rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-06-27 15:26:50 +00:00
Code Issues Releases Wiki Activity

Refactor build scripts

Browse Source
This commit is contained in:
Darren Shepherd 2016-05-06 10:12:09 -07:00
parent acc2ee297a
commit ec410addb9
103 changed files with 1310 additions and 632 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.docker-env.sample
View File

@ -1,2 +0,0 @@
DOCKER_HOST="tcp://192.168.2.2:2375"
DOCKER_TLS_VERIFY=

7
.dockerignore
View File

@ -1,15 +1,10 @@
.DS_Store
.git
.idea
.vendor
.dockerignore
bin
gopath
tmp
state
build
images/*/build
dist
Godeps/_workspace/pkg
tests/integration/.venv*
tests/integration/.tox
*/*/*/*.pyc

15
.dockerignore.dapper
View File

@ -1,15 +0,0 @@
.DS_Store
.git
.idea
.vendor
.dockerignore
bin
gopath
tmp
state
build
Godeps/_workspace/pkg
tests/integration/.venv*
tests/integration/.tox
*/*/*/*.pyc
*/*/*/__pycache__

6
.gitignore vendored
View File

@ -5,11 +5,13 @@
/build
/dist
/gopath
/images/*/build
.dockerfile
*.swp
/tests/integration/MANIFEST
/tests/integration/.venv*
/tests/integration/.tox
/tests/integration/.idea
*.pyc
__pychache__
.docker-env.*
__pycache__
.dapper

1
.package
View File

@ -1 +0,0 @@
github.com/rancher/os

11
Dockerfile.amd64
View File

@ -1,11 +0,0 @@
FROM debian:jessie
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get install -y grub2 parted kexec-tools
COPY ./scripts/installer /scripts
COPY ./build.conf /scripts/
COPY ./dist/artifacts/vmlinuz /dist/vmlinuz
COPY ./dist/artifacts/initrd /dist/initrd
ENTRYPOINT ["/scripts/lay-down-os"]

18
Dockerfile.arm64
View File

@ -1,18 +0,0 @@
FROM aarch64/debian:jessie
ENV DEBIAN_FRONTEND noninteractive
ENV ARCH arm
RUN apt-get update && apt-get install -y parted git gcc make autoconf
RUN mkdir -p /usr/local/src && \
cd /usr/local/src && \
git clone https://git.linaro.org/people/takahiro.akashi/kexec-tools.git && \
cd kexec-tools && git checkout kdump/for-14 && ./bootstrap && ./configure && make && make install
COPY ./scripts/installer /scripts
COPY ./build.conf /scripts/
COPY ./dist/artifacts/vmlinuz /dist/
COPY ./dist/artifacts/initrd /dist/
ENTRYPOINT ["/scripts/lay-down-os"]

152
Dockerfile.dapper
View File

@ -1,24 +1,32 @@
FROM rancher/os-dapper-base
FROM ubuntu:16.04
RUN apt-get update && \
apt-get -y install locales sudo vim less curl wget git rsync build-essential isolinux xorriso gccgo \
libblkid-dev libmount-dev libselinux1-dev cpio genisoimage qemu-kvm qemu python-pip ca-certificates pkg-config tox module-init-tools
ARG HOST_ARCH
ENV HOST_ARCH ${HOST_ARCH}
RUN ln -sf go-6 /usr/bin/go && mkdir -p /usr/local && cd /usr/local && \
wget -O - https://storage.googleapis.com/golang/go1.6.src.tar.gz | tar -xz && \
cd go/src && GOROOT_BOOTSTRAP=/usr GOARCH=${HOST_ARCH} GOHOSTARCH=${HOST_ARCH} ./make.bash
ENV PATH /usr/local/go/bin:$PATH
RUN mkdir -p /go/src /go/bin && chmod -R 777 /go
ENV GOPATH /go
ENV PATH /go/bin:$PATH
ARG HOST_DOCKER_BINARY_URL
ENV HOST_DOCKER_BINARY_URL ${HOST_DOCKER_BINARY_URL}
RUN wget -O - ${HOST_DOCKER_BINARY_URL} > /usr/local/bin/docker
RUN chmod +x /usr/local/bin/docker
apt-get install -y \
build-essential \
ca-certificates \
cpio \
curl \
dosfstools \
gccgo \
genisoimage \
git \
isolinux \
less \
libblkid-dev \
libmount-dev \
libselinux1-dev \
locales \
module-init-tools \
pkg-config \
python-pip \
qemu \
qemu-kvm \
rsync \
sudo \
tox \
vim \
wget \
xorriso
ENV DAPPER_DOCKER_SOCKET true
ENV DAPPER_SOURCE /go/src/github.com/rancher/os
@ -27,18 +35,95 @@ ENV DAPPER_RUN_ARGS --privileged
ENV SHELL /bin/bash
WORKDIR ${DAPPER_SOURCE}
COPY .dockerignore.dapper .dockerignore
########## General Configuration #####################
ARG ARCH=amd64
ARG DAPPER_HOST_ARCH=amd64
ARG HOST_ARCH=${DAPPER_HOST_ARCH}
CMD make
ARG OS_REPO=rancher
ARG HOSTNAME_DEFAULT=rancher
ARG DISTRIB_ID=RancherOS
ARG TOOLCHAIN
ENV TOOLCHAIN ${TOOLCHAIN}
ARG DOCKER_VERSION=1.10.3
ARG DOCKER_PATCH_VERSION=v${DOCKER_VERSION}-ros1
ARG SELINUX_POLICY_URL=https://github.com/rancher/refpolicy/releases/download/v0.0.2/policy.29
RUN if [ "${TOOLCHAIN}" != "" ] && ! which ${TOOLCHAIN}-gcc; then \
ARG KERNEL_URL_amd64=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.2.0-34.39-rancher/linux-4.2.8-ckt4-rancher-x86.tar.gz
ARG KERNEL_URL_arm64=https://github.com/imikushin/os-kernel/releases/download/Estuary-4.1.18-arm64-3/linux-4.1.18-arm64.tar.gz
ARG DOCKER_URL_amd64=https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}
ARG DOCKER_URL_arm=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm
ARG DOCKER_URL_arm64=https://github.com/rancher/docker/releases/download/${DOCKER_PATCH_VERSION}/docker-${DOCKER_VERSION}_arm64
ARG TOOLCHAIN_arm64=aarch64-linux-gnu
ARG TOOLCHAIN_arm=arm-linux-gnueabihf
ARG OS_RELEASES_YML=https://releases.rancher.com/os/releases.yml
ARG VBOX_MODULES_URL_amd64=https://github.com/rancher/os-vbox/releases/download/v0.0.2/vbox-modules.tar.gz
ARG OS_SERVICES_REPO=https://raw.githubusercontent.com/${OS_REPO}/os-services
ARG IMAGE_NAME=${OS_REPO}/os
ARG DFS_IMAGE=${OS_REPO}/docker:v${DOCKER_VERSION}
ARG OS_BASE_URL_amd64=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_amd64.tar.xz
ARG OS_BASE_URL_arm64=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_arm64.tar.xz
ARG OS_BASE_URL_arm=https://github.com/rancher/os-base/releases/download/v2016.02/os-base_arm.tar.xz
######################################################
# Set up environment
ENV DOCKER_URL DOCKER_URL_${ARCH}
ENV KERNEL_URL KERNEL_URL_${ARCH}
ENV OS_BASE_URL OS_BASE_URL_${ARCH}
ENV OS_BASE_SHA1 OS_BASE_SHA1_${ARCH}
ENV VBOX_MODULES_URL VBOX_MODULES_URL_${ARCH}
# Export all ARGS as ENV
ENV ARCH=${ARCH} DAPPER_HOST_ARCH=${DAPPER_HOST_ARCH} HOST_ARCH=${HOST_ARCH} OS_REPO=${OS_REPO} HOSTNAME_DEFAULT=${HOSTNAME_DEFAULT} DISTRIB_ID=${DISTRIB_ID} DOCKER_VERSION=${DOCKER_VERSION} DOCKER_PATCH_VERSION=${DOCKER_PATCH_VERSION} SELINUX_POLICY_URL=${SELINUX_POLICY_URL} KERNEL_URL_amd64=${KERNEL_URL_amd64} KERNEL_URL_arm64=${KERNEL_URL_arm64} DOCKER_URL_amd64=${DOCKER_URL_amd64} DOCKER_URL_arm=${DOCKER_URL_arm} DOCKER_URL_arm64=${DOCKER_URL_arm64} TOOLCHAIN_arm64=${TOOLCHAIN_arm64} TOOLCHAIN_arm=${TOOLCHAIN_arm} OS_RELEASES_YML=${OS_RELEASES_YML} VBOX_MODULES_URL=${VBOX_MODULES_URL} VBOX_MODULES_URL_amd64=${VBOX_MODULES_URL_amd64} OS_SERVICES_REPO=${OS_SERVICES_REPO} IMAGE_NAME=${IMAGE_NAME} DFS_IMAGE=${DFS_IMAGE} OS_BASE_URL=${OS_BASE_URL} OS_BASE_SHA1=${OS_BASE_SHA1} OS_BASE_URL_amd64=${OS_BASE_URL_amd64} OS_BASE_URL_arm=${OS_BASE_URL_arm} OS_BASE_URL_arm64=${OS_BASE_URL_arm64}
ENV DOWNLOADS /usr/src/downloads
RUN mkdir -p ${DOWNLOADS}
# Download kernel
RUN rm /bin/sh && ln -s /bin/bash /bin/sh
RUN if [ -n "${!KERNEL_URL}" ]; then \
curl -fL ${!KERNEL_URL} > ${DOWNLOADS}/kernel.tar.gz \
;fi
# Download SELinux Policy
RUN curl -pfL ${SELINUX_POLICY_URL} > ${DOWNLOADS}/$(basename ${SELINUX_POLICY_URL})
# VBox URL
RUN if [ -n "${!VBOX_MODULES_URL}" ]; then \
curl -pfL ${!VBOX_MODULES_URL} > ${DOWNLOADS}/vbox-modules.tar.gz \
;fi
# Install Go
RUN ln -sf go-6 /usr/bin/go && \
curl -sfL https://storage.googleapis.com/golang/go1.6.src.tar.gz | tar -xzf - -C /usr/local && \
cd /usr/local/go/src && \
GOROOT_BOOTSTRAP=/usr GOARCH=${HOST_ARCH} GOHOSTARCH=${HOST_ARCH} ./make.bash
ENV GOPATH /go
ENV PATH ${GOPATH}/bin:/usr/local/go/bin:$PATH
# Install Docker
RUN URL=DOCKER_URL_${HOST_ARCH} && \
curl -fL ${!URL} > /usr/bin/docker && \
chmod +x /usr/bin/docker
# Install Docker
RUN curl -fL ${!DOCKER_URL} > ${DOWNLOADS}/docker && \
chmod +x ${DOWNLOADS}/docker
# Install toolchain
RUN TOOLCHAIN=TOOLCHAIN_${ARCH} && \
echo export TOOLCHAIN=${!TOOLCHAIN} > /usr/src/toolchain-env
RUN source /usr/src/toolchain-env && \
if [ "${TOOLCHAIN}" != "" ] && ! which ${TOOLCHAIN}-gcc; then \
apt-get install -y gcc-${TOOLCHAIN} g++-${TOOLCHAIN} \
;fi
RUN if [ "${TOOLCHAIN}" != "" ]; then \
RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \
apt-get update && \
cd /usr/local/src && \
for i in libselinux libsepol pcre3 util-linux; do \
@ -47,7 +132,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \
;done \
;fi
RUN if [ "${TOOLCHAIN}" != "" ]; then \
RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \
cd /usr/local/src/pcre3-* && \
autoreconf && \
CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ ./configure --host=${TOOLCHAIN} --prefix=/usr/${TOOLCHAIN} && \
@ -55,7 +140,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \
make install \
;fi
RUN if [ "${TOOLCHAIN}" != "" ]; then \
RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \
cd /usr/local/src/libselinux-* && \
CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ make CFLAGS=-Wall && \
make PREFIX=/usr/${TOOLCHAIN} DESTDIR=/usr/${TOOLCHAIN} install && \
@ -64,7 +149,7 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \
make PREFIX=/usr/${TOOLCHAIN} DESTDIR=/usr/${TOOLCHAIN} install \
;fi
RUN if [ "${TOOLCHAIN}" != "" ]; then \
RUN source /usr/src/toolchain-env; if [ "${TOOLCHAIN}" != "" ]; then \
cd /usr/local/src/util-linux-* && \
autoreconf && \
CC=${TOOLCHAIN}-gcc CXX=${TOOLCHAIN}-g++ ./configure --host=${TOOLCHAIN} --prefix=/usr/${TOOLCHAIN} \
@ -77,5 +162,12 @@ RUN if [ "${TOOLCHAIN}" != "" ]; then \
make install \
;fi
RUN apt-get update && \
apt-get -y install dosfstools
ENV GOARCH $ARCH
ENV DAPPER_OUTPUT ./bin ./dist ./build/os-config.yml ./build/initrd
RUN curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > /usr/bin/dapper && \
chmod +x /usr/bin/dapper
ENTRYPOINT ["./scripts/entry"]
CMD ["ci"]

