[Lxc-users] [PATCH 1/2] working fedora template
Ramez Hanna
rhanna at informatiq.org
Thu Aug 18 07:50:11 UTC 2011
i have tried with latest lxc from master
it doesn't break the host, but still doesn't boot
whatever changes were done in the init of previous versions need to be
done now for systemd
On Wed, Aug 17, 2011 at 5:06 PM, Iliyan Stoyanov <ilf at ilf.me> wrote:
>
>
> On Wed, 2011-08-17 at 15:45 +0300, Ramez Hanna wrote:
>> this is a bug in the fedora-release-15-1.noarch
>> and was fixed in fedora-release-15-3.noarch from updates
>> which basically breaks the script, i'm wporking on fixing it
>> you could easily fix that in the script at line 114
>> but be aware that f15 won't boot, there needs to be tweaks to the
>> rootfs, which i haven't yet
> hi. ok, thanks I'll modify the script to fetch -3.noarch. is the
> problem with f15 still the systemd inside the container or is it
> something else?
>
> --ilf
>>
>> On Tue, Aug 16, 2011 at 7:20 PM, Iliyan Stoyanov <ilf at ilf.me> wrote:
>> > Hi all,
>> >
>> >
>> > I pulled the latest version of lxc from git (up to this commit:
>> > e6238180c6963bcdbab42258a0f66b1d498c0e13) and it seems this patch is
>> > already applied, however I seem to have a problem using the lxc-fedora
>> > template to generate Fedora image. Am I completely stupid (or|and) am I
>> > doing something wrong, because I can't seem to generate fedora
>> > environment.
>> >
>> > What I always get is an error looking like this:
>> >
>> > warning: /var/cache/lxc/fedora/x86_64/15/partial/fedora-release-15.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 069c8460: NOKEY
>> > error: Failed dependencies:
>> > fedora-release-rawhide = 15-1 is needed by fedora-release-15-1.noarch
>> > fedora/metalink | 20 kB
>> > 00:00
>> > Could not parse metalink
>> > https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=x86_64 error was
>> > No repomd file
>> > Error: Cannot retrieve repository metadata (repomd.xml) for repository:
>> > fedora. Please verify its path and try again
>> > Failed to download the rootfs, aborting.
>> > Failed to download 'fedora base'
>> > failed to install fedora
>> >
>> >
>> > Which seems to be a problem that the template is not fetching another
>> > needed rpm. However I'm not sure I know how to fix that. Any ideas?
>> >
>> > --ilf
>> >
>> > On Mon, 2011-08-08 at 11:54 +0300, Ramez Hanna wrote:
>> >> >From c117fc7051971a9166cf5ab1f85cb6331b91a78c Mon Sep 17 00:00:00 2001
>> >> From: InformatiQ <rhanna at informatiq.org>
>> >> Date: Wed, 20 Apr 2011 23:15:51 +0300
>> >> Subject: [PATCH 1/2] working fedora template
>> >>
>> >> signed-off-by: Ramez Hanna <rhanna at informatiq.org>
>> >> ---
>> >> templates/lxc-fedora.in | 264 ++++++++++++++++++++++++++---------------------
>> >> 1 files changed, 146 insertions(+), 118 deletions(-)
>> >>
>> >> diff --git a/templates/lxc-fedora.in b/templates/lxc-fedora.in
>> >> index f4f19c0..e26d73a 100644
>> >> --- a/templates/lxc-fedora.in
>> >> +++ b/templates/lxc-fedora.in
>> >> @@ -9,6 +9,7 @@
>> >>
>> >> # Authors:
>> >> # Daniel Lezcano <daniel.lezcano at free.fr>
>> >> +# Ramez Hanna <rhanna at informatiq.org>
>> >>
>> >> # This library is free software; you can redistribute it and/or
>> >> # modify it under the terms of the GNU Lesser General Public
>> >> @@ -24,117 +25,106 @@
>> >> # License along with this library; if not, write to the Free Software
>> >> # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
>> >>
>> >> -DISTRO=fedora-10
>> >> +#Configurations
>> >> +arch=$(arch)
>> >> +cache_base=/var/cache/lxc/fedora/$arch
>> >> +default_path=/var/lib/lxc
>> >> +root_password=rooter
>> >> +lxc_network_type=veth
>> >> +lxc_network_link=virbr0
>> >> +
>> >> +# is this fedora?
