[lxc-devel] [PATCH v3] Add Oracle Linux template

Mon Oct 8 15:59:52 UTC 2012

On Fri, 5 Oct 2012 16:52:27 -0500
Serge Hallyn <serge.hallyn at canonical.com> wrote:

> Quoting Dwight Engen (dwight.engen at oracle.com):
> > 
> > This is a new template to create containers based on Oracle Linux.
> > A version such as 5.8, 6.3, or 6.latest can be specified with -R in
> > which case a rootfs will be created from rpms downloaded from the
> > Oracle public-yum repo. Alternatively the path to an existing
> > rootfs of Oracle 5 or 6 may be given to the template with the -t
> > option.
> > 
> > The architecture of the downloaded rpms installed in the container
> > can be specified with the -a template option.
> > 
> > Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
> 
> Thanks, Dwight - I'd actually pushed this to my staging branch and a
> bzr branch, but then I noticed one thing:
> 
> > ---
> >  configure.ac            |    1 +
> >  templates/Makefile.am   |    1 +
> >  templates/lxc-oracle.in |  496
> > +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed,
> > 498 insertions(+), 0 deletions(-) create mode 100644
> > templates/lxc-oracle.in
> > 
> > diff --git a/configure.ac b/configure.ac
> > index 4bbfd9b..d0535f7 100644
> > --- a/configure.ac
> > +++ b/configure.ac
> > @@ -197,6 +197,7 @@ AC_CONFIG_FILES([
> >  	templates/lxc-opensuse
> >  	templates/lxc-busybox
> >  	templates/lxc-fedora
> > +	templates/lxc-oracle
> >  	templates/lxc-altlinux
> >  	templates/lxc-sshd
> >  	templates/lxc-archlinux
> > diff --git a/templates/Makefile.am b/templates/Makefile.am
> > index d6b3892..523498d 100644
> > --- a/templates/Makefile.am
> > +++ b/templates/Makefile.am
> > @@ -7,6 +7,7 @@ templates_SCRIPTS = \
> >  	lxc-ubuntu-cloud \
> >  	lxc-opensuse \
> >  	lxc-fedora \
> > +	lxc-oracle \
> >  	lxc-altlinux \
> >  	lxc-busybox \
> >  	lxc-sshd \
> > diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
> > new file mode 100644
> > index 0000000..e13f13b
> > --- /dev/null
> > +++ b/templates/lxc-oracle.in
> > @@ -0,0 +1,496 @@
> > +#!/bin/bash
> > +#
> > +# Template script for generating Oracle Enterprise Linux container
> > for LXC +# based on lxc-fedora, lxc-ubuntu
> > +#
> > +# Copyright © 2011 Wim Coekaerts <wim.coekaerts at oracle.com>
> > +# Copyright © 2012 Dwight Engen <dwight.engen at oracle.com>
> > +#
> > +# Modified for Oracle Linux 5
> > +# Wim Coekaerts <wim.coekaerts at oracle.com>
> > +#
> > +# Modified for Oracle Linux 6, combined OL5,6 into one template
> > script +# Dwight Engen <dwight.engen at oracle.com>
> > +#
> > +# This library is free software; you can redistribute it and/or
> > +# modify it under the terms of the GNU Lesser General Public
> > +# License as published by the Free Software Foundation; either
> > +# version 2.1 of the License, or (at your option) any later
> > version. +#
> > +# This library is distributed in the hope that it will be useful,
> > +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> > +# Lesser General Public License for more details.
> > +#
> > +# You should have received a copy of the GNU Lesser General Public
> > +# License along with this library; if not, write to the Free
> > Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston,
> > MA 02111-1307 USA +#
> > +
> > +# use virbr0 that is setup by default by libvirtd
> > +lxc_network_type=veth
> > +lxc_network_link=virbr0
> 
> This should be taken from a config file (at least if provided), not
> overriden in the template.  So for instance, I was (implicitly) using
> lxc-create -t oracle -f /etc/lxc/lxc.conf -n o1
> where lxc.conf is:
> 
> lxc.network.type=veth
> lxc.network.link=lxcbr0
> lxc.network.flags=up
> 
> but the oracle container was set to lxc.network.link=virbr0.  Since I
> didn't have libvirt installed, the resulting container fails to start.
> When I switch the link over, it starts beautifully.
> 
> I'm not sure how you'll want to do it - just not 
> 
>     rm -f $cfg_dir/config
> 
> and then only add a network segment if one hasn't already been
> specified?
> 
> For now I've pushed your patch unchanged onto github.com/hallyn/lxc
> branch staging.oct5.1 (and onto
> lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-oracle), but that should be
> fixed before being merged into the github.com/lxc/lxc staging branch.
> 
> -serge

My testing was on OL6.3, so I hadn't run into these things. So I tried
this in a Ubuntu VM and I see the problems you are getting at, as well
as a few more :(

Hmm, yes the veth thing is not good. So I noticed that Ubuntu has
a /etc/lxc/lxc.conf file which dpkg -L does say comes from lxc, but I
don't see where that comes from in the lxc source? For an rpm based
system like OL it seems like I should add an equivalent .conf file and
have the .spec pull it in? Also the part of lxc-create that Ubuntu has
to copy /etc/lxc/lxc.conf as the skel to start with isn't in the git
sources, so just adding the file in /etc wouldn't suffice. The
alternative is like you said to detect if a network isn't given, but
that could get messy (what if the config from /etc has other stuff that
conflicts?). Seems like we should all do it the same way, and the idea
is that /etc is the place to specify *host* system wide, but distro
specific things and the template adds onto that.

Another problem with this template when Ubuntu is the host is that
Ubuntu's native rpm builds the rpm database into
$container_rootfs/root/.rpmdb so when you boot into the container rpm
-qa shows nothing because there is no database in /var/lib/rpm. Should I
just try to detect if the host is Ubuntu and move the db files
from .rpmdb to /var/lib/rpm? Are other (non-rpm-native) platforms going
to have this problem as well, and do I need to handle them too?

Also the db4 tool names aren't the same as on RHEL/OL if a database
downgrade will be required (and I need to detect that case better,
right now its going by the hosts /etc/oracle-release which obviously
won't work if your host isn't Oracle, I'll probably switch to use the
file command to test the hash version of the db). I guess I can check
for a bunch of "alternate" tool names, any better ideas?