[mirror_lxc.git] / scripts / lxc-debian.in

#!/bin/bash
# set -ex

NAME="debian"
CONFFILE="lxc.conf"
MNTFILE="mount.conf"
UTSNAME=
IPV4="172.20.0.21"
GATEWAY="172.20.0.1"
INTERFACES="/etc/network/interfaces"
INITTAB="/etc/inittab"
HOSTNAME="/etc/hostname"
FSTAB="/etc/fstab"
CACHE="@LOCALSTATEDIR@/cache/lxc/debian"

create() {

    # choose a container name, default is 'debian'
    echo -n "What is the name for the container ? [$NAME] "
    read _NAME_

    if [ ! -z "$_NAME_" ]; then
	NAME=$_NAME_
    fi

    # choose a hostname, default is the container name
    echo -n "What hostname do you wish for this container ? [$NAME] "
    read _UTSNAME_

    if [ ! -z "$_UTSNAME_" ]; then
	UTSNAME=$_UTSNAME_
    else
	UTSNAME=$NAME
    fi

    # choose an ipv4 address, better to choose the same network than
    # your host
    echo -n "What IP address do you wish for this container ? [$IPV4] "
    read _IPV4_

    if [ ! -z "$_IPV4_" ]; then
	IPV4=$_IPV4_
    fi

    # choose the gateway ip address
    echo -n "What is the gateway IP address ? [$GATEWAY] "
    read _GATEWAY_

    if [ ! -z "$_GATEWAY_" ]; then
	GATEWAY=$_GATEWAY_
    fi

    # the rootfs name will be build with the container name
    ROOTFS="./rootfs.$NAME"

    # check if the rootfs does already exist
    if [ ! -e "$ROOTFS" ]; then
	(
	    flock -n -x 200 

	    RES=$?
	    if [ "$RES" != "0" ]; then
		echo "Cache repository is busy."
		break
	    fi

	    echo "Choose your architecture"
	    select ARCH in amd64 i386; do
		echo "Architecture $ARCH selected"
		break;
	    done

	    # check the mini debian was not already downloaded
	    echo -n "Checking cache download ..."
	    if [ ! -e "$CACHE/rootfs-$ARCH" ]; then
		
		echo "not cached"
		
		mkdir -p "$CACHE/rootfs-$ARCH"
		
	        # download a mini debian into a cache
		echo "Downloading debian minimal ..."
		debootstrap --verbose --variant=minbase --arch=$ARCH \
		    --include apache,netbase,net-tools,iproute,openssh-server \
		    etch $CACHE/rootfs-$ARCH http://ftp.debian.org/debian
		
		RESULT=$?
		if [ "$RESULT" != "0" ]; then
		    echo "Failed to download the rootfs, aborting."
		    exit 1
		fi
		echo "Download complete."
	    else
		echo "Found."
	    fi
	    
            # make a local copy of the minidebian
	    echo -n "Copying rootfs ..."
	    cp -a $CACHE/rootfs-$ARCH $ROOTFS && echo "Done." || exit
	) 200>/var/lock/subsys/lxc
    fi


########################################
# lxc configuration files
########################################

# lxc mount point

cat <<EOF > $MNTFILE
/dev	$(pwd)/$ROOTFS/dev none bind 0 0
/dev/pts $(pwd)/$ROOTFS/dev/pts none bind 0 0
/etc/resolv.conf $(pwd)/$ROOTFS/etc/resolv.conf none ro,bind 0 0
EOF

# lxc configuration

cat <<EOF > $CONFFILE

lxc.utsname = $UTSNAME

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0

lxc.mount = $MNTFILE

lxc.rootfs = $ROOTFS

lxc.cgroup.devices.deny = a

# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm

# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm

# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm

# /dev/pts/* - pts namespaces are "coming soon"
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm

# rtc
lxc.cgroup.devices.allow = c 254:0 rwm

EOF


########################################
# rootfs configuration files tweak
########################################

# inittab

cat <<EOF > $ROOTFS/$INITTAB
id:3:initdefault:
si::sysinit:/etc/init.d/rcS
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
# Normally not reached, but fallthrough in case of emergency.
z6:6:respawn:/sbin/sulogin
1:2345:respawn:/sbin/getty 38400 console
EOF

# hostname
cat <<EOF > $ROOTFS/$HOSTNAME
$UTSNAME
EOF

# fstab

cat <<EOF > $ROOTFS/$FSTAB
tmpfs                   /dev/shm                tmpfs   defaults        0 0
EOF

# network

cat <<EOF > $ROOTFS/$INTERFACES
auto eth0 lo
iface eth0 inet static
address $IPV4
netmask 255.255.255.0
broadcast 0.0.0.0
up route add default gw $GATEWAY
iface lo inet loopback
EOF

# create the container object

@BINDIR@/lxc-create -n $NAME -f $CONFFILE 
RES=$?

