From 7ef475c7e1a7b303c5f3fcd233f56ce8d08a709f Mon Sep 17 00:00:00 2001 From: Adam Stokes Date: Tue, 1 Oct 2013 21:32:07 -0400 Subject: [PATCH 01/49] Include python-software-properties For some reason I never had this in the common script and apt-add-repository was not provided. This solves that. Signed-off-by: Adam Stokes --- boxes/common/install-salt | 1 + 1 file changed, 1 insertion(+) diff --git a/boxes/common/install-salt b/boxes/common/install-salt index b982117..701f99e 100755 --- a/boxes/common/install-salt +++ b/boxes/common/install-salt @@ -5,6 +5,7 @@ set -e rootfs=$1 echo "installing salt" +chroot $rootfs apt-get install python-software-properties -y --force-yes chroot $rootfs apt-add-repository -y ppa:saltstack/salt chroot $rootfs apt-get update chroot $rootfs apt-get install salt-minion -y --force-yes From c2f4cfda4fc87d85bd6d1d3f6e392e79b17baf98 Mon Sep 17 00:00:00 2001 From: Adam Stokes Date: Fri, 25 Oct 2013 22:51:13 -0700 Subject: [PATCH 02/49] Fix ppa support in ubuntu installs Rather than determining what package to install on which series, just install them both for the time being as they don't seem to conflict in any current series. Signed-off-by: Adam Stokes --- boxes/build-ubuntu-box.sh | 2 +- boxes/common/install-salt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index dd72def..8ab5526 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -90,7 +90,7 @@ sed -i -e \ ################################################################################## # 4 - Add some goodies and update packages -PACKAGES=(vim curl wget man-db bash-completion) +PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes chroot ${ROOTFS} apt-get upgrade -y --force-yes diff --git a/boxes/common/install-salt b/boxes/common/install-salt index 701f99e..6a3446f 100755 --- a/boxes/common/install-salt +++ b/boxes/common/install-salt @@ -5,7 +5,7 @@ set -e rootfs=$1 echo "installing salt" -chroot $rootfs apt-get install python-software-properties -y --force-yes + chroot $rootfs apt-add-repository -y ppa:saltstack/salt chroot $rootfs apt-get update chroot $rootfs apt-get install salt-minion -y --force-yes From ba2569c222af22e48920170e9a002627c7ee9de8 Mon Sep 17 00:00:00 2001 From: Darrell Hamilton Date: Fri, 15 Nov 2013 17:19:35 -0800 Subject: [PATCH 03/49] Only give vagrant NOPASSWD ALL --- boxes/build-debian-box.sh | 6 ++---- boxes/build-ubuntu-box.sh | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh index 4b467bb..d1f7c25 100755 --- a/boxes/build-debian-box.sh +++ b/boxes/build-debian-box.sh @@ -98,10 +98,8 @@ chroot ${ROOTFS} apt-get install sudo -y --force-yes chroot ${ROOTFS} adduser vagrant sudo # Enable passwordless sudo for users under the "sudo" group -cp ${ROOTFS}/etc/sudoers{,.orig} -sed -i -e \ - 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \ - ${ROOTFS}/etc/sudoers +echo "vagrant ALL=NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant +chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant ################################################################################## diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index 8ab5526..73001b9 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -81,10 +81,8 @@ echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh # Enable passwordless sudo for users under the "sudo" group -cp ${ROOTFS}/etc/sudoers{,.orig} -sed -i -e \ - 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \ - ${ROOTFS}/etc/sudoers +echo "vagrant ALL=NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant +chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant ################################################################################## From 774e8175eb259f085db49748c9395c5d84f9610f Mon Sep 17 00:00:00 2001 From: Darrell Hamilton Date: Fri, 15 Nov 2013 17:27:25 -0800 Subject: [PATCH 04/49] Complete NOPASSWD for vagrant Previously, vagrant could not do everything with passwordless sudo. Eg. `sudo -u other-user ls` would ask for a sudo password, causing tools like ansible to hang when trying to execute commands as another user. --- boxes/build-debian-box.sh | 2 +- boxes/build-ubuntu-box.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh index d1f7c25..d020891 100755 --- a/boxes/build-debian-box.sh +++ b/boxes/build-debian-box.sh @@ -98,7 +98,7 @@ chroot ${ROOTFS} apt-get install sudo -y --force-yes chroot ${ROOTFS} adduser vagrant sudo # Enable passwordless sudo for users under the "sudo" group -echo "vagrant ALL=NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant +echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index 73001b9..5ffa27e 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -81,7 +81,7 @@ echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh # Enable passwordless sudo for users under the "sudo" group -echo "vagrant ALL=NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant +echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant From b7c29be732e27bcf2ccfdbc1663a1cbe73c8193a Mon Sep 17 00:00:00 2001 From: Darrell Hamilton Date: Thu, 13 Feb 2014 15:22:20 -0800 Subject: [PATCH 05/49] comments reflect implementation --- boxes/build-debian-box.sh | 2 +- boxes/build-ubuntu-box.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh index d020891..c6944a2 100755 --- a/boxes/build-debian-box.sh +++ b/boxes/build-debian-box.sh @@ -97,7 +97,7 @@ chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh chroot ${ROOTFS} apt-get install sudo -y --force-yes chroot ${ROOTFS} adduser vagrant sudo -# Enable passwordless sudo for users under the "sudo" group +# Enable passwordless sudo for the vagrant user echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index 5ffa27e..ef2d813 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -80,7 +80,7 @@ mkdir -p ${ROOTFS}/home/vagrant/.ssh echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh -# Enable passwordless sudo for users under the "sudo" group +# Enable passwordless sudo for the vagrant user echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant From 9ed8f0c20576259783346d46a4c2b681ff022e7c Mon Sep 17 00:00:00 2001 From: Abe Voelker Date: Sat, 4 Jan 2014 16:03:59 -0600 Subject: [PATCH 06/49] Fix apt-get error when building Ubuntu boxes --- boxes/build-ubuntu-box.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index ef2d813..a0ba1de 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -89,6 +89,7 @@ chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant # 4 - Add some goodies and update packages PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) +chroot ${ROOTFS} apt-get update chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes chroot ${ROOTFS} apt-get upgrade -y --force-yes From bba250255a6245543d4303361426ff5778eba5a6 Mon Sep 17 00:00:00 2001 From: Abe Voelker Date: Sat, 4 Jan 2014 16:04:38 -0600 Subject: [PATCH 07/49] Fix broken locale in Ubuntu boxes --- boxes/build-ubuntu-box.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh index a0ba1de..cbe3ebc 100755 --- a/boxes/build-ubuntu-box.sh +++ b/boxes/build-ubuntu-box.sh @@ -61,6 +61,10 @@ fi # See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts +# Ensure locales are properly set, based on http://askubuntu.com/a/238063 +chroot ${ROOTFS} locale-gen en_US.UTF-8 +chroot ${ROOTFS} dpkg-reconfigure locales + ################################################################################## # 2 - Prepare vagrant user From 773e717fd9359dc744c582d8aabe3e79b205c0cc Mon Sep 17 00:00:00 2001 From: Laurent Vallar Date: Thu, 13 Feb 2014 09:46:08 +0100 Subject: [PATCH 08/49] Enable bash-completion as it's installed Signed-off-by: Laurent Vallar --- boxes/build-debian-box.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh index c6944a2..97bff87 100755 --- a/boxes/build-debian-box.sh +++ b/boxes/build-debian-box.sh @@ -109,6 +109,10 @@ PACKAGES=(vim curl wget man-db bash-completion ca-certificates) chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes chroot ${ROOTFS} apt-get upgrade -y --force-yes +# Enable bash-completion +sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \ + -i ${ROOTFS}/etc/bash.bashrc + ################################################################################## # 6 - Configuration management tools From 1d3e3901c79f87d4e539c7e95a004f52cc30e5c7 Mon Sep 17 00:00:00 2001 From: Laurent Vallar Date: Thu, 13 Feb 2014 09:56:36 +0100 Subject: [PATCH 09/49] Support current LANG environment variable if any. Signed-off-by: Laurent Vallar --- boxes/build-debian-box.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh index 97bff87..60a9007 100755 --- a/boxes/build-debian-box.sh +++ b/boxes/build-debian-box.sh @@ -74,9 +74,10 @@ chroot $ROOTFS /usr/sbin/update-rc.d -f mountall-bootclean.sh remove chroot $ROOTFS /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove # Ensure locales are properly set, based on http://linux.livejournal.com/1880366.html -sed -i "s/^# en_US/en_US/" ${ROOTFS}/etc/locale.gen +LANG=${LANG:-en_US.UTF-8} +sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen chroot $ROOTFS /usr/sbin/locale-gen -chroot $ROOTFS update-locale LANG=en_US.UTF-8 +chroot $ROOTFS update-locale LANG=${LANG} ################################################################################## From 1d28e3d21395266eba3ee98d41afd9c9517a7f7a Mon Sep 17 00:00:00 2001 From: Antonio Terceiro Date: Wed, 26 Feb 2014 13:23:42 -0300 Subject: [PATCH 10/49] boxes scripts: give real total sudo access Without this, commands like `sudo -u $USER $COMMAND` will not work. --- boxes/build-openmandriva-box.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxes/build-openmandriva-box.sh b/boxes/build-openmandriva-box.sh index 1e091f0..332aba7 100644 --- a/boxes/build-openmandriva-box.sh +++ b/boxes/build-openmandriva-box.sh @@ -92,7 +92,7 @@ sed -i 's/Defaults requiretty/\# Defaults requiretty/' ${ROOTFS}/etc/sudoers sed -i 's/\#%wheel/\%wheel/' ${ROOTFS}/etc/sudoers sed -i 's/\# %wheel/\%wheel/' ${ROOTFS}/etc/sudoers # sed -i -e \ -# 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \ +# 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=(ALL) NOPASSWD:ALL/g' \ # ${ROOTFS}/etc/sudoers From f070e9ec5b1ff2b9786946b6065853a2c95fe525 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Fri, 7 Mar 2014 23:34:09 -0300 Subject: [PATCH 11/49] Scaffold the new structure for building base boxes --- boxes/Makefile | 15 ++++++++++++ boxes/common/download.sh | 5 ++++ boxes/common/package.sh | 7 ++++++ boxes/common/prepare-vagrant-user.sh | 6 +++++ boxes/debian/clean.sh | 6 +++++ boxes/debian/install-extras.sh | 6 +++++ boxes/mk-ubuntu.sh | 36 ++++++++++++++++++++++++++++ 7 files changed, 81 insertions(+) create mode 100644 boxes/Makefile create mode 100755 boxes/common/download.sh create mode 100755 boxes/common/package.sh create mode 100755 boxes/common/prepare-vagrant-user.sh create mode 100755 boxes/debian/clean.sh create mode 100755 boxes/debian/install-extras.sh create mode 100755 boxes/mk-ubuntu.sh diff --git a/boxes/Makefile b/boxes/Makefile new file mode 100644 index 0000000..1193a58 --- /dev/null +++ b/boxes/Makefile @@ -0,0 +1,15 @@ +UBUNTU_BOXES= precise quantal raring saucy trusty +TODAY=$(shell date -u +"%Y-%m-%d") + +default: + +all: $(UBUNTU_BOXES) + +$(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64-${TODAY}" +$(UBUNTU_BOXES): PACKAGE = "output/$(CONTAINER).box" +$(UBUNTU_BOXES): + @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) + +clean: + @echo "Implement clean" + @exit 1 diff --git a/boxes/common/download.sh b/boxes/common/download.sh new file mode 100755 index 0000000..21cda38 --- /dev/null +++ b/boxes/common/download.sh @@ -0,0 +1,5 @@ +#!/bin/bash +set -e + +echo " Will check if the '${CONTAINER}' exists and error if doesnt" +echo " Will create '${CONTAINER}'" diff --git a/boxes/common/package.sh b/boxes/common/package.sh new file mode 100755 index 0000000..7b75286 --- /dev/null +++ b/boxes/common/package.sh @@ -0,0 +1,7 @@ +#!/bin/bash +set -e + +container_name=$1 +package=$2 + +echo " Will package '${container_name}' as '${package}'" diff --git a/boxes/common/prepare-vagrant-user.sh b/boxes/common/prepare-vagrant-user.sh new file mode 100755 index 0000000..c728668 --- /dev/null +++ b/boxes/common/prepare-vagrant-user.sh @@ -0,0 +1,6 @@ +#!/bin/bash +set -e + +container_name=$1 + +echo " Will prepare the vagrant user on '${container_name}'" diff --git a/boxes/debian/clean.sh b/boxes/debian/clean.sh new file mode 100755 index 0000000..1197c50 --- /dev/null +++ b/boxes/debian/clean.sh @@ -0,0 +1,6 @@ +#!/bin/bash +set -e + +container_name=$1 + +echo " Will cleanup '${container_name}'" diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh new file mode 100755 index 0000000..0d97847 --- /dev/null +++ b/boxes/debian/install-extras.sh @@ -0,0 +1,6 @@ +#!/bin/bash +set -e + +container_name=$1 + +echo " Will install extras for '${container_name}'" diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh new file mode 100755 index 0000000..62d07a7 --- /dev/null +++ b/boxes/mk-ubuntu.sh @@ -0,0 +1,36 @@ +#!/bin/bash +set -e + +if [ "$(id -u)" != "0" ]; then + echo "You should run this script as root (sudo)." + exit 1 +fi + +export NO_COLOR='\033[0m' +export OK_COLOR='\033[32;01m' +export ERROR_COLOR='\033[31;01m' +export WARN_COLOR='\033[33;01m' + +export DISTRIBUTION="ubuntu" +export RELEASE=$1 +export ARCH=$2 +export CONTAINER=$3 +export PACKAGE=$4 + +if [ -f ${PACKAGE} ]; then + echo -e "${WARN_COLOR}==> The box '${PACKAGE}' already exists, skipping...${NO_COLOR}" + echo + exit +fi + +echo -e "${OK_COLOR}==> Building '${RELEASE} (${ARCH})' to '${PACKAGE}'...${NO_COLOR}" + +./common/download.sh ubuntu ${RELEASE} ${ARCH} ${CONTAINER} +./common/prepare-vagrant-user.sh ${CONTAINER} +./debian/install-extras.sh ${CONTAINER} +./debian/clean.sh ${CONTAINER} +./common/package.sh ${CONTAINER} ${PACKAGE} +touch $PACKAGE + +echo -e "${OK_COLOR}==> Finished building '${RELEASE} (${ARCH})' to '${PACKAGE}'...${NO_COLOR}" +echo From 12bc88805a25c3b594ec9627ded5f47833bd4980 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sat, 8 Mar 2014 01:47:13 -0300 Subject: [PATCH 12/49] Implement download step --- boxes/common/download.sh | 31 +++++++++++++++++++++++++++++-- boxes/common/ui.sh | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+), 2 deletions(-) create mode 100644 boxes/common/ui.sh diff --git a/boxes/common/download.sh b/boxes/common/download.sh index 21cda38..9f9dcf0 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -1,5 +1,32 @@ #!