[Lxc-users] [PATCH 1/2] working fedora template

Iliyan Stoyanov ilf at ilf.me
Wed Aug 17 14:06:06 UTC 2011



On Wed, 2011-08-17 at 15:45 +0300, Ramez Hanna wrote:
> this is a bug in the fedora-release-15-1.noarch
> and was fixed in fedora-release-15-3.noarch from updates
> which basically breaks the script, i'm wporking on fixing it
> you could easily fix that in the script at line 114
> but be aware that f15 won't boot, there needs to be tweaks to the
> rootfs, which i haven't yet
hi. ok, thanks I'll modify the script to fetch -3.noarch. is the
problem with f15 still the systemd inside the container or is it
something else?

--ilf
> 
> On Tue, Aug 16, 2011 at 7:20 PM, Iliyan Stoyanov <ilf at ilf.me> wrote:
> > Hi all,
> >
> >
> > I pulled the latest version of lxc from git (up to this commit:
> > e6238180c6963bcdbab42258a0f66b1d498c0e13) and it seems this patch is
> > already applied, however I seem to have a problem using the lxc-fedora
> > template to generate Fedora image. Am I completely stupid (or|and) am I
> > doing something wrong, because I can't seem to generate fedora
> > environment.
> >
> > What I always get is an error looking like this:
> >
> > warning: /var/cache/lxc/fedora/x86_64/15/partial/fedora-release-15.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 069c8460: NOKEY
> > error: Failed dependencies:
> >        fedora-release-rawhide = 15-1 is needed by fedora-release-15-1.noarch
> > fedora/metalink                                          |  20 kB
> > 00:00
> > Could not parse metalink
> > https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=x86_64 error was
> > No repomd file
> > Error: Cannot retrieve repository metadata (repomd.xml) for repository:
> > fedora. Please verify its path and try again
> > Failed to download the rootfs, aborting.
> > Failed to download 'fedora base'
> > failed to install fedora
> >
> >
> > Which seems to be a problem that the template is not fetching another
> > needed rpm. However I'm not sure I know how to fix that. Any ideas?
> >
> > --ilf
> >
> > On Mon, 2011-08-08 at 11:54 +0300, Ramez Hanna wrote:
> >> >From c117fc7051971a9166cf5ab1f85cb6331b91a78c Mon Sep 17 00:00:00 2001
> >> From: InformatiQ <rhanna at informatiq.org>
> >> Date: Wed, 20 Apr 2011 23:15:51 +0300
> >> Subject: [PATCH 1/2] working fedora template
> >>
> >> signed-off-by: Ramez Hanna <rhanna at informatiq.org>
> >> ---
> >>  templates/lxc-fedora.in |  264 ++++++++++++++++++++++++++---------------------
> >>  1 files changed, 146 insertions(+), 118 deletions(-)
> >>
> >> diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
> >> index f4f19c0..e26d73a 100644
> >> --- a/templates/lxc-fedora.in
> >> +++ b/templates/lxc-fedora.in
> >> @@ -9,6 +9,7 @@
> >>
> >>  # Authors:
> >>  # Daniel Lezcano <daniel.lezcano at free.fr>
> >> +# Ramez Hanna <rhanna at informatiq.org>
> >>
> >>  # This library is free software; you can redistribute it and/or
> >>  # modify it under the terms of the GNU Lesser General Public
> >> @@ -24,117 +25,106 @@
> >>  # License along with this library; if not, write to the Free Software
> >>  # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> >>
> >> -DISTRO=fedora-10
> >> +#Configurations
> >> +arch=$(arch)
> >> +cache_base=/var/cache/lxc/fedora/$arch
> >> +default_path=/var/lib/lxc
> >> +root_password=rooter
> >> +lxc_network_type=veth
> >> +lxc_network_link=virbr0
> >> +
> >> +# is this fedora?
