Commit 134e809f authored by Elijah Grubb's avatar Elijah Grubb

Built out emulabizatization of docker alpine

The organization of the code follows the guidelines set by the
ubuntu version extremely closely. Big differences to notice are
some of the package name changes switching from apt-get to apk,
the requirement of the --disable-ssl flag when running the configure
command for pubsub and the methodology required to build a custom
apk package to use our custom runit. Apk has lots of issues and
argues against building a new .apk package as root, so
runit-artifacts.sh creates a new user, gives them super user permissions,
adds them to the abuild group and runs the runit-packager.sh script
as this new user. Design of this solution was focused on doing as
much as possible while remaining in root. Enjoy!
parent 4217aaa0
......@@ -42,8 +42,8 @@ fi
if [ -z "$dist" -a -r /etc/os-release ]; then
dist=`(. /etc/os-release ; echo $ID | tr '[A-Z]' '[a-z]')`
rel=`(. /etc/os-release ; echo $VERSION_ID)`
major=$rel
minor=''
major=`echo $rel | cut -d. -f1`
minor=`echo $rel | cut -d. -f2`
fi
if [ -z "$dist" -a -r /etc/redhat-release ]; then
trel=`grep 'Red Hat' /etc/redhat-release | sed -e 's/Red Hat Linux release \([0-9]\(\.[0-9]\)\?\).*/\1/'`
......@@ -127,6 +127,18 @@ if [ -n "$dist" ]; then
basepkgtype='deb'
fi
;;
alpine)
if [ -z "$pkgtool" -a -f /sbin/apk ]; then
pkgtool=/sbin/apk
pkgtool=/sbin/apk
else
pkgtool=`which apk`
basepkgtool=`which apk`
fi
if [ -n "$pkgtool" ]; then
basepkgtype='apk'
fi
;;
*)
if [ -z "$pkgtool" ]; then
if [ -f /usr/bin/apt-get ]; then
......@@ -212,6 +224,14 @@ elif [ -n "$basepkgtype" -a "$basepkgtype" = "rpm" ]; then
# SSHD_ENABLED=1
#fi
fi
elif [ -n "$basepkgtype" -a "$basepkgtype" = "apk" ]; then
SSHD_PACKAGE=openssh
apk update
apk add openssh-server | grep -iq OK >/dev/null 2>&1
if [ $? -eq 0 ]; then
HAS_SSHD=1
SSHD_PACKAGE=openssh-server
fi
fi
#
......@@ -245,6 +265,20 @@ elif [ -n "$basepkgtype" -a "$basepkgtype" = "rpm" ]; then
HAS_SYSLOG=1
fi
fi
elif [ -n "$basepkgtype" -a "$basepkgtype" = "apk" ]; then
apk update
apk add rsyslog | grep -iq OK >/dev/null 2>&1
if [ $? -eq 0 ]; then
SYSLOG_PACKAGE=rsyslog
HAS_SYSLOG=1
fi
if [ $HAS_SYSLOG -eq 0 ]; then
apk add syslog=ng | grep -iq OK >/dev/null 2>&1
if [ $? -eq 0 ]; then
SYSLOG_PACKAGE=syslog-ng
HAS_SYSLOG=1
fi
fi
fi
#
......
#!/bin/sh
set -x
rm -rf /tmp/* /var/tmp*
exit 0
#!/bin/sh
# system one time tasks
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
/etc/init.d/rcS
/etc/init.d/rmnologin
touch /etc/runit/stopit
chmod 0 /etc/runit/stopit
#!/bin/sh
#
# Run our service dir. We don't mess with runlevels; just run all the
# things.
#
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
if [ -f /etc/envvars ]; then
. /etc/envvars
fi
exec env - PATH=$PATH \
runsvdir -P /etc/service 'log: ...........................................................................................................................................................................................................................................................................................................................................................................................................'
#!/bin/sh
exec 2>&1
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
LAST=0
test -x /etc/runit/reboot && LAST=6
echo 'Waiting for services to stop...'
sv -w196 force-stop /etc/service/*
sv exit /etc/service/*
echo 'Shutdown...'