117
Makefile
View File

@ -1,104 +1,33 @@
FORCE_PULL := 0
DEV_BUILD := 0
HOST_ARCH := amd64
ARCH := amd64
SUFFIX := $(if $(filter-out amd64,$(ARCH)),_$(ARCH))
TARGETS := $(shell ls scripts | grep -vE 'clean|run')
include build.conf
include build.conf.$(ARCH)
.dapper:
@echo Downloading dapper
@curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > .dapper.tmp
@@chmod +x .dapper.tmp
@./.dapper.tmp -v
@mv .dapper.tmp .dapper
$(TARGETS): .dapper
./.dapper $@
bin/ros:
mkdir -p $(dir $@)
ARCH=$(ARCH) VERSION=$(VERSION) ./scripts/mk-ros.sh $@
trash: .dapper
./.dapper -m bind trash
build/host_ros: bin/ros
mkdir -p $(dir $@)
ifeq "$(ARCH)" "$(HOST_ARCH)"
ln -sf ../bin/ros $@
else
ARCH=$(HOST_ARCH) TOOLCHAIN= VERSION=$(VERSION) ./scripts/mk-ros.sh $@
endif
trash-keep: .dapper
./.dapper -m bind trash -k
deps: trash
assets/docker:
mkdir -p $(dir $@)
wget -O - "$(DOCKER_BINARY_URL)" > $@
chmod +x $@
build/initrd/.id:
dapper prepare
assets/selinux/policy.29:
mkdir -p $(dir $@)
wget -O - "$(SELINUX_POLICY_URL)" > $@
run: build/initrd/.id
dapper -m bind build-target
./scripts/run
assets/modules.tar.gz:
mkdir -p $(dir $@)
ifeq "$(ARCH)" "amd64"
curl -L "$(VBOX_MODULES_URL)" > $@
else
touch $@
endif
clean:
@./scripts/clean
ifdef COMPILED_KERNEL_URL
.DEFAULT_GOAL := ci
installer: minimal
docker build -t $(IMAGE_NAME):$(VERSION)$(SUFFIX) -f Dockerfile.$(ARCH) .
dist/artifacts/vmlinuz: build/kernel/
mkdir -p $(dir $@)
mv $(or $(wildcard build/kernel/boot/vmlinuz*), $(wildcard build/kernel/boot/vmlinux*)) $@
build/kernel/:
mkdir -p $@
wget -O - "$(COMPILED_KERNEL_URL)" | tar -xzf - -C $@
dist/artifacts/initrd: bin/ros assets/docker assets/selinux/policy.29 build/kernel/ build/images.tar assets/modules.tar.gz
mkdir -p $(dir $@)
SUFFIX=$(SUFFIX) DFS_IMAGE=$(DFS_IMAGE) DEV_BUILD=$(DEV_BUILD) \
KERNEL_RELEASE=$(KERNEL_RELEASE) ARCH=$(ARCH) ./scripts/mk-initrd.sh $@
dist/artifacts/rancheros.iso: minimal
./scripts/mk-rancheros-iso.sh
all: minimal installer iso
initrd: dist/artifacts/initrd
minimal: initrd dist/artifacts/vmlinuz
iso: dist/artifacts/rancheros.iso dist/artifacts/iso-checksums.txt
test: minimal
./scripts/unit-test
cd tests/integration && HOST_ARCH=$(HOST_ARCH) ARCH=$(ARCH) tox
.PHONY: all minimal initrd iso installer test
endif
build/os-config.yml: build/host_ros
ARCH=$(ARCH) VERSION=$(VERSION) ./scripts/gen-os-config.sh $@
build/images.tar: build/host_ros build/os-config.yml
ARCH=$(ARCH) FORCE_PULL=$(FORCE_PULL) ./scripts/mk-images-tar.sh
dist/artifacts/rootfs.tar.gz: bin/ros assets/docker build/images.tar assets/selinux/policy.29 assets/modules.tar.gz
mkdir -p $(dir $@)
SUFFIX=$(SUFFIX) DFS_IMAGE=$(DFS_IMAGE) DEV_BUILD=$(DEV_BUILD) IS_ROOTFS=1 ./scripts/mk-initrd.sh $@
dist/artifacts/iso-checksums.txt: dist/artifacts/rancheros.iso
./scripts/mk-iso-checksums-txt.sh
version:
@echo $(VERSION)
rootfs: dist/artifacts/rootfs.tar.gz
.PHONY: rootfs version bin/ros
.PHONY: $(TARGETS)

0
assets/selinux/failsafe_context → assets/selinux/ros/contexts/failsafe_context
View File

0
assets/selinux/lxc_contexts → assets/selinux/ros/contexts/lxc_contexts
View File

0
assets/selinux/seusers → assets/selinux/ros/seusers
View File

8
build.conf
View File

@ -1,8 +0,0 @@
IMAGE_NAME=rancher/os
VERSION=v0.4.4-dev
DFS_IMAGE=rancher/docker:v1.10.3
SELINUX_POLICY_URL=https://github.com/rancher/refpolicy/releases/download/v0.0.2/policy.29
HOSTNAME_DEFAULT=rancher
OS_IMAGES_ROOT=rancher
OS_SERVICES_REPO=https://raw.githubusercontent.com/rancher/os-services

7
build.conf.amd64
View File

@ -1,7 +0,0 @@
DAPPER_BASE=ubuntu:16.04
TOOLCHAIN= #empty
COMPILED_KERNEL_URL=https://github.com/rancher/os-kernel/releases/download/Ubuntu-4.2.0-34.39-rancher/linux-4.2.8-ckt4-rancher-x86.tar.gz
DOCKER_BINARY_URL=https://get.docker.com/builds/Linux/x86_64/docker-1.10.3
OS_RELEASES_YML=https://releases.rancher.com/os/releases.yml
VBOX_MODULES_URL=https://github.com/rancher/os-vbox/releases/download/v0.0.2/vbox-modules.tar.gz

6
build.conf.arm
View File

@ -1,6 +0,0 @@
DAPPER_BASE=armhf/ubuntu:16.04
TOOLCHAIN=arm-linux-gnueabihf
COMPILED_KERNEL_URL= #empty
DOCKER_BINARY_URL=https://github.com/rancher/docker/releases/download/v1.10.3-ros1/docker-1.10.3_arm
OS_RELEASES_YML=https://releases.rancher.com/os/releases_arm.yml

