toft 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile.lock +1 -1
- data/Rakefile +18 -0
- data/features/node.feature +1 -0
- data/features/step_definitions/command.rb +1 -1
- data/features/step_definitions/node.rb +5 -1
- data/features/support/env.rb +2 -2
- data/lib/toft.rb +3 -6
- data/lib/toft/command_executor.rb +16 -0
- data/lib/toft/file_checker.rb +7 -2
- data/lib/toft/node.rb +19 -13
- data/lib/toft/version.rb +1 -1
- data/scripts/bin/centos/lxc-prepare-host +0 -12
- data/scripts/bin/share/lxc-create-centos-image +5 -2
- data/scripts/bin/ubuntu/lxc-create-ubuntu-image +6 -4
- data/scripts/{cookbooks/lxc/templates/default/lxc-natty → lxc-templates/lxc-lenny} +31 -29
- data/scripts/lxc-templates/lxc-lucid +0 -10
- data/scripts/lxc-templates/lxc-natty +0 -6
- data/spec/spec_helper.rb +1 -1
- data/spec/{tuft → toft}/chef_attributes_spec.rb +0 -0
- data/spec/{tuft → toft}/chef_runner_spec.rb +0 -0
- metadata +10 -14
- data/scripts/bin/share/install-rvm.sh +0 -81
- data/scripts/cookbooks/lxc/attributes/default.rb +0 -1
- data/scripts/cookbooks/lxc/recipes/default.rb +0 -42
- data/scripts/cookbooks/lxc/templates/default/lxc-centos-6 +0 -287
- data/scripts/cookbooks/lxc/templates/default/lxc-lucid +0 -332
data/Gemfile.lock
CHANGED
data/Rakefile
CHANGED
@@ -39,6 +39,7 @@ eos
|
|
39
39
|
-v #{Toft::VERSION} \
|
40
40
|
-m "Huang Liang<exceedhl@gmail.com>" \
|
41
41
|
--description "lxc templates and helper provided by toft" \
|
42
|
+
-d sudo \
|
42
43
|
-d rpm \
|
43
44
|
-d dnsutils \
|
44
45
|
-d lxc \
|
@@ -68,10 +69,25 @@ task :package_rpm do
|
|
68
69
|
cp_r Dir.glob("#{src_dir}/bin/centos/*"), "#{content_dir}/usr/bin"
|
69
70
|
cp_r Dir.glob("#{src_dir}/lxc-templates/*"), "#{content_dir}/usr/lib/lxc/templates"
|
70
71
|
|
72
|
+
pre_install_script = <<-eos
|
73
|
+
#!/bin/sh -e
|
74
|
+
# intsall lxc if not exist
|
75
|
+
if [[ ! -f /usr/bin/lxc-ls ]]; then
|
76
|
+
(cd /tmp && \
|
77
|
+
wget http://lxc.sourceforge.net/download/lxc/lxc-0.7.4.tar.gz && \
|
78
|
+
tar zxf lxc-0.7.4.tar.gz && \
|
79
|
+
cd lxc-0.7.4 && \
|
80
|
+
./configure --prefix=/usr --with-config-path=/var/lib/lxc && \
|
81
|
+
make && \
|
82
|
+
make install)
|
83
|
+
fi
|
84
|
+
eos
|
85
|
+
|
71
86
|
post_install_script = <<-eos
|
72
87
|
#!/bin/sh -e
|
73
88
|
/usr/bin/lxc-prepare-host
|
74
89
|
eos
|
90
|
+
File.open("#{PROJECT_ROOT}/pkg/toft-lxc-pre-install.sh", 'w') { |f| f.write(pre_install_script) }
|
75
91
|
File.open("#{PROJECT_ROOT}/pkg/toft-lxc-post-install.sh", 'w') { |f| f.write(post_install_script) }
|
76
92
|
|
77
93
|
Dir.chdir("pkg") do
|
@@ -84,6 +100,7 @@ eos
|
|
84
100
|
-v #{Toft::VERSION} \
|
85
101
|
-m "Huang Liang<exceedhl@gmail.com>" \
|
86
102
|
--description "lxc templates and helper provided by toft" \
|
103
|
+
-d sudo \
|
87
104
|
-d bind-utils \
|
88
105
|
-d bridge-utils \
|
89
106
|
-d dhcp \
|
@@ -91,6 +108,7 @@ eos
|
|
91
108
|
-d ntp \
|
92
109
|
-d libcap-devel \
|
93
110
|
--post-install "#{PROJECT_ROOT}/pkg/toft-lxc-post-install.sh" \
|
111
|
+
--pre-install "#{PROJECT_ROOT}/pkg/toft-lxc-pre-install.sh" \
|
94
112
|
.
|
95
113
|
EOF
|
96
114
|
end
|
data/features/node.feature
CHANGED
@@ -24,6 +24,7 @@ Scenario: Create node only by name and fetch their info
|
|
24
24
|
And Running ssh command "ping -c 1 n3" on "n1" should succeed
|
25
25
|
And Node "n1" should have ip address same with that obtained from inside it through ssh
|
26
26
|
And Node "n3" should have ip address same with that obtained from inside it through ssh
|
27
|
+
And Hostname of Node "n1" should match its name
|
27
28
|
And Node "n3" is destroyed
|
28
29
|
|
29
30
|
Scenario: Create or destroy node
|
@@ -1,5 +1,5 @@
|
|
1
1
|
Then /^Running ssh command "([^"]*)" on "([^"]*)" should succeed$/ do |cmd, node|
|
2
|
-
find(node).run_ssh(cmd).
|
2
|
+
lambda { find(node).run_ssh(cmd) }.should_not raise_error
|
3
3
|
end
|
4
4
|
|
5
5
|
Then /^Running ssh command "([^"]*)" on "([^"]*)" should fail$/ do |cmd, node|
|
@@ -21,7 +21,7 @@ When /^Node "([^"]*)" is destroyed$/ do |node|
|
|
21
21
|
end
|
22
22
|
|
23
23
|
Then /^There should be ([^"]*) nodes in the environment$/ do |count|
|
24
|
-
|
24
|
+
find(:all).size.should == count.to_i
|
25
25
|
end
|
26
26
|
|
27
27
|
Then /^the node "([^"]*)" should be stopped$/ do |node|
|
@@ -52,3 +52,7 @@ end
|
|
52
52
|
When /^I remove cname "([^"]*)" from "([^"]*)"$/ do |cname, node|
|
53
53
|
find(node).remove_cname cname
|
54
54
|
end
|
55
|
+
|
56
|
+
Then /^Hostname of Node "([^"]*)" should match its name$/ do |node|
|
57
|
+
find(node).hostname.should == node
|
58
|
+
end
|
data/features/support/env.rb
CHANGED
@@ -3,7 +3,7 @@ require 'rspec/expectations'
|
|
3
3
|
require 'toft'
|
4
4
|
|
5
5
|
CHEF_FIXTURE_PATH = File.dirname(__FILE__) + '/../../fixtures/chef'
|
6
|
-
CONTAINER_TYPE = "
|
6
|
+
CONTAINER_TYPE = "natty"
|
7
7
|
|
8
8
|
World(Toft)
|
9
9
|
|
@@ -18,5 +18,5 @@ Before do
|
|
18
18
|
end
|
19
19
|
|
20
20
|
at_exit do
|
21
|
-
|
21
|
+
n1.destroy
|
22
22
|
end
|
data/lib/toft.rb
CHANGED
@@ -15,17 +15,14 @@ module Toft
|
|
15
15
|
NodeController.instance.create_node(hostname, options)
|
16
16
|
end
|
17
17
|
|
18
|
-
def find(
|
19
|
-
NodeController.instance.nodes
|
18
|
+
def find(name)
|
19
|
+
return NodeController.instance.nodes if name === :all
|
20
|
+
NodeController.instance.nodes[name] if name.is_a? String
|
20
21
|
end
|
21
22
|
|
22
23
|
def destroy_node(hostname)
|
23
24
|
NodeController.instance.destroy_node(hostname)
|
24
25
|
end
|
25
|
-
|
26
|
-
def node_count
|
27
|
-
NodeController.instance.nodes.size
|
28
|
-
end
|
29
26
|
end
|
30
27
|
|
31
28
|
class NilClass
|
data/lib/toft/file_checker.rb
CHANGED
@@ -1,5 +1,10 @@
|
|
1
|
+
require 'toft/command_executor'
|
2
|
+
|
1
3
|
module Toft
|
2
4
|
class FileChecker
|
5
|
+
|
6
|
+
include Toft::CommandExecutor
|
7
|
+
|
3
8
|
def initialize(rootfs, path)
|
4
9
|
@rootfs = rootfs
|
5
10
|
@path = path
|
@@ -31,11 +36,11 @@ module Toft
|
|
31
36
|
|
32
37
|
private
|
33
38
|
def stat(format)
|
34
|
-
|
39
|
+
cmd("chroot #{@rootfs} stat -c #{format} #{@path}").rstrip
|
35
40
|
end
|
36
41
|
|
37
42
|
def test(op)
|
38
|
-
|
43
|
+
cmd!("chroot #{@rootfs} test #{op} #{@path}")
|
39
44
|
$? == 0 ? true : false
|
40
45
|
end
|
41
46
|
end
|
data/lib/toft/node.rb
CHANGED
@@ -2,6 +2,7 @@ require 'observer'
|
|
2
2
|
require 'net/ssh'
|
3
3
|
require 'ping'
|
4
4
|
require 'toft/file_checker'
|
5
|
+
require 'toft/command_executor'
|
5
6
|
|
6
7
|
module Toft
|
7
8
|
class Node
|
@@ -39,45 +40,50 @@ CQWv13UgQjiHgQILXSb7xdzpWK1wpDoqIEWQugRyPQDeZhPWVbB4Lg==
|
|
39
40
|
TRY_INTERVAL = 0.5
|
40
41
|
|
41
42
|
include Observable
|
43
|
+
include Toft::CommandExecutor
|
42
44
|
|
43
|
-
def initialize(hostname, options)
|
45
|
+
def initialize(hostname, options = {})
|
44
46
|
options = {:ip => DYNAMIC_IP, :netmask => "24", :type => "natty"}.merge(options)
|
45
47
|
@hostname = hostname
|
46
48
|
@ip = options[:ip]
|
47
49
|
@netmask = options[:netmask]
|
48
50
|
unless exists?
