rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-09-02 07:15:41 +00:00
Code Issues Releases Wiki Activity

build based on os-config.yml

Browse Source 
WIP: build scripts
This commit is contained in:
Ivan Mikushin
2015-06-16 01:19:17 +05:00
parent dff70f8362
commit 4bf30683e7
42 changed files with 140 additions and 742 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.dockerignore
View File

@@ -1,4 +1,6 @@
.git .git
.idea
tmp
state state
build build
dist dist

18
build.sh
View File

@@ -8,17 +8,15 @@ export DOCKER_IMAGE=rancher-os-build
source ./scripts/version source ./scripts/version
./scripts/ci ./scripts/ci
mkdir -p dist
docker run --rm -it -e CHOWN_ID=$(id -u) -v $(pwd)/dist:/source/target $DOCKER_IMAGE
# Stupidest argparse ever rm -rf dist
if echo "$@" | grep -q -- '--images'; then
./scripts/build-extra-images
fi
# And again echo "Build complete. Copying artifacts..."
if echo "$@" | grep -q -- '--push'; then DIST_CONTAINER=$(docker create ${DOCKER_IMAGE})
docker push rancher/ubuntuconsole:${VERSION} cleanup() {
fi docker rm -v ${DIST_CONTAINER}
}
trap cleanup EXIT
docker cp ${DIST_CONTAINER}:/source/dist/artifacts dist
ls -l dist/artifacts ls -l dist/artifacts

42
cmd/control/config.go
View File

@@ -5,6 +5,7 @@ import (
"io" "io"
"io/ioutil" "io/ioutil"
"os" "os"
"sort"
"strings" "strings"
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
@@ -37,6 +38,17 @@ func configSubcommands() []cli.Command {
}, },
}, },
}, },
{
Name: "images",
Usage: "List Docker images for a configuration from a file",
Action: runImages,
Flags: []cli.Flag{
cli.StringFlag{
Name: "input, i",
Usage: "File from which to read config",
},
},
},
{ {
Name: "export", Name: "export",
Usage: "export configuration", Usage: "export configuration",
@@ -64,6 +76,36 @@ func configSubcommands() []cli.Command {
} }
} }
func imagesFromConfig(cfg *config.Config) []string {
imagesMap := map[string]int{}
for _, service := range cfg.BootstrapContainers {
imagesMap[service.Image] = 1
}
for _, service := range cfg.SystemContainers {
imagesMap[service.Image] = 1
}
images := make([]string, len(imagesMap))
i := 0
for image := range imagesMap {
images[i] = image
i += 1
}
sort.Strings(images)
return images
}
func runImages(c *cli.Context) {
configFile := c.String("input")
cfg := config.ReadConfig(configFile)
if cfg == nil {
log.Fatalf("Could not read config from file %v", configFile)
}
images := imagesFromConfig(cfg)
fmt.Println(strings.Join(images, " "))
}
func runImport(c *cli.Context) { func runImport(c *cli.Context) {
var input io.ReadCloser var input io.ReadCloser
var err error var err error

47
os-config.yml
View File

@@ -1,6 +1,6 @@
bootstrap_containers: bootstrap_containers:
udev: udev:
image: udev image: rancher/os-udev
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -12,6 +12,7 @@ bootstrap_containers:
links: [] links: []
log_driver: json-file log_driver: json-file
net: host net: host
uts: host
privileged: true privileged: true
volumes: volumes:
- /dev:/host/dev - /dev:/host/dev
@@ -41,7 +42,7 @@ state:
dev: LABEL=RANCHER_STATE dev: LABEL=RANCHER_STATE
system_containers: system_containers:
acpid: acpid:
image: acpid image: rancher/os-acpid
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -51,12 +52,13 @@ system_containers:
io.rancher.os.scope: system io.rancher.os.scope: system
links: [] links: []
net: host net: host
uts: host
privileged: true privileged: true
volumes_from: volumes_from:
- command-volumes - command-volumes
- system-volumes - system-volumes
all-volumes: all-volumes:
image: state image: rancher/os-state
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -76,7 +78,7 @@ system_containers:
- user-volumes - user-volumes
- system-volumes - system-volumes
cloud-init: cloud-init:
image: cloudinit image: rancher/os-cloudinit
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -91,12 +93,13 @@ system_containers:
- cloud-init-pre - cloud-init-pre
- network - network
net: host net: host
uts: host
privileged: true privileged: true
volumes_from: volumes_from:
- command-volumes - command-volumes
- system-volumes - system-volumes
cloud-init-pre: cloud-init-pre:
image: cloudinit image: rancher/os-cloudinit
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -110,12 +113,13 @@ system_containers:
links: links:
- preload-system-images - preload-system-images
net: host net: host
uts: host
privileged: true privileged: true
volumes_from: volumes_from:
- command-volumes - command-volumes
- system-volumes - system-volumes
command-volumes: command-volumes:
image: state image: rancher/os-state
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -144,7 +148,7 @@ system_containers:
- /lib/modules:/lib/modules - /lib/modules:/lib/modules
- /usr/bin/docker:/usr/bin/docker:ro - /usr/bin/docker:/usr/bin/docker:ro
console: console:
image: console image: rancher/os-console
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -156,6 +160,7 @@ system_containers:
links: links:
- cloud-init - cloud-init
net: host net: host
uts: host
pid: host pid: host
ipc: host ipc: host
privileged: true privileged: true
@@ -163,7 +168,7 @@ system_containers:
volumes_from: volumes_from:
- all-volumes - all-volumes
docker: docker:
image: docker image: rancher/os-docker
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -174,6 +179,7 @@ system_containers:
links: links:
- network - network
net: host net: host
uts: host
pid: host pid: host
ipc: host ipc: host
privileged: true privileged: true
@@ -181,7 +187,7 @@ system_containers:
volumes_from: volumes_from:
- all-volumes - all-volumes
docker-volumes: docker-volumes:
image: state image: rancher/os-state
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -200,7 +206,7 @@ system_containers:
- /var/lib/docker:/var/lib/docker - /var/lib/docker:/var/lib/docker
- /var/lib/system-docker:/var/lib/system-docker - /var/lib/system-docker:/var/lib/system-docker
dockerwait: dockerwait:
image: dockerwait image: rancher/os-dockerwait
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -212,10 +218,11 @@ system_containers:
links: links:
- docker - docker
net: host net: host
uts: host
volumes_from: volumes_from:
- all-volumes - all-volumes
network: network:
image: network image: rancher/os-network
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -227,12 +234,13 @@ system_containers:
links: links:
- cloud-init-pre - cloud-init-pre
net: host net: host
uts: host
privileged: true privileged: true
volumes_from: volumes_from:
- command-volumes - command-volumes
- system-volumes - system-volumes
ntp: ntp:
image: ntp image: rancher/os-ntp
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -244,10 +252,11 @@ system_containers:
- cloud-init - cloud-init
- network - network
net: host net: host
uts: host
privileged: true privileged: true
restart: always restart: always
preload-system-images: preload-system-images:
image: preload image: rancher/os-preload
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -265,7 +274,7 @@ system_containers:
- command-volumes - command-volumes
- system-volumes - system-volumes
preload-user-images: preload-user-images:
image: preload image: rancher/os-preload
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -284,7 +293,7 @@ system_containers:
- command-volumes - command-volumes
- system-volumes - system-volumes
syslog: syslog:
image: syslog image: rancher/os-syslog
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -295,12 +304,13 @@ system_containers:
links: [] links: []
log_driver: json-file log_driver: json-file
net: host net: host
uts: host
privileged: true privileged: true
restart: always restart: always
volumes_from: volumes_from:
- system-volumes - system-volumes
system-volumes: system-volumes:
image: state image: rancher/os-state
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -324,7 +334,7 @@ system_containers:
- /var/run:/var/run - /var/run:/var/run
- /var/log:/var/log - /var/log:/var/log
udev: udev:
image: udev image: rancher/os-udev
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []
@@ -336,12 +346,13 @@ system_containers:
io.rancher.os.scope: system io.rancher.os.scope: system
links: [] links: []
net: host net: host
uts: host
privileged: true privileged: true
restart: always restart: always
volumes_from: volumes_from:
- system-volumes - system-volumes
user-volumes: user-volumes:
image: state image: rancher/os-state
command: [] command: []
dns: [] dns: []
dns_search: [] dns_search: []

35
scripts/build-common
View File

@@ -1,46 +1,12 @@
#!/bin/bash #!/bin/bash
set -e
: ${ARTIFACTS:=$(pwd)/assets} : ${ARTIFACTS:=$(pwd)/assets}
: ${BUILD:=$(pwd)/build} : ${BUILD:=$(pwd)/build}
: ${CONFIG:=$(pwd)/config} : ${CONFIG:=$(pwd)/config}
: ${DIST:=$(pwd)/dist} : ${DIST:=$(pwd)/dist}
BUILDROOT=buildroot-2014.11.tar.bz2
DOCKER_FILE=${CONFIG}/.dockerfile DOCKER_FILE=${CONFIG}/.dockerfile
mkdir -p ${BUILD} ${DIST}
busybox_install()
{
local conf=$1
local bbconf=$2
local target=$3
if [ "$#" = "2" ]; then
target=$2
bbconf=
fi
apt-get update
apt-get install -y build-essential wget libncurses5-dev unzip bc
cd ${BUILD}
rm -rf ${BUILDROOT/.tar.bz2//}
tar xvjf ${ARTIFACTS}/${BUILDROOT}
cd ${BUILDROOT/.tar.bz2//}
cp $conf .config
if [ -n "$bbconf" ]; then
cp $bbconf package/busybox/
fi
make oldconfig
make
cp output/images/rootfs.tar $target
}
write_base() write_base()
{ {
if [ "${BASE_WRITTEN}" = "true" ]; then if [ "${BASE_WRITTEN}" = "true" ]; then
@@ -54,7 +20,6 @@ FROM ${DOCKER_BASE:=ubuntu:14.04.2}
ENV TERM xterm ENV TERM xterm
ENV IN_DOCKER true ENV IN_DOCKER true
WORKDIR /source WORKDIR /source
CMD ["/source/scripts/install"]
EOF EOF
BASE_WRITTEN=true BASE_WRITTEN=true

15
scripts/build-extra-images
View File

@@ -1,15 +0,0 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
source scripts/build-common
source scripts/version
>${BUILD}/tags
for i in scripts/extraimages/[0-9]*; do
tag=$(echo $i | cut -f2 -d-):${VERSION}
echo Building $tag
docker build -t rancher/$tag -f $i .
echo $tag >> ${BUILD}/tags
done

