Move more commands to subcommands of ros

2025-09-13 21:51:33 +00:00 · 2016-10-20 11:58:34 -07:00
parent b767e5e1a7
commit 21fb3ebfa9
10 changed files with 78 additions and 59 deletions
--- a/cmd/control/cli.go
+++ b/cmd/control/cli.go
@@ -44,6 +44,13 @@ func Main() {
 			HideHelp:    true,
 			Subcommands: consoleSubcommands(),
 		},
+		{
+			Name:            "console-init",
+			Hidden:          true,
+			HideHelp:        true,
+			SkipFlagParsing: true,
+			Action:          consoleInitAction,
+		},
 		{
 			Name:            "dev",
 			Hidden:          true,
@@ -51,6 +58,13 @@ func Main() {
 			SkipFlagParsing: true,
 			Action:          devAction,
 		},
+		{
+			Name:            "docker-init",
+			Hidden:          true,
+			HideHelp:        true,
+			SkipFlagParsing: true,
+			Action:          dockerInitAction,
+		},
 		{
 			Name:        "engine",
 			Usage:       "manage which Docker engine is used",
@@ -85,6 +99,13 @@ func Main() {
 			SkipFlagParsing: true,
 			Action:          preloadImagesAction,
 		},
+		{
+			Name:            "switch-console",
+			Hidden:          true,
+			HideHelp:        true,
+			SkipFlagParsing: true,
+			Action:          switchConsoleAction,
+		},
 		{
 			Name:        "tls",
 			Usage:       "setup tls configuration",
@@ -98,6 +119,13 @@ func Main() {
 			SkipFlagParsing: true,
 			Action:          udevSettleAction,
 		},
+		{
+			Name:            "user-docker",
+			Hidden:          true,
+			HideHelp:        true,
+			SkipFlagParsing: true,
+			Action:          userDockerAction,
+		},
 		installCommand,
 		selinuxCommand(),
 	}
--- a/cmd/control/console.go
+++ b/cmd/control/console.go
@@ -83,7 +83,7 @@ func consoleSwitch(c *cli.Context) error {
 		Labels: map[string]string{
 			config.SCOPE: config.SYSTEM,
 		},
-		Command:     []string{"/usr/bin/switch-console", newConsole},
+		Command:     []string{"/usr/bin/ros", "switch-console", newConsole},
 		VolumesFrom: []string{"all-volumes"},
 	})
 	if err != nil {
--- a/cmd/control/console_init.go
+++ b/cmd/control/console_init.go
@@ -0,0 +1,285 @@
+package control
+
+import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"regexp"
+	"strings"
+	"syscall"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/codegangsta/cli"
+	"github.com/rancher/os/cmd/cloudinitexecute"
+	"github.com/rancher/os/config"
+	"github.com/rancher/os/util"
+)
+
+const (
+	consoleDone = "/run/console-done"
+	dockerHome  = "/home/docker"
+	gettyCmd    = "/sbin/agetty"
+	rancherHome = "/home/rancher"
+	startScript = "/opt/rancher/bin/start.sh"
+)
+
+type symlink struct {
+	oldname, newname string
+}
+
+func consoleInitAction(c *cli.Context) error {
+	cfg := config.LoadConfig()
+
+	if _, err := os.Stat(rancherHome); os.IsNotExist(err) {
+		if err := os.MkdirAll(rancherHome, 0755); err != nil {
+			log.Error(err)
+		}
+		if err := os.Chown(rancherHome, 1100, 1100); err != nil {
+			log.Error(err)
+		}
+	}
+
+	if _, err := os.Stat(dockerHome); os.IsNotExist(err) {
+		if err := os.MkdirAll(dockerHome, 0755); err != nil {
+			log.Error(err)
+		}
+		if err := os.Chown(dockerHome, 1101, 1101); err != nil {
+			log.Error(err)
+		}
+	}
+
+	password := config.GetCmdline("rancher.password")
+	cmd := exec.Command("chpasswd")
+	cmd.Stdin = strings.NewReader(fmt.Sprint("rancher:", password))
+	if err := cmd.Run(); err != nil {
+		log.Error(err)
+	}
+
+	cmd = exec.Command("bash", "-c", `sed -E -i 's/(rancher:.*:).*(:.*:.*:.*:.*:.*:.*)$/\1\2/' /etc/shadow`)
+	if err := cmd.Run(); err != nil {
+		log.Error(err)
+	}
+
+	if err := setupSSH(cfg); err != nil {
+		log.Error(err)
+	}
+
+	if err := writeRespawn(); err != nil {
+		log.Error(err)
+	}
+
+	if err := modifySshdConfig(); err != nil {
+		log.Error(err)
+	}
+
+	if err := writeOsRelease(); err != nil {
+		log.Error(err)
+	}
+
+	for _, link := range []symlink{
+		{"/var/lib/rancher/engine/docker", "/usr/bin/docker"},
+		{"/var/lib/rancher/engine/docker-containerd", "/usr/bin/docker-containerd"},
+		{"/var/lib/rancher/engine/docker-containerd-ctr", "/usr/bin/docker-containerd-ctr"},
+		{"/var/lib/rancher/engine/docker-containerd-shim", "/usr/bin/docker-containerd-shim"},
+		{"/var/lib/rancher/engine/dockerd", "/usr/bin/dockerd"},
+		{"/var/lib/rancher/engine/docker-proxy", "/usr/bin/docker-proxy"},
+		{"/var/lib/rancher/engine/docker-runc", "/usr/bin/docker-runc"},
+	} {
+		syscall.Unlink(link.newname)
+		if err := os.Symlink(link.oldname, link.newname); err != nil {
+			log.Error(err)
+		}
+	}
+
+	cmd = exec.Command("bash", "-c", `echo 'RancherOS \n \l' > /etc/issue`)
+	if err := cmd.Run(); err != nil {
+		log.Error(err)
+	}
+
+	cmd = exec.Command("bash", "-c", `echo $(/sbin/ifconfig | grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) { print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F: '{ print $1 ": " $3}') >> /etc/issue`)
+	if err := cmd.Run(); err != nil {
+		log.Error(err)
+	}
+
+	cloudinitexecute.ApplyConsole(cfg)
+
+	if err := util.RunScript(config.CloudConfigScriptFile); err != nil {
+		log.Error(err)
+	}
+	if err := util.RunScript(startScript); err != nil {
+		log.Error(err)
+	}
+
+	if err := ioutil.WriteFile(consoleDone, []byte(cfg.Rancher.Console), 0644); err != nil {
+		log.Error(err)
+	}
+
+	if err := util.RunScript("/etc/rc.local"); err != nil {
+		log.Error(err)
+	}
+
+	os.Setenv("TERM", "linux")
+
+	respawnBinPath, err := exec.LookPath("respawn")
+	if err != nil {
+		return err
+	}
+
+	return syscall.Exec(respawnBinPath, []string{"respawn", "-f", "/etc/respawn.conf"}, os.Environ())
+}
+
+func generateRespawnConf(cmdline string) string {
+	var respawnConf bytes.Buffer
+
+	for i := 1; i < 7; i++ {
+		tty := fmt.Sprintf("tty%d", i)
+
+		respawnConf.WriteString(gettyCmd)
+		if strings.Contains(cmdline, fmt.Sprintf("rancher.autologin=%s", tty)) {
+			respawnConf.WriteString(" --autologin rancher")
+		}
+		respawnConf.WriteString(fmt.Sprintf(" 115200 %s\n", tty))
+	}
+
+	for _, tty := range []string{"ttyS0", "ttyS1", "ttyS2", "ttyS3", "ttyAMA0"} {
+		if !strings.Contains(cmdline, fmt.Sprintf("console=%s", tty)) {
+			continue
+		}
+
+		respawnConf.WriteString(gettyCmd)