6
build.conf.arm64
View File

@ -1,6 +0,0 @@
DAPPER_BASE=aarch64/ubuntu:16.04
TOOLCHAIN=aarch64-linux-gnu
COMPILED_KERNEL_URL=https://github.com/imikushin/os-kernel/releases/download/Estuary-4.1.18-arm64-3/linux-4.1.18-arm64.tar.gz
DOCKER_BINARY_URL=https://github.com/rancher/docker/releases/download/v1.10.3-ros1/docker-1.10.3_arm64
OS_RELEASES_YML=https://releases.rancher.com/os/releases_arm64.yml

20
build.sh
View File

@ -1,20 +0,0 @@
#!/bin/bash
set -e
export ARCH=${ARCH:-amd64}
cd $(dirname $0)
if [ "$1" != "--dev" ]; then
echo
echo Running \"production\" build. Will use lzma to compress initrd, which is somewhat slow...
echo Ctrl+C if you don\'t want this.
echo
echo For \"developer\" builds, run ./build.sh --dev
echo
./scripts/make.sh all
else
./scripts/make.sh DEV_BUILD=1 all
fi
ls -lh dist/artifacts

2
images/00-rootfs/.dockerignore Normal file
View File

@ -0,0 +1,2 @@
assets
build/dist/kernel

2
images/00-rootfs/Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM scratch
ADD build/rootfs.tar /

36
images/01-base/Dockerfile Normal file
View File

@ -0,0 +1,36 @@
FROM rancher/os-rootfs
RUN ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# Cleanup Buildroot
RUN rm /sbin/poweroff /sbin/reboot /sbin/halt && \
sed -i '/^root/s!/bin/sh!/bin/bash!' /etc/passwd && \
echo 'RancherOS \n \l' > /etc/issue && \
rm -rf /run \
/linuxrc \
/etc/os-release \
/var/cache \
/var/lock \
/var/log \
/var/run \
/var/spool \
/var/lib/misc && \
mkdir -p \
/home \
/run \
/var/cache \
/var/lock \
/var/log \
/var/run \
/var/spool && \
passwd -l root && \
addgroup -g 1100 rancher && \
addgroup -g 1101 docker && \
addgroup -g 1103 sudo && \
adduser -u 1100 -G rancher -D -h /home/rancher -s /bin/bash rancher && \
adduser -u 1101 -G docker -D -h /home/docker -s /bin/bash docker && \
sed -i 's/\(^docker.*\)/\1rancher/g' /etc/group && \
sed -i 's/\(^sudo.*\)/\1rancher,docker/g' /etc/group && \
echo '%sudo ALL=(ALL) ALL' >> /etc/sudoers
COPY inputrc /etc/inputrc
COPY entry.sh /usr/sbin/entry.sh
ENTRYPOINT ["/usr/sbin/entry.sh"]

14
images/01-base/entry.sh Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
if [ -e /host/dev ]; then
mount --rbind /host/dev /dev
fi
CA_BASE=/etc/ssl/certs/ca-certificates.crt.rancher
CA=/etc/ssl/certs/ca-certificates.crt
if [[ -e ${CA_BASE} && ! -e ${CA} ]]; then
cp $CA_BASE $CA
fi
exec "$@"

67
images/01-base/inputrc Normal file
View File

@ -0,0 +1,67 @@
# /etc/inputrc - global inputrc for libreadline
# See readline(3readline) and `info rluserman' for more information.
# Be 8 bit clean.
set input-meta on
set output-meta on
# To allow the use of 8bit-characters like the german umlauts, uncomment
# the line below. However this makes the meta key not work as a meta key,
# which is annoying to those which don't need to type in 8-bit characters.
# set convert-meta off
# try to enable the application keypad when it is called. Some systems
# need this to enable the arrow keys.
# set enable-keypad on
# see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
# do not bell on tab-completion
# set bell-style none
# set bell-style visible
# some defaults / modifications for the emacs mode
$if mode=emacs
# allow the use of the Home/End keys
"\e[1~": beginning-of-line
"\e[4~": end-of-line
# allow the use of the Delete/Insert keys
"\e[3~": delete-char
"\e[2~": quoted-insert
# mappings for "page up" and "page down" to step to the beginning/end
# of the history
# "\e[5~": beginning-of-history
# "\e[6~": end-of-history
# alternate mappings for "page up" and "page down" to search the history
# "\e[5~": history-search-backward
# "\e[6~": history-search-forward
# mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
"\e[1;5C": forward-word
"\e[1;5D": backward-word
"\e[5C": forward-word
"\e[5D": backward-word
"\e\e[C": forward-word
"\e\e[D": backward-word
$if term=rxvt
"\e[7~": beginning-of-line
"\e[8~": end-of-line
"\eOc": forward-word
"\eOd": backward-word
$endif
# for non RH/Debian xterm, can't hurt for RH/Debian xterm
# "\eOH": beginning-of-line
# "\eOF": end-of-line
# for freebsd console
# "\e[H": beginning-of-line
# "\e[F": end-of-line
$endif

2
images/02-acpid/Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM rancher/os-base
CMD ["/usr/sbin/acpid", "-f"]

4
images/02-autoformat/Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM rancher/os-base
COPY auto-format.sh /usr/sbin/
COPY od-1m0 /
ENTRYPOINT ["/usr/sbin/auto-format.sh"]

67
images/02-autoformat/auto-format.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
set -ex
MAGIC=${MAGIC:-"boot2docker, please format-me"}
AUTOFORMAT=${AUTOFORMAT:-"/dev/sda /dev/vda"}
DEVS=(${AUTOFORMAT})
FORMATZERO=${FORMATZERO:-false}
for dev in ${DEVS[@]}; do
if [ -b "${dev}" ]; then
# Test for our magic string (it means that the disk was made by ./boot2docker init)
HEADER=`dd if=${dev} bs=1 count=${#MAGIC} 2>/dev/null`
if [ "$HEADER" = "$MAGIC" ]; then
# save the preload userdata.tar file
dd if=${dev} of=/userdata.tar bs=1 count=8192
elif [ "${FORMATZERO}" != "true" ]; then
# do not try to guess whether to auto-format a disk beginning with 1MB filled with 00
continue
elif ! od -A d -N 1048576 ${dev} | head -n 3 | diff ./od-1m0 - >/dev/null 2>&1; then
# do not auto-format if the disk does not begin with 1MB filled with 00
continue
fi
mkfs.ext4 -L RANCHER_STATE ${dev}
if [ -e "/userdata.tar" ]; then
mkdir -p /mnt/new-root
mount -t ext4 ${dev} /mnt/new-root
pushd /mnt/new-root
mkdir -p ./var/lib/rancher/conf/cloud-config.d
echo $(tar -xvf /userdata.tar)
AUTHORIZED_KEY1=$(cat ./.ssh/authorized_keys)
AUTHORIZED_KEY2=$(cat ./.ssh/authorized_keys2)
tee ./var/lib/rancher/conf/cloud-config.d/machine.yml << EOF
#cloud-config
rancher:
network:
interfaces:
eth0:
dhcp: true
eth1:
dhcp: true
lo:
address: 127.0.0.1/8
ssh_authorized_keys:
- ${AUTHORIZED_KEY1}
- ${AUTHORIZED_KEY2}
users:
- name: docker
ssh_authorized_keys:
- ${AUTHORIZED_KEY1}
- ${AUTHORIZED_KEY2}
EOF
popd
umount /mnt/new-root
fi
# do not check another device
break
fi
done

3
images/02-autoformat/od-1m0 Normal file
View File

@ -0,0 +1,3 @@
0000000 000000 000000 000000 000000 000000 000000 000000 000000
*
1048576

3
images/02-cloudinit/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY cloud-init.sh /
CMD ["/cloud-init.sh"]

15
images/02-cloudinit/cloud-init.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -x -e
MOUNT_POINT=/media/config-2
CONFIG_DEV=$(ros dev "LABEL=config-2")
mkdir -p ${MOUNT_POINT}
if [ -e "${CONFIG_DEV}" ]; then
mount -t iso9660,vfat ${CONFIG_DEV} ${MOUNT_POINT}
else
mount -t 9p -o trans=virtio,version=9p2000.L config-2 ${MOUNT_POINT} 2>/dev/null || true
fi
cloud-init -save -network=${CLOUD_INIT_NETWORK:-true}

13
images/02-console/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
FROM rancher/os-base
COPY console.sh docker-init update-ssh-keys rancheros-install /usr/sbin/
COPY build/lsb-release /etc/
RUN sed -i 's/rancher:!/rancher:*/g' /etc/shadow && \
sed -i 's/docker:!/docker:*/g' /etc/shadow && \
sed -i 's/#ClientAliveInterval 0/ClientAliveInterval 180/g' /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
COPY prompt.sh /etc/profile.d/
CMD ["/usr/sbin/console.sh"]

142
images/02-console/console.sh Executable file
View File

@ -0,0 +1,142 @@
#!/bin/bash
set -e -x
setup_ssh()
{
for i in rsa dsa ecdsa ed25519; do
local output=/etc/ssh/ssh_host_${i}_key
if [ ! -e $output ]; then
local saved="$(ros config get rancher.ssh.keys.${i})"
local pub="$(ros config get rancher.ssh.keys.${i}-pub)"
if [[ -n "$saved" && -n "$pub" ]]; then
(
umask 477
echo "$saved" > ${output}
echo "$pub" > ${output}.pub
)
else
ssh-keygen -f $output -N '' -t $i
ros config set -- rancher.ssh.keys.${i} "$(<${output})"
ros config set -- rancher.ssh.keys.${i}-pub "$(<${output}.pub)"
fi
fi
done
mkdir -p /var/run/sshd
}
setup_cgroup()
{
local cgroup=$(grep name=systemd /proc/$$/cgroup | cut -f3 -d:)
if [ -n "$cgroup" ]; then
mkdir -p /sys/fs/cgroup/systemd${cgroup}
fi
}
setup_cgroup || true
RANCHER_HOME=/home/rancher
if [ ! -d ${RANCHER_HOME} ]; then
mkdir -p ${RANCHER_HOME}
chown rancher:rancher ${RANCHER_HOME}
chmod 2755 ${RANCHER_HOME}
fi
DOCKER_HOME=/home/docker
if [ ! -d ${DOCKER_HOME} ]; then
mkdir -p ${DOCKER_HOME}
chown docker:docker ${DOCKER_HOME}
chmod 2755 ${DOCKER_HOME}
fi
echo 1000000000 > /proc/sys/fs/file-max
for i in $(</proc/cmdline); do
case $i in
rancher.password=*)
PASSWORD=$(echo $i | sed 's/rancher.password=//')
;;
esac
done
if [ -n "$PASSWORD" ]; then
echo "rancher:$PASSWORD" | chpasswd
fi
setup_ssh
cat > /etc/respawn.conf << EOF
/sbin/getty 115200 tty6
/sbin/getty 115200 tty5
/sbin/getty 115200 tty4
/sbin/getty 115200 tty3
/sbin/getty 115200 tty2
/sbin/getty 115200 tty1
/usr/sbin/sshd -D
EOF
for i in ttyS{0..4} tty0 ttyAMA0; do
if grep -q 'console='$i /proc/cmdline; then
echo '/sbin/getty 115200' $i >> /etc/respawn.conf
fi
done
if ! grep -q '^UseDNS no' /etc/ssh/sshd_config; then
echo "UseDNS no" >> /etc/ssh/sshd_config
fi
if ! grep -q '^PermitRootLogin no' /etc/ssh/sshd_config; then
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
fi
if ! grep -q '^ServerKeyBits 2048' /etc/ssh/sshd_config; then
echo "ServerKeyBits 2048" >> /etc/ssh/sshd_config
fi
if ! grep -q '^AllowGroups docker' /etc/ssh/sshd_config; then
echo "AllowGroups docker" >> /etc/ssh/sshd_config
fi
VERSION="$(ros os version)"
ID_TYPE="busybox"
if [ -e /etc/os-release ] && grep -q 'ID_LIKE=' /etc/os-release; then
ID_TYPE=$(grep 'ID_LIKE=' /etc/os-release | cut -d'=' -f2)
fi
cat > /etc/os-release << EOF
NAME="RancherOS"
VERSION=$VERSION
ID=rancheros
ID_LIKE=$ID_TYPE
VERSION_ID=$VERSION
PRETTY_NAME="RancherOS"
HOME_URL=
SUPPORT_URL=
BUG_REPORT_URL=
BUILD_ID=
EOF
echo 'RancherOS \n \l' > /etc/issue
echo $(/sbin/ifconfig | grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) { print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F: '{ print $1 ": " $3}') >> /etc/issue
cloud-init -execute
if [ -x /var/lib/rancher/conf/cloud-config-script ]; then
echo "Running /var/lib/rancher/conf/cloud-config-script"
/var/lib/rancher/conf/cloud-config-script || true
fi
if [ -x /opt/rancher/bin/start.sh ]; then
echo Executing custom script
/opt/rancher/bin/start.sh || true
fi
touch /run/console-done
if [ -x /etc/rc.local ]; then
echo Executing rc.local
/etc/rc.local || true
fi
exec respawn -f /etc/respawn.conf

16
images/02-console/docker-init Executable file
View File

@ -0,0 +1,16 @@
#!/bin/bash
if [ -e /var/lib/rancher/conf/docker ]; then
source /var/lib/rancher/conf/docker
fi
while [ ! -e /run/console-done ]; do
sleep 1
done
DOCKER_BIN=$(which docker) || DOCKER_BIN=/usr/bin/docker
if [ "$DOCKER_BIN" == "/usr/bin/docker" ] && [ -e /usr/local/bin/docker ]; then
DOCKER_BIN=/usr/local/bin/docker
fi
exec /usr/bin/dockerlaunch $DOCKER_BIN "$@" $DOCKER_OPTS >/var/log/docker.log 2>&1

15
images/02-console/prebuild.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -e
VERSION=${VERSION:?"VERSION not set"}
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cat > ./build/lsb-release << EOF
DISTRIB_ID=${DISTRIB_ID}
DISTRIB_RELEASE=${VERSION}
DISTRIB_DESCRIPTION="${DISTRIB_ID} ${VERSION}"
EOF

1
images/02-console/prompt.sh Normal file
View File

@ -0,0 +1 @@
export PS1='[\u@\h \W]\$ '

9
images/02-console/rancheros-install Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
set -e
cat <<EOF
As of RancherOS v0.4.0 'rancheros-install' is obsolete.
Please use 'ros install' instead.
EOF
exit 1

20
images/02-console/update-ssh-keys Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
USERNAME=$1
HOME_DIR=$(grep ^$USERNAME /etc/passwd | cut -f6 -d:)
if [ ! -d $HOME_DIR/.ssh ]; then
mkdir -p $HOME_DIR/.ssh
chmod 0700 $HOME_DIR/.ssh
fi
if [ ! -e $HOME_DIR/.ssh/authorized_keys ]; then
touch $HOME_DIR/.ssh/authorized_keys
chmod 0600 $HOME_DIR/.ssh/authorized_keys
fi
if ! grep -q "$2" $HOME_DIR/.ssh/authorized_keys; then
echo "$2" >> $HOME_DIR/.ssh/authorized_keys
fi
chown -R $USERNAME $HOME_DIR/.ssh

2
images/02-docker/Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM rancher/os-base
CMD ["/usr/bin/user-docker"]

3
images/02-extras/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY extra.sh /
CMD ["/extra.sh"]

18
images/02-extras/extra.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
set -e
DIR=$(readlink /lib/modules/$(uname -r)/build)
STAMP=/lib/modules/$(uname -r)/.extra-done
VER=$(basename $DIR)
URL=https://github.com/rancher/os-kernel/releases/download/${VER}/extra.tar.gz
if [ -e $STAMP ]; then
echo Kernel extras already installed in $DIR
exit 0
fi
echo Downloading $URL
wget -O - $URL | gzip -dc | tar xf - -C /
touch $STAMP
echo Kernel extras installed at $DIR

3
images/02-headers/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY headers.sh /
CMD ["/headers.sh"]

19
images/02-headers/headers.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/bash
set -e
DIR=$(readlink /lib/modules/$(uname -r)/build)
STAMP=${DIR}/.done
VER=$(basename $DIR)
URL=https://github.com/rancher/os-kernel/releases/download/${VER}/build.tar.gz
if [ -e $STAMP ]; then
echo Headers already installed in $DIR
exit 0
fi
echo Downloading $URL
mkdir -p $DIR
wget -O - $URL | gzip -dc | tar xf - -C $DIR
touch $STAMP
echo Headers installed at $DIR

3
images/02-network/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY network.sh /
CMD ["/network.sh"]

4
images/02-network/network.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/bash
set -x -e
netconf -daemon=${DAEMON:-false}

3
images/02-ntp/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY ntp.sh /
CMD ["/ntp.sh"]

3
images/02-ntp/ntp.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/bash
exec ntpd --nofork -g

4
images/02-preload/Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM rancher/os-base
RUN ln -sf /usr/bin/docker.dist /usr/bin/docker
COPY preload.sh /
CMD ["/preload.sh"]

39
images/02-preload/preload.sh Executable file
View File

@ -0,0 +1,39 @@
#!/bin/bash
set -e
BASE=${1:-${PRELOAD_DIR}}
BASE=${BASE:-/mnt/preload}
should_load() {
file=${1}
if [[ ${file} =~ \.done$ ]]; then echo false
elif [ -f ${file} ]; then
if [[ ${file} -nt ${file}.done ]]; then echo true
else echo false
fi
else echo false
fi
}
if [ -d ${BASE} ]; then
echo Preloading docker images from ${BASE}...
for file in $(ls ${BASE}); do
path=${BASE}/${file}
loading=$(should_load ${path})
if [ ${loading} == "true" ]; then
CAT="cat ${path}"
if [[ ${file} =~ \.t?gz$ ]]; then CAT="${CAT} | gunzip"; fi
if [[ ${file} =~ \.t?xz$ ]]; then CAT="${CAT} | unxz"; fi
CAT="${CAT} | docker load"
echo loading from ${path}
eval ${CAT} || :
touch ${path}.done || :
fi
done
echo Done.
else
echo Can not preload images from ${BASE}: not a dir or does not exist.
fi

2
images/02-state/Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM rancher/os-base
CMD ["echo"]

3
images/02-statescript/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY state.sh /usr/sbin/
CMD ["/usr/sbin/state.sh"]

12
images/02-statescript/state.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -x
if [ "$(ros config get rancher.state.mdadm_scan)" = "true" ]; then
mdadm --assemble --scan
fi
ros config get rancher.state.script > config.sh
if [ -s config.sh ]; then
chmod +x config.sh
exec ./config.sh
fi

4
images/02-syslog/Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM rancher/os-base
COPY syslog.sh /
RUN sed -i 1,10d /etc/rsyslog.conf
CMD ["/syslog.sh"]

5
images/02-syslog/syslog.sh Executable file
View File

@ -0,0 +1,5 @@
#!bin/bash
set -x -e
exec rsyslogd -n

3
images/02-udev/Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM rancher/os-base
COPY udev.sh /
CMD ["/udev.sh"]

18
images/02-udev/udev.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
if [ "$DAEMON" = true ]; then
exec udevd
fi
udevd --daemon
udevadm trigger --action=add
udevadm settle
if [ "$BOOTSTRAP" = true ]; then
# This was needed to get USB devices to fully register
# There is probably a better way to do this
killall udevd
udevd --daemon
udevadm trigger --action=add
udevadm settle
fi

2
images/03-rescue/Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM rancher/os-console
CMD ["/bin/sh"]