# remove the configuration files
rm -f $CONFFILE
rm -f $MNTFILE

if [ "$RES" != "0" ]; then
    echo "Failed to create '$NAME'"
    exit 1
fi

echo "Done."
echo -e "\nYou can run your container with the 'lxc-start -n $NAME'\n"
}

destroy() {

    echo -n "What is the name for the container ? [$NAME] "
    read _NAME_

    if [ ! -z "$_NAME_" ]; then
	NAME=$_NAME_
    fi

    @BINDIR@/lxc-destroy -n $NAME
    RETVAL=$?
    if [ ! $RETVAL -eq 0 ]; then
	echo "Failed to destroyed '$NAME'"
	return $RETVAL;
    fi

    ROOTFS="./rootfs.$NAME"

    echo -n "Shall I remove the rootfs [y/n] ? "
    read
    if [ "$REPLY" = "y" ]; then
	rm -rf $ROOTFS
    fi

    return 0
}

help() {
    cat <<EOF

This script is a helper to create debian system containers.

The script will create the container configuration file following
the informations submitted interactively with 'lxc-debian create'

The first creation will download, with debootstrap, a debian
minimal and store it into a cache.

The script will copy from the cache the root filesystem to the
current directory.

If there is a problem with the container, (bad configuration for 
example), you can destroy the container with 'lxc-debian destroy'
but without removing the rootfs and recreate it again with
'lxc-debian create'.

If you want to create another debian container, call the 'lxc-debian
 create' again, specifying another name and new parameters.

At any time you can purge the debian cache download by calling 
'lxc-debian purge'

Have fun :)

EOF
}

purge() {

    if [ ! -e $CACHE ]; then
	exit 0
    fi

    # lock, so we won't purge while someone is creating a repository
    (
	flock -n -x 200 

	RES=$?
	if [ "$RES" != "0" ]; then
	    echo "Cache repository is busy."
	    exit 1
	fi

	echo -n "Purging the download cache..."
	rm --preserve-root --one-file-system -rf $CACHE && echo "Done." || exit 1
	exit 0

    ) 200>/var/lock/subsys/lxc
}

if [ "$(id -u)" != "0" ]; then
	echo "This script should be run as 'root'"
	exit 1
fi 