|
49
51
|
conf_file = generate_lxc_config
|
50
|
-
|
52
|
+
cmd! "lxc-create -n #{hostname} -f #{conf_file} -t #{options[:type].to_s}"
|
51
53
|
end
|
52
54
|
@chef_runner = Toft::Chef::ChefRunner.new("#{rootfs}") do |chef_command|
|
53
55
|
run_ssh chef_command
|
54
56
|
end
|
55
57
|
end
|
56
|
-
|
58
|
+
|
59
|
+
def hostname
|
60
|
+
return @hostname
|
61
|
+
end
|
62
|
+
|
57
63
|
def exists?
|
58
|
-
|
64
|
+
cmd("lxc-ls") =~ /#{@hostname}/
|
59
65
|
end
|
60
66
|
|
61
67
|
def start
|
62
|
-
|
63
|
-
|
68
|
+
cmd "lxc-start -n #{@hostname} -d" # system + sudo lxc-start does not work on centos-6, but back-quote does(no clue on why)
|
69
|
+
cmd! "lxc-wait -n #{@hostname} -s RUNNING"
|
64
70
|
wait_ssh_ready
|
65
71
|
end
|
66
72
|
|
67
73
|
def stop
|
68
|
-
|
69
|
-
|
74
|
+
cmd! "lxc-stop -n #{@hostname}"
|
75
|
+
cmd! "lxc-wait -n #{@hostname} -s STOPPED"
|
70
76
|
end
|
71
77
|
|
72
78
|
def destroy
|
73
79
|
stop
|
74
|
-
|
80
|
+
cmd! "lxc-destroy -n #{@hostname}"
|
75
81
|
changed
|
76
82
|
notify_observers(@hostname)
|
77
83
|
end
|
78
84
|
|
79
85
|
def running?
|
80
|
-
|
86
|
+
cmd("lxc-info -n #{@hostname}") =~ /RUNNING/
|
81
87
|
end
|
82
88
|
|
83
89
|
def add_cname(cname)
|
@@ -92,7 +98,7 @@ CQWv13UgQjiHgQILXSb7xdzpWK1wpDoqIEWQugRyPQDeZhPWVbB4Lg==
|
|
92
98
|
raise ArgumentError, "Trying to run empty command on node #{@hostname}", caller if command.blank?
|
93
99
|
stdout = ""
|
94
100
|
stderr = ""
|
95
|
-
Net::SSH.start(fqdn, "root", :key_data => [PRIVATE_KEY]) do |ssh|
|
101
|
+
Net::SSH.start(fqdn, "root", :key_data => [PRIVATE_KEY], :paranoid => false) do |ssh|
|
96
102
|
ssh.open_channel do |channel|
|
97
103
|
channel.exec(command) do |ch, success|
|
98
104
|
raise RuntimeError, "Could not execute command: [#{command}]", caller unless success
|
@@ -122,7 +128,7 @@ CQWv13UgQjiHgQILXSb7xdzpWK1wpDoqIEWQugRyPQDeZhPWVbB4Lg==
|
|
122
128
|
|
123
129
|
def rm(dir)
|
124
130
|
raise ArgumentError, "Illegal dir path: [#{dir}]", caller if dir.blank? || dir[0] != ?/
|
125
|
-
|
131
|
+
cmd! "rm -rf #{rootfs}#{dir}"
|
126
132
|
end
|
127
133
|
|
128
134
|
def run_chef(run_list, params = {})
|
@@ -144,7 +150,7 @@ CQWv13UgQjiHgQILXSb7xdzpWK1wpDoqIEWQugRyPQDeZhPWVbB4Lg==
|
|
144
150
|
|
145
151
|
def wait_sshd_running
|
146
152
|
while true
|
147
|
-
netstat =
|
153
|
+
netstat = cmd("lxc-netstat --name #{@hostname} -ta")
|
148
154
|
return if netstat =~ /ssh/
|
149
155
|
end
|
150
156
|
end
|
data/lib/toft/version.rb
CHANGED
@@ -12,18 +12,6 @@ netmask="255.255.255.0"
|
|
12
12
|
range="192.168.20.2 192.168.20.254"
|
13
13
|
domain=foo
|
14
14
|
|
15
|
-
|
16
|
-
# intsall lxc
|
17
|
-
if [[ ! -f /usr/bin/lxc-ls ]]; then
|
18
|
-
(cd /tmp && \
|
19
|
-
wget http://lxc.sourceforge.net/download/lxc/lxc-0.7.4.tar.gz && \
|
20
|
-
tar zxf lxc-0.7.4.tar.gz && \
|
21
|
-
cd lxc-0.7.4 && \
|
22
|
-
./configure --prefix=/usr --with-config-path=/var/lib/lxc && \
|
23
|
-
make && \
|
24
|
-
make install)
|
25
|
-
fi
|
26
|
-
|
27
15
|
# setup bridge interface
|
28
16
|
if [[ ! `ip link ls dev br0` ]]; then
|
29
17
|
brctl addbr br0
|
@@ -28,6 +28,9 @@ if [ -e "$cache/$suite-$arch.tar.gz" ]; then
|
|
28
28
|
exit 0
|
29
29
|
fi
|
30
30
|
|
31
|
+
# clean the cache dir
|
32
|
+
rm -rf $cache/$suite-$arch
|
33
|
+
|
31
34
|
# install latest rinse
|
32
35
|
if [[ ! `type rinse` ]]; then
|
33
36
|
echo "Rinse does not exist. Installing..."
|
@@ -53,5 +56,5 @@ rinse --config /etc/rinse/rinse.conf \
|
|
53
56
|
|
54
57
|
# compress root image
|
55
58
|
echo "Packaging rootfs ..."
|
56
|
-
(cd $cache/$suite-$arch && tar zcf $suite-$arch.tar.gz .)