/etc/init.d/rc $LAST
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 \
&& (touch /etc/service/pubsubd/down ; exit 0)
if [ -f /etc/init.d/pubsubd ]; then
exec /etc/init.d/pubsubd stop
else
touch /etc/service/pubsubd/down
fi
exit 0
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 \
&& (touch /etc/service/pubsubd/down ; exit 0)
if [ -f /etc/init.d/pubsubd ]; then
/etc/init.d/pubsubd start
if [ ! $? -eq 0 ]; then
echo "Failed to start /etc/init.d/pubsubd: $?"
exit $?
fi
#
# runit expects the run file to continue execution until death.
#
while [ 1 -eq 1 ]; do
sleep 60
done
else
touch /etc/service/pubsubd/down
fi
exit 0
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 && exit 0
. /etc/default/rsyslog
exec /usr/sbin/rsyslogd -n $RSYSLOGD_OPTIONS
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 && exit 0
mkdir -p /var/run/sshd
exec /usr/sbin/sshd -D
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 && exit 0
if [ -f /usr/local/etc/emulab/initscripts/tbprepare ]; then
exec /usr/local/etc/emulab/initscripts/tbprepare stop
fi
exit 0
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 \
&& (touch /etc/service/testbed/down ; exit 0)
if [ -f /usr/local/etc/emulab/initscripts/testbed ]; then
exec /usr/local/etc/emulab/initscripts/testbed stop
fi
exit 0
#!/bin/sh
# Never run if systemd is running; it will do this.
[ -f /bin/systemctl ] && /bin/systemctl show-environment >/dev/null 2>&1 \
&& (touch /etc/service/testbed/down ; exit 0)
if [ -f /usr/local/etc/emulab/initscripts/testbed ]; then
/usr/local/etc/emulab/initscripts/testbed start
if [ ! $? -eq 0 ]; then
echo "Failed to start /usr/local/etc/emulab/initscripts/testbed: $?"
exit $?
fi
#
# runit expects the run file to continue execution until death.
#
while [ 1 -eq 1 ]; do
sleep 60
done
else
touch /etc/service/testbed/down
fi
exit 0
#!/bin/sh
export LANG=en_US.UTF-8
export LANGUAGE=en_US:en
export LC_ALL=en_US.UTF-8
export INITRD=no
export container=docker
export > /etc/envvars
exec /sbin/runit-init
#!/bin/sh
set -x
touch /etc/gshadow
exit 0
#!/bin/sh
set -x
apk update
# missing iputils-ping package from ubuntu process
apk add openssh-server rsyslog logrotate iproute2 iputils net-tools sudo
## Permissions on these should be the same as the host, so preserve them.
#cp -p /tmp/src/ssh-host-keys/ssh_host* /etc/ssh/
## Install default SSH key for root and app.
mkdir -p /root/.ssh
chmod 700 /root/.ssh
chown root:root /root/.ssh
exit 0
#!/bin/sh
#
# We expect several environment vars to be set:
# EMULABSRC -- points to the source tree, may be read-only
# PUBSUBSRC -- points to the pubsub source tree, may be read-only
# DESTDIR -- points to an empty read-write volume from the host
# (if unset, this will just install the clientside into the container root)
#
set -x
apk update
apk add git ca-certificates \
gcc make libc-dev byacc libtool openssl-dev 'g++' \
sudo python python-dev libpcap-dev boost-dev wget patch flex
if [ -z "$EMULABSRC" ]; then
echo "WARNING: missing EMULABSRC environment variable pointer to src; cloning!"
export EMULABSRC=/tmp/emulab-devel
cd /tmp
git clone https://gitlab.flux.utah.edu/emulab/emulab-devel $EMULABSRC
[ ! $? -eq 0 ] && exit 1
fi
if [ -z "$PUBSUBSRC" ]; then
echo "WARNING: missing PUBSUBSRC environment variable pointer to src; cloning!"
export PUBSUBSRC=/tmp/pubsub
cd /tmp
git clone https://gitlab.flux.utah.edu/emulab/pubsub $PUBSUBSRC
[ ! $? -eq 0 ] && exit 1
fi
#export CFLAGS="-static"
