[Lxc-users] [PATCH 1/2] working fedora template
Iliyan Stoyanov
ilf at ilf.me
Wed Aug 17 14:06:06 UTC 2011
On Wed, 2011-08-17 at 15:45 +0300, Ramez Hanna wrote:
> this is a bug in the fedora-release-15-1.noarch
> and was fixed in fedora-release-15-3.noarch from updates
> which basically breaks the script, i'm wporking on fixing it
> you could easily fix that in the script at line 114
> but be aware that f15 won't boot, there needs to be tweaks to the
> rootfs, which i haven't yet
hi. ok, thanks I'll modify the script to fetch -3.noarch. is the
problem with f15 still the systemd inside the container or is it
something else?
--ilf
>
> On Tue, Aug 16, 2011 at 7:20 PM, Iliyan Stoyanov <ilf at ilf.me> wrote:
> > Hi all,
> >
> >
> > I pulled the latest version of lxc from git (up to this commit:
> > e6238180c6963bcdbab42258a0f66b1d498c0e13) and it seems this patch is
> > already applied, however I seem to have a problem using the lxc-fedora
> > template to generate Fedora image. Am I completely stupid (or|and) am I
> > doing something wrong, because I can't seem to generate fedora
> > environment.
> >
> > What I always get is an error looking like this:
> >
> > warning: /var/cache/lxc/fedora/x86_64/15/partial/fedora-release-15.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 069c8460: NOKEY
> > error: Failed dependencies:
> > fedora-release-rawhide = 15-1 is needed by fedora-release-15-1.noarch
> > fedora/metalink | 20 kB
> > 00:00
> > Could not parse metalink
> > https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=x86_64 error was
> > No repomd file
> > Error: Cannot retrieve repository metadata (repomd.xml) for repository:
> > fedora. Please verify its path and try again
> > Failed to download the rootfs, aborting.
> > Failed to download 'fedora base'
> > failed to install fedora
> >
> >
> > Which seems to be a problem that the template is not fetching another
> > needed rpm. However I'm not sure I know how to fix that. Any ideas?
> >
> > --ilf
> >
> > On Mon, 2011-08-08 at 11:54 +0300, Ramez Hanna wrote:
> >> >From c117fc7051971a9166cf5ab1f85cb6331b91a78c Mon Sep 17 00:00:00 2001
> >> From: InformatiQ <rhanna at informatiq.org>
> >> Date: Wed, 20 Apr 2011 23:15:51 +0300
> >> Subject: [PATCH 1/2] working fedora template
> >>
> >> signed-off-by: Ramez Hanna <rhanna at informatiq.org>
> >> ---
> >> templates/lxc-fedora.in | 264 ++++++++++++++++++++++++++---------------------
> >> 1 files changed, 146 insertions(+), 118 deletions(-)
> >>
> >> diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
> >> index f4f19c0..e26d73a 100644
> >> --- a/templates/lxc-fedora.in
> >> +++ b/templates/lxc-fedora.in
> >> @@ -9,6 +9,7 @@
> >>
> >> # Authors:
> >> # Daniel Lezcano <daniel.lezcano at free.fr>
> >> +# Ramez Hanna <rhanna at informatiq.org>
> >>
> >> # This library is free software; you can redistribute it and/or
> >> # modify it under the terms of the GNU Lesser General Public
> >> @@ -24,117 +25,106 @@
> >> # License along with this library; if not, write to the Free Software
> >> # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> >>
> >> -DISTRO=fedora-10
> >> +#Configurations
> >> +arch=$(arch)
> >> +cache_base=/var/cache/lxc/fedora/$arch
> >> +default_path=/var/lib/lxc
> >> +root_password=rooter
> >> +lxc_network_type=veth
> >> +lxc_network_link=virbr0
> >> +
> >> +# is this fedora?
