration" echo "Failed to add configuration"
...@@ -238,7 +238,6 @@ EOF ...@@ -238,7 +238,6 @@ EOF
clean() clean()
{ {
cache="/var/cache/lxc/fedora"
if [ ! -e $cache ]; then if [ ! -e $cache ]; then
exit 0 exit 0
...@@ -252,7 +251,7 @@ clean() ...@@ -252,7 +251,7 @@ clean()
exit 1 exit 1
fi fi
echo -n "Purging the download cache..." echo -n "Purging the download cache for Fedora-$release..."
rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1 rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
exit 0 exit 0
...@@ -262,12 +261,23 @@ clean() ...@@ -262,12 +261,23 @@ clean()
usage() usage()
{ {
cat <<EOF cat <<EOF
$1 -h|--help -p|--path=<path> --clean usage:
$1 -n|--name=<container_name>
[-p|--path=<path>] [-c|--clean] [-R|--release=<Fedora_release>] [-A|--arch=<arch of the container>]
[-h|--help]
Mandatory args:
-n,--name container name, used to as an identifier for that container from now on
Optional args:
-p,--path path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in and case
-c,--clean clean the cache
-R,--release Fedora release for the new container. if the host is Fedora, then it will defaultto the host's release.
-A,--arch NOT USED YET. Define what arch the container will be [i686,x86_64]
-h,--help print this help
EOF EOF
return 0 return 0
} }
options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@") options=$(getopt -o hp:n:cR: -l help,path:,name:,clean,release: -- "$@")
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
usage $(basename $0) usage $(basename $0)
exit 1 exit 1
...@@ -281,6 +291,7 @@ do ...@@ -281,6 +291,7 @@ do
-p|--path) path=$2; shift 2;; -p|--path) path=$2; shift 2;;
-n|--name) name=$2; shift 2;; -n|--name) name=$2; shift 2;;
-c|--clean) clean=$2; shift 2;; -c|--clean) clean=$2; shift 2;;
-R|--release) release=$2; shift 2;;
--) shift 1; break ;; --) shift 1; break ;;
*) break ;; *) break ;;
esac esac
...@@ -291,15 +302,23 @@ if [ ! -z "$clean" -a -z "$path" ]; then ...@@ -291,15 +302,23 @@ if [ ! -z "$clean" -a -z "$path" ]; then
exit 0 exit 0
fi fi
type febootstrap type yum >/dev/null 2>&1
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "'febootstrap' command is missing" echo "'yum' command is missing"
exit 1 exit 1
fi fi
if [ -z "$path" ]; then if [ -z "$path" ]; then
echo "'path' parameter is required" path=$default_path
exit 1 fi
if [ -z "$release" ]; then
if [ "$is_fedora" ]; then
release=$(cat /etc/fedora-release |awk '/^Fedora/ {print $3}')
else
echo "This is not a fedora host and release missing, use -R|--release to specify release"
exit 1
fi
fi fi
if [ "$(id -u)" != "0" ]; then if [ "$(id -u)" != "0" ]; then
...@@ -307,21 +326,28 @@ if [ "$(id -u)" != "0" ]; then ...@@ -307,21 +326,28 @@ if [ "$(id -u)" != "0" ]; then
exit 1 exit 1
fi fi
rootfs=$path/rootfs rootfs_path=$path/$name/rootfs
config_path=$default_path/$name
cache=$cache_base/$release
if [ -f $config_path/config ]; then
echo "A container with that name exists, chose a different name"
exit 1
fi
install_fedora $rootfs install_fedora
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "failed to install fedora" echo "failed to install fedora"
exit 1 exit 1
fi fi
configure_fedora $rootfs $name configure_fedora
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "failed to configure fedora for a container" echo "failed to configure fedora for a container"
exit 1 exit 1
fi fi
copy_configuration $path $rootfs $name copy_configuration
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "failed write configuration file" echo "failed write configuration file"
exit 1 exit 1
...@@ -331,3 +357,5 @@ if [ ! -z $clean ]; then ...@@ -331,3 +357,5 @@ if [ ! -z $clean ]; then
clean || exit 1 clean || exit 1
exit 0 exit 0
fi fi
echo "container rootfs and config created"
echo "container is configured for lxc.network.type=veth and lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment