download: Initial template

This adds a new template called "download". It's a fairly simple template with a minimal set of dependency which will grab any pre-built image available on https://images.linuxcontainers.org Note that the serverside is still work in progress (missing SSL support). Access is done over https by default with a warning being emitted if fallback to http was required (may be needed for testing, when behind proxy and with private servers). All index files and tarballs are gpg-signed with the default pubkeyid contained in the template itself. The main benefit of this template is to be entirely distribution-agnostic, any template that can be integrated with the server build infrastructure will then work on any LXC machine when using the download template. This template is also compatible with user namespaces and will hopefully help widden the number of distros that may work in unprivileged LXC. This commit also bundles a small change to the template configs to have the ubuntu template (used by the download template) to work with unprivileged LXC. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

download: Initial template
71d3a659 · Stéphane Graber · 3f5f5d99 · 71d3a659 · 71d3a659 · 71d3a659
Commit 71d3a659 authored Jan 10, 2014 by Stéphane Graber
7 changed files
--- a/.gitignore
+++ b/.gitignore
@@ -32,6 +32,7 @@ templates/lxc-busybox
 templates/lxc-centos
 templates/lxc-cirros
 templates/lxc-debian
+templates/lxc-download
 templates/lxc-fedora
 templates/lxc-openmandriva
 templates/lxc-opensuse

--- a/config/templates/Makefile.am
+++ b/config/templates/Makefile.am
@@ -5,4 +5,5 @@ templatesconfig_DATA = \
 	ubuntu-cloud.lucid.conf \
 	ubuntu-cloud.userns.conf \
 	ubuntu.common.conf \
-	ubuntu.lucid.conf
+	ubuntu.lucid.conf \
+	ubuntu.userns.conf
--- a/config/templates/ubuntu-cloud.userns.conf.in
+++ b/config/templates/ubuntu-cloud.userns.conf.in
-# CAP_SYS_ADMIN in init-user-ns is required for cgroup.devices
+# This derives from the main Ubuntu userns config
-lxc.cgroup.devices.deny =
+lxc.include = @LXCTEMPLATECONFIG@/ubuntu.userns.conf
-lxc.cgroup.devices.allow =
-# We can't move bind-mounts, so don't use /dev/lxc/
-lxc.devttydir =
-# Extra bind-mounts for userns
-lxc.mount.entry = /dev/console dev/console none bind,create=file 0 0
-lxc.mount.entry = /dev/null dev/null none bind,create=file 0 0
-lxc.mount.entry = /dev/tty dev/tty none bind,create=file 0 0
-lxc.mount.entry = /dev/urandom dev/urandom none bind,create=file 0 0
-# Extra fstab entries as mountall can't mount those by itself
-lxc.mount.entry = /sys/firmware/efi/efivars sys/firmware/efi/efivars none bind,optional 0 0
-lxc.mount.entry = /proc/sys/fs/binfmt_misc proc/sys/fs/binfmt_misc none bind,optional 0 0
--- a/config/templates/ubuntu.userns.conf.in
+++ b/config/templates/ubuntu.userns.conf.in
+# CAP_SYS_ADMIN in init-user-ns is required for cgroup.devices
+lxc.cgroup.devices.deny =
+lxc.cgroup.devices.allow =
+# We can't move bind-mounts, so don't use /dev/lxc/
+lxc.devttydir =
+# Extra bind-mounts for userns
+lxc.mount.entry = /dev/console dev/console none bind,create=file 0 0
+lxc.mount.entry = /dev/null dev/null none bind,create=file 0 0
+lxc.mount.entry = /dev/tty dev/tty none bind,create=file 0 0
+lxc.mount.entry = /dev/urandom dev/urandom none bind,create=file 0 0
+# Extra fstab entries as mountall can't mount those by itself
+lxc.mount.entry = /sys/firmware/efi/efivars sys/firmware/efi/efivars none bind,optional 0 0
+lxc.mount.entry = /proc/sys/fs/binfmt_misc proc/sys/fs/binfmt_misc none bind,optional 0 0
--- a/configure.ac
+++ b/configure.ac
@@ -537,6 +537,7 @@ AC_CONFIG_FILES([
 	config/templates/ubuntu-cloud.userns.conf
 	config/templates/ubuntu.common.conf
 	config/templates/ubuntu.lucid.conf
+	config/templates/ubuntu.userns.conf
 	doc/Makefile
 	doc/api/Makefile
@@ -631,6 +632,7 @@ AC_CONFIG_FILES([
 	templates/Makefile
 	templates/lxc-cirros
 	templates/lxc-debian
+	templates/lxc-download
 	templates/lxc-ubuntu
 	templates/lxc-ubuntu-cloud
 	templates/lxc-opensuse

--- a/templates/Makefile.am
+++ b/templates/Makefile.am
 templatesdir=@LXCTEMPLATEDIR@
 templates_SCRIPTS = \
-	lxc-debian \
+	lxc-alpine \
-	lxc-ubuntu \
+	lxc-altlinux \
-	lxc-ubuntu-cloud \
+	lxc-archlinux \
-	lxc-opensuse \
+	lxc-busybox \
 	lxc-centos \
+	lxc-cirros \
+	lxc-debian \
+	lxc-download \
 	lxc-fedora \
 	lxc-openmandriva \
+	lxc-opensuse \
 	lxc-oracle \
-	lxc-altlinux \
+	lxc-plamo \
-	lxc-busybox \
 	lxc-sshd \
-	lxc-archlinux \
+	lxc-ubuntu \
-	lxc-alpine \
+	lxc-ubuntu-cloud
-	lxc-cirros \
-	lxc-plamo
--- a/templates/lxc-download.in
+++ b/templates/lxc-download.in