kameleon-builder 2.0.0.dev
Sign up to get free protection for your applications and to get access to all the features.
- data/.editorconfig +23 -0
- data/.env +51 -0
- data/.gitignore +22 -0
- data/AUTHORS +19 -0
- data/CHANGELOG +36 -0
- data/COPYING +340 -0
- data/Gemfile +4 -0
- data/README.md +53 -0
- data/Rakefile +24 -0
- data/Vagrantfile +68 -0
- data/bin/kameleon +16 -0
- data/contrib/kameleon_bashrc.sh +138 -0
- data/contrib/scripts/VirtualBox_deploy.sh +12 -0
- data/contrib/scripts/chroot_env +9 -0
- data/contrib/scripts/create_passwd.py +17 -0
- data/contrib/scripts/umount-chroot.sh +290 -0
- data/contrib/steps/bootstrap/debian/bootstrap_if_needed.yaml +47 -0
- data/contrib/steps/bootstrap/debian/bootstrap_static.yaml +38 -0
- data/contrib/steps/setup/add_timestamp.yaml +6 -0
- data/contrib/steps/setup/autologin.yaml +16 -0
- data/contrib/steps/setup/copy_ssh_auth_file.yaml +10 -0
- data/contrib/steps/setup/debian/add_network_interface.yaml +7 -0
- data/contrib/steps/setup/debian/cluster_tools_install.yaml +16 -0
- data/contrib/steps/setup/debian/network_config_static.yaml +17 -0
- data/contrib/steps/setup/generate_user_ssh_key.yaml +15 -0
- data/contrib/steps/setup/install_my_ssh_key.yaml +26 -0
- data/contrib/steps/setup/make_swap_file.yaml +9 -0
- data/contrib/steps/setup/root_ssh_config.yaml +18 -0
- data/contrib/steps/setup/set_user_password.yaml +7 -0
- data/contrib/steps/setup/system_optimization.yaml +8 -0
- data/docs/.gitignore +1 -0
- data/docs/Makefile +177 -0
- data/docs/make.bat +242 -0
- data/docs/source/_static/.gitignore +0 -0
- data/docs/source/aliases.rst +29 -0
- data/docs/source/checkpoint.rst +28 -0
- data/docs/source/cli.rst +3 -0
- data/docs/source/commands.rst +62 -0
- data/docs/source/conf.py +254 -0
- data/docs/source/context.rst +42 -0
- data/docs/source/faq.rst +3 -0
- data/docs/source/getting_started.rst +3 -0
- data/docs/source/index.rst +38 -0
- data/docs/source/installation.rst +3 -0
- data/docs/source/recipe.rst +256 -0
- data/docs/source/why.rst +3 -0
- data/docs/source/workspace.rst +11 -0
- data/kameleon-builder.gemspec +37 -0
- data/lib/kameleon.rb +75 -0
- data/lib/kameleon/cli.rb +176 -0
- data/lib/kameleon/context.rb +83 -0
- data/lib/kameleon/engine.rb +357 -0
- data/lib/kameleon/environment.rb +38 -0
- data/lib/kameleon/error.rb +51 -0
- data/lib/kameleon/logger.rb +53 -0
- data/lib/kameleon/recipe.rb +474 -0
- data/lib/kameleon/shell.rb +290 -0
- data/lib/kameleon/step.rb +213 -0
- data/lib/kameleon/utils.rb +45 -0
- data/lib/kameleon/version.rb +3 -0
- data/templates/COPYRIGHT +21 -0
- data/templates/aliases/defaults.yaml +83 -0
- data/templates/checkpoints/docker.yaml +14 -0
- data/templates/checkpoints/qcow2.yaml +44 -0
- data/templates/debian-wheezy-chroot.yaml +98 -0
- data/templates/debian-wheezy-docker.yaml +97 -0
- data/templates/fedora-docker.yaml +96 -0
- data/templates/steps/bootstrap/debian/debootstrap.yaml +13 -0
- data/templates/steps/bootstrap/fedora/docker_bootstrap.yaml +25 -0
- data/templates/steps/bootstrap/fedora/yum_bootstrap.yaml +22 -0
- data/templates/steps/bootstrap/prepare_appliance_with_nbd.yaml +93 -0
- data/templates/steps/bootstrap/prepare_docker.yaml +38 -0
- data/templates/steps/bootstrap/start_chroot.yaml +53 -0
- data/templates/steps/bootstrap/start_docker.yaml +12 -0
- data/templates/steps/export/build_appliance_from_docker.yaml +105 -0
- data/templates/steps/export/clean_appliance.yaml +3 -0
- data/templates/steps/export/save_appliance_from_nbd.yaml +54 -0
- data/templates/steps/setup/create_user.yaml +12 -0
- data/templates/steps/setup/debian/kernel_install.yaml +20 -0
- data/templates/steps/setup/debian/keyboard_config.yaml +10 -0
- data/templates/steps/setup/debian/network_config.yaml +30 -0
- data/templates/steps/setup/debian/software_install.yaml +15 -0
- data/templates/steps/setup/debian/system_config.yaml +12 -0
- data/templates/steps/setup/fedora/kernel_install.yaml +27 -0
- data/templates/steps/setup/fedora/software_install.yaml +10 -0
- data/tests/helper.rb +22 -0
- data/tests/recipes/dummy_recipe.yaml +48 -0
- data/tests/recipes/steps/bootstrap/dummy_distro/dummy_bootstrap_static.yaml +4 -0
- data/tests/recipes/steps/export/dummy_save_appliance.yaml +9 -0
- data/tests/recipes/steps/setup/default/dummy_root_passwd.yaml +8 -0
- data/tests/recipes/steps/setup/dummy_distro/dummy_software_install.yaml +7 -0
- data/tests/test_context.rb +16 -0
- data/tests/test_recipe.rb +15 -0
- data/tests/test_version.rb +9 -0
- metadata +300 -0
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# # Bootstrap
|
|
2
|
+
- include: >
|
|
3
|
+
ifupdown locales libui-dialog-perl dialog isc-dhcp-client netbase
|
|
4
|
+
net-tools iproute acpid openssh-server pciutils
|
|
5
|
+
- debootstrap:
|
|
6
|
+
- check_cmd_out: debootstrap
|
|
7
|
+
- exec_out: mkdir -p $(dirname "$$rootfs_archive")
|
|
8
|
+
- exec_out: ROOTFS=$(dirname "$$rootfs_archive")/rootfs
|
|
9
|
+
- exec_out: mkdir -p $ROOTFS
|
|
10
|
+
- exec_out: test -f "$$rootfs_archive" || debootstrap --no-check-gpg --arch=$$arch --include="$$include" $$release $ROOTFS $$repository
|
|
11
|
+
- exec_out: test -f "$$rootfs_archive" || cat /etc/resolv.conf > $ROOTFS/etc/resolv.conf
|
|
12
|
+
- exec_out: test -f "$$rootfs_archive" || tar zcf "$$rootfs_archive" -C "$ROOTFS" --numeric-owner --one-file-system .
|
|
13
|
+
- exec_out: test -f "$$rootfs_archive" || rm -rf $ROOTFS
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# # Bootstrap
|
|
2
|
+
- repository: mattdm/fedora
|
|
3
|
+
- rootfs: rootfs
|
|
4
|
+
- include: >
|
|
5
|
+
yum initscripts passwd rsyslog vim-minimal dhclient chkconfig rootfiles openssh-server
|
|
6
|
+
policycoreutils fedora-release openssh-server net-tools nc traceroute
|
|
7
|
+
- create_rootfs:
|
|
8
|
+
- exec_out: test -f "$$rootfs_archive" || mkdir -p $(dirname "$$rootfs_archive")
|
|
9
|
+
- exec_out: test -f "$$rootfs_archive" || echo "Pulling image from '$$repository'"
|
|
10
|
+
- exec_out: test -f "$$rootfs_archive" || docker pull -t f$$release $$repository > /dev/null
|
|
11
|
+
- exec_out: |
|
|
12
|
+
echo "Installing core packages : $$include"
|
|
13
|
+
if [ ! -f "$$rootfs_archive" ]
|
|
14
|
+
then
|
|
15
|
+
BASE_CID=$(docker run --dns $$dns -d $$repository:f$${release} \
|
|
16
|
+
bash -c "yum -y --nogpgcheck update ; \
|
|
17
|
+
yum -y --nogpgcheck install $$include ; \
|
|
18
|
+
/usr/bin/ssh-keygen -A")
|
|
19
|
+
fi
|
|
20
|
+
- exec_out: test -f "$$rootfs_archive" || bash -c "exit $(docker wait $BASE_CID)"
|
|
21
|
+
- exec_out: test -f "$$rootfs_archive" || docker export $BASE_CID > "$$rootfs_archive"
|
|
22
|
+
- on_bootstrap_clean:
|
|
23
|
+
- exec_out: test -f "$$rootfs_archive" || docker kill "$BASE_CID"
|
|
24
|
+
- exec_out: test -f "$$rootfs_archive" || docker rm "$BASE_CID"
|
|
25
|
+
- exec_out: test -f "$$rootfs_archive" || docker rmi $$repository
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
# # Bootstrap
|
|
2
|
+
- include: >
|
|
3
|
+
yum initscripts passwd rsyslog vim-minimal dhclient chkconfig rootfiles
|
|
4
|
+
policycoreutils fedora-release openssh-server net-tools nc traceroute
|
|
5
|
+
- bootstrap_fedora:
|
|
6
|
+
- check_cmd_out: yum
|
|
7
|
+
- check_cmd_out: curl
|
|
8
|
+
- exec_out: test -f "$$rootfs_archive" || mkdir -p $(dirname "$$rootfs_archive")
|
|
9
|
+
- exec_out: test -f "$$rootfs_archive" || ROOTFS=$(dirname "$$rootfs_archive")/rootfs
|
|
10
|
+
- exec_out: test -f "$$rootfs_archive" || mkdir -p $ROOTFS
|
|
11
|
+
- exec_out: test -f "$$rootfs_archive" || echo "Fetching release mirror"
|
|
12
|
+
- exec_out: test -f "$$rootfs_archive" || MIRROR_URL=$(curl -s -S -f "$$mirrorlist_url" | head -n2 | tail -n1)
|
|
13
|
+
- exec_out: test -f "$$rootfs_archive" || RELEASE_URL="$MIRROR_URL/Packages/f/fedora-release-$${release}-1.noarch.rpm"
|
|
14
|
+
- exec_out: test -f "$$rootfs_archive" || echo "Fetching from $RELEASE_URL"
|
|
15
|
+
- exec_out: test -f "$$rootfs_archive" || curl -sf "$RELEASE_URL" > "$(basename $RELEASE_URL)" 2> /dev/null
|
|
16
|
+
- exec_out: test -f "$$rootfs_archive" || mkdir -p $ROOTFS/var/lib/rpm
|
|
17
|
+
- exec_out: test -f "$$rootfs_archive" || rpm --root $ROOTFS --initdb
|
|
18
|
+
- exec_out: test -f "$$rootfs_archive" || rpm --root $ROOTFS -ivh "$(basename $RELEASE_URL)"
|
|
19
|
+
- exec_out: test -f "$$rootfs_archive" || yum --installroot $ROOTFS -y --nogpgcheck install $$include
|
|
20
|
+
- exec_out: test -f "$$rootfs_archive" || cat /etc/resolv.conf > $ROOTFS/etc/resolv.conf
|
|
21
|
+
- exec_out: test -f "$$rootfs_archive" || tar zcf "$$rootfs_archive" -C "$ROOTFS" --numeric-owner --one-file-system .
|
|
22
|
+
- exec_out: test -f "$$rootfs_archive" || rm -fr $ROOTFS
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# Prepare Appliance
|
|
2
|
+
- nbd_device: /dev/nbd0
|
|
3
|
+
|
|
4
|
+
- create_raw_image:
|
|
5
|
+
- check_cmd_out: qemu-img
|
|
6
|
+
- exec_out: mkdir -p checkpoints
|
|
7
|
+
- exec_out: |
|
|
8
|
+
if [ ! -e "$$container" ] ; then
|
|
9
|
+
qemu-img create -f qcow2 checkpoints/base_$$container $$image_size
|
|
10
|
+
ln -sf checkpoints/base_$$container $$container
|
|
11
|
+
fi
|
|
12
|
+
|
|
13
|
+
- load_nbd_module:
|
|
14
|
+
- on_bootstrap_init:
|
|
15
|
+
- exec_out: |
|
|
16
|
+
lsmod | grep nbd >/dev/null \
|
|
17
|
+
|| modprobe nbd max_part=63 \
|
|
18
|
+
|| fail failed to load nbd module into kernel
|
|
19
|
+
|
|
20
|
+
- attach_nbd_device:
|
|
21
|
+
- on_checkpoint: skip
|
|
22
|
+
- check_cmd_out: qemu-nbd
|
|
23
|
+
- exec_out: echo Connecting $$container to nbd device $$nbd_device
|
|
24
|
+
- exec_out: qemu-nbd -c $$nbd_device "$(readlink $$container)" -n || fail nbd device $$container is unavailable
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
- detach_nbd_device:
|
|
28
|
+
- on_checkpoint: redo
|
|
29
|
+
- on_export_clean:
|
|
30
|
+
- exec_out: echo "sync" ; sync
|
|
31
|
+
- exec_out: qemu-nbd -d $$nbd_device
|
|
32
|
+
- exec_out: "pgrep qemu-nbd | xargs -I {} kill -9 {} || true"
|
|
33
|
+
|
|
34
|
+
- partition_disk:
|
|
35
|
+
- check_cmd_out: sfdisk
|
|
36
|
+
- exec_out: |
|
|
37
|
+
echo "Partitioning disk..."
|
|
38
|
+
sfdisk $${nbd_device} -q -D -uM --force --no-reread <<< '
|
|
39
|
+
,200,83,*
|
|
40
|
+
;
|
|
41
|
+
' 2>&1 || fail cannot partition $$container
|
|
42
|
+
- exec_out: |
|
|
43
|
+
echo Creating boot partition...
|
|
44
|
+
mkfs.$$filesystem_type -q $${nbd_device}p1 || fail cannot create /boot ext4
|
|
45
|
+
- exec_out: |
|
|
46
|
+
echo Creating root partition...
|
|
47
|
+
mkfs.$$filesystem_type -q $${nbd_device}p2 || fail cannot create / ext4
|
|
48
|
+
|
|
49
|
+
- mount_mountdir:
|
|
50
|
+
- on_checkpoint: redo
|
|
51
|
+
- exec_out: mkdir -p $$mountdir
|
|
52
|
+
- exec_out: "echo Mounting root partition... ; mount $${nbd_device}p2 $$mountdir || fail cannot mount /"
|
|
53
|
+
- on_export_clean:
|
|
54
|
+
- exec_out: "echo try umount $$mountdir... ; mountpoint -q $$mountdir && umount -f -l $$mountdir || true"
|
|
55
|
+
- exec_out: "test -d $$mountdir && rmdir $$mountdir || true"
|
|
56
|
+
- exec_out: mkdir -p $$mountdir/boot
|
|
57
|
+
- exec_out: "echo Mounting boot partition... ; mount $${nbd_device}p1 $$mountdir/boot || fail cannot mount /boot"
|
|
58
|
+
- on_export_clean:
|
|
59
|
+
- exec_out: "echo try umount $$mountdir/boot... ; mountpoint -q $$mountdir/boot && umount -f -l $$mountdir/boot || true"
|
|
60
|
+
- exec_out: "test -d $$mountdir/boot && rmdir $$mountdir/boot || true"
|
|
61
|
+
|
|
62
|
+
- copy_rootfs:
|
|
63
|
+
- exec_out: tar -xf $$rootfs_archive -C $$mountdir
|
|
64
|
+
- exec_out: echo "sync..." ; sync
|
|
65
|
+
|
|
66
|
+
- create_fstab:
|
|
67
|
+
- write_out:
|
|
68
|
+
- $$mountdir/etc/fstab
|
|
69
|
+
- |
|
|
70
|
+
# /etc/fstab: static file system information.
|
|
71
|
+
#
|
|
72
|
+
# Use 'blkid' to print the universally unique identifier for a
|
|
73
|
+
# device; this may be used with UUID= as a more robust way to name devices
|
|
74
|
+
# that works even if disks are added and removed. See fstab(5).
|
|
75
|
+
#
|
|
76
|
+
# <file system> <mount point> <type> <options> <dump> <pass>
|
|
77
|
+
UUID=`blkid -s UUID -o value $${nbd_device}p2` / $$filesystem_type errors=remount-ro 0 1
|
|
78
|
+
UUID=`blkid -s UUID -o value $${nbd_device}p1` /boot $$filesystem_type sync 0 2
|
|
79
|
+
|
|
80
|
+
|
|
81
|
+
- install_bootloader:
|
|
82
|
+
- on_export_init:
|
|
83
|
+
- exec_in: extlinux-install $$nbd_device 2>&1
|
|
84
|
+
- write_in:
|
|
85
|
+
- /boot/extlinux/extlinux.conf
|
|
86
|
+
- |
|
|
87
|
+
default linux
|
|
88
|
+
timeout 1
|
|
89
|
+
|
|
90
|
+
label linux
|
|
91
|
+
kernel ../`basename /boot/vmlinuz*`
|
|
92
|
+
append initrd=../`basename /boot/init*` root=UUID=`blkid -s UUID -o value $${nbd_device}p2` ro
|
|
93
|
+
- exec_out: echo " sync..." ; sync
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
|
|
2
|
+
- clean_containers:
|
|
3
|
+
- on_checkpoint: redo
|
|
4
|
+
- on_export_clean:
|
|
5
|
+
- exec_out: echo "Stopping trailing containers"
|
|
6
|
+
- exec_out: touch CONTAINERS_TO_CLEAN
|
|
7
|
+
- exec_out: cat CONTAINERS_TO_CLEAN | xargs -I {} docker kill {}
|
|
8
|
+
- exec_out: echo "Removing trailing containers"
|
|
9
|
+
- exec_out: cat CONTAINERS_TO_CLEAN | xargs -I {} docker rm {}
|
|
10
|
+
- exec_out: rm -f CONTAINERS_TO_CLEAN
|
|
11
|
+
|
|
12
|
+
- import_rootfs:
|
|
13
|
+
- exec_out: |
|
|
14
|
+
docker images | grep -q $$image \
|
|
15
|
+
|| (echo "Importing $$image to docker..." && cat "$$rootfs_archive"\
|
|
16
|
+
| docker import - $$image \
|
|
17
|
+
| xargs -I {} docker tag {} $$image:base)
|
|
18
|
+
- exec_out: docker tag $$image:base $$image:latest
|
|
19
|
+
|
|
20
|
+
- configure_sshd:
|
|
21
|
+
- on_checkpoint: redo
|
|
22
|
+
- exec_out: echo -e 'y\n' | ssh-keygen -q -t dsa -f $$insecure_ssh_key -N ''
|
|
23
|
+
- exec_out: chmod 600 $$insecure_ssh_key*
|
|
24
|
+
- exec_out: |
|
|
25
|
+
CID=$(docker run --dns $$dns -d -v "$(pwd):/tmp" $$image:latest \
|
|
26
|
+
/bin/bash -c "rm -fr /root/.ssh ; \
|
|
27
|
+
mkdir -p /root/.ssh ; \
|
|
28
|
+
ssh-keygen -q -t dsa -f /root/.ssh/id_dsa -N '' ; \
|
|
29
|
+
cat /tmp/$${insecure_ssh_key}.pub > /root/.ssh/authorized_keys")
|
|
30
|
+
- exec_out: bash -c "exit $(docker wait $CID)"
|
|
31
|
+
- exec_out: echo "$CID" >> CONTAINERS_TO_CLEAN
|
|
32
|
+
- exec_out: |
|
|
33
|
+
docker images | grep $$image \
|
|
34
|
+
| grep sshd \
|
|
35
|
+
| awk '{print $3}' \
|
|
36
|
+
| xargs -I {} docker rmi {}
|
|
37
|
+
- exec_out: docker commit $CID $$image:sshd > /dev/null
|
|
38
|
+
- exec_out: docker tag $$image:sshd $$image:latest
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
# # Bootstrap
|
|
2
|
+
- mount_chroot:
|
|
3
|
+
- on_checkpoint: redo
|
|
4
|
+
- check_cmd_out: chroot
|
|
5
|
+
- exec_out: mount -o bind /dev $$rootfs/dev
|
|
6
|
+
- exec_out: mount -o bind /dev/pts $$rootfs/dev/pts
|
|
7
|
+
- exec_out: mount -t proc /proc $$rootfs/proc
|
|
8
|
+
- exec_out: mount -t sysfs /sys $$rootfs/sys
|
|
9
|
+
- exec_out: test -f $$rootfs/etc/mtab || cat /proc/mounts > $$rootfs/etc/mtab
|
|
10
|
+
- on_export_clean:
|
|
11
|
+
- exec_out: echo try umount $$rootfs/sys... ; mountpoint -q $$rootfs/sys && umount -f -l $$rootfs/sys || true
|
|
12
|
+
- exec_out: echo try umount $$rootfs/proc... ; mountpoint -q $$rootfs/proc && umount -f -l $$rootfs/proc || true
|
|
13
|
+
- exec_out: echo try umount $$rootfs/dev/pts... ; mountpoint -q $$rootfs/dev/pts && umount -f -l $$rootfs/dev/pts || true
|
|
14
|
+
- exec_out: echo try umount $$rootfs/dev... ; mountpoint -q $$rootfs/dev && umount -f -l $$rootfs/dev || true
|
|
15
|
+
|
|
16
|
+
- cpuset_base_name: /dev/cpuset
|
|
17
|
+
- cpuset_name: kameleon
|
|
18
|
+
|
|
19
|
+
- init_cpuset:
|
|
20
|
+
- on_checkpoint: redo
|
|
21
|
+
- on_setup_init:
|
|
22
|
+
- exec_in: |
|
|
23
|
+
if [ ! -f $$cpuset_base_name/cpus ]; then
|
|
24
|
+
mkdir -p /dev/cpuset
|
|
25
|
+
mount -t cgroup -o cpuset none /dev/cpuset
|
|
26
|
+
fi
|
|
27
|
+
if [ ! -d $$cpuset_base_name/$$cpuset_name ]; then
|
|
28
|
+
mkdir $$cpuset_base_name/$$cpuset_name
|
|
29
|
+
fi
|
|
30
|
+
- exec_in: echo 0 > $$cpuset_base_name/$$cpuset_name/cpuset.cpus
|
|
31
|
+
- exec_in: echo 0 > $$cpuset_base_name/$$cpuset_name/cpuset.mems
|
|
32
|
+
- exec_in: echo $$ > $$cpuset_base_name/$$cpuset_name/tasks
|
|
33
|
+
|
|
34
|
+
- clean_cpuset:
|
|
35
|
+
- on_checkpoint: redo
|
|
36
|
+
- on_export_clean:
|
|
37
|
+
- exec_out: CPUSET_DIR="$$rootfs/$$cpuset_base_name"
|
|
38
|
+
- exec_out: |
|
|
39
|
+
if [ -f $CPUSET_DIR/$$cpuset_name/tasks ]; then
|
|
40
|
+
for pid in `cat $CPUSET_DIR/$$cpuset_name/tasks`; do
|
|
41
|
+
kill -9 $pid
|
|
42
|
+
done
|
|
43
|
+
echo "Waiting for all processes of the in context to terminate..."