> >> +[ -f /etc/fedora-release ] && is_fedora=true
> >>
> >> configure_fedora()
> >> {
> >> - rootfs=$1
> >> - hostname=$2
> >>
> >> # disable selinux in fedora
> >> - mkdir -p $rootfs/selinux
> >> - echo 0 > $rootfs/selinux/enforce
> >> + mkdir -p $rootfs_path/selinux
> >> + echo 0 > $rootfs_path/selinux/enforce
> >>
> >> # configure the network using the dhcp
> >> - cat <<EOF > $rootfs/etc/network/interfaces
> >> -auto lo
> >> -iface lo inet loopback
> >> -
> >> -auto eth0
> >> -iface eth0 inet dhcp
> >> + cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
> >> +DEVICE=eth0
> >> +BOOTPROTO=dhcp
> >> +ONBOOT=yes
> >> +HOSTNAME=${UTSNAME}
> >> +NM_CONTROLLED=no
> >> +TYPE=Ethernet
> >> +MTU=${MTU}
> >> EOF
> >>
> >> # set the hostname
> >> - cat <<EOF > $rootfs/etc/hostname
> >> -$hostname
> >> -EOF
> >> - # set minimal hosts
> >> - cat <<EOF > $rootfs/etc/hosts
> >> -127.0.0.1 localhost $hostname
> >> -EOF
> >> -
> >> - # provide the lxc service
> >> - cat <<EOF > $rootfs/etc/init/lxc.conf
> >> -# fake some events needed for correct startup other services
> >> -
> >> -description "Container Upstart"
> >> -
> >> -start on startup
> >> -
> >> -script
> >> - rm -rf /var/run/*.pid
> >> - rm -rf /var/run/network/*
> >> - /sbin/initctl emit stopped JOB=udevtrigger --no-wait
> >> - /sbin/initctl emit started JOB=udev --no-wait
> >> -end script
> >> -EOF
> >> -
> >> - cat <<EOF > $rootfs/etc/init/console.conf
> >> -# console - getty
> >> -#
> >> -# This service maintains a console on tty1 from the point the system is
> >> -# started until it is shut down again.
> >> -
> >> -start on stopped rc RUNLEVEL=[2345]
> >> -stop on runlevel [!2345]
> >> -
> >> -respawn
> >> -exec /sbin/getty -8 38400 /dev/console
> >> + cat <<EOF > ${rootfs_path}/etc/sysconfig/network
> >> +NETWORKING=yes
> >> +HOSTNAME=${UTSNAME}
> >> EOF
> >>
> >> - cat <<EOF > $rootfs/lib/init/fstab
> >> -# /lib/init/fstab: lxc system fstab
> >> -none /spu spufs
> >> gid=spu,optional 0 0
> >> -none /tmp none defaults
> >> 0 0
> >> -none /var/lock tmpfs
> >> nodev,noexec,nosuid,showthrough 0 0
> >> -none /lib/init/rw tmpfs
> >> mode=0755,nosuid,optional 0 0
> >> + # set minimal hosts
> >> + cat <<EOF > $rootfs_path/etc/hosts
> >> +127.0.0.1 localhost $name
> >> EOF
> >>
> >> - # reconfigure some services
> >> - if [ -z "$LANG" ]; then
> >> - chroot $rootfs locale-gen en_US.UTF-8
> >> - chroot $rootfs update-locale LANG=en_US.UTF-8
> >> - else
> >> - chroot $rootfs locale-gen $LANG
> >> - chroot $rootfs update-locale LANG=$LANG
> >> - fi
> >> -
> >> - # remove pointless services in a container
> >> - chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
> >> -
> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> u*.conf); do mv $f $f.orig; done'
> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> tty[2-9].conf); do mv $f $f.orig; done'
> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> plymouth*.conf); do mv $f $f.orig; done'
> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> hwclock*.conf); do mv $f $f.orig; done'
> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
> >> module*.conf); do mv $f $f.orig; done'
> >> -
> >> - echo "Please change root-password !"
> >> - echo "root:root" | chroot $rootfs chpasswd
> >> + sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.sysinit
> >> + sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.d/rc.sysinit
> >> + chroot ${rootfs_path} chkconfig udev-post off
> >> + chroot ${rootfs_path} chkconfig network on
> >> +
> >> + dev_path="${rootfs_path}/dev"
> >> + rm -rf $dev_path
> >> + mkdir -p $dev_path
> >> + mknod -m 666 ${dev_path}/null c 1 3
> >> + mknod -m 666 ${dev_path}/zero c 1 5
> >> + mknod -m 666 ${dev_path}/random c 1 8
> >> + mknod -m 666 ${dev_path}/urandom c 1 9
> >> + mkdir -m 755 ${dev_path}/pts
> >> + mkdir -m 1777 ${dev_path}/shm
> >> + mknod -m 666 ${dev_path}/tty c 5 0
> >> + mknod -m 666 ${dev_path}/tty0 c 4 0
> >> + mknod -m 666 ${dev_path}/tty1 c 4 1
> >> + mknod -m 666 ${dev_path}/tty2 c 4 2
> >> + mknod -m 666 ${dev_path}/tty3 c 4 3
> >> + mknod -m 666 ${dev_path}/tty4 c 4 4
> >> + mknod -m 600 ${dev_path}/console c 5 1
> >> + mknod -m 666 ${dev_path}/full c 1 7
> >> + mknod -m 600 ${dev_path}/initctl p
> >> + mknod -m 666 ${dev_path}/ptmx c 5 2
> >> +
> >> + echo "setting root passwd to $root_password"
> >> + echo "root:$root_password" | chroot $rootfs_path chpasswd
> >>
> >> return 0
> >> }
> >>
> >> download_fedora()
> >> {
> >> - cache=$1
> >> - arch=$2
> >>
> >> # check the mini fedora was not already downloaded
> >> - mkdir -p "$cache/partial-$arch"
> >> + INSTALL_ROOT=$cache/partial
> >> + mkdir -p $INSTALL_ROOT
> >> if [ $? -ne 0 ]; then
> >> - echo "Failed to create '$cache/partial-$arch' directory"
> >> + echo "Failed to create '$INSTALL_ROOT' directory"
> >> return 1
> >> fi
> >>
> >> # download a mini fedora into a cache
> >> echo "Downloading fedora minimal ..."
> >> - febootstrap $DISTRO $cache/partial-$arch
> >> + YUM="yum --installroot $INSTALL_ROOT -y --nogpgcheck"
> >> + PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient
> >> chkconfig rootfiles policycoreutils"
> >> + RELEASE_URL="http://ftp.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/releases/$release/Everything/x86_64/os/Packages/fedora-release-$release-1.noarch.rpm"
> >> + curl $RELEASE_URL > $INSTALL_ROOT/fedora-release-$release.noarch.rpm
> >> +
> >> + mkdir -p $INSTALL_ROOT/var/lib/rpm
> >> + rpm --root $INSTALL_ROOT --initdb
> >> + rpm --root $INSTALL_ROOT -ivh
> >> $INSTALL_ROOT/fedora-release-$release.noarch.rpm
> >> + $YUM install $PKG_LIST
> >> +
> >> if [ $? -ne 0 ]; then
> >> echo "Failed to download the rootfs, aborting."
> >> return 1
> >> fi
> >>
> >> - mv "$1/partial-$arch" "$1/rootfs-$arch"
> >> + mv "$INSTALL_ROOT" "$cache/rootfs"
> >> echo "Download complete."
> >>
> >> return 0
> >> @@ -142,20 +132,23 @@ download_fedora()
> >>
> >> copy_fedora()
> >> {
> >> - cache=$1
> >> - arch=$2
> >> - rootfs=$3
> >>
> >> # make a local copy of the minifedora
> >> - echo -n "Copying rootfs to $rootfs ..."
> >> - cp -a $cache/rootfs-$arch $rootfs || return 1
> >> + echo -n "Copying rootfs to $rootfs_path ..."
> >> + #cp -a $cache/rootfs-$arch $rootfs_path || return 1
> >> + # i prefer rsync (no reason really)
> >> + mkdir -p $rootfs_path
> >> + rsync -a $cache/rootfs/ $rootfs_path/
> >> return 0
> >> }
> >>
> >> +update_fedora()
> >> +{
> >> + chroot $cache/rootfs yum -y update
> >> +}
> >> +
> >> install_fedora()
> >> {
> >> - cache="/var/cache/lxc/fedora"
> >> - rootfs=$1
> >> mkdir -p /var/lock/subsys/
> >> (
> >> flock -n -x 200
> >> @@ -164,19 +157,25 @@ install_fedora()
> >> return 1
> >> fi
> >>
> >> - arch=$(arch)
> >> -
> >> - echo "Checking cache download in $cache/rootfs-$arch ... "
> >> - if [ ! -e "$cache/rootfs-$arch" ]; then
> >> - download_fedora $cache $arch
> >> + echo "Checking cache download in $cache/rootfs ... "
> >> + if [ ! -e "$cache/rootfs" ]; then
> >> + download_fedora
> >> if [ $? -ne 0 ]; then
> >> echo "Failed to download 'fedora base'"
> >> return 1
> >> fi
> >> + else
> >> + echo "Cache found. Updating..."
> >> + update_fedora
> >> + if [ $? -ne 0 ]; then
> >> + echo "Failed to update 'fedora base', continuing with last known good cache"
> >> + else
> >> + echo "Update finished"
> >> + fi
> >> fi
> >>
> >> - echo "Copy $cache/rootfs-$arch to $rootfs ... "
> >> - copy_fedora $cache $arch $rootfs
> >> + echo "Copy $cache/rootfs to $rootfs_path ... "
> >> + copy_fedora
> >> if [ $? -ne 0 ]; then
> >> echo "Failed to copy rootfs"
> >> return 1
> >> @@ -191,20 +190,21 @@ install_fedora()
> >>
> >> copy_configuration()
> >> {
> >> - path=$1
> >> - rootfs=$2
> >> - name=$3
> >>
> >> - cat <<EOF >> $path/config
> >> + mkdir -p $config_path
> >> + cat <<EOF >> $config_path/config
> >> lxc.utsname = $name
> >> -
> >> lxc.tty = 4
> >> lxc.pts = 1024
> >> -lxc.rootfs = $rootfs
> >> -lxc.mount = $path/fstab
> >> -
> >> -lxc.console = /dev/console
> >> -
> >> +lxc.rootfs = $rootfs_path
> >> +lxc.mount = $config_path/fstab
> >> +#networking
> >> +lxc.network.type = $lxc_network_type
> >> +lxc.network.flags = up
> >> +lxc.network.link = $lxc_network_link
> >> +lxc.network.name = eth0
> >> +lxc.network.mtu = 1500
> >> +#cgroups
> >> lxc.cgroup.devices.deny = a
> >> # /dev/null and zero
> >> lxc.cgroup.devices.allow = c 1:3 rwm
> >> @@ -223,10 +223,10 @@ lxc.cgroup.devices.allow = c 5:2 rwm
> >> lxc.cgroup.devices.allow = c 254:0 rwm
> >> EOF
> >>
> >> - cat <<EOF > $path/fstab
> >> -proc $rootfs/proc proc nodev,noexec,nosuid 0 0
> >> -devpts $rootfs/dev/pts devpts defaults 0 0
> >> -sysfs $rootfs/sys sysfs defaults 0 0
> >> + cat <<EOF > $config_path/fstab
> >> +proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0
> >> +devpts $rootfs_path/dev/pts devpts defaults 0 0
> >> +sysfs $rootfs_path/sys sysfs defaults 0 0
> >> EOF
> >>
> >> if [ $? -ne 0 ]; then
> >> @@ -239,7 +239,6 @@ EOF
> >>
> >> clean()
> >> {
> >> - cache="/var/cache/lxc/fedora"
> >>
> >> if [ ! -e $cache ]; then
> >> exit 0
> >> @@ -253,7 +252,7 @@ clean()
> >> exit 1
> >> fi
> >>
> >> - echo -n "Purging the download cache..."
> >> + echo -n "Purging the download cache for Fedora-$release..."
> >> rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
> >> exit 0
> >>
> >> @@ -263,12 +262,23 @@ clean()
> >> usage()
> >> {
> >> cat <<EOF
> >> -$1 -h|--help -p|--path=<path> --clean
> >> +usage:
> >> + $1 -n|--name=<container_name>
> >> + [-p|--path=<path>] [-c|--clean]
> >> [-R|--release=<Fedora_release>] [-A|--arch=<arch of the container>]
> >> + [-h|--help]
> >> +Mandatory args:
> >> + -n,--name container name, used to as an identifier for that
> >> container from now on
> >> +Optional args:
> >> + -p,--path path to where the container rootfs will be
> >> created, defaults to /var/lib/lxc. The container config will go under
> >> /var/lib/lxc in and case
> >> + -c,--clean clean the cache
> >> + -R,--release Fedora release for the new container. if the host
> >> is Fedora, then it will defaultto the host's release.
> >> + -A,--arch NOT USED YET. Define what arch the container will
> >> be [i686,x86_64]
> >> + -h,--help print this help
> >> EOF
> >> return 0
> >> }
> >>
> >> -options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
> >> +options=$(getopt -o hp:n:cR: -l help,path:,name:,clean,release: -- "$@")
> >> if [ $? -ne 0 ]; then
> >> usage $(basename $0)
> >> exit 1
> >> @@ -282,6 +292,7 @@ do
> >> -p|--path) path=$2; shift 2;;
> >> -n|--name) name=$2; shift 2;;
> >> -c|--clean) clean=$2; shift 2;;
> >> + -R|--release) release=$2; shift 2;;
> >> --) shift 1; break ;;
> >> *) break ;;
> >> esac
> >> @@ -292,15 +303,23 @@ if [ ! -z "$clean" -a -z "$path" ]; then
> >> exit 0
> >> fi
> >>
> >> -type febootstrap
> >> +type yum >/dev/null 2>&1
> >> if [ $? -ne 0 ]; then
> >> - echo "'febootstrap' command is missing"
> >> + echo "'yum' command is missing"
> >> exit 1
> >> fi
> >>
> >> if [ -z "$path" ]; then
> >> - echo "'path' parameter is required"
> >> - exit 1
> >> + path=$default_path
> >> +fi
> >> +
> >> +if [ -z "$release" ]; then
> >> + if [ "$is_fedora" ]; then
> >> + release=$(cat /etc/fedora-release |awk '/^Fedora/ {print $3}')
> >> + else
> >> + echo "This is not a fedora host and release missing, use
> >> -R|--release to specify release"
> >> + exit 1
> >> + fi
> >> fi
> >>
> >> if [ "$(id -u)" != "0" ]; then
> >> @@ -308,21 +327,28 @@ if [ "$(id -u)" != "0" ]; then
> >> exit 1
> >> fi
> >>
> >> -rootfs=$path/rootfs
> >> +rootfs_path=$path/$name/rootfs
> >> +config_path=$default_path/$name
> >> +cache=$cache_base/$release
> >> +
> >> +if [ -f $config_path/config ]; then
> >> + echo "A container with that name exists, chose a different name"
> >> + exit 1
> >> +fi
> >>
> >> -install_fedora $rootfs
> >> +install_fedora
> >> if [ $? -ne 0 ]; then
> >> echo "failed to install fedora"
> >> exit 1
> >> fi
> >>
> >> -configure_fedora $rootfs $name
> >> +configure_fedora
> >> if [ $? -ne 0 ]; then
> >> echo "failed to configure fedora for a container"
> >> exit 1
> >> fi
> >>
> >> -copy_configuration $path $rootfs $name
> >> +copy_configuration
> >> if [ $? -ne 0 ]; then
> >> echo "failed write configuration file"
> >> exit 1
> >> @@ -332,3 +358,5 @@ if [ ! -z $clean ]; then
> >> clean || exit 1
> >> exit 0
> >> fi
> >> +echo "container rootfs and config created"
> >> +echo "container is configured for lxc.network.type=veth and
> >> lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
> >
> >
> >
More information about the lxc-users
mailing list