mkdir -p /tmp/pubsub.obj
cd /tmp/pubsub.obj
cp -pRv $PUBSUBSRC/* /tmp/pubsub.obj
./configure --disable-ssl && make && make install
[ ! $? -eq 0 ] && exit 1
cd /tmp
rm -rf /tmp/pubsub.obj
#
# If we installed to a DESTDIR, well, we're going to need pubsub dropped
# into real root here too, for the clientside build. So copy it in if
# so.
#
if [ -n "$DESTDIR" ]; then
cp -pRv $DESTDIR/* /
fi
echo /usr/local/lib > /etc/ld.so.conf.d/pubsub.conf
ldconfig
# mkdir -p /tmp/emulab.obj
# cd /tmp/emulab.obj
# export NONTP=1
# $EMULABSRC/clientside/configure --with-TBDEFS=$EMULABSRC/defs-utahclient \
# && make client && make client-install \
# && make -C tmcc/linux docker-guest-install
# [ ! $? -eq 0 ] && exit 1
# cd /tmp
# rm -rf /tmp/emulab.obj
#
# Create these traditional NFS mountpoints now. Scripts get unhappy
# about them if they're not there.
#
mkdir -p $DESTDIR/users $DESTDIR/proj $DESTDIR/groups $DESTDIR/share
exit 0
#!/bin/sh
#
# Builds the artifacts required for the core option (that is, the clientside).
#
if [ -n "$DESTDIR" ]; then
export DESTDIR="$DESTDIR/emulab-client-install"
mkdir -p $DESTDIR
fi
alpine/prepare.sh
alpine3/buildenv.sh
[ ! $? -eq 0 ] && alpine/cleanup.sh && exit 1
alpine/cleanup.sh
exit $?
#!/bin/sh
set -x
# add testing branch to repo for tcsh package
echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
apk update
# missing perl-modules package from ubuntu version
apk add ca-certificates sudo python wget patch nano file \
perl perl-libwww psmisc tcsh@testing zsh mksh
#
# Create these traditional NFS mountpoints now. Scripts get unhappy
# about them if they're not there.
#
mkdir -p /users /proj /groups /share
exit 0
#!/bin/sh
set -x
apk update
# bridge-utils contains brctl command
apk add iproute2 bridge-utils vlan less
#!/bin/sh
#
# Builds the artifacts required for runit on Alpine. It's already
# a package so not worrying about it currently
#
set -x
if [ -n "$DESTDIR" ]; then
export DESTDIR="$DESTDIR/runit"
mkdir -p $DESTDIR
fi
DIRNAME=`pwd`
$DIRNAME/alpine/prepare.sh
apk update
apk add alpine-sdk wget
cd /tmp
if [ -z "$RUNITSRC" ]; then
apk add git ca-certificates
git clone https://gitlab.flux.utah.edu/emulab/runit runit
# will need to be removed once alpine branch merged with master
# cd runit/
# git checkout alpine
# cd ..
else
mkdir -p runit
cp -pR $RUNITSRC/* runit
fi
cd runit/alpine/
mkdir -p /var/cache/distfiles
adduser -D packager
addgroup packager abuild
chgrp abuild /var/cache/distfiles
chgrp -R abuild ..
chmod -R g+w ..
chmod g+w /var/cache/distfiles
echo "packager ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
sudo -u packager sh $DIRNAME/alpine3/runit-packager.sh
cd /tmp/runit/x86_64
cp -p *.apk $DESTDIR/
# cd ../..
# cp -p *.deb $DESTDIR/
# rm -rf runit *.deb *.dsc
$DIRNAME/alpine/cleanup.sh
exit 0
#!/bin/sh
#
# Actually does the package building since root can't build the packages
#
set -x
# sudo chown packager:packager ~/.abuild/
abuild-keygen -a -i -n
cd /tmp/runit
ls -la
cd alpine
ls -la
abuild -r -P /tmp
#!/bin/sh
#
# Install and configure runit, including our ssh/syslog unit files. We
# have a custom version of runit that was built in runit-artifacts.sh,
# so install that one.
#
set -x
#export LANGUAGE=en_US:en
#export LC_ALL=en_US.UTF-8
#export LANG=en_US.UTF-8
#export LC_CTYPE=en_US.UTF-8
echo "runit should be run here..."
apk update
apk add --allow-untrusted /tmp/runit*.apk
## dpkg -i /tmp/runit_*.deb
## apt-get install -y --no-install-suggests --no-install-recommends -f
#language-pack-en
#locale-gen $LANG
#update-locale LANG=$LANG
# Configure runit services.
#mkdir -p /etc/service/sshd
#touch /etc/service/sshd/down
#mkdir -p /etc/service/rsyslog
#touch /etc/service/rsyslog/down
#mkdir -p /etc/service/testbed
#touch /etc/service/testbed/down
#mkdir -p /etc/service/tbprepare
#touch /etc/service/testbed/up
exit 0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment