update the fedora template

Update the fedora template in order to call it from the lxc-create script. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

update the fedora template
b6e91b67 · Daniel Lezcano · Daniel Lezcano · f1fa1a08 · b6e91b67
Commit b6e91b67 authored Jun 07, 2010 by Daniel Lezcano Committed by Daniel Lezcano Jun 07, 2010
Hide whitespace changes
Inline Side-by-side

Showing with 257 additions and 336 deletions

lxc-fedora.in templates/lxc-fedora.in +257 -336

No files found.
--- a/templates/lxc-fedora.in
+++ b/templates/lxc-fedora.in
 #!/bin/bash
-# set -ex
-DISTRO="fedora"
+#
-CACHE="@LOCALSTATEDIR@/cache/lxc/${DISTRO}"
+# template script for generating fedora container for LXC
+#
-# Default container name
+#
-NAME="fedora"
+# lxc: linux Container library
-CONFFILE="lxc.conf"
-UTSNAME=
-IPV4="172.20.0.21"
-GATEWAY="172.20.0.1"
-MTU="1500"
-# These paths are within the container so do not need to obey configure prefixes
+# Authors:
-INITTAB="/etc/inittab"
+# Daniel Lezcano <daniel.lezcano@free.fr>
-FSTAB="/etc/fstab"
-SSHD_CONFIG="/etc/ssh/sshd_config"
-################################################################################
+# This library is free software; you can redistribute it and/or
-#                    DISTRO custom configuration files
+# modify it under the terms of the GNU Lesser General Public
-################################################################################
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
-# custom selinux
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
-write_distro_selinux() {
+# You should have received a copy of the GNU Lesser General Public
-    mkdir -p ${ROOTFS}/selinux
+# License along with this library; if not, write to the Free Software
-    echo 0 > ${ROOTFS}/selinux/enforce
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-}
-# custom fstab
+DISTRO=fedora-10
-write_distro_fstab() {
+configure_fedora()
-cat <<EOF > ${ROOTFS}/${FSTAB}
+{
-tmpfs  /dev/shm   tmpfs  defaults  0 0
+    rootfs=$1
-EOF
+    hostname=$2
-}
+    # disable selinux in fedora
+    mkdir -p $rootfs/selinux
+    echo 0 > $rootfs/selinux/enforce
-# custom inittab
+   # configure the network using the dhcp
+    cat <<EOF > $rootfs/etc/network/interfaces
-write_distro_inittab() {
+auto lo
-cat <<EOF > ${ROOTFS}/${INITTAB}
+iface lo inet loopback
-id:3:initdefault:
-si::sysinit:/etc/init.d/rcS
+auto eth0
-l0:0:wait:/etc/init.d/rc 0
+iface eth0 inet dhcp
-l1:1:wait:/etc/init.d/rc 1
-l2:2:wait:/etc/init.d/rc 2
-l3:3:wait:/etc/init.d/rc 3
-l4:4:wait:/etc/init.d/rc 4
-l5:5:wait:/etc/init.d/rc 5
-l6:6:wait:/etc/init.d/rc 6
-# Normally not reached, but fallthrough in case of emergency.
-z6:6:respawn:/sbin/sulogin
-1:2345:respawn:/sbin/getty 38400 console
-c1:12345:respawn:/sbin/getty 38400 tty1 linux
-c2:12345:respawn:/sbin/getty 38400 tty2 linux
-c3:12345:respawn:/sbin/getty 38400 tty3 linux
-c4:12345:respawn:/sbin/getty 38400 tty4 linux
 EOF
-}
-# custom network configuration
+    # set the hostname
-write_distro_network() {
+    cat <<EOF > $rootfs/etc/hostname
-cat <<EOF > ${ROOTFS}/etc/sysconfig/network-scripts/ifcfg-lo
+$hostname
-DEVICE=lo
-IPADDR=127.0.0.1
-NETMASK=255.0.0.0
-NETWORK=127.0.0.0
-# If you're having problems with gated making 127.0.0.0/8 a martian,
-# you can change this to something else (255.255.255.255, for example)
-BROADCAST=127.255.255.255
-ONBOOT=yes
-NAME=loopback
 EOF
-cat <<EOF > ${ROOTFS}/etc/sysconfig/network-scripts/ifcfg-eth0
+    # set minimal hosts
-DEVICE=eth0
+    cat <<EOF > $rootfs/etc/hosts
-BOOTPROTO=static
+127.0.0.1 localhost $hostname
-HWADDR=52:54:00:12:34:56
-ONBOOT=yes
-HOSTNAME=${UTSNAME}
-NM_CONTROLLED=no
-TYPE=Ethernet
-IPADDR=${IPV4}
-NETWORK=$(ipcalc -sn ${IPV4} 255.255.255.0)
-GATEWAY=${GATEWAY}
-BROADCAST=$(ipcalc -sb ${IPV4} 255.255.255.0)
-NETMASK=255.255.255.0
-MTU=${MTU}
 EOF
-}
-# custom hostname
+    # provide the lxc service
+    cat <<EOF > $rootfs/etc/init/lxc.conf
+# fake some events needed for correct startup other services
-write_distro_hostname() {
+description     "Container Upstart"
-cat <<EOF > ${ROOTFS}/etc/sysconfig/network
-NETWORKING=yes
-HOSTNAME=${UTSNAME}
-EOF
-}
-# custom sshd configuration file
-write_distro_sshd_config() {
-cat <<EOF > ${ROOTFS}/${SSHD_CONFIG}
-Port 22
-Protocol 2
-HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
-UsePrivilegeSeparation yes
-KeyRegenerationInterval 3600
-ServerKeyBits 768
-SyslogFacility AUTH
-LogLevel INFO
-LoginGraceTime 120
-PermitRootLogin yes
-StrictModes yes
-RSAAuthentication yes
-PubkeyAuthentication yes
-IgnoreRhosts yes
-RhostsRSAAuthentication no
-HostbasedAuthentication no
-PermitEmptyPasswords yes
-ChallengeResponseAuthentication no
-EOF
-}
-################################################################################
+start on startup
-#                        lxc configuration files
-################################################################################
-write_lxc_configuration() {
+script
-cat <<EOF > ${CONFFILE}
+        rm -rf /var/run/*.pid
-lxc.utsname = ${UTSNAME}
+        rm -rf /var/run/network/*
-lxc.tty = 4
+        /sbin/initctl emit stopped JOB=udevtrigger --no-wait
-lxc.network.type = veth
+        /sbin/initctl emit started JOB=udev --no-wait
-lxc.network.flags = up
+end script
-lxc.network.link = br0
-lxc.network.name = eth0
-lxc.network.mtu = ${MTU}
-lxc.rootfs = ${ROOTFS}
-lxc.cgroup.devices.deny = a
-# /dev/null and zero
-lxc.cgroup.devices.allow = c 1:3 rwm
-lxc.cgroup.devices.allow = c 1:5 rwm
-# consoles
-lxc.cgroup.devices.allow = c 5:1 rwm
-lxc.cgroup.devices.allow = c 5:0 rwm
-lxc.cgroup.devices.allow = c 4:0 rwm
-lxc.cgroup.devices.allow = c 4:1 rwm
-# /dev/{,u}random
-lxc.cgroup.devices.allow = c 1:9 rwm
-lxc.cgroup.devices.allow = c 1:8 rwm
-# /dev/pts/* - pts namespaces are "coming soon"
-lxc.cgroup.devices.allow = c 136:* rwm
-lxc.cgroup.devices.allow = c 5:2 rwm
-# rtc
-lxc.cgroup.devices.allow = c 254:0 rwm
 EOF
-}
-create() {
+    cat <<EOF > $rootfs/etc/init/console.conf
+# console - getty
+#
+# This service maintains a console on tty1 from the point the system is
+# started until it is shut down again.
-    # choose a container name, default is already in shell NAME variable
+start on stopped rc RUNLEVEL=[2345]
-    echo -n "What is the name for the container ? [${NAME}] "
+stop on runlevel [!2345]
-    read _NAME_
-    if [ ! -z "${_NAME_}" ]; then
+respawn
-	NAME=${_NAME_}
+exec /sbin/getty -8 38400 /dev/console
-    fi
+EOF
-    # choose a hostname, default is the container name
+    cat <<EOF > $rootfs/lib/init/fstab
-    echo -n "What hostname do you wish for this container ? [${NAME}] "
+# /lib/init/fstab: lxc system fstab
-    read _UTSNAME_
+none            /spu                      spufs           gid=spu,optional                  0 0
+none            /tmp                      none            defaults                          0 0
+none            /var/lock                 tmpfs           nodev,noexec,nosuid,showthrough   0 0
+none            /lib/init/rw              tmpfs           mode=0755,nosuid,optional         0 0
+EOF
-    if [ ! -z "${_UTSNAME_}" ]; then
+    # reconfigure some services
-	UTSNAME=${_UTSNAME_}
+    if [ -z "$LANG" ]; then
+	chroot $rootfs locale-gen en_US.UTF-8
+	chroot $rootfs update-locale LANG=en_US.UTF-8
    else
-	UTSNAME=${NAME}
+	chroot $rootfs locale-gen $LANG
+	chroot $rootfs update-locale LANG=$LANG
    fi
-    # choose an ipv4 address, better to choose the same network than
+    # remove pointless services in a container
-    # your host
+    chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
-    echo -n "What IP address do you wish for this container ? [${IPV4}] "
-    read _IPV4_
-    if [ ! -z "${_IPV4_}" ]; then
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done'
-	IPV4=${_IPV4_}
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done'
-    fi
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done'
+    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done'
-    # choose the gateway ip address
+    echo "Please change root-password !"
-    echo -n "What is the gateway IP address ? [${GATEWAY}] "
+    echo "root:root" | chroot $rootfs chpasswd
-    read _GATEWAY_
-    if [ ! -z "${_GATEWAY_}" ]; then
+    return 0
-	GATEWAY=${_GATEWAY_}
+}
-    fi
-    # choose the MTU size
+download_fedora()
-    echo -n "What is the MTU size ? [$MTU] "
+{
-    read _MTU_
+    cache=$1
+    arch=$2
-    if [ ! -z "$_MTU_" ]; then
+    # check the mini fedora was not already downloaded
-	MTU=$_MTU_
+    mkdir -p "$cache/partial-$arch"
+    if [ $? -ne 0 ]; then
+	echo "Failed to create '$cache/partial-$arch' directory"
+	return 1
    fi
-    # the rootfs name will be build with the container name
+    # download a mini fedora into a cache
-    ROOTFS="./rootfs.${NAME}"
+    echo "Downloading fedora minimal ..."
+    febootstrap $DISTRO $cache/partial-$arch
-    # check if the rootfs does already exist
+    if [ $? -ne 0 ]; then
-    if [ ! -e "${ROOTFS}" ]; then
+	echo "Failed to download the rootfs, aborting."
-	    mkdir -p @LOCALSTATEDIR@/lock/subsys/
+	return 1
-	(
-	    flock -n -x 200
-	    RES=$?
-	    if [ "${RES}" != "0" ]; then
-		echo "Cache repository is busy."
-		break
-	    fi
-	    # check the mini distro was not already downloaded
-	    echo -n "Checking cache download ..."
-	    if [ ! -e "${CACHE}/rootfs" ]; then
-		echo "not cached"
-		# Rather than write a special yum config we just make the
-		# default RPM and yum layout in ${CACHE}. The alternative is
-		# to copy /etc/yum/yum.conf or /etc/yum.conf and fiddle with
-		# some settings.
-		mkdir -p "${CACHE}/partial/var/lib/rpm"
-		mkdir -p "${CACHE}/partial/var/log"
-		touch "${CACHE}/partial/var/log/yum.log"
-		RELEASE="$(yum info ${DISTRO}-release | \
-			awk -F '[[:space:]]*:[[:space:]]*' \
-				'/^Release/ { release = $2 }
-				/^Version/ { version = $2 }
-				END { print version "-" release }')"
-		PKG="${DISTRO}-release-${RELEASE}.noarch"
-		RPM="rpm --root ${CACHE}/partial"
-		echo "Initializing RPM cache ..."
-		${RPM} --initdb
-		echo "Downloading distribution release file ${PKG}"
-		yumdownloader --destdir="${CACHE}/partial" "${PKG}"
-                RESULT=$?
-               if [ "${RESULT}" != "0" ]; then
-                   echo "Enable to download the distribution release file"
-                   exit 1
-               fi
-		${RPM} --nodeps -ihv "${CACHE}/partial/${PKG}.rpm"
-		echo "Downloading ${DISTRO} minimal ..."
-		yum --installroot="${CACHE}/partial" -y groupinstall Base
-		RESULT=$?
-		if [ "${RESULT}" != "0" ]; then
-		    echo "Failed to download the rootfs, aborting."
-		    exit 1
-		fi
-		mv "${CACHE}/partial" "${CACHE}/rootfs"
-		echo "Download complete."
-	    else
-		echo "Found."
-	    fi
-            # make a local copy of the mini
-	    echo -n "Copying rootfs ..."
-	    cp -a ${CACHE}/rootfs ${ROOTFS} && echo "Done." || exit
-	) 200> "@LOCALSTATEDIR@/lock/subsys/lxc"
    fi
-write_lxc_configuration
+    mv "$1/partial-$arch" "$1/rootfs-$arch"
+    echo "Download complete."
-write_distro_inittab
-write_distro_hostname
+    return 0
+}
-write_distro_fstab
-write_distro_network
-write_distro_sshd_config
-write_distro_selinux
-@BINDIR@/lxc-create -n ${NAME} -f ${CONFFILE}
-RES=$?
-# remove the configuration files
+copy_fedora()
-rm -f ${CONFFILE}
+{
+    cache=$1
+    arch=$2
+    rootfs=$3
-if [ "${RES}" != "0" ]; then
+    # make a local copy of the minifedora
-    echo "Failed to create '${NAME}'"
+    echo -n "Copying rootfs to $rootfs ..."
-    exit 1
+    cp -a $cache/rootfs-$arch $rootfs || return 1
-fi
+    return 0
-echo "Done."
-echo -e "\nYou can run your container with the 'lxc-start -n ${NAME}'\n"
 }
-destroy() {
+install_fedora()
+{
+    cache="/var/cache/lxc/fedora"
+    rootfs=$1
+    mkdir -p /var/lock/subsys/
+    (
+	flock -n -x 200
+	if [ $? -ne 0 ]; then
+	    echo "Cache repository is busy."
+	    return 1
+	fi
-    echo -n "What is the name for the container ? [${NAME}] "
+	arch=$(arch)
-    read _NAME_
-    if [ ! -z "${_NAME_}" ]; then
+	echo "Checking cache download in $cache/rootfs-$arch ... "
-	NAME=${_NAME_}
+	if [ ! -e "$cache/rootfs-$arch" ]; then
-    fi
+	    download_fedora $cache $arch
+	    if [ $? -ne 0 ]; then
+		echo "Failed to download 'fedora base'"
+		return 1
+	    fi
+	fi
-    @BINDIR@/lxc-destroy -n ${NAME}
+	echo "Copy $cache/rootfs-$arch to $rootfs ... "
-    RETVAL=$?
+	copy_fedora $cache $arch $rootfs
-    if [ ! ${RETVAL} -eq 0 ]; then
+	if [ $? -ne 0 ]; then
-	echo "Failed to destroyed '${NAME}'"
+	    echo "Failed to copy rootfs"
-	return ${RETVAL}
+	    return 1
-    fi
+	fi
-    ROOTFS="./rootfs.${NAME}"
+	return 0
-    echo -n "Shall I remove the rootfs [y/n] ? "
+	) 200>/var/lock/subsys/lxc
-    read
-    if [ "${REPLY}" = "y" ]; then
-	rm -rf ${ROOTFS}
-    fi
-    return 0
+    return $?
 }
-help() {
+copy_configuration()
-    cat <<EOF
+{
+    path=$1
+    rootfs=$2
+    name=$3
-This script is a helper to create ${DISTRO} system containers.
+    cat <<EOF >> $path/config
+lxc.utsname = $name
-The script will create the container configuration file following
+lxc.tty = 4
-the informations submitted interactively with 'lxc-${DISTRO} create'
+lxc.pts = 1024
+lxc.rootfs = $rootfs
-The first creation will download, with yum, a ${DISTRO} minimal
+lxc.mount  = $path/fstab
-install and store it into a cache.