|
57
|
-
mv $cache/$suite-$arch/$suite-$arch.tar.gz $cache
|
59
|
+
(cd $cache/$suite-$arch && tar --exclude=$suite-$arch.tar.gz -zcf $suite-$arch.tar.gz .)
|
60
|
+
mv $cache/$suite-$arch/$suite-$arch.tar.gz $cache
|
@@ -1,7 +1,7 @@
|
|
1
1
|
#!/bin/bash
|
2
2
|
|
3
3
|
if [ $# -eq 0 ]; then
|
4
|
-
echo "Usage: `basename $0` <
|
4
|
+
echo "Usage: `basename $0` <lenny|lucid|natty>"
|
5
5
|
exit 1
|
6
6
|
fi
|
7
7
|
|
@@ -28,6 +28,10 @@ if [ -e "$cache/$suite-$arch.tar.gz" ]; then
|
|
28
28
|
exit 0
|
29
29
|
fi
|
30
30
|
|
31
|
+
# clean the cache dir
|
32
|
+
rm -rf $cache/$suite-$arch
|
33
|
+
|
34
|
+
lenny_packages=ifupdown,locales,libui-dialog-perl,netbase,net-tools,dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,dnsutils,dhcp3-client,ssh,lsb-release,wget,gpgv,gnupg,sudo,ruby,rubygems1.8,ruby-dev,libopenssl-ruby,build-essential,ssl-cert
|
31
35
|
lucid_packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,dnsutils,dhcp3-client,ssh,lsb-release,wget,gpgv,gnupg,sudo,ruby,rubygems1.8,ruby-dev,libopenssl-ruby,build-essential,ssl-cert
|
32
36
|
natty_packages=dialog,apt,apt-utils,resolvconf,iproute,inetutils-ping,dnsutils,isc-dhcp-client,isc-dhcp-common,ssh,lsb-release,gnupg,netbase,lxcguest,sudo,ruby,rubygems1.8,ruby-dev,libruby,build-essential,wget,ssl-cert
|
33
37
|
# check the mini ubuntu was not already downloaded
|
@@ -69,7 +73,5 @@ chroot "$cache/$suite-$arch" bash /tmp/install-chef-ubuntu.sh
|
|
69
73
|
|
70
74
|
# compress root image
|
71
75
|
echo "Packaging rootfs ..."
|
72
|
-
(cd $cache/$suite-$arch && tar zcf $suite-$arch.tar.gz .)
|
76
|
+
(cd $cache/$suite-$arch && tar --exclude=$suite-$arch.tar.gz -zcf $suite-$arch.tar.gz .)
|
73
77
|
mv $cache/$suite-$arch/$suite-$arch.tar.gz $cache
|
74
|
-
|
75
|
-
|
@@ -1,6 +1,6 @@
|
|
1
1
|
#!/bin/bash
|
2
2
|
|
3
|
-
echo "Creating
|
3
|
+
echo "Creating lenny node..."
|
4
4
|
|
5
5
|
configure_ubuntu()
|
6
6
|
{
|
@@ -18,20 +18,7 @@ configure_ubuntu()
|
|
18
18
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCguB7XL3ARzLZYLsIMZe4UUO371m+H5C6V8MhtmSlgXtgHDo7eZhNSm5zCeoyGd32OKeLxuxCCEkXfDDF1aa2a6twcASE3pmWNdnBS7auiOH4P7g+eQ4Aw9v7DdESbIVgHF/NDiAEFFdmApYNM3oCX2FhEVNVKxkkIokUr4axYFJzmJ6Xoi5Sd8JtPC85FZVXqDucZDnHQlOcCkbSo0UOmsWQGwtu8eUHoDeUG0dB8ntb9xlBeLctdrAPhuFYCX8IfFkdcakkzv61ETPbKE6g9wdTDC/TEep7/AHGYmarziRnwKiVOL1jnE1coOJLqy8wOC3dKGmRZy9D4sTc+FRV root insecure public key
|
19
19
|
EOF
|
20
20
|
|
21
|
-
|
22
|
-
rm $rootfs/etc/resolv.conf
|
23
|
-
cp /etc/resolv.conf $rootfs/etc/resolv.conf
|
24
|
-
|
25
|
-
# add default route to host
|
26
|
-
cat <<EOF > $rootfs/etc/rc.local
|
27
|
-
#!/bin/sh -e
|
28
|
-
route add default gw <%= node.network.gateway_ip %>
|
29
|
-
exit 0
|
30
|
-
EOF
|
31
|
-
|
32
|
-
# disable selinux in ubuntu
|
33
|
-
mkdir -p $rootfs/selinux
|
34
|
-
echo 0 > $rootfs/selinux/enforce
|
21
|
+
cp /usr/lib/lxc/templates/files/rc.local $rootfs/etc/rc.local
|
35
22
|
|
36
23
|
# set the hostname
|
37
24
|
cat <<EOF > $rootfs/etc/hostname
|
@@ -42,12 +29,33 @@ EOF
|
|
42
29
|
127.0.0.1 localhost $hostname
|
43
30
|
EOF
|
44
31
|
|
45
|
-
|
46
|
-
|
32
|
+
cat <<EOF > $rootfs/etc/inittab
|
33
|
+
id:3:initdefault:
|
34
|
+
si::sysinit:/etc/init.d/rcS
|
35
|
+
l0:0:wait:/etc/init.d/rc 0
|
36
|
+
l1:1:wait:/etc/init.d/rc 1
|
37
|
+
l2:2:wait:/etc/init.d/rc 2
|
38
|
+
l3:3:wait:/etc/init.d/rc 3
|
39
|
+
l4:4:wait:/etc/init.d/rc 4
|
40
|
+
l5:5:wait:/etc/init.d/rc 5
|
41
|
+
l6:6:wait:/etc/init.d/rc 6
|
42
|
+
# Normally not reached, but fallthrough in case of emergency.
|
43
|
+
z6:6:respawn:/sbin/sulogin
|
44
|
+
1:2345:respawn:/sbin/getty 38400 console
|
45
|
+
c1:12345:respawn:/sbin/getty 38400 tty1 linux
|
46
|
+
c2:12345:respawn:/sbin/getty 38400 tty2 linux
|
47
|
+
c3:12345:respawn:/sbin/getty 38400 tty3 linux
|
48
|
+
c4:12345:respawn:/sbin/getty 38400 tty4 linux
|
49
|
+
EOF
|
47
50
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
+
# reconfigure some services
|
52
|
+
if [ -z "$LANG" ]; then
|
53
|
+
chroot $rootfs locale-gen en_US.UTF-8
|
54
|
+
chroot $rootfs update-locale LANG=en_US.UTF-8
|
55
|
+
else
|
56
|
+
chroot $rootfs locale-gen $LANG
|
57
|
+
chroot $rootfs update-locale LANG=$LANG
|
58
|
+
fi
|
51
59
|
|
52
60
|
echo "Set root password to 'root'"
|
53
61
|
echo "root:root" | chroot $rootfs chpasswd
|
@@ -64,7 +72,7 @@ copy_ubuntu()
|
|
64
72
|
# make a local copy of the miniubuntu
|
65
73
|
echo "Extracting rootfs image to $rootfs ..."
|
66
74
|
mkdir $rootfs
|
67
|
-
tar zxf $cache/
|
75
|
+
tar zxf $cache/lenny-$arch.tar.gz -C $rootfs || return 1
|
68
76
|
return 0
|
69
77
|
}
|
70
78
|
|
@@ -131,8 +139,8 @@ lxc.cgroup.devices.allow = c 1:5 rwm
|
|
131
139
|
# consoles
|
132
140
|
lxc.cgroup.devices.allow = c 5:1 rwm
|
133
141
|
lxc.cgroup.devices.allow = c 5:0 rwm
|
134
|
-
|
135
|
-
|
142
|
+
lxc.cgroup.devices.allow = c 4:0 rwm
|
143
|
+
lxc.cgroup.devices.allow = c 4:1 rwm
|
136
144
|
# /dev/{,u}random
|
137
145
|
lxc.cgroup.devices.allow = c 1:9 rwm
|
138
146
|
lxc.cgroup.devices.allow = c 1:8 rwm
|
@@ -211,12 +219,6 @@ if [ ! -z "$clean" -a -z "$path" ]; then
|
|
211
219
|
exit 0
|
212
220
|
fi
|
213
221
|
|
214
|
-
type debootstrap
|
215
|
-
if [ $? -ne 0 ]; then
|
216
|
-
echo "'debootstrap' command is missing"
|
217
|
-
exit 1
|
218
|
-
fi
|
219
|
-
|
220
222
|
if [ -z "$path" ]; then
|
221
223
|
echo "'path' parameter is required"
|
222
224
|
exit 1
|
@@ -20,10 +20,6 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCguB7XL3ARzLZYLsIMZe4UUO371m+H5C6V8MhtmSl
|
|
20
20
|
|
21
21
|
cp /usr/lib/lxc/templates/files/rc.local $rootfs/etc/rc.local
|
22
22
|
|
23
|
-
# disable selinux in ubuntu
|
24
|
-
mkdir -p $rootfs/selinux
|
25
|
-
echo 0 > $rootfs/selinux/enforce
|
26
|
-
|
27
23
|
# set the hostname
|
28
24
|
cat <<EOF > $rootfs/etc/hostname
|
29
25
|
$hostname
|
@@ -281,12 +277,6 @@ if [ ! -z "$clean" -a -z "$path" ]; then
|
|
281
277
|
exit 0
|
282
278
|
fi
|
283
279
|
|
284
|
-
type debootstrap
|
285
|
-
if [ $? -ne 0 ]; then
|
286
|
-
echo "'debootstrap' command is missing"
|
287
|
-
exit 1
|
288
|
-
fi
|
289
|
-
|
290
280
|
if [ -z "$path" ]; then
|
291
281
|
echo "'path' parameter is required"
|
292
282
|
exit 1
|
@@ -201,12 +201,6 @@ if [ ! -z "$clean" -a -z "$path" ]; then
|
|
201
201
|
exit 0
|
202
202
|
fi
|
203
203
|
|
204
|
-
type debootstrap
|
205
|
-
if [ $? -ne 0 ]; then
|
206
|
-
echo "'debootstrap' command is missing"
|
207
|
-
exit 1
|
208
|
-
fi
|
209
|
-
|
210
204
|
if [ -z "$path" ]; then
|
211
205
|
echo "'path' parameter is required"
|
212
206
|
exit 1
|
data/spec/spec_helper.rb
CHANGED
File without changes
|
File without changes
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: toft
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 19
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 0.0.
|
9
|
+
- 6
|
10
|
+
version: 0.0.6
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Huang Liang
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2011-
|
18
|
+
date: 2011-11-04 00:00:00 Z
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
21
21
|
name: rspec
|
@@ -134,29 +134,25 @@ files:
|
|
134
134
|
- lib/toft.rb
|
135
135
|
- lib/toft/chef/chef_attributes.rb
|
136
136
|
- lib/toft/chef/chef_runner.rb
|
137
|
+
- lib/toft/command_executor.rb
|
137
138
|
- lib/toft/file_checker.rb
|
138
139
|
- lib/toft/node.rb
|
139
140
|
- lib/toft/node_controller.rb
|
140
141
|
- lib/toft/version.rb
|
141
142
|
- scripts/bin/centos/lxc-prepare-host
|
142
143
|
- scripts/bin/share/install-chef-ubuntu.sh
|
143
|
-
- scripts/bin/share/install-rvm.sh
|
144
144
|
- scripts/bin/share/lxc-create-centos-image
|
145
145
|
- scripts/bin/ubuntu/lxc-create-ubuntu-image
|
146
146
|
- scripts/bin/ubuntu/lxc-prepare-host
|
147
|
-
- scripts/cookbooks/lxc/attributes/default.rb
|
148
|
-
- scripts/cookbooks/lxc/recipes/default.rb
|
149
|
-
- scripts/cookbooks/lxc/templates/default/lxc-centos-6
|
150
|
-
- scripts/cookbooks/lxc/templates/default/lxc-lucid
|
151
|
-
- scripts/cookbooks/lxc/templates/default/lxc-natty
|
152
147
|
- scripts/lxc-templates/files/rc.local
|
153
148
|
- scripts/lxc-templates/lxc-centos-6
|
149
|
+
- scripts/lxc-templates/lxc-lenny
|
154
150
|
- scripts/lxc-templates/lxc-lucid
|
155
151
|
- scripts/lxc-templates/lxc-natty
|
156
152
|
- spec/fixtures/illegal_syntax.json
|
157
153
|
- spec/spec_helper.rb
|
158
|
-
- spec/
|
159
|
-
- spec/
|
154
|
+
- spec/toft/chef_attributes_spec.rb
|
155
|
+
- spec/toft/chef_runner_spec.rb
|
160
156
|
homepage: https://github.com/exceedhl/toft
|
161
157
|
licenses: []
|
162
158
|
|
@@ -202,5 +198,5 @@ test_files:
|
|
202
198
|
- features/support/env.rb
|
203
199
|
- spec/fixtures/illegal_syntax.json
|
204
200
|
- spec/spec_helper.rb
|
205
|
-
- spec/
|
206
|
-
- spec/
|
201
|
+
- spec/toft/chef_attributes_spec.rb
|
202
|
+
- spec/toft/chef_runner_spec.rb
|
@@ -1,81 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
function load_rvm {
|
4
|
-
cat <<-EOF >> ~/.profile
|
5
|
-
[[ -s ~/.rvm/scripts/rvm ]] && . ~/.rvm/scripts/rvm
|
6
|
-
EOF
|
7
|
-
. ~/.profile
|
8
|
-
}
|
9
|
-
|
10
|
-
function install_rvm {
|
11
|
-
log "installing rvm"
|
12
|
-
bash < <(curl -s https://rvm.beginrescueend.com/install/rvm)
|
13
|
-
echo 'export rvm_project_rvmrc=1' >> $HOME/.rvmrc
|
14
|
-
load_rvm
|
15
|
-
}
|
16
|
-
|
17
|
-
function check_rvm {
|
18
|
-
load_rvm
|
19
|
-
hash rvm || install_rvm
|
20
|
-
log "rvm installed"
|
21
|
-
}
|
22
|
-
|
23
|
-
function fix_rvm_readline_for_macos_tiger {
|
24
|
-
if [[ `uname` == 'Darwin' ]] && [[ `uname -r` == 11* ]]; then
|
25
|
-
(cd "$HOME/.rvm/src/readline-6.0" && \
|
26
|
-
sed -i "" -e"s/darwin\[89\]\*\|darwin10\*/darwin\[89\]\*\|darwin1\[01\]\*/g" support/shobj-conf && \
|
27
|
-
./configure --prefix="$HOME/.rvm/usr/" && \
|
28
|
-
make clean && \
|
29
|
-
make && \
|
30
|
-
make install)
|
31
|
-
fi
|
32
|
-
}
|
33
|
-
|
34
|
-
function install_xslt {
|
35
|
-
[[ -d "$HOME/.rvm/usr/include/libxslt" ]] || \
|
36
|
-
( cd /tmp && \
|
37
|
-
rm -rf libxslt-1.1.26 && \
|
38
|
-
wget -c ftp://xmlsoft.org/libxml2/libxslt-1.1.26.tar.gz && \
|
39
|
-
tar -zxvf libxslt-1.1.26.tar.gz && \
|
40
|
-
cd libxslt-1.1.26 && \
|
41
|
-
./configure --prefix="$HOME/.rvm/usr" --with-libxml-prefix="$HOME/.rvm/usr" && \
|
42
|
-
make && \
|
43
|