>> >> +[ -f /etc/fedora-release ] && is_fedora=true
>> >>
>> >> configure_fedora()
>> >> {
>> >> - rootfs=$1
>> >> - hostname=$2
>> >>
>> >> # disable selinux in fedora
>> >> - mkdir -p $rootfs/selinux
>> >> - echo 0 > $rootfs/selinux/enforce
>> >> + mkdir -p $rootfs_path/selinux
>> >> + echo 0 > $rootfs_path/selinux/enforce
>> >>
>> >> # configure the network using the dhcp
>> >> - cat <<EOF > $rootfs/etc/network/interfaces
>> >> -auto lo
>> >> -iface lo inet loopback
>> >> -
>> >> -auto eth0
>> >> -iface eth0 inet dhcp
>> >> + cat <<EOF > ${rootfs_path}/etc/sysconfig/network-scripts/ifcfg-eth0
>> >> +DEVICE=eth0
>> >> +BOOTPROTO=dhcp
>> >> +ONBOOT=yes
>> >> +HOSTNAME=${UTSNAME}
>> >> +NM_CONTROLLED=no
>> >> +TYPE=Ethernet
>> >> +MTU=${MTU}
>> >> EOF
>> >>
>> >> # set the hostname
>> >> - cat <<EOF > $rootfs/etc/hostname
>> >> -$hostname
>> >> -EOF
>> >> - # set minimal hosts
>> >> - cat <<EOF > $rootfs/etc/hosts
>> >> -127.0.0.1 localhost $hostname
>> >> -EOF
>> >> -
>> >> - # provide the lxc service
>> >> - cat <<EOF > $rootfs/etc/init/lxc.conf
>> >> -# fake some events needed for correct startup other services
>> >> -
>> >> -description "Container Upstart"
>> >> -
>> >> -start on startup
>> >> -
>> >> -script
>> >> - rm -rf /var/run/*.pid
>> >> - rm -rf /var/run/network/*
>> >> - /sbin/initctl emit stopped JOB=udevtrigger --no-wait
>> >> - /sbin/initctl emit started JOB=udev --no-wait
>> >> -end script
>> >> -EOF
>> >> -
>> >> - cat <<EOF > $rootfs/etc/init/console.conf
>> >> -# console - getty
>> >> -#
>> >> -# This service maintains a console on tty1 from the point the system is
>> >> -# started until it is shut down again.
>> >> -
>> >> -start on stopped rc RUNLEVEL=[2345]
>> >> -stop on runlevel [!2345]
>> >> -
>> >> -respawn
>> >> -exec /sbin/getty -8 38400 /dev/console
>> >> + cat <<EOF > ${rootfs_path}/etc/sysconfig/network
>> >> +NETWORKING=yes
>> >> +HOSTNAME=${UTSNAME}
>> >> EOF
>> >>
>> >> - cat <<EOF > $rootfs/lib/init/fstab
>> >> -# /lib/init/fstab: lxc system fstab
>> >> -none /spu spufs
>> >> gid=spu,optional 0 0
>> >> -none /tmp none defaults
>> >> 0 0
>> >> -none /var/lock tmpfs
>> >> nodev,noexec,nosuid,showthrough 0 0
>> >> -none /lib/init/rw tmpfs
>> >> mode=0755,nosuid,optional 0 0
>> >> + # set minimal hosts
>> >> + cat <<EOF > $rootfs_path/etc/hosts
>> >> +127.0.0.1 localhost $name
>> >> EOF
>> >>
>> >> - # reconfigure some services
>> >> - if [ -z "$LANG" ]; then
>> >> - chroot $rootfs locale-gen en_US.UTF-8
>> >> - chroot $rootfs update-locale LANG=en_US.UTF-8
>> >> - else
>> >> - chroot $rootfs locale-gen $LANG
>> >> - chroot $rootfs update-locale LANG=$LANG
>> >> - fi
>> >> -
>> >> - # remove pointless services in a container
>> >> - chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
>> >> -
>> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> >> u*.conf); do mv $f $f.orig; done'
>> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> >> tty[2-9].conf); do mv $f $f.orig; done'
>> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> >> plymouth*.conf); do mv $f $f.orig; done'
>> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> >> hwclock*.conf); do mv $f $f.orig; done'
>> >> - chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls
>> >> module*.conf); do mv $f $f.orig; done'
>> >> -
>> >> - echo "Please change root-password !"
>> >> - echo "root:root" | chroot $rootfs chpasswd
>> >> + sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.sysinit
>> >> + sed -i 's|.sbin.start_udev||' ${rootfs_path}/etc/rc.d/rc.sysinit
>> >> + chroot ${rootfs_path} chkconfig udev-post off
>> >> + chroot ${rootfs_path} chkconfig network on
>> >> +
>> >> + dev_path="${rootfs_path}/dev"
>> >> + rm -rf $dev_path
>> >> + mkdir -p $dev_path
>> >> + mknod -m 666 ${dev_path}/null c 1 3
>> >> + mknod -m 666 ${dev_path}/zero c 1 5
>> >> + mknod -m 666 ${dev_path}/random c 1 8
>> >> + mknod -m 666 ${dev_path}/urandom c 1 9
>> >> + mkdir -m 755 ${dev_path}/pts
>> >> + mkdir -m 1777 ${dev_path}/shm
>> >> + mknod -m 666 ${dev_path}/tty c 5 0
>> >> + mknod -m 666 ${dev_path}/tty0 c 4 0
>> >> + mknod -m 666 ${dev_path}/tty1 c 4 1
>> >> + mknod -m 666 ${dev_path}/tty2 c 4 2
>> >> + mknod -m 666 ${dev_path}/tty3 c 4 3
>> >> + mknod -m 666 ${dev_path}/tty4 c 4 4
>> >> + mknod -m 600 ${dev_path}/console c 5 1
>> >> + mknod -m 666 ${dev_path}/full c 1 7
>> >> + mknod -m 600 ${dev_path}/initctl p
>> >> + mknod -m 666 ${dev_path}/ptmx c 5 2
>> >> +
>> >> + echo "setting root passwd to $root_password"
>> >> + echo "root:$root_password" | chroot $rootfs_path chpasswd
>> >>
>> >> return 0
>> >> }
>> >>
>> >> download_fedora()
>> >> {
>> >> - cache=$1
>> >> - arch=$2
>> >>
>> >> # check the mini fedora was not already downloaded
>> >> - mkdir -p "$cache/partial-$arch"
>> >> + INSTALL_ROOT=$cache/partial
>> >> + mkdir -p $INSTALL_ROOT
>> >> if [ $? -ne 0 ]; then
>> >> - echo "Failed to create '$cache/partial-$arch' directory"
>> >> + echo "Failed to create '$INSTALL_ROOT' directory"
>> >> return 1
>> >> fi
>> >>
>> >> # download a mini fedora into a cache
>> >> echo "Downloading fedora minimal ..."
>> >> - febootstrap $DISTRO $cache/partial-$arch
>> >> + YUM="yum --installroot $INSTALL_ROOT -y --nogpgcheck"
>> >> + PKG_LIST="yum initscripts passwd rsyslog vim-minimal dhclient
>> >> chkconfig rootfiles policycoreutils"
>> >> + RELEASE_URL="http://ftp.funet.fi/pub/mirrors/fedora.redhat.com/pub/fedora/linux/releases/$release/Everything/x86_64/os/Packages/fedora-release-$release-1.noarch.rpm"
>> >> + curl $RELEASE_URL > $INSTALL_ROOT/fedora-release-$release.noarch.rpm
>> >> +
>> >> + mkdir -p $INSTALL_ROOT/var/lib/rpm
>> >> + rpm --root $INSTALL_ROOT --initdb
>> >> + rpm --root $INSTALL_ROOT -ivh
>> >> $INSTALL_ROOT/fedora-release-$release.noarch.rpm
>> >> + $YUM install $PKG_LIST
>> >> +
>> >> if [ $? -ne 0 ]; then
>> >> echo "Failed to download the rootfs, aborting."
>> >> return 1
>> >> fi
>> >>
>> >> - mv "$1/partial-$arch" "$1/rootfs-$arch"
>> >> + mv "$INSTALL_ROOT" "$cache/rootfs"
>> >> echo "Download complete."
>> >>
>> >> return 0
>> >> @@ -142,20 +132,23 @@ download_fedora()
>> >>
>> >> copy_fedora()
>> >> {
>> >> - cache=$1
>> >> - arch=$2
>> >> - rootfs=$3
>> >>
>> >> # make a local copy of the minifedora
>> >> - echo -n "Copying rootfs to $rootfs ..."
>> >> - cp -a $cache/rootfs-$arch $rootfs || return 1
>> >> + echo -n "Copying rootfs to $rootfs_path ..."