case "$1" in
    create)
	create;;
    destroy)
	destroy;;
    help)
	help;;
    purge)
	purge;;
    *)
	echo "Usage: $0 {create|destroy|purge|help}"
	exit 1;;
esac
Commit	Line	Data
bad69158	1	#!/bin/bash
	2	# set -ex
	3
	4	NAME="debian"
	5	CONFFILE="lxc.conf"
	6	MNTFILE="mount.conf"
	7	UTSNAME=
	8	IPV4="172.20.0.21"
	9	GATEWAY="172.20.0.1"
	10	INTERFACES="/etc/network/interfaces"
	11	INITTAB="/etc/inittab"
	12	HOSTNAME="/etc/hostname"
	13	FSTAB="/etc/fstab"
7ad641d5	14	CACHE="@LOCALSTATEDIR@/cache/lxc/debian"
bad69158	15
	16	create() {
	17
	18	# choose a container name, default is 'debian'
	19	echo -n "What is the name for the container ? [$NAME] "
	20	read _NAME_
	21
	22	if [ ! -z "$_NAME_" ]; then
	23	NAME=$_NAME_
	24	fi
	25
	26	# choose a hostname, default is the container name
	27	echo -n "What hostname do you wish for this container ? [$NAME] "
	28	read _UTSNAME_
	29
	30	if [ ! -z "$_UTSNAME_" ]; then
	31	UTSNAME=$_UTSNAME_
	32	else
	33	UTSNAME=$NAME
	34	fi
	35
	36	# choose an ipv4 address, better to choose the same network than
	37	# your host
	38	echo -n "What IP address do you wish for this container ? [$IPV4] "
	39	read _IPV4_
	40
	41	if [ ! -z "$_IPV4_" ]; then
	42	IPV4=$_IPV4_
	43	fi
	44
	45	# choose the gateway ip address
	46	echo -n "What is the gateway IP address ? [$GATEWAY] "
	47	read _GATEWAY_
	48
	49	if [ ! -z "$_GATEWAY_" ]; then
	50	GATEWAY=$_GATEWAY_
	51	fi
	52
	53	# the rootfs name will be build with the container name
	54	ROOTFS="./rootfs.$NAME"
	55
	56	# check if the rootfs does already exist
	57	if [ ! -e "$ROOTFS" ]; then
	58	(
	59	flock -n -x 200
	60
	61	RES=$?
	62	if [ "$RES" != "0" ]; then
	63	echo "Cache repository is busy."
	64	break
	65	fi
	66
	67	echo "Choose your architecture"
	68	select ARCH in amd64 i386; do
	69	echo "Architecture $ARCH selected"
	70	break;
	71	done
	72
	73	# check the mini debian was not already downloaded
	74	echo -n "Checking cache download ..."
	75	if [ ! -e "$CACHE/rootfs-$ARCH" ]; then
	76
	77	echo "not cached"
	78
79	mkdir -p "$CACHE/rootfs-$ARCH"
80
81	# download a mini debian into a cache
82	echo "Downloading debian minimal ..."
83	debootstrap --verbose --variant=minbase --arch=$ARCH \
84	--include apache,netbase,net-tools,iproute,openssh-server \
85	etch $CACHE/rootfs-$ARCH http://ftp.debian.org/debian
86
87	RESULT=$?
88	if [ "$RESULT" != "0" ]; then
89	echo "Failed to download the rootfs, aborting."
90	exit 1
91	fi
92	echo "Download complete."
93	else
94	echo "Found."
95	fi
96
97	# make a local copy of the minidebian
98	echo -n "Copying rootfs ..."
99	cp -a $CACHE/rootfs-$ARCH $ROOTFS && echo "Done." \|\| exit
100	) 200>/var/lock/subsys/lxc
101	fi
102
103
104	########################################
105	# lxc configuration files
106	########################################
107
108	# lxc mount point
109
110	cat <<EOF > $MNTFILE
111	/dev $(pwd)/$ROOTFS/dev none bind 0 0
112	/dev/pts $(pwd)/$ROOTFS/dev/pts none bind 0 0
113	/etc/resolv.conf $(pwd)/$ROOTFS/etc/resolv.conf none ro,bind 0 0
114	EOF
115
116	# lxc configuration
117
118	cat <<EOF > $CONFFILE
85cbaa06	119
bad69158	120	lxc.utsname = $UTSNAME
85cbaa06	121
bad69158	122	lxc.network.type = veth
	123	lxc.network.flags = up
	124	lxc.network.link = br0
	125	lxc.network.name = eth0
85cbaa06	126
bad69158	127	lxc.mount = $MNTFILE
85cbaa06	128
bad69158	129	lxc.rootfs = $ROOTFS
85cbaa06	130
	131	lxc.cgroup.devices.deny = a
	132
	133	# /dev/null and zero
	134	lxc.cgroup.devices.allow = c 1:3 rwm
	135	lxc.cgroup.devices.allow = c 1:5 rwm
	136
	137	# consoles
	138	lxc.cgroup.devices.allow = c 5:1 rwm
	139	lxc.cgroup.devices.allow = c 5:0 rwm
	140	lxc.cgroup.devices.allow = c 4:0 rwm
	141	lxc.cgroup.devices.allow = c 4:1 rwm
	142
	143	# /dev/{,u}random
	144	lxc.cgroup.devices.allow = c 1:9 rwm
	145	lxc.cgroup.devices.allow = c 1:8 rwm
	146
	147	# /dev/pts/* - pts namespaces are "coming soon"
	148	lxc.cgroup.devices.allow = c 136:* rwm
719c46e1	149	lxc.cgroup.devices.allow = c 5:2 rwm