-
make install )
|
44
|
-
}
|
45
|
-
|
46
|
-
function install_ruby {
|
47
|
-
log "installing ruby"
|
48
|
-
rvm pkg install libxml2 && \
|
49
|
-
rvm pkg install openssl && \
|
50
|
-
rvm pkg install ncurses && \
|
51
|
-
rvm pkg install readline && \
|
52
|
-
fix_rvm_readline_for_macos_tiger && \
|
53
|
-
install_xslt && \
|
54
|
-
rvm install ruby-1.8.7-p352 -C "--with-readline-dir=$HOME/.rvm/usr --with-xml-dir=$HOME/.rvm/usr --with-openssl-dir=$HOME/.rvm/usr" && \
|
55
|
-
rvm use 1.8.7-p352 &&
|
56
|
-
}
|
57
|
-
|
58
|
-
function check_ruby {
|
59
|
-
rvm list | grep 1.8.7-p352 > /dev/null || install_ruby
|
60
|
-
log "ruby installed"
|
61
|
-
}
|
62
|
-
|
63
|
-
function install_bundler {
|
64
|
-
log "installing bundler"
|
65
|
-
gem sources | grep "http://rubygems.org/" || gem sources -a http://rubygems.org/ && \
|
66
|
-
gem sources | grep "http://gems.rubyforge.org/" || gem sources -a http://gems.rubyforge.org/ && \
|
67
|
-
gem install bundler --no-ri --no-rdoc
|
68
|
-
}
|
69
|
-
|
70
|
-
function check_bundler {
|
71
|
-
which bundle | grep 1.8.7-p352 > /dev/null || install_bundler
|
72
|
-
log "bundler installed"
|
73
|
-
}
|
74
|
-
|
75
|
-
function ruby_environment {
|
76
|
-
check_rvm && \
|
77
|
-
check_ruby && \
|
78
|
-
check_bundler
|
79
|
-
}
|
80
|
-
|
81
|
-
ruby_environment
|
@@ -1 +0,0 @@
|
|
1
|
-
default[:network][:gateway_ip] = "192.168.20.1"
|
@@ -1,42 +0,0 @@
|
|
1
|
-
%w{lxc bridge-utils debootstrap}.each do |pkg|
|
2
|
-
package "#{pkg}"
|
3
|
-
end
|
4
|
-
|
5
|
-
bash "set up networking" do
|
6
|
-
code <<-EOH
|
7
|
-
brctl addbr br0
|
8
|
-
ifconfig br0 #{node.network.gateway_ip} netmask 255.255.255.0 up
|
9
|
-
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
10
|
-
sysctl -w net.ipv4.ip_forward=1
|
11
|
-
EOH
|
12
|
-
not_if "ip link ls dev br0"
|
13
|
-
end
|
14
|
-
|
15
|
-
directory "/cgroup" do
|
16
|
-
action :create
|
17
|
-
end
|
18
|
-
|
19
|
-
mount "/cgroup" do
|
20
|
-
device "cgroup"
|
21
|
-
fstype "cgroup"
|
22
|
-
pass 0
|
23
|
-
action [:mount, :enable]
|
24
|
-
end
|
25
|
-
|
26
|
-
template "/usr/lib/lxc/templates/lxc-lucid" do
|
27
|
-
source "lxc-lucid"
|
28
|
-
mode "0755"
|
29
|
-
action :create
|
30
|
-
end
|
31
|
-
|
32
|
-
template "/usr/lib/lxc/templates/lxc-natty" do
|
33
|
-
source "lxc-natty"
|
34
|
-
mode "0755"
|
35
|
-
action :create
|
36
|
-
end
|
37
|
-
|
38
|
-
template "/usr/lib/lxc/templates/lxc-centos-6" do
|
39
|
-
source "lxc-centos-6"
|
40
|
-
mode "0755"
|
41
|
-
action :create
|
42
|
-
end
|
@@ -1,287 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
echo "Creating centos-6 node..."
|
4
|
-
|
5
|
-
configure_centos()
|
6
|
-
{
|
7
|
-
rootfs=$1
|
8
|
-
hostname=$2
|
9
|
-
|
10
|
-
# disable selinux in centos
|
11
|
-
mkdir -p $rootfs/selinux
|
12
|
-
echo 0 > $rootfs/selinux/enforce
|
13
|
-
|
14
|
-
# add host root ssh access
|
15
|
-
mkdir $rootfs/root/.ssh
|
16
|
-
chmod 0600 $rootfs/root/.ssh
|
17
|
-
cat <<-EOF > $rootfs/root/.ssh/authorized_keys
|
18
|
-
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCguB7XL3ARzLZYLsIMZe4UUO371m+H5C6V8MhtmSlgXtgHDo7eZhNSm5zCeoyGd32OKeLxuxCCEkXfDDF1aa2a6twcASE3pmWNdnBS7auiOH4P7g+eQ4Aw9v7DdESbIVgHF/NDiAEFFdmApYNM3oCX2FhEVNVKxkkIokUr4axYFJzmJ6Xoi5Sd8JtPC85FZVXqDucZDnHQlOcCkbSo0UOmsWQGwtu8eUHoDeUG0dB8ntb9xlBeLctdrAPhuFYCX8IfFkdcakkzv61ETPbKE6g9wdTDC/TEep7/AHGYmarziRnwKiVOL1jnE1coOJLqy8wOC3dKGmRZy9D4sTc+FRV root insecure public key
|
19
|
-
EOF
|
20
|
-
|
21
|
-
# copy host resolve
|
22
|
-
cp /etc/resolv.conf $rootfs/etc/resolv.conf
|
23
|
-
|
24
|
-
# add default route to host
|
25
|
-
cat <<EOF > $rootfs/etc/rc.local
|
26
|
-
#!/bin/sh -e
|
27
|
-
route add default gw <%= node.network.gateway_ip %>
|
28
|
-
exit 0
|
29
|
-
EOF
|
30
|
-
|
31
|
-
# set the hostname
|
32
|
-
cat <<EOF > $rootfs/etc/hostname
|
33
|
-
$hostname
|
34
|
-
EOF
|
35
|
-
# set minimal hosts
|
36
|
-
cat <<EOF > $rootfs/etc/hosts
|
37
|
-
127.0.0.1 localhost $hostname
|
38
|
-
EOF
|
39
|
-
|
40
|
-
cat <<EOF > $rootfs/etc/init/console.conf
|
41
|
-
# console - mingetty
|
42
|
-
#
|
43
|
-
# This service maintains a console on tty1 from the point the system is
|
44
|
-
# started until it is shut down again.
|
45
|
-
|
46
|
-
start on stopped rc RUNLEVEL=[2345]
|
47
|
-
stop on runlevel [!2345]
|
48
|
-
|
49
|
-
respawn
|
50
|
-
exec /sbin/mingetty console
|
51
|
-
EOF
|
52
|
-
|
53
|
-
cat <<EOF > $rootfs/etc/fstab
|
54
|
-
none /dev/pts devpts defaults 0 0
|
55
|
-
EOF
|
56
|
-
|
57
|
-
[ ! -f $rootfs/etc/init/kexec-disable.conf ] || mv $rootfs/etc/init/kexec-disable.conf $rootfs/etc/init/kexec-disable.conf.orig
|
58
|
-
sed -i -e 's:/sbin/start_udev:#/sbin/start_udev:' $rootfs/etc/rc.d/rc.sysinit
|
59
|
-
|
60
|
-
sed -i -e 's:\(Defaults *requiretty\):# \1:' $rootfs/etc/sudoers
|
61
|
-
|
62
|
-
# create necessary devices
|
63
|
-
rm $rootfs/dev/null
|
64
|
-
mknod -m 666 $rootfs/dev/null c 1 3
|
65
|
-
mknod -m 666 $rootfs/dev/random c 1 8
|
66
|
-
mknod -m 666 $rootfs/dev/urandom c 1 9
|
67
|
-
mkdir -m 755 $rootfs/dev/pts
|
68
|
-
mknod -m 666 $rootfs/dev/tty c 5 0
|
69
|
-
mknod -m 666 $rootfs/dev/tty0 c 4 0
|
70
|
-
mknod -m 666 $rootfs/dev/tty1 c 4 1
|
71
|
-
mknod -m 666 $rootfs/dev/tty2 c 4 2
|
72
|
-
mknod -m 666 $rootfs/dev/tty3 c 4 3
|
73
|
-
mknod -m 666 $rootfs/dev/tty4 c 4 4
|
74
|
-
mknod -m 600 $rootfs/dev/console c 5 1
|
75
|
-
mknod -m 666 $rootfs/dev/full c 1 7
|
76
|
-
mknod -m 600 $rootfs/dev/initctl p
|
77
|
-
|
78
|
-
# change root password
|
79
|
-
echo "Set root password to 'root'"
|
80
|
-
echo "root:root" | chroot $rootfs chpasswd
|
81
|
-
|
82
|
-
return 0
|
83
|
-
}
|
84
|
-
|
85
|
-
copy_centos()
|
86
|
-
{
|
87
|
-
cache=$1
|
88
|
-
arch=$2
|
89
|
-
rootfs=$3
|
90
|
-
|
91
|
-
# make a local copy of the minicentos
|
92
|
-
echo "Extracting rootfs image to $rootfs ..."
|
93
|
-
mkdir $rootfs
|
94
|
-
tar zxf $cache/centos-6-$arch.tar.gz -C $rootfs || return 1
|
95
|
-
return 0
|
96
|
-
}
|
97
|
-
|
98
|
-
install_centos()
|
99
|
-
{
|
100
|
-
cache="/var/cache/lxc"
|
101
|
-
rootfs=$1
|
102
|
-
mkdir -p /var/lock/subsys/
|
103
|
-
(
|
104
|
-
flock -n -x 200
|
105
|
-
if [ $? -ne 0 ]; then
|
106
|
-
echo "Cache repository is busy."
|
107
|
-
return 1
|
108
|
-
fi
|
109
|
-
|
110
|
-
arch=$(arch)
|
111
|
-
if [ "$arch" == "x86_64" ]; then
|
112
|
-
arch=amd64
|
113
|
-
fi
|
114
|
-
|
115
|
-
if [ "$arch" == "i686" ]; then
|
116
|
-
arch=i386
|
117
|
-
fi
|
118
|
-
|
119
|
-
echo "Checking image cache in $cache/rootfs-$arch ... "
|
120
|
-
if [ ! -e "$cache/rootfs-$arch" ]; then
|
121
|
-
if [ $? -ne 0 ]; then
|
122
|
-
echo "Failed to download 'centos base'"
|
123
|
-
return 1
|
124
|
-
fi
|
125
|
-
fi
|
126
|
-
|
127
|
-
copy_centos $cache $arch $rootfs
|
128
|
-
if [ $? -ne 0 ]; then
|
129
|
-
echo "Failed to copy rootfs"
|
130
|
-
return 1
|
131
|
-
fi
|
132
|
-
|
133
|
-
return 0
|
134
|
-
|
135
|
-
) 200>/var/lock/subsys/lxc
|
136
|
-
|
137
|
-
return $?
|
138
|
-
}
|
139
|
-
|
140
|
-
copy_configuration()
|
141
|
-
{
|
142
|
-
path=$1
|
143
|
-
rootfs=$2
|
144
|
-
name=$3
|
145
|
-
|
146
|
-
cat <<EOF >> $path/config
|
147
|
-
lxc.utsname = $name
|
148
|
-
|
149
|
-
lxc.tty = 4
|
150
|
-
lxc.pts = 1024
|
151
|
-
lxc.rootfs = $rootfs
|
152
|
-
lxc.mount = $path/fstab
|
153
|
-
|
154
|
-
lxc.cgroup.devices.deny = a
|
155
|
-
|
156
|
-
lxc.cgroup.devices.allow = b 1:0 rwm
|
157
|
-
lxc.cgroup.devices.allow = b 1:1 rwm
|
158
|
-
lxc.cgroup.devices.allow = c 1:1 rwm
|
159
|
-
lxc.cgroup.devices.allow = c 1:2 rwm
|
160
|
-
lxc.cgroup.devices.allow = c 1:4 rwm
|
161
|
-
lxc.cgroup.devices.allow = c 1:6 rwm
|
162
|
-
lxc.cgroup.devices.allow = c 1:7 rwm
|
163
|
-
lxc.cgroup.devices.allow = c 1:11 rwm
|
164
|
-
|
165
|
-
lxc.cgroup.devices.allow = c 2:* rwm
|
166
|
-
lxc.cgroup.devices.allow = c 3:* rwm
|
167
|
-
|
168
|
-
# /dev/null and zero
|
169
|
-
lxc.cgroup.devices.allow = c 1:3 rwm
|
170
|
-
lxc.cgroup.devices.allow = c 1:5 rwm
|
171
|
-
# consoles
|
172
|
-
lxc.cgroup.devices.allow = c 5:1 rwm
|
173
|
-
lxc.cgroup.devices.allow = c 5:0 rwm
|
174
|
-
lxc.cgroup.devices.allow = c 4:0 rwm
|
175
|
-
lxc.cgroup.devices.allow = c 4:1 rwm
|
176
|
-
# /dev/{,u}random
|
177
|
-
lxc.cgroup.devices.allow = c 1:9 rwm
|
178
|
-
lxc.cgroup.devices.allow = c 1:8 rwm
|
179
|
-
lxc.cgroup.devices.allow = c 136:* rwm
|
180
|
-
lxc.cgroup.devices.allow = c 5:2 rwm
|
181
|
-
# rtc
|
182
|
-
lxc.cgroup.devices.allow = c 254:0 rwm
|
183
|
-
EOF
|
184
|
-
|
185
|
-
cat <<EOF > $path/fstab
|
186
|
-
proc $rootfs/proc proc nodev,noexec,nosuid 0 0
|
187
|
-
devpts $rootfs/dev/pts devpts defaults 0 0
|
188
|
-
sysfs $rootfs/sys sysfs defaults 0 0
|
189
|
-
EOF
|
190
|
-
|
191
|
-
if [ $? -ne 0 ]; then
|
192
|
-
echo "Failed to add configuration"
|
193
|
-
return 1
|
194
|
-
fi
|
195
|
-
|
196
|
-
return 0
|
197
|
-
}
|
198
|
-
|
199
|
-
clean()
|
200
|
-
{
|
201
|
-
cache="/var/cache/lxc"
|
202
|
-
|
203
|
-
if [ ! -e $cache ]; then
|
204
|
-
exit 0
|
205
|
-
fi
|
206
|
-
|
207
|
-
# lock, so we won't purge while someone is creating a repository
|
208
|
-
(
|
209
|
-
flock -n -x 200
|
210
|
-
if [ $? != 0 ]; then
|
211
|
-
echo "Cache repository is busy."
|
212
|
-
exit 1
|
213
|
-
fi
|
214
|
-
|
215
|
-
echo -n "Purging the download cache..."
|
216
|
-
rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
|
217
|
-
exit 0
|
218
|
-
|
219
|
-
) 200>/var/lock/subsys/lxc
|
220
|
-
}
|
221
|
-
|
222
|
-
usage()
|
223
|
-
{
|
224
|
-
cat <<EOF
|
225
|
-
$1 -h|--help -p|--path=<path> --clean
|
226
|
-
EOF
|
227
|
-
return 0
|
228
|
-
}
|
229
|
-
|
230
|
-
options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
|
231
|
-
if [ $? -ne 0 ]; then
|
232
|
-
usage $(basename $0)
|
233
|
-
exit 1
|
234
|
-
fi
|
235
|
-
eval set -- "$options"
|
236
|
-
|
237
|
-
while true
|
238
|
-
do
|
239
|
-
case "$1" in
|
240
|
-
-h|--help) usage $0 && exit 0;;
|
241
|
-
-p|--path) path=$2; shift 2;;
|
242
|
-
-n|--name) name=$2; shift 2;;
|
243
|
-
-c|--clean) clean=$2; shift 2;;
|
244
|
-
--) shift 1; break ;;
|
245
|
-
*) break ;;
|
246
|
-
esac
|
247
|
-
done
|
248
|
-
|
249
|
-
if [ ! -z "$clean" -a -z "$path" ]; then
|
250
|
-
clean || exit 1
|
251
|
-
exit 0
|
252
|
-
fi
|
253
|
-
|
254
|
-
if [ -z "$path" ]; then
|
255
|
-
echo "'path' parameter is required"
|
256
|
-
exit 1
|
257
|
-
fi
|
258
|
-
|
259
|
-
if [ "$(id -u)" != "0" ]; then
|
260
|
-
echo "This script should be run as 'root'"
|
261
|
-
exit 1
|
262
|
-
fi
|
263
|
-
|
264
|
-
rootfs=$path/rootfs
|
265
|
-
|
266
|
-
install_centos $rootfs
|
267
|
-
if [ $? -ne 0 ]; then
|
268
|
-
echo "failed to install centos"
|
269
|
-
exit 1
|
270
|
-
fi
|
271
|
-
|
272
|
-
configure_centos $rootfs $name
|
273
|
-
if [ $? -ne 0 ]; then
|
274
|
-
echo "failed to configure centos for a container"
|
275
|
-
exit 1
|
276
|
-
fi
|
277
|
-
|
278
|
-
copy_configuration $path $rootfs $name
|
279
|
-
if [ $? -ne 0 ]; then
|
280
|
-
echo "failed write configuration file"
|
281
|
-
exit 1
|
282
|
-
fi
|
283
|
-
|
284
|
-
if [ ! -z $clean ]; then
|
285
|
-
clean || exit 1
|
286
|
-
exit 0
|
287
|
-
fi
|
@@ -1,332 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
echo "Creating lucid node..."
|
4
|
-
|
5
|
-
configure_ubuntu()
|
6
|
-
{
|
7
|
-
rootfs=$1
|
8
|
-
hostname=$2
|
9
|
-
|
10
|
-
# disable selinux in ubuntu
|
11
|
-
mkdir -p $rootfs/selinux
|
12
|
-
echo 0 > $rootfs/selinux/enforce
|
13
|
-
|
14
|
-
# add host root ssh access
|
15
|
-
mkdir $rootfs/root/.ssh
|
16
|
-
chmod 0600 $rootfs/root/.ssh
|
17
|
-
cat <<-EOF > $rootfs/root/.ssh/authorized_keys
|
18
|
-
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCguB7XL3ARzLZYLsIMZe4UUO371m+H5C6V8MhtmSlgXtgHDo7eZhNSm5zCeoyGd32OKeLxuxCCEkXfDDF1aa2a6twcASE3pmWNdnBS7auiOH4P7g+eQ4Aw9v7DdESbIVgHF/NDiAEFFdmApYNM3oCX2FhEVNVKxkkIokUr4axYFJzmJ6Xoi5Sd8JtPC85FZVXqDucZDnHQlOcCkbSo0UOmsWQGwtu8eUHoDeUG0dB8ntb9xlBeLctdrAPhuFYCX8IfFkdcakkzv61ETPbKE6g9wdTDC/TEep7/AHGYmarziRnwKiVOL1jnE1coOJLqy8wOC3dKGmRZy9D4sTc+FRV root insecure public key
|
19
|
-
EOF
|
20
|
-
|
21
|
-
# copy host resolve
|
22
|
-
rm $rootfs/etc/resolv.conf
|
23
|
-
cp /etc/resolv.conf $rootfs/etc/resolv.conf
|
24
|
-
|
25
|
-
# add default route to host
|
26
|
-
cat <<EOF > $rootfs/etc/rc.local
|
27
|
-
#!/bin/sh -e
|
28
|
-
route add default gw <%= node.network.gateway_ip %>
|
29
|
-
exit 0
|
30
|
-
EOF
|
31
|
-
|
32
|
-
# disable selinux in ubuntu
|
33
|
-
mkdir -p $rootfs/selinux
|
34
|
-
echo 0 > $rootfs/selinux/enforce
|
35
|
-
|
36
|
-
# set the hostname
|
37
|
-
cat <<EOF > $rootfs/etc/hostname
|
38
|
-
$hostname
|
39
|
-
EOF
|
40
|
-
# set minimal hosts
|
41
|
-
cat <<EOF > $rootfs/etc/hosts
|
42
|
-
127.0.0.1 localhost $hostname
|
43
|
-
EOF
|
44
|
-
|
45
|
-
# provide the lxc service
|
46
|
-
cat <<EOF > $rootfs/etc/init/lxc.conf
|
47
|
-
# fake some events needed for correct startup other services
|
48
|
-
|
49
|
-
description "Container Upstart"
|
50
|
-
|
51
|
-
start on startup
|
52
|
-
|
53
|
-
script
|
54
|
-
rm -rf /var/run/*.pid
|
55
|
-
rm -rf /var/run/network/*
|
56
|
-
/sbin/initctl emit stopped JOB=udevtrigger --no-wait
|
57
|
-
/sbin/initctl emit started JOB=udev --no-wait
|
58
|
-
end script
|
59
|
-
EOF
|
60
|
-
|
61
|
-
# fix buggus runlevel with sshd
|
62
|
-
cat <<EOF > $rootfs/etc/init/ssh.conf
|
63
|
-
# ssh - OpenBSD Secure Shell server
|
64
|
-
#
|
65
|
-
# The OpenSSH server provides secure shell access to the system.
|
66
|
-
|
67
|
-
description "OpenSSH server"
|
68
|
-
|
69
|
-
start on filesystem
|
70
|
-
stop on runlevel [!2345]
|
71
|
-
|
72
|
-
expect fork
|
73
|
-
respawn
|
74
|
-
respawn limit 10 5
|
75
|
-
umask 022
|
76
|
-
# replaces SSHD_OOM_ADJUST in /etc/default/ssh
|
77
|
-
oom never
|
78
|
-
|
79
|
-
pre-start script
|
80
|
-
test -x /usr/sbin/sshd || { stop; exit 0; }
|
81
|
-
test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; }
|
82
|
-
test -c /dev/null || { stop; exit 0; }
|
83
|
-
|
84
|
-
mkdir -p -m0755 /var/run/sshd
|
85
|
-
end script
|
86
|
-
|
87
|
-
# if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
|
88
|
-
# 'exec' line here instead
|
89
|
-
exec /usr/sbin/sshd
|
90
|
-
EOF
|
91
|
-
|
92
|
-
cat <<EOF > $rootfs/etc/init/console.conf
|
93
|
-
# console - getty
|
94
|
-
#
|
95
|
-
# This service maintains a console on tty1 from the point the system is
|
96
|
-
# started until it is shut down again.
|
97
|
-
|
98
|
-
start on stopped rc RUNLEVEL=[2345]
|
99
|
-
stop on runlevel [!2345]
|
100
|
-
|
101
|
-
respawn
|
102
|
-
exec /sbin/getty -8 38400 /dev/console
|
103
|
-
EOF
|
104
|
-
|
105
|
-
cat <<EOF > $rootfs/lib/init/fstab
|
106
|
-
# /lib/init/fstab: lxc system fstab
|
107
|
-
none /spu spufs gid=spu,optional 0 0
|
108
|
-
none /tmp none defaults 0 0
|
109
|
-
none /var/lock tmpfs nodev,noexec,nosuid,showthrough 0 0
|
110
|
-
none /lib/init/rw tmpfs mode=0755,nosuid,optional 0 0
|
111
|
-
EOF
|
112
|
-
|
113
|
-
# reconfigure some services
|
114
|
-
if [ -z "$LANG" ]; then
|
115
|
-
chroot $rootfs locale-gen en_US.UTF-8
|
116
|
-
chroot $rootfs update-locale LANG=en_US.UTF-8
|
117
|
-
else
|
118
|
-
chroot $rootfs locale-gen $LANG
|
119
|
-
chroot $rootfs update-locale LANG=$LANG
|
120
|
-
fi
|
121
|
-
|
122
|
-
# remove pointless services in a container
|
123
|
-
chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
|
124
|
-
|
125
|
-
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv $f $f.orig; done'
|
126
|
-
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); do mv $f $f.orig; done'
|
127
|
-
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls plymouth*.conf); do mv $f $f.orig; done'
|
128
|
-
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); do mv $f $f.orig; done'
|
129
|
-
chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); do mv $f $f.orig; done'
|
130
|
-
|
131
|
-
echo "Set root password to 'root'"
|
132
|
-
echo "root:root" | chroot $rootfs chpasswd
|
133
|
-
|
134
|
-
return 0
|
135
|
-
}
|
136
|
-
|
137
|
-
copy_ubuntu()
|
138
|
-
{
|
139
|
-
cache=$1
|
140
|
-
arch=$2
|
141
|
-
rootfs=$3
|
142
|
-
|
143
|
-
# make a local copy of the miniubuntu
|
144
|
-
echo "Extracting rootfs image to $rootfs ..."
|
145
|
-
mkdir $rootfs
|
146
|
-
tar zxf $cache/lucid-$arch.tar.gz -C $rootfs || return 1
|
147
|
-
return 0
|
148
|
-
}
|
149
|
-
|
150
|
-
install_ubuntu()
|
151
|
-
{
|
152
|
-
cache="/var/cache/lxc"
|
153
|
-
rootfs=$1
|
154
|
-
mkdir -p /var/lock/subsys/
|
155
|
-
(
|
156
|
-
flock -n -x 200
|
157
|
-
if [ $? -ne 0 ]; then
|
158
|
-
echo "Cache repository is busy."
|
159
|
-
return 1
|
160
|
-
fi
|
161
|
-
|
162
|
-
arch=$(arch)
|
163
|
-
if [ "$arch" == "x86_64" ]; then
|
164
|
-
arch=amd64
|
165
|
-
fi
|
166
|
-
|
167
|
-
if [ "$arch" == "i686" ]; then
|
168
|
-
arch=i386
|
169
|
-
fi
|
170
|
-
|
171
|
-
echo "Checking image cache in $cache/rootfs-$arch ... "
|
172
|
-
if [ ! -e "$cache/rootfs-$arch" ]; then
|
173
|
-
if [ $? -ne 0 ]; then
|
174
|
-
echo "Failed to download 'ubuntu base'"
|
175
|
-
return 1
|
176
|
-
fi
|
177
|
-
fi
|
178
|
-
|
179
|
-
copy_ubuntu $cache $arch $rootfs
|
180
|
-
if [ $? -ne 0 ]; then
|
181
|
-
echo "Failed to copy rootfs"
|
182
|
-
return 1
|
183
|
-
fi
|
184
|
-
|
185
|
-
return 0
|
186
|
-
|
187
|
-
) 200>/var/lock/subsys/lxc
|
188
|
-
|
189
|
-
return $?
|
190
|
-
}
|
191
|
-
|
192
|
-
copy_configuration()
|
193
|
-
{
|
194
|
-
path=$1
|
195
|
-
rootfs=$2
|
196
|
-
name=$3
|
197
|
-
|
198
|
-
cat <<EOF >> $path/config
|
199
|
-
lxc.utsname = $name
|
200
|
-
|
201
|
-
lxc.tty = 4
|
202
|
-
lxc.pts = 1024
|
203
|
-
lxc.rootfs = $rootfs
|
204
|
-
lxc.mount = $path/fstab
|
205
|
-
|
206
|
-
lxc.cgroup.devices.deny = a
|
207
|
-
# /dev/null and zero
|
208
|
-
lxc.cgroup.devices.allow = c 1:3 rwm
|
209
|
-
lxc.cgroup.devices.allow = c 1:5 rwm
|
210
|
-
# consoles
|
211
|
-
lxc.cgroup.devices.allow = c 5:1 rwm
|
212
|
-
lxc.cgroup.devices.allow = c 5:0 rwm
|
213
|
-
lxc.cgroup.devices.allow = c 4:0 rwm
|
214
|
-
lxc.cgroup.devices.allow = c 4:1 rwm
|
215
|
-
# /dev/{,u}random
|
216
|
-
lxc.cgroup.devices.allow = c 1:9 rwm
|
217
|
-
lxc.cgroup.devices.allow = c 1:8 rwm
|
218
|
-
lxc.cgroup.devices.allow = c 136:* rwm
|
219
|
-
lxc.cgroup.devices.allow = c 5:2 rwm
|
220
|
-
# rtc
|
221
|
-
lxc.cgroup.devices.allow = c 254:0 rwm
|
222
|
-
EOF
|
223
|
-
|
224
|
-
cat <<EOF > $path/fstab
|
225
|
-
proc $rootfs/proc proc nodev,noexec,nosuid 0 0
|
226
|
-
devpts $rootfs/dev/pts devpts defaults 0 0
|
227
|
-
sysfs $rootfs/sys sysfs defaults 0 0
|
228
|
-
EOF
|
229
|
-
|
230
|
-
if [ $? -ne 0 ]; then
|
231
|
-
echo "Failed to add configuration"
|
232
|
-
return 1
|
233
|
-
fi
|
234
|
-
|
235
|
-
return 0
|
236
|
-
}
|
237
|
-
|
238
|
-
clean()
|
239
|
-
{
|
240
|
-
cache="/var/cache/lxc"
|
241
|
-
|
242
|
-
if [ ! -e $cache ]; then
|
243
|
-
exit 0
|
244
|
-
fi
|
245
|
-
|
246
|
-
# lock, so we won't purge while someone is creating a repository
|
247
|
-
(
|
248
|
-
flock -n -x 200
|
249
|
-
if [ $? != 0 ]; then
|
250
|
-
echo "Cache repository is busy."
|
251
|
-
exit 1
|
252
|
-
fi
|
253
|
-
|
254
|
-
echo -n "Purging the download cache..."
|
255
|
-
rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
|
256
|
-
exit 0
|
257
|
-
|
258
|
-
) 200>/var/lock/subsys/lxc
|
259
|
-
}
|
260
|
-
|
261
|
-
usage()
|
262
|
-
{
|
263
|
-
cat <<EOF
|
264
|
-
$1 -h|--help -p|--path=<path> --clean
|
265
|
-
EOF
|
266
|
-
return 0
|
267
|
-
}
|
268
|
-
|
269
|
-
options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
|
270
|
-
if [ $? -ne 0 ]; then
|
271
|
-
usage $(basename $0)
|
272
|
-
exit 1
|
273
|
-
fi
|
274
|
-
eval set -- "$options"
|
275
|
-
|
276
|
-
while true
|
277
|
-
do
|
278
|
-
case "$1" in
|
279
|
-
-h|--help) usage $0 && exit 0;;
|
280
|
-
-p|--path) path=$2; shift 2;;
|
281
|
-
-n|--name) name=$2; shift 2;;
|
282
|
-
-c|--clean) clean=$2; shift 2;;
|
283
|
-
--) shift 1; break ;;
|
284
|
-
*) break ;;
|
285
|
-
esac
|
286
|
-
done
|
287
|
-
|
288
|
-
if [ ! -z "$clean" -a -z "$path" ]; then
|
289
|
-
clean || exit 1
|
290
|
-
exit 0
|
291
|
-
fi
|
292
|
-
|
293
|
-
type debootstrap
|
294
|
-
if [ $? -ne 0 ]; then
|
295
|
-
echo "'debootstrap' command is missing"
|
296
|
-
exit 1
|
297
|
-
fi
|
298
|
-
|
299
|
-
if [ -z "$path" ]; then
|
300
|
-
echo "'path' parameter is required"
|
301
|
-
exit 1
|
302
|
-
fi
|
303
|
-
|
304
|
-
if [ "$(id -u)" != "0" ]; then
|
305
|
-
echo "This script should be run as 'root'"
|
306
|
-
exit 1
|
307
|
-
fi
|
308
|
-
|
309
|
-
rootfs=$path/rootfs
|
310
|
-
|
311
|
-
install_ubuntu $rootfs
|
312
|
-
if [ $? -ne 0 ]; then
|
313
|
-
echo "failed to install ubuntu"
|
314
|
-
exit 1
|
315
|
-
fi
|
316
|
-
|
317
|
-
configure_ubuntu $rootfs $name
|
318
|
-
if [ $? -ne 0 ]; then
|
319
|
-
echo "failed to configure ubuntu for a container"
|
320
|
-
exit 1
|
321
|
-
fi
|
322
|
-
|
323
|
-
copy_configuration $path $rootfs $name
|
324
|
-
if [ $? -ne 0 ]; then
|
325
|
-
echo "failed write configuration file"
|
326
|
-
exit 1
|
327
|
-
fi
|
328
|
-
|
329
|
-
if [ ! -z $clean ]; then
|
330
|
-
clean || exit 1
|
331
|
-
exit 0
|
332
|
-
fi
|