|
|
44
|
+
while [ ! -z "$(cat $CPUSET_DIR/$$cpuset_name/tasks)" ]; do
|
|
45
|
+
sleep .2
|
|
46
|
+
done
|
|
47
|
+
sleep .2
|
|
48
|
+
echo > $CPUSET_DIR/$$cpuset_name/cpuset.cpus
|
|
49
|
+
echo > $CPUSET_DIR/$$cpuset_name/cpuset.mems
|
|
50
|
+
rmdir $CPUSET_DIR/$$cpuset_name
|
|
51
|
+
fi
|
|
52
|
+
- exec_out: echo try umount $CPUSET_DIR... ; mountpoint -q $CPUSET_DIR && umount -f -l $CPUSET_DIR || true
|
|
53
|
+
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
- start_sshd:
|
|
2
|
+
- on_checkpoint: redo
|
|
3
|
+
- exec_out: |
|
|
4
|
+
CID=$(docker run -d -p 22 -i --dns $$dns -h $$hostname -privileged "$$image:latest" \
|
|
5
|
+
/bin/bash -c "mkdir /var/run/sshd ; /usr/sbin/sshd -D")
|
|
6
|
+
- exec_out: echo "$CID" >> CONTAINERS_TO_CLEAN
|
|
7
|
+
- exec_out: echo $CID > MAIN_CONTAINER_ID
|
|
8
|
+
- on_export_clean:
|
|
9
|
+
- exec_out: rm -f MAIN_CONTAINER_ID
|
|
10
|
+
- exec_out: echo $(docker port $CID 22) | cut -d':' -f2 > MAIN_CONTAINER_PORT
|
|
11
|
+
- on_export_clean:
|
|
12
|
+
- exec_out: rm -f MAIN_CONTAINER_PORT
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
- nbd_device: /dev/nbd1
|
|
2
|
+
|
|
3
|
+
- export_targz:
|
|
4
|
+
- on_export_init:
|
|
5
|
+
- exec_out: echo "Exporting the rootfs..."
|
|
6
|
+
- exec_out: docker export $(cat MAIN_CONTAINER_ID) > $$filename.tar.gz
|
|
7
|
+
|
|
8
|
+
- create_raw_image:
|
|
9
|
+
- check_cmd_out: qemu-img
|
|
10
|
+
- exec_out: bash -c "qemu-img create -f $$format $$filename.$$format $$image_size"
|
|
11
|
+
|
|
12
|
+
- load_nbd_module:
|
|
13
|
+
- on_bootstrap_init:
|
|
14
|
+
- exec_out: |
|
|
15
|
+
lsmod | grep nbd >/dev/null \
|
|
16
|
+
|| modprobe nbd max_part=63 \
|
|
17
|
+
|| fail failed to load nbd module into kernel
|
|
18
|
+
|
|
19
|
+
- attach_nbd_device:
|
|
20
|
+
- on_checkpoint: redo
|
|
21
|
+
- check_cmd_out: qemu-nbd
|
|
22
|
+
- exec_out: echo Connecting $$filename.$$format to nbd device $$nbd_device
|
|
23
|
+
- exec_out: qemu-nbd -c $$nbd_device $$filename.$$format || fail nbd device $$filename.$$format is unavailable
|
|
24
|
+
- on_export_clean:
|
|
25
|
+
- exec_out: echo "sync" ; sync
|
|
26
|
+
- exec_out: qemu-nbd -d $$nbd_device
|
|
27
|
+
- exec_out: "pgrep qemu-nbd | xargs -I {} kill -9 {} || true"
|
|
28
|
+
|
|
29
|
+
- partition_disk:
|
|
30
|
+
- check_cmd_out: sfdisk
|
|
31
|
+
- exec_out: |
|
|
32
|
+
echo "Partitioning disk..."
|
|
33
|
+
sfdisk $${nbd_device} -q -D -uM --force --no-reread <<< '
|
|
34
|
+
,200,83,*
|
|
35
|
+
;
|
|
36
|
+
' 2>&1 || fail cannot partition $$filename.$$format
|
|
37
|
+
- exec_out: |
|
|
38
|
+
echo Creating boot partition...