22
images/10-centosconsole/Dockerfile Normal file
View File

@ -0,0 +1,22 @@
FROM rancher/os-centosconsole-base
# FROM amd64=centos:7 arm64=skip arm=armhfbuild/centos:7
RUN yum upgrade -y && \
yum install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop
RUN rm -rf /etc/ssh/*key*
RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt
RUN ln -s /sbin/agetty /sbin/getty
COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/
RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8
RUN groupadd --gid 1100 rancher && \
groupadd --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
COPY prompt.sh /etc/profile.d/
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

12
images/10-centosconsole/prebuild.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -e
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cp ./../01-base/entry.sh ./build/
cp ./../02-console/console.sh ./build/
cp ./../02-console/docker-init ./build/
cp ./../02-console/update-ssh-keys ./build/
cp ./../02-console/rancheros-install ./build/

1
images/10-centosconsole/prompt.sh Normal file
View File

@ -0,0 +1 @@
export PS1='[\u@\h \W]\$ '

21
images/10-debianconsole/Dockerfile Normal file
View File

@ -0,0 +1,21 @@
FROM rancher/os-debianconsole-base
# FROM amd64=debian:jessie arm64=aarch64/debian:jessie arm=resin/rpi-raspbian:jessie
RUN apt-get update && \
apt-get upgrade --no-install-recommends -y && \
apt-get install -y --no-install-recommends iptables openssh-server rsync locales sudo vim less curl ca-certificates psmisc htop
RUN rm -rf /etc/ssh/*key*
RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt
COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/
RUN locale-gen en_US.UTF-8
RUN addgroup --gid 1100 rancher && \
addgroup --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

12
images/10-debianconsole/prebuild.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -e
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cp ./../01-base/entry.sh ./build/
cp ./../02-console/console.sh ./build/
cp ./../02-console/docker-init ./build/
cp ./../02-console/update-ssh-keys ./build/
cp ./../02-console/rancheros-install ./build/

22
images/10-fedoraconsole/Dockerfile Normal file
View File

@ -0,0 +1,22 @@
FROM rancher/os-fedoraconsole-base
# FROM amd64=fedora:23 arm64=rancher/aarch64-fedora:23 arm=armv7/armhf-fedora:23
RUN dnf upgrade -y && \
dnf install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop
RUN rm -rf /etc/ssh/*key*
RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt
RUN ln -s /sbin/agetty /sbin/getty
COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/
RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8
RUN groupadd --gid 1100 rancher && \
groupadd --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
COPY prompt.sh /etc/profile.d/
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

12
images/10-fedoraconsole/prebuild.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -e
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cp ./../01-base/entry.sh ./build/
cp ./../02-console/console.sh ./build/
cp ./../02-console/docker-init ./build/
cp ./../02-console/update-ssh-keys ./build/
cp ./../02-console/rancheros-install ./build/

1
images/10-fedoraconsole/prompt.sh Normal file
View File

@ -0,0 +1 @@
export PS1='[\u@\h \W]\$ '

7
images/10-resizefs/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
FROM rancher/os-resizefs-base
# FROM amd64=ubuntu:14.04.4 arm64=aarch64/ubuntu:14.04 arm=armhf/ubuntu:14.04
RUN apt-get update && \
apt-get install -y --no-install-recommends cloud-guest-utils parted && \
apt-get clean && rm -rf /var/lib/apt/lists/*
COPY resizefs.sh /
ENTRYPOINT ["/resizefs.sh"]

22
images/10-resizefs/resizefs.sh Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
set -ex
RESIZE_DEV=${RESIZE_DEV:?"RESIZE_DEV not set."}
STAMP=/var/log/resizefs.done
if [ -e "${STAMP}" ]; then
echo FS already resized.
exit 0
fi
# TODO: rm hardcoded partition number, maybe identify RANCHER_STATE partition (can be the whole device)
if [ -b "${RESIZE_DEV}" ]; then
growpart ${RESIZE_DEV} 1 || : # ignore error "NOCHANGE: partition 1 is size NNN. it cannot be grown"
partprobe ${RESIZE_DEV}
resize2fs ${RESIZE_DEV}1
else
echo "Block device expected: ${RESIZE_DEV} is not."
exit 1
fi
touch $STAMP

28
images/10-selinuxtools/Dockerfile Normal file
View File

@ -0,0 +1,28 @@
FROM rancher/os-fedoraconsole-base
RUN dnf upgrade -y && \
dnf install -y iptables openssh-server rsync sudo vim less ca-certificates psmisc htop
RUN rm -rf /etc/ssh/*key*
RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt
RUN ln -s /sbin/agetty /sbin/getty
COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/
RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8
RUN groupadd --gid 1100 rancher && \
groupadd --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,wheel -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,wheel -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
COPY prompt.sh /etc/profile.d/
RUN dnf install -y git make gcc findutils selinux-policy-devel setools-console setools-devel
RUN git clone https://github.com/rancher/refpolicy.git /usr/src/refpolicy
RUN cd /usr/src/refpolicy && git submodule init && git submodule update && \
sed -i '/MONOLITHIC = y/c\MONOLITHIC = n' build.conf && \
make conf && make && make install-headers
ENTRYPOINT ["/usr/sbin/entry.sh"]

12
images/10-selinuxtools/prebuild.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -e
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cp ./../01-base/entry.sh ./build/
cp ./../02-console/console.sh ./build/
cp ./../02-console/docker-init ./build/
cp ./../02-console/update-ssh-keys ./build/
cp ./../02-console/rancheros-install ./build/

1
images/10-selinuxtools/prompt.sh Normal file
View File

@ -0,0 +1 @@
export PS1='[\u@\h \W]\$ '

21
images/10-ubuntuconsole/Dockerfile Normal file
View File

@ -0,0 +1,21 @@
FROM rancher/os-ubuntuconsole-base
# FROM amd64=ubuntu:14.04.4 arm64=aarch64/ubuntu:14.04 arm=armhf/ubuntu:14.04
RUN apt-get update && \
apt-get upgrade --no-install-recommends -y && \
apt-get install -y --no-install-recommends iptables openssh-server rsync vim curl ca-certificates psmisc htop
RUN rm -rf /etc/ssh/*key*
RUN rm -fr /sbin/poweroff /sbin/shutdown /sbin/reboot /sbin/halt /usr/sbin/poweroff /usr/sbin/shutdown /usr/sbin/reboot /usr/sbin/halt
COPY build/entry.sh build/console.sh build/docker-init build/update-ssh-keys build/rancheros-install /usr/sbin/
RUN locale-gen en_US.UTF-8
RUN addgroup --gid 1100 rancher && \
addgroup --gid 1101 docker && \
useradd -u 1100 -g rancher -G docker,sudo -m -s /bin/bash rancher && \
useradd -u 1101 -g docker -G docker,sudo -m -s /bin/bash docker && \
echo ClientAliveInterval 180 >> /etc/ssh/sshd_config && \
echo '## allow password less for rancher user' >> /etc/sudoers && \
echo 'rancher ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
echo '## allow password less for docker user' >> /etc/sudoers && \
echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
ln -sf /usr/bin/docker.dist /usr/bin/docker
ENTRYPOINT ["/usr/sbin/entry.sh"]
CMD ["/usr/sbin/console.sh"]

12
images/10-ubuntuconsole/prebuild.sh Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -e
cd $(dirname $0)
rm -rf ./build
mkdir -p ./build
cp ./../01-base/entry.sh ./build/
cp ./../02-console/console.sh ./build/
cp ./../02-console/docker-init ./build/
cp ./../02-console/update-ssh-keys ./build/
cp ./../02-console/rancheros-install ./build/