/bin/bash set -e -echo " Will check if the '${CONTAINER}' exists and error if doesnt" -echo " Will create '${CONTAINER}'" +source common/ui.sh + +container_exists=$(lxc-ls | grep -q ${CONTAINER}) +# If container exists, check if want to continue +if $container_exists; then + if ! $(confirm "The '${CONTAINER}' container already exists, do you want to continue building the box?" 'n'); then + log 'Aborting...' + exit 1 + fi +fi + +# If container exists and wants to continue building the box +if $container_exists; then + if $(confirm "Do you want to rebuild the '${CONTAINER}' container?" 'n'); then + log "Destroying container ${CONTAINER}..." + lxc-stop -n ${CONTAINER} &>/dev/null || true + lxc-destroy -n ${CONTAINER} + else + log "Reusing existing container..." + exit 0 + fi +fi + +# If we got to this point, we need to create the container +log "Creating container..." +lxc-create -n ${CONTAINER} -t download -- \ + --dist ${DISTRIBUTION} \ + --release ${RELEASE} \ + --arch ${ARCH} diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh new file mode 100644 index 0000000..2f84194 --- /dev/null +++ b/boxes/common/ui.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +log() { + echo " ${1}" >&2 +} + +debug() { + [ ! $DEBUG ] || echo " [DEBUG] ${1}" >&2 +} + +confirm() { + question=${1} + default=${2} + default_prompt= + + if [ $default = 'n' ]; then + default_prompt="y/N" + default='No' + else + default_prompt="Y/n" + default='Yes' + fi + + echo -n " ${question} [${default_prompt}] " >&2 + read answer + + if [ -z $answer ]; then + debug "Answer not provided, assuming '${default}'" + answer=${default} + fi + + if $(echo ${answer} | grep -q -i '^y'); then + return 0 + else + return 1 + fi +} From dce843db1279654411cd1be95316871e7ed836db Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sat, 8 Mar 2014 02:23:06 -0300 Subject: [PATCH 13/49] Improved base boxes scripts UI and implement prepare-vagrant-user.sh --- boxes/common/download.sh | 8 +++--- boxes/common/prepare-vagrant-user.sh | 37 ++++++++++++++++++++++++++-- boxes/common/ui.sh | 16 +++++++++--- boxes/mk-ubuntu.sh | 9 ++++--- 4 files changed, 57 insertions(+), 13 deletions(-) diff --git a/boxes/common/download.sh b/boxes/common/download.sh index 9f9dcf0..01e8272 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -3,17 +3,16 @@ set -e source common/ui.sh -container_exists=$(lxc-ls | grep -q ${CONTAINER}) # If container exists, check if want to continue -if $container_exists; then - if ! $(confirm "The '${CONTAINER}' container already exists, do you want to continue building the box?" 'n'); then +if $(lxc-ls | grep -q ${CONTAINER}); then + if ! $(confirm "The '${CONTAINER}' container already exists, do you want to continue building the box?" 'y'); then log 'Aborting...' exit 1 fi fi # If container exists and wants to continue building the box -if $container_exists; then +if $(lxc-ls | grep -q ${CONTAINER}); then if $(confirm "Do you want to rebuild the '${CONTAINER}' container?" 'n'); then log "Destroying container ${CONTAINER}..." lxc-stop -n ${CONTAINER} &>/dev/null || true @@ -30,3 +29,4 @@ lxc-create -n ${CONTAINER} -t download -- \ --dist ${DISTRIBUTION} \ --release ${RELEASE} \ --arch ${ARCH} +log "Container created!" diff --git a/boxes/common/prepare-vagrant-user.sh b/boxes/common/prepare-vagrant-user.sh index c728668..08ec17b 100755 --- a/boxes/common/prepare-vagrant-user.sh +++ b/boxes/common/prepare-vagrant-user.sh @@ -1,6 +1,39 @@ #!/bin/bash set -e -container_name=$1 +source common/ui.sh -echo " Will prepare the vagrant user on '${container_name}'" +info "Preparing vagrant user..." + +# Create vagrant user +if $(grep -q 'vagrant' ${ROOTFS}/etc/shadow); then + log 'Skipping vagrant user creation' +else + debug 'vagrant user does not exist, renaming ubuntu user...' + mv ${ROOTFS}/home/{ubuntu,vagrant} + chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu + chroot ${ROOTFS} groupmod -n vagrant ubuntu + echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd + log 'Renamed ubuntu user to vagrant and changed password.' +fi + +# Configure SSH access +if [ -d ${ROOTFS}/home/vagrant/.ssh ]; then + log 'Skipping vagrant SSH credentials configuration' +else + debug 'SSH key has not been set' + mkdir -p ${ROOTFS}/home/vagrant/.ssh + echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys + chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh + log 'SSH credentials configured for the vagrant user.' +fi + +# Enable passwordless sudo for the vagrant user +if [ -f ${ROOTFS}/etc/sudoers.d/vagrant ]; then + log 'Skipping sudoers file creation.' +else + debug 'Sudoers file was not found' + echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant + chmod 0441 ${ROOTFS}/etc/sudoers.d/vagrant + log 'Sudoers file created.' +fi diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh index 2f84194..c5c40f1 100644 --- a/boxes/common/ui.sh +++ b/boxes/common/ui.sh @@ -1,11 +1,15 @@ #!/bin/bash log() { - echo " ${1}" >&2 + echo " [${RELEASE}] ${1}" >&2 } -debug() { - [ ! $DEBUG ] || echo " [DEBUG] ${1}" >&2 +warn() { + echo -e "${WARN_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" +} + +info() { + echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } confirm() { @@ -21,7 +25,7 @@ confirm() { default='Yes' fi - echo -n " ${question} [${default_prompt}] " >&2 + echo -e -n "${WARN_COLOR}==> [${RELEASE}] ${question} [${default_prompt}] ${NO_COLOR}" >&2 read answer if [ -z $answer ]; then @@ -35,3 +39,7 @@ confirm() { return 1 fi } + +debug() { + [ ! $DEBUG ] || echo " [${RELEASE}] [DEBUG] ${1}" >&2 +} diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index 62d07a7..c1508c1 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -1,6 +1,8 @@ #!/bin/bash set -e +source common/ui.sh + if [ "$(id -u)" != "0" ]; then echo "You should run this script as root (sudo)." exit 1 @@ -16,14 +18,15 @@ export RELEASE=$1 export ARCH=$2 export CONTAINER=$3 export PACKAGE=$4 +export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" if [ -f ${PACKAGE} ]; then - echo -e "${WARN_COLOR}==> The box '${PACKAGE}' already exists, skipping...${NO_COLOR}" + warn "The box '${PACKAGE}' already exists, skipping..." echo exit fi -echo -e "${OK_COLOR}==> Building '${RELEASE} (${ARCH})' to '${PACKAGE}'...${NO_COLOR}" +info "Building box to '${PACKAGE}'..." ./common/download.sh ubuntu ${RELEASE} ${ARCH} ${CONTAINER} ./common/prepare-vagrant-user.sh ${CONTAINER} @@ -32,5 +35,5 @@ echo -e "${OK_COLOR}==> Building '${RELEASE} (${ARCH})' to '${PACKAGE}'...${NO_C ./common/package.sh ${CONTAINER} ${PACKAGE} touch $PACKAGE -echo -e "${OK_COLOR}==> Finished building '${RELEASE} (${ARCH})' to '${PACKAGE}'...${NO_COLOR}" +info "Finished building '${PACKAGE}'!" echo From bd9b2e8957d4383ed0fecbf5c76bb33cf3b0e029 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sat, 8 Mar 2014 02:32:19 -0300 Subject: [PATCH 14/49] Install debian extras --- boxes/debian/install-extras.sh | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 0d97847..980c557 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -1,6 +1,16 @@ #!/bin/bash set -e -container_name=$1 +source common/ui.sh -echo " Will install extras for '${container_name}'" +info 'Installing extra packages and upgrading' + +debug 'Bringing container up' +lxc-start -d -n ${CONTAINER} &>/dev/null || true + +# TODO: Support for setting this from outside +PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) + +lxc-attach -n ${CONTAINER} -- apt-get update +lxc-attach -n ${CONTAINER} -- apt-get install ${PACKAGES[*]} -y --force-yes +lxc-attach -n ${CONTAINER} -- apt-get upgrade -y --force-yes From 8fec240ae660bc81a2c7f390c0358efbcb326f67 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sat, 8 Mar 2014 02:34:51 -0300 Subject: [PATCH 15/49] Improve UI for package and clean scripts --- boxes/common/package.sh | 5 ++--- boxes/debian/clean.sh | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/boxes/common/package.sh b/boxes/common/package.sh index 7b75286..020280a 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -1,7 +1,6 @@ #!/bin/bash set -e -container_name=$1 -package=$2 +source common/ui.sh -echo " Will package '${container_name}' as '${package}'" +info "Packaging '${CONTAINER}' to '${PACKAGE}'..." diff --git a/boxes/debian/clean.sh b/boxes/debian/clean.sh index 1197c50..5d7e2ef 100755 --- a/boxes/debian/clean.sh +++ b/boxes/debian/clean.sh @@ -1,6 +1,6 @@ #!/bin/bash set -e -container_name=$1 +source common/ui.sh -echo " Will cleanup '${container_name}'" +info "Cleaning up '${CONTAINER}'..." From 420a49c870351d34ab5f33890e0eca47660ddd16 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sat, 8 Mar 2014 10:42:28 -0300 Subject: [PATCH 16/49] Base box cleanup script and rootfs compression --- boxes/common/package.sh | 15 +++++++++++++++ boxes/debian/clean.sh | 9 +++++++++ boxes/debian/install-extras.sh | 6 ++++-- boxes/mk-ubuntu.sh | 5 ++++- 4 files changed, 32 insertions(+), 3 deletions(-) diff --git a/boxes/common/package.sh b/boxes/common/package.sh index 020280a..b44c074 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -4,3 +4,18 @@ set -e source common/ui.sh info "Packaging '${CONTAINER}' to '${PACKAGE}'..." + +debug 'Stopping container' +lxc-stop -n ${CONTAINER} &>/dev/null || true + +debug "Removing previous rootfs tarbal" +rm -f ${WORKING_DIR}/rootfs.tar.gz + +log "Compressing container's rootfs" +cd $(dirname ${ROOTFS}) +tar --numeric-owner -czf ${WORKING_DIR}/rootfs.tar.gz ./rootfs/* + +# Prepare package contents +cd ${WORKING_DIR} + +warn 'TODO: Package!' diff --git a/boxes/debian/clean.sh b/boxes/debian/clean.sh index 5d7e2ef..36f1302 100755 --- a/boxes/debian/clean.sh +++ b/boxes/debian/clean.sh @@ -3,4 +3,13 @@ set -e source common/ui.sh +debug 'Bringing container up' +lxc-start -d -n ${CONTAINER} &>/dev/null || true + info "Cleaning up '${CONTAINER}'..." + +log 'Removing temporary files...' +lxc-attach -n ${CONTAINER} -- rm -rf /tmp/* + +log 'Removing downloaded packages...' +lxc-attach -n ${CONTAINER} -- apt-get clean diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 980c557..875bde6 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -9,8 +9,10 @@ debug 'Bringing container up' lxc-start -d -n ${CONTAINER} &>/dev/null || true # TODO: Support for setting this from outside -PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) +UBUNTU_PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) lxc-attach -n ${CONTAINER} -- apt-get update -lxc-attach -n ${CONTAINER} -- apt-get install ${PACKAGES[*]} -y --force-yes +lxc-attach -n ${CONTAINER} -- apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes lxc-attach -n ${CONTAINER} -- apt-get upgrade -y --force-yes + +warn 'TODO: Install provisioners' diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index c1508c1..6c079b4 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -19,6 +19,7 @@ export ARCH=$2 export CONTAINER=$3 export PACKAGE=$4 export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" +export WORKING_DIR="/tmp/${CONTAINER}" if [ -f ${PACKAGE} ]; then warn "The box '${PACKAGE}' already exists, skipping..." @@ -26,6 +27,9 @@ if [ -f ${PACKAGE} ]; then exit fi +debug "Creating ${WORKING_DIR}" +mkdir -p ${WORKING_DIR} + info "Building box to '${PACKAGE}'..." ./common/download.sh ubuntu ${RELEASE} ${ARCH} ${CONTAINER} @@ -33,7 +37,6 @@ info "Building box to '${PACKAGE}'..." ./debian/install-extras.sh ${CONTAINER} ./debian/clean.sh ${CONTAINER} ./common/package.sh ${CONTAINER} ${PACKAGE} -touch $PACKAGE info "Finished building '${PACKAGE}'!" echo From 3b1055c843d7137a879de1d29abb402746706d34 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 03:49:06 -0300 Subject: [PATCH 17/49] New base box template --- boxes/common/lxc-template | 301 ++++++++++++++------------------------ 1 file changed, 113 insertions(+), 188 deletions(-) diff --git a/boxes/common/lxc-template b/boxes/common/lxc-template index 202d068..a9318d1 100755 --- a/boxes/common/lxc-template +++ b/boxes/common/lxc-template @@ -1,226 +1,151 @@ #!/bin/bash -# This is a modified version of /usr/share/lxc/templates/lxc-ubuntu -# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs - +# This is a modified version of /usr/share/lxc/templates/lxc-download +# that comes with ubuntu-lxc 1.0.0 stable from ppa changed to suit vagrant-lxc needs # -# template script for generating ubuntu container for LXC -# -# This script consolidates and extends the existing lxc ubuntu scripts +# Copyright © 2014 Stéphane Graber +# Copyright © 2014 Fábio Rehm # +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. -# Copyright © 2011 Serge Hallyn -# Copyright © 2010 Wilhelm Meier -# Author: Wilhelm Meier -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2, as -# published by the Free Software Foundation. +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 +# USA -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# +set -eu -set -e +LXC_HOOK_DIR="/usr/share/lxc/hooks" +LXC_TEMPLATE_CONFIG="/usr/share/lxc/config" -if [ -r /etc/default/lxc ]; then - . /etc/default/lxc -fi +LXC_MAPPED_GID= +LXC_MAPPED_UID= +LXC_NAME= +LXC_PATH= +LXC_ROOTFS= +LXC_TARBALL= +LXC_CONFIG= -extract_rootfs() -{ - tarball=$1 - arch=$2 - rootfs=$3 - - echo "Extracting $tarball ..." - mkdir -p $rootfs - (cd $rootfs && tar xfz $tarball --strip-components=2) - return 0 -} - -install_ubuntu() -{ - rootfs=$1 - release=$2 - tarball=$3 - mkdir -p /var/lock/subsys/ - - ( - flock -x 200 - if [ $? -ne 0 ]; then - echo "Cache repository is busy." - return 1 - fi - - extract_rootfs $tarball $arch $rootfs - if [ $? -ne 0 ]; then - echo "Failed to copy rootfs" - return 1 - fi - - return 0 - - ) 200>/var/lock/subsys/lxc - - return $? -} - -copy_configuration() -{ - path=$1 - rootfs=$2 - name=$3 - - grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config - - # if there is exactly one veth network entry, make sure it has an - # associated hwaddr. - nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l` - if [ $nics -eq 1 ]; then - grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config - fi - - if [ $? -ne 0 ]; then - echo "Failed to add configuration" - return 1 - fi - - return 0 -} - -post_process() -{ - rootfs=$1 - - # rmdir /dev/shm for containers that have /run/shm - # I'm afraid of doing rm -rf $rootfs/dev/shm, in case it did - # get bind mounted to the host's /run/shm. So try to rmdir - # it, and in case that fails move it out of the way. - if [ ! -L $rootfs/dev/shm ] && [ -d $rootfs/run/shm ] && [ -e $rootfs/dev/shm ]; then - mv $rootfs/dev/shm $rootfs/dev/shm.bak - ln -s /run/shm $rootfs/dev/shm - fi -} - -usage() -{ +usage() { cat <] [-T|--tarball -arch: the container architecture (e.g. amd64): defaults to host arch +vagrant-lxc default template + +Required arguments: +[ --tarball ]: The full path of the rootfs tarball + +Optional arguments: +[ --config ]: Configuration file to be used when building the container +[ -h | --help ]: This help message + +LXC internal arguments (do not pass manually!): +[ --name ]: The container name +[ --path ]: The path to the container +[ --rootfs ]: The path to the container's rootfs +[ --mapped-uid ]: A uid map (user namespaces) +[ --mapped-gid ]: A gid map (user namespaces) EOF return 0 } -options=$(getopt -o a:b:hp:r:xn:FS:d:C -l arch:,help,path:,release:,trim,name:,flush-cache,auth-key:,debug:,tarball:,rootfs: -- "$@") +options=$(getopt -o h -l tarball:,config:,help:,name:,path:,rootfs:,mapped-uid:,mapped-gid: -- "$@")SS + if [ $? -ne 0 ]; then usage $(basename $0) exit 1 fi eval set -- "$options" -release=precise # Default to the last Ubuntu LTS release for non-Ubuntu systems -if [ -f /etc/lsb-release ]; then - . /etc/lsb-release - if [ "$DISTRIB_ID" = "Ubuntu" ]; then - release=$DISTRIB_CODENAME - fi -fi - -arch=$(uname -m) - -# Code taken from debootstrap -if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then - arch=`/usr/bin/dpkg --print-architecture` -elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then - arch=`/usr/bin/udpkg --print-architecture` -else - arch=$(uname -m) - if [ "$arch" = "i686" ]; then - arch="i386" - elif [ "$arch" = "x86_64" ]; then - arch="amd64" - elif [ "$arch" = "armv7l" ]; then - arch="armel" - fi -fi - -debug=0 -trim_container=0 -hostarch=$arch while true do case "$1" in - -h|--help) usage $0 && exit 0;; - --rootfs) rootfs=$2; shift 2;; - -p|--path) path=$2; shift 2;; - -n|--name) name=$2; shift 2;; - -T|--tarball) tarball=$2; shift 2;; - -a|--arch) arch=$2; shift 2;; - -S|--auth-key) auth_key=$2; shift 2;; - -d|--debug) debug=1; shift 1;; - --) shift 1; break ;; - *) break ;; + -h|--help) usage $0 && exit 0;; + --config) LXC_CONFIG=$2; shift 2;; + --tarball) LXC_TARBALL=$2; shift 2;; + --name) LXC_NAME=$2; shift 2;; + --path) LXC_PATH=$2; shift 2;; + --rootfs) LXC_ROOTFS=$2; shift 2;; + --mapped-uid) LXC_MAPPED_UID=$2; shift 2;; + --mapped-gid) LXC_MAPPED_GID=$2; shift 2;; + *) break;; esac done -if [ $debug -eq 1 ]; then - set -x -fi - -if [ "$arch" == "i686" ]; then - arch=i386 -fi - -if [ $hostarch = "i386" -a $arch = "amd64" ]; then - echo "can't create amd64 container on i386" +if [ -z "${LXC_NAME}" ]; then + echo "'name' parameter is required" exit 1 fi -if [ -z "$path" ]; then +if [ -z "${LXC_TARBALL}" ]; then + echo "'tarball' parameter is required" + exit 1 +fi + +if [ -z "${LXC_ROOTFS}" ]; then + echo "'rootfs' parameter is required" + exit 1 +fi + +if [ -z "${LXC_CONFIG}" ]; then + echo "'config' parameter is required" + exit 1 +fi + +if [ -z "${LXC_PATH}" ]; then echo "'path' parameter is required" exit 1 fi -if [ "$(id -u)" != "0" ]; then - echo "This script should be run as 'root'" - exit 1 +# Unpack the rootfs +echo "Unpacking the rootfs" + +mkdir -p ${LXC_ROOTFS} +(cd ${LXC_ROOTFS} && tar xfz ${LXC_TARBALL} --strip-components=2) + +mkdir -p ${LXC_ROOTFS}/dev/pts/ + +## Extract all the network config entries +sed -i -e "/lxc.network/{w ${LXC_PATH}/config-network" -e "d}" \ + ${LXC_PATH}/config + +## Extract any other config entry +sed -i -e "/lxc./{w ${LXC_PATH}/config-auto" -e "d}" ${LXC_PATH}/config + +## Add the container-specific config +echo "" >> ${LXC_PATH}/config +echo "##############################################" >> ${LXC_PATH}/config +echo "# Container specific configuration (automatically set)" >> ${LXC_PATH}/config +if [ -e "${LXC_PATH}/config-auto" ]; then + cat ${LXC_PATH}/config-auto >> ${LXC_PATH}/config + rm ${LXC_PATH}/config-auto +fi +echo "lxc.utsname = ${LXC_NAME}" >> ${LXC_PATH}/config + +## Re-add the previously removed network config +if [ -e "${LXC_PATH}/config-network" ]; then + echo "" >> ${LXC_PATH}/config + echo "##############################################" >> ${LXC_PATH}/config + echo "# Network configuration (automatically set)" >> ${LXC_PATH}/config + cat ${LXC_PATH}/config-network >> ${LXC_PATH}/config + rm ${LXC_PATH}/config-network fi -# detect rootfs -config="$path/config" -# if $rootfs exists here, it was passed in with --rootfs -if [ -z "$rootfs" ]; then - if grep -q '^lxc.rootfs' $config 2>/dev/null ; then - rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'` - else - rootfs=$path/rootfs - fi -fi +## Append the defaults +echo "" >> ${LXC_PATH}/config +echo "##############################################" >> ${LXC_PATH}/config +echo "# vagrant-lxc base box specific configuration" >> ${LXC_PATH}/config +cat ${LXC_CONFIG} >> ${LXC_PATH}/config -install_ubuntu $rootfs $release $tarball -if [ $? -ne 0 ]; then - echo "failed to install ubuntu $release" - exit 1 -fi +# Empty section for lxc.customize calls from vagrantfile +echo "" >> ${LXC_PATH}/config +echo "##############################################" >> ${LXC_PATH}/config +echo "# vagrant-lxc container specific configuration" >> ${LXC_PATH}/config -copy_configuration $path $rootfs $name $arch -if [ $? -ne 0 ]; then - echo "failed write configuration file" - exit 1 -fi - -post_process $rootfs $release $trim_container - -echo "" -echo "##" -echo "# The default user is 'vagrant' with password 'vagrant'!" -echo "# Use the 'sudo' command to run tasks as root in the container." -echo "##" -echo "" +exit 0 From 4a18c7a05af6b136c94da2770cec5ddb32334d5c Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 03:50:33 -0300 Subject: [PATCH 18/49] Fix vagrant sudoers file permissions --- boxes/common/prepare-vagrant-user.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxes/common/prepare-vagrant-user.sh b/boxes/common/prepare-vagrant-user.sh index 08ec17b..5f68f47 100755 --- a/boxes/common/prepare-vagrant-user.sh +++ b/boxes/common/prepare-vagrant-user.sh @@ -34,6 +34,6 @@ if [ -f ${ROOTFS}/etc/sudoers.d/vagrant ]; then else debug 'Sudoers file was not found' echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant - chmod 0441 ${ROOTFS}/etc/sudoers.d/vagrant + chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant log 'Sudoers file created.' fi From f927f65ec1a9cfa4cd5aa918606e9e188e340670 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 03:55:10 -0300 Subject: [PATCH 19/49] Getting close to finish new structure for building ubuntu boxes --- boxes/Makefile | 3 +- boxes/common/download.sh | 3 ++ boxes/common/package.sh | 39 ++++++++++++++++++---- boxes/common/ui.sh | 1 + boxes/conf/ubuntu | 70 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 109 insertions(+), 7 deletions(-) create mode 100644 boxes/conf/ubuntu diff --git a/boxes/Makefile b/boxes/Makefile index 1193a58..75772d7 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -6,9 +6,10 @@ default: all: $(UBUNTU_BOXES) $(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64-${TODAY}" -$(UBUNTU_BOXES): PACKAGE = "output/$(CONTAINER).box" +$(UBUNTU_BOXES): PACKAGE = "output/vagrant-lxc-${@}-amd64-${TODAY}.box" $(UBUNTU_BOXES): @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) + @chmod +rw $(PACKAGE) clean: @echo "Implement clean" diff --git a/boxes/common/download.sh b/boxes/common/download.sh index 01e8272..b617a13 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -29,4 +29,7 @@ lxc-create -n ${CONTAINER} -t download -- \ --dist ${DISTRIBUTION} \ --release ${RELEASE} \ --arch ${ARCH} + +# TODO: Nicely handle boxes that don't have an image associated + log "Container created!" diff --git a/boxes/common/package.sh b/boxes/common/package.sh index b44c074..f7d8813 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -3,19 +3,46 @@ set -e source common/ui.sh +# TODO: Create file with build date / time on container + info "Packaging '${CONTAINER}' to '${PACKAGE}'..." debug 'Stopping container' lxc-stop -n ${CONTAINER} &>/dev/null || true -debug "Removing previous rootfs tarbal" -rm -f ${WORKING_DIR}/rootfs.tar.gz +if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then + log "Removing previous rootfs tarbal" + rm -f ${WORKING_DIR}/rootfs.tar.gz +fi log "Compressing container's rootfs" -cd $(dirname ${ROOTFS}) -tar --numeric-owner -czf ${WORKING_DIR}/rootfs.tar.gz ./rootfs/* +pushd $(dirname ${ROOTFS}) &>/dev/null + tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \ + ${WORKING_DIR}/rootfs.tar.gz ./rootfs/* +popd &>/dev/null # Prepare package contents -cd ${WORKING_DIR} +pushd ${WORKING_DIR} &>/dev/null + warn "TODO: Package on `pwd`" + warn "TODO: Add creation date" + warn "TODO: Fix hostname (its too big!)" +popd &>/dev/null -warn 'TODO: Package!' +# cp $LXC_TEMPLATE . +# cp $LXC_CONF . +# cp $METATADA_JSON . +# chmod +x lxc-template +# sed -i "s//${NOW}/" metadata.json +# +# # Vagrant box! +# tar -czf $PKG ./* +# +# chmod +rw ${WORKING_DIR}/${PKG} +# mkdir -p ${CWD}/output +# mv ${WORKING_DIR}/${PKG} ${CWD}/output +# +# # Clean up after ourselves +# rm -rf ${WORKING_DIR} +# lxc-destroy -n ${RELEASE}-base +# +# echo "The base box was built successfully to ${CWD}/output/${PKG}" diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh index c5c40f1..b2f91f8 100644 --- a/boxes/common/ui.sh +++ b/boxes/common/ui.sh @@ -12,6 +12,7 @@ info() { echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } +# TODO: Add a file lock so we can build in parallel confirm() { question=${1} default=${2} diff --git a/boxes/conf/ubuntu b/boxes/conf/ubuntu new file mode 100644 index 0000000..1ec323f --- /dev/null +++ b/boxes/conf/ubuntu @@ -0,0 +1,70 @@ +# Default pivot location +lxc.pivotdir = lxc_putold + +# Default mount entries +lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry = sysfs sys sysfs defaults 0 0 +lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0 +lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0 +lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0 +lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0 + +# Default console settings +lxc.devttydir = lxc +lxc.tty = 4 +lxc.pts = 1024 + +# Default capabilities +lxc.cap.drop = sys_module mac_admin mac_override sys_time + +# When using LXC with apparmor, the container will be confined by default. +# If you wish for it to instead run unconfined, copy the following line +# (uncommented) to the container's configuration file. +#lxc.aa_profile = unconfined + +# To support container nesting on an Ubuntu host while retaining most of +# apparmor's added security, use the following two lines instead. +#lxc.aa_profile = lxc-container-default-with-nesting +#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups + +# Uncomment the following line to autodetect squid-deb-proxy configuration on the +# host and forward it to the guest at start time. +#lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client + +# If you wish to allow mounting block filesystems, then use the following +# line instead, and make sure to grant access to the block device and/or loop +# devices below in lxc.cgroup.devices.allow. +#lxc.aa_profile = lxc-container-default-with-mounting + +# Default cgroup limits +lxc.cgroup.devices.deny = a +## Allow any mknod (but not using the node) +lxc.cgroup.devices.allow = c *:* m +lxc.cgroup.devices.allow = b *:* m +## /dev/null and zero +lxc.cgroup.devices.allow = c 1:3 rwm +lxc.cgroup.devices.allow = c 1:5 rwm +## consoles +lxc.cgroup.devices.allow = c 5:0 rwm +lxc.cgroup.devices.allow = c 5:1 rwm +## /dev/{,u}random +lxc.cgroup.devices.allow = c 1:8 rwm +lxc.cgroup.devices.allow = c 1:9 rwm +## /dev/pts/* +lxc.cgroup.devices.allow = c 5:2 rwm +lxc.cgroup.devices.allow = c 136:* rwm +## rtc +lxc.cgroup.devices.allow = c 254:0 rm +## fuse +lxc.cgroup.devices.allow = c 10:229 rwm +## tun +lxc.cgroup.devices.allow = c 10:200 rwm +## full +lxc.cgroup.devices.allow = c 1:7 rwm +## hpet +lxc.cgroup.devices.allow = c 10:228 rwm +## kvm +lxc.cgroup.devices.allow = c 10:232 rwm +## To use loop devices, copy the following line to the container's +## configuration file (uncommented). +#lxc.cgroup.devices.allow = b 7:* rwm From 8d3d84aef268d123f2161db38900969b89c194dd Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 04:18:10 -0300 Subject: [PATCH 20/49] Finish basic version of the new ubuntu base boxes build --- boxes/Makefile | 2 +- boxes/common/package.sh | 34 ++++++++-------------------- boxes/{common => conf}/metadata.json | 2 +- boxes/mk-ubuntu.sh | 2 ++ 4 files changed, 14 insertions(+), 26 deletions(-) rename boxes/{common => conf}/metadata.json (68%) diff --git a/boxes/Makefile b/boxes/Makefile index 75772d7..c7619af 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -9,7 +9,7 @@ $(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64-${TODAY}" $(UBUNTU_BOXES): PACKAGE = "output/vagrant-lxc-${@}-amd64-${TODAY}.box" $(UBUNTU_BOXES): @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) - @chmod +rw $(PACKAGE) + @sudo chmod +rw $(PACKAGE) clean: @echo "Implement clean" diff --git a/boxes/common/package.sh b/boxes/common/package.sh index f7d8813..2ccf320 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -11,7 +11,7 @@ debug 'Stopping container' lxc-stop -n ${CONTAINER} &>/dev/null || true if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then - log "Removing previous rootfs tarbal" + log "Removing previous rootfs tarball" rm -f ${WORKING_DIR}/rootfs.tar.gz fi @@ -22,27 +22,13 @@ pushd $(dirname ${ROOTFS}) &>/dev/null popd &>/dev/null # Prepare package contents -pushd ${WORKING_DIR} &>/dev/null - warn "TODO: Package on `pwd`" - warn "TODO: Add creation date" - warn "TODO: Fix hostname (its too big!)" -popd &>/dev/null +log 'Preparing box package contents' +cp common/lxc-template ${WORKING_DIR} +cp conf/ubuntu ${WORKING_DIR}/lxc-config +cp conf/metadata.json ${WORKING_DIR} +sed -i "s//${NOW}/" ${WORKING_DIR}/metadata.json -# cp $LXC_TEMPLATE . -# cp $LXC_CONF . -# cp $METATADA_JSON . -# chmod +x lxc-template -# sed -i "s//${NOW}/" metadata.json -# -# # Vagrant box! -# tar -czf $PKG ./* -# -# chmod +rw ${WORKING_DIR}/${PKG} -# mkdir -p ${CWD}/output -# mv ${WORKING_DIR}/${PKG} ${CWD}/output -# -# # Clean up after ourselves -# rm -rf ${WORKING_DIR} -# lxc-destroy -n ${RELEASE}-base -# -# echo "The base box was built successfully to ${CWD}/output/${PKG}" +# Vagrant box! +log 'Packaging box' +TARBALL=$(readlink -f ${PACKAGE}) +(cd ${WORKING_DIR} && tar -czf $TARBALL ./*) diff --git a/boxes/common/metadata.json b/boxes/conf/metadata.json similarity index 68% rename from boxes/common/metadata.json rename to boxes/conf/metadata.json index 4ae0cd3..f313050 100644 --- a/boxes/common/metadata.json +++ b/boxes/conf/metadata.json @@ -1,5 +1,5 @@ { "provider": "lxc", - "version": "3", + "version": "1.0.0", "built-on": "" } diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index 6c079b4..765e3e3 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -20,6 +20,7 @@ export CONTAINER=$3 export PACKAGE=$4 export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" export WORKING_DIR="/tmp/${CONTAINER}" +export NOW=$(date -u) if [ -f ${PACKAGE} ]; then warn "The box '${PACKAGE}' already exists, skipping..." @@ -39,4 +40,5 @@ info "Building box to '${PACKAGE}'..." ./common/package.sh ${CONTAINER} ${PACKAGE} info "Finished building '${PACKAGE}'!" +log "Run \`sudo lxc-destroy -n ${CONTAINER}\` to remove the container that was created along the way" echo From 1b8fb6137b4eabc1b0309b31efacccd26ce6e0bf Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 04:38:36 -0300 Subject: [PATCH 21/49] Bring back support for installing provisioners on ubuntu base boxes --- boxes/debian/install-extras.sh | 48 +++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 875bde6..a489c46 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -15,4 +15,50 @@ lxc-attach -n ${CONTAINER} -- apt-get update lxc-attach -n ${CONTAINER} -- apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes lxc-attach -n ${CONTAINER} -- apt-get upgrade -y --force-yes -warn 'TODO: Install provisioners' +CHEF=${CHEF:-0} +PUPPET=${PUPPET:-0} +SALT=${SALT:-0} +BABUSHKA=${BABUSHKA:-0} + +if [ $CHEF = 1 ]; then + # TODO: Check if Chef has been installed + log "Installing Chef" + cat > ${ROOTFS}/tmp/install-chef.sh << EOF +#!/bin/sh +curl -L https://www.opscode.com/chef/install.sh -k | sudo bash +EOF + chmod +x ${ROOTFS}/tmp/install-chef.sh + lxc-attach -n ${CONTAINER} -- /tmp/install-chef.sh +else + log "Skipping Chef installation" +fi + +if [ $PUPPET = 1 ]; then + log "Installing Puppet" + wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" + lxc-attach -n ${CONTAINER} -- dpkg -i "/tmp/puppetlabs-release-stable.deb" + lxc-attach -n ${CONTAINER} -- apt-get update + lxc-attach -n ${CONTAINER} -- apt-get install puppet -y --force-yes +else + log "Skipping Puppet installation" +fi + +if [ $SALT = 1 ]; then + lxc-attach -n ${CONTAINER} -- apt-add-repository -y ppa:saltstack/salt + lxc-attach -n ${CONTAINER} -- apt-get update + lxc-attach -n ${CONTAINER} -- apt-get install salt-minion -y --force-yes +else + log "Skipping Salt installation" +fi + +if [ $BABUSHKA = 1 ]; then + log "Installing Babushka" + cat > $ROOTFS/tmp/install-babushka.sh << EOF +#!/bin/sh +curl https://babushka.me/up | sudo bash +EOF + chmod +x $ROOTFS/tmp/install-babushka.sh + lxc-attach -n ${CONTAINER} -- /tmp/install-babushka.sh +else + log "Skipping Babushka installation" +fi From 921e08bdb4a52d94d19a45ca3ec0a4b71e9d2405 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 04:42:48 -0300 Subject: [PATCH 22/49] boxes: Get rid of old scripts --- boxes/build-ubuntu-box.sh | 154 ---------------------------------- boxes/common/cleanup | 7 -- boxes/common/install-babushka | 16 ---- boxes/common/install-chef | 15 ---- boxes/common/install-puppet | 13 --- boxes/common/install-salt | 13 --- boxes/common/lxc.conf | 49 ----------- 7 files changed, 267 deletions(-) delete mode 100755 boxes/build-ubuntu-box.sh delete mode 100755 boxes/common/cleanup delete mode 100755 boxes/common/install-babushka delete mode 100755 boxes/common/install-chef delete mode 100755 boxes/common/install-puppet delete mode 100755 boxes/common/install-salt delete mode 100644 boxes/common/lxc.conf diff --git a/boxes/build-ubuntu-box.sh b/boxes/build-ubuntu-box.sh deleted file mode 100755 index cbe3ebc..0000000 --- a/boxes/build-ubuntu-box.sh +++ /dev/null @@ -1,154 +0,0 @@ -#!/bin/bash - -# set -x -set -e - -# Script used to build Ubuntu base vagrant-lxc containers -# -# USAGE: -# $ cd boxes && sudo ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH -# -# To enable Chef or any other configuration management tool pass '1' to the -# corresponding env var: -# $ CHEF=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH -# $ PUPPET=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH -# $ SALT=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH -# $ BABUSHKA=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH - -################################################################################## -# 0 - Initial setup and sanity checks - -TODAY=$(date -u +"%Y-%m-%d") -NOW=$(date -u) -RELEASE=${1:-"raring"} -ARCH=${2:-"amd64"} -PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box -WORKING_DIR=/tmp/vagrant-lxc-${RELEASE} -VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" -ROOTFS=/var/lib/lxc/${RELEASE}-base/rootfs - -# Providing '1' will enable these tools -CHEF=${CHEF:-0} -PUPPET=${PUPPET:-0} -SALT=${SALT:-0} -BABUSHKA=${BABUSHKA:-0} - -# Path to files bundled with the box -CWD=`readlink -f .` -LXC_TEMPLATE=${CWD}/common/lxc-template -LXC_CONF=${CWD}/common/lxc.conf -METATADA_JSON=${CWD}/common/metadata.json - -# Set up a working dir -mkdir -p $WORKING_DIR - -if [ -f "${WORKING_DIR}/${PKG}" ]; then - echo "Found a box on ${WORKING_DIR}/${PKG} already!" - exit 1 -fi - -################################################################################## -# 1 - Create the base container - -if $(lxc-ls | grep -q "${RELEASE}-base"); then - echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!" - exit 1 -else - lxc-create -n ${RELEASE}-base -t ubuntu -- --release ${RELEASE} --arch ${ARCH} -fi - -# Fixes some networking issues -# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info -echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts - -# Ensure locales are properly set, based on http://askubuntu.com/a/238063 -chroot ${ROOTFS} locale-gen en_US.UTF-8 -chroot ${ROOTFS} dpkg-reconfigure locales - - -################################################################################## -# 2 - Prepare vagrant user - -mv ${ROOTFS}/home/{ubuntu,vagrant} -chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu -chroot ${ROOTFS} groupmod -n vagrant ubuntu - -echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd - - -################################################################################## -# 3 - Setup SSH access and passwordless sudo - -# Configure SSH access -mkdir -p ${ROOTFS}/home/vagrant/.ssh -echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys -chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh - -# Enable passwordless sudo for the vagrant user -echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant -chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant - - -################################################################################## -# 4 - Add some goodies and update packages - -PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) -chroot ${ROOTFS} apt-get update -chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes -chroot ${ROOTFS} apt-get upgrade -y --force-yes - - -################################################################################## -# 5 - Configuration management tools - -if [ $CHEF = 1 ]; then - ./common/install-chef $ROOTFS -fi - -if [ $PUPPET = 1 ]; then - ./common/install-puppet $ROOTFS -fi - -if [ $SALT = 1 ]; then - ./common/install-salt $ROOTFS -fi - -if [ $BABUSHKA = 1 ]; then - ./common/install-babushka $ROOTFS -fi - - -################################################################################## -# 6 - Free up some disk space - -rm -rf ${ROOTFS}/tmp/* -chroot ${ROOTFS} apt-get clean - - -################################################################################## -# 7 - Build box package - -# Compress container's rootfs -cd $(dirname $ROOTFS) -tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/* - -# Prepare package contents -cd $WORKING_DIR -cp $LXC_TEMPLATE . -cp $LXC_CONF . -cp $METATADA_JSON . -chmod +x lxc-template -sed -i "s//${NOW}/" metadata.json - -# Vagrant box! -tar -czf $PKG ./* - -chmod +rw ${WORKING_DIR}/${PKG} -mkdir -p ${CWD}/output -mv ${WORKING_DIR}/${PKG} ${CWD}/output - -# Clean up after ourselves -rm -rf ${WORKING_DIR} -lxc-destroy -n ${RELEASE}-base - -echo "The base box was built successfully to ${CWD}/output/${PKG}" diff --git a/boxes/common/cleanup b/boxes/common/cleanup deleted file mode 100755 index bfa6653..0000000 --- a/boxes/common/cleanup +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -cache=`readlink -f .` -rootfs="${cache}/rootfs" - -rm -rf $rootfs/tmp/* -chroot $rootfs apt-get clean diff --git a/boxes/common/install-babushka b/boxes/common/install-babushka deleted file mode 100755 index a770bbb..0000000 --- a/boxes/common/install-babushka +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -set -e - -rootfs=$1 - -echo "installing babushka" -cat > $rootfs/tmp/install-babushka.sh << EOF -#!/bin/sh -curl https://babushka.me/up | sudo bash - -EOF -chmod +x $rootfs/tmp/install-babushka.sh -chroot $rootfs /tmp/install-babushka.sh - -rm -rf $rootfs/tmp/* diff --git a/boxes/common/install-chef b/boxes/common/install-chef deleted file mode 100755 index 2eeda2f..0000000 --- a/boxes/common/install-chef +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -e - -rootfs=$1 - -echo "installing chef" -cat > $rootfs/tmp/install-chef.sh << EOF -#!/bin/sh -curl -L https://www.opscode.com/chef/install.sh -k | sudo bash -EOF -chmod +x $rootfs/tmp/install-chef.sh -chroot $rootfs /tmp/install-chef.sh - -rm -rf $rootfs/tmp/* diff --git a/boxes/common/install-puppet b/boxes/common/install-puppet deleted file mode 100755 index d159d4f..0000000 --- a/boxes/common/install-puppet +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -set -e - -rootfs=$1 - -echo "installing puppet" -wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${rootfs}/tmp/puppetlabs-release-stable.deb" -chroot $rootfs dpkg -i "/tmp/puppetlabs-release-stable.deb" -chroot $rootfs apt-get update -chroot $rootfs apt-get install puppet -y --force-yes - -rm -rf $rootfs/tmp/* diff --git a/boxes/common/install-salt b/boxes/common/install-salt deleted file mode 100755 index 6a3446f..0000000 --- a/boxes/common/install-salt +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -set -e - -rootfs=$1 - -echo "installing salt" - -chroot $rootfs apt-add-repository -y ppa:saltstack/salt -chroot $rootfs apt-get update -chroot $rootfs apt-get install salt-minion -y --force-yes - -rm -rf $rootfs/tmp/* diff --git a/boxes/common/lxc.conf b/boxes/common/lxc.conf deleted file mode 100644 index 610875c..0000000 --- a/boxes/common/lxc.conf +++ /dev/null @@ -1,49 +0,0 @@ -lxc.network.type=veth -lxc.network.link=lxcbr0 -lxc.network.flags=up - -lxc.pivotdir = lxc_putold - -lxc.devttydir = lxc -lxc.tty = 4 -lxc.pts = 1024 - -lxc.arch = amd64 -lxc.cap.drop = sys_module mac_admin mac_override - -# When using LXC with apparmor, uncomment the next line to run unconfined: -#lxc.aa_profile = unconfined - -lxc.cgroup.devices.deny = a -# Allow any mknod (but not using the node) -lxc.cgroup.devices.allow = c *:* m -lxc.cgroup.devices.allow = b *:* m -# /dev/null and zero -lxc.cgroup.devices.allow = c 1:3 rwm -lxc.cgroup.devices.allow = c 1:5 rwm -# consoles -lxc.cgroup.devices.allow = c 5:1 rwm -lxc.cgroup.devices.allow = c 5:0 rwm -#lxc.cgroup.devices.allow = c 4:0 rwm -#lxc.cgroup.devices.allow = c 4:1 rwm -# /dev/{,u}random -lxc.cgroup.devices.allow = c 1:9 rwm -lxc.cgroup.devices.allow = c 1:8 rwm -lxc.cgroup.devices.allow = c 136:* rwm -lxc.cgroup.devices.allow = c 5:2 rwm -# rtc -lxc.cgroup.devices.allow = c 254:0 rwm -#fuse -lxc.cgroup.devices.allow = c 10:229 rwm -#tun -lxc.cgroup.devices.allow = c 10:200 rwm -#full -lxc.cgroup.devices.allow = c 1:7 rwm -#hpet -lxc.cgroup.devices.allow = c 10:228 rwm -#kvm -lxc.cgroup.devices.allow = c 10:232 rwm - -# mounts point -lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 -lxc.mount.entry = sysfs sys sysfs defaults 0 0 From dbb6d1f13102381f532989b2a483c7e0fd770446 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:16:49 -0300 Subject: [PATCH 23/49] boxes: Add missing public vagrant ssh key --- boxes/common/prepare-vagrant-user.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/boxes/common/prepare-vagrant-user.sh b/boxes/common/prepare-vagrant-user.sh index 5f68f47..8ab5bb6 100755 --- a/boxes/common/prepare-vagrant-user.sh +++ b/boxes/common/prepare-vagrant-user.sh @@ -3,6 +3,8 @@ set -e source common/ui.sh +export VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" + info "Preparing vagrant user..." # Create vagrant user From cd23804046822a32b77d43e5aba97230d82de6bc Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:19:57 -0300 Subject: [PATCH 24/49] boxes: Prevent puppet and chef from being reinstalled --- boxes/debian/install-extras.sh | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index a489c46..75a1147 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -21,24 +21,31 @@ SALT=${SALT:-0} BABUSHKA=${BABUSHKA:-0} if [ $CHEF = 1 ]; then - # TODO: Check if Chef has been installed - log "Installing Chef" - cat > ${ROOTFS}/tmp/install-chef.sh << EOF + if $(lxc-attach -n ${CONTAINER} -- which chef-solo &>/dev/null); then + log "Chef has been installed on container, skipping" + else + log "Installing Chef" + cat > ${ROOTFS}/tmp/install-chef.sh << EOF #!/bin/sh curl -L https://www.opscode.com/chef/install.sh -k | sudo bash EOF - chmod +x ${ROOTFS}/tmp/install-chef.sh - lxc-attach -n ${CONTAINER} -- /tmp/install-chef.sh + chmod +x ${ROOTFS}/tmp/install-chef.sh + lxc-attach -n ${CONTAINER} -- /tmp/install-chef.sh + fi else log "Skipping Chef installation" fi if [ $PUPPET = 1 ]; then - log "Installing Puppet" - wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" - lxc-attach -n ${CONTAINER} -- dpkg -i "/tmp/puppetlabs-release-stable.deb" - lxc-attach -n ${CONTAINER} -- apt-get update - lxc-attach -n ${CONTAINER} -- apt-get install puppet -y --force-yes + if $(lxc-attach -n ${CONTAINER} -- which puppet &>/dev/null); then + log "Puppet has been installed on container, skipping" + else + log "Installing Puppet" + wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" + lxc-attach -n ${CONTAINER} -- dpkg -i "/tmp/puppetlabs-release-stable.deb" + lxc-attach -n ${CONTAINER} -- apt-get update + lxc-attach -n ${CONTAINER} -- apt-get install puppet -y --force-yes + fi else log "Skipping Puppet installation" fi From 3ff604622891dcb8d9ca3cc3decc52dc5a77458d Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:20:55 -0300 Subject: [PATCH 25/49] boxes: Skip puppet installation on Ubuntu Trusty as it is not supported ATM --- boxes/debian/install-extras.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 75a1147..5a9aabc 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -39,6 +39,8 @@ fi if [ $PUPPET = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which puppet &>/dev/null); then log "Puppet has been installed on container, skipping" + elif [ ${RELEASE} = 'trusty' ]; then + warn "Puppet can't be installed on Ubuntu Trusty 14.04, skipping" else log "Installing Puppet" wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" From a7074545ed2f0e6c08fafcd32ec8dafc34716e17 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:21:15 -0300 Subject: [PATCH 26/49] boxes: Ensure locales are properly set on debianoid boxes --- boxes/debian/install-extras.