|
|
39
|
+
mkfs.$$filesystem_type -q $${nbd_device}p1 || fail cannot create /boot ext4
|
|
40
|
+
- exec_out: |
|
|
41
|
+
echo Creating root partition...
|
|
42
|
+
mkfs.$$filesystem_type -q $${nbd_device}p2 || fail cannot create / ext4
|
|
43
|
+
|
|
44
|
+
- mount_mountdir:
|
|
45
|
+
- on_checkpoint: redo
|
|
46
|
+
- exec_out: mkdir -p $$mountdir
|
|
47
|
+
- exec_out: "echo Mounting root partition... ; mount $${nbd_device}p2 $$mountdir || fail cannot mount /"
|
|
48
|
+
- on_export_clean:
|
|
49
|
+
- exec_out: "echo try umount $$mountdir... ; mountpoint -q $$mountdir && umount -f -l $$mountdir || true"
|
|
50
|
+
- exec_out: "test -d $$mountdir && rmdir $$mountdir || true"
|
|
51
|
+
- exec_out: mkdir -p $$mountdir/boot
|
|
52
|
+
- exec_out: "echo Mounting boot partition... ; mount $${nbd_device}p1 $$mountdir/boot || fail cannot mount /boot"
|
|
53
|
+
- on_export_clean:
|
|
54
|
+
- exec_out: "echo try umount $$mountdir/boot... ; mountpoint -q $$mountdir/boot && umount -f -l $$mountdir/boot || true"
|
|
55
|
+
- exec_out: "test -d $$mountdir/boot && rmdir $$mountdir/boot || true"
|
|
56
|
+
|
|
57
|
+
- copy_rootfs:
|
|
58
|
+
- exec_out: echo "Copying the rootfs to $$mountdir..."
|
|
59
|
+
- exec_out: tar -xf $$filename.tar.gz -C $$mountdir
|
|
60
|
+
- exec_out: rm -f $$mountdir/.dockerinit
|
|
61
|
+
- exec_out: rm -f $$mountdir/.dockerenv
|
|
62
|
+
- exec_out: echo "sync..." ; sync
|
|
63
|
+
|
|
64
|
+
- create_fstab:
|
|
65
|
+
- write_out:
|
|
66
|
+
- $$mountdir/etc/fstab
|
|
67
|
+
- |
|
|
68
|
+
# /etc/fstab: static file system information.
|
|
69
|
+
#
|
|
70
|
+
# Use 'blkid' to print the universally unique identifier for a
|
|
71
|
+
# device; this may be used with UUID= as a more robust way to name devices
|
|
72
|
+
# that works even if disks are added and removed. See fstab(5).
|
|
73
|
+
#
|
|
74
|
+
# <file system> <mount point> <type> <options> <dump> <pass>
|
|
75
|
+
UUID=`blkid -s UUID -o value $${nbd_device}p2` / $$filesystem_type errors=remount-ro 0 1
|
|
76
|
+
UUID=`blkid -s UUID -o value $${nbd_device}p1` /boot $$filesystem_type sync 0 2
|
|
77
|
+
- exec_out: echo "sync..." ; sync
|
|
78
|
+
|
|
79
|
+
- mount_chroot:
|
|
80
|
+
- on_checkpoint: redo
|
|
81
|
+
- check_cmd_out: chroot
|
|
82
|
+
- exec_out: mount -o bind /dev $$mountdir/dev
|
|
83
|
+
- exec_out: mount -o bind /dev/pts $$mountdir/dev/pts
|
|
84
|
+
- exec_out: mount -t proc /proc $$mountdir/proc
|
|
85
|
+
- exec_out: mount -t sysfs /sys $$mountdir/sys
|
|
86
|
+
- exec_out: test -f $$mountdir/etc/mtab || cat /proc/mounts > $$mountdir/etc/mtab
|
|
87
|
+
- on_export_clean:
|
|
88
|
+
- exec_out: echo try umount $$mountdir/sys... ; mountpoint -q $$mountdir/sys && umount -f -l $$mountdir/sys || true
|
|
89
|
+
- exec_out: echo try umount $$mountdir/proc... ; mountpoint -q $$mountdir/proc && umount -f -l $$mountdir/proc || true
|
|
90
|
+
- exec_out: echo try umount $$mountdir/dev/pts... ; mountpoint -q $$mountdir/dev/pts && umount -f -l $$mountdir/dev/pts || true
|
|
91
|
+
- exec_out: echo try umount $$mountdir/dev... ; mountpoint -q $$mountdir/dev && umount -f -l $$mountdir/dev || true