>> >> + #cp -a $cache/rootfs-$arch $rootfs_path || return 1
>> >> + # i prefer rsync (no reason really)
>> >> + mkdir -p $rootfs_path
>> >> + rsync -a $cache/rootfs/ $rootfs_path/
>> >> return 0
>> >> }
>> >>
>> >> +update_fedora()
>> >> +{
>> >> + chroot $cache/rootfs yum -y update
>> >> +}
>> >> +
>> >> install_fedora()
>> >> {
>> >> - cache="/var/cache/lxc/fedora"
>> >> - rootfs=$1
>> >> mkdir -p /var/lock/subsys/
>> >> (
>> >> flock -n -x 200
>> >> @@ -164,19 +157,25 @@ install_fedora()
>> >> return 1
>> >> fi
>> >>
>> >> - arch=$(arch)
>> >> -
>> >> - echo "Checking cache download in $cache/rootfs-$arch ... "
>> >> - if [ ! -e "$cache/rootfs-$arch" ]; then
>> >> - download_fedora $cache $arch
>> >> + echo "Checking cache download in $cache/rootfs ... "
>> >> + if [ ! -e "$cache/rootfs" ]; then
>> >> + download_fedora
>> >> if [ $? -ne 0 ]; then
>> >> echo "Failed to download 'fedora base'"
>> >> return 1
>> >> fi
>> >> + else
>> >> + echo "Cache found. Updating..."
>> >> + update_fedora
>> >> + if [ $? -ne 0 ]; then
>> >> + echo "Failed to update 'fedora base', continuing with last known good cache"
>> >> + else
>> >> + echo "Update finished"
>> >> + fi
>> >> fi
>> >>
>> >> - echo "Copy $cache/rootfs-$arch to $rootfs ... "
>> >> - copy_fedora $cache $arch $rootfs
>> >> + echo "Copy $cache/rootfs to $rootfs_path ... "
>> >> + copy_fedora
>> >> if [ $? -ne 0 ]; then
>> >> echo "Failed to copy rootfs"
>> >> return 1
>> >> @@ -191,20 +190,21 @@ install_fedora()
>> >>
>> >> copy_configuration()
>> >> {
>> >> - path=$1
>> >> - rootfs=$2
>> >> - name=$3
>> >>
>> >> - cat <<EOF >> $path/config
>> >> + mkdir -p $config_path
>> >> + cat <<EOF >> $config_path/config
>> >> lxc.utsname = $name
>> >> -
>> >> lxc.tty = 4
>> >> lxc.pts = 1024
>> >> -lxc.rootfs = $rootfs
>> >> -lxc.mount = $path/fstab
>> >> -
>> >> -lxc.console = /dev/console
>> >> -
>> >> +lxc.rootfs = $rootfs_path
>> >> +lxc.mount = $config_path/fstab
>> >> +#networking
>> >> +lxc.network.type = $lxc_network_type
>> >> +lxc.network.flags = up
>> >> +lxc.network.link = $lxc_network_link
>> >> +lxc.network.name = eth0
>> >> +lxc.network.mtu = 1500
>> >> +#cgroups
>> >> lxc.cgroup.devices.deny = a
>> >> # /dev/null and zero
>> >> lxc.cgroup.devices.allow = c 1:3 rwm
>> >> @@ -223,10 +223,10 @@ lxc.cgroup.devices.allow = c 5:2 rwm
>> >> lxc.cgroup.devices.allow = c 254:0 rwm
>> >> EOF
>> >>
>> >> - cat <<EOF > $path/fstab
>> >> -proc $rootfs/proc proc nodev,noexec,nosuid 0 0
>> >> -devpts $rootfs/dev/pts devpts defaults 0 0
>> >> -sysfs $rootfs/sys sysfs defaults 0 0
>> >> + cat <<EOF > $config_path/fstab
>> >> +proc $rootfs_path/proc proc nodev,noexec,nosuid 0 0
>> >> +devpts $rootfs_path/dev/pts devpts defaults 0 0
>> >> +sysfs $rootfs_path/sys sysfs defaults 0 0
>> >> EOF
>> >>
>> >> if [ $? -ne 0 ]; then
>> >> @@ -239,7 +239,6 @@ EOF
>> >>
>> >> clean()
>> >> {
>> >> - cache="/var/cache/lxc/fedora"
>> >>
>> >> if [ ! -e $cache ]; then
>> >> exit 0
>> >> @@ -253,7 +252,7 @@ clean()
>> >> exit 1
>> >> fi
>> >>
>> >> - echo -n "Purging the download cache..."
>> >> + echo -n "Purging the download cache for Fedora-$release..."
>> >> rm --preserve-root --one-file-system -rf $cache && echo "Done." || exit 1
>> >> exit 0
>> >>
>> >> @@ -263,12 +262,23 @@ clean()
>> >> usage()
>> >> {
>> >> cat <<EOF
>> >> -$1 -h|--help -p|--path=<path> --clean
>> >> +usage:
>> >> + $1 -n|--name=<container_name>
>> >> + [-p|--path=<path>] [-c|--clean]
>> >> [-R|--release=<Fedora_release>] [-A|--arch=<arch of the container>]
>> >> + [-h|--help]
>> >> +Mandatory args:
>> >> + -n,--name container name, used to as an identifier for that
>> >> container from now on
>> >> +Optional args:
>> >> + -p,--path path to where the container rootfs will be
>> >> created, defaults to /var/lib/lxc. The container config will go under
>> >> /var/lib/lxc in and case
>> >> + -c,--clean clean the cache
>> >> + -R,--release Fedora release for the new container. if the host
>> >> is Fedora, then it will defaultto the host's release.
>> >> + -A,--arch NOT USED YET. Define what arch the container will
>> >> be [i686,x86_64]
>> >> + -h,--help print this help
>> >> EOF
>> >> return 0
>> >> }
>> >>
>> >> -options=$(getopt -o hp:n:c -l help,path:,name:,clean -- "$@")
>> >> +options=$(getopt -o hp:n:cR: -l help,path:,name:,clean,release: -- "$@")
>> >> if [ $? -ne 0 ]; then
>> >> usage $(basename $0)
>> >> exit 1
>> >> @@ -282,6 +292,7 @@ do
>> >> -p|--path) path=$2; shift 2;;
>> >> -n|--name) name=$2; shift 2;;
>> >> -c|--clean) clean=$2; shift 2;;
>> >> + -R|--release) release=$2; shift 2;;
>> >> --) shift 1; break ;;
>> >> *) break ;;
>> >> esac
>> >> @@ -292,15 +303,23 @@ if [ ! -z "$clean" -a -z "$path" ]; then
>> >> exit 0
>> >> fi
>> >>
>> >> -type febootstrap
>> >> +type yum >/dev/null 2>&1
>> >> if [ $? -ne 0 ]; then
>> >> - echo "'febootstrap' command is missing"
>> >> + echo "'yum' command is missing"
>> >> exit 1
>> >> fi
>> >>
>> >> if [ -z "$path" ]; then
>> >> - echo "'path' parameter is required"
>> >> - exit 1
>> >> + path=$default_path
>> >> +fi
>> >> +
>> >> +if [ -z "$release" ]; then
>> >> + if [ "$is_fedora" ]; then
>> >> + release=$(cat /etc/fedora-release |awk '/^Fedora/ {print $3}')
>> >> + else
>> >> + echo "This is not a fedora host and release missing, use
>> >> -R|--release to specify release"
>> >> + exit 1
>> >> + fi
>> >> fi
>> >>
>> >> if [ "$(id -u)" != "0" ]; then
>> >> @@ -308,21 +327,28 @@ if [ "$(id -u)" != "0" ]; then
>> >> exit 1
>> >> fi
>> >>
>> >> -rootfs=$path/rootfs
>> >> +rootfs_path=$path/$name/rootfs
>> >> +config_path=$default_path/$name
>> >> +cache=$cache_base/$release
>> >> +
>> >> +if [ -f $config_path/config ]; then
>> >> + echo "A container with that name exists, chose a different name"
>> >> + exit 1
>> >> +fi
>> >>
>> >> -install_fedora $rootfs
>> >> +install_fedora
>> >> if [ $? -ne 0 ]; then
>> >> echo "failed to install fedora"
>> >> exit 1
>> >> fi
>> >>
>> >> -configure_fedora $rootfs $name
>> >> +configure_fedora
>> >> if [ $? -ne 0 ]; then
>> >> echo "failed to configure fedora for a container"
>> >> exit 1
>> >> fi
>> >>
>> >> -copy_configuration $path $rootfs $name
>> >> +copy_configuration
>> >> if [ $? -ne 0 ]; then
>> >> echo "failed write configuration file"
>> >> exit 1
>> >> @@ -332,3 +358,5 @@ if [ ! -z $clean ]; then
>> >> clean || exit 1
>> >> exit 0
>> >> fi
>> >> +echo "container rootfs and config created"
>> >> +echo "container is configured for lxc.network.type=veth and
>> >> lxc.network.link=virbr0 (which is default if you have libvirt runnig)"
>> >
>> >
>> >
>
>
More information about the lxc-users
mailing list