]>
git.proxmox.com Git - mirror_lxc.git/blob - templates/lxc-cirros.in
3 # template script for generating ubuntu container for LXC
5 # This script consolidates and extends the existing lxc ubuntu scripts
8 # Copyright © 2013 Canonical Ltd.
9 # Author: Scott Moser <scott.moser@canonical.com>
11 # This program is free software; you can redistribute it and/or modify
12 # it under the terms of the GNU General Public License version 2, as
13 # published by the Free Software Foundation.
15 # This program is distributed in the hope that it will be useful,
16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 # GNU General Public License for more details.
20 # You should have received a copy of the GNU General Public License along
21 # with this program; if not, write to the Free Software Foundation, Inc.,
22 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 # Detect use under userns (unsupported)
25 # Make sure the usual locations are in PATH
26 export PATH
=$PATH:/usr
/sbin
:/usr
/bin
:/sbin
:/bin
29 DOWNLOAD_URL
="http://download.cirros-cloud.net/"
32 ARCHES
=( i386 x86_64 amd64 arm
)
33 STREAMS
=( released devel
)
34 SOURCES
=( nocloud none
)
36 LXC_TEMPLATE_CONFIG
="@LXCTEMPLATECONFIG@"
41 DEF_VERSION
="released"
44 i?
86) DEF_ARCH
="i386";;
45 x86_64
) DEF_ARCH
="x86_64";;
46 arm
*) DEF_ARCH
="arm";;
51 [ -e /proc
/self
/uid_map
] ||
{ echo no
; return; }
52 [ "$(wc -l /proc/self/uid_map | awk '{ print $1 }')" -eq 1 ] ||
{ echo yes; return; }
53 line
=$
(awk '{ print $1 " " $2 " " $3 }' /proc
/self
/uid_map
)
54 [ "$line" = "0 0 4294967295" ] && { echo no
; return; }
59 [ $
(am_in_userns
) = "yes" ] && in_userns
=1
61 # Allow the cache base to be set by environment variable
62 if [ $
(id
-u) -eq 0 ]; then
63 CACHE_D
=${LXC_CACHE_PATH:-"@LOCALSTATEDIR@/cache/lxc/cirros"}
65 CACHE_D
=${LXC_CACHE_PATH:-"$HOME/.cache/lxc/cirros"}
68 error
() { echo "$@" 1>&2; }
70 local needle
="$1" x
=""
73 [ "$needle" = "$x" ] && return 0
82 -a | --arch A architecture to use [${ARCHES[*]}]
84 -h | --help this usage
85 -v | --verbose increase verbosity
86 -S | --auth-key K insert auth key 'K'
87 -v | --version V version [${STREAMS[*]}]
88 default: ${DEF_VERSION}
89 -u | --userdata U user-data file
90 --tarball T read from tarball 'T' rather than downloading
92 --source S insert userdata/metadata via source S
97 bad_Usage
() { Usage
1>&2; [ $# -eq 0 ] || error
"$@"; return 1; }
100 local level
=${1}; shift;
101 [ "${level}" -gt "${VERBOSITY}" ] && return
105 local k
="" v
="" ret
="{"
109 ret
="${ret} \"${k}\": \"$v\","
117 local path
=$1 rootfs
=$2 name
=$3 arch
=$4 release
=$5
118 cat >> "$path/config" <<EOF
119 # Template used to create this container: cirros
121 lxc.rootfs.path = $rootfs
128 lxc.cap.drop = sys_module mac_admin mac_override sys_time
130 # When using LXC with apparmor, uncomment the next line to run unconfined:
131 #lxc.apparmor.profile = unconfined
132 lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
134 lxc.cgroup.devices.deny = a
135 # Allow any mknod (but not using the node)
136 lxc.cgroup.devices.allow = c *:* m
137 lxc.cgroup.devices.allow = b *:* m
139 lxc.cgroup.devices.allow = c 1:3 rwm
140 lxc.cgroup.devices.allow = c 1:5 rwm
142 lxc.cgroup.devices.allow = c 5:1 rwm
143 lxc.cgroup.devices.allow = c 5:0 rwm
145 lxc.cgroup.devices.allow = c 1:9 rwm
146 lxc.cgroup.devices.allow = c 1:8 rwm
147 lxc.cgroup.devices.allow = c 136:* rwm
148 lxc.cgroup.devices.allow = c 5:2 rwm
150 lxc.cgroup.devices.allow = c 254:0 rwm
152 lxc.cgroup.devices.allow = c 10:229 rwm
154 lxc.cgroup.devices.allow = c 10:200 rwm
156 lxc.cgroup.devices.allow = c 1:7 rwm
158 lxc.cgroup.devices.allow = c 10:228 rwm
160 lxc.cgroup.devices.allow = c 10:232 rwm
163 if [ $in_userns -eq 1 ] && [ -e "${LXC_TEMPLATE_CONFIG}/ubuntu-cloud.userns.conf" ]; then
164 echo "lxc.include = ${LXC_TEMPLATE_CONFIG}/ubuntu.userns.conf" >> $path/config
169 insert_ds_nocloud
() {
170 local root_d
="$1" authkey
="$2" udfile
="$3"
171 local sdir
="$root_d/var/lib/cloud/seed/nocloud"
174 { error
"failed to make datasource dir $sdir"; return 1; }
175 rm -f "$sdir/meta-data" "$sdir/user-data" ||
176 { error
"failed to clean old data from $sdir"; return 1; }
179 jsondict
"instance-id=$iid" \
180 ${authkeys:+"public-keys=${authkeys}"} > "$sdir/meta-data" ||
181 { error
"failed to write metadata to $sdir/meta-data"; return 1; }
183 if [ -n "$udfile" ]; then
184 cat "$udfile" > "$sdir/user-data" ||
185 { error
"failed to write user-data to $sdir"; return 1; }
187 rm -f "$sdir/user-data"
192 local dstype
="$1" root_d
="$2" authkey
="$3" udfile
="$4"
194 nocloud
) insert_ds_nocloud
"$root_d" "$authkey" "$udfile"
199 local tarball
="$1" rootfs_d
="$2"
200 mkdir
-p "${rootfs_d}" ||
201 { error
"failed to make rootfs dir ${rootfs_d}"; return 1; }
203 if [ $in_userns -eq 1 ]; then
204 tar -C "${rootfs_d}" --anchored --exclude="dev/*" -Sxzf "${tarball}" ||
205 { error
"failed to populate ${rootfs_d}"; return 1; }
207 tar -C "${rootfs_d}" -Sxzf "${tarball}" ||
208 { error
"failed to populate ${rootfs_d}"; return 1; }
214 local arch
="$1" ver
="$2" cached
="$3" baseurl
="$4"
215 local out
="" outd
="" file="" dlpath
=""
216 file="cirros-$ver-$arch-lxc.tar.gz"
218 outd
="${cached}/${dlpath%/*}"
219 if [ -f "$cached/$dlpath" ]; then
220 _RET
="$cached/$dlpath"
224 mkdir
-p "${outd}" ||
225 { error
"failed to create ${outd}"; return 1; }
227 debug
1 "downloading ${baseurl%/}/$dlpath" to
"${cached}/$dlpath"
228 wget
"${baseurl%/}/$dlpath" -O "$cached/${dlpath}.$$" &&
229 mv "$cached/$dlpath.$$" "$cached/$dlpath" ||
{
230 rm -f "$cached/$dlpath.$$";
231 error
"failed to download $dlpath";
234 _RET
="$cached/$dlpath"
238 local short_opts
="a:hn:p:S:uvV"
239 local long_opts