> >> +[ -f /etc/fedora-release ] && is_fedora=true
> >>
> >>  configure_fedora()
> >>  {
> >> -    rootfs=$1
> >> -    hostname=$2
> >>
> >>      # disable selinux in fedora
> >> -    mkdir -p $rootfs/selinux
> >> -    echo 0 > $rootfs/selinux/enforce
> >> +    mkdir -p $rootfs_path/selinux
> >> +    echo 0 > $rootfs_path/selinux/enforce
> >>
> >>     # configure the network using the dhcp
> >> -    cat <<EOF > $rootfs/etc/network/interfaces
> >> -auto lo
> >> -iface lo inet loopback
> >> -
> >> -auto eth0
> >> -iface eth0 inet dhcp
> >> +    cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
> >> +DEVICE=eth0
> >> +BOOTPROTO=dhcp
> >> +ONBOOT=yes
> >> +HOSTNAME=${UTSNAME}
> >> +NM_CONTROLLED=no
> >> +TYPE=Ethernet
> >> +MTU=${MTU}
> >>  EOF
> >>
> >>      # set the hostname
> >> -    cat <<EOF > $rootfs/etc/hostname
> >> -$hostname
> >> -EOF
> >> -    # set minimal hosts
> >> -    cat <<EOF > $rootfs/etc/hosts
> >> -127.0.0.1 localhost $hostname
> >> -EOF
> >> -
> >> -    # provide the lxc service
> >> -    cat <<EOF > $rootfs/etc/init/lxc.conf
> >> -# fake some events needed for correct startup other services
> >> -
> >> -description     "Container Upstart"
> >> -
> >> -start on startup
> >> -
> >> -script
> >> -        rm -rf /var/run/*.pid
> >> -        rm -rf /var/run/network/*
> >> -        /sbin/initctl emit stopped JOB=udevtrigger --no-wait
> >> -        /sbin/initctl emit started JOB=udev --no-wait
> >> -end script
> >> -EOF
> >> -
> >> -    cat <<EOF > $rootfs/etc/init/console.conf
> >> -# console - getty
> >> -#
> >> -# This service maintains a console on tty1 from the point the system is
> >> -# started until it is shut down again.
> >> -
> >> -start on stopped rc RUNLEVEL=[2345]
> >> -stop on runlevel [!2345]
> >> -
> >> -respawn
> >> -exec /sbin/getty -8 38400 /dev/console
> >> +    cat <<EOF > ${rootfs_path}/etc/sysconfig/network
> >> +NETWORKING=yes
> >> +HOSTNAME=${UTSNAME}
> >>  EOF
> >>
> >> -    cat <<EOF > $rootfs/lib/init/fstab
> >> -# /lib/init/fstab: lxc system fstab
> >> -none            /spu                      spufs
> >> gid=spu,optional                  0 0
> >> -none            /tmp                      none            defaults
> >>                       0 0
> >> -none            /var/lock                 tmpfs
> >> nodev,noexec,nosuid,showthrough   0 0
> >> -none            /lib/init/rw              tmpfs
> >> mode=0755,nosuid,optional         0 0
> >> +    # set minimal hosts
> >> +    cat <<EOF > $rootfs_path/etc/hosts
> >> +127.0.0.1 localhost $name
> >>  EOF
> >>
> >> -    # reconfigure some services
> >> -    if [ -z "$LANG" ]; then
> >> -     chroot $rootfs locale-gen en_US.UTF-8
> >> -     chroot $rootfs update-locale LANG=en_US.UTF-8
> >> -    else
> >> -     chroot $rootfs locale-gen $LANG
> >> -     chroot $rootfs update-locale LANG=$LANG
> >> -    fi
> >> -
> >> -    # remove pointless services in a container
> >> -    chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
> >> -
> >> -    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> u*.conf); do mv $f $f.orig; done'
> >> -    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> tty[2-9].conf); do mv $f $f.orig; done'
> >> -    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> plymouth*.conf); do mv $f $f.orig; done'
> >> -    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> hwclock*.conf); do mv $f $f.orig; done'
> >> -    chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> module*.conf); do mv $f $f.orig; done'
> >> -
> >> -    echo "Please change root-password !"