-The script will copy from the cache the root filesystem to the
-current directory.
-If there is a problem with the container, (bad configuration for
+lxc.console = /dev/console
-example), you can destroy the container with 'lxc-${DISTRO} destroy'
-but without removing the rootfs and recreate it again with
-'lxc-${DISTRO} create'.
-If you want to create another ${DISTRO} container, call the 'lxc-${DISTRO}
+lxc.cgroup.devices.deny = a
- create' again, specifying another name and new parameters.
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+EOF
-At any time you can purge the ${DISTRO} cache download by calling
+    cat <<EOF > $path/fstab
-'lxc-${DISTRO} purge'
+proc            $rootfs/proc         proc    nodev,noexec,nosuid 0 0
+devpts          $rootfs/dev/pts      devpts defaults 0 0
+sysfs           $rootfs/sys          sysfs defaults  0 0
+EOF
-Have fun :)
+    if [ $? -ne 0 ]; then
+	echo "Failed to add configuration"
+	return 1
+    fi
-EOF
+    return 0
 }
-purge() {
+clean()
+{
+    cache="/var/cache/lxc/fedora"
-    if [ ! -e ${CACHE} ]; then
+    if [ ! -e $cache ]; then
 	exit 0
    fi
    # lock, so we won't purge while someone is creating a repository
    (
 	flock -n -x 200
+	if [ $? != 0 ]; then
-	RES=$?
-	if [ "${RES}" != "0" ]; then
 	    echo "Cache repository is busy."
 	    exit 1
 	fi
 	echo -n "Purging the download cache..."
-	rm --preserve-root --one-file-system -rf ${CACHE} && echo "Done." || exit 1
+	rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
 	exit 0
-    ) 200> "@LOCALSTATEDIR@/lock/subsys/lxc"
+    ) 200>/var/lock/subsys/lxc
+}
+usage()
+{
+    cat <<EOF
+$1 -h|--help -p|--path=<path> --clean
+EOF
+    return 0
 }
-# Note: assuming uid==0 is root -- might break with userns??
+options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
+if [ $? -ne 0 ]; then
+    usage $(basename $0)
+    exit 1
+fi
+eval set -- "$options"
+while true
+do
+    case "$1" in
+	-h|--help)      usage $0 && exit 0;;
+	-p|--path)      path=$2; shift 2;;
+	-n|--name)      name=$2; shift 2;;
+	-c|--clean)     clean=$2; shift 2;;
+	--)             shift 1; break ;;
+        *)              break ;;
+    esac
+done
+if [ ! -z "$clean" -a -z "$path" ]; then
+    clean || exit 1
+    exit 0
+fi
+type febootstrap
+if [ $? -ne 0 ]; then
+    echo "'febootstrap' command is missing"
+    exit 1
+fi
+if [ -z "$path" ]; then
+    echo "'path' parameter is required"
+    exit 1
+fi
 if [ "$(id -u)" != "0" ]; then
-	echo "This script should be run as 'root'"
+    echo "This script should be run as 'root'"
-	exit 1
+    exit 1
+fi
+rootfs=$path/rootfs
+install_fedora $rootfs
+if [ $? -ne 0 ]; then
+    echo "failed to install fedora"
+    exit 1
 fi
-# Detect which executable we were run as, lxc-fedora or lxc-redhat
+configure_fedora $rootfs $name
-case "$0" in
+if [ $? -ne 0 ]; then
-    *lxc-redhat)
+    echo "failed to configure fedora for a container"
-	DISTRO="redhat";;
+    exit 1
-    *) # default is fedora
+fi
-	DISTRO="fedora";;
-esac
+copy_configuration $path $rootfs $name
-CACHE="@LOCALSTATEDIR@/cache/lxc/${DISTRO}"
+if [ $? -ne 0 ]; then
+    echo "failed write configuration file"
-case "$1" in
+    exit 1
-    create)
+fi
-	create;;
-    destroy)
+if [ ! -z $clean ]; then
-	destroy;;
+    clean || exit 1
-    help)
+    exit 0
-	help;;
+fi
-    purge)
-	purge;;
-    *)
-	echo "Usage: $0 {create|destroy|purge|help}"
-	exit 1;;
-esac