85cbaa06	150
	151	# rtc
	152	lxc.cgroup.devices.allow = c 254:0 rwm
	153
bad69158	154	EOF
	155
	156
	157	########################################
	158	# rootfs configuration files tweak
	159	########################################
	160
	161	# inittab
	162
	163	cat <<EOF > $ROOTFS/$INITTAB
	164	id:3:initdefault:
	165	si::sysinit:/etc/init.d/rcS
	166	l0:0:wait:/etc/init.d/rc 0
	167	l1:1:wait:/etc/init.d/rc 1
	168	l2:2:wait:/etc/init.d/rc 2
	169	l3:3:wait:/etc/init.d/rc 3
	170	l4:4:wait:/etc/init.d/rc 4
	171	l5:5:wait:/etc/init.d/rc 5
	172	l6:6:wait:/etc/init.d/rc 6
	173	# Normally not reached, but fallthrough in case of emergency.
	174	z6:6:respawn:/sbin/sulogin
	175	1:2345:respawn:/sbin/getty 38400 console
	176	EOF
	177
	178	# hostname
	179	cat <<EOF > $ROOTFS/$HOSTNAME
	180	$UTSNAME
	181	EOF
	182
	183	# fstab
	184
	185	cat <<EOF > $ROOTFS/$FSTAB
	186	tmpfs /dev/shm tmpfs defaults 0 0
	187	EOF
	188
	189	# network
	190
	191	cat <<EOF > $ROOTFS/$INTERFACES
	192	auto eth0 lo
	193	iface eth0 inet static
	194	address $IPV4
	195	netmask 255.255.255.0
	196	broadcast 0.0.0.0
	197	up route add default gw $GATEWAY
	198	iface lo inet loopback
	199	EOF
	200
	201	# create the container object
	202
85cbaa06	203	@BINDIR@/lxc-create -n $NAME -f $CONFFILE
85cbaa06	204	RES=$?
bad69158	205
bad69158	206	# remove the configuration files
bad69158	207	rm -f $CONFFILE
	208	rm -f $MNTFILE
	209
85cbaa06	210	if [ "$RES" != "0" ]; then
	211	echo "Failed to create '$NAME'"
	212	exit 1
	213	fi
	214
bad69158	215	echo "Done."
	216	echo -e "\nYou can run your container with the 'lxc-start -n $NAME'\n"
	217	}
	218
	219	destroy() {
	220
	221	echo -n "What is the name for the container ? [$NAME] "
	222	read _NAME_
	223
	224	if [ ! -z "$_NAME_" ]; then
	225	NAME=$_NAME_
	226	fi
	227
7ad641d5	228	@BINDIR@/lxc-destroy -n $NAME
bad69158	229	RETVAL=$?
	230	if [ ! $RETVAL -eq 0 ]; then
	231	echo "Failed to destroyed '$NAME'"
	232	return $RETVAL;
	233	fi
	234
	235	ROOTFS="./rootfs.$NAME"
	236
	237	echo -n "Shall I remove the rootfs [y/n] ? "
	238	read
	239	if [ "$REPLY" = "y" ]; then
	240	rm -rf $ROOTFS
	241	fi
	242
	243	return 0
	244	}
	245
	246	help() {
	247	cat <<EOF
	248
	249	This script is a helper to create debian system containers.
	250
	251	The script will create the container configuration file following
	252	the informations submitted interactively with 'lxc-debian create'
	253
	254	The first creation will download, with debootstrap, a debian
	255	minimal and store it into a cache.
	256
	257	The script will copy from the cache the root filesystem to the
	258	current directory.
	259
	260	If there is a problem with the container, (bad configuration for
	261	example), you can destroy the container with 'lxc-debian destroy'
	262	but without removing the rootfs and recreate it again with
	263	'lxc-debian create'.
	264
	265	If you want to create another debian container, call the 'lxc-debian
	266	create' again, specifying another name and new parameters.
	267
	268	At any time you can purge the debian cache download by calling
	269	'lxc-debian purge'
	270
	271	Have fun :)
	272
	273	EOF
	274	}
	275
	276	purge() {
	277
	278	if [ ! -e $CACHE ]; then
	279	exit 0
	280	fi
	281
	282	# lock, so we won't purge while someone is creating a repository
	283	(
	284	flock -n -x 200
	285
	286	RES=$?
	287	if [ "$RES" != "0" ]; then
	288	echo "Cache repository is busy."
	289	exit 1
	290	fi
	291
	292	echo -n "Purging the download cache..."
7ad641d5	293	rm --preserve-root --one-file-system -rf $CACHE && echo "Done." \|\| exit 1
bad69158	294	exit 0
	295
	296	) 200>/var/lock/subsys/lxc
	297	}
	298
	299	if [ "$(id -u)" != "0" ]; then
	300	echo "This script should be run as 'root'"
	301	exit 1
	302	fi
	303
	304	case "$1" in
	305	create)
	306	create;;
	307	destroy)
	308	destroy;;
	309	help)
	310	help;;
	311	purge)
	312	purge;;
	313	*)
	314	echo "Usage: $0 {create\|destroy\|purge\|help}"
	315	exit 1;;
	316	esac