> >> -    echo "root:root" | chroot $rootfs chpasswd
> >> +    sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.sysinit
> >> +    sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.d/rc.sysinit
> >> +    chroot ${rootfs_path} chkconfig udev-post off
> >> +    chroot ${rootfs_path} chkconfig network on
> >> +
> >> +    dev_path="${rootfs_path}/dev"
> >> +    rm -rf $dev_path
> >> +    mkdir -p $dev_path
> >> +    mknod -m 666 ${dev_path}/null c 1 3
> >> +    mknod -m 666 ${dev_path}/zero c 1 5
> >> +    mknod -m 666 ${dev_path}/random c 1 8
> >> +    mknod -m 666 ${dev_path}/urandom c 1 9
> >> +    mkdir -m 755 ${dev_path}/pts
> >> +    mkdir -m 1777 ${dev_path}/shm
> >> +    mknod -m 666 ${dev_path}/tty c 5 0
> >> +    mknod -m 666 ${dev_path}/tty0 c 4 0
> >> +    mknod -m 666 ${dev_path}/tty1 c 4 1
> >> +    mknod -m 666 ${dev_path}/tty2 c 4 2
> >> +    mknod -m 666 ${dev_path}/tty3 c 4 3
> >> +    mknod -m 666 ${dev_path}/tty4 c 4 4
> >> +    mknod -m 600 ${dev_path}/console c 5 1
> >> +    mknod -m 666 ${dev_path}/full c 1 7
> >> +    mknod -m 600 ${dev_path}/initctl p
> >> +    mknod -m 666 ${dev_path}/ptmx c 5 2
> >> +
> >> +    echo "setting root passwd to $root_password"
> >> +    echo "root:$root_password" | chroot $rootfs_path chpasswd
> >>
> >>      return 0
> >>  }
> >>
> >>  download_fedora()
> >>  {
> >> -    cache=$1
> >> -    arch=$2
> >>
> >>      # check the mini fedora was not already downloaded
> >> -    mkdir -p "$cache/partial-$arch"
> >> +    INSTALL_ROOT=$cache/partial
> >> +    mkdir -p $INSTALL_ROOT
> >>      if [ $? -ne 0 ]; then
> >> -     echo "Failed to create '$cache/partial-$arch' directory"
> >> +     echo "Failed to create '$INSTALL_ROOT' directory"
> >>       return 1
> >>      fi
> >>
> >>      # download a mini fedora into a cache
> >>      echo "Downloading fedora minimal ..."
> >> -    febootstrap $DISTRO $cache/partial-$arch
> >> +    YUM="yum --installroot $INSTALL_ROOT -y --nogpgcheck"
> >> +    PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient
> >> chkconfig rootfiles policycoreutils"
> >> +    RELEASE_URL="http://ftp.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/releases/$release/Everything/x86_64/os/Packages/fedora-release-$release-1.noarch.rpm"
> >> +    curl $RELEASE_URL > $INSTALL_ROOT/fedora-release-$release.noarch.rpm
> >> +
> >> +    mkdir -p $INSTALL_ROOT/var/lib/rpm
> >> +    rpm --root $INSTALL_ROOT  --initdb
> >> +    rpm --root $INSTALL_ROOT -ivh
> >> $INSTALL_ROOT/fedora-release-$release.noarch.rpm
> >> +    $YUM install $PKG_LIST
> >> +
> >>      if [ $? -ne 0 ]; then
> >>       echo "Failed to download the rootfs, aborting."
> >>       return 1
> >>      fi
> >>
> >> -    mv "$1/partial-$arch" "$1/rootfs-$arch"
> >> +    mv "$INSTALL_ROOT" "$cache/rootfs"
> >>      echo "Download complete."
> >>
> >>      return 0
> >> @@ -142,20 +132,23 @@ download_fedora()
> >>
> >>  copy_fedora()
> >>  {
> >> -    cache=$1
> >> -    arch=$2
> >> -    rootfs=$3
> >>
> >>      # make a local copy of the minifedora
> >> -    echo -n "Copying rootfs to $rootfs ..."
> >> -    cp -a $cache/rootfs-$arch $rootfs || return 1
> >> +    echo -n "Copying rootfs to $rootfs_path ..."
> >> +    #cp -a $cache/rootfs-$arch $rootfs_path || return 1
> >> +    # i prefer rsync (no reason really)
> >> +    mkdir -p $rootfs_path
> >> +    rsync -a $cache/rootfs/ $rootfs_path/
> >>      return 0
> >>  }
> >>
> >> +update_fedora()
> >> +{
> >> +    chroot $cache/rootfs yum -y update
> >> +}
> >> +
> >>  install_fedora()
> >>  {
> >> -    cache="/var/cache/lxc/fedora"
> >> -    rootfs=$1
> >>      mkdir -p /var/lock/subsys/
> >>      (
> >>       flock -n -x 200
> >> @@ -164,19 +157,25 @@ install_fedora()
> >>           return 1
> >>       fi
> >>
> >> -     arch=$(arch)
> >> -
> >> -     echo "Checking cache download in $cache/rootfs-$arch ... "
> >> -     if [ ! -e "$cache/rootfs-$arch" ]; then
> >> -         download_fedora $cache $arch
> >> +     echo "Checking cache download in $cache/rootfs ... "
> >> +     if [ ! -e "$cache/rootfs" ]; then
> >> +         download_fedora
> >>           if [ $? -ne 0 ]; then
> >>               echo "Failed to download 'fedora base'"
> >>               return 1
> >>           fi
> >> +        else
> >> +         echo "Cache found. Updating..."
> >> +            update_fedora
> >> +         if [ $? -ne 0 ]; then
> >> +             echo "Failed to update 'fedora base', continuing with last known good cache"
> >> +            else
> >> +                echo "Update finished"
> >> +         fi
> >>       fi
> >>
> >> -     echo "Copy $cache/rootfs-$arch to $rootfs ... "
> >> -     copy_fedora $cache $arch $rootfs
> >> +     echo "Copy $cache/rootfs to $rootfs_path ... "
> >> +     copy_fedora
> >>       if [ $? -ne 0 ]; then
> >>           echo "Failed to copy rootfs"
> >>           return 1
> >> @@ -191,20 +190,21 @@ install_fedora()
> >>
> >>  copy_configuration()
> >>  {
> >> -    path=$1
> >> -    rootfs=$2
> >> -    name=$3
> >>
> >> -    cat <<EOF >> $path/config
> >> +    mkdir -p $config_path
> >> +    cat <<EOF >> $config_path/config
> >>  lxc.utsname = $name
> >> -
> >>  lxc.tty = 4
> >>  lxc.pts = 1024
> >> -lxc.rootfs = $rootfs
> >> -lxc.mount  = $path/fstab
> >> -
> >> -lxc.console = /dev/console
> >> -
> >> +lxc.rootfs = $rootfs_path
> >> +lxc.mount  = $config_path/fstab
> >> +#networking
> >> +lxc.network.type = $lxc_network_type
> >> +lxc.network.flags = up
> >> +lxc.network.link = $lxc_network_link
> >> +lxc.network.name = eth0
> >> +lxc.network.mtu = 1500
> >> +#cgroups
> >>  lxc.cgroup.devices.deny = a
> >>  # /dev/null and zero
> >>  lxc.cgroup.devices.allow = c 1:3 rwm
> >> @@ -223,10 +223,10 @@ lxc.cgroup.devices.allow = c 5:2 rwm
> >>  lxc.cgroup.devices.allow = c 254:0 rwm
> >>  EOF
> >>
> >> -    cat <<EOF > $path/fstab
> >> -proc            $rootfs/proc         proc    nodev,noexec,nosuid 0 0
> >> -devpts          $rootfs/dev/pts      devpts defaults 0 0
> >> -sysfs           $rootfs/sys          sysfs defaults  0 0
> >> +    cat <<EOF > $config_path/fstab
> >> +proc            $rootfs_path/proc         proc    nodev,noexec,nosuid 0 0
> >> +devpts          $rootfs_path/dev/pts      devpts defaults 0 0
> >> +sysfs           $rootfs_path/sys          sysfs defaults  0 0
> >>  EOF
> >>
> >>      if [ $? -ne 0 ]; then
> >> @@ -239,7 +239,6 @@ EOF
> >>
> >>  clean()
> >>  {
> >> -    cache="/var/cache/lxc/fedora"
> >>
> >>      if [ ! -e $cache ]; then
> >>       exit 0
> >> @@ -253,7 +252,7 @@ clean()
> >>           exit 1
> >>       fi
> >>
> >> -     echo -n "Purging the download cache..."
> >> +     echo -n "Purging the download cache for Fedora-$release..."