50
os-config.tpl.yml
View File

@ -2,7 +2,7 @@ default_hostname: {{.HOSTNAME_DEFAULT}}
rancher:
bootstrap:
state-script:
image: {{.OS_IMAGES_ROOT}}/os-statescript:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-statescript:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.scope: system
@ -18,7 +18,7 @@ rancher:
- /usr/bin/ros:/usr/bin/ros:ro
- /usr/share/ros:/usr/share/ros:ro
udev-bootstrap:
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}}
environment:
- BOOTSTRAP=true
labels:
@ -34,7 +34,7 @@ rancher:
- /lib/firmware:/lib/firmware
autoformat:
autoformat:
image: {{.OS_IMAGES_ROOT}}/os-autoformat:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-autoformat:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.scope: system
@ -42,7 +42,7 @@ rancher:
net: none
privileged: true
udev-autoformat:
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.scope: system
@ -75,7 +75,7 @@ rancher:
services:
{{if eq "amd64" .ARCH -}}
acpid:
image: {{.OS_IMAGES_ROOT}}/os-acpid:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-acpid:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
net: host
@ -86,7 +86,7 @@ rancher:
- system-volumes
{{end -}}
all-volumes:
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.createonly: "true"
io.rancher.os.scope: system
@ -100,7 +100,7 @@ rancher:
- user-volumes
- system-volumes
cloud-init:
image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.reloadconfig: "true"
@ -113,7 +113,7 @@ rancher:
- command-volumes
- system-volumes
cloud-init-pre:
image: {{.OS_IMAGES_ROOT}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-cloudinit:{{.VERSION}}{{.SUFFIX}}
environment:
- CLOUD_INIT_NETWORK=false
labels:
@ -128,7 +128,7 @@ rancher:
- command-volumes
- system-volumes
command-volumes:
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.createonly: "true"
io.rancher.os.scope: system
@ -152,7 +152,7 @@ rancher:
- /usr/bin/ros:/usr/sbin/wait-for-network:ro
- /usr/bin/ros:/usr/sbin/wait-for-docker:ro
console:
image: {{.OS_IMAGES_ROOT}}/os-console:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-console:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.after: wait-for-network
@ -168,7 +168,7 @@ rancher:
volumes:
- /usr/bin/iptables:/sbin/iptables:ro
container-data-volumes:
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.createonly: "true"
io.rancher.os.scope: system
@ -181,7 +181,7 @@ rancher:
- /var/lib/system-docker:/var/lib/system-docker
- /var/lib/rkt:/var/lib/rkt
network-pre:
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.after: cloud-init-pre
@ -193,7 +193,7 @@ rancher:
- command-volumes
- system-volumes
network:
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.after: cloud-init
@ -207,7 +207,7 @@ rancher:
- command-volumes
- system-volumes
wait-for-network-pre:
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}}
command: wait-for-network
labels:
io.rancher.os.detach: "false"
@ -219,7 +219,7 @@ rancher:
- command-volumes
- system-volumes
wait-for-network:
image: {{.OS_IMAGES_ROOT}}/os-network:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-network:{{.VERSION}}{{.SUFFIX}}
command: wait-for-network
labels:
io.rancher.os.detach: "false"
@ -231,7 +231,7 @@ rancher:
- command-volumes
- system-volumes
ntp:
image: {{.OS_IMAGES_ROOT}}/os-ntp:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-ntp:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.after: wait-for-network-pre
@ -240,7 +240,7 @@ rancher:
privileged: true
restart: always
preload-system-images:
image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-preload:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.scope: system
@ -252,7 +252,7 @@ rancher:
- command-volumes
- system-volumes
preload-user-images:
image: {{.OS_IMAGES_ROOT}}/os-preload:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-preload:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.detach: "false"
io.rancher.os.scope: system
@ -265,7 +265,7 @@ rancher:
- command-volumes
- system-volumes
syslog:
image: {{.OS_IMAGES_ROOT}}/os-syslog:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-syslog:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
log_driver: json-file
@ -276,7 +276,7 @@ rancher:
volumes_from:
- system-volumes
system-volumes:
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.createonly: "true"
io.rancher.os.scope: system
@ -301,7 +301,7 @@ rancher:
- /var/log:/var/log
- /var/run:/var/run
udev-cold:
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.before: udev
@ -311,7 +311,7 @@ rancher:
volumes_from:
- system-volumes
udev:
image: {{.OS_IMAGES_ROOT}}/os-udev:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-udev:{{.VERSION}}{{.SUFFIX}}
environment:
- DAEMON=true
labels:
@ -324,7 +324,7 @@ rancher:
volumes_from:
- system-volumes
user-volumes:
image: {{.OS_IMAGES_ROOT}}/os-state:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-state:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.createonly: "true"
io.rancher.os.scope: system
@ -336,7 +336,7 @@ rancher:
- /home:/home
- /opt:/opt
docker:
image: {{.OS_IMAGES_ROOT}}/os-docker:{{.VERSION}}{{.SUFFIX}}
image: {{.OS_REPO}}/os-docker:{{.VERSION}}{{.SUFFIX}}
labels:
io.rancher.os.scope: system
io.rancher.os.after: console
@ -356,7 +356,7 @@ rancher:
-H, 'unix:///var/run/system-docker.sock', --userland-proxy=false]
upgrade:
url: {{.OS_RELEASES_YML}}
image: {{.OS_IMAGES_ROOT}}/os
image: {{.OS_REPO}}/os
docker:
tls_args: [--tlsverify, --tlscacert=/etc/docker/tls/ca.pem, --tlscert=/etc/docker/tls/server-cert.pem, --tlskey=/etc/docker/tls/server-key.pem,
'-H=0.0.0.0:2376']

5
scripts/build Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -e
$(dirname $0)/build-target
$(dirname $0)/build-host

2
scripts/build-common
View File

@ -1,2 +0,0 @@
BUILD=$(pwd)/build
DIST=$(pwd)/dist

12
scripts/build-host Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
cd $(dirname $0)/..
export OUTPUT=bin/host_ros
if [[ -e bin/ros && "$HOST_ARCH" = "$ARCH" ]]; then
echo Creating $OUTPUT
cp bin/ros $OUTPUT
else
GOARCH=${HOST_ARCH} TOOLCHAIN= ./scripts/build-target
fi

38
scripts/build-images Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
set -e
export ARCH=${ARCH:-"amd64"}
BASE=images
source $(dirname $0)/version
cd $(dirname $0)/..
DO_PUSH="$1"
if [ "${DO_PUSH}" == "--push" ]; then
for i in $BASE/[0-9]*; do
name="os-$(echo ${i} | cut -f2 -d-)"
tag="${OS_REPO}/${name}:${VERSION}${SUFFIX}"
echo Pushing ${tag}
docker push ${tag} || :
done
else
for i in $BASE/[0-9]*; do
name="os-$(echo ${i} | cut -f2 -d-)"
tag="${OS_REPO}/${name}:${VERSION}${SUFFIX}"
echo Building ${tag}
if [ -x ${i}/prebuild.sh ]; then
if ${i}/prebuild.sh; then
dapper -d --build -f ${i}/Dockerfile -- -t rancher/${name} ${i}
docker tag rancher/${name} ${tag}
elif [ "$?" != "42" ]; then
exit 1
else
echo "WARN: Skipping ${tag}"
fi
else
dapper -d --build -f ${i}/Dockerfile -- -t rancher/${name} ${i}
docker tag rancher/${name} ${tag}
fi
done
fi

17
scripts/build-target Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
set -e
ros="$1"
source $(dirname $0)/version
cd $(dirname $0)/..
if [ "${!TOOLCHAIN}" != "" ]; then
export CC=/usr/bin/${!TOOLCHAIN}-gcc
export CGO_ENABLED=1
fi
OUTPUT=${OUTPUT:-bin/ros}
echo Building $OUTPUT
go build -tags netgo -installsuffix netgo -ldflags "-X github.com/rancher/os/config.VERSION=${VERSION} -linkmode external -extldflags -static" -o ${OUTPUT}

38
scripts/build-vbox-vm
View File

@ -1,38 +0,0 @@
#!/bin/bash
set -x -e
cd $(dirname $0)/..
: RANCHER_ISO=${RANCHER_ISO:="./dist/artifacts/rancheros.iso"}
if [[ -z $RANCHER_ISO ]]; then
echo "Need an ISO..." 1>&2
exit 1
fi
if [ ! -e ${RANCHER_ISO} ]; then
echo "Could not find ISO ${RANCHER_ISO}..." 1>&2
echo "have you run build.sh yet?" 1>&2
exit 1
fi
GITSHA=$(git rev-parse --short HEAD)
VM="RancherOS-${GITSHA}"
sudo chown -R `whoami` ./dist
VBoxManage createhd --format vmdk --filename ./dist/artifacts/$VM.vmdk --size 40000
VBoxManage createvm --name $VM --ostype "Linux_64" --register
VBoxManage storagectl $VM --name "SATA" --add sata --portcount 2
VBoxManage storageattach $VM --storagectl "SATA" --port 0 --type hdd --medium ./dist/artifacts/$VM.vmdk
VBoxManage storageattach $VM --storagectl "SATA" --port 1 --type dvddrive --medium ${RANCHER_ISO}
VBoxManage modifyvm $VM --memory 1024 --acpi on --boot1 disk --boot2 dvd
VBoxManage modifyvm $VM --rtcuseutc on
VBoxManage modifyvm $VM --usb off
VBoxManage modifyvm $VM --audio none
VBoxManage modifyvm $VM --nic1 nat
VBoxManage modifyvm $VM --nictype1 virtio
#VBoxManage startvm $VM

13
scripts/ci
View File

@ -1,7 +1,10 @@
#!/bin/sh
set -ex
#!/bin/bash
set -e
cd $(dirname $0)/..
. ./scripts/dapper-common
cd $(dirname $0)
dapper -d -O make HOST_ARCH=${HOST_ARCH} ARCH=${ARCH} DEV_BUILD=1 test
./build
./test
#./validate
./prepare
./package

4
scripts/clean Executable file
View File

@ -0,0 +1,4 @@
#!/bin/bash
cd $(dirname $0)/..
rm -rf build dist bin images/*/build

20
scripts/dapper-common
View File

@ -1,20 +0,0 @@
#!/bin/sh
set -ex
HOST_ARCH=${HOST_ARCH:-$(docker version | grep 'OS/Arch:' | tail -n+2 | awk '{print $2}' | cut -f2 -d'/')}
HOST_ARCH=${HOST_ARCH:?"Failed to guess HOST_ARCH"}
ARCH=${ARCH:-"$HOST_ARCH"}
export HOST_ARCH ARCH
cd $(dirname $0)/..
[ -f "./.docker-env.${HOST_ARCH}" ] && . ./.docker-env.${HOST_ARCH} || echo "WARNING: missing .docker-env.${HOST_ARCH} (to use an ${HOST_ARCH} docker host)"
. ./build.conf.${HOST_ARCH}
export HOST_DOCKER_BINARY_URL=${DOCKER_BINARY_URL}
docker inspect $DAPPER_BASE >/dev/null 2>&1 || docker pull $DAPPER_BASE
docker tag $DAPPER_BASE rancher/os-dapper-base
set -a
. ./build.conf.${ARCH}
set +a

11
scripts/entry Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
set -e
trap "chown -R $DAPPER_UID:$DAPPER_GID ." exit
mkdir -p bin dist build
if [ -e ./scripts/$1 ]; then
./scripts/"$@"
else
"$@"
fi

14
scripts/gen-os-config.sh
View File

@ -1,14 +0,0 @@
#!/bin/bash
set -ex
cd $(dirname $0)/..
set -a
. build.conf
. build.conf.${ARCH}
SUFFIX=""
[ "${ARCH}" == "amd64" ] || SUFFIX="_${ARCH}"
set +a
build/host_ros c generate < os-config.tpl.yml > $1

52
scripts/layout Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
set -e
source $(dirname $0)/version
cd $(dirname $0)/..
BUILD=build
INITRD_DIR=${BUILD}/initrd
echo Create initrd layout in $INITRD_DIR
rm -rf ${INITRD_DIR}
mkdir -p ${INITRD_DIR}/usr/{etc,bin,share/ros}
cp -rf assets/selinux ${INITRD_DIR}/usr/etc
cp build/images.tar ${INITRD_DIR}/usr/share/ros/
cp build/os-config.yml ${INITRD_DIR}/usr/share/ros/
cp bin/ros ${INITRD_DIR}/usr/bin/
cp ${DOWNLOADS}/docker ${INITRD_DIR}/usr/bin/docker
ln -s usr/bin/ros ${INITRD_DIR}/init
ln -s bin ${INITRD_DIR}/usr/sbin
ln -s usr/sbin ${INITRD_DIR}/sbin
if [ -e ${DOWNLOADS}/kernel.tar.gz ]; then
tar xf ${DOWNLOADS}/kernel.tar.gz -C ${INITRD_DIR}/usr/ lib/
fi
if [ -e ${DOWNLOADS}/policy.29 ]; then
mkdir -p ${INITRD_DIR}/usr/etc/selinux/ros/policy/
cp ${DOWNLOADS}/policy.29 ${INITRD_DIR}/usr/etc/selinux/ros/policy/
fi
DFS_ARCH=$(docker create ${DFS_IMAGE}${SUFFIX})
trap "docker rm -fv ${DFS_ARCH} >/dev/null" EXIT
docker export ${DFS_ARCH} | tar xf - -C ${INITRD_DIR} --exclude=usr/bin/dockerlaunch \
--exclude=usr/bin/docker \
--exclude=usr/share/git-core \
--exclude=usr/bin/git \
--exclude=usr/bin/ssh \
--exclude=usr/libexec/git-core \
usr
tar xf ${DOWNLOADS}/kernel.tar.gz -C ${BUILD} boot/
if [ -e ${BUILD}/boot/vmlinuz-* ]; then
mkdir -p dist/artifacts
cp ${BUILD}/boot/vmlinuz-* dist/artifacts/vmlinuz
fi
cat /proc/sys/kernel/random/uuid > ${INITRD_DIR}/.id

7
scripts/make.sh
View File

@ -1,7 +0,0 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
. ./scripts/dapper-common
dapper make HOST_ARCH=${HOST_ARCH} ARCH=${ARCH} "$@"

12
scripts/mk-images-tar.sh
View File

@ -1,12 +0,0 @@
#!/bin/bash
set -ex
cd $(dirname $0)/..
. scripts/build-common
images="$(build/host_ros c images -i build/os-config.yml)"
for i in ${images}; do
[ "${FORCE_PULL}" != "1" ] && docker inspect $i >/dev/null 2>&1 || docker pull $i;
done
docker save ${images} > ${BUILD}/images.tar

73
scripts/mk-initrd.sh
View File

@ -1,73 +0,0 @@
#!/bin/bash
set -ex
TARGET=$(pwd)/${1}
SUFFIX=${SUFFIX:-""}
DFS_IMAGE=${DFS_IMAGE:?"DFS_IMAGE not set"}
IS_ROOTFS=${IS_ROOTFS:-0}
cd $(dirname $0)/..
. scripts/build-common
INITRD_DIR=${BUILD}/initrd
rm -rf ${INITRD_DIR}/{usr,init}
mkdir -p ${INITRD_DIR}/usr/{bin,share/ros}
mkdir -p ${INITRD_DIR}/var/lib/system-docker
mkdir -p ${INITRD_DIR}/usr/etc/selinux/ros/{policy,contexts}
if [ "$IS_ROOTFS" == "0" ]; then
cp -rf ${BUILD}/kernel/lib ${INITRD_DIR}/usr/
fi
cp assets/docker ${INITRD_DIR}/usr/bin/docker
if [ "$IS_ROOTFS" == "0" ]; then
cp ${BUILD}/images.tar ${INITRD_DIR}/usr/share/ros/
fi
cp build/os-config.yml ${INITRD_DIR}/usr/share/ros/
cp bin/ros ${INITRD_DIR}/usr/bin/
ln -s usr/bin/ros ${INITRD_DIR}/init
ln -s bin ${INITRD_DIR}/usr/sbin
ln -s usr/sbin ${INITRD_DIR}/sbin
cp assets/selinux/config ${INITRD_DIR}/usr/etc/selinux/
cp assets/selinux/policy.29 ${INITRD_DIR}/usr/etc/selinux/ros/policy/
cp assets/selinux/seusers ${INITRD_DIR}/usr/etc/selinux/ros/
cp assets/selinux/lxc_contexts ${INITRD_DIR}/usr/etc/selinux/ros/contexts/
cp assets/selinux/failsafe_context ${INITRD_DIR}/usr/etc/selinux/ros/contexts/
if [ "$ARCH" == "amd64" ]; then
KERNEL_RELEASE=$(tar xvf assets/modules.tar.gz -C ${INITRD_DIR} | cut -f4 -d/ | cut -f1 -d ' ')
depmod -a -b ${INITRD_DIR}/usr $KERNEL_RELEASE
fi
DFS_ARCH=$(docker create ${DFS_IMAGE}${SUFFIX})
trap "docker rm -fv ${DFS_ARCH}" EXIT
docker export ${DFS_ARCH} | tar xvf - -C ${INITRD_DIR} --exclude=usr/bin/dockerlaunch \
--exclude=usr/bin/docker \
--exclude=usr/share/git-core \
--exclude=usr/bin/git \
--exclude=usr/bin/ssh \
--exclude=usr/libexec/git-core \
usr
if [ "$IS_ROOTFS" == "1" ]; then
DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX})
trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT
docker exec -i ${DFS} docker load < ${BUILD}/images.tar
docker stop ${DFS}
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${INITRD_DIR}/var/lib/system-docker
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${INITRD_DIR}/var/lib/system-docker
cd ${INITRD_DIR}
tar -czf ${TARGET} .
else
COMPRESS=lzma
[ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1"
cd ${INITRD_DIR}
find | cpio -H newc -o | ${COMPRESS} > ${TARGET}
fi

12
scripts/mk-iso-checksums-txt.sh
View File

@ -1,12 +0,0 @@
#!/bin/bash
set -ex
cd $(dirname $0)/..
. scripts/build-common
cd ${DIST}/artifacts
rm -f iso-checksums.txt || :
for algo in 'sha256' 'md5'; do
echo "$algo: `${algo}sum rancheros.iso`" >> iso-checksums.txt;
done

44
scripts/mk-kernel-tar-from-deb.sh
View File

@ -1,44 +0,0 @@
#!/bin/bash
set -e -x
# This script will convert an Ubuntu deb file to the kernel tar structure the RancherOS build expects
# For example
#
# ./scripts/mk-kernel-tar-from-deb.sh linux-image-3.19.0-28-generic_3.19.0-28.30_amd64.deb linux-image-extra-3.19.0-28-generic_3.19.0-28.30_amd64.deb linux-firmware_1.143.3_all.deb
#
mkdir -p $(dirname $0)/../build
BUILD=$(mktemp -d $(dirname $0)/../build/deb-XXXXX)
mkdir -p $BUILD
extract()
{
if [ ! -e $1 ]; then
echo $1 does not exist
exit 1
fi
local deb=$(readlink -f $1)
cd $BUILD
rm -f data.tar.* 2>/dev/null || true
ar x $deb
tar xvf data.tar.*
cd -
}
for i in "$@"; do
extract $i
done
cd $BUILD
KVER=$(ls ./lib/modules)
depmod -b . $KVER
echo Creating ${OLDPWD}/kernel.tar.gz
tar cvzf ${OLDPWD}/kernel.tar.gz ./lib boot/vmlinuz*
echo Created ${OLDPWD}/kernel.tar.gz
cd -
rm -rf ${BUILD}

19
scripts/mk-ros.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
set -ex
ros="$1"
ARCH=${ARCH:?"ARCH not set"}
VERSION=${VERSION:?"VERSION not set"}
cd $(dirname $0)/..
strip_bin=$(which strip)
[ "${ARCH}" == "arm" ] && export GOARM=6
if [ "${TOOLCHAIN}" != "" ]; then
export CC=/usr/bin/${TOOLCHAIN}-gcc
export CGO_ENABLED=1
strip_bin=/usr/bin/${TOOLCHAIN}-strip
fi
GOARCH=${ARCH} go build -tags netgo -installsuffix netgo -ldflags "-X github.com/rancher/os/config.VERSION=${VERSION} -linkmode external -extldflags -static" -o ${ros}
${strip_bin} --strip-all ${ros}

8
scripts/package Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
set -e
cd $(dirname $0)
./package-rootfs
./package-initrd
./package-iso

41
scripts/package-initrd Executable file
View File

@ -0,0 +1,41 @@
#!/bin/bash
set -e
rootfs() {
DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX})
trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT
docker exec -i ${DFS} docker load < ${INITRD_DIR}/usr/share/ros/images.tar
docker stop ${DFS}
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR}
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR}
tar -cf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .
tar -rf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .
rm -f ${ARTIFACTS}/rootfs.tar.gz
gzip ${ARTIFACTS}/rootfs.tar
}
initrd() {
COMPRESS=lzma
[ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1"
pushd ${INITRD_DIR} >/dev/null
find | cpio -H newc -o | ${COMPRESS} > ${INITRD}
popd >/dev/null
}
cd $(dirname $0)/..
BUILD=$(pwd)/build
IMAGE_CACHE=${BUILD}/image-cache
PREPOP_DIR=${IMAGE_CACHE}/var/lib/system-docker
INITRD_DIR=${BUILD}/initrd
ARTIFACTS=$(pwd)/dist/artifacts
INITRD=${ARTIFACTS}/initrd
mkdir -p ${ARTIFACTS} ${PREPOP_DIR}
rootfs
initrd