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 5a9aabc..3c04df0 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -15,6 +15,11 @@ lxc-attach -n ${CONTAINER} -- apt-get update lxc-attach -n ${CONTAINER} -- apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes lxc-attach -n ${CONTAINER} -- apt-get upgrade -y --force-yes +# TODO: SEPARATE FILE! +# Ensure locales are properly set, based on http://askubuntu.com/a/238063 +lxc-attach -n ${CONTAINER} -- locale-gen en_US.UTF-8 +lxc-attach -n ${CONTAINER} -- dpkg-reconfigure locales + CHEF=${CHEF:-0} PUPPET=${PUPPET:-0} SALT=${SALT:-0} From e598086913033e901e0f9147ab950d1c5bccef2c Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:25:08 -0300 Subject: [PATCH 27/49] boxes: Backport GH-92 --- boxes/common/download.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/boxes/common/download.sh b/boxes/common/download.sh index b617a13..2ae9b99 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -33,3 +33,11 @@ lxc-create -n ${CONTAINER} -t download -- \ # TODO: Nicely handle boxes that don't have an image associated log "Container created!" + + +# Fixes some networking issues +# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info +if ! $(grep -q 'ip6-allhosts' ${ROOTFS}/etc/hosts); then + log "Adding ipv6 allhosts entry to container's /etc/hosts" + echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts +fi From 7effe1f092f00156f0b8e23ee86aae6da9ab3c14 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:54:03 -0300 Subject: [PATCH 28/49] boxes: Support for building raring machines --- boxes/common/download.sh | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/boxes/common/download.sh b/boxes/common/download.sh index 2ae9b99..f39d1ba 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -25,13 +25,16 @@ fi # If we got to this point, we need to create the container log "Creating container..." -lxc-create -n ${CONTAINER} -t download -- \ - --dist ${DISTRIBUTION} \ - --release ${RELEASE} \ - --arch ${ARCH} - -# TODO: Nicely handle boxes that don't have an image associated - +if [ $RELEASE = 'raring' ]; then + lxc-create -n ${CONTAINER} -t ubuntu -- \ + --release ${RELEASE} \ + --arch ${ARCH} +else + lxc-create -n ${CONTAINER} -t download -- \ + --dist ${DISTRIBUTION} \ + --release ${RELEASE} \ + --arch ${ARCH} +fi log "Container created!" From e69441a99b827add9636301987408d534091e313 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 17:55:00 -0300 Subject: [PATCH 29/49] boxes: Improve CM handling --- boxes/debian/install-extras.sh | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 3c04df0..a5fe021 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -58,21 +58,31 @@ else fi if [ $SALT = 1 ]; then - lxc-attach -n ${CONTAINER} -- apt-add-repository -y ppa:saltstack/salt - lxc-attach -n ${CONTAINER} -- apt-get update - lxc-attach -n ${CONTAINER} -- apt-get install salt-minion -y --force-yes + if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then + log "Salt has been installed on container, skipping" + elif [ ${RELEASE} = 'raring' ]; then + warn "Salt can't be installed on Ubuntu Raring 13.04, skipping" + else + lxc-attach -n ${CONTAINER} -- apt-add-repository -y ppa:saltstack/salt + lxc-attach -n ${CONTAINER} -- apt-get update + chroot ${ROOTFS} apt-get install salt-minion -y --force-yes + fi else log "Skipping Salt installation" fi if [ $BABUSHKA = 1 ]; then - log "Installing Babushka" - cat > $ROOTFS/tmp/install-babushka.sh << EOF + if $(lxc-attach -n ${CONTAINER} -- which babushka &>/dev/null); then + log "Babushka has been installed on container, skipping" + else + log "Installing Babushka" + cat > $ROOTFS/tmp/install-babushka.sh << EOF #!/bin/sh curl https://babushka.me/up | sudo bash EOF - chmod +x $ROOTFS/tmp/install-babushka.sh - lxc-attach -n ${CONTAINER} -- /tmp/install-babushka.sh + chmod +x $ROOTFS/tmp/install-babushka.sh + lxc-attach -n ${CONTAINER} -- /tmp/install-babushka.sh + fi else log "Skipping Babushka installation" fi From 2c7e6fb600b1481e4142d7d8120bd32a44165719 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 18:39:41 -0300 Subject: [PATCH 30/49] boxes: Move colors out to the UI file --- boxes/common/ui.sh | 6 +++++- boxes/mk-ubuntu.sh | 5 ----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh index b2f91f8..14d9a2c 100644 --- a/boxes/common/ui.sh +++ b/boxes/common/ui.sh @@ -1,5 +1,10 @@ #!/bin/bash +export NO_COLOR='\033[0m' +export OK_COLOR='\033[32;01m' +export ERROR_COLOR='\033[31;01m' +export WARN_COLOR='\033[33;01m' + log() { echo " [${RELEASE}] ${1}" >&2 } @@ -12,7 +17,6 @@ info() { echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } -# TODO: Add a file lock so we can build in parallel confirm() { question=${1} default=${2} diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index 765e3e3..45e61d9 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -8,11 +8,6 @@ if [ "$(id -u)" != "0" ]; then exit 1 fi -export NO_COLOR='\033[0m' -export OK_COLOR='\033[32;01m' -export ERROR_COLOR='\033[31;01m' -export WARN_COLOR='\033[33;01m' - export DISTRIBUTION="ubuntu" export RELEASE=$1 export ARCH=$2 From 74cf06b1488ac8ac3a2bb8f91ffef27920833222 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 18:40:46 -0300 Subject: [PATCH 31/49] boxes: Sleep for 5 seconds after starting the container so that is has some time to get its network ready --- boxes/debian/install-extras.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index a5fe021..8cabb09 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -8,6 +8,9 @@ info 'Installing extra packages and upgrading' debug 'Bringing container up' lxc-start -d -n ${CONTAINER} &>/dev/null || true +# Sleep for a bit so that the container can get an IP +sleep 5 + # TODO: Support for setting this from outside UBUNTU_PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) From ff3baf1cd427542e33b780ab458e06b55878cd91 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 19:34:59 -0300 Subject: [PATCH 32/49] boxes: Improved output logging --- boxes/.gitignore | 1 + boxes/common/download.sh | 19 +++++++++--------- boxes/common/package.sh | 4 ++-- boxes/common/ui.sh | 3 +++ boxes/common/utils.sh | 28 +++++++++++++++++++++++++++ boxes/debian/clean.sh | 7 ++++--- boxes/debian/install-extras.sh | 35 +++++++++++++++++----------------- boxes/mk-ubuntu.sh | 1 + 8 files changed, 67 insertions(+), 31 deletions(-) create mode 100644 boxes/.gitignore create mode 100644 boxes/common/utils.sh diff --git a/boxes/.gitignore b/boxes/.gitignore new file mode 100644 index 0000000..31dbbff --- /dev/null +++ b/boxes/.gitignore @@ -0,0 +1 @@ +/log diff --git a/boxes/common/download.sh b/boxes/common/download.sh index f39d1ba..bbb8c37 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -2,6 +2,7 @@ set -e source common/ui.sh +source common/utils.sh # If container exists, check if want to continue if $(lxc-ls | grep -q ${CONTAINER}); then @@ -15,8 +16,8 @@ fi if $(lxc-ls | grep -q ${CONTAINER}); then if $(confirm "Do you want to rebuild the '${CONTAINER}' container?" 'n'); then log "Destroying container ${CONTAINER}..." - lxc-stop -n ${CONTAINER} &>/dev/null || true - lxc-destroy -n ${CONTAINER} + utils.lxc.stop + utils.lxc.destroy else log "Reusing existing container..." exit 0 @@ -26,14 +27,14 @@ fi # If we got to this point, we need to create the container log "Creating container..." if [ $RELEASE = 'raring' ]; then - lxc-create -n ${CONTAINER} -t ubuntu -- \ - --release ${RELEASE} \ - --arch ${ARCH} + utils.lxc.create -t ubuntu -- \ + --release ${RELEASE} \ + --arch ${ARCH} else - lxc-create -n ${CONTAINER} -t download -- \ - --dist ${DISTRIBUTION} \ - --release ${RELEASE} \ - --arch ${ARCH} + utils.lxc.create -t download -- \ + --dist ${DISTRIBUTION} \ + --release ${RELEASE} \ + --arch ${ARCH} fi log "Container created!" diff --git a/boxes/common/package.sh b/boxes/common/package.sh index 2ccf320..e223ee4 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -16,10 +16,10 @@ if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then fi log "Compressing container's rootfs" -pushd $(dirname ${ROOTFS}) &>/dev/null +pushd $(dirname ${ROOTFS}) &>${LOG} tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \ ${WORKING_DIR}/rootfs.tar.gz ./rootfs/* -popd &>/dev/null +popd &>${LOG} # Prepare package contents log 'Preparing box package contents' diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh index 14d9a2c..b389b67 100644 --- a/boxes/common/ui.sh +++ b/boxes/common/ui.sh @@ -6,14 +6,17 @@ export ERROR_COLOR='\033[31;01m' export WARN_COLOR='\033[33;01m' log() { + echo " [${RELEASE}] ${1}" >${LOG} echo " [${RELEASE}] ${1}" >&2 } warn() { + echo "==> [${RELEASE}] [WARN] ${1}" >${LOG} echo -e "${WARN_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } info() { + echo "==> [${RELEASE}] [INFO] ${1}" >${LOG} echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } diff --git a/boxes/common/utils.sh b/boxes/common/utils.sh new file mode 100644 index 0000000..7cc89d8 --- /dev/null +++ b/boxes/common/utils.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +mkdir -p $(dirname $LOG) +rm -f ${LOG} +touch ${LOG} +chmod +rw ${LOG} + +utils.lxc.attach() { + cmd="$@" + log "Running [${cmd}] inside '${CONTAINER}' container..." + (lxc-attach -n ${CONTAINER} -- $cmd) &> ${LOG} +} + +utils.lxc.start() { + lxc-start -d -n ${CONTAINER} &>${LOG} || true +} + +utils.lxc.stop() { + lxc-stop -n ${CONTAINER} &>${LOG} || true +} + +utils.lxc.destroy() { + lxc-destroy -n ${CONTAINER} &>${LOG} +} + +utils.lxc.create() { + lxc-create -n ${CONTAINER} "$@" &>${LOG} +} diff --git a/boxes/debian/clean.sh b/boxes/debian/clean.sh index 36f1302..0bdd2fb 100755 --- a/boxes/debian/clean.sh +++ b/boxes/debian/clean.sh @@ -2,14 +2,15 @@ set -e source common/ui.sh +source common/utils.sh debug 'Bringing container up' -lxc-start -d -n ${CONTAINER} &>/dev/null || true +utils.lxc.start info "Cleaning up '${CONTAINER}'..." log 'Removing temporary files...' -lxc-attach -n ${CONTAINER} -- rm -rf /tmp/* +rm -rf ${ROOTFS}/tmp/* log 'Removing downloaded packages...' -lxc-attach -n ${CONTAINER} -- apt-get clean +utils.lxc.attach apt-get clean diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 8cabb09..2bd9b84 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -2,26 +2,27 @@ set -e source common/ui.sh +source common/utils.sh info 'Installing extra packages and upgrading' debug 'Bringing container up' -lxc-start -d -n ${CONTAINER} &>/dev/null || true +utils.lxc.start # Sleep for a bit so that the container can get an IP +log 'Sleeping for 5 seconds...' sleep 5 # TODO: Support for setting this from outside UBUNTU_PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) - -lxc-attach -n ${CONTAINER} -- apt-get update -lxc-attach -n ${CONTAINER} -- apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes -lxc-attach -n ${CONTAINER} -- apt-get upgrade -y --force-yes +utils.lxc.attach apt-get update +utils.lxc.attach apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes +utils.lxc.attach apt-get upgrade -y --force-yes # TODO: SEPARATE FILE! # Ensure locales are properly set, based on http://askubuntu.com/a/238063 -lxc-attach -n ${CONTAINER} -- locale-gen en_US.UTF-8 -lxc-attach -n ${CONTAINER} -- dpkg-reconfigure locales +utils.lxc.attach locale-gen en_US.UTF-8 +utils.lxc.attach dpkg-reconfigure locales CHEF=${CHEF:-0} PUPPET=${PUPPET:-0} @@ -38,7 +39,7 @@ if [ $CHEF = 1 ]; then curl -L https://www.opscode.com/chef/install.sh -k | sudo bash EOF chmod +x ${ROOTFS}/tmp/install-chef.sh - lxc-attach -n ${CONTAINER} -- /tmp/install-chef.sh + utils.lxc.attach /tmp/install-chef.sh fi else log "Skipping Chef installation" @@ -52,9 +53,9 @@ if [ $PUPPET = 1 ]; then else log "Installing Puppet" wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" - lxc-attach -n ${CONTAINER} -- dpkg -i "/tmp/puppetlabs-release-stable.deb" - lxc-attach -n ${CONTAINER} -- apt-get update - lxc-attach -n ${CONTAINER} -- apt-get install puppet -y --force-yes + utils.lxc.attach dpkg -i "/tmp/puppetlabs-release-stable.deb" + utils.lxc.attach apt-get update + utils.lxc.attach apt-get install puppet -y --force-yes fi else log "Skipping Puppet installation" @@ -63,12 +64,10 @@ fi if [ $SALT = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then log "Salt has been installed on container, skipping" - elif [ ${RELEASE} = 'raring' ]; then - warn "Salt can't be installed on Ubuntu Raring 13.04, skipping" else - lxc-attach -n ${CONTAINER} -- apt-add-repository -y ppa:saltstack/salt - lxc-attach -n ${CONTAINER} -- apt-get update - chroot ${ROOTFS} apt-get install salt-minion -y --force-yes + utils.lxc.attach apt-add-repository -y ppa:saltstack/salt + utils.lxc.attach apt-get update + utils.lxc.attach apt-get install salt-minion -y --force-yes fi else log "Skipping Salt installation" @@ -77,6 +76,8 @@ fi if [ $BABUSHKA = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which babushka &>/dev/null); then log "Babushka has been installed on container, skipping" + elif [ ${RELEASE} = 'trusty' ]; then + warn "Babushka can't be installed on Ubuntu Trusty 14.04, skipping" else log "Installing Babushka" cat > $ROOTFS/tmp/install-babushka.sh << EOF @@ -84,7 +85,7 @@ if [ $BABUSHKA = 1 ]; then curl https://babushka.me/up | sudo bash EOF chmod +x $ROOTFS/tmp/install-babushka.sh - lxc-attach -n ${CONTAINER} -- /tmp/install-babushka.sh + utils.lxc.attach /tmp/install-babushka.sh fi else log "Skipping Babushka installation" diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index 45e61d9..b83ebe8 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -16,6 +16,7 @@ export PACKAGE=$4 export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" export WORKING_DIR="/tmp/${CONTAINER}" export NOW=$(date -u) +export LOG=$(readlink -f .)/log/${CONTAINER}.log if [ -f ${PACKAGE} ]; then warn "The box '${PACKAGE}' already exists, skipping..." From 85d36bfd4171b610616d0785d1f6e4a098c930f4 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 19:36:48 -0300 Subject: [PATCH 33/49] boxes: Implement `make clean` --- boxes/Makefile | 7 +++++-- boxes/clean.sh | 27 +++++++++++++++++++++++++++ boxes/mk-ubuntu.sh | 2 +- 3 files changed, 33 insertions(+), 3 deletions(-) create mode 100755 boxes/clean.sh diff --git a/boxes/Makefile b/boxes/Makefile index c7619af..e4273d4 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -12,5 +12,8 @@ $(UBUNTU_BOXES): @sudo chmod +rw $(PACKAGE) clean: - @echo "Implement clean" - @exit 1 + @for r in $(UBUNTU_BOXES); do \ + sudo -E ./clean.sh $${r}\ + vagrant-lxc-base-$${r}-amd64-${TODAY} \ + output/vagrant-lxc-$${r}-amd64-${TODAY}.box; \ + done diff --git a/boxes/clean.sh b/boxes/clean.sh new file mode 100755 index 0000000..079498e --- /dev/null +++ b/boxes/clean.sh @@ -0,0 +1,27 @@ +#!