> >>       rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
> >>       exit 0
> >>
> >> @@ -263,12 +262,23 @@ clean()
> >>  usage()
> >>  {
> >>      cat <<EOF
> >> -$1 -h|--help -p|--path=<path> --clean
> >> +usage:
> >> +    $1 -n|--name=<container_name>
> >> +        [-p|--path=<path>] [-c|--clean]
> >> [-R|--release=<Fedora_release>] [-A|--arch=<arch of the container>]
> >> +        [-h|--help]
> >> +Mandatory args:
> >> +  -n,--name         container name, used to as an identifier for that
> >> container from now on
> >> +Optional args:
> >> +  -p,--path         path to where the container rootfs will be
> >> created, defaults to /var/lib/lxc. The container config will go under
> >> /var/lib/lxc in and case
> >> +  -c,--clean        clean the cache
> >> +  -R,--release      Fedora release for the new container. if the host
> >> is Fedora, then it will defaultto the host's release.
> >> +  -A,--arch         NOT USED YET. Define what arch the container will
> >> be [i686,x86_64]
> >> +  -h,--help         print this help
> >>  EOF
> >>      return 0
> >>  }
> >>
> >> -options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
> >> +options=$(getopt -o hp:n:cR: -l help,path:,name:,clean,release: -- "$@")
> >>  if [ $? -ne 0 ]; then
> >>      usage $(basename $0)
> >>      exit 1
> >> @@ -282,6 +292,7 @@ do
> >>       -p|--path)      path=$2; shift 2;;
> >>       -n|--name)      name=$2; shift 2;;
> >>       -c|--clean)     clean=$2; shift 2;;
> >> +        -R|--release)   release=$2; shift 2;;
> >>       --)             shift 1; break ;;
> >>          *)              break ;;
> >>      esac
> >> @@ -292,15 +303,23 @@ if [ ! -z "$clean" -a -z "$path" ]; then
> >>      exit 0
> >>  fi
> >>
> >> -type febootstrap
> >> +type yum >/dev/null 2>&1
> >>  if [ $? -ne 0 ]; then
> >> -    echo "'febootstrap' command is missing"
> >> +    echo "'yum' command is missing"
> >>      exit 1
> >>  fi
> >>
> >>  if [ -z "$path" ]; then
> >> -    echo "'path' parameter is required"
> >> -    exit 1
> >> +    path=$default_path
> >> +fi
> >> +
> >> +if [ -z "$release" ]; then
> >> +    if [ "$is_fedora" ]; then
> >> +        release=$(cat /etc/fedora-release |awk '/^Fedora/ {print $3}')
> >> +    else
> >> +        echo "This is not a fedora host and release missing, use
> >> -R|--release to specify release"
> >> +        exit 1
> >> +    fi
> >>  fi
> >>
> >>  if [ "$(id -u)" != "0" ]; then
> >> @@ -308,21 +327,28 @@ if [ "$(id -u)" != "0" ]; then
> >>      exit 1
> >>  fi
> >>
> >> -rootfs=$path/rootfs
> >> +rootfs_path=$path/$name/rootfs
> >> +config_path=$default_path/$name
> >> +cache=$cache_base/$release
> >> +
> >> +if [ -f $config_path/config ]; then
> >> +    echo "A container with that name exists, chose a different name"
> >> +    exit 1
> >> +fi
> >>
> >> -install_fedora $rootfs
> >> +install_fedora
> >>  if [ $? -ne 0 ]; then
> >>      echo "failed to install fedora"
> >>      exit 1
> >>  fi
> >>
> >> -configure_fedora $rootfs $name
> >> +configure_fedora
> >>  if [ $? -ne 0 ]; then
> >>      echo "failed to configure fedora for a container"
> >>      exit 1
> >>  fi
> >>
> >> -copy_configuration $path $rootfs $name
> >> +copy_configuration
> >>  if [ $? -ne 0 ]; then
> >>      echo "failed write configuration file"
> >>      exit 1
> >> @@ -332,3 +358,5 @@ if [ ! -z $clean ]; then
> >>      clean || exit 1
> >>      exit 0
> >>  fi
> >> +echo "container rootfs and config created"
> >> +echo "container is configured for lxc.network.type=veth and
> >> lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
> >
> >
> >





More information about the lxc-users mailing list