+		if strings.Contains(cmdline, fmt.Sprintf("rancher.autologin=%s", tty)) {
+			respawnConf.WriteString(" --autologin rancher")
+		}
+		respawnConf.WriteString(fmt.Sprintf(" 115200 %s\n", tty))
+	}
+
+	respawnConf.WriteString("/usr/sbin/sshd -D")
+
+	return respawnConf.String()
+}
+
+func writeRespawn() error {
+	cmdline, err := ioutil.ReadFile("/proc/cmdline")
+	if err != nil {
+		return err
+	}
+
+	respawn := generateRespawnConf(string(cmdline))
+
+	files, err := ioutil.ReadDir("/etc/respawn.conf.d")
+	if err == nil {
+		for _, f := range files {
+			p := path.Join("/etc/respawn.conf.d", f.Name())
+			content, err := ioutil.ReadFile(p)
+			if err != nil {
+				log.Errorf("Failed to read %s: %v", p, err)
+				continue
+			}
+			respawn += fmt.Sprintf("\n%s", string(content))
+		}
+	} else if !os.IsNotExist(err) {
+		log.Error(err)
+	}
+
+	return ioutil.WriteFile("/etc/respawn.conf", []byte(respawn), 0644)
+}
+
+func modifySshdConfig() error {
+	sshdConfig, err := ioutil.ReadFile("/etc/ssh/sshd_config")
+	if err != nil {
+		return err
+	}
+	sshdConfigString := string(sshdConfig)
+
+	for _, item := range []string{
+		"UseDNS no",
+		"PermitRootLogin no",
+		"ServerKeyBits 2048",
+		"AllowGroups docker",
+	} {
+		match, err := regexp.Match("^"+item, sshdConfig)
+		if err != nil {
+			return err
+		}
+		if !match {
+			sshdConfigString += fmt.Sprintf("%s\n", item)
+		}
+	}
+
+	return ioutil.WriteFile("/etc/ssh/sshd_config", []byte(sshdConfigString), 0644)
+}
+
+func writeOsRelease() error {
+	idLike := "busybox"
+	if osRelease, err := ioutil.ReadFile("/etc/os-release"); err == nil {
+		for _, line := range strings.Split(string(osRelease), "\n") {
+			if strings.HasPrefix(line, "ID_LIKE") {
+				split := strings.Split(line, "ID_LIKE")
+				if len(split) > 1 {
+					idLike = split[1]
+				}
+			}
+		}
+	}
+
+	return ioutil.WriteFile("/etc/os-release", []byte(fmt.Sprintf(`
+NAME="RancherOS"
+VERSION=%s
+ID=rancheros
+ID_LIKE=%s
+VERSION_ID=%s
+PRETTY_NAME="RancherOS %s"
+HOME_URL=
+SUPPORT_URL=
+BUG_REPORT_URL=
+BUILD_ID=
+`, config.VERSION, idLike, config.VERSION, config.VERSION)), 0644)
+}
+
+func setupSSH(cfg *config.CloudConfig) error {
+	for _, keyType := range []string{"rsa", "dsa", "ecdsa", "ed25519"} {
+		outputFile := fmt.Sprintf("/etc/ssh/ssh_host_%s_key", keyType)
+		outputFilePub := fmt.Sprintf("/etc/ssh/ssh_host_%s_key.pub", keyType)
+
+		if _, err := os.Stat(outputFile); err == nil {
+			continue
+		}
+
+		saved, savedExists := cfg.Rancher.Ssh.Keys[keyType]
+		pub, pubExists := cfg.Rancher.Ssh.Keys[keyType+"-pub"]
+
+		if savedExists && pubExists {
+			// TODO check permissions
+			if err := util.WriteFileAtomic(outputFile, []byte(saved), 0600); err != nil {
+				return err
+			}
+			if err := util.WriteFileAtomic(outputFilePub, []byte(pub), 0600); err != nil {
+				return err
+			}
+			continue
+		}
+
+		cmd := exec.Command("bash", "-c", fmt.Sprintf("ssh-keygen -f %s -N '' -t %s", outputFile, keyType))
+		if err := cmd.Run(); err != nil {
+			return err
+		}
+
+		savedBytes, err := ioutil.ReadFile(outputFile)