/bin/bash +set -e + +source common/ui.sh + +export RELEASE=$1 +export CONTAINER=$2 +export PACKAGE=$3 +export LOG=$(readlink -f .)/log/${CONTAINER}.log + +info "Cleaning ${RELEASE} artifacts..." + +# If container exists, check if want to continue +if $(lxc-ls | grep -q ${CONTAINER}); then + log "Removing '${CONTAINER}' container" + lxc-stop -n ${CONTAINER} &>/dev/null || true + lxc-destroy -n ${CONTAINER} +else + log "The container '${CONTAINER}' does not exist" +fi + +if [ -e ${PACKAGE} ]; then + log "Removing '${PACKAGE}'" + rm -f ${PACKAGE} +else + log "The package '${PACKAGE}' does not exist" +fi diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index b83ebe8..563be5f 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -36,5 +36,5 @@ info "Building box to '${PACKAGE}'..." ./common/package.sh ${CONTAINER} ${PACKAGE} info "Finished building '${PACKAGE}'!" -log "Run \`sudo lxc-destroy -n ${CONTAINER}\` to remove the container that was created along the way" +log "Run \`sudo lxc-destroy -n ${CONTAINER}\` or \`make clean\` to remove the container that was created along the way" echo From c7f5a567a927fb8d72cbd5b78a34475a1691ca75 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 19:55:34 -0300 Subject: [PATCH 34/49] boxes: Redirect puppet.deb wget to log file --- boxes/debian/install-extras.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 2bd9b84..291b670 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -52,7 +52,7 @@ if [ $PUPPET = 1 ]; then warn "Puppet can't be installed on Ubuntu Trusty 14.04, skipping" else log "Installing Puppet" - wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" + wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>${LOG} utils.lxc.attach dpkg -i "/tmp/puppetlabs-release-stable.deb" utils.lxc.attach apt-get update utils.lxc.attach apt-get install puppet -y --force-yes From d0939622a5a33e0d744a30c14ac196af291cef8e Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 19:55:50 -0300 Subject: [PATCH 35/49] boxes: Disable salt on raring --- boxes/debian/install-extras.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 291b670..1dc4f3e 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -64,6 +64,8 @@ fi if [ $SALT = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then log "Salt has been installed on container, skipping" + elif [ ${RELEASE} = 'raring' ]; then + warn "Puppet can't be installed on Ubuntu Raring 13.04, skipping" else utils.lxc.attach apt-add-repository -y ppa:saltstack/salt utils.lxc.attach apt-get update From 2c934d4ec418aac94d3592b06a91b65566cd2edc Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 20:20:37 -0300 Subject: [PATCH 36/49] boxes: Fix output logging --- boxes/common/package.sh | 4 ++-- boxes/common/ui.sh | 6 +++--- boxes/common/utils.sh | 15 +++++---------- boxes/debian/install-extras.sh | 2 +- boxes/mk-ubuntu.sh | 6 ++++++ 5 files changed, 17 insertions(+), 16 deletions(-) diff --git a/boxes/common/package.sh b/boxes/common/package.sh index e223ee4..a897317 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -16,10 +16,10 @@ if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then fi log "Compressing container's rootfs" -pushd $(dirname ${ROOTFS}) &>${LOG} +pushd $(dirname ${ROOTFS}) &>>${LOG} tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \ ${WORKING_DIR}/rootfs.tar.gz ./rootfs/* -popd &>${LOG} +popd &>>${LOG} # Prepare package contents log 'Preparing box package contents' diff --git a/boxes/common/ui.sh b/boxes/common/ui.sh index b389b67..6372a8d 100644 --- a/boxes/common/ui.sh +++ b/boxes/common/ui.sh @@ -6,17 +6,17 @@ export ERROR_COLOR='\033[31;01m' export WARN_COLOR='\033[33;01m' log() { - echo " [${RELEASE}] ${1}" >${LOG} + echo " [${RELEASE}] ${1}" >>${LOG} echo " [${RELEASE}] ${1}" >&2 } warn() { - echo "==> [${RELEASE}] [WARN] ${1}" >${LOG} + echo "==> [${RELEASE}] [WARN] ${1}" >>${LOG} echo -e "${WARN_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } info() { - echo "==> [${RELEASE}] [INFO] ${1}" >${LOG} + echo "==> [${RELEASE}] [INFO] ${1}" >>${LOG} echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}" } diff --git a/boxes/common/utils.sh b/boxes/common/utils.sh index 7cc89d8..e7a7f9f 100644 --- a/boxes/common/utils.sh +++ b/boxes/common/utils.sh @@ -1,28 +1,23 @@ #!/bin/bash -mkdir -p $(dirname $LOG) -rm -f ${LOG} -touch ${LOG} -chmod +rw ${LOG} - utils.lxc.attach() { cmd="$@" log "Running [${cmd}] inside '${CONTAINER}' container..." - (lxc-attach -n ${CONTAINER} -- $cmd) &> ${LOG} + (lxc-attach -n ${CONTAINER} -- $cmd) &>> ${LOG} } utils.lxc.start() { - lxc-start -d -n ${CONTAINER} &>${LOG} || true + lxc-start -d -n ${CONTAINER} &>>${LOG} || true } utils.lxc.stop() { - lxc-stop -n ${CONTAINER} &>${LOG} || true + lxc-stop -n ${CONTAINER} &>>${LOG} || true } utils.lxc.destroy() { - lxc-destroy -n ${CONTAINER} &>${LOG} + lxc-destroy -n ${CONTAINER} &>>${LOG} } utils.lxc.create() { - lxc-create -n ${CONTAINER} "$@" &>${LOG} + lxc-create -n ${CONTAINER} "$@" &>>${LOG} } diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 1dc4f3e..d69d3e5 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -52,7 +52,7 @@ if [ $PUPPET = 1 ]; then warn "Puppet can't be installed on Ubuntu Trusty 14.04, skipping" else log "Installing Puppet" - wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>${LOG} + wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>>${LOG} utils.lxc.attach dpkg -i "/tmp/puppetlabs-release-stable.deb" utils.lxc.attach apt-get update utils.lxc.attach apt-get install puppet -y --force-yes diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-ubuntu.sh index 563be5f..4d5c9ab 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-ubuntu.sh @@ -18,6 +18,12 @@ export WORKING_DIR="/tmp/${CONTAINER}" export NOW=$(date -u) export LOG=$(readlink -f .)/log/${CONTAINER}.log +mkdir -p $(dirname $LOG) +echo '############################################' > ${LOG} +echo "# Beginning build at $(date)" >> ${LOG} +touch ${LOG} +chmod +rw ${LOG} + if [ -f ${PACKAGE} ]; then warn "The box '${PACKAGE}' already exists, skipping..." echo From 02a65820bf57700b555bbdaa8f22f87f366bc594 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 20:24:09 -0300 Subject: [PATCH 37/49] boxes: Ensure .box is owned by the current user --- boxes/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/boxes/Makefile b/boxes/Makefile index e4273d4..941bc85 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -10,6 +10,7 @@ $(UBUNTU_BOXES): PACKAGE = "output/vagrant-lxc-${@}-amd64-${TODAY}.box" $(UBUNTU_BOXES): @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) @sudo chmod +rw $(PACKAGE) + @sudo chown ${USER}: $(PACKAGE) clean: @for r in $(UBUNTU_BOXES); do \ From d5faf1db663b39c1a66d99af97119d8c8acc7c01 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 20:30:57 -0300 Subject: [PATCH 38/49] boxes: Drop packages on `boxes/output/TODAY` for better organization --- boxes/Makefile | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/boxes/Makefile b/boxes/Makefile index 941bc85..e7d5f91 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -5,9 +5,10 @@ default: all: $(UBUNTU_BOXES) -$(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64-${TODAY}" -$(UBUNTU_BOXES): PACKAGE = "output/vagrant-lxc-${@}-amd64-${TODAY}.box" +$(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64" +$(UBUNTU_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-amd64.box" $(UBUNTU_BOXES): + @mkdir -p $$(dirname $(PACKAGE)) @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) @sudo chmod +rw $(PACKAGE) @sudo chown ${USER}: $(PACKAGE) @@ -15,6 +16,6 @@ $(UBUNTU_BOXES): clean: @for r in $(UBUNTU_BOXES); do \ sudo -E ./clean.sh $${r}\ - vagrant-lxc-base-$${r}-amd64-${TODAY} \ - output/vagrant-lxc-$${r}-amd64-${TODAY}.box; \ + vagrant-lxc-base-$${r}-amd64 \ + output/${TODAY}/vagrant-lxc-$${r}-amd64-${TODAY}.box; \ done From deac5930ccc00608311aa825b4ceddbac1a979e9 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 18:11:40 -0300 Subject: [PATCH 39/49] action/handle_box_metadata: Implement support for 1.0.0 base boxes --- lib/vagrant-lxc/action/handle_box_metadata.rb | 43 ++++++++---- spec/unit/action/handle_box_metadata_spec.rb | 66 ++++++++++++++++++- 2 files changed, 93 insertions(+), 16 deletions(-) diff --git a/lib/vagrant-lxc/action/handle_box_metadata.rb b/lib/vagrant-lxc/action/handle_box_metadata.rb index 73ceeb8..fccc9b5 100644 --- a/lib/vagrant-lxc/action/handle_box_metadata.rb +++ b/lib/vagrant-lxc/action/handle_box_metadata.rb @@ -3,7 +3,8 @@ module Vagrant module Action # Prepare arguments to be used for lxc-create class HandleBoxMetadata - SUPPORTED_VERSIONS = [2, 3] + SUPPORTED_VERSIONS = ['1.0.0', '2', '3'] + def initialize(app, env) @app = app @logger = Log4r::Logger.new("vagrant::lxc::action::handle_box_metadata") @@ -16,15 +17,25 @@ module Vagrant @env[:ui].info I18n.t("vagrant.actions.vm.import.importing", :name => @env[:machine].box.name) - @logger.debug 'Validating box contents' + @logger.info 'Validating box contents' validate_box - @logger.debug 'Setting box options on environment' - @env[:lxc_template_opts] = template_opts + @logger.info 'Setting box options on environment' @env[:lxc_template_src] = template_src + @env[:lxc_template_opts] = template_opts + + # FIXME: Remove support for pre 1.0.0 boxes + if box_version != '1.0.0' + @env[:ui].warn "WARNING: You are using a base box that has a format that has been deprecated, please upgrade to a new one." + @env[:lxc_template_opts].merge!( + '--auth-key' => Vagrant.source_root.join('keys', 'vagrant.pub').expand_path.to_s + ) + end if template_config_file.exist? - @env[:lxc_template_config] = template_config_file.to_s + @env[:lxc_template_opts].merge!('--config' => template_config_file.to_s) + elsif old_template_config_file.exist? + @env[:lxc_template_config] = old_template_config_file.to_s end @app.call env @@ -35,15 +46,17 @@ module Vagrant end def template_config_file - @template_config_file ||= @box.directory.join('lxc.conf') + @template_config_file ||= @box.directory.join('lxc-config') + end + + # TODO: Remove this once we remove compatibility for < 1.0.0 boxes + def old_template_config_file + @old_template_config_file ||= @box.directory.join('lxc.conf') end def template_opts @template_opts ||= @box.metadata.fetch('template-opts', {}).dup.merge!( - '--tarball' => rootfs_tarball, - # TODO: Deprecate this, the rootfs should be ready for vagrant-lxc - # SSH access at this point - '--auth-key' => Vagrant.source_root.join('keys', 'vagrant.pub').expand_path.to_s + '--tarball' => rootfs_tarball ) end @@ -52,10 +65,10 @@ module Vagrant end def validate_box - unless SUPPORTED_VERSIONS.include? @box.metadata.fetch('version').to_i + unless SUPPORTED_VERSIONS.include? box_version raise Errors::IncompatibleBox.new name: @box.name, - found: @box.metadata.fetch('version').to_i, - supported: SUPPORTED_VERSIONS.join(' and ') + found: box_version, + supported: SUPPORTED_VERSIONS.join(', ') end unless File.exists?(template_src) @@ -66,6 +79,10 @@ module Vagrant raise Errors::RootFSTarballMissing.new name: @box.name end end + + def box_version + @box.metadata.fetch('version') + end end end end diff --git a/spec/unit/action/handle_box_metadata_spec.rb b/spec/unit/action/handle_box_metadata_spec.rb index 973948b..3208355 100644 --- a/spec/unit/action/handle_box_metadata_spec.rb +++ b/spec/unit/action/handle_box_metadata_spec.rb @@ -6,7 +6,7 @@ require 'vagrant-lxc/action/handle_box_metadata' describe Vagrant::LXC::Action::HandleBoxMetadata do let(:app) { double(:app, call: true) } - let(:env) { {machine: machine, ui: double(info: true)} } + let(:env) { {machine: machine, ui: double(info: true, warn: true)} } let(:machine) { double(:machine, box: box) } let(:box) { double(:box, name: 'box-name', metadata: metadata, directory: box_directory) } let(:box_directory) { Pathname.new('/path/to/box') } @@ -16,9 +16,54 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do subject { described_class.new(app, env) } - context 'with valid contents' do + context 'with 1.0.0 box' do + let(:version) { '1.0.0' } + before do File.stub(exists?: true) + # REFACTOR: This is pretty bad + subject.stub_chain(:template_config_file, :exist?).and_return(true) + subject.stub_chain(:template_config_file, :to_s).and_return(box_directory.join('lxc-config').to_s) + subject.call(env) + end + + it 'sets the tarball argument for the template' do + env[:lxc_template_opts].should include( + '--tarball' => box_directory.join('rootfs.tar.gz').to_s + ) + end + + it 'sets the template --config parameter' do + env[:lxc_template_opts].should include( + '--config' => box_directory.join('lxc-config').to_s + ) + end + + it 'does not set the auth key argument for the template' do + env[:lxc_template_opts].should_not include( + '--auth-key' => vagrant_key + ) + end + + it 'sets the template options from metadata on env hash' do + env[:lxc_template_opts].should include(metadata['template-opts']) + end + + it 'sets the template source path on env hash' do + env[:lxc_template_src].should == box_directory.join('lxc-template').to_s + end + + it 'does not warn about deprecation' do + env[:ui].should_not have_received(:warn) + end + end + + context 'with valid pre 1.0.0 box' do + before do + File.stub(exists?: true) + # REFACTOR: This is pretty bad + subject.stub_chain(:old_template_config_file, :exist?).and_return(true) + subject.stub_chain(:old_template_config_file, :to_s).and_return(box_directory.join('lxc.conf').to_s) subject.call(env) end @@ -34,6 +79,10 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do ) end + it 'sets the lxc config file parameter' do + env[:lxc_template_config].should == box_directory.join('lxc.conf').to_s + end + it 'sets the template options from metadata on env hash' do env[:lxc_template_opts].should include(metadata['template-opts']) end @@ -41,12 +90,23 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do it 'sets the template source path on env hash' do env[:lxc_template_src].should == box_directory.join('lxc-template').to_s end + + it 'warns about deprecation' do + env[:ui].should have_received(:warn) + end end describe 'with invalid contents' do before { File.stub(exists?: true) } - it 'raises an error if the version is != 2' do + it 'validates box versions' do + %w( 2 3 1.0.0 ).each do |v| + metadata['version'] = v + expect { + subject.call(env) + }.to_not raise_error(Vagrant::LXC::Errors::IncompatibleBox) + end + metadata['version'] = '1' expect { subject.call(env) From 4f5d95b7f31056a757398e28b6261f6965a99c2c Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 21:35:53 -0300 Subject: [PATCH 40/49] boxes: Getting ready to build debians --- boxes/Makefile | 19 ++++++++++++++++--- boxes/{mk-ubuntu.sh => mk-debian.sh} | 12 ++++++------ 2 files changed, 22 insertions(+), 9 deletions(-) rename boxes/{mk-ubuntu.sh => mk-debian.sh} (85%) diff --git a/boxes/Makefile b/boxes/Makefile index e7d5f91..9114f25 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -1,20 +1,33 @@ UBUNTU_BOXES= precise quantal raring saucy trusty +DEBIAN_BOXES= squeeze wheezy sid TODAY=$(shell date -u +"%Y-%m-%d") default: -all: $(UBUNTU_BOXES) +all: ubuntu debian +ubuntu: $(UBUNTU_BOXES) +debian: $(DEBIAN_BOXES) + +# REFACTOR: Figure out how can we reduce duplicated code $(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64" $(UBUNTU_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-amd64.box" $(UBUNTU_BOXES): @mkdir -p $$(dirname $(PACKAGE)) - @sudo -E ./mk-ubuntu.sh $(@) amd64 $(CONTAINER) $(PACKAGE) + @sudo -E ./mk-debian.sh ubuntu $(@) amd64 $(CONTAINER) $(PACKAGE) + @sudo chmod +rw $(PACKAGE) + @sudo chown ${USER}: $(PACKAGE) +$(DEBIAN_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64" +$(DEBIAN_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-amd64.box" +$(DEBIAN_BOXES): + @mkdir -p $$(dirname $(PACKAGE)) + @sudo -E ./mk-debian.sh debian $(@) amd64 $(CONTAINER) $(PACKAGE) @sudo chmod +rw $(PACKAGE) @sudo chown ${USER}: $(PACKAGE) +clean: ALL_BOXES = ${DEBIAN_BOXES} ${UBUNTU_BOXES} clean: - @for r in $(UBUNTU_BOXES); do \ + @for r in $(ALL_BOXES); do \ sudo -E ./clean.sh $${r}\ vagrant-lxc-base-$${r}-amd64 \ output/${TODAY}/vagrant-lxc-$${r}-amd64-${TODAY}.box; \ diff --git a/boxes/mk-ubuntu.sh b/boxes/mk-debian.sh similarity index 85% rename from boxes/mk-ubuntu.sh rename to boxes/mk-debian.sh index 4d5c9ab..a1b5d0c 100755 --- a/boxes/mk-ubuntu.sh +++ b/boxes/mk-debian.sh @@ -8,11 +8,11 @@ if [ "$(id -u)" != "0" ]; then exit 1 fi -export DISTRIBUTION="ubuntu" -export RELEASE=$1 -export ARCH=$2 -export CONTAINER=$3 -export PACKAGE=$4 +export DISTRIBUTION=$1 +export RELEASE=$2 +export ARCH=$3 +export CONTAINER=$4 +export PACKAGE=$5 export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" export WORKING_DIR="/tmp/${CONTAINER}" export NOW=$(date -u) @@ -35,7 +35,7 @@ mkdir -p ${WORKING_DIR} info "Building box to '${PACKAGE}'..." -./common/download.sh ubuntu ${RELEASE} ${ARCH} ${CONTAINER} +./common/download.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER} ./common/prepare-vagrant-user.sh ${CONTAINER} ./debian/install-extras.sh ${CONTAINER} ./debian/clean.sh ${CONTAINER} From 82b49b7242483d0c234246c9ed34e9329b6bff89 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 22:54:29 -0300 Subject: [PATCH 41/49] boxes: Finish Debian conversion to new scripts --- boxes/Makefile | 2 +- boxes/build-debian-box.sh | 170 --------------------------- boxes/common/download.sh | 12 +- boxes/common/install-salt-debian | 28 ----- boxes/common/package.sh | 2 +- boxes/common/prepare-vagrant-user.sh | 11 +- boxes/conf/debian | 62 ++++++++++ boxes/debian/install-extras.sh | 42 +++++-- boxes/debian/vagrant-lxc-fixes.sh | 32 +++++ boxes/mk-debian.sh | 3 +- 10 files changed, 142 insertions(+), 222 deletions(-) delete mode 100755 boxes/build-debian-box.sh delete mode 100755 boxes/common/install-salt-debian create mode 100644 boxes/conf/debian create mode 100755 boxes/debian/vagrant-lxc-fixes.sh diff --git a/boxes/Makefile b/boxes/Makefile index 9114f25..6af8a80 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -1,5 +1,5 @@ UBUNTU_BOXES= precise quantal raring saucy trusty -DEBIAN_BOXES= squeeze wheezy sid +DEBIAN_BOXES= squeeze wheezy sid jessie TODAY=$(shell date -u +"%Y-%m-%d") default: diff --git a/boxes/build-debian-box.sh b/boxes/build-debian-box.sh deleted file mode 100755 index 60a9007..0000000 --- a/boxes/build-debian-box.sh +++ /dev/null @@ -1,170 +0,0 @@ -#!/bin/bash - -# set -x -set -e - -# Script used to build Debian base vagrant-lxc containers, currently limited to -# host's arch -# -# USAGE: -# $ cd boxes && sudo ./build-debian-box.sh DEBIAN_RELEASE -# -# To enable Chef or any other configuration management tool pass '1' to the -# corresponding env var: -# $ CHEF=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE -# $ PUPPET=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE -# $ SALT=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE -# $ BABUSHKA=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE - -################################################################################## -# 0 - Initial setup and sanity checks - -TODAY=$(date -u +"%Y-%m-%d") -NOW=$(date -u) -RELEASE=${1:-"wheezy"} -ARCH=$(dpkg --print-architecture) # This is what the Debian template will use under the hood -PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box -WORKING_DIR=/tmp/vagrant-lxc-${RELEASE} -VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" -ROOTFS=/var/lib/lxc/${RELEASE}-base/rootfs - -# Providing '1' will enable these tools -CHEF=${CHEF:-0} -PUPPET=${PUPPET:-0} -SALT=${SALT:-0} -BABUSHKA=${BABUSHKA:-0} - -# Path to files bundled with the box -CWD=`readlink -f .` -LXC_TEMPLATE=${CWD}/common/lxc-template -LXC_CONF=${CWD}/common/lxc.conf -METATADA_JSON=${CWD}/common/metadata.json - -# Set up a working dir -mkdir -p $WORKING_DIR - -if [ -f "${WORKING_DIR}/${PKG}" ]; then - echo "Found a box on ${WORKING_DIR}/${PKG} already!" - exit 1 -fi - -################################################################################## -# 1 - Create the base container - -if $(lxc-ls | grep -q "${RELEASE}-base"); then - echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!" - exit 1 -else - export SUITE=$RELEASE - lxc-create -n ${RELEASE}-base -t debian -fi - - -###################################### -# 2 - Fix some known issues - -# Fixes some networking issues -# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info -sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${RELEASE}-base\n/g" ${ROOTFS}/etc/hosts - -# Ensures that `/tmp` does not get cleared on halt -# See https://github.com/fgrehm/vagrant-lxc/issues/68 for more info -chroot $ROOTFS /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove -chroot $ROOTFS /usr/sbin/update-rc.d -f mountall-bootclean.sh remove -chroot $ROOTFS /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove - -# Ensure locales are properly set, based on http://linux.livejournal.com/1880366.html -LANG=${LANG:-en_US.UTF-8} -sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen -chroot $ROOTFS /usr/sbin/locale-gen -chroot $ROOTFS update-locale LANG=${LANG} - - -################################################################################## -# 3 - Prepare vagrant user -sudo chroot ${ROOTFS} useradd --create-home -s /bin/bash vagrant - -echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd - - -################################################################################## -# 4 - Setup SSH access and passwordless sudo - -# Configure SSH access -mkdir -p ${ROOTFS}/home/vagrant/.ssh -echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys -chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh - -chroot ${ROOTFS} apt-get install sudo -y --force-yes -chroot ${ROOTFS} adduser vagrant sudo - -# Enable passwordless sudo for the vagrant user -echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant -chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant - - -################################################################################## -# 5 - Add some goodies and update packages - -PACKAGES=(vim curl wget man-db bash-completion ca-certificates) -chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes -chroot ${ROOTFS} apt-get upgrade -y --force-yes - -# Enable bash-completion -sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \ - -i ${ROOTFS}/etc/bash.bashrc - - -################################################################################## -# 6 - Configuration management tools - -if [ $CHEF = 1 ]; then - ./common/install-chef $ROOTFS -fi - -if [ $PUPPET = 1 ]; then - ./common/install-puppet $ROOTFS -fi - -if [ $SALT = 1 ]; then - ./common/install-salt-debian $ROOTFS -fi - -if [ $BABUSHKA = 1 ]; then - ./common/install-babushka $ROOTFS -fi - - -################################################################################## -# 7 - Free up some disk space - -rm -rf ${ROOTFS}/tmp/* -chroot ${ROOTFS} apt-get clean - - -################################################################################## -# 8 - Build box package - -# Compress container's rootfs -cd $(dirname $ROOTFS) -tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/* - -# Prepare package contents -cd $WORKING_DIR -cp $LXC_TEMPLATE . -cp $LXC_CONF . -cp $METATADA_JSON . -chmod +x lxc-template -sed -i "s//${NOW}/" metadata.json - -# Vagrant box! -tar -czf $PKG ./* - -chmod +rw ${WORKING_DIR}/${PKG} -mkdir -p ${CWD}/output -mv ${WORKING_DIR}/${PKG} ${CWD}/output - -# Clean up after ourselves -rm -rf ${WORKING_DIR} - -echo "The base box was built successfully to ${CWD}/output/${PKG}" diff --git a/boxes/common/download.sh b/boxes/common/download.sh index bbb8c37..f20b4d1 100755 --- a/boxes/common/download.sh +++ b/boxes/common/download.sh @@ -30,6 +30,10 @@ if [ $RELEASE = 'raring' ]; then utils.lxc.create -t ubuntu -- \ --release ${RELEASE} \ --arch ${ARCH} +elif [ $RELEASE = 'squeeze' ]; then + utils.lxc.create -t debian -- \ + --release ${RELEASE} \ + --arch ${ARCH} else utils.lxc.create -t download -- \ --dist ${DISTRIBUTION} \ @@ -37,11 +41,3 @@ else --arch ${ARCH} fi log "Container created!" - - -# Fixes some networking issues -# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info -if ! $(grep -q 'ip6-allhosts' ${ROOTFS}/etc/hosts); then - log "Adding ipv6 allhosts entry to container's /etc/hosts" - echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts -fi diff --git a/boxes/common/install-salt-debian b/boxes/common/install-salt-debian deleted file mode 100755 index 20209da..0000000 --- a/boxes/common/install-salt-debian +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -set -e - -rootfs=$1 - -echo "installing salt" - -if [ $SUITE == "squeeze" ]; then - SALT_SOURCE="deb http://debian.saltstack.com/debian squeeze-saltstack main\ndeb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free" -elif [ $SUITE == "sid" ]; then - SALT_SOURCE="deb http://debian.saltstack.com/debian unstable main" -else - SALT_SOURCE="deb http://debian.saltstack.com/debian wheezy-saltstack main" -fi - -cat > $rootfs/tmp/install-salt << EOF -#!/bin/sh -echo "$SALT_SOURCE" > /etc/apt/sources.list.d/saltstack.list -wget -q -O- "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" | apt-key add - -apt-get update -apt-get install -y salt-minion -apt-get clean -EOF - -chroot $rootfs sh /tmp/install-salt - -rm -rf $rootfs/tmp/* diff --git a/boxes/common/package.sh b/boxes/common/package.sh index a897317..853f653 100755 --- a/boxes/common/package.sh +++ b/boxes/common/package.sh @@ -24,7 +24,7 @@ popd &>>${LOG} # Prepare package contents log 'Preparing box package contents' cp common/lxc-template ${WORKING_DIR} -cp conf/ubuntu ${WORKING_DIR}/lxc-config +cp conf/${DISTRIBUTION} ${WORKING_DIR}/lxc-config cp conf/metadata.json ${WORKING_DIR} sed -i "s//${NOW}/" ${WORKING_DIR}/metadata.json diff --git a/boxes/common/prepare-vagrant-user.sh b/boxes/common/prepare-vagrant-user.sh index 8ab5bb6..fdeebaf 100755 --- a/boxes/common/prepare-vagrant-user.sh +++ b/boxes/common/prepare-vagrant-user.sh @@ -10,13 +10,18 @@ info "Preparing vagrant user..." # Create vagrant user if $(grep -q 'vagrant' ${ROOTFS}/etc/shadow); then log 'Skipping vagrant user creation' -else +elif $(grep -q 'ubuntu' ${ROOTFS}/etc/shadow); then debug 'vagrant user does not exist, renaming ubuntu user...' mv ${ROOTFS}/home/{ubuntu,vagrant} - chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu - chroot ${ROOTFS} groupmod -n vagrant ubuntu + chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu &>> ${LOG} + chroot ${ROOTFS} groupmod -n vagrant ubuntu &>> ${LOG} echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd log 'Renamed ubuntu user to vagrant and changed password.' +else + debug 'Creating vagrant user...' + chroot ${ROOTFS} useradd --create-home -s /bin/bash vagrant &>> ${LOG} + chroot ${ROOTFS} adduser vagrant sudo &>> ${LOG} + echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd fi # Configure SSH access diff --git a/boxes/conf/debian b/boxes/conf/debian new file mode 100644 index 0000000..09e5c40 --- /dev/null +++ b/boxes/conf/debian @@ -0,0 +1,62 @@ +# Default pivot location +lxc.pivotdir = lxc_putold + +# Default mount entries +lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 +lxc.mount.entry = sysfs sys sysfs defaults 0 0 +lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0 + +# Default console settings +lxc.tty = 4 +lxc.pts = 1024 + +# Default capabilities +lxc.cap.drop = sys_module mac_admin mac_override sys_time + +# When using LXC with apparmor, the container will be confined by default. +# If you wish for it to instead run unconfined, copy the following line +# (uncommented) to the container's configuration file. +#lxc.aa_profile = unconfined + +# To support container nesting on an Ubuntu host while retaining most of +# apparmor's added security, use the following two lines instead. +#lxc.aa_profile = lxc-container-default-with-nesting +#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups + +# If you wish to allow mounting block filesystems, then use the following +# line instead, and make sure to grant access to the block device and/or loop +# devices below in lxc.cgroup.devices.allow. +#lxc.aa_profile = lxc-container-default-with-mounting + +# Default cgroup limits +lxc.cgroup.devices.deny = a +## Allow any mknod (but not using the node) +lxc.cgroup.devices.allow = c *:* m +lxc.cgroup.devices.allow = b *:* m +## /dev/null and zero +lxc.cgroup.devices.allow = c 1:3 rwm +lxc.cgroup.devices.allow = c 1:5 rwm +## consoles +lxc.cgroup.devices.allow = c 5:0 rwm +lxc.cgroup.devices.allow = c 5:1 rwm +## /dev/{,u}random +lxc.cgroup.devices.allow = c 1:8 rwm +lxc.cgroup.devices.allow = c 1:9 rwm +## /dev/pts/* +lxc.cgroup.devices.allow = c 5:2 rwm +lxc.cgroup.devices.allow = c 136:* rwm +## rtc +lxc.cgroup.devices.allow = c 254:0 rm +## fuse +lxc.cgroup.devices.allow = c 10:229 rwm +## tun +lxc.cgroup.devices.allow = c 10:200 rwm +## full +lxc.cgroup.devices.allow = c 1:7 rwm +## hpet +lxc.cgroup.devices.allow = c 10:228 rwm +## kvm +lxc.cgroup.devices.allow = c 10:232 rwm +## To use loop devices, copy the following line to the container's +## configuration file (uncommented). +#lxc.cgroup.devices.allow = b 7:* rwm diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index d69d3e5..8e4e6fc 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -13,22 +13,26 @@ utils.lxc.start log 'Sleeping for 5 seconds...' sleep 5 -# TODO: Support for setting this from outside -UBUNTU_PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common) +# TODO: Support for appending to this list from outside +PACKAGES=(vim curl wget man-db bash-completion python-software-properties ca-certificates sudo) +if [ $DISTRIBUTION = 'ubuntu' ]; then + PACKAGES+=' software-properties-common' +fi utils.lxc.attach apt-get update -utils.lxc.attach apt-get install ${UBUNTU_PACKAGES[*]} -y --force-yes +utils.lxc.attach apt-get install ${PACKAGES[*]} -y --force-yes utils.lxc.attach apt-get upgrade -y --force-yes -# TODO: SEPARATE FILE! -# Ensure locales are properly set, based on http://askubuntu.com/a/238063 -utils.lxc.attach locale-gen en_US.UTF-8 -utils.lxc.attach dpkg-reconfigure locales - CHEF=${CHEF:-0} PUPPET=${PUPPET:-0} SALT=${SALT:-0} BABUSHKA=${BABUSHKA:-0} +if [ $DISTRIBUTION = 'debian' ]; then + # Enable bash-completion + sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \ + -i ${ROOTFS}/etc/bash.bashrc +fi + if [ $CHEF = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which chef-solo &>/dev/null); then log "Chef has been installed on container, skipping" @@ -50,6 +54,8 @@ if [ $PUPPET = 1 ]; then log "Puppet has been installed on container, skipping" elif [ ${RELEASE} = 'trusty' ]; then warn "Puppet can't be installed on Ubuntu Trusty 14.04, skipping" + elif [ ${RELEASE} = 'sid' ]; then + warn "Puppet can't be installed on Debian sid, skipping" else log "Installing Puppet" wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>>${LOG} @@ -65,9 +71,25 @@ if [ $SALT = 1 ]; then if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then log "Salt has been installed on container, skipping" elif [ ${RELEASE} = 'raring' ]; then - warn "Puppet can't be installed on Ubuntu Raring 13.04, skipping" + warn "Salt can't be installed on Ubuntu Raring 13.04, skipping" else - utils.lxc.attach apt-add-repository -y ppa:saltstack/salt + if [ $DISTRIBUTION = 'ubuntu' ]; then + utils.lxc.attach add-apt-repository -y ppa:saltstack/salt + else # DEBIAN + if [ $RELEASE == "squeeze" ]; then + SALT_SOURCE_1="deb http://debian.saltstack.com/debian squeeze-saltstack main" + SALT_SOURCE_2="deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free" + elif [ $RELEASE == "wheezy" ]; then + SALT_SOURCE_1="deb http://debian.saltstack.com/debian wheezy-saltstack main" + else + SALT_SOURCE_1="deb http://debian.saltstack.com/debian unstable main" + fi + echo $SALT_SOURCE_1 > ${ROOTFS}/etc/apt/sources.list.d/saltstack.list + echo $SALT_SOURCE_2 >> ${ROOTFS}/etc/apt/sources.list.d/saltstack.list + + utils.lxc.attach wget -q -O /tmp/salt.key "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" + utils.lxc.attach apt-key add /tmp/salt.key + fi utils.lxc.attach apt-get update utils.lxc.attach apt-get install salt-minion -y --force-yes fi diff --git a/boxes/debian/vagrant-lxc-fixes.sh b/boxes/debian/vagrant-lxc-fixes.sh new file mode 100755 index 0000000..c5ea0e4 --- /dev/null +++ b/boxes/debian/vagrant-lxc-fixes.sh @@ -0,0 +1,32 @@ +#!/bin/bash +set -e + +source common/ui.sh +source common/utils.sh + +# Fixes some networking issues +# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info +if ! $(grep -q 'ip6-allhosts' ${ROOTFS}/etc/hosts); then + log "Adding ipv6 allhosts entry to container's /etc/hosts" + echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts +fi + +utils.lxc.start + +if [ ${DISTRIBUTION} = 'debian' ]; then + # Ensure locales are properly set, based on http://askubuntu.com/a/238063 + LANG=${LANG:-en_US.UTF-8} + sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen + utils.lxc.attach /usr/sbin/locale-gen + utils.lxc.attach update-locale LANG=${LANG} + + # Fixes some networking issues + # See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info + sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${RELEASE}-base\n/g" ${ROOTFS}/etc/hosts + + # Ensures that `/tmp` does not get cleared on halt + # See https://github.com/fgrehm/vagrant-lxc/issues/68 for more info + utils.lxc.attach /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove + utils.lxc.attach /usr/sbin/update-rc.d -f mountall-bootclean.sh remove + utils.lxc.attach /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove +fi diff --git a/boxes/mk-debian.sh b/boxes/mk-debian.sh index a1b5d0c..c93aac5 100755 --- a/boxes/mk-debian.sh +++ b/boxes/mk-debian.sh @@ -36,8 +36,9 @@ mkdir -p ${WORKING_DIR} info "Building box to '${PACKAGE}'..." ./common/download.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER} -./common/prepare-vagrant-user.sh ${CONTAINER} +./debian/vagrant-lxc-fixes.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER} ./debian/install-extras.sh ${CONTAINER} +./common/prepare-vagrant-user.sh ${CONTAINER} ./debian/clean.sh ${CONTAINER} ./common/package.sh ${CONTAINER} ${PACKAGE} From cfa1d2e02fa3392431cbcf0d483d86bb7b3ad6ec Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 22:59:18 -0300 Subject: [PATCH 42/49] boxes: Update lxc-template to use a file lock around rootfs extraction --- boxes/common/lxc-template | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/boxes/common/lxc-template b/boxes/common/lxc-template index a9318d1..b420c2a 100755 --- a/boxes/common/lxc-template +++ b/boxes/common/lxc-template @@ -106,8 +106,24 @@ fi # Unpack the rootfs echo "Unpacking the rootfs" -mkdir -p ${LXC_ROOTFS} -(cd ${LXC_ROOTFS} && tar xfz ${LXC_TARBALL} --strip-components=2) + +( + flock -x 200 + if [ $? -ne 0 ]; then + echo "Cache repository is busy." + return 1 + fi + + mkdir -p ${LXC_ROOTFS} + (cd ${LXC_ROOTFS} && tar xfz ${LXC_TARBALL} --strip-components=2) + if [ $? -ne 0 ]; then + echo "Failed to extract rootfs" + return 1 + fi + + return 0 + +) 200>/var/lock/subsys/lxc mkdir -p ${LXC_ROOTFS}/dev/pts/ From b82e86cb8e57913795d8e8f7b0663b7e853acb58 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 23:12:00 -0300 Subject: [PATCH 43/49] boxes: Fix locales for ubuntu and debian --- boxes/debian/vagrant-lxc-fixes.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/boxes/debian/vagrant-lxc-fixes.sh b/boxes/debian/vagrant-lxc-fixes.sh index c5ea0e4..fb2d58c 100755 --- a/boxes/debian/vagrant-lxc-fixes.sh +++ b/boxes/debian/vagrant-lxc-fixes.sh @@ -17,8 +17,6 @@ if [ ${DISTRIBUTION} = 'debian' ]; then # Ensure locales are properly set, based on http://askubuntu.com/a/238063 LANG=${LANG:-en_US.UTF-8} sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen - utils.lxc.attach /usr/sbin/locale-gen - utils.lxc.attach update-locale LANG=${LANG} # Fixes some networking issues # See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info @@ -30,3 +28,6 @@ if [ ${DISTRIBUTION} = 'debian' ]; then utils.lxc.attach /usr/sbin/update-rc.d -f mountall-bootclean.sh remove utils.lxc.attach /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove fi + +utils.lxc.attach /usr/sbin/locale-gen ${LANG} +utils.lxc.attach update-locale LANG=${LANG} From 0ae0288af981af6223e1030ab8883beb8b0fd8f2 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 23:27:58 -0300 Subject: [PATCH 44/49] boxes: Fix `make clean` --- boxes/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxes/Makefile b/boxes/Makefile index 6af8a80..0e66145 100644 --- a/boxes/Makefile +++ b/boxes/Makefile @@ -30,5 +30,5 @@ clean: @for r in $(ALL_BOXES); do \ sudo -E ./clean.sh $${r}\ vagrant-lxc-base-$${r}-amd64 \ - output/${TODAY}/vagrant-lxc-$${r}-amd64-${TODAY}.box; \ + output/${TODAY}/vagrant-lxc-$${r}-amd64.box; \ done From b0372a10c0c3b454615c579a3a01993caa1c7498 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Sun, 9 Mar 2014 23:29:18 -0300 Subject: [PATCH 45/49] boxes: Remove old build-all script --- boxes/build-all.sh | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100755 boxes/build-all.sh diff --git a/boxes/build-all.sh b/boxes/build-all.sh deleted file mode 100755 index 59ff2b2..0000000 --- a/boxes/build-all.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# set -x -set -e - -# Convenience script used for building all of the base boxes available - -# Ubuntu boxes -sudo -E ./build-ubuntu-box.sh precise -sudo -E ./build-ubuntu-box.sh quantal -sudo -E ./build-ubuntu-box.sh raring -sudo -E ./build-ubuntu-box.sh saucy - -# Debian boxes -sudo -E ./build-debian-box.sh squeeze -sudo -E ./build-debian-box.sh wheezy -sudo -E ./build-debian-box.sh sid - -for box in precise raring quantal saucy squeeze wheezy sid; do - box="vagrant-lxc-${box}-amd64-`date +%Y-%m-%d`.box" - ~/bin/dropbox_uploader.sh upload output/${box} Public/ -done From 438ef64c250a907c39a7d5d1bfd567b83e76a3c4 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Tue, 11 Mar 2014 14:03:12 +0100 Subject: [PATCH 46/49] boxes: Return in bash is only allowed in functions --- boxes/common/lxc-template | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/boxes/common/lxc-template b/boxes/common/lxc-template index b420c2a..1899ad3 100755 --- a/boxes/common/lxc-template +++ b/boxes/common/lxc-template @@ -106,23 +106,20 @@ fi # Unpack the rootfs echo "Unpacking the rootfs" - ( flock -x 200 if [ $? -ne 0 ]; then echo "Cache repository is busy." - return 1 + exit 1 fi mkdir -p ${LXC_ROOTFS} (cd ${LXC_ROOTFS} && tar xfz ${LXC_TARBALL} --strip-components=2) if [ $? -ne 0 ]; then echo "Failed to extract rootfs" - return 1 + exit 1 fi - return 0 - ) 200>/var/lock/subsys/lxc mkdir -p ${LXC_ROOTFS}/dev/pts/ From 28c5df5132e121bebaf494eab48dacf224b514e2 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Tue, 11 Mar 2014 01:11:30 -0300 Subject: [PATCH 47/49] boxes: Include NFS client on base boxes [closes GH-218] --- boxes/debian/install-extras.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/boxes/debian/install-extras.sh b/boxes/debian/install-extras.sh index 8e4e6fc..cdfe36e 100755 --- a/boxes/debian/install-extras.sh +++ b/boxes/debian/install-extras.sh @@ -14,7 +14,7 @@ log 'Sleeping for 5 seconds...' sleep 5 # TODO: Support for appending to this list from outside -PACKAGES=(vim curl wget man-db bash-completion python-software-properties ca-certificates sudo) +PACKAGES=(vim curl wget man-db bash-completion python-software-properties ca-certificates sudo nfs-common) if [ $DISTRIBUTION = 'ubuntu' ]; then PACKAGES+=' software-properties-common' fi From 2c0b2bd0269d344ad0923b2d929dcaf20f4c5187 Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Thu, 13 Mar 2014 00:08:58 -0300 Subject: [PATCH 48/49] boxes: Update docs to match recent changes --- BOXES.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/BOXES.md b/BOXES.md index 2fd1de1..10ebde3 100644 --- a/BOXES.md +++ b/BOXES.md @@ -14,7 +14,7 @@ For example: ``` git clone https://github.com/fgrehm/vagrant-lxc.git cd vagrant-lxc/boxes -PUPPET=1 CHEF=1 sudo -E ./build-ubuntu-box.sh precise amd64 +PUPPET=1 CHEF=1 make precise ``` Will build a Ubuntu Precise x86_64 box with latest Puppet and Chef pre-installed, please refer to the scripts for more information. @@ -30,15 +30,16 @@ on knowing what makes a base box for vagrant-lxc, here's what's needed: | --- | --- | | `lxc-template` | Script responsible for creating and setting up the container (used with `lxc-create`), a ["generic script"]() is provided along with project's source. | | `rootfs.tar.gz` | Compressed container rootfs tarball (need to remeber to pass in `--numeric-owner` when creating it) | -| `lxc.conf` | | -| `metadata.json` | | +| `lxc.conf` | File passed in to `lxc-create -f` | +| `lxc-config` | Box specific configuration to be _appended_ to the container's config file | +| `metadata.json` | Required by Vagrant | ### metadata.json ```json { "provider": "lxc", - "version": "3", + "version": "1.0.0", "built-on": "Sat Sep 21 21:10:00 UTC 2013", "template-opts": { "--arch": "amd64", From 6fbe04817534ca5ea24e9a7a546dbbc7bb949b8c Mon Sep 17 00:00:00 2001 From: Fabio Rehm Date: Thu, 13 Mar 2014 00:54:09 -0300 Subject: [PATCH 49/49] Note the whole lot of chages made to base boxes --- CHANGELOG.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e2052a..6c887dc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,41 @@ ## [0.8.1](https://github.com/fgrehm/vagrant-lxc/compare/v0.8.0...master) (unreleased) +DEPRECATIONS: + + - Support to **all Vagrant versions prior to 1.5 are now deprecated**, there is a + [small layer](lib/vagrant-backports) that ensures compatibility with versions + starting with 1.1.5 but there is no guarantee that it will stick for too long. + - Boxes released prior to this version are now deprecated and won't be available + after the final 1.0.0 release. + - `--auth-key` argument is no longer provided to `lxc-template`. This will cause + all official base boxes prior to 09/28/2013 to break. + +BASE BOXES: + + - Switched to [`lxc-download`](https://github.com/lxc/lxc/blob/master/templates/lxc-download.in) + as the "reference implementation" for the generic `lxc-template` script [[GH-236]] + - Added support for _appending_ custom boxes configs with the `lxc-config` file, + allowing usage of host's specific configs from `/etc/lxc/default.conf` [[GH-222]] + - Include NFS client on Ubuntu and Debian base boxes [[GH-218]] + - Improved output for building base boxes + - Improved `vagrant` user `sudo` rights [[GH-231]] [[GH-188]] + - Locale configuration may follow builder's LANG environment variable [[GH-221]] + - Enable bash completion for Debian base boxes [[GH-220]] + - Fix broken locale in Ubuntu boxes [[GH-201]] + - Install `python-software-properties` by default [[GH-155]] + - Fix apt-get error when building Ubuntu boxes [[GH-200]] + +[GH-236]: https://github.com/fgrehm/vagrant-lxc/issues/236 +[GH-222]: https://github.com/fgrehm/vagrant-lxc/issues/222 +[GH-218]: https://github.com/fgrehm/vagrant-lxc/issues/218 +[GH-231]: https://github.com/fgrehm/vagrant-lxc/issues/231 +[GH-221]: https://github.com/fgrehm/vagrant-lxc/issues/221 +[GH-220]: https://github.com/fgrehm/vagrant-lxc/issues/220 +[GH-201]: https://github.com/fgrehm/vagrant-lxc/issues/201 +[GH-188]: https://github.com/fgrehm/vagrant-lxc/issues/188 +[GH-155]: https://github.com/fgrehm/vagrant-lxc/issues/155 +[GH-200]: https://github.com/fgrehm/vagrant-lxc/issues/200 + ## [0.8.0](https://github.com/fgrehm/vagrant-lxc/compare/v0.7.0...v0.8.0) (Feb 26, 2014)