73
scripts/build-images
View File

@@ -1,46 +1,47 @@
#!/bin/bash #!/bin/bash
set -e set -ex
VERSION=v0.0.1
cd $(dirname $0)/.. cd $(dirname $0)/..
source scripts/build-common source scripts/build-common
source scripts/version
ARTIFACTS=${ARTIFACTS:?"ARTIFACTS not set"}
VERSION=${VERSION:?"VERSION not set"}
BUILD=${BUILD:?"BUILD not set"}
DIST=${DIST:?"DIST not set"}
mkdir -p ${BUILD}/initrd ${DIST}/artifacts if [ -x "$(which wrapdocker)" ] && ! docker info >/dev/null 2>&1; then
echo Extracting ${ARTIFACTS}/os-base.tar.xz
tar xJf ${ARTIFACTS}/os-base.tar.xz -C ${BUILD}
tar xvf ${BUILD}/dist/kernel/*.tar -C ${BUILD}/dist/kernel
cp /etc/ssl/certs/ca-certificates.crt ${ARTIFACTS}/ca.crt
cp /etc/ssl/certs/ca-certificates.crt ${BUILD}/initrd/ca.crt
cp ${BUILD}/dist/rootfs.tar ${ARTIFACTS}
rm -rf ${BUILD}/initrd/lib
cp -rf ${BUILD}/dist/kernel/lib ${BUILD}/initrd
cp -rf ${BUILD}/dist/kernel/headers/* ${BUILD}/initrd
cp -f ${ARTIFACTS}/docker* ${BUILD}/initrd/docker
chmod +x ${BUILD}/initrd/docker
cp ${BUILD}/dist/kernel/boot/vmlinuz* ${DIST}/artifacts/vmlinuz
tar xf ${BUILD}/dist/rootfs-static.tar -C ${BUILD}/initrd --strip-components=2 ./bin/busybox
tar xf ${BUILD}/dist/rootfs-static.tar -C ${BUILD}/initrd --strip-components=3 ./usr/sbin/xtables-multi
if ! docker info >/dev/null 2>&1 && [ -x "$(which wrapdocker)" ]; then
wrapdocker wrapdocker
fi fi
>${BUILD}/tags CONTAINER_INITRDBASE=$(docker create rancher/os-initrdbase:${VERSION})
for i in scripts/dockerimages/[0-9]*; do cleanup_initrdbase() {
tag=$(echo $i | cut -f2 -d-) docker rm -v ${CONTAINER_INITRDBASE}
echo Building $tag }
docker build -t $tag -f $i . trap cleanup_initrdbase EXIT
docker build -t ${tag}:${VERSION} -f $i . docker cp ${CONTAINER_INITRDBASE}:/initrd ${BUILD} # copies files to ${BUILD}/initrd
echo $tag >> ${BUILD}/tags
done
echo Creating images.tar INITRD_DIR=${BUILD}/initrd
docker save $(<${BUILD}/tags) > ${BUILD}/initrd/images.tar
mkdir -p ${DIST}/artifacts
CONTAINER_KERNEL=$(docker create rancher/os-kernel:${VERSION})
cleanup_kernel() {
docker rm -v ${CONTAINER_KERNEL}
}
trap cleanup_kernel EXIT
docker cp ${CONTAINER_KERNEL}:/kernel ${BUILD} # copies files to ${BUILD}/kernel
mv ${BUILD}/kernel/vmlinuz ${DIST}/artifacts/ #kernel
cp -f ${ARTIFACTS}/docker* ${INITRD_DIR}/docker #initrd2-docker: /docker
chmod +x ${INITRD_DIR}/docker #initrd2-docker: /docker
ln -sf bin/rancheros ./ros
for i in $(./ros c images -i os-config.yml); do
docker pull ${i}:${VERSION}
docker tag -f ${i}:${VERSION} ${i}
done
docker save $(./ros c images -i os-config.yml) > ${INITRD_DIR}/images.tar #initrd2-images: /images.tar

2
scripts/build-vbox-vm
View File

@@ -18,7 +18,7 @@ fi
GITSHA=$(git rev-parse --short HEAD) GITSHA=$(git rev-parse --short HEAD)
VM="RancherOS-${GITSHA}" VM="RancherOS-${GITSHA}"
sudo chown -R `whoami`:`whoami` ./dist sudo chown -R `whoami` ./dist
VBoxManage createhd --format vmdk --filename ./dist/artifacts/$VM.vmdk --size 40000 VBoxManage createhd --format vmdk --filename ./dist/artifacts/$VM.vmdk --size 40000

24
scripts/ci
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
set -e set -ex
cd $(dirname $0)/.. cd $(dirname $0)/..
@@ -7,6 +7,7 @@ export DOCKER_IMAGE=${DOCKER_IMAGE:=rancher-os-build}
export DOCKER_BASE=rancher/dind:v0.1.0 export DOCKER_BASE=rancher/dind:v0.1.0
source scripts/build-common source scripts/build-common
mkdir -p ${BUILD}
DOCKER_FILE=$(pwd)/.dockerfile DOCKER_FILE=$(pwd)/.dockerfile
@@ -25,7 +26,7 @@ generate_images()
echo Running: docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images echo Running: docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images
CID=$(docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images) CID=$(docker run -d --privileged ${DOCKER_IMAGE} /source/scripts/build-images)
docker logs -f ${CID} & docker logs -f ${CID} &
trap "docker rm -f ${CID}" exit trap "docker rm -fv ${CID}" exit
[ "$(docker wait $CID)" == 0 ] [ "$(docker wait $CID)" == 0 ]
DOCKER_BASE=$(docker commit $CID) DOCKER_BASE=$(docker commit $CID)
@@ -38,16 +39,8 @@ if [ -x "$(which wrapdocker)" ] && ! docker info >/dev/null 2>&1; then
fi fi
run ./scripts/bootstrap run ./scripts/bootstrap
run ./scripts/test
run --assets ./scripts/build-common --assets ./assets ./scripts/download
run --assets ./scripts/dockerimages --assets ./scripts/build-images
finish
generate_images
reset_docker_build
ARGS= ARGS=
for i in $(ls -d * .* | sort -u | grep -Ev '(\.|\.\.|\.dockerfile|build|dist|.git|scripts|bin|state)$'); do for i in $(ls -d * .* | sort -u | grep -Ev '(\.|\.\.|\.dockerfile|build|tmp|dist|.git|.idea|.vagrant|scripts|bin|state)$'); do
if [ -d $i ]; then if [ -d $i ]; then
run --assets $i run --assets $i
else else
@@ -55,5 +48,12 @@ for i in $(ls -d * .* | sort -u | grep -Ev '(\.|\.\.|\.dockerfile|build|dist|.gi
fi fi
done done
run --assets ./scripts/version --assets "${ARGS}" ./scripts/build run --assets ./scripts/version --assets "${ARGS}" ./scripts/build
run --assets ./scripts/install ./scripts/package "$@" run --assets ./scripts/build-common --assets ./assets ./scripts/download
run --assets ./scripts/build-images
finish
generate_images
reset_docker_build
run ./scripts/package "$@"
finish finish

36
scripts/dockerimages/00-base
View File

@@ -1,36 +0,0 @@
FROM scratch
ADD assets/rootfs.tar /
RUN ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# Cleanup Buildroot
RUN rm /sbin/poweroff /sbin/reboot /sbin/halt && \
sed -i '/^root/s!/bin/sh!/bin/bash!' /etc/passwd && \
echo 'RancherOS \n \l' > /etc/issue && \
rm -rf /run \
/linuxrc \
/etc/os-release \
/var/cache \
/var/lock \
/var/log \
/var/run \
/var/spool \
/var/lib/misc && \
mkdir -p \
/run \
/var/cache \
/var/lock \
/var/log \
/var/run \
/var/spool && \
passwd -l root && \
addgroup -g 1100 rancher && \
addgroup -g 1101 docker && \
addgroup -g 1103 sudo && \
adduser -u 1100 -G rancher -D -h /home/rancher -s /bin/bash rancher && \
adduser -u 1101 -G docker -D -h /home/docker -s /bin/bash docker && \
sed -i 's/\(^docker.*\)/\1rancher/g' /etc/group && \
sed -i 's/\(^sudo.*\)/\1rancher,docker/g' /etc/group && \
echo '%sudo ALL=(ALL) ALL' >> /etc/sudoers
COPY scripts/dockerimages/scripts/inputrc /etc/inputrc
COPY scripts/dockerimages/scripts/entry.sh /usr/sbin/entry.sh
ENTRYPOINT ["/usr/sbin/entry.sh"]

2
scripts/dockerimages/01-state
View File

@@ -1,2 +0,0 @@
FROM base
CMD ["echo"]

3
scripts/dockerimages/02-udev
View File

@@ -1,3 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/udev.sh /
CMD ["/udev.sh"]

2
scripts/dockerimages/03-network
View File

@@ -1,2 +0,0 @@
FROM base
CMD ["netconf"]

3
scripts/dockerimages/04-cloudinit
View File

@@ -1,3 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/cloud-init.sh /
CMD ["/cloud-init.sh"]

4
scripts/dockerimages/05-docker
View File

@@ -1,4 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/docker.sh /
COPY assets/ca.crt /etc/ssl/certs/ca-certificates.crt
CMD ["/docker.sh"]

12
scripts/dockerimages/06-console
View File

@@ -1,12 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/console.sh /usr/sbin/
COPY scripts/dockerimages/scripts/update-ssh-keys /usr/bin/
COPY scripts/dockerimages/scripts/rancheros-install /usr/sbin/
RUN sed -i 's/rancher:!/rancher:*/g' /etc/shadow && \
sed -i 's/docker:!/docker:*/g' /etc/shadow && \
sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 180/g' /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
CMD ["/usr/sbin/console.sh"]

2
scripts/dockerimages/07-rescue
View File

@@ -1,2 +0,0 @@
FROM console
CMD ["/bin/sh"]

3
scripts/dockerimages/08-ntp
View File

@@ -1,3 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/ntp.sh /
CMD ["/ntp.sh"]

4
scripts/dockerimages/09-syslog
View File

@@ -1,4 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/syslog.sh /
RUN sed -i 1,10d /etc/rsyslog.conf
CMD ["/syslog.sh"]

3
scripts/dockerimages/10-autoformat
View File

@@ -1,3 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/auto-format.sh /usr/sbin/
ENTRYPOINT ["/usr/sbin/auto-format.sh"]

2
scripts/dockerimages/11-dockerwait
View File

@@ -1,2 +0,0 @@
FROM base
CMD ["/usr/sbin/wait-for-docker"]

2
scripts/dockerimages/12-acpid
View File

@@ -1,2 +0,0 @@
FROM base
CMD ["/usr/sbin/acpid", "-f"]

3
scripts/dockerimages/13-preload
View File

@@ -1,3 +0,0 @@
FROM base
COPY scripts/dockerimages/scripts/preload.sh /
CMD ["/preload.sh"]

47
scripts/dockerimages/scripts/auto-format.sh
View File

@@ -1,47 +0,0 @@
#!/bin/bash
set -ex
if [ -n "$1" ]; then
# Test for our magic string (it means that the disk was made by ./boot2docker init)
HEADER=`dd if=$1 bs=1 count=${#MAGIC} 2>/dev/null`
if [ "$HEADER" = "$MAGIC" ]; then
# save the preload userdata.tar file
dd if=$1 of=/userdata.tar bs=1 count=8192
fi
mkfs.ext4 -L RANCHER_STATE $1
if [ -e "/userdata.tar" ]; then
mount -t ext4 $1 /var/
mkdir -p /var/lib/rancher/conf/cloud-config.d
echo $(tar -xvf /userdata.tar)
AUTHORIZED_KEY1=$(cat /.ssh/authorized_keys)
AUTHORIZED_KEY2=$(cat /.ssh/authorized_keys2)
tee /var/lib/rancher/conf/cloud-config.d/machine.yml << EOF
#cloud-config
rancher:
network:
interfaces:
eth0:
dhcp: true
eth1:
dhcp: true
lo:
address: 127.0.0.1/8
ssh_authorized_keys:
- $AUTHORIZED_KEY1
- $AUTHORIZED_KEY2
users:
- name: docker
ssh_authorized_keys:
- $AUTHORIZED_KEY1
- $AUTHORIZED_KEY2
EOF
fi
fi

17
scripts/dockerimages/scripts/cloud-init.sh
View File

@@ -1,17 +0,0 @@
#!/bin/bash
set -x -e
MOUNT_POINT=/media/config-2
CONFIG_DEV=$(blkid | grep -- 'LABEL="config-2"' | cut -f1 -d:)
mkdir -p ${MOUNT_POINT}
if [ -e "${CONFIG_DEV}" ]; then
mount ${CONFIG_DEV} ${MOUNT_POINT}
else
mount -t 9p -o trans=virtio,version=9p2000.L config-2 ${MOUNT_POINT} 2>/dev/null || true
fi
ros config get cloud_init
cloud-init -save -network=${CLOUD_INIT_NETWORK:-true}

114
scripts/dockerimages/scripts/console.sh
View File

@@ -1,114 +0,0 @@
#!/bin/bash
set -e
setup_ssh()
{
for i in rsa dsa ecdsa ed25519; do
local output=/etc/ssh/ssh_host_${i}_key
if [ ! -e $output ]; then
local saved="$(rancherctl config get ssh.keys.${i})"
local pub="$(rancherctl config get ssh.keys.${i}-pub)"
if [[ -n "$saved" && -n "$pub" ]]; then
(
umask 477
echo "$saved" > ${output}
echo "$pub" > ${output}.pub
)
else
ssh-keygen -f $output -N '' -t $i
rancherctl config set -- ssh.keys.${i} "$(<${output})"
rancherctl config set -- ssh.keys.${i}-pub "$(<${output}.pub)"
fi
fi
done
mkdir -p /var/run/sshd
}
RANCHER_HOME=/home/rancher
if [ ! -d ${RANCHER_HOME} ]; then
mkdir -p ${RANCHER_HOME}
chown rancher:rancher ${RANCHER_HOME}
chmod 2755 ${RANCHER_HOME}
fi
DOCKER_HOME=/home/docker
if [ ! -d ${DOCKER_HOME} ]; then
mkdir -p ${DOCKER_HOME}
chown docker:docker ${DOCKER_HOME}
chmod 2755 ${DOCKER_HOME}
fi
for i in $(</proc/cmdline); do
case $i in
rancher.password=*)
PASSWORD=$(echo $i | sed 's/rancher.password=//')
;;
esac
done
if [ -n "$PASSWORD" ]; then
echo "rancher:$PASSWORD" | chpasswd
fi
cloud-init -execute
if [ -x /var/lib/rancher/conf/cloud-config-script ]; then
echo "Running /var/lib/rancher/conf/cloud-config-script"
/var/lib/rancher/conf/cloud-config-script || true
fi
setup_ssh
VERSION="$(rancherctl -v | awk '{print $NF}')"
cat > /etc/lsb-release << EOF
DISTRIB_ID=RancherOS
DISTRIB_RELEASE=${VERSION}
DISTRIB_DESCRIPTION="RancherOS ${VERSION}"
EOF
cat > /etc/respawn.conf << EOF
/sbin/getty 115200 tty1
/sbin/getty 115200 tty2
/sbin/getty 115200 tty3
/sbin/getty 115200 tty4
/sbin/getty 115200 tty5
/sbin/getty 115200 tty6
/usr/sbin/sshd -D
EOF
if ! grep -q '^UseDNS no' /etc/ssh/sshd_config; then
echo "UseDNS no" >> /etc/ssh/sshd_config
fi
ID_TYPE="busybox"
if [ -e /etc/os-release ] && grep -q 'ID_LIKE=' /etc/os-release; then
ID_TYPE=$(grep 'ID_LIKE=' /etc/os-release | cut -d'=' -f2)
fi
cat > /etc/os-release << EOF
NAME="RancherOS"
VERSION=$VERSION
ID=rancheros
ID_LIKE=$ID_TYPE
VERSION_ID=$VERSION
PRETTY_NAME="RancherOS"
HOME_URL=
SUPPORT_URL=
BUG_REPORT_URL=
BUILD_ID=
EOF
if ! grep -q "$(hostname)" /etc/hosts; then
echo 127.0.1.1 $(hostname) >> /etc/hosts
fi
echo $(/sbin/ifconfig | grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) { print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F: '{ print $1 ": " $3}') >> /etc/issue
if [ -x /opt/rancher/bin/start.sh ]; then
echo Executing custom script
/opt/rancher/bin/start.sh || true
fi
exec respawn -f /etc/respawn.conf