+		if err != nil {
+			return err
+		}
+
+		pubBytes, err := ioutil.ReadFile(outputFilePub)
+		if err != nil {
+			return err
+		}
+
+		config.Set(fmt.Sprintf("rancher.ssh.keys.%s", keyType), string(savedBytes))
+		config.Set(fmt.Sprintf("rancher.ssh.keys.%s-pub", keyType), string(pubBytes))
+	}
+
+	return os.MkdirAll("/var/run/sshd", 0644)
+}
--- a/cmd/control/docker_init.go
+++ b/cmd/control/docker_init.go
@@ -0,0 +1,79 @@
+package control
+
+import (
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path"
+	"strings"
+	"syscall"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/codegangsta/cli"
+	"github.com/rancher/os/config"
+	"github.com/rancher/os/util"
+)
+
+const (
+	dockerConf = "/var/lib/rancher/conf/docker"
+	dockerDone = "/run/docker-done"
+	dockerLog  = "/var/log/docker.log"
+)
+
+func dockerInitAction(c *cli.Context) error {
+	for {
+		if _, err := os.Stat(consoleDone); err == nil {
+			break
+		}
+		time.Sleep(200 * time.Millisecond)
+	}
+
+	dockerBin := "/usr/bin/docker"
+	for _, binPath := range []string{
+		"/opt/bin",
+		"/usr/local/bin",
+		"/var/lib/rancher/docker",
+	} {
+		if util.ExistsAndExecutable(path.Join(binPath, "dockerd")) {
+			dockerBin = path.Join(binPath, "dockerd")
+			break
+		}
+		if util.ExistsAndExecutable(path.Join(binPath, "docker")) {
+			dockerBin = path.Join(binPath, "docker")
+			break
+		}
+	}
+
+	if err := syscall.Mount("", "/", "", syscall.MS_SHARED|syscall.MS_REC, ""); err != nil {
+		log.Error(err)
+	}
+	if err := syscall.Mount("", "/run", "", syscall.MS_SHARED|syscall.MS_REC, ""); err != nil {
+		log.Error(err)
+	}
+
+	mountInfo, err := ioutil.ReadFile("/proc/self/mountinfo")
+	if err != nil {
+		return err
+	}
+
+	for _, mount := range strings.Split(string(mountInfo), "\n") {
+		if strings.Contains(mount, "/var/lib/docker /var/lib/docker") && strings.Contains(mount, "rootfs") {
+			os.Setenv("DOCKER_RAMDISK", "1")
+		}
+	}
+
+	args := []string{
+		"bash",
+		"-c",
+		fmt.Sprintf(`[ -e %s ] && source %s; exec /usr/bin/dockerlaunch %s %s $DOCKER_OPTS >> %s 2>&1`, dockerConf, dockerConf, dockerBin, strings.Join(c.Args(), " "), dockerLog),
+	}
+
+	cfg := config.LoadConfig()
+
+	if err := ioutil.WriteFile(dockerDone, []byte(cfg.Rancher.Docker.Engine), 0644); err != nil {
+		log.Error(err)
+	}
+
+	return syscall.Exec("/bin/bash", args, os.Environ())
+}
--- a/cmd/control/engine.go
+++ b/cmd/control/engine.go
@@ -16,10 +16,6 @@ import (
 	"github.com/rancher/os/util/network"
 )

-const (
-	dockerDone = "/run/docker-done"
-)
-
 func engineSubcommands() []cli.Command {
 	return []cli.Command{
 		{
--- a/cmd/control/switch_console.go
+++ b/cmd/control/switch_console.go
@@ -0,0 +1,48 @@
+package control
+
+import (
+	"errors"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/codegangsta/cli"
+	"github.com/docker/libcompose/project/options"
+	"github.com/rancher/os/compose"
+	"github.com/rancher/os/config"
+	"golang.org/x/net/context"
+)
+
+func switchConsoleAction(c *cli.Context) error {
+	if len(c.Args()) != 1 {
+		return errors.New("Must specify exactly one existing container")
+	}
+	newConsole := c.Args()[0]
+
+	cfg := config.LoadConfig()
+
+	project, err := compose.GetProject(cfg, true, false)
+	if err != nil {
+		return err
+	}
+
+	if newConsole != "default" {
+		if err = compose.LoadSpecialService(project, cfg, "console", newConsole); err != nil {
+			return err
+		}
+	}
+
+	if err = config.Set("rancher.console", newConsole); err != nil {
+		log.Errorf("Failed to update 'rancher.console': %v", err)
+	}
+
+	if err = project.Up(context.Background(), options.Up{
+		Log: true,
+	}, "console"); err != nil {
+		return err
+	}
+
+	if err = project.Restart(context.Background(), 10, "docker"); err != nil {
+		log.Errorf("Failed to restart Docker: %v", err)
+	}
+
+	return nil
+}
--- a/cmd/control/user_docker.go
+++ b/cmd/control/user_docker.go
@@ -0,0 +1,238 @@
+package control
+
+import (
+	"io"
+	"io/ioutil"
+	"os"
+	"path"
+	"syscall"
+	"time"
+
+	"golang.org/x/net/context"
+
+	"path/filepath"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/codegangsta/cli"
+	composeClient "github.com/docker/libcompose/docker/client"
+	"github.com/docker/libcompose/project"
+	"github.com/rancher/os/compose"
+	"github.com/rancher/os/config"
+	rosDocker "github.com/rancher/os/docker"
+	"github.com/rancher/os/util"
+)
+
+const (
+	DEFAULT_STORAGE_CONTEXT = "console"
+	DOCKER_PID_FILE         = "/var/run/docker.pid"
+	userDocker              = "user-docker"
+	sourceDirectory         = "/engine"
+	destDirectory           = "/var/lib/rancher/engine"
+)
+
+var (
+	DOCKER_COMMAND = []string{
+		"ros",
+		"docker-init",
+	}
+)
+
+func userDockerAction(c *cli.Context) error {
+	if err := copyBinaries(sourceDirectory, destDirectory); err != nil {
+		return err
+	}
+
+	if err := syscall.Mount("/host/sys", "/sys", "", syscall.MS_BIND|syscall.MS_REC, ""); err != nil {
+		return err
+	}
+
+	cfg := config.LoadConfig()
+
+	return startDocker(cfg)
+}
+
+func copyBinaries(source, dest string) error {
+	if err := os.MkdirAll(dest, 0755); err != nil {
+		return err
+	}
+
+	files, err := ioutil.ReadDir(dest)
+	if err != nil {
+		return err
+	}
+
+	for _, file := range files {
+		if err = os.RemoveAll(path.Join(dest, file.Name())); err != nil {
+			return err
+		}
+	}
+
+	files, err = ioutil.ReadDir(source)
+	if err != nil {
+		return err
+	}
+
+	for _, file := range files {
+		sourceFile := path.Join(source, file.Name())
+		destFile := path.Join(dest, file.Name())
+
+		in, err := os.Open(sourceFile)
+		if err != nil {
+			return err
+		}
+		out, err := os.Create(destFile)
+		if err != nil {
+			return err
+		}
+		if _, err = io.Copy(out, in); err != nil {
+			return err
+		}
+		if err = out.Sync(); err != nil {
+			return err
+		}
+		if err = in.Close(); err != nil {
+			return err
+		}
+		if err = out.Close(); err != nil {
+			return err
+		}
+		if err := os.Chmod(destFile, 0751); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func writeConfigCerts(cfg *config.CloudConfig) error {
+	outDir := ServerTlsPath
+	if err := os.MkdirAll(outDir, 0700); err != nil {
+		return err
+	}
+	caCertPath := filepath.Join(outDir, CaCert)
+	caKeyPath := filepath.Join(outDir, CaKey)
+	serverCertPath := filepath.Join(outDir, ServerCert)
+	serverKeyPath := filepath.Join(outDir, ServerKey)
+	if cfg.Rancher.Docker.CACert != "" {
+		if err := util.WriteFileAtomic(caCertPath, []byte(cfg.Rancher.Docker.CACert), 0400); err != nil {
+			return err
+		}
+
+		if err := util.WriteFileAtomic(caKeyPath, []byte(cfg.Rancher.Docker.CAKey), 0400); err != nil {
+			return err
+		}
+	}
+	if cfg.Rancher.Docker.ServerCert != "" {
+		if err := util.WriteFileAtomic(serverCertPath, []byte(cfg.Rancher.Docker.ServerCert), 0400); err != nil {
+			return err
+		}
+
+		if err := util.WriteFileAtomic(serverKeyPath, []byte(cfg.Rancher.Docker.ServerKey), 0400); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func startDocker(cfg *config.CloudConfig) error {
+	storageContext := cfg.Rancher.Docker.StorageContext
+	if storageContext == "" {
+		storageContext = DEFAULT_STORAGE_CONTEXT
+	}
+
+	log.Infof("Starting Docker in context: %s", storageContext)
+
+	p, err := compose.GetProject(cfg, true, false)
+	if err != nil {
+		return err
+	}
+
+	pid, err := waitForPid(storageContext, p)
+	if err != nil {
+		return err
+	}
+
+	log.Infof("%s PID %d", storageContext, pid)
+
+	client, err := rosDocker.NewSystemClient()
+	if err != nil {
+		return err
+	}
+
+	dockerCfg := cfg.Rancher.Docker
+
+	args := dockerCfg.FullArgs()
+
+	log.Debugf("User Docker args: %v", args)
+
+	if dockerCfg.TLS {
+		if err := writeConfigCerts(cfg); err != nil {
+			return err
+		}
+	}
+
+	info, err := client.ContainerInspect(context.Background(), storageContext)
+	if err != nil {
+		return err
+	}
+
+	cmd := []string{"docker-runc", "exec", "--", info.ID, "env"}
+	log.Info(dockerCfg.AppendEnv())
+	cmd = append(cmd, dockerCfg.AppendEnv()...)
+	cmd = append(cmd, DOCKER_COMMAND...)
+	cmd = append(cmd, args...)
+	log.Infof("Running %v", cmd)
+
+	return syscall.Exec("/usr/bin/ros", cmd, os.Environ())
+}
+
+func waitForPid(service string, project *project.Project) (int, error) {
+	log.Infof("Getting PID for service: %s", service)
+	for {
+		if pid, err := getPid(service, project); err != nil || pid == 0 {
+			log.Infof("Waiting for %s : %d : %v", service, pid, err)
+			time.Sleep(1 * time.Second)
+		} else {
+			return pid, err
+		}
+	}
+}
+
+func getPid(service string, project *project.Project) (int, error) {
+	s, err := project.CreateService(service)
+	if err != nil {
+		return 0, err
+	}
+
+	containers, err := s.Containers(context.Background())
+	if err != nil {
+		return 0, err
+	}
+
+	if len(containers) == 0 {
+		return 0, nil
+	}
+
+	client, err := composeClient.Create(composeClient.Options{
+		Host: config.DOCKER_SYSTEM_HOST,
+	})
+	if err != nil {
+		return 0, err
+	}
+
+	id, err := containers[0].ID()
+	if err != nil {
+		return 0, err
+	}
+
+	info, err := client.ContainerInspect(context.Background(), id)
+	if err != nil || info.ID == "" {
+		return 0, err
+	}
+
+	if info.State.Running {
+		return info.State.Pid, nil
+	}
+
+	return 0, nil
+}