Skip to content

L
lxc
Commit b031f0d2 by Alexey Shabalin Committed by Daniel Lezcano
Options

alt linux template

Updates. Signed-off-by: 's avatarDaniel Lezcano <dlezcano@fr.ibm.com> --
parent 8565ea1c
Showing with 93 additions and 18 deletions
templates/lxc-altlinux.in
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
#Configurations #Configurations
arch=$(arch) arch=$(arch)
cache_base=/var/cache/lxc/altlinux/$arch cache_base=/var/cache/lxc/altlinux/$arch
default_path=/var/lib/lxc default_path=@LXCPATH@
default_profile=default default_profile=default
profile_dir=/etc/lxc/profiles profile_dir=/etc/lxc/profiles
root_password=rooter root_password=rooter
...@@ -44,15 +44,38 @@ configure_altlinux() ...@@ -44,15 +44,38 @@ configure_altlinux()
mkdir -p $rootfs_path/selinux mkdir -p $rootfs_path/selinux
echo 0 > $rootfs_path/selinux/enforce echo 0 > $rootfs_path/selinux/enforce
# configure the network using the dhcp mkdir -p ${rootfs_path}/etc/net/ifaces/veth0
mkdir -p ${rootfs_path}/etc/net/ifaces/eth0 cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/options
cat <<EOF > ${rootfs_path}/etc/net/ifaces/eth0/options BOOTPROTO=${BOOTPROTO}
BOOTPROTO=dhcp
ONBOOT=yes ONBOOT=yes
NM_CONTROLLED=no NM_CONTROLLED=no
TYPE=eth TYPE=eth
EOF EOF
if [ ${BOOTPROTO} != "dhcp" ]; then
# ip address
cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv4address
${ipv4}
EOF
cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv4route
${gw}
EOF
cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/resolv.conf
nameserver ${dns}
EOF
cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv6address
${ipv6}
EOF
cat <<EOF > ${rootfs_path}/etc/net/ifaces/veth0/ipv6route
${gw6}
EOF
fi
# set the hostname # set the hostname
cat <<EOF > ${rootfs_path}/etc/sysconfig/network cat <<EOF > ${rootfs_path}/etc/sysconfig/network
NETWORKING=yes NETWORKING=yes
...@@ -66,10 +89,11 @@ EOF ...@@ -66,10 +89,11 @@ EOF
127.0.0.1 localhost.localdomain localhost $name 127.0.0.1 localhost.localdomain localhost $name
EOF EOF
# Allow to login at virsh console. loginuid.so doen't work in the absence of auditd. # Allow to login at virsh console. loginuid.so doen't work in the absence of auditd.
sed -i 's/^.*loginuid.so.*$/\#&/' ${rootfs_path}/etc/pam.d/common-login # sed -i 's/^.*loginuid.so.*$/\#&/' ${rootfs_path}/etc/pam.d/common-login
# Allow root to login at virsh console # Allow root to login at virsh console
echo "pts/0" >> ${rootfs_path}/etc/securetty echo "pts/0" >> ${rootfs_path}/etc/securetty
echo "console" >> ${rootfs_path}/etc/securetty
chroot ${rootfs_path} chkconfig network on chroot ${rootfs_path} chkconfig network on
chroot ${rootfs_path} chkconfig syslogd on chroot ${rootfs_path} chkconfig syslogd on
...@@ -78,12 +102,17 @@ EOF ...@@ -78,12 +102,17 @@ EOF
chroot ${rootfs_path} chkconfig fbsetfont off chroot ${rootfs_path} chkconfig fbsetfont off
# chroot ${rootfs_path} chkconfig keytable off # chroot ${rootfs_path} chkconfig keytable off
subst 's/^\([0-9]\+:[0-9]\+:respawn:\/sbin\/mingetty.*\)/#\1/' ${rootfs_path}/etc/inittab subst 's/^\([3-9]\+:[0-9]\+:respawn:\/sbin\/mingetty.*\)/#\1/' ${rootfs_path}/etc/inittab
echo "c1:2345:respawn:/sbin/mingetty --noclear console" >> ${rootfs_path}/etc/inittab
subst 's,\/dev\/tty12,/var/log/syslog/console,' ${rootfs_path}/etc/syslog.conf subst 's,\/dev\/tty12,/var/log/syslog/console,' ${rootfs_path}/etc/syslog.conf
# touch file for fastboot
touch ${rootfs_path}/fastboot
chattr +i ${rootfs_path}/fastboot
dev_path="${rootfs_path}/dev" dev_path="${rootfs_path}/dev"
rm -rf $dev_path rm -rf ${dev_path}
mkdir -p $dev_path mkdir -p ${dev_path}
mknod -m 666 ${dev_path}/null c 1 3 mknod -m 666 ${dev_path}/null c 1 3
mknod -m 666 ${dev_path}/zero c 1 5 mknod -m 666 ${dev_path}/zero c 1 5
mknod -m 644 ${dev_path}/random c 1 8 mknod -m 644 ${dev_path}/random c 1 8
...@@ -91,15 +120,23 @@ EOF ...@@ -91,15 +120,23 @@ EOF
mkdir -m 755 ${dev_path}/pts mkdir -m 755 ${dev_path}/pts
mkdir -m 1777 ${dev_path}/shm mkdir -m 1777 ${dev_path}/shm
mknod -m 666 ${dev_path}/tty c 5 0 mknod -m 666 ${dev_path}/tty c 5 0
mknod -m 666 ${dev_path}/tty0 c 4 0 chown root:tty ${dev_path}/tty
mknod -m 666 ${dev_path}/tty1 c 4 1 mknod -m 600 ${dev_path}/tty0 c 4 0
mknod -m 666 ${dev_path}/tty2 c 4 2 mknod -m 600 ${dev_path}/tty1 c 4 1
mknod -m 666 ${dev_path}/tty3 c 4 3 mknod -m 600 ${dev_path}/tty2 c 4 2
mknod -m 666 ${dev_path}/tty4 c 4 4 mknod -m 600 ${dev_path}/tty3 c 4 3
mknod -m 600 ${dev_path}/tty4 c 4 4
mknod -m 600 ${dev_path}/console c 5 1 mknod -m 600 ${dev_path}/console c 5 1
mknod -m 666 ${dev_path}/full c 1 7 mknod -m 666 ${dev_path}/full c 1 7
mknod -m 600 ${dev_path}/initctl p mknod -m 600 ${dev_path}/initctl p
mknod -m 666 ${dev_path}/ptmx c 5 2 mknod -m 666 ${dev_path}/ptmx c 5 2
chown root:tty ${dev_path}/ptmx
ln -s /proc/self/fd ${dev_path}/fd
ln -s /proc/kcore ${dev_path}/core
mkdir -m 755 ${dev_path}/mapper
mknod -m 600 ${dev_path}/mapper/control c 10 236
mkdir -m 755 ${dev_path}/net
mknod -m 666 ${dev_path}/net/tun c 10 200
echo "setting root passwd to $root_password" echo "setting root passwd to $root_password"
echo "root:$root_password" | chroot $rootfs_path chpasswd echo "root:$root_password" | chroot $rootfs_path chpasswd
...@@ -212,8 +249,30 @@ lxc.mount = $config_path/fstab ...@@ -212,8 +249,30 @@ lxc.mount = $config_path/fstab
lxc.network.type = $lxc_network_type lxc.network.type = $lxc_network_type
lxc.network.flags = up lxc.network.flags = up
lxc.network.link = $lxc_network_link lxc.network.link = $lxc_network_link
lxc.network.name = eth0 lxc.network.name = veth0
lxc.network.mtu = 1500 lxc.network.mtu = 1500
EOF
if [ ! -z ${ipv4} ]; then
cat <<EOF >> $config_path/config
lxc.network.ipv4 = $ipv4
EOF
fi
if [ ! -z ${gw} ]; then
cat <<EOF >> $config_path/config
lxc.network.ipv4.gateway = $gw
EOF
fi
if [ ! -z ${ipv6} ]; then
cat <<EOF >> $config_path/config
lxc.network.ipv6 = $ipv6
EOF
fi
if [ ! -z ${gw6} ]; then
cat <<EOF >> $config_path/config
lxc.network.ipv6.gateway = $gw6
EOF
fi
cat <<EOF >> $config_path/config
#cgroups #cgroups
lxc.cgroup.devices.deny = a lxc.cgroup.devices.deny = a
# /dev/null and zero # /dev/null and zero
...@@ -230,12 +289,11 @@ lxc.cgroup.devices.allow = c 1:8 rwm ...@@ -230,12 +289,11 @@ lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm lxc.cgroup.devices.allow = c 5:2 rwm
# rtc # rtc
lxc.cgroup.devices.allow = c 254:0 rwm lxc.cgroup.devices.allow = c 10:135 rwm
EOF EOF
cat <<EOF > $config_path/fstab cat <<EOF > $config_path/fstab
proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0 proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0
devpts $rootfs_path/dev/pts devpts defaults 0 0
sysfs $rootfs_path/sys sysfs defaults 0 0 sysfs $rootfs_path/sys sysfs defaults 0 0
EOF EOF
...@@ -275,6 +333,8 @@ usage() ...@@ -275,6 +333,8 @@ usage()
usage: usage:
$1 -n|--name=<container_name> $1 -n|--name=<container_name>
[-p|--path=<path>] [-c|--clean] [-R|--release=<ALTLinux_release>] [-p|--path=<path>] [-c|--clean] [-R|--release=<ALTLinux_release>]
[-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
[-g|--gw=<gw address>] [-d|--dns=<dns address>]
[-P|--profile=<name of the profile>] [-P|--profile=<name of the profile>]
[-A|--arch=<arch of the container>] [-A|--arch=<arch of the container>]
[-h|--help] [-h|--help]
...@@ -284,6 +344,11 @@ Optional args: ...@@ -284,6 +344,11 @@ Optional args:
-p,--path path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in and case -p,--path path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in and case
-c,--clean clean the cache -c,--clean clean the cache
-R,--release ALTLinux release for the new container. if the host is ALTLinux, then it will defaultto the host's release. -R,--release ALTLinux release for the new container. if the host is ALTLinux, then it will defaultto the host's release.
-4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
-6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
-g,--gw specify the default gw, eg. 192.168.1.1
-G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
-d,--dns specify the DNS server, eg. 192.168.1.2
-P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache. -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
-A,--arch NOT USED YET. Define what arch the container will be [i686,x86_64] -A,--arch NOT USED YET. Define what arch the container will be [i686,x86_64]
-h,--help print this help -h,--help print this help
...@@ -291,7 +356,7 @@ EOF ...@@ -291,7 +356,7 @@ EOF
return 0 return 0
} }
options=$(getopt -o hp:n:P:cR: -l help,path:,name:,profile:,clean,release: -- "$@") options=$(getopt -o hp:n:P:cR:4:6:g:d: -l help,path:,name:,profile:,clean,release:ipv4:ipv6:gw:dns: -- "$@")
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
usage $(basename $0) usage $(basename $0)
exit 1 exit 1
...@@ -307,6 +372,10 @@ do ...@@ -307,6 +372,10 @@ do
-P|--profile) profile=$2; shift 2;; -P|--profile) profile=$2; shift 2;;
-c|--clean) clean=$2; shift 2;; -c|--clean) clean=$2; shift 2;;
-R|--release) release=$2; shift 2;; -R|--release) release=$2; shift 2;;
-4|--ipv4) ipv4=$2; shift 2;;
-6|--ipv6) ipv6=$2; shift 2;;
-g|--gw) gw=$2; shift 2;;
-d|--dns) dns=$2; shift 2;;
--) shift 1; break ;; --) shift 1; break ;;
*) break ;; *) break ;;
esac esac
...@@ -340,6 +409,12 @@ if [ -z "$release" ]; then ...@@ -340,6 +409,12 @@ if [ -z "$release" ]; then
fi fi
fi fi
if [ -z "$ipv4" -a -z "$ipv6" ]; then
BOOTPROTO="dhcp"
else
BOOTPROTO="static"
fi
if [ "$(id -u)" != "0" ]; then if [ "$(id -u)" != "0" ]; then
echo "This script should be run as 'root'" echo "This script should be run as 'root'"
exit 1 exit 1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment