diff --git a/.docker-env.sample b/.docker-env.sample deleted file mode 100644 index 63d11429..00000000 --- a/.docker-env.sample +++ /dev/null @@ -1,2 +0,0 @@ -DOCKER_HOST="tcp://192.168.2.2:2375" -DOCKER_TLS_VERIFY= diff --git a/.dockerignore b/.dockerignore index b6091a10..02b75e5a 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,15 +1,10 @@ .DS_Store -.git .idea -.vendor -.dockerignore bin -gopath -tmp state build +images/*/build dist -Godeps/_workspace/pkg tests/integration/.venv* tests/integration/.tox */*/*/*.pyc diff --git a/.dockerignore.dapper b/.dockerignore.dapper deleted file mode 100644 index c8b6127d..00000000 --- a/.dockerignore.dapper +++ /dev/null @@ -1,15 +0,0 @@ -.DS_Store -.git -.idea -.vendor -.dockerignore -bin -gopath -tmp -state -build -Godeps/_workspace/pkg -tests/integration/.venv* -tests/integration/.tox -*/*/*/*.pyc -*/*/*/__pycache__ diff --git a/.gitignore b/.gitignore index 0d2534cd..5709f3cb 100644 --- a/.gitignore +++ b/.gitignore @@ -5,11 +5,13 @@ /build /dist /gopath +/images/*/build .dockerfile *.swp /tests/integration/MANIFEST /tests/integration/.venv* /tests/integration/.tox +/tests/integration/.idea *.pyc -__pychache__ -.docker-env.* +__pycache__ +.dapper diff --git a/.package b/.package deleted file mode 100644 index 75529c3b..00000000 --- a/.package +++ /dev/null @@ -1 +0,0 @@ -github.com/rancher/os diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 deleted file mode 100644 index 5171e98f..00000000 --- a/Dockerfile.amd64 +++ /dev/null @@ -1,11 +0,0 @@ -FROM debian:jessie -ENV DEBIAN_FRONTEND noninteractive -RUN apt-get update && apt-get install -y grub2 parted kexec-tools - -COPY ./scripts/installer /scripts -COPY ./build.conf /scripts/ - -COPY ./dist/artifacts/vmlinuz /dist/vmlinuz -COPY ./dist/artifacts/initrd /dist/initrd - -ENTRYPOINT ["/scripts/lay-down-os"] diff --git a/Dockerfile.arm64 b/Dockerfile.arm64 deleted file mode 100644 index 5cedb915..00000000 --- a/Dockerfile.arm64 +++ /dev/null @@ -1,18 +0,0 @@ -FROM aarch64/debian:jessie -ENV DEBIAN_FRONTEND noninteractive -ENV ARCH arm - -RUN apt-get update && apt-get install -y parted git gcc make autoconf - -RUN mkdir -p /usr/local/src && \ - cd /usr/local/src && \ - git clone https://git.linaro.org/people/takahiro.akashi/kexec-tools.git && \ - cd kexec-tools && git checkout kdump/for-14 && ./bootstrap && ./configure && make && make install - -COPY ./scripts/installer /scripts -COPY ./build.conf /scripts/ - -COPY ./dist/artifacts/vmlinuz /dist/ -COPY ./dist/artifacts/initrd /dist/ - -ENTRYPOINT ["/scripts/lay-down-os"] diff --git a/Dockerfile.dapper b/Dockerfile.dapper index bd8194da..c3990f03 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,24 +1,32 @@ -FROM rancher/os-dapper-base +FROM ubuntu:16.04 RUN apt-get update && \ - apt-get -y install locales sudo vim less curl wget git rsync build-essential isolinux xorriso gccgo \ - libblkid-dev libmount-dev libselinux1-dev cpio genisoimage qemu-kvm qemu python-pip ca-certificates pkg-config tox module-init-tools - -ARG HOST_ARCH -ENV HOST_ARCH ${HOST_ARCH} -RUN ln -sf go-6 /usr/bin/go && mkdir -p /usr/local && cd /usr/local && \ - wget -O - https://storage.googleapis.com/golang/go1.6.src.tar.gz | tar -xz && \ - cd go/src && GOROOT_BOOTSTRAP=/usr GOARCH=${HOST_ARCH} GOHOSTARCH=${HOST_ARCH} ./make.bash - -ENV PATH /usr/local/go/bin:$PATH -RUN mkdir -p /go/src /go/bin && chmod -R 777 /go -ENV GOPATH /go -ENV PATH /go/bin:$PATH - -ARG HOST_DOCKER_BINARY_URL -ENV HOST_DOCKER_BINARY_URL ${HOST_DOCKER_BINARY_URL} -RUN wget -O - ${HOST_DOCKER_BINARY_URL} > /usr/local/bin/docker -RUN chmod +x /usr/local/bin/docker + apt-get install -y \ + build-essential \ + ca-certificates \ + cpio \ + curl \ + dosfstools \ + gccgo \ + genisoimage \ + git \ + isolinux \ + less \ + libblkid-dev \ + libmount-dev \ + libselinux1-dev \ + locales \ + module-init-tools \ + pkg-config \ + python-pip \ + qemu \ + qemu-kvm \ + rsync \ + sudo \ + tox \ + vim \ + wget \ + xorriso ENV DAPPER_DOCKER_SOCKET true ENV DAPPER_SOURCE /go/src/github.com/rancher/os @@ -27,18 +35,95 @@ ENV DAPPER_RUN_ARGS --privileged ENV SHELL /bin/bash WORKDIR ${DAPPER_SOURCE} -COPY .dockerignore.dapper .dockerignore +########## General Configuration ##################### +ARG ARCH=amd64 +ARG DAPPER_HOST_ARCH=amd64 +ARG HOST_ARCH=${DAPPER_HOST_ARCH} -CMD make +ARG OS_REPO=rancher +ARG HOSTNAME_DEFAULT=rancher +ARG DISTRIB_ID=RancherOS -ARG TOOLCHAIN -ENV TOOLCHAIN ${TOOLCHAIN} +ARG DOCKER_VERSION=1.10.3 +ARG DOCKER_PATCH_VERSION=v${DOCKER_VERSION}-ros1 +ARG SELINUX_POLICY_URL=https://github.com/rancher/refpolicy/releases/download/v0.0.2/policy.29 -RUN if [ "${TOOLCHAIN}" != "" ] && ! which ${TOOLCHAIN}-gcc; then \ +ARG KERNEL_URL_amd64=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.2.0-34.39-rancher/linux-4.2.8-ckt4-rancher-x86.tar.gz +ARG KERNEL_URL_arm64=https://github.com/imikushin/os-kernel/releases/download/Estuary-4.1.18-arm64-3/linux-4.1.18-arm64.tar.gz + +ARG DOCKER_URL_amd64=https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION} +ARG DOCKER_URL_arm=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm +ARG DOCKER_URL_arm64=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm64 + +ARG TOOLCHAIN_arm64=aarch64-linux-gnu +ARG TOOLCHAIN_arm=arm-linux-gnueabihf + +ARG OS_RELEASES_YML=https://releases.rancher.com/os/releases.yml +ARG VBOX_MODULES_URL_amd64=https://github.com/rancher/os-vbox/releases/download/v0.0.2/vbox-modules.tar.gz + +ARG OS_SERVICES_REPO=https://raw.githubusercontent.com/${OS_REPO}/os-services +ARG IMAGE_NAME=${OS_REPO}/os +ARG DFS_IMAGE=${OS_REPO}/docker:v${DOCKER_VERSION} + +ARG OS_BASE_URL_amd64=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_amd64.tar.xz +ARG OS_BASE_URL_arm64=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_arm64.tar.xz +ARG OS_BASE_URL_arm=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_arm.tar.xz + +###################################################### + +# Set up environment +ENV DOCKER_URL DOCKER_URL_${ARCH} +ENV KERNEL_URL KERNEL_URL_${ARCH} +ENV OS_BASE_URL OS_BASE_URL_${ARCH} +ENV OS_BASE_SHA1 OS_BASE_SHA1_${ARCH} +ENV VBOX_MODULES_URL VBOX_MODULES_URL_${ARCH} + +# Export all ARGS as ENV +ENV ARCH=${ARCH} DAPPER_HOST_ARCH=${DAPPER_HOST_ARCH} HOST_ARCH=${HOST_ARCH} OS_REPO=${OS_REPO} HOSTNAME_DEFAULT=${HOSTNAME_DEFAULT} DISTRIB_ID=${DISTRIB_ID} DOCKER_VERSION=${DOCKER_VERSION} DOCKER_PATCH_VERSION=${DOCKER_PATCH_VERSION} SELINUX_POLICY_URL=${SELINUX_POLICY_URL} KERNEL_URL_amd64=${KERNEL_URL_amd64} KERNEL_URL_arm64=${KERNEL_URL_arm64} DOCKER_URL_amd64=${DOCKER_URL_amd64} DOCKER_URL_arm=${DOCKER_URL_arm} DOCKER_URL_arm64=${DOCKER_URL_arm64} TOOLCHAIN_arm64=${TOOLCHAIN_arm64} TOOLCHAIN_arm=${TOOLCHAIN_arm} OS_RELEASES_YML=${OS_RELEASES_YML} VBOX_MODULES_URL=${VBOX_MODULES_URL} VBOX_MODULES_URL_amd64=${VBOX_MODULES_URL_amd64} OS_SERVICES_REPO=${OS_SERVICES_REPO} IMAGE_NAME=${IMAGE_NAME} DFS_IMAGE=${DFS_IMAGE} OS_BASE_URL=${OS_BASE_URL} OS_BASE_SHA1=${OS_BASE_SHA1} OS_BASE_URL_amd64=${OS_BASE_URL_amd64} OS_BASE_URL_arm=${OS_BASE_URL_arm} OS_BASE_URL_arm64=${OS_BASE_URL_arm64} + +ENV DOWNLOADS /usr/src/downloads +RUN mkdir -p ${DOWNLOADS} + +# Download kernel +RUN rm /bin/sh && ln -s /bin/bash /bin/sh +RUN if [ -n "${!KERNEL_URL}" ]; then \ + curl -fL ${!KERNEL_URL} > ${DOWNLOADS}/kernel.tar.gz \ + ;fi + +# Download SELinux Policy +RUN curl -pfL ${SELINUX_POLICY_URL} > ${DOWNLOADS}/$(basename ${SELINUX_POLICY_URL}) + +# VBox URL +RUN if [ -n "${!VBOX_MODULES_URL}" ]; then \ + curl -pfL ${!VBOX_MODULES_URL} > ${DOWNLOADS}/vbox-modules.tar.gz \ + ;fi + +# Install Go +RUN ln -sf go-6 /usr/bin/go && \ + curl -sfL https://storage.googleapis.com/golang/go1.6.src.tar.gz | tar -xzf - -C /usr/local && \ + cd /usr/local/go/src && \ + GOROOT_BOOTSTRAP=/usr GOARCH=${HOST_ARCH} GOHOSTARCH=${HOST_ARCH} ./make.bash +ENV GOPATH /go +ENV PATH ${GOPATH}/bin:/usr/local/go/bin:$PATH + +# Install Docker +RUN URL=DOCKER_URL_${HOST_ARCH} && \ + curl -fL ${!URL} > /usr/bin/docker && \ + chmod +x /usr/bin/docker + +# Install Docker +RUN curl -fL ${!DOCKER_URL} > ${DOWNLOADS}/docker && \ + chmod +x ${DOWNLOADS}/docker + +# Install toolchain +RUN TOOLCHAIN=TOOLCHAIN_${ARCH} && \ + echo export TOOLCHAIN=${!TOOLCHAIN} > /usr/src/toolchain-env +RUN source /usr/src/toolchain-env && \ + if [ "${TOOLCHAIN}" != "" ] && ! which ${TOOLCHAIN}-gcc; then \ apt-get install -y gcc-${TOOLCHAIN} g++-${TOOLCHAIN} \ ;fi -RUN if [ "${TOOLCHAIN}" != "" ]; then \ +RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \ apt-get update && \ cd /usr/local/src && \ for i in libselinux libsepol pcre3 util-linux; do \ @@ -47,7 +132,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \ ;done \ ;fi -RUN if [ "${TOOLCHAIN}" != "" ]; then \ +RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \ cd /usr/local/src/pcre3-* && \ autoreconf && \ CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ ./configure --host=${TOOLCHAIN} --prefix=/usr/${TOOLCHAIN} && \ @@ -55,7 +140,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \ make install \ ;fi -RUN if [ "${TOOLCHAIN}" != "" ]; then \ +RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \ cd /usr/local/src/libselinux-* && \ CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ make CFLAGS=-Wall && \ make PREFIX=/usr/${TOOLCHAIN} DESTDIR=/usr/${TOOLCHAIN} install && \ @@ -64,7 +149,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \ make PREFIX=/usr/${TOOLCHAIN} DESTDIR=/usr/${TOOLCHAIN} install \ ;fi -RUN if [ "${TOOLCHAIN}" != "" ]; then \ +RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \ cd /usr/local/src/util-linux-* && \ autoreconf && \ CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ ./configure --host=${TOOLCHAIN} --prefix=/usr/${TOOLCHAIN} \ @@ -77,5 +162,12 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \ make install \ ;fi -RUN apt-get update && \ - apt-get -y install dosfstools +ENV GOARCH $ARCH + +ENV DAPPER_OUTPUT ./bin ./dist ./build/os-config.yml ./build/initrd + +RUN curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > /usr/bin/dapper && \ + chmod +x /usr/bin/dapper + +ENTRYPOINT ["./scripts/entry"] +CMD ["ci"] diff --git a/Makefile b/Makefile index e18487cf..9e733491 100644 --- a/Makefile +++ b/Makefile @@ -1,104 +1,33 @@ -FORCE_PULL := 0 -DEV_BUILD := 0 -HOST_ARCH := amd64 -ARCH := amd64 -SUFFIX := $(if $(filter-out amd64,$(ARCH)),_$(ARCH)) +TARGETS := $(shell ls scripts | grep -vE 'clean|run') -include build.conf -include build.conf.$(ARCH) +.dapper: + @echo Downloading dapper + @curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > .dapper.tmp + @@chmod +x .dapper.tmp + @./.dapper.tmp -v + @mv .dapper.tmp .dapper +$(TARGETS): .dapper + ./.dapper $@ -bin/ros: - mkdir -p $(dir $@) - ARCH=$(ARCH) VERSION=$(VERSION) ./scripts/mk-ros.sh $@ +trash: .dapper + ./.dapper -m bind trash -build/host_ros: bin/ros - mkdir -p $(dir $@) -ifeq "$(ARCH)" "$(HOST_ARCH)" - ln -sf ../bin/ros $@ -else - ARCH=$(HOST_ARCH) TOOLCHAIN= VERSION=$(VERSION) ./scripts/mk-ros.sh $@ -endif +trash-keep: .dapper + ./.dapper -m bind trash -k +deps: trash -assets/docker: - mkdir -p $(dir $@) - wget -O - "$(DOCKER_BINARY_URL)" > $@ - chmod +x $@ +build/initrd/.id: + dapper prepare -assets/selinux/policy.29: - mkdir -p $(dir $@) - wget -O - "$(SELINUX_POLICY_URL)" > $@ +run: build/initrd/.id + dapper -m bind build-target + ./scripts/run -assets/modules.tar.gz: - mkdir -p $(dir $@) -ifeq "$(ARCH)" "amd64" - curl -L "$(VBOX_MODULES_URL)" > $@ -else - touch $@ -endif +clean: + @./scripts/clean -ifdef COMPILED_KERNEL_URL +.DEFAULT_GOAL := ci -installer: minimal - docker build -t $(IMAGE_NAME):$(VERSION)$(SUFFIX) -f Dockerfile.$(ARCH) . - -dist/artifacts/vmlinuz: build/kernel/ - mkdir -p $(dir $@) - mv $(or $(wildcard build/kernel/boot/vmlinuz*), $(wildcard build/kernel/boot/vmlinux*)) $@ - - -build/kernel/: - mkdir -p $@ - wget -O - "$(COMPILED_KERNEL_URL)" | tar -xzf - -C $@ - - -dist/artifacts/initrd: bin/ros assets/docker assets/selinux/policy.29 build/kernel/ build/images.tar assets/modules.tar.gz - mkdir -p $(dir $@) - SUFFIX=$(SUFFIX) DFS_IMAGE=$(DFS_IMAGE) DEV_BUILD=$(DEV_BUILD) \ - KERNEL_RELEASE=$(KERNEL_RELEASE) ARCH=$(ARCH) ./scripts/mk-initrd.sh $@ - - -dist/artifacts/rancheros.iso: minimal - ./scripts/mk-rancheros-iso.sh - -all: minimal installer iso - -initrd: dist/artifacts/initrd - -minimal: initrd dist/artifacts/vmlinuz - -iso: dist/artifacts/rancheros.iso dist/artifacts/iso-checksums.txt - -test: minimal - ./scripts/unit-test - cd tests/integration && HOST_ARCH=$(HOST_ARCH) ARCH=$(ARCH) tox - -.PHONY: all minimal initrd iso installer test - -endif - - -build/os-config.yml: build/host_ros - ARCH=$(ARCH) VERSION=$(VERSION) ./scripts/gen-os-config.sh $@ - - -build/images.tar: build/host_ros build/os-config.yml - ARCH=$(ARCH) FORCE_PULL=$(FORCE_PULL) ./scripts/mk-images-tar.sh - - -dist/artifacts/rootfs.tar.gz: bin/ros assets/docker build/images.tar assets/selinux/policy.29 assets/modules.tar.gz - mkdir -p $(dir $@) - SUFFIX=$(SUFFIX) DFS_IMAGE=$(DFS_IMAGE) DEV_BUILD=$(DEV_BUILD) IS_ROOTFS=1 ./scripts/mk-initrd.sh $@ - - -dist/artifacts/iso-checksums.txt: dist/artifacts/rancheros.iso - ./scripts/mk-iso-checksums-txt.sh - - -version: - @echo $(VERSION) - -rootfs: dist/artifacts/rootfs.tar.gz - -.PHONY: rootfs version bin/ros +.PHONY: $(TARGETS) diff --git a/assets/selinux/failsafe_context b/assets/selinux/ros/contexts/failsafe_context similarity index 100% rename from assets/selinux/failsafe_context rename to assets/selinux/ros/contexts/failsafe_context diff --git a/assets/selinux/lxc_contexts b/assets/selinux/ros/contexts/lxc_contexts similarity index 100% rename from assets/selinux/lxc_contexts rename to assets/selinux/ros/contexts/lxc_contexts diff --git a/assets/selinux/seusers b/assets/selinux/ros/seusers similarity index 100% rename from assets/selinux/seusers rename to assets/selinux/ros/seusers diff --git a/build.conf b/build.conf deleted file mode 100644 index ed81c211..00000000 --- a/build.conf +++ /dev/null @@ -1,8 +0,0 @@ -IMAGE_NAME=rancher/os -VERSION=v0.4.4-dev -DFS_IMAGE=rancher/docker:v1.10.3 -SELINUX_POLICY_URL=https://github.com/rancher/refpolicy/releases/download/v0.0.2/policy.29 - -HOSTNAME_DEFAULT=rancher -OS_IMAGES_ROOT=rancher -OS_SERVICES_REPO=https://raw.githubusercontent.com/rancher/os-services diff --git a/build.conf.amd64 b/build.conf.amd64 deleted file mode 100644 index e7d608d3..00000000 --- a/build.conf.amd64 +++ /dev/null @@ -1,7 +0,0 @@ -DAPPER_BASE=ubuntu:16.04 -TOOLCHAIN= #empty - -COMPILED_KERNEL_URL=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.2.0-34.39-rancher/linux-4.2.8-ckt4-rancher-x86.tar.gz -DOCKER_BINARY_URL=https://get.docker.com/builds/Linux/x86_64/docker-1.10.3 -OS_RELEASES_YML=https://releases.rancher.com/os/releases.yml -VBOX_MODULES_URL=https://github.com/rancher/os-vbox/releases/download/v0.0.2/vbox-modules.tar.gz diff --git a/build.conf.arm b/build.conf.arm deleted file mode 100644 index 07635241..00000000 --- a/build.conf.arm +++ /dev/null @@ -1,6 +0,0 @@ -DAPPER_BASE=armhf/ubuntu:16.04 -TOOLCHAIN=arm-linux-gnueabihf - -COMPILED_KERNEL_URL= #empty -DOCKER_BINARY_URL=https://github.com/rancher/docker/releases/download/v1.10.3-ros1/docker-1.10.3_arm -OS_RELEASES_YML=https://releases.rancher.com/os/releases_arm.yml diff --git a/build.conf.arm64 b/build.conf.arm64 deleted file mode 100644 index f891cb2c..00000000 --- a/build.conf.arm64 +++ /dev/null @@ -1,6 +0,0 @@ -DAPPER_BASE=aarch64/ubuntu:16.04 -TOOLCHAIN=aarch64-linux-gnu - -COMPILED_KERNEL_URL=https://github.com/imikushin/os-kernel/releases/download/Estuary-4.1.18-arm64-3/linux-4.1.18-arm64.tar.gz -DOCKER_BINARY_URL=https://github.com/rancher/docker/releases/download/v1.10.3-ros1/docker-1.10.3_arm64 -OS_RELEASES_YML=https://releases.rancher.com/os/releases_arm64.yml diff --git a/build.sh b/build.sh deleted file mode 100755 index 00abad72..00000000 --- a/build.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -set -e - -export ARCH=${ARCH:-amd64} - -cd $(dirname $0) - -if [ "$1" != "--dev" ]; then - echo - echo Running \"production\" build. Will use lzma to compress initrd, which is somewhat slow... - echo Ctrl+C if you don\'t want this. - echo - echo For \"developer\" builds, run ./build.sh --dev - echo - ./scripts/make.sh all -else - ./scripts/make.sh DEV_BUILD=1 all -fi - -ls -lh dist/artifacts diff --git a/images/00-rootfs/.dockerignore b/images/00-rootfs/.dockerignore new file mode 100644 index 00000000..3c5f1711 --- /dev/null +++ b/images/00-rootfs/.dockerignore @@ -0,0 +1,2 @@ +assets +build/dist/kernel diff --git a/images/00-rootfs/Dockerfile b/images/00-rootfs/Dockerfile new file mode 100644 index 00000000..242b0876 --- /dev/null +++ b/images/00-rootfs/Dockerfile @@ -0,0 +1,2 @@ +FROM scratch +ADD build/rootfs.tar / diff --git a/images/01-base/Dockerfile b/images/01-base/Dockerfile new file mode 100644 index 00000000..896c727c --- /dev/null +++ b/images/01-base/Dockerfile @@ -0,0 +1,36 @@ +FROM rancher/os-rootfs +RUN ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules +# Cleanup Buildroot +RUN rm /sbin/poweroff /sbin/reboot /sbin/halt && \ + sed -i '/^root/s!/bin/sh!/bin/bash!' /etc/passwd && \ + echo 'RancherOS \n \l' > /etc/issue && \ + rm -rf /run \ + /linuxrc \ + /etc/os-release \ + /var/cache \ + /var/lock \ + /var/log \ + /var/run \ + /var/spool \ + /var/lib/misc && \ + mkdir -p \ + /home \ + /run \ + /var/cache \ + /var/lock \ + /var/log \ + /var/run \ + /var/spool && \ + passwd -l root && \ + addgroup -g 1100 rancher && \ + addgroup -g 1101 docker && \ + addgroup -g 1103 sudo && \ + adduser -u 1100 -G rancher -D -h /home/rancher -s /bin/bash rancher && \ + adduser -u 1101 -G docker -D -h /home/docker -s /bin/bash docker && \ + sed -i 's/\(^docker.*\)/\1rancher/g' /etc/group && \ + sed -i 's/\(^sudo.*\)/\1rancher,docker/g' /etc/group && \ + echo '%sudo ALL=(ALL) ALL' >> /etc/sudoers +COPY inputrc /etc/inputrc +COPY entry.sh /usr/sbin/entry.sh + +ENTRYPOINT ["/usr/sbin/entry.sh"] diff --git a/images/01-base/entry.sh b/images/01-base/entry.sh new file mode 100755 index 00000000..ca1f5198 --- /dev/null +++ b/images/01-base/entry.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +if [ -e /host/dev ]; then + mount --rbind /host/dev /dev +fi + +CA_BASE=/etc/ssl/certs/ca-certificates.crt.rancher +CA=/etc/ssl/certs/ca-certificates.crt + +if [[ -e ${CA_BASE} && ! -e ${CA} ]]; then + cp $CA_BASE $CA +fi + +exec "$@" diff --git a/images/01-base/inputrc b/images/01-base/inputrc new file mode 100644 index 00000000..d3da9859 --- /dev/null +++ b/images/01-base/inputrc @@ -0,0 +1,67 @@ +# /etc/inputrc - global inputrc for libreadline +# See readline(3readline) and `info rluserman' for more information. + +# Be 8 bit clean. +set input-meta on +set output-meta on + +# To allow the use of 8bit-characters like the german umlauts, uncomment +# the line below. However this makes the meta key not work as a meta key, +# which is annoying to those which don't need to type in 8-bit characters. + +# set convert-meta off + +# try to enable the application keypad when it is called. Some systems +# need this to enable the arrow keys. +# set enable-keypad on + +# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys + +# do not bell on tab-completion +# set bell-style none +# set bell-style visible + +# some defaults / modifications for the emacs mode +$if mode=emacs + +# allow the use of the Home/End keys +"\e[1~": beginning-of-line +"\e[4~": end-of-line + +# allow the use of the Delete/Insert keys +"\e[3~": delete-char +"\e[2~": quoted-insert + +# mappings for "page up" and "page down" to step to the beginning/end +# of the history +# "\e[5~": beginning-of-history +# "\e[6~": end-of-history + +# alternate mappings for "page up" and "page down" to search the history +# "\e[5~": history-search-backward +# "\e[6~": history-search-forward + +# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving +"\e[1;5C": forward-word +"\e[1;5D": backward-word +"\e[5C": forward-word +"\e[5D": backward-word +"\e\e[C": forward-word +"\e\e[D": backward-word + +$if term=rxvt +"\e[7~": beginning-of-line +"\e[8~": end-of-line +"\eOc": forward-word +"\eOd": backward-word +$endif + +# for non RH/Debian xterm, can't hurt for RH/Debian xterm +# "\eOH": beginning-of-line +# "\eOF": end-of-line + +# for freebsd console +# "\e[H": beginning-of-line +# "\e[F": end-of-line + +$endif diff --git a/images/02-acpid/Dockerfile b/images/02-acpid/Dockerfile new file mode 100644 index 00000000..e2f1cc9c --- /dev/null +++ b/images/02-acpid/Dockerfile @@ -0,0 +1,2 @@ +FROM rancher/os-base +CMD ["/usr/sbin/acpid", "-f"] diff --git a/images/02-autoformat/Dockerfile b/images/02-autoformat/Dockerfile new file mode 100644 index 00000000..9424c9ca --- /dev/null +++ b/images/02-autoformat/Dockerfile @@ -0,0 +1,4 @@ +FROM rancher/os-base +COPY auto-format.sh /usr/sbin/ +COPY od-1m0 / +ENTRYPOINT ["/usr/sbin/auto-format.sh"] diff --git a/images/02-autoformat/auto-format.sh b/images/02-autoformat/auto-format.sh new file mode 100755 index 00000000..053b1b2a --- /dev/null +++ b/images/02-autoformat/auto-format.sh @@ -0,0 +1,67 @@ +#!/bin/bash +set -ex + +MAGIC=${MAGIC:-"boot2docker, please format-me"} + +AUTOFORMAT=${AUTOFORMAT:-"/dev/sda /dev/vda"} +DEVS=(${AUTOFORMAT}) +FORMATZERO=${FORMATZERO:-false} + +for dev in ${DEVS[@]}; do + if [ -b "${dev}" ]; then + + # Test for our magic string (it means that the disk was made by ./boot2docker init) + HEADER=`dd if=${dev} bs=1 count=${#MAGIC} 2>/dev/null` + + if [ "$HEADER" = "$MAGIC" ]; then + # save the preload userdata.tar file + dd if=${dev} of=/userdata.tar bs=1 count=8192 + elif [ "${FORMATZERO}" != "true" ]; then + # do not try to guess whether to auto-format a disk beginning with 1MB filled with 00 + continue + elif ! od -A d -N 1048576 ${dev} | head -n 3 | diff ./od-1m0 - >/dev/null 2>&1; then + # do not auto-format if the disk does not begin with 1MB filled with 00 + continue + fi + + mkfs.ext4 -L RANCHER_STATE ${dev} + + if [ -e "/userdata.tar" ]; then + mkdir -p /mnt/new-root + mount -t ext4 ${dev} /mnt/new-root + pushd /mnt/new-root + mkdir -p ./var/lib/rancher/conf/cloud-config.d + echo $(tar -xvf /userdata.tar) + AUTHORIZED_KEY1=$(cat ./.ssh/authorized_keys) + AUTHORIZED_KEY2=$(cat ./.ssh/authorized_keys2) + tee ./var/lib/rancher/conf/cloud-config.d/machine.yml << EOF +#cloud-config + +rancher: + network: + interfaces: + eth0: + dhcp: true + eth1: + dhcp: true + lo: + address: 127.0.0.1/8 + +ssh_authorized_keys: + - ${AUTHORIZED_KEY1} + - ${AUTHORIZED_KEY2} + +users: + - name: docker + ssh_authorized_keys: + - ${AUTHORIZED_KEY1} + - ${AUTHORIZED_KEY2} +EOF + popd + umount /mnt/new-root + fi + + # do not check another device + break + fi +done diff --git a/images/02-autoformat/od-1m0 b/images/02-autoformat/od-1m0 new file mode 100644 index 00000000..20128b03 --- /dev/null +++ b/images/02-autoformat/od-1m0 @@ -0,0 +1,3 @@ +0000000 000000 000000 000000 000000 000000 000000 000000 000000 +* +1048576 diff --git a/images/02-cloudinit/Dockerfile b/images/02-cloudinit/Dockerfile new file mode 100644 index 00000000..88aa0d6c --- /dev/null +++ b/images/02-cloudinit/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY cloud-init.sh / +CMD ["/cloud-init.sh"] diff --git a/images/02-cloudinit/cloud-init.sh b/images/02-cloudinit/cloud-init.sh new file mode 100755 index 00000000..026452d8 --- /dev/null +++ b/images/02-cloudinit/cloud-init.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -x -e + +MOUNT_POINT=/media/config-2 +CONFIG_DEV=$(ros dev "LABEL=config-2") + +mkdir -p ${MOUNT_POINT} + +if [ -e "${CONFIG_DEV}" ]; then + mount -t iso9660,vfat ${CONFIG_DEV} ${MOUNT_POINT} +else + mount -t 9p -o trans=virtio,version=9p2000.L config-2 ${MOUNT_POINT} 2>/dev/null || true +fi + +cloud-init -save -network=${CLOUD_INIT_NETWORK:-true} diff --git a/images/02-console/Dockerfile b/images/02-console/Dockerfile new file mode 100644 index 00000000..a755f0b7 --- /dev/null +++ b/images/02-console/Dockerfile @@ -0,0 +1,13 @@ +FROM rancher/os-base +COPY console.sh docker-init update-ssh-keys rancheros-install /usr/sbin/ +COPY build/lsb-release /etc/ +RUN sed -i 's/rancher:!/rancher:*/g' /etc/shadow && \ + sed -i 's/docker:!/docker:*/g' /etc/shadow && \ + sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 180/g' /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +COPY prompt.sh /etc/profile.d/ +CMD ["/usr/sbin/console.sh"] diff --git a/images/02-console/console.sh b/images/02-console/console.sh new file mode 100755 index 00000000..fa522b9d --- /dev/null +++ b/images/02-console/console.sh @@ -0,0 +1,142 @@ +#!/bin/bash +set -e -x + +setup_ssh() +{ + for i in rsa dsa ecdsa ed25519; do + local output=/etc/ssh/ssh_host_${i}_key + if [ ! -e $output ]; then + local saved="$(ros config get rancher.ssh.keys.${i})" + local pub="$(ros config get rancher.ssh.keys.${i}-pub)" + + if [[ -n "$saved" && -n "$pub" ]]; then + ( + umask 477 + echo "$saved" > ${output} + echo "$pub" > ${output}.pub + ) + else + ssh-keygen -f $output -N '' -t $i + ros config set -- rancher.ssh.keys.${i} "$(<${output})" + ros config set -- rancher.ssh.keys.${i}-pub "$(<${output}.pub)" + fi + fi + done + + mkdir -p /var/run/sshd +} + +setup_cgroup() +{ + local cgroup=$(grep name=systemd /proc/$$/cgroup | cut -f3 -d:) + if [ -n "$cgroup" ]; then + mkdir -p /sys/fs/cgroup/systemd${cgroup} + fi +} + +setup_cgroup || true + +RANCHER_HOME=/home/rancher +if [ ! -d ${RANCHER_HOME} ]; then + mkdir -p ${RANCHER_HOME} + chown rancher:rancher ${RANCHER_HOME} + chmod 2755 ${RANCHER_HOME} +fi + +DOCKER_HOME=/home/docker +if [ ! -d ${DOCKER_HOME} ]; then + mkdir -p ${DOCKER_HOME} + chown docker:docker ${DOCKER_HOME} + chmod 2755 ${DOCKER_HOME} +fi + +echo 1000000000 > /proc/sys/fs/file-max + +for i in $( /etc/respawn.conf << EOF +/sbin/getty 115200 tty6 +/sbin/getty 115200 tty5 +/sbin/getty 115200 tty4 +/sbin/getty 115200 tty3 +/sbin/getty 115200 tty2 +/sbin/getty 115200 tty1 +/usr/sbin/sshd -D +EOF + +for i in ttyS{0..4} tty0 ttyAMA0; do + if grep -q 'console='$i /proc/cmdline; then + echo '/sbin/getty 115200' $i >> /etc/respawn.conf + fi +done + +if ! grep -q '^UseDNS no' /etc/ssh/sshd_config; then + echo "UseDNS no" >> /etc/ssh/sshd_config +fi + +if ! grep -q '^PermitRootLogin no' /etc/ssh/sshd_config; then + echo "PermitRootLogin no" >> /etc/ssh/sshd_config +fi + +if ! grep -q '^ServerKeyBits 2048' /etc/ssh/sshd_config; then + echo "ServerKeyBits 2048" >> /etc/ssh/sshd_config +fi + +if ! grep -q '^AllowGroups docker' /etc/ssh/sshd_config; then + echo "AllowGroups docker" >> /etc/ssh/sshd_config +fi + +VERSION="$(ros os version)" +ID_TYPE="busybox" +if [ -e /etc/os-release ] && grep -q 'ID_LIKE=' /etc/os-release; then + ID_TYPE=$(grep 'ID_LIKE=' /etc/os-release | cut -d'=' -f2) +fi + +cat > /etc/os-release << EOF +NAME="RancherOS" +VERSION=$VERSION +ID=rancheros +ID_LIKE=$ID_TYPE +VERSION_ID=$VERSION +PRETTY_NAME="RancherOS" +HOME_URL= +SUPPORT_URL= +BUG_REPORT_URL= +BUILD_ID= +EOF + +echo 'RancherOS \n \l' > /etc/issue +echo $(/sbin/ifconfig | grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) { print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F: '{ print $1 ": " $3}') >> /etc/issue + +cloud-init -execute + +if [ -x /var/lib/rancher/conf/cloud-config-script ]; then + echo "Running /var/lib/rancher/conf/cloud-config-script" + /var/lib/rancher/conf/cloud-config-script || true +fi + +if [ -x /opt/rancher/bin/start.sh ]; then + echo Executing custom script + /opt/rancher/bin/start.sh || true +fi + +touch /run/console-done + +if [ -x /etc/rc.local ]; then + echo Executing rc.local + /etc/rc.local || true +fi + +exec respawn -f /etc/respawn.conf diff --git a/images/02-console/docker-init b/images/02-console/docker-init new file mode 100755 index 00000000..f6f94714 --- /dev/null +++ b/images/02-console/docker-init @@ -0,0 +1,16 @@ +#!/bin/bash + +if [ -e /var/lib/rancher/conf/docker ]; then + source /var/lib/rancher/conf/docker +fi + +while [ ! -e /run/console-done ]; do + sleep 1 +done + +DOCKER_BIN=$(which docker) || DOCKER_BIN=/usr/bin/docker +if [ "$DOCKER_BIN" == "/usr/bin/docker" ] && [ -e /usr/local/bin/docker ]; then + DOCKER_BIN=/usr/local/bin/docker +fi + +exec /usr/bin/dockerlaunch $DOCKER_BIN "$@" $DOCKER_OPTS >/var/log/docker.log 2>&1 diff --git a/images/02-console/prebuild.sh b/images/02-console/prebuild.sh new file mode 100755 index 00000000..b4f92e3b --- /dev/null +++ b/images/02-console/prebuild.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +VERSION=${VERSION:?"VERSION not set"} + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build + +cat > ./build/lsb-release << EOF +DISTRIB_ID=${DISTRIB_ID} +DISTRIB_RELEASE=${VERSION} +DISTRIB_DESCRIPTION="${DISTRIB_ID} ${VERSION}" +EOF diff --git a/images/02-console/prompt.sh b/images/02-console/prompt.sh new file mode 100644 index 00000000..4438c010 --- /dev/null +++ b/images/02-console/prompt.sh @@ -0,0 +1 @@ +export PS1='[\u@\h \W]\$ ' diff --git a/images/02-console/rancheros-install b/images/02-console/rancheros-install new file mode 100755 index 00000000..9c31faf3 --- /dev/null +++ b/images/02-console/rancheros-install @@ -0,0 +1,9 @@ +#!/bin/bash +set -e + +cat <> $HOME_DIR/.ssh/authorized_keys +fi + +chown -R $USERNAME $HOME_DIR/.ssh diff --git a/images/02-docker/Dockerfile b/images/02-docker/Dockerfile new file mode 100644 index 00000000..d36402a9 --- /dev/null +++ b/images/02-docker/Dockerfile @@ -0,0 +1,2 @@ +FROM rancher/os-base +CMD ["/usr/bin/user-docker"] diff --git a/images/02-extras/Dockerfile b/images/02-extras/Dockerfile new file mode 100644 index 00000000..e8ed9627 --- /dev/null +++ b/images/02-extras/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY extra.sh / +CMD ["/extra.sh"] diff --git a/images/02-extras/extra.sh b/images/02-extras/extra.sh new file mode 100755 index 00000000..3acdd6ae --- /dev/null +++ b/images/02-extras/extra.sh @@ -0,0 +1,18 @@ +#!/bin/bash +set -e + +DIR=$(readlink /lib/modules/$(uname -r)/build) +STAMP=/lib/modules/$(uname -r)/.extra-done +VER=$(basename $DIR) +URL=https://github.com/rancher/os-kernel/releases/download/${VER}/extra.tar.gz + +if [ -e $STAMP ]; then + echo Kernel extras already installed in $DIR + exit 0 +fi + +echo Downloading $URL +wget -O - $URL | gzip -dc | tar xf - -C / +touch $STAMP + +echo Kernel extras installed at $DIR diff --git a/images/02-headers/Dockerfile b/images/02-headers/Dockerfile new file mode 100644 index 00000000..be9712a7 --- /dev/null +++ b/images/02-headers/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY headers.sh / +CMD ["/headers.sh"] diff --git a/images/02-headers/headers.sh b/images/02-headers/headers.sh new file mode 100755 index 00000000..63a12709 --- /dev/null +++ b/images/02-headers/headers.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -e + +DIR=$(readlink /lib/modules/$(uname -r)/build) +STAMP=${DIR}/.done +VER=$(basename $DIR) +URL=https://github.com/rancher/os-kernel/releases/download/${VER}/build.tar.gz + +if [ -e $STAMP ]; then + echo Headers already installed in $DIR + exit 0 +fi + +echo Downloading $URL +mkdir -p $DIR +wget -O - $URL | gzip -dc | tar xf - -C $DIR +touch $STAMP + +echo Headers installed at $DIR diff --git a/images/02-network/Dockerfile b/images/02-network/Dockerfile new file mode 100644 index 00000000..127752b4 --- /dev/null +++ b/images/02-network/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY network.sh / +CMD ["/network.sh"] diff --git a/images/02-network/network.sh b/images/02-network/network.sh new file mode 100755 index 00000000..0fd36043 --- /dev/null +++ b/images/02-network/network.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -x -e + +netconf -daemon=${DAEMON:-false} diff --git a/images/02-ntp/Dockerfile b/images/02-ntp/Dockerfile new file mode 100644 index 00000000..890419bc --- /dev/null +++ b/images/02-ntp/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY ntp.sh / +CMD ["/ntp.sh"] diff --git a/images/02-ntp/ntp.sh b/images/02-ntp/ntp.sh new file mode 100755 index 00000000..6cb21b2e --- /dev/null +++ b/images/02-ntp/ntp.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +exec ntpd --nofork -g diff --git a/images/02-preload/Dockerfile b/images/02-preload/Dockerfile new file mode 100644 index 00000000..7995c3f4 --- /dev/null +++ b/images/02-preload/Dockerfile @@ -0,0 +1,4 @@ +FROM rancher/os-base +RUN ln -sf /usr/bin/docker.dist /usr/bin/docker +COPY preload.sh / +CMD ["/preload.sh"] diff --git a/images/02-preload/preload.sh b/images/02-preload/preload.sh new file mode 100755 index 00000000..0320127c --- /dev/null +++ b/images/02-preload/preload.sh @@ -0,0 +1,39 @@ +#!/bin/bash +set -e + +BASE=${1:-${PRELOAD_DIR}} +BASE=${BASE:-/mnt/preload} + +should_load() { + file=${1} + if [[ ${file} =~ \.done$ ]]; then echo false + elif [ -f ${file} ]; then + if [[ ${file} -nt ${file}.done ]]; then echo true + else echo false + fi + else echo false + fi +} + +if [ -d ${BASE} ]; then + echo Preloading docker images from ${BASE}... + + for file in $(ls ${BASE}); do + path=${BASE}/${file} + loading=$(should_load ${path}) + if [ ${loading} == "true" ]; then + CAT="cat ${path}" + if [[ ${file} =~ \.t?gz$ ]]; then CAT="${CAT} | gunzip"; fi + if [[ ${file} =~ \.t?xz$ ]]; then CAT="${CAT} | unxz"; fi + CAT="${CAT} | docker load" + echo loading from ${path} + eval ${CAT} || : + touch ${path}.done || : + fi + done + + echo Done. +else + echo Can not preload images from ${BASE}: not a dir or does not exist. +fi + diff --git a/images/02-state/Dockerfile b/images/02-state/Dockerfile new file mode 100644 index 00000000..4f530f7c --- /dev/null +++ b/images/02-state/Dockerfile @@ -0,0 +1,2 @@ +FROM rancher/os-base +CMD ["echo"] diff --git a/images/02-statescript/Dockerfile b/images/02-statescript/Dockerfile new file mode 100644 index 00000000..46dacbac --- /dev/null +++ b/images/02-statescript/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY state.sh /usr/sbin/ +CMD ["/usr/sbin/state.sh"] diff --git a/images/02-statescript/state.sh b/images/02-statescript/state.sh new file mode 100755 index 00000000..bc11050c --- /dev/null +++ b/images/02-statescript/state.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -x + +if [ "$(ros config get rancher.state.mdadm_scan)" = "true" ]; then + mdadm --assemble --scan +fi + +ros config get rancher.state.script > config.sh +if [ -s config.sh ]; then + chmod +x config.sh + exec ./config.sh +fi diff --git a/images/02-syslog/Dockerfile b/images/02-syslog/Dockerfile new file mode 100644 index 00000000..b97ad7bf --- /dev/null +++ b/images/02-syslog/Dockerfile @@ -0,0 +1,4 @@ +FROM rancher/os-base +COPY syslog.sh / +RUN sed -i 1,10d /etc/rsyslog.conf +CMD ["/syslog.sh"] diff --git a/images/02-syslog/syslog.sh b/images/02-syslog/syslog.sh new file mode 100755 index 00000000..285ffefa --- /dev/null +++ b/images/02-syslog/syslog.sh @@ -0,0 +1,5 @@ +#!bin/bash + +set -x -e + +exec rsyslogd -n diff --git a/images/02-udev/Dockerfile b/images/02-udev/Dockerfile new file mode 100644 index 00000000..6f8de398 --- /dev/null +++ b/images/02-udev/Dockerfile @@ -0,0 +1,3 @@ +FROM rancher/os-base +COPY udev.sh / +CMD ["/udev.sh"] diff --git a/images/02-udev/udev.sh b/images/02-udev/udev.sh new file mode 100755 index 00000000..2bfa8b49 --- /dev/null +++ b/images/02-udev/udev.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +if [ "$DAEMON" = true ]; then + exec udevd +fi + +udevd --daemon +udevadm trigger --action=add +udevadm settle + +if [ "$BOOTSTRAP" = true ]; then + # This was needed to get USB devices to fully register + # There is probably a better way to do this + killall udevd + udevd --daemon + udevadm trigger --action=add + udevadm settle +fi diff --git a/images/03-rescue/Dockerfile b/images/03-rescue/Dockerfile new file mode 100644 index 00000000..6724d6c3 --- /dev/null +++ b/images/03-rescue/Dockerfile @@ -0,0 +1,2 @@ +FROM rancher/os-console +CMD ["/bin/sh"] diff --git a/images/10-centosconsole/Dockerfile b/images/10-centosconsole/Dockerfile new file mode 100644 index 00000000..5323480f --- /dev/null +++ b/images/10-centosconsole/Dockerfile @@ -0,0 +1,22 @@ +FROM rancher/os-centosconsole-base +# FROM amd64=centos:7 arm64=skip arm=armhfbuild/centos:7 +RUN yum upgrade -y && \ + yum install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop +RUN rm -rf /etc/ssh/*key* +RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt +RUN ln -s /sbin/agetty /sbin/getty +COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/ +RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 +RUN groupadd --gid 1100 rancher && \ + groupadd --gid 1101 docker && \ + useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \ + useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \ + echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +COPY prompt.sh /etc/profile.d/ +ENTRYPOINT ["/usr/sbin/entry.sh"] +CMD ["/usr/sbin/console.sh"] diff --git a/images/10-centosconsole/prebuild.sh b/images/10-centosconsole/prebuild.sh new file mode 100755 index 00000000..d4c8cdb0 --- /dev/null +++ b/images/10-centosconsole/prebuild.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build +cp ./../01-base/entry.sh ./build/ +cp ./../02-console/console.sh ./build/ +cp ./../02-console/docker-init ./build/ +cp ./../02-console/update-ssh-keys ./build/ +cp ./../02-console/rancheros-install ./build/ diff --git a/images/10-centosconsole/prompt.sh b/images/10-centosconsole/prompt.sh new file mode 100644 index 00000000..4438c010 --- /dev/null +++ b/images/10-centosconsole/prompt.sh @@ -0,0 +1 @@ +export PS1='[\u@\h \W]\$ ' diff --git a/images/10-debianconsole/Dockerfile b/images/10-debianconsole/Dockerfile new file mode 100644 index 00000000..1bd2624f --- /dev/null +++ b/images/10-debianconsole/Dockerfile @@ -0,0 +1,21 @@ +FROM rancher/os-debianconsole-base +# FROM amd64=debian:jessie arm64=aarch64/debian:jessie arm=resin/rpi-raspbian:jessie +RUN apt-get update && \ + apt-get upgrade --no-install-recommends -y && \ + apt-get install -y --no-install-recommends iptables openssh-server rsync locales sudo vim less curl ca-certificates psmisc htop +RUN rm -rf /etc/ssh/*key* +RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt +COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/ +RUN locale-gen en_US.UTF-8 +RUN addgroup --gid 1100 rancher && \ + addgroup --gid 1101 docker && \ + useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \ + useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \ + echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +ENTRYPOINT ["/usr/sbin/entry.sh"] +CMD ["/usr/sbin/console.sh"] diff --git a/images/10-debianconsole/prebuild.sh b/images/10-debianconsole/prebuild.sh new file mode 100755 index 00000000..d4c8cdb0 --- /dev/null +++ b/images/10-debianconsole/prebuild.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build +cp ./../01-base/entry.sh ./build/ +cp ./../02-console/console.sh ./build/ +cp ./../02-console/docker-init ./build/ +cp ./../02-console/update-ssh-keys ./build/ +cp ./../02-console/rancheros-install ./build/ diff --git a/images/10-fedoraconsole/Dockerfile b/images/10-fedoraconsole/Dockerfile new file mode 100644 index 00000000..ec7e2648 --- /dev/null +++ b/images/10-fedoraconsole/Dockerfile @@ -0,0 +1,22 @@ +FROM rancher/os-fedoraconsole-base +# FROM amd64=fedora:23 arm64=rancher/aarch64-fedora:23 arm=armv7/armhf-fedora:23 +RUN dnf upgrade -y && \ + dnf install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop +RUN rm -rf /etc/ssh/*key* +RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt +RUN ln -s /sbin/agetty /sbin/getty +COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/ +RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 +RUN groupadd --gid 1100 rancher && \ + groupadd --gid 1101 docker && \ + useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \ + useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \ + echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +COPY prompt.sh /etc/profile.d/ +ENTRYPOINT ["/usr/sbin/entry.sh"] +CMD ["/usr/sbin/console.sh"] diff --git a/images/10-fedoraconsole/prebuild.sh b/images/10-fedoraconsole/prebuild.sh new file mode 100755 index 00000000..d4c8cdb0 --- /dev/null +++ b/images/10-fedoraconsole/prebuild.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build +cp ./../01-base/entry.sh ./build/ +cp ./../02-console/console.sh ./build/ +cp ./../02-console/docker-init ./build/ +cp ./../02-console/update-ssh-keys ./build/ +cp ./../02-console/rancheros-install ./build/ diff --git a/images/10-fedoraconsole/prompt.sh b/images/10-fedoraconsole/prompt.sh new file mode 100644 index 00000000..4438c010 --- /dev/null +++ b/images/10-fedoraconsole/prompt.sh @@ -0,0 +1 @@ +export PS1='[\u@\h \W]\$ ' diff --git a/images/10-resizefs/Dockerfile b/images/10-resizefs/Dockerfile new file mode 100644 index 00000000..c3e7b3ce --- /dev/null +++ b/images/10-resizefs/Dockerfile @@ -0,0 +1,7 @@ +FROM rancher/os-resizefs-base +# FROM amd64=ubuntu:14.04.4 arm64=aarch64/ubuntu:14.04 arm=armhf/ubuntu:14.04 +RUN apt-get update && \ + apt-get install -y --no-install-recommends cloud-guest-utils parted && \ + apt-get clean && rm -rf /var/lib/apt/lists/* +COPY resizefs.sh / +ENTRYPOINT ["/resizefs.sh"] diff --git a/images/10-resizefs/resizefs.sh b/images/10-resizefs/resizefs.sh new file mode 100755 index 00000000..a1d46c91 --- /dev/null +++ b/images/10-resizefs/resizefs.sh @@ -0,0 +1,22 @@ +#!/bin/bash +set -ex + +RESIZE_DEV=${RESIZE_DEV:?"RESIZE_DEV not set."} +STAMP=/var/log/resizefs.done + +if [ -e "${STAMP}" ]; then + echo FS already resized. + exit 0 +fi + +# TODO: rm hardcoded partition number, maybe identify RANCHER_STATE partition (can be the whole device) +if [ -b "${RESIZE_DEV}" ]; then + growpart ${RESIZE_DEV} 1 || : # ignore error "NOCHANGE: partition 1 is size NNN. it cannot be grown" + partprobe ${RESIZE_DEV} + resize2fs ${RESIZE_DEV}1 +else + echo "Block device expected: ${RESIZE_DEV} is not." + exit 1 +fi + +touch $STAMP diff --git a/images/10-selinuxtools/Dockerfile b/images/10-selinuxtools/Dockerfile new file mode 100644 index 00000000..64f69b09 --- /dev/null +++ b/images/10-selinuxtools/Dockerfile @@ -0,0 +1,28 @@ +FROM rancher/os-fedoraconsole-base +RUN dnf upgrade -y && \ + dnf install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop +RUN rm -rf /etc/ssh/*key* +RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt +RUN ln -s /sbin/agetty /sbin/getty +COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/ +RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 +RUN groupadd --gid 1100 rancher && \ + groupadd --gid 1101 docker && \ + useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \ + useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \ + echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +COPY prompt.sh /etc/profile.d/ + +RUN dnf install -y git make gcc findutils selinux-policy-devel setools-console setools-devel + +RUN git clone https://github.com/rancher/refpolicy.git /usr/src/refpolicy +RUN cd /usr/src/refpolicy && git submodule init && git submodule update && \ + sed -i '/MONOLITHIC = y/c\MONOLITHIC = n' build.conf && \ + make conf && make && make install-headers + +ENTRYPOINT ["/usr/sbin/entry.sh"] diff --git a/images/10-selinuxtools/prebuild.sh b/images/10-selinuxtools/prebuild.sh new file mode 100755 index 00000000..d4c8cdb0 --- /dev/null +++ b/images/10-selinuxtools/prebuild.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build +cp ./../01-base/entry.sh ./build/ +cp ./../02-console/console.sh ./build/ +cp ./../02-console/docker-init ./build/ +cp ./../02-console/update-ssh-keys ./build/ +cp ./../02-console/rancheros-install ./build/ diff --git a/images/10-selinuxtools/prompt.sh b/images/10-selinuxtools/prompt.sh new file mode 100644 index 00000000..4438c010 --- /dev/null +++ b/images/10-selinuxtools/prompt.sh @@ -0,0 +1 @@ +export PS1='[\u@\h \W]\$ ' diff --git a/images/10-ubuntuconsole/Dockerfile b/images/10-ubuntuconsole/Dockerfile new file mode 100644 index 00000000..3f90a157 --- /dev/null +++ b/images/10-ubuntuconsole/Dockerfile @@ -0,0 +1,21 @@ +FROM rancher/os-ubuntuconsole-base +# FROM amd64=ubuntu:14.04.4 arm64=aarch64/ubuntu:14.04 arm=armhf/ubuntu:14.04 +RUN apt-get update && \ + apt-get upgrade --no-install-recommends -y && \ + apt-get install -y --no-install-recommends iptables openssh-server rsync vim curl ca-certificates psmisc htop +RUN rm -rf /etc/ssh/*key* +RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt +COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/ +RUN locale-gen en_US.UTF-8 +RUN addgroup --gid 1100 rancher && \ + addgroup --gid 1101 docker && \ + useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \ + useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \ + echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \ + echo '## allow password less for rancher user' >> /etc/sudoers && \ + echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + echo '## allow password less for docker user' >> /etc/sudoers && \ + echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \ + ln -sf /usr/bin/docker.dist /usr/bin/docker +ENTRYPOINT ["/usr/sbin/entry.sh"] +CMD ["/usr/sbin/console.sh"] diff --git a/images/10-ubuntuconsole/prebuild.sh b/images/10-ubuntuconsole/prebuild.sh new file mode 100755 index 00000000..d4c8cdb0 --- /dev/null +++ b/images/10-ubuntuconsole/prebuild.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +rm -rf ./build +mkdir -p ./build +cp ./../01-base/entry.sh ./build/ +cp ./../02-console/console.sh ./build/ +cp ./../02-console/docker-init ./build/ +cp ./../02-console/update-ssh-keys ./build/ +cp ./../02-console/rancheros-install ./build/ diff --git a/os-config.tpl.yml b/os-config.tpl.yml index 28132c2f..f694b29c 100644 --- a/os-config.tpl.yml +++ b/os-config.tpl.yml @@ -2,7 +2,7 @@ default_hostname: {{.HOSTNAME_DEFAULT}} rancher: bootstrap: state-script: - image: {{.OS_IMAGES_ROOT}}/os-statescript:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-statescript:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.scope: system @@ -18,7 +18,7 @@ rancher: - /usr/bin/ros:/usr/bin/ros:ro - /usr/share/ros:/usr/share/ros:ro udev-bootstrap: - image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}} environment: - BOOTSTRAP=true labels: @@ -34,7 +34,7 @@ rancher: - /lib/firmware:/lib/firmware autoformat: autoformat: - image: {{.OS_IMAGES_ROOT}}/os-autoformat:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-autoformat:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.scope: system @@ -42,7 +42,7 @@ rancher: net: none privileged: true udev-autoformat: - image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.scope: system @@ -75,7 +75,7 @@ rancher: services: {{if eq "amd64" .ARCH -}} acpid: - image: {{.OS_IMAGES_ROOT}}/os-acpid:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-acpid:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system net: host @@ -86,7 +86,7 @@ rancher: - system-volumes {{end -}} all-volumes: - image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.createonly: "true" io.rancher.os.scope: system @@ -100,7 +100,7 @@ rancher: - user-volumes - system-volumes cloud-init: - image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.reloadconfig: "true" @@ -113,7 +113,7 @@ rancher: - command-volumes - system-volumes cloud-init-pre: - image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}} environment: - CLOUD_INIT_NETWORK=false labels: @@ -128,7 +128,7 @@ rancher: - command-volumes - system-volumes command-volumes: - image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.createonly: "true" io.rancher.os.scope: system @@ -152,7 +152,7 @@ rancher: - /usr/bin/ros:/usr/sbin/wait-for-network:ro - /usr/bin/ros:/usr/sbin/wait-for-docker:ro console: - image: {{.OS_IMAGES_ROOT}}/os-console:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-console:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.after: wait-for-network @@ -168,7 +168,7 @@ rancher: volumes: - /usr/bin/iptables:/sbin/iptables:ro container-data-volumes: - image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.createonly: "true" io.rancher.os.scope: system @@ -181,7 +181,7 @@ rancher: - /var/lib/system-docker:/var/lib/system-docker - /var/lib/rkt:/var/lib/rkt network-pre: - image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.after: cloud-init-pre @@ -193,7 +193,7 @@ rancher: - command-volumes - system-volumes network: - image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.after: cloud-init @@ -207,7 +207,7 @@ rancher: - command-volumes - system-volumes wait-for-network-pre: - image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}} command: wait-for-network labels: io.rancher.os.detach: "false" @@ -219,7 +219,7 @@ rancher: - command-volumes - system-volumes wait-for-network: - image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}} command: wait-for-network labels: io.rancher.os.detach: "false" @@ -231,7 +231,7 @@ rancher: - command-volumes - system-volumes ntp: - image: {{.OS_IMAGES_ROOT}}/os-ntp:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-ntp:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.after: wait-for-network-pre @@ -240,7 +240,7 @@ rancher: privileged: true restart: always preload-system-images: - image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-preload:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.scope: system @@ -252,7 +252,7 @@ rancher: - command-volumes - system-volumes preload-user-images: - image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-preload:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.detach: "false" io.rancher.os.scope: system @@ -265,7 +265,7 @@ rancher: - command-volumes - system-volumes syslog: - image: {{.OS_IMAGES_ROOT}}/os-syslog:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-syslog:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system log_driver: json-file @@ -276,7 +276,7 @@ rancher: volumes_from: - system-volumes system-volumes: - image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.createonly: "true" io.rancher.os.scope: system @@ -301,7 +301,7 @@ rancher: - /var/log:/var/log - /var/run:/var/run udev-cold: - image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.before: udev @@ -311,7 +311,7 @@ rancher: volumes_from: - system-volumes udev: - image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}} environment: - DAEMON=true labels: @@ -324,7 +324,7 @@ rancher: volumes_from: - system-volumes user-volumes: - image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.createonly: "true" io.rancher.os.scope: system @@ -336,7 +336,7 @@ rancher: - /home:/home - /opt:/opt docker: - image: {{.OS_IMAGES_ROOT}}/os-docker:{{.VERSION}}{{.SUFFIX}} + image: {{.OS_REPO}}/os-docker:{{.VERSION}}{{.SUFFIX}} labels: io.rancher.os.scope: system io.rancher.os.after: console @@ -356,7 +356,7 @@ rancher: -H, 'unix:///var/run/system-docker.sock', --userland-proxy=false] upgrade: url: {{.OS_RELEASES_YML}} - image: {{.OS_IMAGES_ROOT}}/os + image: {{.OS_REPO}}/os docker: tls_args: [--tlsverify, --tlscacert=/etc/docker/tls/ca.pem, --tlscert=/etc/docker/tls/server-cert.pem, --tlskey=/etc/docker/tls/server-key.pem, '-H=0.0.0.0:2376'] diff --git a/scripts/build b/scripts/build new file mode 100755 index 00000000..ec88e1e5 --- /dev/null +++ b/scripts/build @@ -0,0 +1,5 @@ +#!/bin/bash +set -e + +$(dirname $0)/build-target +$(dirname $0)/build-host diff --git a/scripts/build-common b/scripts/build-common deleted file mode 100644 index c755576d..00000000 --- a/scripts/build-common +++ /dev/null @@ -1,2 +0,0 @@ -BUILD=$(pwd)/build -DIST=$(pwd)/dist diff --git a/scripts/build-host b/scripts/build-host new file mode 100755 index 00000000..03d60765 --- /dev/null +++ b/scripts/build-host @@ -0,0 +1,12 @@ +#!/bin/bash + +cd $(dirname $0)/.. + +export OUTPUT=bin/host_ros + +if [[ -e bin/ros && "$HOST_ARCH" = "$ARCH" ]]; then + echo Creating $OUTPUT + cp bin/ros $OUTPUT +else + GOARCH=${HOST_ARCH} TOOLCHAIN= ./scripts/build-target +fi diff --git a/scripts/build-images b/scripts/build-images new file mode 100755 index 00000000..d36187a2 --- /dev/null +++ b/scripts/build-images @@ -0,0 +1,38 @@ +#!/bin/bash +set -e + +export ARCH=${ARCH:-"amd64"} +BASE=images + +source $(dirname $0)/version +cd $(dirname $0)/.. + +DO_PUSH="$1" + +if [ "${DO_PUSH}" == "--push" ]; then + for i in $BASE/[0-9]*; do + name="os-$(echo ${i} | cut -f2 -d-)" + tag="${OS_REPO}/${name}:${VERSION}${SUFFIX}" + echo Pushing ${tag} + docker push ${tag} || : + done +else + for i in $BASE/[0-9]*; do + name="os-$(echo ${i} | cut -f2 -d-)" + tag="${OS_REPO}/${name}:${VERSION}${SUFFIX}" + echo Building ${tag} + if [ -x ${i}/prebuild.sh ]; then + if ${i}/prebuild.sh; then + dapper -d --build -f ${i}/Dockerfile -- -t rancher/${name} ${i} + docker tag rancher/${name} ${tag} + elif [ "$?" != "42" ]; then + exit 1 + else + echo "WARN: Skipping ${tag}" + fi + else + dapper -d --build -f ${i}/Dockerfile -- -t rancher/${name} ${i} + docker tag rancher/${name} ${tag} + fi + done +fi diff --git a/scripts/build-target b/scripts/build-target new file mode 100755 index 00000000..abe0f2cf --- /dev/null +++ b/scripts/build-target @@ -0,0 +1,17 @@ +#!/bin/bash +set -e + +ros="$1" + +source $(dirname $0)/version + +cd $(dirname $0)/.. + +if [ "${!TOOLCHAIN}" != "" ]; then + export CC=/usr/bin/${!TOOLCHAIN}-gcc + export CGO_ENABLED=1 +fi + +OUTPUT=${OUTPUT:-bin/ros} +echo Building $OUTPUT +go build -tags netgo -installsuffix netgo -ldflags "-X github.com/rancher/os/config.VERSION=${VERSION} -linkmode external -extldflags -static" -o ${OUTPUT} diff --git a/scripts/build-vbox-vm b/scripts/build-vbox-vm deleted file mode 100755 index 0637c7f6..00000000 --- a/scripts/build-vbox-vm +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -set -x -e - -cd $(dirname $0)/.. -: RANCHER_ISO=${RANCHER_ISO:="./dist/artifacts/rancheros.iso"} - -if [[ -z $RANCHER_ISO ]]; then - echo "Need an ISO..." 1>&2 - exit 1 -fi - -if [ ! -e ${RANCHER_ISO} ]; then - echo "Could not find ISO ${RANCHER_ISO}..." 1>&2 - echo "have you run build.sh yet?" 1>&2 - exit 1 -fi - -GITSHA=$(git rev-parse --short HEAD) -VM="RancherOS-${GITSHA}" - -sudo chown -R `whoami` ./dist - -VBoxManage createhd --format vmdk --filename ./dist/artifacts/$VM.vmdk --size 40000 - -VBoxManage createvm --name $VM --ostype "Linux_64" --register - -VBoxManage storagectl $VM --name "SATA" --add sata --portcount 2 -VBoxManage storageattach $VM --storagectl "SATA" --port 0 --type hdd --medium ./dist/artifacts/$VM.vmdk -VBoxManage storageattach $VM --storagectl "SATA" --port 1 --type dvddrive --medium ${RANCHER_ISO} - -VBoxManage modifyvm $VM --memory 1024 --acpi on --boot1 disk --boot2 dvd -VBoxManage modifyvm $VM --rtcuseutc on -VBoxManage modifyvm $VM --usb off -VBoxManage modifyvm $VM --audio none -VBoxManage modifyvm $VM --nic1 nat -VBoxManage modifyvm $VM --nictype1 virtio - -#VBoxManage startvm $VM diff --git a/scripts/ci b/scripts/ci index e78fd443..335b197a 100755 --- a/scripts/ci +++ b/scripts/ci @@ -1,7 +1,10 @@ -#!/bin/sh -set -ex +#!/bin/bash +set -e -cd $(dirname $0)/.. -. ./scripts/dapper-common +cd $(dirname $0) -dapper -d -O make HOST_ARCH=${HOST_ARCH} ARCH=${ARCH} DEV_BUILD=1 test +./build +./test +#./validate +./prepare +./package diff --git a/scripts/clean b/scripts/clean new file mode 100755 index 00000000..654c724e --- /dev/null +++ b/scripts/clean @@ -0,0 +1,4 @@ +#!/bin/bash + +cd $(dirname $0)/.. +rm -rf build dist bin images/*/build diff --git a/scripts/dapper-common b/scripts/dapper-common deleted file mode 100755 index 3f5b7261..00000000 --- a/scripts/dapper-common +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -set -ex - -HOST_ARCH=${HOST_ARCH:-$(docker version | grep 'OS/Arch:' | tail -n+2 | awk '{print $2}' | cut -f2 -d'/')} -HOST_ARCH=${HOST_ARCH:?"Failed to guess HOST_ARCH"} -ARCH=${ARCH:-"$HOST_ARCH"} -export HOST_ARCH ARCH - -cd $(dirname $0)/.. - -[ -f "./.docker-env.${HOST_ARCH}" ] && . ./.docker-env.${HOST_ARCH} || echo "WARNING: missing .docker-env.${HOST_ARCH} (to use an ${HOST_ARCH} docker host)" - -. ./build.conf.${HOST_ARCH} -export HOST_DOCKER_BINARY_URL=${DOCKER_BINARY_URL} -docker inspect $DAPPER_BASE >/dev/null 2>&1 || docker pull $DAPPER_BASE -docker tag $DAPPER_BASE rancher/os-dapper-base - -set -a -. ./build.conf.${ARCH} -set +a diff --git a/scripts/entry b/scripts/entry new file mode 100755 index 00000000..03bfd05b --- /dev/null +++ b/scripts/entry @@ -0,0 +1,11 @@ +#!/bin/bash +set -e + +trap "chown -R $DAPPER_UID:$DAPPER_GID ." exit + +mkdir -p bin dist build +if [ -e ./scripts/$1 ]; then + ./scripts/"$@" +else + "$@" +fi diff --git a/scripts/gen-os-config.sh b/scripts/gen-os-config.sh deleted file mode 100755 index fa09c898..00000000 --- a/scripts/gen-os-config.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -set -ex - -cd $(dirname $0)/.. - -set -a -. build.conf -. build.conf.${ARCH} - -SUFFIX="" -[ "${ARCH}" == "amd64" ] || SUFFIX="_${ARCH}" -set +a - -build/host_ros c generate < os-config.tpl.yml > $1 diff --git a/scripts/layout b/scripts/layout new file mode 100755 index 00000000..db44fd77 --- /dev/null +++ b/scripts/layout @@ -0,0 +1,52 @@ +#!/bin/bash +set -e + +source $(dirname $0)/version +cd $(dirname $0)/.. + +BUILD=build +INITRD_DIR=${BUILD}/initrd + +echo Create initrd layout in $INITRD_DIR + +rm -rf ${INITRD_DIR} +mkdir -p ${INITRD_DIR}/usr/{etc,bin,share/ros} + +cp -rf assets/selinux ${INITRD_DIR}/usr/etc +cp build/images.tar ${INITRD_DIR}/usr/share/ros/ +cp build/os-config.yml ${INITRD_DIR}/usr/share/ros/ +cp bin/ros ${INITRD_DIR}/usr/bin/ +cp ${DOWNLOADS}/docker ${INITRD_DIR}/usr/bin/docker +ln -s usr/bin/ros ${INITRD_DIR}/init +ln -s bin ${INITRD_DIR}/usr/sbin +ln -s usr/sbin ${INITRD_DIR}/sbin + + +if [ -e ${DOWNLOADS}/kernel.tar.gz ]; then + tar xf ${DOWNLOADS}/kernel.tar.gz -C ${INITRD_DIR}/usr/ lib/ +fi + +if [ -e ${DOWNLOADS}/policy.29 ]; then + mkdir -p ${INITRD_DIR}/usr/etc/selinux/ros/policy/ + cp ${DOWNLOADS}/policy.29 ${INITRD_DIR}/usr/etc/selinux/ros/policy/ +fi + +DFS_ARCH=$(docker create ${DFS_IMAGE}${SUFFIX}) +trap "docker rm -fv ${DFS_ARCH} >/dev/null" EXIT + +docker export ${DFS_ARCH} | tar xf - -C ${INITRD_DIR} --exclude=usr/bin/dockerlaunch \ + --exclude=usr/bin/docker \ + --exclude=usr/share/git-core \ + --exclude=usr/bin/git \ + --exclude=usr/bin/ssh \ + --exclude=usr/libexec/git-core \ + usr + +tar xf ${DOWNLOADS}/kernel.tar.gz -C ${BUILD} boot/ + +if [ -e ${BUILD}/boot/vmlinuz-* ]; then + mkdir -p dist/artifacts + cp ${BUILD}/boot/vmlinuz-* dist/artifacts/vmlinuz +fi + +cat /proc/sys/kernel/random/uuid > ${INITRD_DIR}/.id diff --git a/scripts/make.sh b/scripts/make.sh deleted file mode 100755 index 4b84c0b0..00000000 --- a/scripts/make.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -set -e - -cd $(dirname $0)/.. -. ./scripts/dapper-common - -dapper make HOST_ARCH=${HOST_ARCH} ARCH=${ARCH} "$@" diff --git a/scripts/mk-images-tar.sh b/scripts/mk-images-tar.sh deleted file mode 100755 index e3fe10b0..00000000 --- a/scripts/mk-images-tar.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -set -ex - -cd $(dirname $0)/.. -. scripts/build-common - -images="$(build/host_ros c images -i build/os-config.yml)" -for i in ${images}; do - [ "${FORCE_PULL}" != "1" ] && docker inspect $i >/dev/null 2>&1 || docker pull $i; -done - -docker save ${images} > ${BUILD}/images.tar diff --git a/scripts/mk-initrd.sh b/scripts/mk-initrd.sh deleted file mode 100755 index 9dbfb267..00000000 --- a/scripts/mk-initrd.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -set -ex - -TARGET=$(pwd)/${1} - -SUFFIX=${SUFFIX:-""} -DFS_IMAGE=${DFS_IMAGE:?"DFS_IMAGE not set"} -IS_ROOTFS=${IS_ROOTFS:-0} - -cd $(dirname $0)/.. -. scripts/build-common - -INITRD_DIR=${BUILD}/initrd - -rm -rf ${INITRD_DIR}/{usr,init} -mkdir -p ${INITRD_DIR}/usr/{bin,share/ros} -mkdir -p ${INITRD_DIR}/var/lib/system-docker -mkdir -p ${INITRD_DIR}/usr/etc/selinux/ros/{policy,contexts} - -if [ "$IS_ROOTFS" == "0" ]; then - cp -rf ${BUILD}/kernel/lib ${INITRD_DIR}/usr/ -fi -cp assets/docker ${INITRD_DIR}/usr/bin/docker -if [ "$IS_ROOTFS" == "0" ]; then - cp ${BUILD}/images.tar ${INITRD_DIR}/usr/share/ros/ -fi -cp build/os-config.yml ${INITRD_DIR}/usr/share/ros/ -cp bin/ros ${INITRD_DIR}/usr/bin/ -ln -s usr/bin/ros ${INITRD_DIR}/init -ln -s bin ${INITRD_DIR}/usr/sbin -ln -s usr/sbin ${INITRD_DIR}/sbin - -cp assets/selinux/config ${INITRD_DIR}/usr/etc/selinux/ -cp assets/selinux/policy.29 ${INITRD_DIR}/usr/etc/selinux/ros/policy/ -cp assets/selinux/seusers ${INITRD_DIR}/usr/etc/selinux/ros/ -cp assets/selinux/lxc_contexts ${INITRD_DIR}/usr/etc/selinux/ros/contexts/ -cp assets/selinux/failsafe_context ${INITRD_DIR}/usr/etc/selinux/ros/contexts/ - -if [ "$ARCH" == "amd64" ]; then - KERNEL_RELEASE=$(tar xvf assets/modules.tar.gz -C ${INITRD_DIR} | cut -f4 -d/ | cut -f1 -d ' ') - depmod -a -b ${INITRD_DIR}/usr $KERNEL_RELEASE -fi - -DFS_ARCH=$(docker create ${DFS_IMAGE}${SUFFIX}) -trap "docker rm -fv ${DFS_ARCH}" EXIT - -docker export ${DFS_ARCH} | tar xvf - -C ${INITRD_DIR} --exclude=usr/bin/dockerlaunch \ - --exclude=usr/bin/docker \ - --exclude=usr/share/git-core \ - --exclude=usr/bin/git \ - --exclude=usr/bin/ssh \ - --exclude=usr/libexec/git-core \ - usr - -if [ "$IS_ROOTFS" == "1" ]; then - DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX}) - trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT - docker exec -i ${DFS} docker load < ${BUILD}/images.tar - docker stop ${DFS} - docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${INITRD_DIR}/var/lib/system-docker - docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${INITRD_DIR}/var/lib/system-docker - - cd ${INITRD_DIR} - - tar -czf ${TARGET} . -else - COMPRESS=lzma - [ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1" - - cd ${INITRD_DIR} - - find | cpio -H newc -o | ${COMPRESS} > ${TARGET} -fi diff --git a/scripts/mk-iso-checksums-txt.sh b/scripts/mk-iso-checksums-txt.sh deleted file mode 100755 index 3b34262a..00000000 --- a/scripts/mk-iso-checksums-txt.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -set -ex - -cd $(dirname $0)/.. -. scripts/build-common - -cd ${DIST}/artifacts -rm -f iso-checksums.txt || : - -for algo in 'sha256' 'md5'; do - echo "$algo: `${algo}sum rancheros.iso`" >> iso-checksums.txt; -done diff --git a/scripts/mk-kernel-tar-from-deb.sh b/scripts/mk-kernel-tar-from-deb.sh deleted file mode 100755 index c3e07eb7..00000000 --- a/scripts/mk-kernel-tar-from-deb.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -set -e -x - -# This script will convert an Ubuntu deb file to the kernel tar structure the RancherOS build expects -# For example -# -# ./scripts/mk-kernel-tar-from-deb.sh linux-image-3.19.0-28-generic_3.19.0-28.30_amd64.deb linux-image-extra-3.19.0-28-generic_3.19.0-28.30_amd64.deb linux-firmware_1.143.3_all.deb -# - -mkdir -p $(dirname $0)/../build -BUILD=$(mktemp -d $(dirname $0)/../build/deb-XXXXX) -mkdir -p $BUILD - -extract() -{ - if [ ! -e $1 ]; then - echo $1 does not exist - exit 1 - fi - - local deb=$(readlink -f $1) - - cd $BUILD - rm -f data.tar.* 2>/dev/null || true - ar x $deb - tar xvf data.tar.* - cd - -} - -for i in "$@"; do - extract $i -done - -cd $BUILD - -KVER=$(ls ./lib/modules) -depmod -b . $KVER - -echo Creating ${OLDPWD}/kernel.tar.gz -tar cvzf ${OLDPWD}/kernel.tar.gz ./lib boot/vmlinuz* -echo Created ${OLDPWD}/kernel.tar.gz - -cd - -rm -rf ${BUILD} diff --git a/scripts/mk-ros.sh b/scripts/mk-ros.sh deleted file mode 100755 index 70bd9731..00000000 --- a/scripts/mk-ros.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -set -ex - -ros="$1" - -ARCH=${ARCH:?"ARCH not set"} -VERSION=${VERSION:?"VERSION not set"} - -cd $(dirname $0)/.. - -strip_bin=$(which strip) -[ "${ARCH}" == "arm" ] && export GOARM=6 -if [ "${TOOLCHAIN}" != "" ]; then - export CC=/usr/bin/${TOOLCHAIN}-gcc - export CGO_ENABLED=1 - strip_bin=/usr/bin/${TOOLCHAIN}-strip -fi -GOARCH=${ARCH} go build -tags netgo -installsuffix netgo -ldflags "-X github.com/rancher/os/config.VERSION=${VERSION} -linkmode external -extldflags -static" -o ${ros} -${strip_bin} --strip-all ${ros} diff --git a/scripts/package b/scripts/package new file mode 100755 index 00000000..99018d6a --- /dev/null +++ b/scripts/package @@ -0,0 +1,8 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +./package-rootfs +./package-initrd +./package-iso diff --git a/scripts/package-initrd b/scripts/package-initrd new file mode 100755 index 00000000..ce8ec456 --- /dev/null +++ b/scripts/package-initrd @@ -0,0 +1,41 @@ +#!/bin/bash +set -e + +rootfs() { + DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX}) + trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT + docker exec -i ${DFS} docker load < ${INITRD_DIR}/usr/share/ros/images.tar + docker stop ${DFS} + docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR} + docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR} + + tar -cf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} . + tar -rf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} . + rm -f ${ARTIFACTS}/rootfs.tar.gz + gzip ${ARTIFACTS}/rootfs.tar +} + +initrd() { + COMPRESS=lzma + [ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1" + + pushd ${INITRD_DIR} >/dev/null + + find | cpio -H newc -o | ${COMPRESS} > ${INITRD} + + popd >/dev/null +} + +cd $(dirname $0)/.. + +BUILD=$(pwd)/build +IMAGE_CACHE=${BUILD}/image-cache +PREPOP_DIR=${IMAGE_CACHE}/var/lib/system-docker +INITRD_DIR=${BUILD}/initrd +ARTIFACTS=$(pwd)/dist/artifacts +INITRD=${ARTIFACTS}/initrd + +mkdir -p ${ARTIFACTS} ${PREPOP_DIR} + +rootfs +initrd diff --git a/scripts/mk-rancheros-iso.sh b/scripts/package-iso similarity index 59% rename from scripts/mk-rancheros-iso.sh rename to scripts/package-iso index c36a3621..e4c5f56d 100755 --- a/scripts/mk-rancheros-iso.sh +++ b/scripts/package-iso @@ -1,23 +1,24 @@ #!/bin/bash -set -ex +set -e +source $(dirname $0)/version cd $(dirname $0)/.. -. scripts/build-common +ARTIFACTS=$(pwd)/dist/artifacts CD=${BUILD}/cd +mkdir -p ${CD}/boot/isolinux mkdir -p ${CD}/boot/isolinux -cp ${DIST}/artifacts/initrd ${CD}/boot -cp ${DIST}/artifacts/vmlinuz ${CD}/boot +cp ${ARTIFACTS}/initrd ${CD}/boot +cp ${ARTIFACTS}/vmlinuz ${CD}/boot cp scripts/isolinux.cfg ${CD}/boot/isolinux cp /usr/lib/ISOLINUX/isolinux.bin ${CD}/boot/isolinux cp /usr/lib/syslinux/modules/bios/ldlinux.c32 ${CD}/boot/isolinux cd ${CD} && xorriso \ - -publisher "Rancher Labs, Inc." \ -as mkisofs \ - -l -J -R -V "RancherOS" \ + -l -J -R -V "${DISTRIB_ID}" \ -no-emul-boot -boot-load-size 4 -boot-info-table \ -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat \ -isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \ - -o ${DIST}/artifacts/rancheros.iso ${CD} + -o ${ARTIFACTS}/$(echo ${DISTRIB_ID} | tr '[:upper:]' '[:lower:]').iso ${CD} diff --git a/scripts/package-rootfs b/scripts/package-rootfs new file mode 100755 index 00000000..ce8ec456 --- /dev/null +++ b/scripts/package-rootfs @@ -0,0 +1,41 @@ +#!/bin/bash +set -e + +rootfs() { + DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX}) + trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT + docker exec -i ${DFS} docker load < ${INITRD_DIR}/usr/share/ros/images.tar + docker stop ${DFS} + docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR} + docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR} + + tar -cf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} . + tar -rf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} . + rm -f ${ARTIFACTS}/rootfs.tar.gz + gzip ${ARTIFACTS}/rootfs.tar +} + +initrd() { + COMPRESS=lzma + [ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1" + + pushd ${INITRD_DIR} >/dev/null + + find | cpio -H newc -o | ${COMPRESS} > ${INITRD} + + popd >/dev/null +} + +cd $(dirname $0)/.. + +BUILD=$(pwd)/build +IMAGE_CACHE=${BUILD}/image-cache +PREPOP_DIR=${IMAGE_CACHE}/var/lib/system-docker +INITRD_DIR=${BUILD}/initrd +ARTIFACTS=$(pwd)/dist/artifacts +INITRD=${ARTIFACTS}/initrd + +mkdir -p ${ARTIFACTS} ${PREPOP_DIR} + +rootfs +initrd diff --git a/scripts/prepare b/scripts/prepare new file mode 100755 index 00000000..6e484cd8 --- /dev/null +++ b/scripts/prepare @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +source $(dirname $0)/version + +cd $(dirname $0) + +if [ ! -e ./bin/host_ros ]; then + ./build +fi + +./template +./build-images +./tar-images +./layout diff --git a/scripts/release b/scripts/release new file mode 100755 index 00000000..7af0df35 --- /dev/null +++ b/scripts/release @@ -0,0 +1,3 @@ +#!/bin/bash + +exec $(dirname $0)/ci diff --git a/scripts/run b/scripts/run index 6632c6e1..1e0dd24a 100755 --- a/scripts/run +++ b/scripts/run @@ -3,8 +3,6 @@ set -e cd $(dirname $0)/.. -source scripts/build-common - HOST_ARCH=${HOST_ARCH:-amd64} ARCH=${ARCH:-amd64} @@ -34,11 +32,13 @@ cd_arm() { } declare -A cd=( ["amd64"]="cd_amd64" ["arm"]="cd_arm" ["arm64"]="cd_arm" ) +BUILD=build BASE=$(pwd) UNAME=$(uname) KERNEL=${BASE}/dist/artifacts/vmlinuz -INITRD=${BASE}/dist/artifacts/initrd +INITRD_SRC=${BASE}/build/initrd +INITRD=${BASE}/build/initrd.tmp QEMU=1 FORMAT=1 @@ -103,42 +103,17 @@ if [ "$QEMU" == "1" ] && ! which qemu-system-${QEMUARCH}; then QEMU=0 fi -if [[ ! -e ${KERNEL} || ! -e ${INITRD} ]]; then - echo "Failed to find ${KERNEL} or ${INITRD}" 1>&2 +if [[ ! -e ${KERNEL} || ! -e ${INITRD_SRC} ]]; then + echo "Failed to find ${KERNEL} or ${INITRD_SRC}" 1>&2 exit 1 fi -# Linux and Darwin SHA1 sum binary are different, pick which to use -if [ "$UNAME" == "Darwin" ]; then sha1sum=$(which shasum) -elif [ "$UNAME" == "Linux" ]; then sha1sum=$(which sha1sum); -fi - if [ "$REBUILD" == "1" ]; then - INITRD_TMP=${BUILD}/$(${sha1sum} ${INITRD} | awk '{print $1}') - INITRD_CURRENT=${BUILD}/initrd-current - INITRD_TEST=${BUILD}/initrd.test - - if [ ! -d ${INITRD_TMP} ]; then - mkdir -p ${INITRD_TMP} - pushd ${INITRD_TMP} - xz -dfc ${INITRD} | gunzip -f | cpio -idm - popd - fi - - if [ -e ${INITRD_CURRENT} ]; then - rm -f ${INITRD_CURRENT} - fi - - ln -s ${INITRD_TMP} ${INITRD_CURRENT} - - mkdir -p ${INITRD_TMP}/usr/{bin,share/ros} - cp bin/ros ${INITRD_TMP}/usr/bin/ - cp -f build/os-config.yml ${INITRD_TMP}/usr/share/ros/ - - pushd ${INITRD_TMP} - find . | cpio -H newc -o | gzip > ${INITRD_TEST} - popd - INITRD=${INITRD_TEST} + cp bin/ros ${INITRD_SRC}/usr/bin/ros + cp build/os-config.yml ${INITRD_SRC}/usr/share/ros + pushd ${INITRD_SRC} >/dev/null + find . | cpio -H newc -o | gzip -1 > ${INITRD} + popd >/dev/null fi KERNEL_ARGS="quiet rancher.password=rancher console=${TTYCONS} ${QEMU_APPEND}" @@ -162,17 +137,9 @@ if [ "$QEMU" == "1" ]; then qemu-img create -f qcow2 -o size=10G ${HD} fi - - CCIMG=${BUILD}/cc.img - CCDEV=$(losetup -f) CCROOT=${BUILD}/cloud-config - dd if=/dev/zero of=${CCIMG} bs=1024 count=512 - losetup ${CCDEV} ${CCIMG} - mkfs.vfat -n "config-2" ${CCDEV} - rm -rf ${CCROOT} mkdir -p ${CCROOT} - mount ${CCDEV} ${CCROOT} USER_DATA=${CCROOT}/openstack/latest/user_data mkdir -p $(dirname ${USER_DATA}) @@ -185,10 +152,6 @@ if [ "$QEMU" == "1" ]; then echo "- $(<${BASE}/assets/rancher.key.pub)" >> ${USER_DATA} fi - umount ${CCROOT} - losetup -d ${CCDEV} - - CPU=${cpu["$ARCH"]} if [ "$KVM" == "1" ] && [ "$ARCH" == "$HOST_ARCH" ]; then KVM_ENABLE="-enable-kvm" @@ -204,12 +167,15 @@ if [ "$QEMU" == "1" ]; then -initrd ${INITRD} \ -m 2048 \ ${network["$ARCH"]} \ - $(eval "${cd["$ARCH"]} ${CCIMG}") \ $(eval "${hd["$ARCH"]} ${HD}") \ -smp 1 \ -append "${KERNEL_ARGS}" \ -nographic \ -display none \ + -fsdev local,security_model=passthrough,readonly,id=fsdev0,path=${CCROOT} \ + -device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=config-2 \ + -fsdev local,security_model=none,id=fsdev1,path=${HOME} \ + -device virtio-9p-pci,id=fs1,fsdev=fsdev1,mount_tag=home \ ${QEMU_ARGS} \ "${@}" diff --git a/scripts/shell.sh b/scripts/shell.sh deleted file mode 100755 index f171e10e..00000000 --- a/scripts/shell.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -set -e - -cd $(dirname $0)/.. -. ./scripts/dapper-common - -exec dapper -d -s diff --git a/scripts/tar-images b/scripts/tar-images new file mode 100755 index 00000000..66f88e0e --- /dev/null +++ b/scripts/tar-images @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +cd $(dirname $0)/.. + +mkdir -p build + +IMAGES=$(bin/host_ros c images -i build/os-config.yml) +for i in $IMAGES; do + if [ "${FORCE_PULL}" = "1" ] || ! docker inspect $i >/dev/null 2>&1; then + docker pull $i + fi +done + +docker save ${IMAGES} > build/images.tar diff --git a/scripts/template b/scripts/template new file mode 100755 index 00000000..8e947120 --- /dev/null +++ b/scripts/template @@ -0,0 +1,9 @@ +#!/bin/bash +set -e + +source $(dirname $0)/version + +cd $(dirname $0)/.. + +mkdir -p build +./bin/host_ros c generate < os-config.tpl.yml > build/os-config.yml diff --git a/scripts/test b/scripts/test index 222dd5db..4a6795b8 100755 --- a/scripts/test +++ b/scripts/test @@ -1,17 +1,10 @@ #!/bin/bash set -e -if [[ ! -x "$(which go)" && -x /usr/local/go/bin/go ]]; then - PATH=/usr/local/go/bin:${PATH} -fi - cd $(dirname $0)/.. -result=$(find . -name "*.go" | grep -v ./Godeps | xargs gofmt -l) -for i in $result; do - echo $i -done +echo Running tests -[ -n "$result" ] && exit 1 +PACKAGES=". $(find -name '*.go' | xargs -I{} dirname {} | cut -f2 -d/ | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor|bin)' | sed -e 's!^!./!' -e 's!$!/...!')" -echo OK +go test -race -cover -tags=test ${PACKAGES} diff --git a/scripts/unit-test b/scripts/unit-test deleted file mode 100755 index 6e8e1ab9..00000000 --- a/scripts/unit-test +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -e - -cd $(dirname $0)/.. - -PACKAGES="$(find -name '*.go' | xargs -I{} dirname {} | cut -f2 -d/ | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor)' | sed -e 's!^!./!' -e 's!$!/...!')" - -go test -race -cover -tags=test $PACKAGES diff --git a/scripts/validate b/scripts/validate new file mode 100755 index 00000000..17f8372e --- /dev/null +++ b/scripts/validate @@ -0,0 +1,20 @@ +#!/bin/bash +set -e + +cd $(dirname $0)/.. + +echo Running validation + +PACKAGES=". $(find -name '*.go' | xargs -I{} dirname {} | cut -f2 -d/ | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor|bin)' | sed -e 's!^!./!' -e 's!$!/...!')" + +echo Running: go vet +go vet ${PACKAGES} +echo Running: golint +for i in ${PACKAGES}; do + if [ -n "$(golint $i | grep -v 'should have comment.*or be unexported' | tee /dev/stderr)" ]; then + failed=true + fi +done +test -z "$failed" +echo Running: go fmt +test -z "$(go fmt ${PACKAGES} | tee /dev/stderr)" diff --git a/scripts/vendor-cleanup.sh b/scripts/vendor-cleanup.sh deleted file mode 100755 index bddb5b99..00000000 --- a/scripts/vendor-cleanup.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash -set -e - -cd $(dirname $0)/.. - -package=$(go list) -prefix="${package}/vendor" -require="github.com/stretchr/testify/require" # the only test import - -imports=( ) -importsLen=${#imports[@]} - -collectImports() { - imports=( $(GOOS=linux go list -f '{{join .Deps "\n"}}' | egrep "^${prefix}/" | sed s%"^${package}.*/vendor/"%./vendor/%) ) - imports=( - "${imports[@]}" "./vendor/${require}" - $(GOOS=linux go list -f '{{join .Deps "\n"}}' "${prefix}/${require}" | egrep "^${prefix}/" | sed s%"^${package}.*/vendor/"%./vendor/%) - ) - echo importsLen: $importsLen - echo collected imports: ${#imports[@]} -} - -nonImports() { - while read path; do - skip=0 - for i in "${imports[@]}"; do - [[ "${i}" == "${path}" || ${i} = ${path}/* ]] && skip=1 && break - done - [ "$skip" == "0" ] && echo ${path} - done -} - -collectImports - -while [ ${#imports[@]} != ${importsLen} ]; do - importsLen=${#imports[@]} - echo '=====> Collected imports' - for i in "${imports[@]}"; do - echo ${i} - done - - echo '=====> Removing unused packages' - find ./vendor -type d | nonImports | xargs -I{} rm -rf {} - - echo '=====> Removing empty dirs' - emptyDirs=( $(find ./vendor -type d -empty) ) - while [ ${#emptyDirs[@]} -gt 0 ]; do - rmdir ${emptyDirs[@]} - emptyDirs=( $(find ./vendor -type d -empty) ) - done - - collectImports -done - -echo '=====> Done!' diff --git a/scripts/version b/scripts/version new file mode 100755 index 00000000..f99dbde8 --- /dev/null +++ b/scripts/version @@ -0,0 +1,24 @@ +#!/bin/bash + +if [ -n "$(git status --porcelain --untracked-files=no)" ]; then + DIRTY="-dirty" +fi + +COMMIT=$(git rev-parse --short HEAD) +GIT_TAG=$(git tag -l --contains HEAD | head -n 1) + +if [ -z "$VERSION" ]; then + if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then + VERSION=$GIT_TAG + else + VERSION="${COMMIT}${DIRTY}" + fi +fi + +export VERSION COMMIT + +# Suffix +export SUFFIX="" +if [ -n "${ARCH}" ] && [ "${ARCH}" != "amd64" ]; then + SUFFIX="_${ARCH}" +fi