From 9aad9d12c9625aef9bd9386dc762e6299354b714 Mon Sep 17 00:00:00 2001 From: Alexander Khryukin Date: Wed, 9 Oct 2013 13:55:57 +0400 Subject: [PATCH] Add an OpenMandriva distro lxc-openmandriva template MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Alexander Khryukin Acked-by: Stéphane Graber --- configure.ac | 1 + templates/Makefile.am | 1 + templates/lxc-openmandriva.in | 450 ++++++++++++++++++++++++++++++++++ 3 files changed, 452 insertions(+) create mode 100755 templates/lxc-openmandriva.in diff --git a/configure.ac b/configure.ac index 9f5e833b4..5b9101a96 100644 --- a/configure.ac +++ b/configure.ac @@ -505,6 +505,7 @@ AC_CONFIG_FILES([ templates/lxc-opensuse templates/lxc-busybox templates/lxc-fedora + templates/lxc-openmandriva templates/lxc-oracle templates/lxc-altlinux templates/lxc-sshd diff --git a/templates/Makefile.am b/templates/Makefile.am index e300a471d..499d45b0f 100644 --- a/templates/Makefile.am +++ b/templates/Makefile.am @@ -6,6 +6,7 @@ templates_SCRIPTS = \ lxc-ubuntu-cloud \ lxc-opensuse \ lxc-fedora \ + lxc-openmandriva \ lxc-oracle \ lxc-altlinux \ lxc-busybox \ diff --git a/templates/lxc-openmandriva.in b/templates/lxc-openmandriva.in new file mode 100755 index 000000000..325f6233b --- /dev/null +++ b/templates/lxc-openmandriva.in @@ -0,0 +1,450 @@ +#!/bin/bash + +# +# template script for generating openmandriva container for LXC +# + +# +# lxc: linux Container library + +# Authors: +# Alexander Khryukin +# Vokhmin Alexey V + +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. + +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. + +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +# + +#Configurations +#distro=cooker +hostarch=$(uname -m) +cache_base=@LOCALSTATEDIR@/cache/lxc/openmandriva/$arch +default_path=@LXCPATH@ +default_profile=default +root_password=root +lxc_network_type=veth +lxc_network_link=br0 + +# is this openmandriva? +[ -f /etc/mandriva-release ] && is_openmandriva=true + +configure_openmandriva() +{ +mkdir -p ${rootfs_path}/etc/sysconfig/network-scripts/ + + # configure the network using the dhcp + cat < ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0 +DEVICE=eth0 +ONBOOT=yes +BOOTPROTO=dhcp +NM_CONTROLLED=no +HOSTNAME=${utsname} +EOF + + # set the hostname + cat < ${rootfs_path}/etc/sysconfig/network +NETWORKING=yes +HOSTNAME=${utsname} +EOF + +echo "${utsname}" > ${rootfs_path}/etc/hostname + + # set minimal hosts + cat < $rootfs_path/etc/hosts +127.0.0.1 localhost.localdomain localhost $utsname +::1 localhost6.localdomain6 localhost6 +EOF +} + +populate_dev() +{ + dev_path="${rootfs_path}/dev" + rm -rf $dev_path + mkdir -p $dev_path + mknod -m 666 ${dev_path}/null c 1 3 + mknod -m 666 ${dev_path}/zero c 1 5 + mknod -m 666 ${dev_path}/random c 1 8 + mknod -m 666 ${dev_path}/urandom c 1 9 + mkdir -m 755 ${dev_path}/pts + mkdir -m 1777 ${dev_path}/shm + mknod -m 666 ${dev_path}/tty c 5 0 + mknod -m 666 ${dev_path}/tty0 c 4 0 + mknod -m 666 ${dev_path}/tty1 c 4 1 + mknod -m 666 ${dev_path}/tty2 c 4 2 + mknod -m 666 ${dev_path}/tty3 c 4 3 + mknod -m 666 ${dev_path}/tty4 c 4 4 + mknod -m 600 ${dev_path}/console c 5 1 + mknod -m 666 ${dev_path}/full c 1 7 + mknod -m 600 ${dev_path}/initctl p + mknod -m 666 ${dev_path}/ptmx c 5 2 + mkdir -m 755 ${dev_path}/net + mknod -m 666 ${dev_path}/net/tun c 10 200 + return 0 + +} + +set_guest_root_password() +{ + [[ -z "$root_password" ]] && return # pass is empty, abort + + echo -n " - setting guest root password.." + echo "root passwd is: $root_password" + echo "root:$root_password" | chroot "$rootfs_path" chpasswd + echo "done." +} + +create_chroot_openmandriva() +{ + # check the mini openmandriva was not already downloaded + INSTALL_ROOT=$cache/cache + mkdir -p $INSTALL_ROOT + if [ $? -ne 0 ]; then + echo "Failed to create '$INSTALL_ROOT' directory" + return 1 + fi + # package list to install + PKG_LIST="basesystem-minimal locales locales-en initscripts urpmi cronie dhcp-client" + # download a mini openmandriva into a cache + echo "Downloading openmandriva minimal ..." + #URPMI="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main http://abf.rosalinux.ru/downloads/$distro/repository/$arch/main/release" + URPMI="/usr/sbin/urpmi.addmedia --urpmi-root $INSTALL_ROOT main http://abf.rosalinux.ru/downloads/$release/repository/$arch/main/release" + echo $URPMI + URPMI_BASE="/usr/sbin/urpmi --no-suggests --no-verify-rpm --ignorearch --root $INSTALL_ROOT --urpmi-root $INSTALL_ROOT --auto $PKG_LIST" + $URPMI + $URPMI_BASE + # We're splitting the old loop into two loops plus a directory retrival. + # First loop... Try and retrive a mirror list with retries and a slight + # delay between attempts... + if [ $? -ne 0 ]; then + echo "Failed to download the rootfs, aborting." + return 1 + fi + + mv "$INSTALL_ROOT" "$cache/rootfs" + echo "Download complete." + + return 0 + +} + +copy_openmandriva() +{ + + echo -n "Copying rootfs to $rootfs_path ..." + mkdir -p $rootfs_path + rsync -Ha $cache/rootfs/ $rootfs_path/ + return 0 +} + +update_openmandriva() +{ + echo "automated update in progress..." +# chroot $cache/rootfs urpmi --auto --auto-update +} + +install_openmandriva() +{ + mkdir -p @LOCALSTATEDIR@/lock/subsys/ + ( + flock -x 200 + if [ $? -ne 0 ]; then + echo "Cache repository is busy." + return 1 + fi + + echo "Checking cache download in $cache/rootfs ... " + if [ ! -e "$cache/rootfs" ]; then + echo $cache/rootfs + create_chroot_openmandriva + if [ $? -ne 0 ]; then + echo "Failed to download 'openmandriva basesystem-minimal'" + return 1 + fi + else + echo "Cache found. Updating..." + update_openmandriva + if [ $? -ne 0 ]; then + echo "Failed to update 'openmandriva base', continuing with last known good cache" + else + echo "Update finished" + fi + fi + + echo "Copy $cache/rootfs to $rootfs_path ... " + copy_openmandriva + if [ $? -ne 0 ]; then + echo "Failed to copy rootfs" + return 1 + fi + return 0 + ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva + + return $? +} + +copy_configuration() +{ + + mkdir -p $config_path + grep -q "^lxc.rootfs" $config_path/config 2>/dev/null || echo "lxc.rootfs = $rootfs_path" >> $config_path/config + cat <> $config_path/config +lxc.utsname = $name +lxc.tty = 4 +lxc.pts = 1024 +lxc.mount = $config_path/fstab +lxc.cap.drop = sys_module mac_admin mac_override sys_time + +# When using LXC with apparmor, uncomment the next line to run unconfined: +#lxc.aa_profile = unconfined + +#networking +lxc.network.type = $lxc_network_type +lxc.network.flags = up +lxc.network.link = $lxc_network_link +lxc.network.name = veth0 +lxc.network.mtu = 1500 +EOF +if [ ! -z ${ipv4} ]; then + cat <> $config_path/config +lxc.network.ipv4 = $ipv4 +EOF +fi +if [ ! -z ${gw} ]; then + cat <> $config_path/config +lxc.network.ipv4.gateway = $gw +EOF +fi +if [ ! -z ${ipv6} ]; then + cat <> $config_path/config +lxc.network.ipv6 = $ipv6 +EOF +fi +if [ ! -z ${gw6} ]; then + cat <> $config_path/config +lxc.network.ipv6.gateway = $gw6 +EOF +fi + cat <> $config_path/config +#cgroups +lxc.cgroup.devices.deny = a +# /dev/null and zero +lxc.cgroup.devices.allow = c 1:3 rwm +lxc.cgroup.devices.allow = c 1:5 rwm +# consoles +lxc.cgroup.devices.allow = c 5:1 rwm +lxc.cgroup.devices.allow = c 5:0 rwm +lxc.cgroup.devices.allow = c 4:0 rwm +lxc.cgroup.devices.allow = c 4:1 rwm +# /dev/{,u}random +lxc.cgroup.devices.allow = c 1:9 rwm +lxc.cgroup.devices.allow = c 1:8 rwm +lxc.cgroup.devices.allow = c 136:* rwm +lxc.cgroup.devices.allow = c 5:2 rwm +# rtc +lxc.cgroup.devices.allow = c 10:135 rwm +EOF + + cat < $config_path/fstab +proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0 +sysfs $rootfs_path/sys sysfs defaults 0 0 +EOF + + if [ $? -ne 0 ]; then + echo "Failed to add configuration" + return 1 + fi + + return 0 +} + +clean() +{ + + if [ ! -e $cache ]; then + exit 0 + fi + + # lock, so we won't purge while someone is creating a repository + ( + flock -x 200 + if [ $? != 0 ]; then + echo "Cache repository is busy." + exit 1 + fi + + echo -n "Purging the download cache for OpenMandriva-$release..." + rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1 + exit 0 + ) 200>@LOCALSTATEDIR@/lock/subsys/lxc-openmandriva +} + +usage() +{ + cat < + [-p|--path=] [-c|--clean] [-R|--release=] + [-4|--ipv4=] [-6|--ipv6=] + [-g|--gw=] [-d|--dns=] + [-P|--profile=] [--rootfs=] + [-A|--arch=] + [-h|--help] +Mandatory args: + -n,--name container name, used to as an identifier for that container from now on +Optional args: + -p,--path path to where the container rootfs will be created, defaults to @LXCPATH@. The container config will go under @LXCPATH@ in that case + -c,--clean clean the cache + -R,--release openmandriva2013.0/cooker/rosa2012.1 release for the new container. if the host is OpenMandriva, then it will default to the host's release. + -4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24 + -6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64 + -g,--gw specify the default gw, eg. 192.168.1.1 + -G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596 + -d,--dns specify the DNS server, eg. 192.168.1.2 + -P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache. + -A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl] + ---rootfs rootfs path + -h,--help print this help +EOF + return 0 +} + +options=$(getopt -o hp:n:P:cR:4:6:g:d:A -l help,rootfs:,path:,name:,profile:,clean:,release:,ipv4:,ipv6:,gw:,dns:,arch: -- "$@") +if [ $? -ne 0 ]; then + usage $(basename $0) + exit 1 +fi +eval set -- "$options" + +release=${release:-"cooker"} +if [ -f /etc/lsb-release ]; then + . /etc/lsb-release + if [ "$DISTRIB_ID" = "OpenMandrivaLinux" ]; then + release=openmandriva2013.0 + elif [ "$DISTRIB_ID" = "RosaDesktop.Fresh" ]; then + release=rosa2012.1 + else + echo "This is not an OpenMandriva or ROSA release" + exit 1 + fi +fi + +while true +do + case "$1" in + -h|--help) usage $0 && exit 0;; + -p|--path) path=$2; shift 2;; + --rootfs) rootfs_path=$2; shift 2;; + -n|--name) name=$2; shift 2;; + -P|--profile) profile=$2; shift 2;; + -c|--clean) clean=$2; shift 2;; + -R|--release) release=$2; shift 2;; + -a|--arch) arch=$2; shift 2;; + -4|--ipv4) ipv4=$2; shift 2;; + -6|--ipv6) ipv6=$2; shift 2;; + -g|--gw) gw=$2; shift 2;; + -d|--dns) dns=$2; shift 2;; + --) shift 1; break ;; + *) break ;; + esac +done + +arch=${arch:-$hostarch} + +if [ ! -z "$clean" -a -z "$path" ]; then + clean || exit 1 + exit 0 +fi + +type urpmi >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "'urpmi' command is missing" + exit 1 +fi + +if [ -z "$path" ]; then + path=$default_path +fi + +if [ -z "$profile" ]; then + profile=$default_profile +fi + +if [ $hostarch = "i586" -a $arch = "x86_64" ]; then + echo "can't create x86_64 container on i586" + exit 1 +fi + +if [ -z "$ipv4" -a -z "$ipv6" ]; then + BOOTPROTO="dhcp" +else + BOOTPROTO="static" +fi + +if [ "$(id -u)" != "0" ]; then + echo "This script should be run as 'root'" + exit 1 +fi + +# check for 'lxc.rootfs' passed in through default config by lxc-create +if [ -z "$rootfs_path" ]; then + if grep -q '^lxc.rootfs' $path/config 2>/dev/null ; then + rootfs_path=`grep 'lxc.rootfs =' $path/config | awk -F= '{ print $2 }'` + else + rootfs_path=$path/$name/rootfs + fi +fi + +config_path=$default_path/$name +cache=$cache_base/$release/$profile + +if [ ! -f $config_path/config ]; then + echo "A container with that name exists, chose a different name" + exit 1 +fi + +install_openmandriva +if [ $? -ne 0 ]; then + echo "failed to install openmandriva" + exit 1 +fi + +configure_openmandriva +if [ $? -ne 0 ]; then + echo "failed to configure openmandriva for a container" + exit 1 +fi + +populate_dev +if [ $? -ne 0 ]; then + echo "failed to populated /dev/ devices" + exit 1 +fi + +set_guest_root_password +if [ $? -ne 0 ]; then + echo "failed to configure password for chroot" + exit 1 +fi + +copy_configuration +if [ $? -ne 0 ]; then + echo "failed write configuration file" + exit 1 +fi + +if [ ! -z $clean ]; then + clean || exit 1 + exit 0 +fi +echo "container rootfs and config created" -- 2.39.2