34
scripts/dockerimages/scripts/docker.sh
View File

@@ -1,34 +0,0 @@
#!/bin/bash
set -x -e
TLS_PATH=/etc/docker/tls
CGROUPS="perf_event net_cls freezer devices blkio memory cpuacct cpu cpuset"
mkdir -p /sys/fs/cgroup
mount -t tmpfs none /sys/fs/cgroup
for i in $CGROUPS; do
mkdir -p /sys/fs/cgroup/$i
mount -t cgroup -o $i none /sys/fs/cgroup/$i
done
if ! lsmod | grep -q br_netfilter; then
modprobe br_netfilter 2>/dev/null || true
fi
rm -f /var/run/docker.pid
ARGS=$(echo $(ros config get user_docker.args | sed 's/^-//'))
ARGS="$ARGS $(echo $(ros config get user_docker.extra_args | sed 's/^-//'))"
if [ "$(ros config get user_docker.tls)" = "true" ]; then
ARGS="$ARGS $(echo $(ros config get user_docker.tls_args | sed 's/^-//'))"
ros tls generate --server -d $TLS_PATH
cd $TLS_PATH
fi
if [ -e /var/lib/rancher/conf/docker ]; then
source /var/lib/rancher/conf/docker
fi
exec $ARGS $DOCKER_OPTS >/var/log/docker.log 2>&1

14
scripts/dockerimages/scripts/entry.sh
View File

@@ -1,14 +0,0 @@
#!/bin/bash
if [ -e /host/dev ]; then
mount --rbind /host/dev /dev
fi
CA_BASE=/etc/ssl/certs/ca-certificates.crt.rancher
CA=/etc/ssl/certs/ca-certificates.crt
if [[ -e ${CA_BASE} && ! -e ${CA} ]]; then
cp $CA_BASE $CA
fi
exec "$@"

67
scripts/dockerimages/scripts/inputrc
View File

@@ -1,67 +0,0 @@
# /etc/inputrc - global inputrc for libreadline
# See readline(3readline) and `info rluserman' for more information.
# Be 8 bit clean.
set input-meta on
set output-meta on
# To allow the use of 8bit-characters like the german umlauts, uncomment
# the line below. However this makes the meta key not work as a meta key,
# which is annoying to those which don't need to type in 8-bit characters.
# set convert-meta off
# try to enable the application keypad when it is called. Some systems
# need this to enable the arrow keys.
# set enable-keypad on
# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
# do not bell on tab-completion
# set bell-style none
# set bell-style visible
# some defaults / modifications for the emacs mode
$if mode=emacs
# allow the use of the Home/End keys
"\e[1~": beginning-of-line
"\e[4~": end-of-line
# allow the use of the Delete/Insert keys
"\e[3~": delete-char
"\e[2~": quoted-insert
# mappings for "page up" and "page down" to step to the beginning/end
# of the history
# "\e[5~": beginning-of-history
# "\e[6~": end-of-history
# alternate mappings for "page up" and "page down" to search the history
# "\e[5~": history-search-backward
# "\e[6~": history-search-forward
# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
"\e[1;5C": forward-word
"\e[1;5D": backward-word
"\e[5C": forward-word
"\e[5D": backward-word
"\e\e[C": forward-word
"\e\e[D": backward-word
$if term=rxvt
"\e[7~": beginning-of-line
"\e[8~": end-of-line
"\eOc": forward-word
"\eOd": backward-word
$endif
# for non RH/Debian xterm, can't hurt for RH/Debian xterm
# "\eOH": beginning-of-line
# "\eOF": end-of-line
# for freebsd console
# "\e[H": beginning-of-line
# "\e[F": end-of-line
$endif

3
scripts/dockerimages/scripts/ntp.sh
View File

@@ -1,3 +0,0 @@
#!/bin/bash
exec ntpd

40
scripts/dockerimages/scripts/preload.sh
View File

@@ -1,40 +0,0 @@
#!/bin/bash
set -e
BASE=${1:-${PRELOAD_DIR}}
BASE=${BASE:-/mnt/preload}
should_load() {
file=${1}
if [[ ${file} =~ \.done$ ]]; then echo false
elif [ -f ${file} ]; then
if [ ! -e ${file}.done ]; then echo true
elif [[ $(stat -c %Y ${file}) > $(stat -c %Y ${file}.done) ]]; then echo true
else echo false
fi
else echo false
fi
}
if [ -d ${BASE} ]; then
echo Preloading docker images from ${BASE}...
for file in $(ls ${BASE}); do
path=${BASE}/${file}
loading=$(should_load ${path})
if [ ${loading} == "true" ]; then
CAT="cat ${path}"
if [[ ${file} =~ \.t?gz$ ]]; then CAT="${CAT} | gunzip"; fi
if [[ ${file} =~ \.t?xz$ ]]; then CAT="${CAT} | unxz"; fi
CAT="${CAT} | docker load"
echo loading from ${path}
eval ${CAT} || :
touch ${path}.done || :
fi
done
echo Done.
else
echo Can not preload images from ${BASE}: not a dir or does not exist.
fi

95
scripts/dockerimages/scripts/rancheros-install
View File

@@ -1,95 +0,0 @@
#!/bin/bash
set -e
usage()
{
cat <<EOF
Usage:
rancheros-install [options]
Options:
-c cloud-config file
needed for SSH keys.
-d device
-f [ DANGEROUS! Data loss can happen ] partition/format without prompting
-t install-type:
generic: (Default) Creates 1 ext4 partition and installs RancherOS
amazon-ebs: Installs RancherOS and sets up PV-GRUB
-v os-installer version.
-h print this
EOF
}
PARTITION_FLAG="false"
INSTALL_CONTAINER_IMAGE="rancher/os"
if [ "$(whoami)" != "root" ]; then
echo "Please run as root." 1>&2
exit 1
fi
if [ -x /usr/bin/ros ]; then
INSTALL_CONTAINER_IMAGE="$(ros config get upgrade.image)"
fi
if [ -n "$(grep RancherOS /etc/lsb-release)" ]; then
INSTALLER_VERSION=$(grep DISTRIB_RELEASE /etc/lsb-release|cut -d'=' -f2)
fi
EXTRA_ARGS=
while getopts "c:d:ft:v:h" OPTION
do
case $OPTION in
c) CLOUD_CONFIG="$OPTARG" ;;
d) DEVICE="$OPTARG" ;;
f) FORCE_INSTALL="true" ;;
t) INSTALL_TYPE="${OPTARG}" ;;
v) INSTALLER_VERSION="$OPTARG" ;;
h) usage; exit ;;
*) exit 1 ;;
esac
done
if [[ -z "${INSTALL_TYPE}" ]]; then
echo "No install type specified...defaulting to generic"
INSTALL_TYPE="generic"
fi
if [ -z "${CLOUD_CONFIG}" ] && [ "${INSTALL_TYPE}" != "amazon-ebs" ]; then
echo "$0: called without cloud config. Can not proceed without -c" 1>&2
exit 1
fi
if [[ -z "${DEVICE}" ]]; then
echo "$0: No device defined. Can not proceed without -d <dev> specified" 1>&2
exit 1
fi
if [ "${INSTALL_TYPE}" == "generic" ]; then
PARTITION_FLAG="true"
fi
if [[ ! -z "${CLOUD_CONFIG}" ]]; then
cp ${CLOUD_CONFIG} /opt/user_config.yml
EXTRA_ARGS='-c /opt/user_config.yml'
fi
if [ "${FORCE_INSTALL}" != "true" ] && [ "${INSTALL_TYPE}" != "rancher-upgrade" ]; then
echo "All data will be wiped from this device"
printf "Partition: ${PARTITION_FLAG}\nDEVICE: ${DEVICE}\n"
read -p "Are you sure you want to continue? [yN]" -n 1 -r confirmation
if [ "$confirmation" != "y" ]; then
echo "Exiting..."
exit 1
fi
fi
if [ "$PARTITION_FLAG" == "true" ]; then
system-docker run --net=host -it --privileged --entrypoint=/scripts/set-disk-partitions --volumes-from=all-volumes ${INSTALL_CONTAINER_IMAGE}:${INSTALLER_VERSION} ${DEVICE}
system-docker start udev
fi
system-docker run --volumes-from=user-volumes --net=host -it --privileged ${INSTALL_CONTAINER_IMAGE}:${INSTALLER_VERSION} -d ${DEVICE} -t ${INSTALL_TYPE} ${EXTRA_ARGS}
echo "RancherOS has been installed. Please reboot..."

5
scripts/dockerimages/scripts/syslog.sh
View File

@@ -1,5 +0,0 @@
#!bin/bash
set -x -e
exec rsyslogd -n

9
scripts/dockerimages/scripts/udev.sh
View File

@@ -1,9 +0,0 @@
#!/bin/bash
if [ "$DAEMON" = true ]; then
exec udevd
fi
udevd --daemon
udevadm trigger --action=add
udevadm settle

20
scripts/dockerimages/scripts/update-ssh-keys
View File

@@ -1,20 +0,0 @@
#!/bin/bash
USERNAME=$1
HOME_DIR=$(grep ^$USERNAME /etc/passwd | cut -f6 -d:)
if [ ! -d $HOME_DIR/.ssh ]; then
mkdir -p $HOME_DIR/.ssh
chmod 0700 $HOME_DIR/.ssh
fi
if [ ! -e $HOME_DIR/.ssh/authorized_keys ]; then
touch $HOME_DIR/.ssh/authorized_keys
chmod 0600 $HOME_DIR/.ssh/authorized_keys
fi
if ! grep -q "$2" $HOME_DIR/.ssh/authorized_keys; then
echo "$2" >> $HOME_DIR/.ssh/authorized_keys
fi
chown -R $USERNAME $HOME_DIR/.ssh

3
scripts/download
View File

@@ -4,5 +4,4 @@ cd $(dirname $0)/..
source scripts/build-common source scripts/build-common
download 49d339d888df757e37433d613bdcdd5acb78ca15 https://github.com/rancherio/os-base/releases/download/v0.3.1/os-base.tar.xz download 1d325a529b17c5e8fd9baee29df24c222a9f2e25 https://github.com/rancherio/docker/releases/download/v1.7.0-ros-1/docker-1.7.0
download a6344119513201ea48a8e584b9cf83bd5f3905a1 https://github.com/rancherio/docker/releases/download/v1.6.2-ros-1/docker-1.6.2

21
scripts/extraimages/00-ubuntuconsole
View File

@@ -1,21 +0,0 @@
FROM ubuntu:14.04.2
RUN apt-get update && \
apt-get upgrade --no-install-recommends -y && \
apt-get install -y --no-install-recommends openssh-server rsync vim
RUN rm -rf /etc/ssh/*key*
COPY scripts/dockerimages/scripts/entry.sh /usr/sbin/
COPY scripts/dockerimages/scripts/console.sh /usr/sbin/
COPY scripts/dockerimages/scripts/update-ssh-keys /usr/bin/
COPY scripts/dockerimages/scripts/rancheros-install /usr/sbin/
RUN echo 'RancherOS \\n \l' > /etc/issue
RUN locale-gen en_US.UTF-8
RUN addgroup --gid 1100 rancher && \
addgroup --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

21
scripts/extraimages/01-debianconsole
View File

@@ -1,21 +0,0 @@
FROM debian:jessie
RUN apt-get update && \
apt-get upgrade --no-install-recommends -y && \
apt-get install -y --no-install-recommends openssh-server rsync locales sudo vim less
RUN rm -rf /etc/ssh/*key*
COPY scripts/dockerimages/scripts/entry.sh /usr/sbin/
COPY scripts/dockerimages/scripts/console.sh /usr/sbin/
COPY scripts/dockerimages/scripts/update-ssh-keys /usr/bin/
COPY scripts/dockerimages/scripts/rancheros-install /usr/sbin/
RUN echo 'RancherOS \\n \l' > /etc/issue
RUN locale-gen en_US.UTF-8
RUN addgroup --gid 1100 rancher && \
addgroup --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

11
scripts/install
View File

@@ -1,11 +0,0 @@
#!/bin/bash
set -x
cd $(dirname $0)/..
. scripts/build-common
mkdir -p target
rm -rf target/artifacts
cp -rf ${DIST}/artifacts target

3
scripts/package
View File

@@ -1,10 +1,11 @@
#!/bin/bash #!/bin/bash
set -e set -ex
cd $(dirname $0)/.. cd $(dirname $0)/..
source scripts/build-common source scripts/build-common
cp bin/rancheros ${DIST}/artifacts/
cp bin/rancheros ${BUILD}/initrd/init cp bin/rancheros ${BUILD}/initrd/init
cp ./os-config.yml ${BUILD}/initrd/ cp ./os-config.yml ${BUILD}/initrd/

17
scripts/run
View File

@@ -48,24 +48,17 @@ if [ ! -d ${INITRD_TMP} ]; then
mkdir -p ${INITRD_TMP} mkdir -p ${INITRD_TMP}
pushd ${INITRD_TMP} pushd ${INITRD_TMP}
if [ -e ${NO_COMPRESS_INITRD} ]; then if [ -e ${NO_COMPRESS_INITRD} ]; then
cat ${NO_COMPRESS_INITRD} | sudo cpio -idmv cat ${NO_COMPRESS_INITRD} | cpio -idmv
else else
xz -dc ${INITRD} | sudo cpio -idmv xz -dc ${INITRD} | cpio -idmv
fi fi
rm -f init rm -f init
popd popd
fi fi
if [ -e $INITRD_CURRENT ]; then ln -sf ${INITRD_TMP} ${INITRD_CURRENT}
rm -f ${INITRD_CURRENT}
fi
ln -s ${INITRD_TMP} ${INITRD_CURRENT}
if [ ! -e bin/rancheros ]; then cp dist/artifacts/rancheros ${INITRD_TMP}/init
./scripts/build
fi
cp bin/rancheros ${INITRD_TMP}/init
cp -f os-config.yml ${INITRD_TMP}/ cp -f os-config.yml ${INITRD_TMP}/
cd ${INITRD_TMP} cd ${INITRD_TMP}
@@ -73,7 +66,7 @@ find | cpio -H newc -o > ${INITRD_TEST}
if [ ! -e ${HD} ]; then if [ ! -e ${HD} ]; then
mkdir -p $(dirname ${HD}) mkdir -p $(dirname ${HD})
zcat ${HD_GZ} > ${HD} gzcat ${HD_GZ} > ${HD}
fi fi
mkdir -p $(dirname $USER_DATA) mkdir -p $(dirname $USER_DATA)

2
scripts/version
View File

@@ -1 +1 @@
VERSION=v0.3.1 VERSION=v0.3.2