|
|
92
|
+
|
|
93
|
+
- install_bootloader:
|
|
94
|
+
- check_cmd_out: extlinux-install
|
|
95
|
+
- exec_out: chroot $$mountdir extlinux-install $$nbd_device 2>&1
|
|
96
|
+
- write_out:
|
|
97
|
+
- $$mountdir/boot/extlinux/extlinux.conf
|
|
98
|
+
- |
|
|
99
|
+
default linux
|
|
100
|
+
timeout 1
|
|
101
|
+
|
|
102
|
+
label linux
|
|
103
|
+
kernel ../`basename $$mountdir/boot/vmlinuz*`
|
|
104
|
+
append initrd=../`basename $$mountdir/boot/init*` root=UUID=`blkid -s UUID -o value $${nbd_device}p2` ro
|
|
105
|
+
- exec_out: echo "sync..." ; sync
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
# # Save Chroot Appliance
|
|
2
|
+
- save_as_tgz:
|
|
3
|
+
- exec_out: echo "sync..." ; sync
|
|
4
|
+
- in2out:
|
|
5
|
+
- /etc/fstab
|
|
6
|
+
- ./fstab.bak
|
|
7
|
+
- on_clean:
|
|
8
|
+
- exec_out: rm -f ./fstab.bak
|
|
9
|
+
- write_in:
|
|
10
|
+
- /etc/fstab
|
|
11
|
+
- |
|
|
12
|
+
# UNCONFIGURED FSTAB FOR BASE SYSTEM
|
|
13
|
+
- pipe:
|
|
14
|
+
- exec_in: |
|
|
15
|
+
tar -zcf - --numeric-owner \
|
|
16
|
+
--exclude=tmp/* \
|
|
17
|
+
--exclude=dev/* \
|
|
18
|
+
--exclude=proc/* \
|
|
19
|
+
--exclude=sys/* \
|
|
20
|
+
--exclude=run/* \
|
|
21
|
+
--exclude=mnt/* \
|
|
22
|
+
--exclude=media/* \
|
|
23
|
+
--exclude=lost+found/* \
|
|
24
|
+
-C / .
|
|
25
|
+
- exec_out: cat > ./$$filename.tar.gz
|
|
26
|
+
- out2in:
|
|
27
|
+
- ./fstab.bak
|
|
28
|
+
- /etc/fstab
|
|
29
|
+
- exec_out: |
|
|
30
|
+
echo "Saved tar.gz appliance to $(pwd)/$$filename.tar.gz"
|
|
31
|
+
|
|
32
|
+
- save_as_raw:
|
|
33
|
+
- exec_out: echo "sync..." ; sync
|
|
34
|
+
- exec_out: |
|
|
35
|
+
qemu-img convert -O raw $(readlink $$container) $$filename.raw
|
|
36
|
+
- exec_out: echo "Saved raw appliance to $(pwd)/$$filename.raw"
|
|
37
|
+
|
|
38
|
+
- save_as_qcow2:
|
|
39
|
+
- exec_out: echo "sync..." ; sync
|
|
40
|
+
- exec_out: |
|
|
41
|
+
qemu-img convert -O qcow2 $(readlink $$container) $$filename.qcow2
|
|
42
|
+
- exec_out: echo "Saved qcow2 appliance to $(pwd)/$$filename.qcow2"
|
|
43
|
+
|
|
44
|
+
- save_as_vmdk:
|
|
45
|
+
- exec_out: echo "sync..." ; sync
|
|
46
|
+
- exec_out: |
|
|
47
|
+
qemu-img convert -O vmdk $(readlink $$container) $$filename.vmdk
|
|
48
|
+
- exec_out: echo "Saved vmdk appliance to $(pwd)/$$filename.vmdk"
|
|
49
|
+
|
|
50
|
+
- save_as_vdi:
|
|
51
|
+
- exec_out: echo "sync..." ; sync
|
|
52
|
+
- exec_out: |
|
|
53
|
+
qemu-img convert -O vdi $(readlink $$container) $$filename.vdi
|
|
54
|
+
- exec_out: echo "Saved vdi appliance to $(pwd)/$$filename.vdi"
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
# # Create User
|
|
2
|
+
- create_group:
|
|
3
|
+
- exec_in: groupadd $$group
|
|
4
|
+
- add_user:
|
|
5
|
+
# use the create_passwd.py script to generate the crypted password
|
|
6
|
+
- exec_in: useradd -m -g $$group $$name -s /bin/bash
|
|
7
|
+
- exec_in: echo -n '$$name:$$password' | chpasswd
|
|
8
|
+
- add_group_to_sudoers:
|
|
9
|
+
- append_in:
|
|
10
|
+
- /etc/sudoers
|
|
11
|
+
- |
|
|
12
|
+
%admin ALL=(ALL:ALL) ALL
|