15
scripts/mk-rancheros-iso.sh → scripts/package-iso
View File

@ -1,23 +1,24 @@
#!/bin/bash
set -ex
set -e
source $(dirname $0)/version
cd $(dirname $0)/..
. scripts/build-common
ARTIFACTS=$(pwd)/dist/artifacts
CD=${BUILD}/cd
mkdir -p ${CD}/boot/isolinux
mkdir -p ${CD}/boot/isolinux
cp ${DIST}/artifacts/initrd ${CD}/boot
cp ${DIST}/artifacts/vmlinuz ${CD}/boot
cp ${ARTIFACTS}/initrd ${CD}/boot
cp ${ARTIFACTS}/vmlinuz ${CD}/boot
cp scripts/isolinux.cfg ${CD}/boot/isolinux
cp /usr/lib/ISOLINUX/isolinux.bin ${CD}/boot/isolinux
cp /usr/lib/syslinux/modules/bios/ldlinux.c32 ${CD}/boot/isolinux
cd ${CD} && xorriso \
-publisher "Rancher Labs, Inc." \
-as mkisofs \
-l -J -R -V "RancherOS" \
-l -J -R -V "${DISTRIB_ID}" \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat \
-isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \
-o ${DIST}/artifacts/rancheros.iso ${CD}
-o ${ARTIFACTS}/$(echo ${DISTRIB_ID} | tr '[:upper:]' '[:lower:]').iso ${CD}

41
scripts/package-rootfs Executable file
View File

@ -0,0 +1,41 @@
#!/bin/bash
set -e
rootfs() {
DFS=$(docker run -d --privileged -v /lib/modules/$(uname -r):/lib/modules/$(uname -r) ${DFS_IMAGE}${SUFFIX})
trap "docker rm -fv ${DFS_ARCH} ${DFS}" EXIT
docker exec -i ${DFS} docker load < ${INITRD_DIR}/usr/share/ros/images.tar
docker stop ${DFS}
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./image | tar -x -C ${PREPOP_DIR}
docker run --rm --volumes-from=${DFS} rancher/os-dapper-base tar -c -C /var/lib/docker ./overlay | tar -x -C ${PREPOP_DIR}
tar -cf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .
tar -rf ${ARTIFACTS}/rootfs.tar --exclude lib/modules --exclude lib/firmware -C ${INITRD_DIR} .
rm -f ${ARTIFACTS}/rootfs.tar.gz
gzip ${ARTIFACTS}/rootfs.tar
}
initrd() {
COMPRESS=lzma
[ "$DEV_BUILD" == "1" ] && COMPRESS="gzip -1"
pushd ${INITRD_DIR} >/dev/null
find | cpio -H newc -o | ${COMPRESS} > ${INITRD}
popd >/dev/null
}
cd $(dirname $0)/..
BUILD=$(pwd)/build
IMAGE_CACHE=${BUILD}/image-cache
PREPOP_DIR=${IMAGE_CACHE}/var/lib/system-docker
INITRD_DIR=${BUILD}/initrd
ARTIFACTS=$(pwd)/dist/artifacts
INITRD=${ARTIFACTS}/initrd
mkdir -p ${ARTIFACTS} ${PREPOP_DIR}
rootfs
initrd

15
scripts/prepare Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -e
source $(dirname $0)/version
cd $(dirname $0)
if [ ! -e ./bin/host_ros ]; then
./build
fi
./template
./build-images
./tar-images
./layout

3
scripts/release Executable file
View File

@ -0,0 +1,3 @@
#!/bin/bash
exec $(dirname $0)/ci

62
scripts/run
View File

@ -3,8 +3,6 @@ set -e
cd $(dirname $0)/..
source scripts/build-common
HOST_ARCH=${HOST_ARCH:-amd64}
ARCH=${ARCH:-amd64}
@ -34,11 +32,13 @@ cd_arm() {
}
declare -A cd=( ["amd64"]="cd_amd64" ["arm"]="cd_arm" ["arm64"]="cd_arm" )
BUILD=build
BASE=$(pwd)
UNAME=$(uname)
KERNEL=${BASE}/dist/artifacts/vmlinuz
INITRD=${BASE}/dist/artifacts/initrd
INITRD_SRC=${BASE}/build/initrd
INITRD=${BASE}/build/initrd.tmp
QEMU=1
FORMAT=1
@ -103,42 +103,17 @@ if [ "$QEMU" == "1" ] && ! which qemu-system-${QEMUARCH}; then
QEMU=0
fi
if [[ ! -e ${KERNEL} || ! -e ${INITRD} ]]; then
echo "Failed to find ${KERNEL} or ${INITRD}" 1>&2
if [[ ! -e ${KERNEL} || ! -e ${INITRD_SRC} ]]; then
echo "Failed to find ${KERNEL} or ${INITRD_SRC}" 1>&2
exit 1
fi
# Linux and Darwin SHA1 sum binary are different, pick which to use
if [ "$UNAME" == "Darwin" ]; then sha1sum=$(which shasum)
elif [ "$UNAME" == "Linux" ]; then sha1sum=$(which sha1sum);
fi
if [ "$REBUILD" == "1" ]; then
INITRD_TMP=${BUILD}/$(${sha1sum} ${INITRD} | awk '{print $1}')
INITRD_CURRENT=${BUILD}/initrd-current
INITRD_TEST=${BUILD}/initrd.test
if [ ! -d ${INITRD_TMP} ]; then
mkdir -p ${INITRD_TMP}
pushd ${INITRD_TMP}
xz -dfc ${INITRD} | gunzip -f | cpio -idm
popd
fi
if [ -e ${INITRD_CURRENT} ]; then
rm -f ${INITRD_CURRENT}
fi
ln -s ${INITRD_TMP} ${INITRD_CURRENT}
mkdir -p ${INITRD_TMP}/usr/{bin,share/ros}
cp bin/ros ${INITRD_TMP}/usr/bin/
cp -f build/os-config.yml ${INITRD_TMP}/usr/share/ros/
pushd ${INITRD_TMP}
find . | cpio -H newc -o | gzip > ${INITRD_TEST}
popd
INITRD=${INITRD_TEST}
cp bin/ros ${INITRD_SRC}/usr/bin/ros
cp build/os-config.yml ${INITRD_SRC}/usr/share/ros
pushd ${INITRD_SRC} >/dev/null
find . | cpio -H newc -o | gzip -1 > ${INITRD}
popd >/dev/null
fi
KERNEL_ARGS="quiet rancher.password=rancher console=${TTYCONS} ${QEMU_APPEND}"
@ -162,17 +137,9 @@ if [ "$QEMU" == "1" ]; then
qemu-img create -f qcow2 -o size=10G ${HD}
fi
CCIMG=${BUILD}/cc.img
CCDEV=$(losetup -f)
CCROOT=${BUILD}/cloud-config
dd if=/dev/zero of=${CCIMG} bs=1024 count=512
losetup ${CCDEV} ${CCIMG}
mkfs.vfat -n "config-2" ${CCDEV}
rm -rf ${CCROOT}
mkdir -p ${CCROOT}
mount ${CCDEV} ${CCROOT}
USER_DATA=${CCROOT}/openstack/latest/user_data
mkdir -p $(dirname ${USER_DATA})
@ -185,10 +152,6 @@ if [ "$QEMU" == "1" ]; then
echo "- $(<${BASE}/assets/rancher.key.pub)" >> ${USER_DATA}
fi
umount ${CCROOT}
losetup -d ${CCDEV}
CPU=${cpu["$ARCH"]}
if [ "$KVM" == "1" ] && [ "$ARCH" == "$HOST_ARCH" ]; then
KVM_ENABLE="-enable-kvm"
@ -204,12 +167,15 @@ if [ "$QEMU" == "1" ]; then
-initrd ${INITRD} \
-m 2048 \
${network["$ARCH"]} \
$(eval "${cd["$ARCH"]} ${CCIMG}") \
$(eval "${hd["$ARCH"]} ${HD}") \
-smp 1 \
-append "${KERNEL_ARGS}" \
-nographic \
-display none \
-fsdev local,security_model=passthrough,readonly,id=fsdev0,path=${CCROOT} \
-device virtio-9p-pci,id=fs0,fsdev=fsdev0,mount_tag=config-2 \
-fsdev local,security_model=none,id=fsdev1,path=${HOME} \
-device virtio-9p-pci,id=fs1,fsdev=fsdev1,mount_tag=home \
${QEMU_ARGS} \
"${@}"

7
scripts/shell.sh
View File

@ -1,7 +0,0 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
. ./scripts/dapper-common
exec dapper -d -s

15
scripts/tar-images Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
mkdir -p build
IMAGES=$(bin/host_ros c images -i build/os-config.yml)
for i in $IMAGES; do
if [ "${FORCE_PULL}" = "1" ] || ! docker inspect $i >/dev/null 2>&1; then
docker pull $i
fi
done
docker save ${IMAGES} > build/images.tar

9
scripts/template Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
set -e
source $(dirname $0)/version
cd $(dirname $0)/..
mkdir -p build
./bin/host_ros c generate < os-config.tpl.yml > build/os-config.yml

13
scripts/test
View File

@ -1,17 +1,10 @@
#!/bin/bash
set -e
if [[ ! -x "$(which go)" && -x /usr/local/go/bin/go ]]; then
PATH=/usr/local/go/bin:${PATH}
fi
cd $(dirname $0)/..
result=$(find . -name "*.go" | grep -v ./Godeps | xargs gofmt -l)
for i in $result; do
echo $i
done
echo Running tests
[ -n "$result" ] && exit 1
PACKAGES=". $(find -name '*.go' | xargs -I{} dirname {} | cut -f2 -d/ | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor|bin)' | sed -e 's!^!./!' -e 's!$!/...!')"
echo OK
go test -race -cover -tags=test ${PACKAGES}

8
scripts/unit-test
View File

@ -1,8 +0,0 @@
#!/bin/bash
set -e
cd $(dirname $0)/..
PACKAGES="$(find -name '*.go' | xargs -I{} dirname {} | cut -f2 -d/ | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor)' | sed -e 's!^!./!' -e 's!$!/...!')"
go test -race -cover -tags=test $PACKAGES

Some files were not shown because too many files have changed in this diff Show More