="arch:,auth-key:,name:,path:,tarball:,userdata:,verbose,version:,rootfs:,mapped-uid:,mapped-gid:"
241 getopt_out
=$
(getopt
--name "${0##*/}" \
242 --options "${short_opts}" --long "${long_opts}" -- "$@") &&
243 eval set -- "${getopt_out}" ||
244 { bad_Usage
; return; }
246 local arch
="${DEF_ARCH}" dsource="${DEF_SOURCE}" version="${DEF_VERSION}"
247 local authkey_f
="" authkeys
="" userdata_f
="" path
="" tarball
=""
251 while [ $# -ne 0 ]; do
254 -a|
--arch) arch
="$next"; shift;;
255 -h|
--help) Usage
; return 0;;
256 -n|
--name) name
="$next"; shift;;
257 -v|
--verbose) VERBOSITY
=$
((${VERBOSITY}+1));;
258 -S|
--auth-key) authkey_f
="$next"; shift;;
259 -p|
--path) path
=$next; shift;;
260 -v|
--version) version
=$next; shift;;
261 -u|
--userdata) userdata_f
="$next"; shift;;
262 --tarball) tarball
="$next"; shift;;
263 --source) dsource
="$next"; shift;;
264 --rootfs) rootfs_d
="$next"; shift;;
265 --mapped-uid) LXC_MAPPED_UID
=$next; shift;;
266 --mapped-gid) LXC_MAPPED_GID
=$next; shift;;
272 [ -n "$rootfs_d" ] || rootfs_d
="$path/rootfs"
273 [ $# -eq 0 ] ||
{ bad_Usage
"unexpected arguments: $*"; return; }
274 [ -n "$path" ] ||
{ error
"'path' parameter is required"; return 1; }
276 if [ "$(id -u)" != "0" ]; then
277 { error
"must be run as root"; return 1; }
282 amd64
) arch
="x86_64";;
285 inargs
"$arch" "${ARCHES[@]}" ||
286 { error
"bad arch '$arch'. allowed: ${ARCHES[*]}"; return 1; }
288 inargs
"$dsource" "${SOURCES[@]}" ||
289 { error
"bad source '$dsource'. allowed: ${SOURCES[*]}"; return 1; }
291 if [ "$dsource" = "none" ] && [ -n "$userdata_f" -o -n "$authkey_f" ]; then
292 error
"userdata and authkey are incompatible with --source=none";
296 if [ -n "$authkey_f" ]; then
297 if [ ! -f "$authkey_f" ]; then
298 error
"--auth-key=${authkey_f} must reference a file"
301 authkeys
=$
(cat "$authkey_f") ||
302 { error
"failed to read ${authkey_f}"; return 1; }
305 if [ -n "$userdata_f" -a ! -f "${userdata_f}" ]; then
306 error
"${userdata_f}: --userdata arg not a file"
310 if [ -z "$tarball" ]; then
311 if inargs
"$version" "${STREAMS[@]}"; then
312 out
=$
(wget
-O - -q "${DOWNLOAD_URL%/}/version/$version") ||
313 { error
"failed to convert 'version=$version'"; return 1; }
316 download_tarball
"$arch" "$version" "${CACHE_D}" "${DOWNLOAD_URL}" ||
321 extract_rootfs
"${tarball}" "${rootfs_d}" ||
return
323 if [ "$version" = "0.3.2~pre1" ]; then
324 debug
1 "fixing console for lxc and '$version'"
325 sed -i 's,^\(#console.* 115200 \)# /dev/console,\1 console,g' \
326 "$rootfs_d/etc/inittab" ||
327 { error
"failed to fix console entry for $version"; return 1; }
330 if [ "$dsource" != "none" ]; then
331 insert_ds
"$dsource" "$path/rootfs" "$authkeys" "$userdata_f" ||
{
332 error
"failed to insert userdata to $path/rootfs"
337 copy_configuration
"$path" "$path/rootfs" "$name" "$arch" "$release"